joomla/Component-Builder
39
25
Fork 11
Code Issues 75 Pull Requests Projects 4 Wiki Activity

Added medium enencryption and added an over all improvment to the encryption implementation. Added extra security to EXTERNALCODE feature that only allows admin to make use of this feature.

Browse Source
This commit is contained in:
Llewellyn van der Merwe
2018-03-06 04:28:44 +02:00
parent a39289ac9c
commit 417076243d
26 changed files with 583 additions and 326 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
admin/models/componentbuilder.php
View File

@ -43,7 +43,7 @@ class ComponentbuilderModelComponentbuilder extends JModelList
$icons = array();
// view groups array
$viewGroups = array(
'main' => array('png.compiler', 'png.joomla_component.add', 'png.joomla_components', 'png.admin_view.add', 'png.admin_views', 'png.custom_admin_view.add', 'png.custom_admin_views', 'png.site_view.add', 'png.site_views', 'png.template.add', 'png.templates', 'png.layout.add', 'png.layouts', 'png.dynamic_get.add', 'png.dynamic_gets', 'png.custom_codes', 'png.libraries', 'png.snippet.add', 'png.snippets', 'png.field.add', 'png.fields', 'png.fields.catid', 'png.fieldtype.add', 'png.fieldtypes', 'png.fieldtypes.catid', 'png.language_translations', 'png.servers', 'png.help_document.add', 'png.help_documents')
'main' => array('png.compiler', 'png.joomla_component.add', 'png.joomla_components', 'png.admin_view.add', 'png.admin_views', 'png.custom_admin_view.add', 'png.custom_admin_views', 'png.site_view.add', 'png.site_views', 'png.template.add', 'png.templates', 'png.layout.add', 'png.layouts', 'png.dynamic_get.add', 'png.dynamic_gets', 'png.custom_codes', 'png.libraries', 'png.snippet.add', 'png.snippets', 'png||getsnippets||index.php?option=com_componentbuilder&view=get_snippets', 'png.field.add', 'png.fields', 'png.fields.catid', 'png.fieldtype.add', 'png.fieldtypes', 'png.fieldtypes.catid', 'png.language_translations', 'png.servers', 'png.help_document.add', 'png.help_documents')
);
// view access array
$viewAccess = array(

5
admin/models/fields.php
View File

@ -239,8 +239,9 @@ class ComponentbuilderModelFields extends JModelList
0 => 'COM_COMPONENTBUILDER_FIELD_DEFAULT',
1 => 'COM_COMPONENTBUILDER_FIELD_JSON',
2 => 'COM_COMPONENTBUILDER_FIELD_BASESIXTY_FOUR',
3 => 'COM_COMPONENTBUILDER_FIELD_BASIC_ENCRYPTION_LOCALKEY',
4 => 'COM_COMPONENTBUILDER_FIELD_ADVANCE_ENCRYPTION_WHMCSKEY'
3 => 'COM_COMPONENTBUILDER_FIELD_BASIC_ENCRYPTION_LOCALDBKEY',
5 => 'COM_COMPONENTBUILDER_FIELD_MEDIUM_ENCRYPTION_LOCALFILEKEY',
4 => 'COM_COMPONENTBUILDER_FIELD_WHMCSKEY_ENCRYPTION'
);
// Now check if value is found in this array
if (isset($storeArray[$value]) && ComponentbuilderHelper::checkString($storeArray[$value]))

5
admin/models/fieldtype.php
View File

@ -304,8 +304,9 @@ class ComponentbuilderModelFieldtype extends JModelAdmin
0 => 'COM_COMPONENTBUILDER_FIELD_DEFAULT',
1 => 'COM_COMPONENTBUILDER_FIELD_JSON',
2 => 'COM_COMPONENTBUILDER_FIELD_BASESIXTY_FOUR',
3 => 'COM_COMPONENTBUILDER_FIELD_BASIC_ENCRYPTION_LOCALKEY',
4 => 'COM_COMPONENTBUILDER_FIELD_ADVANCE_ENCRYPTION_WHMCSKEY'
3 => 'COM_COMPONENTBUILDER_FIELD_BASIC_ENCRYPTION_LOCALDBKEY',
5 => 'COM_COMPONENTBUILDER_FIELD_MEDIUM_ENCRYPTION_LOCALFILEKEY',
4 => 'COM_COMPONENTBUILDER_FIELD_WHMCSKEY_ENCRYPTION'
);
// Now check if value is found in this array
if (isset($storeArray[$value]) && ComponentbuilderHelper::checkString($storeArray[$value]))

5
admin/models/forms/field.xml
View File

@ -327,8 +327,9 @@
<option value="0">COM_COMPONENTBUILDER_FIELD_DEFAULT</option>
<option value="1">COM_COMPONENTBUILDER_FIELD_JSON</option>
<option value="2">COM_COMPONENTBUILDER_FIELD_BASESIXTY_FOUR</option>
<option value="3">COM_COMPONENTBUILDER_FIELD_BASIC_ENCRYPTION_LOCALKEY</option>
<option value="4">COM_COMPONENTBUILDER_FIELD_ADVANCE_ENCRYPTION_WHMCSKEY</option>
<option value="3">COM_COMPONENTBUILDER_FIELD_BASIC_ENCRYPTION_LOCALDBKEY</option>
<option value="5">COM_COMPONENTBUILDER_FIELD_MEDIUM_ENCRYPTION_LOCALFILEKEY</option>
<option value="4">COM_COMPONENTBUILDER_FIELD_WHMCSKEY_ENCRYPTION</option>
</field>
<!-- Javascript_view_footer Field. Type: Textarea. (joomla)-->
<field type="textarea"

60
admin/models/forms/help_document.js
View File

@ -23,12 +23,12 @@
/-----------------------------------------------------------------------------------------------------------------------------*/
// Some Global Values
jform_vvvvwbdwan_required = false;
jform_vvvvwbewao_required = false;
jform_vvvvwbfwap_required = false;
jform_vvvvwbgwaq_required = false;
jform_vvvvwbhwar_required = false;
jform_vvvvwbiwas_required = false;
jform_vvvvwbdwao_required = false;
jform_vvvvwbewap_required = false;
jform_vvvvwbfwaq_required = false;
jform_vvvvwbgwar_required = false;
jform_vvvvwbhwas_required = false;
jform_vvvvwbiwat_required = false;
// Initial Script
jQuery(document).ready(function()
@ -59,26 +59,26 @@ function vvvvwbd(location_vvvvwbd)
if (location_vvvvwbd == 1)
{
jQuery('#jform_admin_view').closest('.control-group').show();
if (jform_vvvvwbdwan_required)
if (jform_vvvvwbdwao_required)
{
updateFieldRequired('admin_view',0);
jQuery('#jform_admin_view').prop('required','required');
jQuery('#jform_admin_view').attr('aria-required',true);
jQuery('#jform_admin_view').addClass('required');
jform_vvvvwbdwan_required = false;
jform_vvvvwbdwao_required = false;
}
}
else
{
jQuery('#jform_admin_view').closest('.control-group').hide();
if (!jform_vvvvwbdwan_required)
if (!jform_vvvvwbdwao_required)
{
updateFieldRequired('admin_view',1);
jQuery('#jform_admin_view').removeAttr('required');
jQuery('#jform_admin_view').removeAttr('aria-required');
jQuery('#jform_admin_view').removeClass('required');
jform_vvvvwbdwan_required = true;
jform_vvvvwbdwao_required = true;
}
}
}
@ -90,26 +90,26 @@ function vvvvwbe(location_vvvvwbe)
if (location_vvvvwbe == 2)
{
jQuery('#jform_site_view').closest('.control-group').show();
if (jform_vvvvwbewao_required)
if (jform_vvvvwbewap_required)
{
updateFieldRequired('site_view',0);
jQuery('#jform_site_view').prop('required','required');
jQuery('#jform_site_view').attr('aria-required',true);
jQuery('#jform_site_view').addClass('required');
jform_vvvvwbewao_required = false;
jform_vvvvwbewap_required = false;
}
}
else
{
jQuery('#jform_site_view').closest('.control-group').hide();
if (!jform_vvvvwbewao_required)
if (!jform_vvvvwbewap_required)
{
updateFieldRequired('site_view',1);
jQuery('#jform_site_view').removeAttr('required');
jQuery('#jform_site_view').removeAttr('aria-required');
jQuery('#jform_site_view').removeClass('required');
jform_vvvvwbewao_required = true;
jform_vvvvwbewap_required = true;
}
}
}
@ -134,26 +134,26 @@ function vvvvwbf(type_vvvvwbf)
if (type)
{
jQuery('#jform_url').closest('.control-group').show();
if (jform_vvvvwbfwap_required)
if (jform_vvvvwbfwaq_required)
{
updateFieldRequired('url',0);
jQuery('#jform_url').prop('required','required');
jQuery('#jform_url').attr('aria-required',true);
jQuery('#jform_url').addClass('required');
jform_vvvvwbfwap_required = false;
jform_vvvvwbfwaq_required = false;
}
}
else
{
jQuery('#jform_url').closest('.control-group').hide();
if (!jform_vvvvwbfwap_required)
if (!jform_vvvvwbfwaq_required)
{
updateFieldRequired('url',1);
jQuery('#jform_url').removeAttr('required');
jQuery('#jform_url').removeAttr('aria-required');
jQuery('#jform_url').removeClass('required');
jform_vvvvwbfwap_required = true;
jform_vvvvwbfwaq_required = true;
}
}
}
@ -189,26 +189,26 @@ function vvvvwbg(type_vvvvwbg)
if (type)
{
jQuery('#jform_article').closest('.control-group').show();
if (jform_vvvvwbgwaq_required)
if (jform_vvvvwbgwar_required)
{
updateFieldRequired('article',0);
jQuery('#jform_article').prop('required','required');
jQuery('#jform_article').attr('aria-required',true);
jQuery('#jform_article').addClass('required');
jform_vvvvwbgwaq_required = false;
jform_vvvvwbgwar_required = false;
}
}
else
{
jQuery('#jform_article').closest('.control-group').hide();
if (!jform_vvvvwbgwaq_required)
if (!jform_vvvvwbgwar_required)
{
updateFieldRequired('article',1);
jQuery('#jform_article').removeAttr('required');
jQuery('#jform_article').removeAttr('aria-required');
jQuery('#jform_article').removeClass('required');
jform_vvvvwbgwaq_required = true;
jform_vvvvwbgwar_required = true;
}
}
}
@ -244,26 +244,26 @@ function vvvvwbh(type_vvvvwbh)
if (type)
{
jQuery('#jform_content-lbl').closest('.control-group').show();
if (jform_vvvvwbhwar_required)
if (jform_vvvvwbhwas_required)
{
updateFieldRequired('content',0);
jQuery('#jform_content').prop('required','required');
jQuery('#jform_content').attr('aria-required',true);
jQuery('#jform_content').addClass('required');
jform_vvvvwbhwar_required = false;
jform_vvvvwbhwas_required = false;
}
}
else
{
jQuery('#jform_content-lbl').closest('.control-group').hide();
if (!jform_vvvvwbhwar_required)
if (!jform_vvvvwbhwas_required)
{
updateFieldRequired('content',1);
jQuery('#jform_content').removeAttr('required');
jQuery('#jform_content').removeAttr('aria-required');
jQuery('#jform_content').removeClass('required');
jform_vvvvwbhwar_required = true;
jform_vvvvwbhwas_required = true;
}
}
}
@ -286,26 +286,26 @@ function vvvvwbi(target_vvvvwbi)
if (target_vvvvwbi == 1)
{
jQuery('#jform_groups').closest('.control-group').show();
if (jform_vvvvwbiwas_required)
if (jform_vvvvwbiwat_required)
{
updateFieldRequired('groups',0);
jQuery('#jform_groups').prop('required','required');
jQuery('#jform_groups').attr('aria-required',true);
jQuery('#jform_groups').addClass('required');
jform_vvvvwbiwas_required = false;
jform_vvvvwbiwat_required = false;
}
}
else
{
jQuery('#jform_groups').closest('.control-group').hide();
if (!jform_vvvvwbiwas_required)
if (!jform_vvvvwbiwat_required)
{
updateFieldRequired('groups',1);
jQuery('#jform_groups').removeAttr('required');
jQuery('#jform_groups').removeAttr('aria-required');
jQuery('#jform_groups').removeClass('required');
jform_vvvvwbiwas_required = true;
jform_vvvvwbiwat_required = true;
}
}
}

18
admin/models/forms/server.js
View File

@ -31,6 +31,7 @@ jform_vvvvwatwai_required = false;
jform_vvvvwauwaj_required = false;
jform_vvvvwavwak_required = false;
jform_vvvvwaxwal_required = false;
jform_vvvvwazwam_required = false;
// Initial Script
jQuery(document).ready(function()
@ -436,10 +437,27 @@ function vvvvwaz(protocol_vvvvwaz,authentication_vvvvwaz)
if (protocol && authentication)
{
jQuery('#jform_private_key').closest('.control-group').show();
if (jform_vvvvwazwam_required)
{
updateFieldRequired('private_key',0);
jQuery('#jform_private_key').prop('required','required');
jQuery('#jform_private_key').attr('aria-required',true);
jQuery('#jform_private_key').addClass('required');
jform_vvvvwazwam_required = false;
}
}
else
{
jQuery('#jform_private_key').closest('.control-group').hide();
if (!jform_vvvvwazwam_required)
{
updateFieldRequired('private_key',1);
jQuery('#jform_private_key').removeAttr('required');
jQuery('#jform_private_key').removeAttr('aria-required');
jQuery('#jform_private_key').removeClass('required');
jform_vvvvwazwam_required = true;
}
}
}

3
admin/models/forms/server.xml
View File

@ -248,7 +248,8 @@
cols="5"
description="COM_COMPONENTBUILDER_SERVER_PRIVATE_KEY_DESCRIPTION"
class="input-xxlarge span12"
hint="COM_COMPONENTBUILDER_SERVER_PRIVATE_KEY_HINT" />
hint="COM_COMPONENTBUILDER_SERVER_PRIVATE_KEY_HINT"
required="true" />
</fieldset>
<!-- Access Control Fields. -->

4
admin/models/joomla_component.php
View File

@ -207,7 +207,7 @@ class ComponentbuilderModelJoomla_component extends JModelAdmin
// Get the basic encryption.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encryption object.
$basic = new FOFEncryptAes($basickey, 128);
$basic = new FOFEncryptAes($basickey);
if (!empty($item->whmcs_key) && $basickey && !is_numeric($item->whmcs_key) && $item->whmcs_key === base64_encode(base64_decode($item->whmcs_key, true)))
{
@ -1346,7 +1346,7 @@ class ComponentbuilderModelJoomla_component extends JModelAdmin
// Get the basic encryption key.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encryption object
$basic = new FOFEncryptAes($basickey, 128);
$basic = new FOFEncryptAes($basickey);
// Encrypt data whmcs_key.
if (isset($data['whmcs_key']) && $basickey)

2
admin/models/joomla_components.php
View File

@ -1707,7 +1707,7 @@ class ComponentbuilderModelJoomla_components extends JModelList
// Get the basic encryption key.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encryption object.
$basic = new FOFEncryptAes($basickey, 128);
$basic = new FOFEncryptAes($basickey);
// set values to display correctly.
if (ComponentbuilderHelper::checkArray($items))

6
admin/models/server.php
View File

@ -98,7 +98,7 @@ class ComponentbuilderModelServer extends JModelAdmin
// Get the basic encryption.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encryption object.
$basic = new FOFEncryptAes($basickey, 128);
$basic = new FOFEncryptAes($basickey);
if (!empty($item->path) && $basickey && !is_numeric($item->path) && $item->path === base64_encode(base64_decode($item->path, true)))
{
@ -170,7 +170,7 @@ class ComponentbuilderModelServer extends JModelAdmin
*
* @return mixed An array of data items on success, false on failure.
*/
public function getWamlinked_components()
public function getWanlinked_components()
{
// Get the user object.
$user = JFactory::getUser();
@ -954,7 +954,7 @@ class ComponentbuilderModelServer extends JModelAdmin
// Get the basic encryption key.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encryption object
$basic = new FOFEncryptAes($basickey, 128);
$basic = new FOFEncryptAes($basickey);
// Encrypt data path.
if (isset($data['path']) && $basickey)

2
admin/models/servers.php
View File

@ -288,7 +288,7 @@ class ComponentbuilderModelServers extends JModelList
// Get the basic encryption key.
$basickey = ComponentbuilderHelper::getCryptKey('basic');
// Get the encryption object.
$basic = new FOFEncryptAes($basickey, 128);
$basic = new FOFEncryptAes($basickey);
// set values to display correctly.
if (ComponentbuilderHelper::checkArray($items))