Rough encrypt
This commit is contained in:
16
index.php
16
index.php
@@ -25,9 +25,12 @@
|
||||
ini_set('session.cookie_httponly', '0');
|
||||
ini_set('session.cookie_samesite', 'Lax');
|
||||
session_save_path('.tmp'); // TEMP
|
||||
spl_autoload_register();
|
||||
session_start(); // START
|
||||
require_once __DIR__ . '/autoload.php'; // AUTOLOAD
|
||||
require_once __DIR__ . '/src/Misc/defuse-crypto.phar';
|
||||
use App\LobbySIO\Config\Registry;
|
||||
use Defuse\Crypto\Crypto;
|
||||
$Users = new \App\LobbySIO\Database\Users();
|
||||
if (Registry::AUTHMETHOD == 'SAML') {
|
||||
//simplesaml
|
||||
@@ -47,6 +50,7 @@
|
||||
$session->cleanup();
|
||||
}
|
||||
$StaticFunctions = new \App\LobbySIO\Misc\StaticFunctions(); // DEFAULT CLASSES
|
||||
$encKey = $StaticFunctions->loadEncryptionKeyFromConfig();
|
||||
$SiteInfo = new \App\LobbySIO\Database\SiteInfo();
|
||||
if (isset($_SESSION['user_id'])) { // LOGGED IN? GET USER OBJECT
|
||||
if (isset($saml_user_id)) {
|
||||
@@ -87,9 +91,9 @@
|
||||
//header("Content-Security-Policy: script-src 'self' 'unsafe-inline'; script-src-elem 'self'; script-src-attr 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self'; img-src 'self'; connect-src 'self'; frame-src 'self'; font-src 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self'; frame-ancestors 'self'; default-src 'self'", false);
|
||||
if (!empty($_GET['a'])) {
|
||||
echo '<pre>' . print_r($_POST, true) . '</pre>';
|
||||
echo 'Verification has been : ' . (Csrf::verifyToken('home') ? 'successful' : 'unsuccessful');
|
||||
echo 'Verification has been : ' . (Classes\Misc\Csrf::verifyToken('home') ? 'successful' : 'unsuccessful');
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
||||
|
||||
|
||||
@@ -249,9 +253,9 @@ $form_data = filter_input_array(INPUT_POST, [
|
||||
$form_data['fd_manualTimeDate'] = $StaticFunctions->getUTC(); // OTHERWISE USE NOW()UTC
|
||||
}
|
||||
$visitid = $VisitActions->newVisit( // ADD VISIT RECORD
|
||||
$form_data['fd_firstName'],
|
||||
$form_data['fd_lastName'],
|
||||
$form_data['fd_visitorCompany'],
|
||||
Crypto::encrypt($form_data['fd_firstName'], $encKey),
|
||||
Crypto::encrypt($form_data['fd_lastName'], $encKey),
|
||||
Crypto::encrypt($form_data['fd_visitorCompany'], $encKey),
|
||||
$form_data['fd_visitType'],
|
||||
$form_data['fd_manualTimeDate'],
|
||||
$form_data['fd_visitorSignature'],
|
||||
@@ -946,7 +950,7 @@ if ($db_vendorinfo_workcompleted === 1 && $db_vendorinfo_sitecleanup === 1) { $f
|
||||
<span class="badge bg-light text-dark"><?php echo $transLang[$VisitTypeInfo->getInfoVisitType("%", $row['visits_reason'])[0]["visittypes_name"]]; ?></span>
|
||||
</div>
|
||||
</td>
|
||||
<td class="small"><?php echo $row['visits_lastname'] . ", " . $row['visits_firstname']; ?><br><img src="<?php echo $row['visits_signature']; ?>" width="200" height="50" nonce="<?=$_SESSION['nonceStr']?>"></img></td>
|
||||
<td class="small"><?php echo Crypto::decrypt($row['visits_lastname'], $encKey) . ", " . Crypto::decrypt($row['visits_firstname'], $encKey); ?><br><img src="<?php echo $row['visits_signature']; ?>" width="200" height="50" nonce="<?=$_SESSION['nonceStr']?>"></img></td>
|
||||
<td class="small"><?php if (!empty($row['visits_escort'])) {echo $row['visits_escort'] . '<br /><img src="' . $row['visits_escort_signature'] . '" width="200" height="50" nonce="'.$_SESSION['nonceStr'].'"></img>'; } ?></td>
|
||||
<td class="small">
|
||||
<?php if($row['visits_approved'] === 2) { ?>
|
||||
|
||||
Reference in New Issue
Block a user