diff -crN cckpassword_old/cckpassword.admin.inc cckpassword/cckpassword.admin.inc
*** cckpassword_old/cckpassword.admin.inc 1969-12-31 19:00:00.000000000 -0500
--- cckpassword/cckpassword.admin.inc 2010-08-05 19:32:29.000000000 -0400
***************
*** 0 ****
--- 1,14 ----
+ 'textfield',
+ '#title' => t('CCK Password Encryption Key File location'),
+ '#default_value' => variable_get('cckpassword_keyfile_directory', ''),
+ '#maxlength' => 255,
+ '#description' => t('Please enter a full system path to the location of your keyfile. It is highly recommended to store your keyfile out of your web root directory. For example, you could put the keyfile in the user\'s home directory: /home/user on the server.')
+ );
+
+ return system_settings_form($form);
+ }
+
diff -crN cckpassword_old/cckpassword.module cckpassword/cckpassword.module
*** cckpassword_old/cckpassword.module 2010-07-16 23:19:38.000000000 -0400
--- cckpassword/cckpassword.module 2010-08-07 11:35:30.000000000 -0400
***************
*** 173,178 ****
--- 173,186 ----
),
'max_length' => 255,
),
+ 'encrypted' => array(
+ 'title' => 'Encrypt',
+ 'retrievable' => true,
+ 'functions'=> array(
+ 'presave'=>'cckpassword_encrypt',
+ ),
+ 'max_length' => 255,
+ ),
);
}
***************
*** 194,199 ****
--- 202,233 ----
return $items;
}
+ function cckpassword_encrypt($items) {
+ // File with encryption/decryption functions
+ // Acknowledgement goes to Tony Marston for developing and posting the fuctions on his website
+ // Website address: http://www.tonymarston.net/php-mysql/encryption.html
+ require_once 'std.encryption.class.inc';
+
+ // Get the key from the file on the server
+ $key_file = variable_get('cckpassword_keyfile_directory', '');
+ $fh = fopen($key_file, 'r');
+ $key = fgets($fh);
+ fclose($fh);
+
+ // data variables
+ $data_to_encrypt = $items['value'];
+ $pswdlen = 64;
+
+ // Create new encryption
+ $crypt = new encryption_class;
+
+ // Encrypt
+ $encrypt_result = $crypt->encrypt($key, $data_to_encrypt, $pswdlen);
+ $items['value'] = addslashes($encrypt_result);
+
+ return $items;
+ }
+
function cckpassword_just_add_salt($items) {
$items['value'] = md5($items['value'] . variable_get('salt', ''));
return $items;
***************
*** 363,370 ****
);
}
-
-
/**
* Implementation of hook_widget().
*
--- 397,402 ----
***************
*** 382,385 ****
--- 414,439 ----
'#value_message' => !empty($items[$delta]['value'])?$field['value_message'] : '',
);
return $element;
+ }
+
+ /**
+ * Implementation of hook_menu().
+ */
+ function cckpassword_menu() {
+ $items['admin/settings/cckpassword'] = array(
+ 'title' => 'CCK Password',
+ 'description' => 'CCK Password Encryption Settings',
+ 'page callback' => 'drupal_get_form',
+ 'page arguments' => array('cck_encryption_settings'),
+ 'access arguments' => array('administer cck password encryption'),
+ 'file' => 'cckpassword.admin.inc',
+ );
+ return $items;
+ }
+
+ /**
+ * Implementation of hook_perm().
+ */
+ function cckpassword_perm() {
+ return array('administer cck password encryption');
}
\ No newline at end of file
diff -crN cckpassword_old/example_decrypt_script.php cckpassword/example_decrypt_script.php
*** cckpassword_old/example_decrypt_script.php 1969-12-31 19:00:00.000000000 -0500
--- cckpassword/example_decrypt_script.php 2010-08-07 07:14:18.000000000 -0400
***************
*** 0 ****
--- 1,53 ----
+ decrypt($key, $encrypted_data);
+
+ // Print the data to the screen for you to see
+ echo $encrypted_data . "
";
+ echo $decrypt_result . "
";
+
diff -crN cckpassword_old/example_keyfile.txt cckpassword/example_keyfile.txt
*** cckpassword_old/example_keyfile.txt 1969-12-31 19:00:00.000000000 -0500
--- cckpassword/example_keyfile.txt 2010-08-04 19:14:40.000000000 -0400
***************
*** 0 ****
--- 1 ----
+ 34fd1we845frd1g4f4sadfg1d4sadf1
\ No newline at end of file
diff -crN cckpassword_old/std.encryption.class.inc cckpassword/std.encryption.class.inc
*** cckpassword_old/std.encryption.class.inc 1969-12-31 19:00:00.000000000 -0500
--- cckpassword/std.encryption.class.inc 2010-08-06 19:35:47.000000000 -0400
***************
*** 0 ****
--- 1,279 ----
+
+ // Distributed under the GNU General Public Licence
+ // Modification: May 2007, M. Kolar :
+ // No need for repeating the first character of scramble strings at the end;
+ // instead using the exact inverse function transforming $num2 to $num1.
+ // Modification: Jan 2009, A J Marston :
+ // Use mb_substr() if it is available (for multibyte characters).
+ // ******************************************************************************
+
+ class encryption_class {
+
+ var $scramble1; // 1st string of ASCII characters
+ var $scramble2; // 2nd string of ASCII characters
+
+ var $errors; // array of error messages
+ var $adj; // 1st adjustment value (optional)
+ var $mod; // 2nd adjustment value (optional)
+
+ // ****************************************************************************
+ // class constructor
+ // ****************************************************************************
+ function encryption_class ()
+ {
+ $this->errors = array();
+
+ // Each of these two strings must contain the same characters, but in a different order.
+ // Use only printable characters from the ASCII table.
+ // Do not use single quote, double quote or backslash as these have special meanings in PHP.
+ // Each character can only appear once in each string.
+ $this->scramble1 = '! #$%&()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuvwxyz{|}~';
+ $this->scramble2 = 'f^jAE]okIOzU[2&q1{3`h5w_794p@6s8?BgP>dFV=m Dscramble1) <> strlen($this->scramble2)) {
+ trigger_error('** SCRAMBLE1 is not same length as SCRAMBLE2 **', E_USER_ERROR);
+ } // if
+
+ $this->adj = 1.75; // this value is added to the rolling fudgefactors
+ $this->mod = 3; // if divisible by this the adjustment is made negative
+
+ } // constructor
+
+ // ****************************************************************************
+ function decrypt ($key, $source)
+ // decrypt string into its original form
+ {
+ $this->errors = array();
+
+ // convert $key into a sequence of numbers
+ $fudgefactor = $this->_convertKey($key);
+ if ($this->errors) return;
+
+ if (empty($source)) {
+ $this->errors[] = 'No value has been supplied for decryption';
+ return;
+ } // if
+
+ $target = null;
+ $factor2 = 0;
+
+ for ($i = 0; $i < strlen($source); $i++) {
+ // extract a (multibyte) character from $source
+ if (function_exists('mb_substr')) {
+ $char2 = mb_substr($source, $i, 1);
+ } else {
+ $char2 = substr($source, $i, 1);
+ } // if
+
+ // identify its position in $scramble2
+ $num2 = strpos($this->scramble2, $char2);
+ if ($num2 === false) {
+ $this->errors[] = "Source string contains an invalid character ($char2)";
+ return;
+ } // if
+
+ // get an adjustment value using $fudgefactor
+ $adj = $this->_applyFudgeFactor($fudgefactor);
+
+ $factor1 = $factor2 + $adj; // accumulate in $factor1
+ $num1 = $num2 - round($factor1); // generate offset for $scramble1
+ $num1 = $this->_checkRange($num1); // check range
+ $factor2 = $factor1 + $num2; // accumulate in $factor2
+
+ // extract (multibyte) character from $scramble1
+ if (function_exists('mb_substr')) {
+ $char1 = mb_substr($this->scramble1, $num1, 1);
+ } else {
+ $char1 = substr($this->scramble1, $num1, 1);
+ } // if
+
+ // append to $target string
+ $target .= $char1;
+
+ //echo "char1=$char1, num1=$num1, adj= $adj, factor1= $factor1, num2=$num2, char2=$char2, factor2= $factor2
\n";
+
+ } // for
+
+ return rtrim($target);
+
+ } // decrypt
+
+ // ****************************************************************************
+ function encrypt ($key, $source, $sourcelen = 0)
+ // encrypt string into a garbled form
+ {
+ $this->errors = array();
+
+ // convert $key into a sequence of numbers
+ $fudgefactor = $this->_convertKey($key);
+ if ($this->errors) return;
+
+ if (empty($source)) {
+ $this->errors[] = 'No value has been supplied for encryption';
+ return;
+ } // if
+
+ // pad $source with spaces up to $sourcelen
+ $source = str_pad($source, $sourcelen);
+
+ $target = null;
+ $factor2 = 0;
+
+ for ($i = 0; $i < strlen($source); $i++) {
+ // extract a (multibyte) character from $source
+ if (function_exists('mb_substr')) {
+ $char1 = mb_substr($source, $i, 1);
+ } else {
+ $char1 = substr($source, $i, 1);
+ } // if
+
+ // identify its position in $scramble1
+ $num1 = strpos($this->scramble1, $char1);
+ if ($num1 === false) {
+ $this->errors[] = "Source string contains an invalid character ($char1)";
+ return;
+ } // if
+
+ // get an adjustment value using $fudgefactor
+ $adj = $this->_applyFudgeFactor($fudgefactor);
+
+ $factor1 = $factor2 + $adj; // accumulate in $factor1
+ $num2 = round($factor1) + $num1; // generate offset for $scramble2
+ $num2 = $this->_checkRange($num2); // check range
+ $factor2 = $factor1 + $num2; // accumulate in $factor2
+
+ // extract (multibyte) character from $scramble2
+ if (function_exists('mb_substr')) {
+ $char2 = mb_substr($this->scramble2, $num2, 1);
+ } else {
+ $char2 = substr($this->scramble2, $num2, 1);
+ } // if
+
+ // append to $target string
+ $target .= $char2;
+
+ //echo "char1=$char1, num1=$num1, adj= $adj, factor1= $factor1, num2=$num2, char2=$char2, factor2= $factor2
\n";
+
+ } // for
+
+ return $target;
+
+ } // encrypt
+
+ // ****************************************************************************
+ function getAdjustment ()
+ // return the adjustment value
+ {
+ return $this->adj;
+
+ } // setAdjustment
+
+ // ****************************************************************************
+ function getModulus ()
+ // return the modulus value
+ {
+ return $this->mod;
+
+ } // setModulus
+
+ // ****************************************************************************
+ function setAdjustment ($adj)
+ // set the adjustment value
+ {
+ $this->adj = (float)$adj;
+
+ } // setAdjustment
+
+ // ****************************************************************************
+ function setModulus ($mod)
+ // set the modulus value
+ {
+ $this->mod = (int)abs($mod); // must be a positive whole number
+
+ } // setModulus
+
+ // ****************************************************************************
+ // private methods
+ // ****************************************************************************
+ function _applyFudgeFactor (&$fudgefactor)
+ // return an adjustment value based on the contents of $fudgefactor
+ // NOTE: $fudgefactor is passed by reference so that it can be modified
+ {
+ $fudge = array_shift($fudgefactor); // extract 1st number from array
+ $fudge = $fudge + $this->adj; // add in adjustment value
+ $fudgefactor[] = $fudge; // put it back at end of array
+
+ if (!empty($this->mod)) { // if modifier has been supplied
+ if ($fudge % $this->mod == 0) { // if it is divisible by modifier
+ $fudge = $fudge * -1; // make it negative
+ } // if
+ } // if
+
+ return $fudge;
+
+ } // _applyFudgeFactor
+
+ // ****************************************************************************
+ function _checkRange ($num)
+ // check that $num points to an entry in $this->scramble1
+ {
+ $num = round($num); // round up to nearest whole number
+
+ $limit = strlen($this->scramble1);
+
+ while ($num >= $limit) {
+ $num = $num - $limit; // value too high, so reduce it
+ } // while
+ while ($num < 0) {
+ $num = $num + $limit; // value too low, so increase it
+ } // while
+
+ return $num;
+
+ } // _checkRange
+
+ // ****************************************************************************
+ function _convertKey ($key)
+ // convert $key into an array of numbers
+ {
+ if (empty($key)) {
+ $this->errors[] = 'No value has been supplied for the encryption key';
+ return;
+ } // if
+
+ $array[] = strlen($key); // first entry in array is length of $key
+
+ $tot = 0;
+ for ($i = 0; $i < strlen($key); $i++) {
+ // extract a (multibyte) character from $key
+ if (function_exists('mb_substr')) {
+ $char = mb_substr($key, $i, 1);
+ } else {
+ $char = substr($key, $i, 1);
+ } // if
+
+ // identify its position in $scramble1
+ $num = strpos($this->scramble1, $char);
+ if ($num === false) {
+ $this->errors[] = "Key contains an invalid character ($char)";
+ return;
+ } // if
+
+ $array[] = $num; // store in output array
+ $tot = $tot + $num; // accumulate total for later
+ } // for
+
+ $array[] = $tot; // insert total as last entry in array
+
+ return $array;
+
+ } // _convertKey
+
+ // ****************************************************************************
+ } // end encryption_class
+ // ****************************************************************************
+
+ ?>