diff options
| author | cassiopc <cassiopc@gmail.com> | 2018-08-23 14:25:32 +0000 |
|---|---|---|
| committer | cassiopc <cassiopc@gmail.com> | 2018-08-23 14:25:32 +0000 |
| commit | e186493a2bd8fef5fc0c7ad47edefbabddb6f0ab (patch) | |
| tree | 700622a2ad1516a7d3a1b0184f07c7087b2ce7bd /src/getcode.php | |
| parent | 25e1cce50cc8c7cbbedc38675dd71e8a9944f451 (diff) | |
| download | boca-e186493a2bd8fef5fc0c7ad47edefbabddb6f0ab.tar.gz boca-e186493a2bd8fef5fc0c7ad47edefbabddb6f0ab.zip | |
improvements of scripts and fixes about urls
Diffstat (limited to 'src/getcode.php')
| -rw-r--r-- | src/getcode.php | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/getcode.php b/src/getcode.php index 407a00b..677aeeb 100644 --- a/src/getcode.php +++ b/src/getcode.php @@ -25,7 +25,13 @@ srand(make_seed()); function myhash($k) { return hash('sha256',$k); } -$iv = "1234567812345678"; +if(!function_exists('openssl_cipher_iv_length')) { + MSGError("Encryption error -- php openssl not installed -- contact an admin (" . getFunctionName() .")"); + LogError("Encryption error -- php openssl not installed -- contact an admin (" . getFunctionName() .")"); + return ""; +} +$clen = openssl_cipher_iv_length('aes-256-cbc'); +$iv = substr(myhash(openssl_random_pseudo_bytes($clen)),0,$clen); if(isset($_GET["name"]) && $_GET["name"] != "" ) { $name = $_GET["name"]; @@ -46,7 +52,7 @@ if(isset($_GET["name"]) && $_GET["name"] != "" ) { "chmod 600 /root/submissions/code\n"; if(($str = @file_get_contents("/var/www/boca/src/private/run-past.code")) !== false) $txt .= $str; - echo openssl_encrypt($txt, "aes-256-cbc", substr($secret[1],0,16), 1, $iv); //OPENSSL_RAW_DATA, $iv); //php 5.4.0 + echo $iv . ":\n" . openssl_encrypt($txt, "aes-256-cbc", substr($secret[1],0,32), OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); //OPENSSL_RAW_DATA, $iv); //php 5.4.0 @file_put_contents("/var/www/boca/src/private/run-past.log", $name . "|" . $cc . "|" . date(DATE_RFC2822) . "\n", LOCK_EX | FILE_APPEND); exit; } |