Context Navigation

session.php

Timestamp:

01/01/10 11:51:27 (2 years ago)

Author:

brieb

Message:

Added more severe checking for encrytion key file
Added security tips on implementing payment encryption
Added mailchimp update.php so module would display as not installed during update process

Files:

r648	r699
239	239	var $type = "ERROR";
240	240	var $value = "";
241
242		/**
	241
	242	/**
243	243	* $userid
244	244	* @var string user's uuid
…	…
479	479	if(defined("ENCRYPTION_KEY_PATH"))
480	480	if(is_file(ENCRYPTION_KEY_PATH)){
481		$res = fopen(ENCRYPTION_KEY_PATH, "r");
	481
	482	$res = @ fopen(ENCRYPTION_KEY_PATH, "r");
	483
482	484	if($res !== false){
	485
	486	if(@filesize(ENCRYPTION_KEY_PATH))
483	487	define("ENCRYPTION_KEY",trim(fread($res, filesize(ENCRYPTION_KEY_PATH))));
484		}elseif(ENCRYPT_PAYMENT_FIELDS){
485		new appError(-229, "encryption key path setting is not a valid path");
	488	else
	489	$error = new appError(-230, "Cannot open path '".ENCRYPTION_KEY_PATH."' or file has zero length ", "Invalid Encryption Key File", true, true);
	490
	491	} elseif(ENCRYPT_PAYMENT_FIELDS){
	492
	493	$error = new appError(-229, "Invalid encryption file or cannot open '".ENCRYPTION_KEY_PATH."'", "Invalid Encryption Key File", true, true);
	494
486	495	}else{
487		define("ENCRYPTION_KEY", "");
	496
	497	define("ENCRYPTION_KEY", "");
	498
488	499	}//end if
489		}elseif(ENCRYPT_PAYMENT_FIELDS){
490		~~new appError(-228, "encryption key path setting is not a valid path");~~
491		}else{
492		~~define("ENCRYPTION_KEY", "");~~
493		~~}//end if~~
	500
	501	}elseif(ENCRYPT_PAYMENT_FIELDS)
	502	$error = new appError(-228, ENCRYPTION_KEY_PATH." missing or invalid.", "Cannot Open Encryption Key File", true, true);
	503	else
	504	define("ENCRYPTION_KEY", "");
494	505
495	506	// This following code is for windows boxen, because they lack some server varables as well