Encryption of credit card details bypassed if license key not entered.

This commit is contained in:
Tony Landis 2009-03-27 22:59:03 -06:00
parent 944d0e2acd
commit 06b442cdc0

View File

@ -183,7 +183,7 @@ class CORE_RSA
function CORE_encrypt($data) { function CORE_encrypt($data) {
if(LICENSE_KEY == '') return false; if(LICENSE_KEY == '') return $data; // provide a license key in the setup area to enable encryption
$rsa = new CORE_RSA; $rsa = new CORE_RSA;
$keys = explode('-', LICENSE_KEY); $keys = explode('-', LICENSE_KEY);
$rsa_data = $rsa->rsa_encrypt($data, $keys[1], $keys[0]); $rsa_data = $rsa->rsa_encrypt($data, $keys[1], $keys[0]);
@ -194,7 +194,7 @@ function CORE_encrypt($data) {
function CORE_decrypt($data) { function CORE_decrypt($data) {
if(LICENSE_KEY == '') return false; if(LICENSE_KEY == '') return $data; // provide a license key in the setup area to enable encryption
$rc4_key = do_rc4(LICENSE_KEY, 'en', false); $rc4_key = do_rc4(LICENSE_KEY, 'en', false);
$rc4_data = do_rc4($data, 'de', $rc4_key); $rc4_data = do_rc4($data, 'de', $rc4_key);
$rsa = new CORE_RSA; $rsa = new CORE_RSA;