deon/khosb
Archived
1
0
Fork 0
Code Issues 6 Pull Requests Packages Projects Releases Wiki Activity

Encryption of credit card details bypassed if license key not entered.

Browse Source
This commit is contained in:
Tony Landis 2009-03-27 22:59:03 -06:00
parent 61fc6b8dd2
commit 30b5c20023
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/core/crypt.inc.php
View File

@ -183,7 +183,7 @@ class CORE_RSA
function CORE_encrypt($data) { function CORE_encrypt($data) {
if(LICENSE_KEY == '') return false; if(LICENSE_KEY == '') return $data; // provide a license key in the setup area to enable encryption
$rsa = new CORE_RSA; $rsa = new CORE_RSA;
$keys = explode('-', LICENSE_KEY); $keys = explode('-', LICENSE_KEY);
$rsa_data = $rsa->rsa_encrypt($data, $keys[1], $keys[0]); $rsa_data = $rsa->rsa_encrypt($data, $keys[1], $keys[0]);
@ -194,7 +194,7 @@ function CORE_encrypt($data) {
function CORE_decrypt($data) { function CORE_decrypt($data) {
if(LICENSE_KEY == '') return false; if(LICENSE_KEY == '') return $data; // provide a license key in the setup area to enable encryption
$rc4_key = do_rc4(LICENSE_KEY, 'en', false); $rc4_key = do_rc4(LICENSE_KEY, 'en', false);
$rc4_data = do_rc4($data, 'de', $rc4_key); $rc4_data = do_rc4($data, 'de', $rc4_key);
$rsa = new CORE_RSA; $rsa = new CORE_RSA;