Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-06 01:28:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix: Serious bug with encrypt and decrypt function.

Browse Source
This commit is contained in:
Laurent Destailleur
2009-09-07 14:03:19 +00:00
parent 7c833eb82d
commit c7144ce138
5 changed files with 79 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
htdocs/lib/databases/mysql.lib.php
View File

@@ -680,28 +680,29 @@ class DoliDb
/**
* \brief Encrypt sensitive data in database
* \param field Field name to encrypt
* \param fieldorvalue Field name or value to encrypt
* \param cryptType Type of encryption (2: AES (recommended), 1: DES , 0: no encryption)
* \param cryptKey Encryption key
* \return return Field to encrypt if used
* \param isAValue String in field can be a field name or a value
* \return return XXX(field) or XXX('value') or field or 'value'
*/
function encrypt($field, $cryptType=0, $cryptKey='')
function encrypt($fieldorvalue, $cryptType=0, $cryptKey='', $isAValue=0)
{
$return = $field;
$return = $fieldorvalue;
if ($cryptType && !empty($cryptKey))
{
if ($cryptType == 2)
{
$return = 'AES_ENCRYPT('.$field.',\''.$cryptKey.'\')';
$return = 'AES_ENCRYPT('.($isAValue?"'":"").$fieldorvalue.($isAValue?"'":"").',\''.$cryptKey.'\')';
}
else if ($cryptType == 1)
{
$return = 'DES_ENCRYPT('.$field.',\''.$cryptKey.'\')';
$return = 'DES_ENCRYPT('.($isAValue?"'":"").$fieldorvalue.($isAValue?"'":"").',\''.$cryptKey.'\')';
}
}
return $return;
return ($isAValue?"'":"").$return.($isAValue?"'":"");
}
/**