Commit ef04db5e authored by Henning Leutz's avatar Henning Leutz 🥋

Merge branch 'dev'

parents 2eff37c2 e0d8b840
......@@ -10,6 +10,12 @@ QUI::$Ajax->registerFunction(
QUI::getUserBySession()
);
if (!QUI::conf('mail', 'admin_mail') || QUI::conf('mail', 'admin_mail') === '') {
QUI::getMessagesHandler()->addAttention(
QUI::getLocale()->get('quiqqer/quiqqer', 'message.missing.admin.mail')
);
}
return $list;
},
false,
......
......@@ -48,6 +48,10 @@ class Encryption
QUI::getConfig('etc/conf.ini.php')->save();
} else {
if (\strpos($iv, ',') !== false) {
$iv = \explode(',', trim($iv))[0];
}
$iv = \hex2bin($iv);
}
......@@ -73,7 +77,7 @@ class Encryption
$Config = QUI::getConfig('etc/conf.ini.php');
$salt = $Config->getValue('globals', 'salt');
$sl = $Config->getValue('globals', 'saltlength');
$givenDate = $data;
$givenData = $data;
if (!$Config->getValue('openssl', 'iv')) {
self::encrypt('');
......@@ -81,38 +85,19 @@ class Encryption
$iv = $Config->getValue('openssl', 'iv');
try {
$iv = \hex2bin($iv);
$data = \openssl_decrypt($data, 'aes-256-cbc', $salt, 0, $iv);
if ($data !== false) {
return \substr($data, -$sl).\substr($data, 0, -$sl);
}
} catch (\Exception $Exception) {
// nothing
QUI\System\Log::addDebug($Exception->getMessage());
}
if (\strpos($iv, ',') === false) {
$Exception = new \Exception('Could not decrypt');
QUI\System\Log::writeException($Exception);
QUI\System\Log::writeRecursive([
'decryptData' => $givenDate,
'decryptResult' => $data
]);
return $data;
}
/**
* multi key support
*/
$ivs = \explode(',', trim($iv));
if (\strpos($iv, ',') !== false) {
$ivs = \explode(',', trim($iv));
} else {
$ivs[] = trim($iv);
}
foreach ($ivs as $iv) {
try {
$iv = \hex2bin($iv);
$data = \openssl_decrypt($data, 'aes-256-cbc', $salt, 0, $iv);
$iv = @\hex2bin($iv);
$data = \openssl_decrypt($givenData, 'aes-256-cbc', $salt, 0, $iv);
if ($data !== false) {
return \substr($data, -$sl).\substr($data, 0, -$sl);
......@@ -122,14 +107,6 @@ class Encryption
}
}
$Exception = new \Exception('Could not decrypt');
QUI\System\Log::writeException($Exception);
QUI\System\Log::writeRecursive([
'decryptData' => $givenDate,
'decryptResult' => $data
]);
throw $Exception;
return $givenData;
}
}
......@@ -4221,6 +4221,12 @@ Hinweis: Wenn QUIQQER als GIT Repository installiert ist, existiert keine MD5 Su
Bitte überprüfen Deine Netzwerkverbindung.
]]></de>
</locale>
<locale name="message.missing.admin.mail">
<de><![CDATA[
Hinweis: Bitte stelle eine Adminmail ein.
Bei etwaigen Fehlern kann QUIQQER darüber informieren.
]]></de>
</locale>
</groups>
<groups name="quiqqer/quiqqer" datatype="php">
......
......@@ -2591,7 +2591,7 @@ You can also ignore the console user permissions check with '--ignore-file-permi
<locale name="quiqqer.settings.cache.clear.quiqqer-quiqqer-packages">
<en><![CDATA[Clear QUIQQER packages cache]]></en>
</locale>
<locale name="quiqqer.settings.cache.clear.compile">
<en><![CDATA[Clear system-cache]]></en>
</locale>
......@@ -4072,10 +4072,16 @@ Note: If QUIQQER is installed as GIT repository, no MD5 summary file exists.
</locale>
<locale name="exception.upload.error">
<de><![CDATA[
<en><![CDATA[
An error occurred while uploading the file.
Please check your network connection.
]]></de>
]]></en>
</locale>
<locale name="message.missing.admin.mail">
<en><![CDATA[
Note: Please set up an adminmail.
QUIQQER can inform you about any errors.
]]></en>
</locale>
</groups>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment