adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 03:18:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixing Security::cipher() not being able to correctly decrypt numeric values. Fixes #513

Browse source
This commit is contained in:
Mark Story 2010-03-27 17:19:42 -04:00
parent 1210a4f598
commit 7b28fdec85
2 changed files with 14 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
cake/libs/security.php
View file

@ -176,17 +176,15 @@ class Security extends Object {
srand(Configure::read('Security.cipherSeed'));
$out = '';
$keyLength = strlen($key);
for ($i = 0, $j = strlen($text); $i < $j; $i++) {
$k = ord($key[$i % $keyLength]);
while ($k-- > 0) {
for ($i = 0, $textLength = strlen($text); $i < $textLength; $i++) {
$j = ord(substr($key, $i % $keyLength, 1));
while ($j--) {
rand(0, 255);
}
$mask = rand(0, 255);
$out .= chr(ord($text[$i]) ^ $mask);
$out .= chr(ord(substr($text, $i, 1)) ^ $mask);
}
srand();
return $out;
}

10
cake/tests/cases/libs/security.test.php
View file

@ -159,6 +159,16 @@ class SecurityTest extends CakeTestCase {
$result = Security::cipher($txt, $key);
$this->assertError();
$this->assertIdentical($result, '');
$txt = 123456;
$key = 'my_key';
$result = Security::cipher($txt, $key);
$this->assertEqual(Security::cipher($result, $key), $txt);
$txt = '123456';
$key = 'my_key';
$result = Security::cipher($txt, $key);
$this->assertEqual(Security::cipher($result, $key), $txt);
}
}
?>