CMS Made Simple - Forge Frontend Users

Back to List

[#2906] Some bugs in frontendusers.module.php

Created By: Rolf (rolf1)

Date Submitted: Tue Jan 20 04:11:50 -0500 2009

Assigned To: Robert Campbell (calguy1000)

Version: 1.6

CMSMS Version: None

Severity: Critical

Resolution: Fixed

State: Closed

Summary:

Some bugs in frontendusers.module.php

Detailed Description:

Hello Calguy,

My first bug submit... I'll do my best on it ;o)

I am not a php-programmer, but with help from Dee and my neighbour I found some
errors in the lines 2248 to 2289 of the file frontendusers.module.php.
(ver.1.5.4 and 1.6)

These errors gave several warnings on both my website and the php_errorlog, for
instance:
- Function name must be a string in...
- Undefined variable: mcrypt_generic_init in...
- Call to undefined function pritn_r() in...
- When using the 'remember me' function I got the text on my site 'Got here 3'

Here I sent you the changed source text:

function _encrypt($key,$data)
  {
    if( !function_exists('mcrypt_module_open') ) return FALSE;
    //die('got here 3'); # <-------------------- added //
    srand((double) microtime() * 1000000);
    $encdata = FALSE;
    $td = @mcrypt_module_open(MCRYPT_DES,'',MCRYPT_MODE_ECB,'');
    if( $td === FALSE ) return FALSE;

    echo "DEBUG: key size = ".mcrypt_enc_get_key_size($td)."<br/>";
    $key = substr($key,0,mcrypt_enc_get_key_size($td));
    echo "DEBUG: key = $key<br/>";
    $iv_size = mcrypt_enc_get_iv_size($td);
    echo "DEBUG: iv size = $iv_size<br/>";
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

    // initialize encryption handle
$tmp = mcrypt_generic_init($td,$key, $iv); # <----------- deleted $ before
mcrypt...
    if( $tmp != -1 )
      {
	$tmp = mcrypt_generic($td,$data);
	print_r( $tmp ); # <----------------------- changed pritn_r
	mcrypt_generic_deinit($td);
	$encdata = $iv.$tmp;
      }
    mcrypt_module_close($td);
    return $encdata;
    die();
  }

  function _decrypt($key,$encdata)
  {
    if( !function_exists('mcrypt_module_open') ) return FALSE;
    $data = FALSE;
    $td = @mcrypt_module_open(MCRYPT_DES,'',MCRYPT_MODE_ECB,'');
    if( $td === FALSE ) return FALSE;

    $key = substr($key,0,mcrypt_enc_get_key_size($td));
    $iv_size = mcrypt_enc_get_iv_size($td);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

    // initialize encryption handle
$tmp = mcrypt_generic_init($td,$key, $iv); # <---------- deleted $ before
mcrypt...
    if( $tmp != -1 )
      {
$data = @mdecrypt_generic($td,$encdata); # <----------- added @ before
mdecrypt...
	mcrypt_generic_deinit($td);
      }
    mcrypt_module_close($td);
    return $data;
  }

Like I said, I am not a php-programmer, but I tried...

Thanks for al your work!
Bye Rolf

History

Date: 2009-01-20 20:24
Posted By: Robert Campbell (calguy1000)

Should be fixed in revision 351

Date: 2009-01-21 09:31
Posted By: Rolf (rolf1)

Thanks Calguy!!

Updated: 2011-11-03 00:21
cmsms_version_id: => -1
state: Open => Closed

Updated: 2009-01-29 10:23
resolution_id: 5 => 7

Updated: 2009-01-20 06:13
description: Hello Calguy, My first bug submit... I'll do my best on it ;o) I am not a php-programmer, but with help from Dee and my neighbour I found some errors in the lines 2248 to 2289 of the file frontendusers.module.php. (ver.1.5.4 and 1.6) These errors => Hello Calguy, My first bug submit... I'll do my best on it ;o) I am not a php-programmer, but with help from Dee and my neighbour I found some errors in the lines 2248 to 2289 of the file frontendusers.module.php. (ver.1.5.4 and 1.6) These errors
resolution_id: => 5

CMSMS | CMS Made Simple

CMS MADE SIMPLE FORGE

Frontend Users

[#2906] Some bugs in frontendusers.module.php

History