 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
Can you help me to decode this? |
 |
 Posted: Fri Aug 31, 2012 9:15 pm |
 |
|
| aponte |
| Active user |
 |
|
| Joined: Aug 03, 2012 |
| Posts: 33 |
|
|
|
 |
|
 |
|
|
|
|
|
|
|
|
|
| Posted: Fri Aug 31, 2012 9:55 pm |
|
|
| demon |
| Moderator |
 |
|
| Joined: Sep 22, 2010 |
| Posts: 485 |
|
|
|
|
|
|
|
those two were encoded:
engage.php
| Code: | <?php
function engage_config()
{
$configarray = array(
"name" => "Engage Login",
"description" => "This addon integrates WHMCS with the Janrain Engage (http://www.janrain.com) login module allowing users to log in with their existing accounts from other services (Facebook, Twitter, Google, etc)",
"version" => "1.0",
"author" => "goWHMCS.com",
"language" => "english",
"fields" => array(
"option1" => array(
"FriendlyName" => "Application ID",
"Type" => "text",
"Size" => "25",
"Description" => "Application subdomain name obtained from your engage account on the Janrain website. If your application \"Domain\" is http://example.rpxnow.com, enter \"example\" for this setting.",
"Default" => ""
),
"option2" => array(
"FriendlyName" => "API Key",
"Type" => "text",
"Size" => "25",
"Description" => "API Key obtained from your engage account on the Janrain website.",
"Default" => ""
)
)
);
return $configarray;
}
function engage_activate()
{
include(realpath(dirname(__FILE__)) . "/utilities/init.php");
$db->Execute("CREATE TABLE IF NOT EXISTS `tblclients_engage` (`id` int(10) unsigned NOT NULL auto_increment, `client_id` int(10) unsigned NOT NULL, `login_id` varchar(255) NOT NULL, `login_provider` varchar(255) NOT NULL, PRIMARY KEY (`id`), KEY `client_id` (`client_id`)) ENGINE=MyISAM");
return array(
"status" => "success",
"description" => "The addon has been activated."
);
}
function engage_deactivate()
{
include(realpath(dirname(__FILE__)) . "/utilities/init.php");
return array(
"status" => "success",
"description" => "The addon has been deactivated."
);
}
function engage_upgrade($vars)
{
}
function engage_output($vars)
{
include(realpath(dirname(__FILE__)) . "/utilities/init.php");
echo "Version: " . $vars['version'] . "<br /><br />";
echo "Please ensure you have entered your application subdomain and API Key into the settings under Setup->Addon Modules<br />";
echo "Place the template variable {\$engage_login} in your login.tpl file where you would like the engage login box to appear.<br />";
}
function engage_clientarea($vars)
{
include(realpath(dirname(__FILE__)) . "/utilities/init.php");
$template_variables = array(
"lang" => $vars['_lang']
);
if (isset($_SESSION['engage_type'])) {
$template_variables['login_type'] = htmlspecialchars($_SESSION['engage_type'], ENT_QUOTES);
}
if (isset($_POST['engage_link_submit']) && !empty($_SESSION['engage_id'])) {
$api_admin = $db->GetOne("SELECT username FROM tbladmins WHERE roleid=1 LIMIT 1");
$current_user = $_SESSION['uid'];
$results = localAPI("validatelogin", array(
"email" => $_POST['engage_email'],
"password2" => $_POST['engage_password']
), $api_admin);
$client = $db->GetRow("SELECT * FROM tblclients WHERE email=?", array(
$_POST['engage_email']
));
$existing_check = $db->GetRow("SELECT * FROM tblclients_engage WHERE client_id=? AND login_id=? AND login_provider=?", array(
$client['id'],
$_SESSION['engage_id'],
$_SESSION['engage_type']
));
$date_check = $db->GetOne("SELECT COUNT(*) FROM tblclients WHERE datecreated = CURDATE() AND id=?", array(
$current_user
));
if ($results['result'] == "success" && !$existing_check && $date_check) {
$db->Execute("INSERT INTO tblclients_engage (client_id,login_id,login_provider) VALUES (?,?,?)", array(
$client['id'],
$_SESSION['engage_id'],
$_SESSION['engage_type']
));
localAPI("deleteclient", array(
"clientid" => $current_user
), $api_admin);
$db->Execute("DELETE FROM tblclients_engage WHERE client_id=?", array(
$current_user
));
$template_variables['link_success'] = "true";
} else {
$template_variables['link_failed'] = "true";
}
}
return array(
"pagetitle" => $vars['_lang']['engage_link_account'],
"breadcrumb" => array(
"index.php?m=engage" => $vars['_lang']['engage_link_account']
),
"templatefile" => "engage_link",
"requirelogin" => true,
"vars" => $template_variables
);
}
function engage_sidebar($vars)
{
return "";
}
if (!defined("WHMCS")) {
exit("This file cannot be accessed directly");
}
?>
|
callback.php
| Code: | <?php
include(realpath(dirname(__FILE__)) . "/utilities/init.php");
$data = array(
"token" => $_POST['token'],
"apiKey" => $db->GetOne("SELECT value FROM tbladdonmodules WHERE module='engage' AND setting='option2'"),
"format" => "json"
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, "https://rpxnow.com/api/v2/auth_info");
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$raw_json = curl_exec($curl);
curl_close($curl);
$auth_info = json_decode($raw_json, true);
if ($auth_info['stat'] == "ok") {
$user_data = array(
"login_id" => $auth_info['profile']['identifier'],
"login_provider" => $auth_info['profile']['providerName']
);
if (isset($auth_info['profile']['email'])) {
$user_data['email'] = $auth_info['profile']['email'];
} else {
$user_data['email'] = "EngageEmailPlaceHolder";
}
if (isset($auth_info['profile']['name']['familyName'])) {
$user_data['lastname'] = $auth_info['profile']['name']['familyName'];
if (isset($auth_info['profile']['name']['givenName'])) {
$user_data['firstname'] = $auth_info['profile']['name']['givenName'];
}
} else if (isset($auth_info['profile']['name']['formatted'])) {
$formatted_name = explode(" ", $auth_info['profile']['name']['formatted']);
if (count($formatted_name) == 2) {
$user_data['firstname'] = $formatted_name[0];
$user_data['lastname'] = $formatted_name[1];
} else {
$user_data['firstname'] = $formatted_name[0];
}
unset($formatted_name);
}
if (isset($auth_info['profile']['phoneNumber'])) {
$user_data['phonenumber'] = $auth_info['profile']['phoneNumber'];
}
if (isset($auth_info['profile']['address']['streetAddress'])) {
$user_data['address1'] = $auth_info['profile']['address']['streetAddress'];
}
if (isset($auth_info['profile']['address']['locality'])) {
$user_data['city'] = $auth_info['profile']['address']['locality'];
}
if (isset($auth_info['profile']['address']['region'])) {
$user_data['state'] = $auth_info['profile']['address']['region'];
}
if (isset($auth_info['profile']['address']['country'])) {
$user_data['country'] = $auth_info['profile']['address']['country'];
}
if (isset($auth_info['profile']['address']['postalCode'])) {
$user_data['postcode'] = $auth_info['profile']['address']['postalCode'];
}
$api_admin = $db->GetOne("SELECT username FROM tbladmins WHERE roleid=1 LIMIT 1");
if ($client = $db->GetRow("SELECT c.id, email FROM tblclients c INNER JOIN tblclients_engage ce ON c.id=ce.client_id WHERE ce.login_id=?", array(
$auth_info['profile']['identifier']
))) {
$api_values = array(
"password2" => md5(uniqid("", true)),
"clientid" => $client['id']
);
$results = localAPI("updateclient", $api_values, $api_admin);
$results = localAPI("validatelogin", array(
"email" => $client['email'],
"password2" => $api_values['password2']
), $api_admin);
if ($results['result'] == "success") {
$_SESSION['uid'] = $results['userid'];
$_SESSION['upw'] = $results['passwordhash'];
session_write_close();
header("Location: " . $systemurl . "/clientarea.php?engage_login=true");
exit();
}
} else if ($client = $db->GetRow("SELECT id, email FROM tblclients c WHERE c.email=?", array(
$auth_info['profile']['email']
))) {
$api_values = array(
"password2" => md5(uniqid("", true)),
"clientid" => $client['id']
);
$results = localAPI("updateclient", $api_values, $api_admin);
$results = localAPI("validatelogin", array(
"email" => $client['email'],
"password2" => $api_values['password2']
), $api_admin);
if ($results['result'] == "success") {
$_SESSION['uid'] = $results['userid'];
$_SESSION['upw'] = $results['passwordhash'];
session_write_close();
header("Location: " . $systemurl . "/clientarea.php?engage_login=true");
exit();
}
} else {
$user_data['password2'] = md5(uniqid("", true));
$user_data['skipvalidation'] = "true";
$user_data['noemail'] = "true";
$results = localAPI("addclient", $user_data, $api_admin);
if ($results['result'] == "success") {
$db->Execute("INSERT INTO tblclients_engage (client_id,login_id,login_provider) VALUES (?,?,?)", array(
$results['clientid'],
$auth_info['profile']['identifier'],
$auth_info['profile']['providerName']
));
$results = localAPI("validatelogin", array(
"email" => $user_data['email'],
"password2" => $user_data['password2']
), $api_admin);
if ($results['result'] == "success") {
$_SESSION['uid'] = $results['userid'];
$_SESSION['upw'] = $results['passwordhash'];
$_SESSION['engage_type'] = $auth_info['profile']['providerName'];
$_SESSION['engage_id'] = $auth_info['profile']['identifier'];
session_write_close();
header("Location: " . $systemurl . "/index.php?m=engage");
exit();
}
}
}
}
header("Location: " . $systemurl . "/clientarea.php?engage_login=false");
exit();
?>
|
|
|
Last edited by demon on Fri Aug 31, 2012 11:10 pm; edited 2 times in total
_________________
Go BIG or go HOME ! |
|
|
|
|
|
thanks :) |
|
| Posted: Fri Aug 31, 2012 10:02 pm |
|
|
| aponte |
| Active user |
|
|
| Joined: Aug 03, 2012 |
| Posts: 33 |
|
|
|
|
|
|
|
thanks!!!!!  |
|
|
|
|
| Posted: Fri Aug 31, 2012 10:11 pm |
|
|
| aponte |
| Active user |
|
|
| Joined: Aug 03, 2012 |
| Posts: 33 |
|
|
|
|
|
|
|
I have an error, can you help me to fix?
thanks,alex |
|
|
|
|
| Posted: Fri Aug 31, 2012 10:14 pm |
|
|
| demon |
| Moderator |
|
|
| Joined: Sep 22, 2010 |
| Posts: 485 |
|
|
|
|
|
|
|
what's your error ? and see your pm 
edit: i edited the files above try them now |
|
_________________
Go BIG or go HOME ! |
|
|
|
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 71
Members: 0
Total: 71
