From 825c546991e33213e8221ab56bde31f61c1e36a9 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sat, 23 Jul 2011 15:01:20 +0000 Subject: [PATCH] allow obfuscated settings --- lam/lib/account.inc | 43 +++++++++++++++++++++++++++++++++++++++++++ lam/lib/html.inc | 28 ++++++++++++++++++++++++++-- 2 files changed, 69 insertions(+), 2 deletions(-) diff --git a/lam/lib/account.inc b/lam/lib/account.inc index 72d898d0..d5c1f14a 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -778,4 +778,47 @@ function formatLDAPTimestamp($time) { ' ' . substr($time, 8, 2) . ':' . substr($time, 10, 2) . ':' . substr($time, 12, 2) . ' GMT'; } +/** + * Simple function to obfuscate strings. + * + * @param String $text text to obfuscate + */ +function obfuscateText($text) { + if (($text == null) || ($text == '')) { + return $text; + } + return str_rot13(base64_encode('LAM_OBFUSCATE:'.$text)); +} + +/** + * Simple function to deobfuscate strings. + * + * @param String $text text to deobfuscate + */ +function deobfuscateText($text) { + if (($text == null) || ($text == '')) { + return $text; + } + return str_replace('LAM_OBFUSCATE:', '', base64_decode(str_rot13($text))); +} + +/** + * Checks if the given text is obfuscated. + * + * @param String $text text to check + * @return boolean obfuscated or not + */ +function isObfuscatedText($text) { + if (($text == null) || ($text == '')) { + return false; + } + $deob = base64_decode(str_rot13($text)); + if (strpos($deob, 'LAM_OBFUSCATE:') === 0) { + return true; + } + else { + return false; + } +} + ?> diff --git a/lam/lib/html.inc b/lam/lib/html.inc index b98c8ae9..f5489e12 100644 --- a/lam/lib/html.inc +++ b/lam/lib/html.inc @@ -349,6 +349,8 @@ class htmlInputField extends htmlElement { private $isPassword = false; /** enabled or disabled */ private $isEnabled = true; + /** indicates that the value should be saved in obfuscated form */ + private $obfuscate = false; /** * Constructor @@ -357,6 +359,9 @@ class htmlInputField extends htmlElement { * @param String $fieldValue value of input field (optional) */ function __construct($fieldName, $fieldValue = null, $fieldSize = null) { + if (isObfuscatedText($fieldValue)) { + $fieldValue = deobfuscateText($fieldValue); + } $this->fieldName = htmlspecialchars($fieldName); $this->fieldValue = htmlspecialchars($fieldValue); if ($fieldSize != null) { @@ -377,7 +382,12 @@ class htmlInputField extends htmlElement { */ function generateHTML($module, $input, $values, $restricted, &$tabindex, $scope) { if (isset($values[$this->fieldName])) { - $this->fieldValue = $values[$this->fieldName][0]; + if (isObfuscatedText($values[$this->fieldName][0])) { + $this->fieldValue = deobfuscateText($values[$this->fieldName][0]); + } + else { + $this->fieldValue = $values[$this->fieldName][0]; + } } // print input field $name = ' name="' . $this->fieldName . '"'; @@ -401,7 +411,12 @@ class htmlInputField extends htmlElement { $disabled = ' disabled'; } echo ''; - return array($this->fieldName => 'text'); + if ($this->obfuscate) { + return array($this->fieldName => 'text_obfuscated'); + } + else { + return array($this->fieldName => 'text'); + } } /** @@ -440,6 +455,15 @@ class htmlInputField extends htmlElement { $this->isEnabled = $isEnabled; } + /** + * Specifies if the value should be saved in obfuscated form (e.g. self service profile). + * + * @param boolean $obfuscate obfuscate value + */ + public function setObfuscate($obfuscate) { + $this->obfuscate = $obfuscate; + } + } /**