# HG changeset patch # User Dan # Date 1271489594 14400 # Node ID 9aa09b0a7544e06dea71c1b99c28848548072aa2 # Parent 99b749da5149763550ca9859d239fe6947fb4d46 Made separate methods in sessionManager for static and non-static generate_aes_form(), because PHP (erroneously) always calls that method statically. diff -r 99b749da5149 -r 9aa09b0a7544 includes/sessions.php --- a/includes/sessions.php Tue Apr 06 15:55:21 2010 -0400 +++ b/includes/sessions.php Sat Apr 17 03:33:14 2010 -0400 @@ -3705,18 +3705,9 @@ * @return string */ - static function generate_aes_form(&$dh_store = array()) + function generate_aes_form(&$dh_store = array()) { - $is_static = !( isset($this) && get_class($this) === __CLASS__ ); - if ( $is_static ) - { - $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); - $aes_key = $aes->gen_readymade_key(); - } - else - { - $aes_key = self::rijndael_genkey(); - } + $aes_key = self::rijndael_genkey(); $dh_store = array('aes' => $aes_key, 'public' => '', 'private' => ''); $return = ''; @@ -3735,9 +3726,50 @@ $dh_key_priv = $_math->str($dh_key_priv); $dh_key_pub = $_math->str($dh_key_pub); // store the keys in the DB - // this is doing a static call check to avoid using $this in a static call - if ( !defined('IN_ENANO_INSTALL') && isset($this) && get_class($this) === __CLASS__ ) - $this->sql('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );"); + $this->sql('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );"); + // also give the key to the calling function + $dh_store['public'] = $dh_key_pub; + $dh_store['private'] = $dh_key_priv; + + $return .= " + + "; + } + else + { + $return .= ""; + } + return $return; + } + + /** + * Static version of generate_aes_form(). + * @see sessionManager::generate_aes_form() + * @param reference + * @return string + */ + + static function generate_aes_form_static(&$dh_store = array()) + { + $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); + $aes_key = $aes->gen_readymade_key(); + $dh_store = array('aes' => $aes_key, 'public' => '', 'private' => ''); + + $return = ''; + $return .= ''; + $return .= ''; + $return .= ''; + + require_once(ENANO_ROOT . '/includes/math.php'); + require_once(ENANO_ROOT . '/includes/diffiehellman.php'); + + global $dh_supported, $_math; + if ( $dh_supported ) + { + $dh_key_priv = dh_gen_private(); + $dh_key_pub = dh_gen_public($dh_key_priv); + $dh_key_priv = $_math->str($dh_key_priv); + $dh_key_pub = $_math->str($dh_key_pub); // also give the key to the calling function $dh_store['public'] = $dh_key_pub; $dh_store['private'] = $dh_key_priv; diff -r 99b749da5149 -r 9aa09b0a7544 install/includes/stages/login.php --- a/install/includes/stages/login.php Tue Apr 06 15:55:21 2010 -0400 +++ b/install/includes/stages/login.php Sat Apr 17 03:33:14 2010 -0400 @@ -26,7 +26,7 @@ $ui->show_header(); // generate the HTML for the form, and store the public and private key in the temporary config -$aes_form = sessionManager::generate_aes_form($dh_keys); +$aes_form = sessionManager::generate_aes_form_static($dh_keys); $fp = @fopen(ENANO_ROOT . '/config.new.php', 'a+'); if ( !$fp ) die('Couldn\'t open the config for writing'); diff -r 99b749da5149 -r 9aa09b0a7544 plugins/SpecialUserPrefs.php --- a/plugins/SpecialUserPrefs.php Tue Apr 06 15:55:21 2010 -0400 +++ b/plugins/SpecialUserPrefs.php Sat Apr 17 03:33:14 2010 -0400 @@ -374,7 +374,9 @@

'; if ( !$session->password_change_disabled ) + { echo $session->generate_aes_form(); + } echo '';