[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: Crypto.php
<?php namespace WPForms\Helpers; /** * Class for encryption functionality. * * @since 1.6.1.2 * * @link https://www.php.net/manual/en/intro.sodium.php */ class Crypto { /** * Get a secret key for encrypt/decrypt. * * @since 1.6.1.2 * * @return string */ public static function get_secret_key() { $secret_key = get_option( 'wpforms_crypto_secret_key' ); // If we already have the secret, send it back. if ( false !== $secret_key ) { return base64_decode( $secret_key ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode } // We don't have a secret, so let's generate one. $secret_key = sodium_crypto_secretbox_keygen(); add_option( 'wpforms_crypto_secret_key', base64_encode( $secret_key ) ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode return $secret_key; } /** * Encrypt a message. * * @since 1.6.1.2 * * @param string $message Message to encrypt. * @param string $key Encryption key. * * @return string */ public static function encrypt( $message, $key = '' ) { // Create a nonce for this operation. It will be stored and recovered in the message itself. $nonce = random_bytes( SODIUM_CRYPTO_SECRETBOX_NONCEBYTES ); if ( empty( $key ) ) { $key = self::get_secret_key(); } // Encrypt message and combine with nonce. $cipher = base64_encode( // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode $nonce . sodium_crypto_secretbox( $message, $nonce, $key ) ); try { sodium_memzero( $message ); sodium_memzero( $key ); } catch ( \Exception $e ) { return $cipher; } return $cipher; } /** * Decrypt a message. * * @since 1.6.1.2 * * @param string $encrypted Encrypted message. * @param string $key Encryption key. * * @return string */ public static function decrypt( $encrypted, $key = '' ) { // Unpack base64 message. $decoded = base64_decode( $encrypted ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode if ( false === $decoded ) { return false; } if ( mb_strlen( $decoded, '8bit' ) < ( SODIUM_CRYPTO_SECRETBOX_NONCEBYTES + SODIUM_CRYPTO_SECRETBOX_MACBYTES ) ) { return false; } // Pull nonce and ciphertext out of unpacked message. $nonce = mb_substr( $decoded, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, '8bit' ); $ciphertext = mb_substr( $decoded, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit' ); if ( empty( $key ) ) { $key = self::get_secret_key(); } // Decrypt it. $message = sodium_crypto_secretbox_open( $ciphertext, $nonce, $key ); // Check for decrpytion failures. if ( false === $message ) { return false; } try { sodium_memzero( $ciphertext ); sodium_memzero( $key ); } catch ( \Exception $e ) { return $message; } return $message; } }
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: premium166.web-hosting.com
Server IP: 162.0.209.40
PHP Version: 8.1.34
Server Software: LiteSpeed
System: Linux premium166.web-hosting.com 4.18.0-553.45.1.lve.el8.x86_64 #1 SMP Wed Mar 26 12:08:09 UTC 2025 x86_64
HDD Total: 97.87 GB
HDD Free: 75.25 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
None
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes (py3)
gcc:
No
pkexec:
No
git:
Yes
User Info
Username: kataubyb
User ID (UID): 624
Group ID (GID): 625
Script Owner UID: 624
Current Dir Owner: 624