Made separate methods in sessionManager for static and non-static generate_aes_form(), because PHP (erroneously) always calls that method statically.
authorDan
Sat, 17 Apr 2010 03:33:14 -0400
changeset 1242 9aa09b0a7544
parent 1241 99b749da5149
child 1243 db42b7c50e57
Made separate methods in sessionManager for static and non-static generate_aes_form(), because PHP (erroneously) always calls that method statically.
includes/sessions.php
install/includes/stages/login.php
plugins/SpecialUserPrefs.php
--- a/includes/sessions.php	Tue Apr 06 15:55:21 2010 -0400
+++ b/includes/sessions.php	Sat Apr 17 03:33:14 2010 -0400
@@ -3705,18 +3705,9 @@
 	 * @return string
 	 */
 	
-	static function generate_aes_form(&$dh_store = array())
+	function generate_aes_form(&$dh_store = array())
 	{
-		$is_static = !( isset($this) && get_class($this) === __CLASS__ );
-		if ( $is_static )
-		{
-			$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
-			$aes_key = $aes->gen_readymade_key();
-		}
-		else
-		{
-			$aes_key = self::rijndael_genkey();
-		}
+		$aes_key = self::rijndael_genkey();
 		$dh_store = array('aes' => $aes_key, 'public' => '', 'private' => '');
 		
 		$return = '<input type="hidden" name="use_crypt" value="no" />';
@@ -3735,9 +3726,50 @@
 			$dh_key_priv = $_math->str($dh_key_priv);
 			$dh_key_pub = $_math->str($dh_key_pub);
 			// store the keys in the DB
-			// this is doing a static call check to avoid using $this in a static call
-			if ( !defined('IN_ENANO_INSTALL') && isset($this) && get_class($this) === __CLASS__ )
-				$this->sql('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");
+			$this->sql('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");
+			// also give the key to the calling function
+			$dh_store['public'] = $dh_key_pub;
+			$dh_store['private'] = $dh_key_priv;
+			
+			$return .=  "<input type=\"hidden\" name=\"dh_supported\" value=\"true\" />
+						<input type=\"hidden\" name=\"dh_public_key\" value=\"$dh_key_pub\" />
+						<input type=\"hidden\" name=\"dh_client_public_key\" value=\"\" />";
+		}
+		else
+		{
+			$return .=  "<input type=\"hidden\" name=\"dh_supported\" value=\"false\" />";
+		}
+		return $return;
+	}
+	
+	/**
+	 * Static version of generate_aes_form().
+	 * @see sessionManager::generate_aes_form()
+	 * @param reference
+	 * @return string
+	 */
+	
+	static function generate_aes_form_static(&$dh_store = array())
+	{
+		$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
+		$aes_key = $aes->gen_readymade_key();
+		$dh_store = array('aes' => $aes_key, 'public' => '', 'private' => '');
+		
+		$return = '<input type="hidden" name="use_crypt" value="no" />';
+		$return .= '<input type="hidden" name="crypt_key" value="' . $aes_key . '" />';
+		$return .= '<input type="hidden" name="crypt_data" value="" />';
+		$return .= '<input type="hidden" name="challenge_data" value="' . self::dss_rand() . '" />';
+		
+		require_once(ENANO_ROOT . '/includes/math.php');
+		require_once(ENANO_ROOT . '/includes/diffiehellman.php');
+		
+		global $dh_supported, $_math;
+		if ( $dh_supported )
+		{
+			$dh_key_priv = dh_gen_private();
+			$dh_key_pub = dh_gen_public($dh_key_priv);
+			$dh_key_priv = $_math->str($dh_key_priv);
+			$dh_key_pub = $_math->str($dh_key_pub);
 			// also give the key to the calling function
 			$dh_store['public'] = $dh_key_pub;
 			$dh_store['private'] = $dh_key_priv;
--- a/install/includes/stages/login.php	Tue Apr 06 15:55:21 2010 -0400
+++ b/install/includes/stages/login.php	Sat Apr 17 03:33:14 2010 -0400
@@ -26,7 +26,7 @@
 $ui->show_header();
 
 // generate the HTML for the form, and store the public and private key in the temporary config
-$aes_form = sessionManager::generate_aes_form($dh_keys);
+$aes_form = sessionManager::generate_aes_form_static($dh_keys);
 $fp = @fopen(ENANO_ROOT . '/config.new.php', 'a+');
 if ( !$fp )
 	die('Couldn\'t open the config for writing');
--- a/plugins/SpecialUserPrefs.php	Tue Apr 06 15:55:21 2010 -0400
+++ b/plugins/SpecialUserPrefs.php	Sat Apr 17 03:33:14 2010 -0400
@@ -374,7 +374,9 @@
 			<div style="text-align: right;"><input type="submit" name="submit" value="' . $lang->get('etc_save_changes') . '" tabindex="5" /></div>';
 			
 			if ( !$session->password_change_disabled )
+			{
 				echo $session->generate_aes_form();
+			}
 			
 			echo '</form>';