Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-04 18:05:37

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-04 18:05:37 +03:00
parent 2d25bee2a6
commit 691305340a
4 changed files with 451 additions and 852 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
app/core/Encryption.php
View File

@@ -44,20 +44,38 @@ final class Encryption
throw new \RuntimeException('ENCRYPTION_KEY is missing from .env');
}
// Handle common prefixing issues or trailing whitespace
$encryptedData = trim($encryptedData);
if (str_starts_with($encryptedData, '==')) {
$encryptedData = substr($encryptedData, 2);
}
$encryptionKey = hash('sha256', $key, true);
$decoded = base64_decode($encryptedData);
$decoded = base64_decode($encryptedData, true);
if ($decoded === false) return false;
if ($decoded === false) {
error_log("ENCRYPTION ERROR: Invalid base64 data provided for decryption.");
return false;
}
$ivLength = openssl_cipher_iv_length(self::CIPHER);
$tagLength = 16;
if (strlen($decoded) < $ivLength + $tagLength) return false;
if (strlen($decoded) < $ivLength + $tagLength) {
error_log("ENCRYPTION ERROR: Data too short for IV and TAG. Length: " . strlen($decoded));
return false;
}
$iv = substr($decoded, 0, $ivLength);
$tag = substr($decoded, $ivLength, $tagLength);
$ciphertext = substr($decoded, $ivLength + $tagLength);
return openssl_decrypt($ciphertext, self::CIPHER, $encryptionKey, OPENSSL_RAW_DATA, $iv, $tag);
$result = openssl_decrypt($ciphertext, self::CIPHER, $encryptionKey, OPENSSL_RAW_DATA, $iv, $tag);
if ($result === false) {
error_log("ENCRYPTION ERROR: openssl_decrypt failed. Key might be wrong or data corrupted.");
}
return $result;
}
}

3
app/modules_app/invoices/view.php
View File

@@ -87,6 +87,9 @@ try {
// 5. Build the secure file URL using the invoice ID (file.php fetches path from DB)
$invoice['file_url'] = '/index.php?route=v1/invoices/file&id=' . urlencode($id);
// 6. Include local QR code from invoices table if available
// (This is used as a fallback in shell.php if jofotara object is missing)
json_success($invoice);
} catch (\Exception $e) {