Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-04 18:05:37

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-04 18:05:37 +03:00
parent 2d25bee2a6
commit 691305340a
4 changed files with 451 additions and 852 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
app/core/Encryption.php
View File

@@ -44,20 +44,38 @@ final class Encryption
throw new \RuntimeException('ENCRYPTION_KEY is missing from .env'); throw new \RuntimeException('ENCRYPTION_KEY is missing from .env');
} }
$encryptionKey = hash('sha256', $key, true); // Handle common prefixing issues or trailing whitespace
$decoded = base64_decode($encryptedData); $encryptedData = trim($encryptedData);
if (str_starts_with($encryptedData, '==')) {
$encryptedData = substr($encryptedData, 2);
}
if ($decoded === false) return false; $encryptionKey = hash('sha256', $key, true);
$decoded = base64_decode($encryptedData, true);
if ($decoded === false) {
error_log("ENCRYPTION ERROR: Invalid base64 data provided for decryption.");
return false;
}
$ivLength = openssl_cipher_iv_length(self::CIPHER); $ivLength = openssl_cipher_iv_length(self::CIPHER);
$tagLength = 16; $tagLength = 16;
if (strlen($decoded) < $ivLength + $tagLength) return false; if (strlen($decoded) < $ivLength + $tagLength) {
error_log("ENCRYPTION ERROR: Data too short for IV and TAG. Length: " . strlen($decoded));
return false;
}
$iv = substr($decoded, 0, $ivLength); $iv = substr($decoded, 0, $ivLength);
$tag = substr($decoded, $ivLength, $tagLength); $tag = substr($decoded, $ivLength, $tagLength);
$ciphertext = substr($decoded, $ivLength + $tagLength); $ciphertext = substr($decoded, $ivLength + $tagLength);
return openssl_decrypt($ciphertext, self::CIPHER, $encryptionKey, OPENSSL_RAW_DATA, $iv, $tag); $result = openssl_decrypt($ciphertext, self::CIPHER, $encryptionKey, OPENSSL_RAW_DATA, $iv, $tag);
if ($result === false) {
error_log("ENCRYPTION ERROR: openssl_decrypt failed. Key might be wrong or data corrupted.");
}
return $result;
} }
} }

3
app/modules_app/invoices/view.php
View File

@@ -87,6 +87,9 @@ try {
// 5. Build the secure file URL using the invoice ID (file.php fetches path from DB) // 5. Build the secure file URL using the invoice ID (file.php fetches path from DB)
$invoice['file_url'] = '/index.php?route=v1/invoices/file&id=' . urlencode($id); $invoice['file_url'] = '/index.php?route=v1/invoices/file&id=' . urlencode($id);
// 6. Include local QR code from invoices table if available
// (This is used as a fallback in shell.php if jofotara object is missing)
json_success($invoice); json_success($invoice);
} catch (\Exception $e) { } catch (\Exception $e) {

1045
public/shell.php
View File

File diff suppressed because it is too large Load Diff

11
scratch/debug_decrypt.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
require_once __DIR__ . '/app/bootstrap/init.php';
use App\Core\Encryption;
$testString = 'dr2LLF70iAqt8g34Dhr/eT1H9o1rSIq3Bb4NHA';
$decrypted = Encryption::decrypt($testString);
var_dump($decrypted);
$testString2 = '==dr2LLF70iAqt8g34Dhr/eT1H9o1rSIq3Bb4NHA';
$decrypted2 = Encryption::decrypt($testString2);
var_dump($decrypted2);