Cryptage mot de passe SMTP + masquage de champs

This commit is contained in:
Fred Tempez 2020-05-11 17:02:32 +02:00
parent 73cd16b953
commit 8d814afa73
5 changed files with 111 additions and 49 deletions

View File

@ -445,4 +445,27 @@ class helper {
return $text; return $text;
} }
/**
* Cryptation
* @param string $key la clé d'encryptage
* @param string $payload la chaine à coder
* @return string
*/
public static function encrypt($key, $payload) {
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc'));
$encrypted = openssl_encrypt($payload, 'aes-256-cbc', $key, 0, $iv);
return base64_encode($encrypted . '::' . $iv);
}
/**
* Décryptation
* @param string $key la clé d'encryptage
* @param string $garble la chaine à décoder
* @return string
*/
public static function decrypt($key, $garble) {
list($encrypted_data, $iv) = explode('::', base64_decode($garble), 2);
return openssl_decrypt($encrypted_data, 'aes-256-cbc', $key, 0, $iv);
}
} }

View File

@ -852,34 +852,39 @@ class common {
ob_start(); ob_start();
include 'core/layout/mail.php'; include 'core/layout/mail.php';
$layout = ob_get_clean(); $layout = ob_get_clean();
$mail = new PHPMailer\PHPMailer\PHPMailer; $mail = new PHPMailer\PHPMailer\PHPMailer;
$mail->CharSet = 'UTF-8';
// Mail // Mail
try{ try{
// Paramètres SMTP // Paramètres SMTP
if ($this->getdata(['config','smtp','enable'])) { if ($this->getdata(['config','smtp','enable'])) {
// $mail->SMTPDebug = PHPMailer\PHPMailer\SMTP::DEBUG_SERVER; //$mail->SMTPDebug = PHPMailer\PHPMailer\SMTP::DEBUG_SERVER;
$mail->isSMTP(); $mail->isSMTP();
$mail->SMTPAutoTLS = false; $mail->SMTPAutoTLS = false;
$mail->Host = $this->getdata(['config','smtp','host']); $mail->Host = $this->getdata(['config','smtp','host']);
$mail->Port = (int) $this->getdata(['config','smtp','port']); $mail->Port = (int) $this->getdata(['config','smtp','port']);
if ($this->getData(['config','smtp','auth'])) { if ($this->getData(['config','smtp','auth'])) {
$mail->Username = $this->getData(['config','smtp','username']); $mail->Username = $this->getData(['config','smtp','username']);
$mail->Password = $this->getData(['config','smtp','password']); $mail->Password = helper::decrypt($this->getData(['config','smtp','username']),$this->getData(['config','smtp','password']));
$mail->SMTPAuth = $this->getData(['config','smtp','auth']); $mail->SMTPAuth = $this->getData(['config','smtp','auth']);
$mail->SMTPSecure = $this->getData(['config','smtp','secure']); $mail->SMTPSecure = $this->getData(['config','smtp','secure']);
$mail->setFrom($this->getData(['config','smtp','sender'])); $mail->setFrom($this->getData(['config','smtp','username']));
if (is_null($replyTo)) {
$mail->addReplyTo($this->getData(['config','smtp','username']));
} else {
$mail->addReplyTo($replyTo);
}
} }
// Fin SMTP // Fin SMTP
} else { } else {
$host = str_replace('www.', '', $_SERVER['HTTP_HOST']); $host = str_replace('www.', '', $_SERVER['HTTP_HOST']);
$mail->setFrom('no-reply@' . $host, $this->getData(['config', 'title'])); $mail->setFrom('no-reply@' . $host, $this->getData(['config', 'title']));
if (is_null($replyTo)) { if (is_null($replyTo)) {
$mail->addReplyTo('no-reply@' . $host, $this->getData(['config', 'title'])); $mail->addReplyTo('no-reply@' . $host, $this->getData(['config', 'title']));
} else { } else {
$mail->addReplyTo($replyTo); $mail->addReplyTo($replyTo);
} }
} }
$mail->CharSet = 'UTF-8';
if(is_array($to)) { if(is_array($to)) {
foreach($to as $userMail) { foreach($to as $userMail) {
$mail->addAddress($userMail); $mail->addAddress($userMail);

View File

@ -438,12 +438,12 @@ class config extends common {
'auth' => $this->getInput('configSmtpAuth',helper::FILTER_BOOLEAN), 'auth' => $this->getInput('configSmtpAuth',helper::FILTER_BOOLEAN),
'secure' => $this->getInput('configSmtpSecure'), 'secure' => $this->getInput('configSmtpSecure'),
'username' => $this->getInput('configSmtpUsername',helper::FILTER_STRING_SHORT), 'username' => $this->getInput('configSmtpUsername',helper::FILTER_STRING_SHORT),
'password' => $this->getInput('configSmtpPassword'), 'password' =>helper::encrypt($this->getData(['config','smtp','username']),$this->getInput('configSmtpPassword')),
'sender' => $this->getInput('configSmtpSender',helper::FILTER_MAIL) 'sender' => $this->getInput('configSmtpSender',helper::FILTER_MAIL)
] ]
] ]
]); ]);
if(self::$inputNotices === []) { if(self::$inputNotices === []) {
// Ecrire les fichiers de script // Ecrire les fichiers de script
file_put_contents(self::DATA_DIR . 'head.inc.html',$this->getInput('configScriptHead',null)); file_put_contents(self::DATA_DIR . 'head.inc.html',$this->getInput('configScriptHead',null));

View File

@ -10,16 +10,54 @@
* @link http://zwiicms.com/ * @link http://zwiicms.com/
*/ */
/** $( document).ready(function() {
* Modification de l'affichage de l'icône de langues /**
*/ * Afficher et masquer options SMTP
*/
if ($("input[name=configSmtpEnable]").is(':checked')) {
$("#configSmtpParam").addClass("disabled");
$("#configSmtpParam").slideDown();
} else {
$("#configSmtpParam").removeClass("disabled");
$("#configSmtpParam").slideUp();
}
/**
* Afficher et masquer options Auth
*/
if ($("select[name=configSmtpAuth]").val() == true) {
$("#configSmtpAuthParam").addClass("disabled");
$("#configSmtpAuthParam").slideDown();
} else {
$("#configSmtpAuthParam").removeClass("disabled");
$("#configSmtpAuthParam").slideUp();
}
});
/**
* Afficher et masquer options SMTP
*/
$("input[name=configSmtpEnable]").on("change", function() { $("input[name=configSmtpEnable]").on("change", function() {
if ($("input[name=configSmtpEnable]").is(':checked')) { if ($("input[name=configSmtpEnable]").is(':checked')) {
$(".configSmtpParam").addClass("disabled"); $("#configSmtpParam").addClass("disabled");
$(".configSmtpParam").slideDown(); $("#configSmtpParam").slideDown();
} else { } else {
$(".configSmtpParam").removeClass("disabled"); $("#configSmtpParam").removeClass("disabled");
$(".configSmtpParam").slideUp(); $("#configSmtpParam").slideUp();
} }
}); });
/**
* Afficher et masquer options Auth
*/
$("select[name=configSmtpAuth]").on("change", function() {
if ($("select[name=configSmtpAuth]").val() == true) {
$("#configSmtpAuthParam").addClass("disabled");
$("#configSmtpAuthParam").slideDown();
} else {
$("#configSmtpAuthParam").removeClass("disabled");
$("#configSmtpAuthParam").slideUp();
}
});

View File

@ -335,21 +335,15 @@
]); ?> ]); ?>
</div> </div>
</div> </div>
<div class="configSmtpParam"> <div id="configSmtpParam">
<div class="row"> <div class="row">
<div class="col5"> <div class="col8">
<?php echo template::text('configSmtpHost', [ <?php echo template::text('configSmtpHost', [
'label' => 'Adresse SMTP', 'label' => 'Adresse SMTP',
'placeholder' => 'smtp.fr', 'placeholder' => 'smtp.fr',
'value' => $this->getData(['config', 'smtp','host']) 'value' => $this->getData(['config', 'smtp','host'])
]); ?> ]); ?>
</div> </div>
<div class="col5">
<?php echo template::text('configSmtpSender', [
'label' => 'Mail expéditeur',
'value' => $this->getData(['config', 'smtp','sender'])
]); ?>
</div>
<div class="col2"> <div class="col2">
<?php echo template::text('configSmtpPort', [ <?php echo template::text('configSmtpPort', [
'label' => 'Port SMTP', 'label' => 'Port SMTP',
@ -357,34 +351,36 @@
'value' => $this->getData(['config', 'smtp','port']) 'value' => $this->getData(['config', 'smtp','port'])
]); ?> ]); ?>
</div> </div>
</div>
<div class="row">
<div class="col2"> <div class="col2">
<?php echo template::select('configSmtpAuth', $module::$SMTPauth, [ <?php echo template::select('configSmtpAuth', $module::$SMTPauth, [
'label' => 'Authentification', 'label' => 'Authentification',
'selected' => $this->getData(['config', 'smtp','auth']) 'selected' => $this->getData(['config', 'smtp','auth'])
]); ?> ]); ?>
</div> </div>
<div class="col4"> </div>
<?php echo template::text('configSmtpUsername', [ <div id="configSmtpAuthParam">
'label' => 'Nom utilisateur', <div class="row">
'value' => $this->getData(['config', 'smtp','username' ]) <div class="col5">
]); ?> <?php echo template::text('configSmtpUsername', [
</div> 'label' => 'Nom utilisateur',
<div class="col4"> 'value' => $this->getData(['config', 'smtp','username' ])
<?php echo template::password('configSmtpPassword', [ ]); ?>
'label' => 'Mot de passe', </div>
'autocomplete' => 'off', <div class="col5">
'value' => $this->getData(['config', 'smtp','password' ]) <?php echo template::password('configSmtpPassword', [
]); ?> 'label' => 'Mot de passe',
</div> 'autocomplete' => 'off',
<div class="col2"> 'value' => $this->getData(['config','smtp','password'])
<?php echo template::select('configSmtpSecure', $module::$SMTPEnc , [ ]); ?>
'label' => 'Sécurité', </div>
'selected' => $this->getData(['config', 'smtp','secure']) <div class="col2">
]); ?> <?php echo template::select('configSmtpSecure', $module::$SMTPEnc , [
</div> 'label' => 'Sécurité',
</div> 'selected' => $this->getData(['config', 'smtp','secure'])
]); ?>
</div>
</div>
</div>
</div> </div>
</div> </div>
</div> </div>