mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-06-06 06:34:39 -04:00
Code Issues Packages Projects Releases Wiki Activity

Refactor all encryption/decryption to use helper functions

Browse Source 
Replaces direct encrypter calls with decrypt_value() and encrypt_value()
helpers throughout the codebase for consistent error handling:

- Config controller: SMTP, SMS, Mailchimp credential encryption
- Email_lib: SMTP password decryption
- Sms_lib: SMS password decryption
- Mailchimp_lib: API key decryption
- Customers controller: Mailchimp list ID decryption

Removes nullable EncrypterInterface property from Config controller as
encryption is now handled via helper functions.

GitHub-Issue: #4554
This commit is contained in:
Ollama
2026-05-22 01:28:35 +02:00
parent 26e8d9d80c
commit f7280ea83e
5 changed files with 45 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
app/Controllers/Config.php
View File

@@ -17,11 +17,9 @@ use App\Models\Enums\Rounding_mode;
use App\Models\Stock_location;
use App\Models\Tax;
use CodeIgniter\Database\BaseConnection;
use CodeIgniter\Encryption\EncrypterInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Config\Database;
use Config\OSPOS;
use Config\Services;
use DirectoryIterator;
use NumberFormatter;
use ReflectionException;
@@ -30,7 +28,6 @@ class Config extends Secure_Controller
{
protected $helpers = ['security'];
private BaseConnection $db;
private ?EncrypterInterface $encrypter = null;
private Barcode_lib $barcode_lib;
private Sale_lib $sale_lib;
private Receiving_lib $receiving_lib;
@@ -62,13 +59,6 @@ class Config extends Secure_Controller
$this->tax = model(Tax::class);
$this->config = config(OSPOS::class)->settings;
$this->db = Database::connect();
helper('security');
if (check_encryption()) {
$this->encrypter = Services::encrypter();
} else {
log_message('error', 'Encryption key could not be initialized. Password encryption unavailable.');
}
}
/**
@@ -256,24 +246,11 @@ class Config extends Secure_Controller
// Integrations Related fields
$data['mailchimp'] = [];
$data['mailchimp']['api_key'] = decrypt_value($this->config['mailchimp_api_key'] ?? null);
$data['mailchimp']['list_id'] = decrypt_value($this->config['mailchimp_list_id'] ?? null);
if (check_encryption()) {
if ($this->encrypter === null) {
helper('security');
$this->encrypter = Services::encrypter();
}
$data['mailchimp']['api_key'] = (isset($this->config['mailchimp_api_key']) && !empty($this->config['mailchimp_api_key']))
? $this->encrypter->decrypt($this->config['mailchimp_api_key'])
: '';
$data['mailchimp']['list_id'] = (isset($this->config['mailchimp_list_id']) && !empty($this->config['mailchimp_list_id']))
? $this->encrypter->decrypt($this->config['mailchimp_list_id'])
: '';
remove_backup();
} else {
$data['mailchimp']['api_key'] = '';
$data['mailchimp']['list_id'] = '';
}
$data['mailchimp']['lists'] = $this->_mailchimp();
@@ -514,20 +491,14 @@ class Config extends Secure_Controller
$passwordInput = $this->request->getPost('smtp_pass');
if (!empty($passwordInput)) {
if ($this->encrypter !== null && check_encryption()) {
try {
$password = $this->encrypter->encrypt($passwordInput);
} catch (\Exception $e) {
log_message('error', 'SMTP password encryption failed: ' . $e->getMessage());
$password = encrypt_value($passwordInput);
if (empty($password)) {
log_message('error', 'SMTP password encryption failed');
return $this->response->setJSON([
'success' => false,
'message' => lang('Config.encryption_failed'),
]);
}
} else {
log_message('warning', 'SMTP password saved without encryption - encryption key unavailable');
$password = $passwordInput;
return $this->response->setJSON([
'success' => false,
'message' => lang('Config.encryption_failed'),
]);
}
}
@@ -574,20 +545,14 @@ class Config extends Secure_Controller
$passwordInput = $this->request->getPost('msg_pwd');
if (!empty($passwordInput)) {
if ($this->encrypter !== null && check_encryption()) {
try {
$password = $this->encrypter->encrypt($passwordInput);
} catch (\Exception $e) {
log_message('error', 'SMS password encryption failed: ' . $e->getMessage());
$password = encrypt_value($passwordInput);
if (empty($password)) {
log_message('error', 'SMS password encryption failed');
return $this->response->setJSON([
'success' => false,
'message' => lang('Config.encryption_failed'),
]);
}
} else {
log_message('warning', 'SMS password saved without encryption - encryption key unavailable');
$password = $passwordInput;
return $this->response->setJSON([
'success' => false,
'message' => lang('Config.encryption_failed'),
]);
}
}
@@ -654,38 +619,30 @@ class Config extends Secure_Controller
$api_key = '';
$list_id = '';
if ($this->encrypter !== null && check_encryption()) {
$api_key_unencrypted = $this->request->getPost('mailchimp_api_key');
if (!empty($api_key_unencrypted)) {
try {
$api_key = $this->encrypter->encrypt($api_key_unencrypted);
} catch (\Exception $e) {
log_message('error', 'Mailchimp API key encryption failed: ' . $e->getMessage());
$api_key_input = $this->request->getPost('mailchimp_api_key');
if (!empty($api_key_input)) {
$api_key = encrypt_value($api_key_input);
if (empty($api_key)) {
log_message('error', 'Mailchimp API key encryption failed');
return $this->response->setJSON([
'success' => false,
'message' => lang('Config.encryption_failed'),
]);
}
return $this->response->setJSON([
'success' => false,
'message' => lang('Config.encryption_failed'),
]);
}
}
$list_id_unencrypted = $this->request->getPost('mailchimp_list_id');
if (!empty($list_id_unencrypted)) {
try {
$list_id = $this->encrypter->encrypt($list_id_unencrypted);
} catch (\Exception $e) {
log_message('error', 'Mailchimp list ID encryption failed: ' . $e->getMessage());
$list_id_input = $this->request->getPost('mailchimp_list_id');
if (!empty($list_id_input)) {
$list_id = encrypt_value($list_id_input);
if (empty($list_id)) {
log_message('error', 'Mailchimp list ID encryption failed');
return $this->response->setJSON([
'success' => false,
'message' => lang('Config.encryption_failed'),
]);
}
return $this->response->setJSON([
'success' => false,
'message' => lang('Config.encryption_failed'),
]);
}
} else {
$api_key = $this->request->getPost('mailchimp_api_key') ?: '';
$list_id = $this->request->getPost('mailchimp_list_id') ?: '';
log_message('warning', 'Mailchimp credentials saved without encryption - encryption key unavailable');
}
$batch_save_data = ['mailchimp_api_key' => $api_key, 'mailchimp_list_id' => $list_id];

8
app/Controllers/Customers.php
View File

@@ -31,13 +31,7 @@ class Customers extends Persons
$this->tax_code = model(Tax_code::class);
$this->config = config(OSPOS::class)->settings;
$encrypter = Services::encrypter();
if (!empty($this->config['mailchimp_list_id'])) {
$this->_list_id = $encrypter->decrypt($this->config['mailchimp_list_id']);
} else {
$this->_list_id = '';
}
$this->_list_id = decrypt_value($this->config['mailchimp_list_id'] ?? null);
}
/**

18
app/Libraries/Email_lib.php
View File

@@ -3,11 +3,7 @@
namespace app\Libraries;
use CodeIgniter\Email\Email;
use CodeIgniter\Encryption\Encryption;
use CodeIgniter\Encryption\EncrypterInterface;
use CodeIgniter\Encryption\Exceptions\EncryptionException;
use Config\OSPOS;
use Config\Services;
/**
@@ -26,19 +22,7 @@ class Email_lib
$this->email = new Email();
$this->config = config(OSPOS::class)->settings;
$smtp_pass = $this->config['smtp_pass'] ?? '';
if (!empty($smtp_pass)) {
if (check_encryption()) {
try {
$encrypter = Services::encrypter();
$smtp_pass = $encrypter->decrypt($smtp_pass);
} catch (EncryptionException $e) {
log_message('error', 'SMTP password decryption failed: ' . $e->getMessage());
$smtp_pass = '';
}
}
}
$smtp_pass = decrypt_value($this->config['smtp_pass'] ?? null);
$email_config = [
'mailType' => 'html',

20
app/Libraries/Mailchimp_lib.php
View File

@@ -2,9 +2,7 @@
namespace app\Libraries;
use CodeIgniter\Encryption\EncrypterInterface;
use Config\OSPOS;
use Config\Services;
/**
* MailChimp API v3 REST client Connector
@@ -14,8 +12,6 @@ use Config\Services;
* Inspired by the work of:
* - Rajitha Bandara: https://github.com/rajitha-bandara/ci-mailchimp-v3-rest-client
* - Stefan Ashwell: https://github.com/stef686/codeigniter-mailchimp-api-v3
*
* @property encrypterinterface encrypter
*/
class MailchimpConnector
{
@@ -40,23 +36,19 @@ class MailchimpConnector
{
$config = config(OSPOS::class)->settings;
$encrypter = Services::encrypter();
$mailchimp_api_key = (isset($this->config['mailchimp_api_key']) && !empty($this->config['mailchimp_api_key']))
? $this->config['mailchimp_api_key']
: '';
$mailchimp_api_key = $config['mailchimp_api_key'] ?? '';
if (!empty($mailchimp_api_key)) {
$this->_api_key = empty($api_key)
? $encrypter->decrypt($mailchimp_api_key) // TODO: Hungarian notation
: $api_key; // TODO: Hungarian notation
? decrypt_value($mailchimp_api_key)
: $api_key;
}
if (!empty($this->_api_key)) { // TODO: Hungarian notation
if (!empty($this->_api_key)) {
// Replace <dc> with correct datacenter obtained from the last part of the api key
$strings = explode('-', $this->_api_key); // TODO: Hungarian notation
$strings = explode('-', $this->_api_key);
if (is_array($strings) && !empty($strings[1])) {
$this->_api_endpoint = str_replace('<dc>', $strings[1], $this->_api_endpoint); // TODO: Hungarian notation
$this->_api_endpoint = str_replace('<dc>', $strings[1], $this->_api_endpoint);
}
}
}

10
app/Libraries/Sms_lib.php
View File

@@ -2,10 +2,7 @@
namespace app\Libraries;
use CodeIgniter\Encryption\Encryption;
use CodeIgniter\Encryption\EncrypterInterface;
use Config\OSPOS;
use Config\Services;
/**
@@ -24,12 +21,7 @@ class Sms_lib
{
$config = config(OSPOS::class)->settings;
$encrypter = Services::encrypter();
$password = $config['msg_pwd'];
if (!empty($password)) {
$password = $encrypter->decrypt($password);
}
$password = decrypt_value($config['msg_pwd'] ?? null);
$username = $config['msg_uid'];
$originator = $config['msg_src'];