{"id":799,"date":"2011-03-23T09:20:36","date_gmt":"2011-03-23T13:20:36","guid":{"rendered":"http:\/\/jasonbassford.com\/?page_id=799"},"modified":"2011-03-23T10:11:56","modified_gmt":"2011-03-23T14:11:56","slug":"pm-encryption","status":"publish","type":"page","link":"https:\/\/www.jasonbassford.com\/index.php\/about\/pm-encryption\/","title":{"rendered":"PM Encryption"},"content":{"rendered":"
\r\n##############################################################\r\n## MOD Title: Private Message Encryption and Decryption\r\n## MOD Author: Jason Bassford < jasonb@dante.com > http:\/\/jasonbassford.com\/\r\n## MOD Description:\r\n##\r\n## This will allow you to encrypt private messages to other\r\n## board users.  The user will then be able to decrypt the\r\n## message if they know the password that you used.  This\r\n## prevents any sensitive message from being read by somebody\r\n## looking at the raw database records.\r\n##\r\n## Decryption happens onscreen - not within the database.  So, \r\n## even if you \"decrypt\" a message (and read it) it is still\r\n## stored on the server in its encrypted form.\r\n##       \r\n## If you've decrypted a message, and quote it back to the sender,\r\n## it will be the decrypted text that is quoted back.  The quote\r\n## must, itself, be manually encrypted or else it will be sent back\r\n## to the original sender in plain text.\r\n##\r\n## Once a message is encrypted and submitted, and in the sender's\r\n## Outbox, it may be viewed and deleted, but it cannot be edited.\r\n##    \r\n## This mod encrypts Private Messages using a 256-bit Rijndael\r\n## block cipher.\r\n##\r\n## NOTE: In order to use this mod, you must have PHP compiled\r\n## with libmcrypt2.4.x or higher!\r\n##       \r\n## MOD Version: 1.0.0\r\n##\r\n## Installation Level: Intermediate \r\n## Installation Time: 10 Minutes\r\n## Files To Edit: 3\r\n## privmsg.php\r\n## templates\/subSilber\/posting_body.tpl\r\n## templates\/subSilver\/privmsgs_read_body.tpl\r\n## Included Files: N\/A\r\n##############################################################\r\n## Author Notes:\r\n##\r\n##############################################################\r\n## This MOD is released under the GPL License.\r\n## Intellectual Property is retained by the MOD Author(s) listed above\r\n##############################################################\r\n## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD\r\n##############################################################\r\n\r\n## NOTE: In order to use this mod, you must have PHP compiled\r\n## with libmcrypt2.4.x or higher! \r\n\r\n#\r\n#-----[ OPEN ]------------------------------------------\r\n#\r\nprivmsg.php\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n$preview = ( isset($HTTP_POST_VARS['preview']) ) ? TRUE : 0;\r\n\r\n#\r\n#-----[ AFTER, ADD ]------------------------------------\r\n#\r\n$encrypt = ( isset($HTTP_POST_VARS['encrypt']) ) ? TRUE : 0;\r\n$encryption_key = ( !empty($HTTP_POST_VARS['encryption_key']) ) ? $HTTP_POST_VARS['encryption_key'] : 0;\r\n$decrypt = ( isset($HTTP_POST_VARS['decrypt']) ) ? TRUE : 0;\r\n$decrypt_quote = ( isset($HTTP_POST_VARS['decrypt_quote_x']) || isset($HTTP_POST_VARS['decrypt_quote_y']) ) ? TRUE : 0;\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n$start = ( !empty($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;\r\n\r\n#\r\n#-----[ BEFORE, ADD ]------------------------------------\r\n#\r\nif ($decrypt_quote)\r\n  {\r\n    $mode = \"quote\";\r\n  }\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\nelse\r\n{\r\n\t$privmsg_id = '';\r\n}\r\n\r\n# \r\n#-----[ BEFORE, ADD ]------------------------------------------ \r\n# \r\nelse if ( $decrypt_quote )\r\n{\r\n\t$privmsg_id = $HTTP_POST_VARS['privmsgs_id'];\r\n}\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n}\r\nelse if ( $mode == 'read' )\r\n{\r\n\tif ( !empty($HTTP_GET_VARS[POST_POST_URL]) )\r\n\t{\r\n\t\t$privmsgs_id = intval($HTTP_GET_VARS[POST_POST_URL]);\r\n\t}\r\n\telse\r\n\t{\r\n\t\tmessage_die(GENERAL_ERROR, $lang['No_post_id']);\r\n\t}\r\n\r\n# \r\n#-----[ REPLACE WITH ]------------------------------------------ \r\n# \r\n}\r\nelse if ( $mode == 'read' || $decrypt )\r\n{\r\n\tif ( !empty($HTTP_GET_VARS[POST_POST_URL]) )\r\n\t{\r\n\t\t$privmsgs_id = intval($HTTP_GET_VARS[POST_POST_URL]);\r\n\t}\r\n        else if ( $decrypt )\r\n        {\r\n          $privmsgs_id = $HTTP_POST_VARS['privmsgs_id'];\r\n          $mode = \"read\";\r\n        }\r\n\telse\r\n\t{\r\n\t\tmessage_die(GENERAL_ERROR, $lang['No_post_id']);\r\n\t}\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\t$post_icons = array(\r\n\t\t'post_img' => '<a href=\"' . $post_urls['post'] . '\"><img src=\"' . $images['pm_postmsg'] . '\" alt=\"' . $lang['Post_new_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t'post' => '<a href=\"' . $post_urls['post'] . '\">' . $lang['Post_new_pm'] . '<\/a>',\r\n\t\t'reply_img' => '<a href=\"' . $post_urls['reply'] . '\"><img src=\"' . $images['pm_replymsg'] . '\" alt=\"' . $lang['Post_reply_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t'reply' => '<a href=\"' . $post_urls['reply'] . '\">' . $lang['Post_reply_pm'] . '<\/a>',\r\n\t\t'quote_img' => '<a href=\"' . $post_urls['quote'] . '\"><img src=\"' . $images['pm_quotemsg'] . '\" alt=\"' . $lang['Post_quote_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t'quote' => '<a href=\"' . $post_urls['quote'] . '\">' . $lang['Post_quote_pm'] . '<\/a>',\r\n\t\t'edit_img' => '<a href=\"' . $post_urls['edit'] . '\"><img src=\"' . $images['pm_editmsg'] . '\" alt=\"' . $lang['Edit_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t'edit' => '<a href=\"' . $post_urls['edit'] . '\">' . $lang['Edit_pm'] . '<\/a>'\r\n\t);\r\n\r\n# \r\n#-----[ REPLACE WITH ]------------------------------------------ \r\n# \r\n\tif ($decrypt)\r\n\t\t{\r\n\t\t\t$post_icons = array(\r\n\t\t\t\t'post_img' => '<a href=\"' . $post_urls['post'] . '\"><img src=\"' . $images['pm_postmsg'] . '\" alt=\"' . $lang['Post_new_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t\t\t'post' => '<a href=\"' . $post_urls['post'] . '\">' . $lang['Post_new_pm'] . '<\/a>',\r\n\t\t\t\t'reply_img' => '<a href=\"' . $post_urls['reply'] . '\"><img src=\"' . $images['pm_replymsg'] . '\" alt=\"' . $lang['Post_reply_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t\t\t'reply' => '<a href=\"' . $post_urls['reply'] . '\">' . $lang['Post_reply_pm'] . '<\/a>',\r\n\t\t\t\t'quote_img' => '<input style=\"border: 0px\" type=\"image\" src=\"' . $images['pm_quotemsg'] . '\" name=\"decrypt_quote\" class=\"liteoption\" value=\"Quote\" \/>',\r\n\t\t\t\t'quote' => '<input style=\"border: 0px\" type=\"image\" src=\"' . $images['pm_quotemsg'] . '\" name=\"decrypt_quote\" class=\"liteoption\" value=\"Quote\" \/>',\r\n\t\t\t\t'edit_img' => '',\r\n\t\t\t\t'edit' => ''\r\n\t\t\t);\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\t$post_icons = array(\r\n\t\t\t\t'post_img' => '<a href=\"' . $post_urls['post'] . '\"><img src=\"' . $images['pm_postmsg'] . '\" alt=\"' . $lang['Post_new_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t\t\t'post' => '<a href=\"' . $post_urls['post'] . '\">' . $lang['Post_new_pm'] . '<\/a>',\r\n\t\t\t\t'reply_img' => '<a href=\"' . $post_urls['reply'] . '\"><img src=\"' . $images['pm_replymsg'] . '\" alt=\"' . $lang['Post_reply_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t\t\t'reply' => '<a href=\"' . $post_urls['reply'] . '\">' . $lang['Post_reply_pm'] . '<\/a>',\r\n\t\t\t\t'quote_img' => '<a href=\"' . $post_urls['quote'] . '\"><img src=\"' . $images['pm_quotemsg'] . '\" alt=\"' . $lang['Post _quote_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t\t\t'quote' => '<a href=\"' . $post_urls['quote'] . '\">' . $lang['Post_quote_pm'] . '<\/a>',\r\n\t\t\t\t'edit_img' => '<a href=\"' . $post_urls['edit'] . '\"><img src=\"' . $images['pm_editmsg'] . '\" alt=\"' . $lang['Edit_pm'] . '\" border=\"0\" \/><\/a>',\r\n\t\t\t\t'edit' => '<a href=\"' . $post_urls['edit'] . '\">' . $lang['Edit_pm'] . '<\/a>'\r\n\t\t\t);\r\n\t\t}\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\t\/\/\r\n\t\/\/ Processing of post\r\n\t\/\/\r\n\t$post_subject = $privmsg['privmsgs_subject'];\r\n\r\n\t$private_message = $privmsg['privmsgs_text'];\r\n\r\n#\r\n#-----[ AFTER, ADD ]------------------------------------\r\n#\r\n\r\n\tif ( $decrypt )\r\n\t\t{\r\n\t\t\t$cipher_alg = MCRYPT_RIJNDAEL_256;\r\n\t\t\t$decrypted_message = str_replace(\"Encrypted message follows:\\n\\n\", \"\", $private_message);\r\n\t\t\t$decrypted_message = str_replace(\"<br>\", \"\", $decrypted_message);\r\n\t\t\t$decrypted_message = trim(mcrypt_decrypt($cipher_alg, $encryption_key, pack(\"H*\", $decrypted_message), MCRYPT_MODE_CFB, \"1\"));\r\n\t\t\t$private_message = str_replace(\"\\r\\n\", \"<br>\", $decrypted_message);\r\n\t\t\t$decrypted_message = str_replace(\"\\\"\", \""\", $decrypted_message);\r\n\t\t}\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\t\t'YIM' => $yim)\r\n\t);\r\n\r\n# \r\n#-----[ REPLACE WITH ]------------------------------------------ \r\n# \r\n\t\t'YIM' => $yim,\r\n\t\t'PRIVMSGS_ID' => $privmsgs_id,\r\n\t\t'DECRYPT_QUOTE' => $decrypt,\r\n\t\t'DECRYPTED_MESSAGE' => $decrypted_message)\r\n\t);\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\nelse if ( $submit || $refresh || $mode != '' )\r\n\r\n# \r\n#-----[ REPLACE WITH]------------------------------------------ \r\n# \r\nelse if ( $submit || $encrypt || $refresh || $mode != '' )\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\tif ( $submit && $mode != 'edit' )\r\n\r\n# \r\n#-----[ REPLACE WITH ]------------------------------------------ \r\n# \r\n\tif ( ($submit || $encrypt) && $mode != 'edit' )\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\tif ( $submit )\r\n\r\n# \r\n#-----[ REPLACE WITH ]------------------------------------------ \r\n# \r\n\tif ( $submit || $encrypt )\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\tif ( $submit && !$error )\r\n\r\n# \r\n#-----[ REPLACE WITH ]------------------------------------------ \r\n# \r\n\tif ( ($submit || $encrypt) && !$error )\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\t\tif ( $mode != 'edit' )\r\n\t\t{\r\n\t\t\t$privmsg_sent_id = $db->sql_nextid();\r\n\r\n\t\t\t$sql = \"INSERT INTO \" . PRIVMSGS_TEXT_TABLE . \" (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)\r\n\t\t\t\tVALUES ($privmsg_sent_id, '\" . $bbcode_uid . \"', '\" . str_replace(\"\\'\", \"''\", $privmsg_message) . \"')\";\r\n\t\t}\r\n\r\n# \r\n#-----[ REPLACE WITH ]------------------------------------------ \r\n# \r\n\t\tif ( $mode != 'edit' )\r\n\t\t{\r\n\t\t\t$privmsg_sent_id = $db->sql_nextid();\r\n\t\t\tif ($encrypt)\r\n\t\t\t\t{\r\n\t\t\t\t\t$cipher_alg = MCRYPT_RIJNDAEL_256;\r\n\t\t\t\t\t$encrypted_message = str_replace(\"\\\\\\\"\", \"\\\"\", $privmsg_message);\r\n\t\t\t\t\t$encrypted_message = str_replace(\"\\\\'\", \"'\", $encrypted_message);\r\n\t\t\t\t\t$encrypted_message = str_replace(\"\\\\\\\\\", \"\\\\\", $encrypted_message);\r\n\t\t\t\t\t$encrypted_message = bin2hex(mcrypt_encrypt($cipher_alg, $encryption_key, $encrypted_message, MCRYPT_MODE_CFB, \"1\"));\r\n\t\t\t\t\t$encrypted_message = wordwrap($encrypted_message, 80, \"<br>\", 1);\r\n\t\t\t\t\t$encrypted_message = \"Encrypted message follows:\\n\\n\" . $encrypted_message;\r\n\t\t\t\t\t$sql = \"INSERT INTO \" . PRIVMSGS_TEXT_TABLE . \" (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)\r\n\t\t\t\t\t\tVALUES ($privmsg_sent_id, '\" . $bbcode_uid . \"', '\" . $encrypted_message . \"')\";\r\n\t\t\t\t}\r\n\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\t$sql = \"INSERT INTO \" . PRIVMSGS_TEXT_TABLE . \" (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)\r\n\t\t\t\t\t\tVALUES ($privmsg_sent_id, '\" . $bbcode_uid . \"', '\" . str_replace(\"\\'\", \"''\", $privmsg_message) . \"')\";\r\n\t\t\t\t}\r\n\t\t}\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\t\t\tif ( $mode == 'quote' )\r\n\t\t\t{\r\n\t\t\t\t$privmsg_message = $privmsg['privmsgs_text'];\r\n\r\n# \r\n#-----[ REPLACE WITH ]------------------------------------------ \r\n# \r\n\t\t\tif ( $mode == 'quote' )\r\n\t\t\t{\r\n\t\t\t\tif ($decrypt_quote)\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t$privmsg_message = $HTTP_POST_VARS['decrypted_message'];\r\n\t\t\t\t\t\t$privmsg_message = str_replace(\"\\\\\\\"\", \"\\\"\", $privmsg_message);\r\n\t\t\t\t\t\t$privmsg_message = str_replace(\"\\\\'\", \"'\", $privmsg_message);\r\n\t\t\t\t\t\t$privmsg_message = str_replace(\"\\\\\\\\\", \"\\\\\", $privmsg_message);\r\n\t\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t$privmsg_message = $privmsg['privmsgs_text'];\r\n\t\t\t\t\t}\r\n\r\n#\r\n#-----[ OPEN ]------------------------------------------\r\n#\r\ntemplates\/subSilver\/posting_body.tpl\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\t{POLLBOX} \r\n\t<tr> \r\n\t  <td class=\"catBottom\" colspan=\"2\" align=\"center\" height=\"28\"> {S_HIDDEN_FORM_FIELDS}<input type=\"submit\" tabindex=\"5\" name=\"preview\" class=\"mainoption\" value=\"{L_PREVIEW}\" \/> <input type=\"submit\" accesskey=\"s\" tabindex=\"6\" name=\"post\" class=\"mainoption\" value=\"{L_SUBMIT}\" \/>\r\n\r\n#\r\n#-----[ AFTER, ADD ]------------------------------------\r\n#\r\n\t  <!-- BEGIN switch_privmsg -->\r\n\t  <span style=\"margin-left: 50px; font-size: 80%\">Password: <\/span>\r\n\t  <input type=\"password\" tabindex=\"7\" class=\"post\" name=\"encryption_key\" \/>\r\n\t  <input type=\"submit\" tabindex=\"8\" name=\"encrypt\" class=\"mainoption\" value=\"Encrypt & Submit\" \/>\r\n\t  <!-- END switch_privmsg -->\r\n\t  <\/td>\r\n\r\n#\r\n#-----[ OPEN ]------------------------------------------\r\n#\r\ntemplates\/subSilver\/privmsgs_read_body.tpl\r\n\r\n#\r\n#-----[ FIND ]------------------------------------------\r\n#\r\n\t\t<input type=\"submit\" name=\"delete\" value=\"{L_DELETE_MSG}\" class=\"liteoption\" \/>\r\n\r\n#\r\n#-----[ AFTER, ADD ]------------------------------------\r\n#\r\n\t\t<span style=\"margin-left: 50px; font-size: 80%\">Password: <\/span>\r\n\t\t<input type=\"password\" class=\"post\" name=\"encryption_key\" \/>\r\n\t\t<input type=\"submit\" name=\"decrypt\" class=\"liteoption\" value=\"Decrypt Message\" \/>\r\n\t\t<input type=\"hidden\" name=\"privmsgs_id\" value=\"{PRIVMSGS_ID}\" \/>\r\n\t\t<input type=\"hidden\" name=\"decrypted_message\" value=\"{DECRYPTED_MESSAGE}\" \/>\r\n\r\n#\r\n#-----[ SAVE\/CLOSE ALL FILES ]------------------------------------------\r\n#\r\n# EoM\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
############################################################## ## MOD Title: Private Message Encryption and Decryption ## MOD Author: Jason Bassford < jasonb@dante.com > http:\/\/jasonbassford.com\/ ## MOD Description: ## ## This will allow you to encrypt private messages to other ## board users. The user will then be able to decrypt the ## message if they know the password that you used. …<\/p>\n
Continue reading ‘PM Encryption’ »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":679,"menu_order":0,"comment_status":"open","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-799","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.jasonbassford.com\/index.php\/wp-json\/wp\/v2\/pages\/799"}],"collection":[{"href":"https:\/\/www.jasonbassford.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.jasonbassford.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.jasonbassford.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jasonbassford.com\/index.php\/wp-json\/wp\/v2\/comments?post=799"}],"version-history":[{"count":0,"href":"https:\/\/www.jasonbassford.com\/index.php\/wp-json\/wp\/v2\/pages\/799\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.jasonbassford.com\/index.php\/wp-json\/wp\/v2\/pages\/679"}],"wp:attachment":[{"href":"https:\/\/www.jasonbassford.com\/index.php\/wp-json\/wp\/v2\/media?parent=799"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}