Skip to content

Commit d1571ff

Browse files
kitsookkitsook
committed
Fix encrypted sys param
NOTE: this is a breaking change. encrypted sys params need to be saved again - base64 encode encrypted value before storing into. otherwise may cause encoding issue - remove updated sys param value from cache. let the next get() to retrieve from db and do decryption/conversion. this should fix the issue that encrypted sys param didn't work until restart/logout
1 parent 9618559 commit d1571ff

File tree

1 file changed

+4
-10
lines changed

1 file changed

+4
-10
lines changed

app/models/sys_parameter.php

Lines changed: 4 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ function get($paramCode, $default = null)
6767
if ($param) {
6868
// decrypt the parameter if it's encrypted
6969
if ($param['SysParameter']['parameter_type'] === 'E'){
70-
$param['SysParameter']['parameter_value'] = Security::cipher($param['SysParameter']['parameter_value'], Configure::read('Security.cipherSeed'));
70+
$param['SysParameter']['parameter_value'] = Security::cipher(base64_decode($param['SysParameter']['parameter_value']), Configure::read('Security.cipherSeed'));
7171
} elseif ($param['SysParameter']['parameter_type'] === 'B') {
7272
$param['SysParameter']['parameter_value'] =
7373
!($param['SysParameter']['parameter_value'] === 'false' ||
@@ -117,7 +117,7 @@ function beforeSave($options = array())
117117
$this->data[$this->name]['modified'] = date('Y-m-d H:i:s');
118118

119119
if ($this->data[$this->name]['parameter_type'] == 'E'){
120-
$this->data[$this->name]['parameter_value'] = Security::cipher($this->data[$this->name]['parameter_value'], Configure::read('Security.cipherSeed'));
120+
$this->data[$this->name]['parameter_value'] = base64_encode(Security::cipher($this->data[$this->name]['parameter_value'], Configure::read('Security.cipherSeed')));
121121
}
122122

123123
return true;
@@ -133,14 +133,8 @@ function beforeSave($options = array())
133133
*/
134134
function afterSave($created)
135135
{
136-
if (empty($this->data['SysParameter']['parameter_value'])) {
137-
// cake cache doesn't allow storing empty value. so we have to remove
138-
// the old value instead of overwrite
139-
Cache::delete($this->data['SysParameter']['parameter_code'], 'configuration');
140-
} else {
141-
Cache::write($this->data['SysParameter']['parameter_code'], $this->data['SysParameter']['parameter_value'], 'configuration');
142-
}
143-
136+
// clear the cache. let the next read retrieve/decrypt/convert it again
137+
Cache::delete($this->data['SysParameter']['parameter_code'], 'configuration');
144138
return true;
145139
}
146140

0 commit comments

Comments
 (0)