[ original script OpenNewsLetter ]
Hi
I am trying to store an email variable in an encrypted format using crypt and then be able to view it decrypted in the administration. I presume that the decryption method used to view the email it can be applied across other functions.
Here is the page which applies the encryption (it gets variables from a URL):
---- save encrypted email ---
<?php
$encemail = $_GET["email"];
$var = "$encemail";
$enc = crypt($var);
$new_email_address = $_GET['email'];
$new_email_id = $_GET['id'];
$found = FALSE;
$file = file_get_contents('tmp.txt');
$lines = explode("\n", $file);
foreach($lines as $line)
{
$info = explode('|', $line);
if($info[0] == $new_email_address)
{
if($info[1] == $new_email_id)
{
$found = TRUE;
$user_info = $info;
}
else
{
$awaiting = implode('|', $info)."\n";
}
}
else
{
$awaiting = implode('|', $info)."\n";
}
}
if($found)
{
$contents = file_get_contents('subscribers.txt');
$subscribers = explode(",", $contents);
if(in_array($new_email_address, $subscribers))
{
$result = TRUE;
}
else
{
$result = FALSE;
}
if($result)
{
$msg = "<h3>Sorry, we cannot add you as... you already exist on this list...</h3>";
}
else
{
$fp = fopen("subscribers.txt", "a+");
fwrite($fp, $enc . ",");
fclose($fp);
$fp2 = fopen('tmp.txt', "w");
fwrite($fp2, $awaiting);
fclose($fp2);
$msg = "<h3>You have been added to the newsletter. Thanks!</h3>";
}
}
else
{
die('I am sorry, but you cannot be added to the newsletter.');
}
$page = 'about';
include ("inc/files/header.php");
?>
<!-- content -->
<div id="content"><?php echo $msg; ?></div>
<!-- // content -->
<?php
include ("inc/files/footer.php");
?>
--- view encrypted email ---
<?
session_start();
require_once("xxx.php");
if($_SESSION["valid"] == true)
{
if($_GET["action"] == "add")
{
$fp = fopen("subscribers.txt", "r");
$file_text = fread($fp, 999999);
fclose($fp);
$subscribers = explode(",",$file_text);
foreach($subscribers as $subscriber)
{
if($subscriber == $_GET["email"])
{
$result = 1;
break;
}
else
{
$result = 0;
}
}
if($result == 1)
{
$msg = "<div class=error>Cannot add subscriber, subscriber already exists...</div>";
}
else
{
$fp = fopen("subscribers.txt", "a+");
fwrite($fp, $_GET["email"] . ",");
fclose($fp);
$msg = "<div class=message>Subscriber added successfully...</div>";
}
}
if($_GET["action"] == "delete")
{
$fp = fopen("subscribers.txt", "r");
$file_text = fread($fp, 999999);
fclose($fp);
$fp = fopen("subscribers.txt", "w");
$file_text_new = str_replace("$_GET[email],", "", $file_text);
fwrite($fp, $file_text_new);
fclose($fp);
$msg = "<div class=message>Subscriber deleted successfully...</div>";
}
if(isset($msg)) $main .= "$msg<br>";
$main .= "<div class=heading2>Add a subscriber</div><br>
<form name=add action='subscribers.php' method='get'>
Email<br>
<input class=textField type=text name=email><br><br>
<input type=hidden name=action value=add>
<input class=button type=submit value=Add>
</form>
<script language=javascript>
var validator = new Validator('add');
validator.addValidation('email','req','Please enter a valid email');
validator.addValidation('email','email','Please enter a valid email');
</script>
<br>
<div class=heading2>Delete a subscriber</div><br>
<form action='subscribers.php' method='get'>
Email<br>
<select class=textField name=email>";
$fp = fopen("subscribers.txt", "r");
while (!feof($fp))
{
$char = fread($fp, 1);
if($char == ",")
{
$encemail = $buffer;
$var = "$encemail";
$enc = crypt($var);
$main .= "<option>$enc</option>";
$buffer = "";
}
else
{
$buffer .= "$char";
}
}
fclose($fp);
$main .= "</select><br><br>
<input type=hidden name=action value=delete>
<input class=button type=submit value=Delete>
</form>";
}
else
{
header("Location: index.php");
}
$page = "subscribers";
require_once("includes/template.php");
?>
If I can get the decryption thing right then I could implement it into the deletion process... I think.
