<?php
// ****************************************************************************
// testbed for encrypt/decrypt routines
// ****************************************************************************
// Author: A J Marston
// Date: June 2003
// Amendments:
// April 2023 - amend htmlentities() to cast NULL input into a string.
// ****************************************************************************

if (function_exists('debugbreak')) {
//    debugBreak();
// if

if ($_SERVER['REQUEST_METHOD'] == 'GET') {
    
$url parse_url($_SERVER['REQUEST_URI']);
    if (
$url['path'] != $_SERVER['PHP_SELF']) {
        
// somebody is screwing with the URL! Posasible XSS attack!
        
header('Location: ' .$_SERVER['SCRIPT_NAME']);
        exit;
    } 
// if
// if

require 'std.encryption.class.inc';
$crypt = new encryption_class;

ini_set('session.bug_compat_warn'0);

session_start();

$errors = array();

if (
$_SERVER['REQUEST_METHOD'] == 'POST') {
   
$key      = &$_POST['key'];
   
$password = &$_POST['password'];
   
$pswdlen  = &$_POST['pswdlen'];
   
$crypt->setPswdLen($pswdlen);
   
$adj      = &$_POST['adj'];
   
$crypt->setAdjustment($adj);
   
$mod      = &$_POST['mod'];
   
$crypt->setModulus($mod);
   if (
$crypt->errors) {
       
$errors $crypt->errors;
   } 
// if
} else {
   unset(
$_SESSION['encrypt_result']);
   unset(
$_SESSION['decrypt_result']);
   
$key      NULL;
   
$password NULL;
   
$pswdlen  24;
// if

if (empty($errors)) {
    
$adj $crypt->getAdjustment();
    
$mod $crypt->getModulus();
// if
$encrypt_result = &$_SESSION['encrypt_result'];
$decrypt_result = &$_SESSION['decrypt_result'];

?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
    <title>Test Encryption/Decryption routines</title>
    <meta http-equiv="Content-type" content="text/html; charset=UTF-8">
</head>
<body>
<div align="center">
<h1>Test Encryption/Decryption routines</h1>
<?php

if (empty($errors)) {
    if (isset(
$_POST['encrypt'])) {
        
$encrypt_result $crypt->encrypt($key$password$pswdlen);
        
$errors $crypt->errors;
        
$_SESSION['encrypt_result'] = $encrypt_result;
    } 
// if
    
if (isset($_POST['decrypt'])) {
        if (empty(
$encrypt_result) AND !empty($password)) {
            
// decrypt an already encrypted password
            
$decrypt_result $crypt->decrypt($key$password);
            
$encrypt_result $password;
            
$password       $decrypt_result;
        } else {
            
$decrypt_result $crypt->decrypt($key$encrypt_result);
        } 
// if
        
$errors $crypt->errors;
        
$_SESSION['decrypt_result'] = $decrypt_result;
    } 
// if
// if

?>

<form action="<?php echo $_SERVER['PHP_SELF'?>" method="POST">
<table>
<tr><td>Enter Key:</td><td><input type="text" name="key" size="40" value="<?php echo $key ?>"></td></tr>
<tr><td>Enter Password:</td><td><input type="text" name="password" size="40" value="<?php echo $password ?>"></td></tr>
<tr><td>Enter Password Length:</td><td><input type="text" name="pswdlen" size="4" value="<?php echo $pswdlen ?>"> (positive integer)</td></tr>
<tr><td>Enter Adjustment:</td><td><input type="text" name="adj" size="4" value="<?php echo $adj ?>"> (numeric)</td></tr>
<tr><td>Enter Modulus:</td><td><input type="text" name="mod" size="4" value="<?php echo $mod ?>"> (positive integer)</td></tr>
<tr><td><input type="submit" name="encrypt" value="encrypt"></td>
    <td><?php echo htmlentities((string)$encrypt_result?></td></tr>
<tr><td><input type="submit" name="decrypt" value="decrypt"></td>
    <td><?php echo htmlentities((string)$decrypt_result?></td></tr>
</table>
<p style="color:red;">
<?php
foreach ($errors as $error) {
   echo 
$error .'<br/>';
// foreach
?>
</p>
</form>
</div>
</body>
</html>