0

I have a class name aes.php (found when googling). This class use Rijndael-128. here the aes.php

<?php /* Version: 1.0 */ class aes_encryption{ const CIPHER = MCRYPT_RIJNDAEL_128; // Rijndael-128 is AES const MODE = MCRYPT_MODE_ECB; public $key = 'abcdefghij123456'; // needs to be 32 bytes for aes public $iv = '1234efgh'; // needs to be 16 bytes for aes public function encrypt($plaintext){ $ciphertext = mcrypt_encrypt(self::CIPHER, $this->key, $plaintext, self::MODE, $this->iv); return base64_encode($ciphertext); } public function decrypt($ciphertext){ $ciphertext = base64_decode($ciphertext); $plaintext = mcrypt_decrypt(self::CIPHER, $this->key, $ciphertext, self::MODE, $this->iv); return rtrim($plaintext, "\0"); } public function encrypt_file($input_file, $output_file){ $input_file_handle = @fopen($input_file, "r"); $output_file_handle = @fopen($output_file, 'wb'); if(!$input_file_handle){ throw new Exception("Could not open input file"); } if(!$output_file_handle){ throw new Exception("Could not open output file"); } while(!feof($input_file_handle)){ $buffer = base64_encode(fread($input_file_handle, 4096)); $encrypted_string = $this->encrypt($buffer); //echo strlen($encrypted_string).'<br>'; fwrite($output_file_handle, $encrypted_string); } fclose($input_file_handle); fclose($output_file_handle); return true; } public function decrypt_file($input_file, $output_file){ $input_file_handle = @fopen($input_file, "r"); $output_file_handle = @fopen($output_file, 'wb'); if(!$input_file_handle){ throw new Exception("Could not open input file"); } if(!$output_file_handle){ throw new Exception("Could not open output file"); } while(!feof($input_file_handle)){ //4096 bytes plaintext become 7296 bytes of encrypted base64 text $buffer = fread($input_file_handle, 7296); $decrypted_string = base64_decode($this->decrypt($buffer)); //echo strlen($buffer).'<br>'; fwrite($output_file_handle, $decrypted_string); } fclose($input_file_handle); fclose($output_file_handle); return true; } }//class aes_encryption ?>

and a class name upload.php, this class is to upload a file and auto encrypt file when upload. 

<?php include_once 'dbconfig.php'; include 'aes.php'; session_start(); if($_SESSION['user'] and ($_SESSION['nik'])){ } else{ header("location:index.php"); } if(isset($_POST['btn-upload'])) $file =rand(1000,100000)."-".$_FILES['file']['name']; $file_loc =$_FILES['file']['tmp_name']; $file_size =$_FILES['file']['size']; $dekripsi =$_POST['dekripsi']; $file_type =$_FILES['file']['type']; $file_nik = $_SESSION ['nik']; $file_namalengkap = $_SESSION ['user']; $folder="uploads/"; $new_size = $file_size/1024; $new_file_name = strtolower($file); $final_file=str_replace(' ','-',$new_file_name); if (move_uploaded_file($file_loc,$folder.$final_file)){ $sql="INSERT INTO tbl_uploads(file,namalengkap,nik,dekripsi,type,size) VALUES('$final_file','".$_SESSION ['user']."','".$_SESSION ['nik']."','$dekripsi','$file_type','$new_size')"; mysql_query($sql); echo mysql_error(); $crypt = new aes_encryption(); $final_file = $file_loc; $crypt->encrypt_file($final_file, $final_file.'.enc'); ?> <script> alert('successfully uploaded'); window.location.href='home.php?success'; </script> <?php } else { ?> <script> alert('gagal upload'); window.location.href='home.php?fail'; </script> <?php } ?>

and I am trying to run, but it show me error,

Fatal error: Uncaught exception 'Exception' with message 'Could not open input file' in C:\xampp\htdocs\aes\aes.php:29 Stack trace: #0 C:\xampp\htdocs\aes\uploadaes.php(40): aes_encryption->encrypt_file('C:\xampp\tmp\ph...', 'C:\xampp\tmp\ph...') #1 {main} thrown in C:\xampp\htdocs\aes\aes.php on line 29

I think the problem is $final_file = $file_loc ; cant get the value, and I dont know why it cant get the value of $file_loc but if you have opinion where is the problem, could you tell me?

Improve this question

1 Answer 1

Reset to default
0

You have already moved the file from $file_loc to $folder.$final_file, so this seems to be the root of your issue. You should be keeping $final_file as it is, and use:

$crypt->encryt_file($folder.$final_file, $folder.$final_file.'.enc');

You also need to do some kind of checking on the input to your MySQL query statement. Also note that mysql_query is deprecated, and I recommend that you opt to use a more up-to-date library such as pdo or mysqli.

Improve this answer
Sign up to request clarification or add additional context in comments.

10 Comments

i've try that, but the error cange to Fatal error: Uncaught exception 'Exception' with message 'Could not open input file' in C:\xampp\htdocs\aes\aes.php:29 Stack trace: #0 C:\xampp\htdocs\aes\uploadaes.php(41): aes_encryption->encrypt_file('uploads/uploads...', 'uploads/uploads...') #1 {main} thrown in C:\xampp\htdocs\aes\aes.php on line 29 yes thanks, i will use that library later,
thats my mistake, i miss your description about You should be keeping $final_file as it is thanks its working now.
one more thing, if i want to auto delete the original file after encrypted, so there is just encrypted file on the server. what i suppose to add on my code?
For that, see this post: stackoverflow.com/questions/2371408/…
yes that post problem is same as mine, i use unlink to, but always gives me an error that the file does not exist and i dont have permision to the folder . in that post i see the answer who use realpath , is_writeable , and unlink, could give me sample code about that?
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.