From 2e3d3e33f3ad87f26247e553f460033358eb2d53 Mon Sep 17 00:00:00 2001 From: phl0 Date: Mon, 13 May 2024 16:38:30 +0200 Subject: [PATCH 1/3] OpenSSL signatures need a newline after base64 string --- application/controllers/Lotw.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/controllers/Lotw.php b/application/controllers/Lotw.php index a328824a9..cb30b8ba8 100644 --- a/application/controllers/Lotw.php +++ b/application/controllers/Lotw.php @@ -967,7 +967,7 @@ function signlog($sign_key, $string) { openssl_free_key($pkeyid); } $signature_b64 = base64_encode($signature); - return $signature_b64; + return $signature_b64."\n"; } From a2504882be0d32934ee65536f2d8b6f8df2f72f8 Mon Sep 17 00:00:00 2001 From: phl0 Date: Mon, 13 May 2024 16:39:31 +0200 Subject: [PATCH 2/3] Strip full path from upload filename --- application/controllers/Lotw.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/application/controllers/Lotw.php b/application/controllers/Lotw.php index cb30b8ba8..64a465442 100644 --- a/application/controllers/Lotw.php +++ b/application/controllers/Lotw.php @@ -300,20 +300,22 @@ public function lotw_upload() { //If the function curl_file_create exists if(function_exists('curl_file_create')){ //Use the recommended way, creating a CURLFile object. - $filePath = curl_file_create($filePath); + $uploadfile = curl_file_create($filePath); + $uploadfile->setPostFilename(basename($filePath)); } else{ //Otherwise, do it the old way. //Get the canonicalized pathname of our file and prepend //the @ character. - $filePath = '@' . realpath($filePath); + $uploadfile = '@' . realpath($filePath).';filename='.basename($filePath); //Turn off SAFE UPLOAD so that it accepts files //starting with an @ curl_setopt($ch, CURLOPT_SAFE_UPLOAD, false); } + //Setup our POST fields $postFields = array( - $uploadFieldName => $filePath + $uploadFieldName => $uploadfile ); curl_setopt($ch, CURLOPT_POSTFIELDS, $postFields); From d50ff03215381c5b0f70e1eacca50b36aaa09fd5 Mon Sep 17 00:00:00 2001 From: phl0 Date: Mon, 13 May 2024 16:39:59 +0200 Subject: [PATCH 3/3] Remove deprecated way of creating upload files --- application/controllers/Lotw.php | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/application/controllers/Lotw.php b/application/controllers/Lotw.php index 64a465442..cb9b5a59b 100644 --- a/application/controllers/Lotw.php +++ b/application/controllers/Lotw.php @@ -297,21 +297,9 @@ public function lotw_upload() { //Tell cURL to return the output as a string. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); - //If the function curl_file_create exists - if(function_exists('curl_file_create')){ - //Use the recommended way, creating a CURLFile object. - $uploadfile = curl_file_create($filePath); - $uploadfile->setPostFilename(basename($filePath)); - } else{ - //Otherwise, do it the old way. - //Get the canonicalized pathname of our file and prepend - //the @ character. - $uploadfile = '@' . realpath($filePath).';filename='.basename($filePath); - //Turn off SAFE UPLOAD so that it accepts files - //starting with an @ - curl_setopt($ch, CURLOPT_SAFE_UPLOAD, false); - } - + //Use the recommended way, creating a CURLFile object. + $uploadfile = curl_file_create($filePath); + $uploadfile->setPostFilename(basename($filePath)); //Setup our POST fields $postFields = array(