The main idea behind "EFC/XFSS - Enhanced File Crypt/Extended File Stealth System" is to have your uploaded files safe in the server in a way that, even if someone can get them, no one can read them without knowing a few details to decrypt the files.
The class uses a random trick to select the encryption method that is used. This will always generate diferent encrypted files.
The file names are also obfuscated, so a sneaker will not know what the original format was.
This class was mainly developed to be used with GPL'ed Care2002 Medical Information System (www.care2x.org). However, its use was postponed because most of the files uploaded were images and most of them do not have any personal identifiable info on them.
This class, in a broader sense, has yet a long way to go. For now it is simply a sub-class of part of the RC4Crypt class. It allows an easy process of encryption and decryption of uploaded files. It requires libmcrypt support and, when possible, an SSL internet connection to be used.
The class needs mcrypt PHP functions. The next challenge will be to encrypt and decrypt the files at client side, perhaps with Javascript, for those that cannot have an SSL connection, and also the creation of a replacement class for those that do not have the possibility to use libmcrypt.
The only files that you need to look at into are index.php, srcefc.php, mkconfig.php and .htaccess (the last one to use in the secured directory for strict security if you can not put it outside Web document tree).
The documentation is inside these PHP scripts.
You also need to search for the definition of __SECURE_PATH__, and modify the path in the above PHP files.
Class that implements requests to Web resources using the HTTP protocol.
It features:
- May submit HTTP requests with any method, to any page, to any server, connecting to any port.
- Provides support to setup connection and request arguments from a given URL.
- May submit requests via a proxy server with support for authentication if necessary.
- May establish connections via a SOCKS server.
- Supports HTTP direct access or proxy based authentication mechanisms via SASL class library like HTTP Basic, HTTP Digest or NTLM (Windows or Samba).
- Support secure connections (https) via Curl library with SSL support, or at least PHP 4.3.0 with OpenSSL support, or via a non-SSL HTTP proxy server.
- Supports accessing secure pages using SSL certificates and private keys using Curl library
- Supports user defined request headers.
- Supports POST requests with a user defined array of form values.
- Supports POST requests with a user defined request bodies for instance for making requests to SOAP services.
- Supports streaming requests that require uploading large amounts of data of undefined length in small chunks to avoid exceeding PHP memory limits
- Supports requests to sites hosting virtual Web servers.
- Retrieves the HTTP response headers and body data separately.
- Support HTTP 1.1 chunked content encoding
- Supports session and persistent cookies.
- Provides optional handling of redirected pages.
- Supports defining connection and data transfer timeout values.
- Can output connection debug information in plain text or formatted as HTML.
- An add-on class is provided to login to Yahoo sites and perform actions on the behalf of the logged users like exporting the user address book or sending invitation to a group.
This class can be used to access Web servers using the HTTP protocol.
It supports:
- HTTP specification version 1.1
- Submit HTTP requests of method GET, POST or custom
- Access sites via SSL using PHP OpenSSL extension or CURL
- HTTP basic authentication
- Handle redirection automatically
- Cache retrieved pages for a given period
- Invoke callback functions during the connection progress
This package can be used to send and receive e-mail with SMTP and POP3 protocols.
There are several classes for composing and sending messages via an SMTP server. These classes can send text or HTML messages with eventual embedded images and attached files.
The messages can be sent to one or more recipients with To, Cc and Bcc headers.
There is also a POP3 client class that can connect a POP3 server, list the messages in a mailbox, retrieve and delete messages.
The SMTP and POP3 classes support authentication and TLS/SSL connections.
It establish an SSL connection to the Gmail Web servers, authenticates as a given user, and retrieves XML Atom feeds with lists of messages stored in the specified mailbox.
It can retrieve new mail messages on a single or multiple Gmail mailboxes. It can check all messages in inbox folder or just those flagged with a given label.
The retrieved message details are returned as arrays and may be sorted by any supported message property value.
Stumble It!
Bookmark in del.icio.us
1. 
