Doc Posted February 22, 2019 Share Posted February 22, 2019 Mycrypt library missing from server required to encrypt credit card details I upgraded from 6.0.11 to CubeCart Version 6.2.2 PHP Version (5.6 Recommended) 7.3.2 MySQL Version 5.5.41-MariaDB and now cannot accept credit card information Need advice or help Thank you Doc Link to comment Share on other sites More sharing options...
bsmither Posted February 22, 2019 Share Posted February 22, 2019 Welcome Doc! Glad to see you made it to the forums. Ignore everything below. Completely confused with something else. -------------------- If you have your store hosted somewhere, then your host should have given you a control panel for that account (Cpanel?). There, you should find a way to select which version of PHP you want to use and to choose which PHP extensions you need. You will find MBString as an extension to be enabled. If you cannot find where to do this, please contact your hosting provider to enable this for you. If you have direct and total control of your server installation, you will need to edit the PHP.INI file to enable the MBString extension. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted February 22, 2019 Share Posted February 22, 2019 CubeCart 6.2.2 uses openssl instead of mcrypt making it compatible with the newest PHP versions. If you still get mcrypt errors then your store code is not up to date. See: https://github.com/cubecart/v6/issues/2113 Link to comment Share on other sites More sharing options...
havenswift-hosting Posted February 22, 2019 Share Posted February 22, 2019 mcrypt was deprecated in PHP 7.1 and removed in PHP 7.2 so as you are using PHP 7.3 (which has only recently been released) then mcrypt wont be available. You will need to upgrade whichever payment module (SagePay ?) you are using Link to comment Share on other sites More sharing options...
citabriabob Posted February 26, 2019 Share Posted February 26, 2019 I have a fresh 6.2.2 that I am testing, which is creating errors: [Deprecated] /home/CC/classes/encryption.class.php:213 - Function mcrypt_module_open() is deprecated. Searching the files, mcrypt is only found in mode-php.js. Your suggestion is to get the latest version; I already have it. Furthermore, entering the dashes in the credit card number causes the page to hang at index.php?_a=gateway. Please advise. Link to comment Share on other sites More sharing options...
bsmither Posted February 26, 2019 Share Posted February 26, 2019 This notice of being deprecated can be ignored. As best I can tell, the SagePay module does not use any functions of CubeCart's Encryption class. (The Card Capture module does. Need to get that updated.) The notice is being generated because when CubeCart does use the Encryption class (in admin, orders.index.inc.php, to display card numbers captured), the mentioned function is called. (Your search should have found mcrypt in /classes/encryption.class.php.) The file mode-php.js is a resource file for an in-line editor used in a high-level admin function to write PHP code. That resource file lists all the PHP functions so as to be able to highlight them in the code. Link to comment Share on other sites More sharing options...
Doc Posted February 26, 2019 Author Share Posted February 26, 2019 51 minutes ago, bsmither said: This notice of being deprecated can be ignored. As best I can tell, the SagePay module does not use any functions of CubeCart's Encryption class. (The Card Capture module does. Need to get that updated.) The notice is being generated because when CubeCart does use the Encryption class (in admin, orders.index.inc.php, to display card numbers captured), the mentioned function is called. (Your search should have found mcrypt in /classes/encryption.class.php.) The file mode-php.js is a resource file for an in-line editor used in a high-level admin function to write PHP code. That resource file lists all the PHP functions so as to be able to highlight them in the code. Thank you mycrpt is in the file - but cannot use the credit card function code is posted below Thank you Doc <?php /** * CubeCart v6 * ======================================== * CubeCart is a registered trade mark of CubeCart Limited * Copyright CubeCart Limited 2017. All rights reserved. * UK Private Limited Company No. 5323904 * ======================================== * Web: http://www.cubecart.com * Email: [email protected] * License: GPL-3.0 https://www.gnu.org/licenses/quick-guide-gplv3.html */ /** * Encryption controller * * @author Technocrat * @author Al Brookbanks * @since 5.0.0 */ class Encryption { /** * Encryption cipher * * @var string */ private $_cipher = null; /** * Initialisation for encryption * * @var string */ private $_iv = null; /** * Encryption key * * @var string */ private $_key = null; /** * Encryption method * * @var string */ private $_method = 'mcrypt'; /** * Encryption mode * * @var string */ private $_mode = null; /** * Encryption handler * * @var resource */ private $_td = null; /** * Class instance * * @var instance */ protected static $_instance; ############################################## final protected function __construct() { // Default to mcrypt for existing data from older versions $this->_method = function_exists('mcrypt_encrypt') ? 'mcrypt' : 'openssl'; } public function __destruct() { //If there is a mcrypt module close it if ($this->_method=='mcrypt' && isset($this->_td)) { mcrypt_module_close($this->_td); } } /** * Setup the instance (singleton) * * @return Encryption */ public static function getInstance() { if (!(self::$_instance instanceof self)) { self::$_instance = new self(); } self::$_instance->setup(); return self::$_instance; } //=====[ Public ]======================================= /** * Decrypt data * * @param string $data * @return string/false */ public function decrypt($data) { if (!empty($data)) { if($this->_method=='mcrypt') { return mcrypt_decrypt($this->_cipher, $this->_key, base64_decode($data), $this->_mode, $this->_iv); } else { return openssl_decrypt($data, $this->_cipher, $this->_key, 0, $this->_iv); } } return false; } /** * Decrypt CC3/CC4 data * * @param string $data * @param string $cart_order_id * @return string/false */ public function decryptDepreciated($data, $cart_order_id) { $keyArray = array($cart_order_id); $this->_td_old = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', 'ecb', ''); $this->_iv_old = mcrypt_create_iv(mcrypt_enc_get_iv_size($this->_td_old), MCRYPT_RAND); $this->_ks_old = mcrypt_enc_get_key_size($this->_td_old); $this->_key_old = substr(md5(implode('@', $keyArray)), 0, $this->_ks_old); if (!empty($data)) { mcrypt_generic_init($this->_td_old, $this->_key_old, $this->_iv_old); $stringDecrypted = mdecrypt_generic($this->_td_old, $data); mcrypt_generic_deinit($this->_td_old); return trim($stringDecrypted); } } /** * Encrypt data * * @param string $data * @return bool */ public function encrypt($data) { if (!empty($data)) { if($this->_method=='mcrypt') { return base64_encode(mcrypt_encrypt($this->_cipher, $this->_key, $data, $this->_mode, $this->_iv)); } else { return openssl_encrypt($data, $this->_cipher, $this->_key, 0, $this->_iv); } } return false; } /** * Get encryption key * * @return string */ public function getEncryptKey() { if($GLOBALS['config']->has('config', 'enc_key')) { $enc_key = $GLOBALS['config']->get('config', 'enc_key'); if(empty($enc_key)) { return $this->setEncryptKey(); } return $enc_key; } else { return $this->setEncryptKey(); } } /** * Set encryption key * * @return string */ public function setEncryptKey() { // Older stores used the software license key so lets keep using that if it exists $key = $GLOBALS['config']->get('config', 'license_key'); // If license_key isn't set and we don't have an "enc_key".. make one if((!$key || empty($key)) && !$GLOBALS['config']->has('config', 'enc_key')) { $key = randomString(); $GLOBALS['config']->set('config', 'enc_key', $key); } else { // Get enc_key $key = $GLOBALS['config']->get('config', 'enc_key'); if(!$key || empty($key)) { $key = randomString(); $GLOBALS['config']->set('config', 'enc_key', $key); } } return $key; } /** * Setup encryption * * @param string $key * @param string $iv * @param string $cipher * @param string $mode */ public function setup($key = '', $iv = '', $cipher = '', $mode = '', $method = '') { $key = (!empty($key)) ? $key : $this->getEncryptKey(); if(in_array($method, array('openssl', 'mcrypt'))) { $this->_method = $method; } if($this->_method=='mcrypt') { $iv = (!empty($iv)) ? $iv : $this->getEncryptKey(); $this->_cipher = empty($cipher) ? MCRYPT_RIJNDAEL_256 : $cipher; $this->_mode = empty($mode) ? MCRYPT_MODE_CBC : $mode; $this->_td = mcrypt_module_open($this->_cipher, '', $this->_mode, ''); $this->_iv = substr(md5($iv), 0, mcrypt_enc_get_iv_size($this->_td)); $this->_key = substr(md5($key), 0, mcrypt_enc_get_key_size($this->_td)); } else { $this->_key = $key; $this->_cipher = empty($cipher) ? 'AES-128-CBC' : $cipher;; $this->_mode = $this->_td = ''; // Not used with openssl $ivlen = openssl_cipher_iv_length($this->_cipher); $this->_iv = openssl_random_pseudo_bytes($ivlen); } } } Link to comment Share on other sites More sharing options...
Doc Posted February 26, 2019 Author Share Posted February 26, 2019 On 2/22/2019 at 6:04 AM, havenswift-hosting said: mcrypt was deprecated in PHP 7.1 and removed in PHP 7.2 so as you are using PHP 7.3 (which has only recently been released) then mcrypt wont be available. You will need to upgrade whichever payment module (SagePay ?) you are using Hi We are trying to use Card Capture - we upgraded to the latest version available - 1.0.6 but no luck - we use ssl and have certs on our site - but get the error Doc Link to comment Share on other sites More sharing options...
Al Brookbanks Posted February 26, 2019 Share Posted February 26, 2019 If you use the latest version of CubeCart and latest extensions CubeCart will use mcrypt until it is no longer available then switch to OpenSSL. On those grounds you will still get a notice that mcrypt is deprecated until you move to PHP 7.2. Link to comment Share on other sites More sharing options...
bsmither Posted February 26, 2019 Share Posted February 26, 2019 Note: Card Capture 1.0.6 will test for the presence of mcrypt, and if not present, will not capture the card details (ignoring the Encryption class). Link to comment Share on other sites More sharing options...
Doc Posted February 26, 2019 Author Share Posted February 26, 2019 We accept Visa / MC / AMX and Discover 5 hours ago, Menaalfriedman said: Which credit card are you using? Maybe it depends upon which card you are using. We accept Visa / MC / AMX and Discover 5 hours ago, bsmither said: Note: Card Capture 1.0.6 will test for the presence of mcrypt, and if not present, will not capture the card details (ignoring the Encryption class). Is there any fix available to use the card capture module ? On 2/21/2019 at 10:50 PM, Al Brookbanks said: CubeCart 6.2.2 uses openssl instead of mcrypt making it compatible with the newest PHP versions. If you still get mcrypt errors then your store code is not up to date. See: https://github.com/cubecart/v6/issues/2113 Hi Al Is there a fix available for Card Capture ? We upgraded to card capture version 1.0.6 - but no joy ? Doc Link to comment Share on other sites More sharing options...
bsmither Posted February 26, 2019 Share Posted February 26, 2019 Try this (I have not verified): In the Card Capture file gateway.class.php, near line 100, find: if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) { Change to: if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open') || extension_loaded('openssl')) { Near line 110, find: $error = 'Card Capture Error: mcrypt library missing from server required to encrypt credit card data.'; Change to: $error = 'Card Capture Error: Mcrypt or OpenSSL required to encrypt credit card data is not available.'; Link to comment Share on other sites More sharing options...
citabriabob Posted March 22, 2019 Share Posted March 22, 2019 NOTE: Also posted in the Extension Forum. Must have missed something, but Capture errors hang instead of displaying something: on advice on this Forum, I did make a small chage: $error = false; // if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) { // RS MOD if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open') || extension_loaded('openssl')) { $this->_encryption = Encryption::getInstance(); $this->_encryption->setup(false, $order_summary['cart_order_id']); $record['offline_capture'] = $this->_encryption->encrypt(serialize($cardData)); $GLOBALS['db']->update('CubeCart_order_summary', $record, array('customer_id' => $order_summary['customer_id'], 'cart_order_id' => $order_summary['cart_order_id'])); if($this->_module['go_processing']) { $order->orderStatus(Order::ORDER_PROCESS, $this->_basket['cart_order_id']); } } else { // $error = 'Card Capture Error: mcrypt library missing from server required to encrypt credit card data.'; // RS MOD $error = 'Card Capture Error: Mcrypt or OpenSSL required to encrypt credit card data is not available.'; trigger_error($error); } Link to comment Share on other sites More sharing options...
harrisorganic Posted June 26, 2019 Share Posted June 26, 2019 Hello, as of the 26th June 2019 I am having the above card capture issue. Did bsmithers unverified code change work? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.