Osclass forums
Support forums => Plugins => Plugin Payments => Topic started by: stanjensen on August 25, 2013, 01:06:05 am
-
?
-
I used randomly generated number...
-
Can you please type slower and more details.?
IE how is that fixed, what do you adjust, and where?
-
you have to open the index.php file in the payment plugin, you will see some text saying change this, you can type ANYTHING your heart desires, a verse, a poem, a famous quote, a random sequence of random characters. save the file and your done .
so here in the index file
define('PAYMENT_CRYPT_KEY', 'randompasswordchangethis');
randompasswordchangethis is the example put what you want and save it
Be SURE NOT to remove the single quotes ' ' that are there
hope this answers your question better ::)
-
DigitalConcepts is right.
All the information of the plugin is stored in the database, we encrypt that data with an additional hardcoded password/key. Said kay is in the oc-content/plugins/payment/index.php file
define('PAYMENT_CRYPT_KEY', 'randompasswordchangethis');
You need to change randompasswordchangethis to whatever you want to, so in the case a hacker has access to your database's content, it will not know what your paypal/other payments information is.
Why we do this?
Because we consider your payment information very important, if a hacker get access to your Paypal information for example, he could make payments or empty your account. So if you change the default password, the hacker will need access to your database AND your file server, which make things a little more complicated.
-
_CONEJO is there any practical limitation in the length of the sequence? Also, is space character allowed?
Thank you
-
The key has to be 256bits long, if it's shorter it will fill the space with \0, I'm not sure about what will happen if it's longer, but I assume : A.- it will throw an error, or B.- it will cut the key.