DB\IO Placeholder regex fix for json queries, test data updates

Some doc typo fixes
test updates with remove of not used sub calls

DB IO Placeholder regex now checks for any JSON/JSONB operators

.phive/phars.xml

@@ -1,12 +1,12 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phive xmlns="https://phar.io/phive">
   <phar name="phpunit" version="^9.6" installed="9.6.19" location="./tools/phpunit" copy="false"/>
-  <phar name="phpcbf" version="^3.7.2" installed="3.9.1" location="./tools/phpcbf" copy="false"/>
+  <phar name="phpcbf" version="^3.7.2" installed="3.10.0" location="./tools/phpcbf" copy="false"/>
-  <phar name="phpcs" version="^3.7.2" installed="3.9.1" location="./tools/phpcs" copy="false"/>
+  <phar name="phpcs" version="^3.7.2" installed="3.10.0" location="./tools/phpcs" copy="false"/>
-  <phar name="phpstan" version="^1.10.37" installed="1.10.67" location="./tools/phpstan" copy="false"/>
+  <phar name="phpstan" version="^1.10.37" installed="1.11.1" location="./tools/phpstan" copy="false"/>
   <phar name="phan" version="^5.4.2" installed="5.4.3" location="./tools/phan" copy="false"/>
-  <phar name="psalm" version="^5.15.0" installed="5.23.1" location="./tools/psalm" copy="false"/>
+  <phar name="psalm" version="^5.15.0" installed="5.24.0" location="./tools/psalm" copy="false"/>
   <phar name="phpdox" version="^0.12.0" installed="0.12.0" location="./tools/phpdox" copy="false"/>
   <phar name="phpdocumentor" version="^3.4.2" installed="3.4.3" location="./tools/phpDocumentor" copy="false"/>
-  <phar name="php-cs-fixer" version="^3.34.1" installed="3.53.0" location="./tools/php-cs-fixer" copy="false"/>
+  <phar name="php-cs-fixer" version="^3.34.1" installed="3.57.2" location="./tools/php-cs-fixer" copy="false"/>
 </phive>

.shellcheckrc

@@ -0,0 +1,2 @@
+shell=bash
+external-sources=true

4dev/checking/phpunit.sh

@@ -12,7 +12,7 @@ if [ "${1}" = "t" ] || [ "${2}" = "t" ]; then
 	opt_testdox="--testdox";
 fi;
 php_bin="";
-if [ ! -z "${1}" ]; then
+if [ -n "${1}" ]; then
 	case "${1}" in
 		# "7.3") php_bin="/usr/bin/php7.3 "; ;;
 		# "7.4") php_bin="/usr/bin/php7.4 "; ;;
@@ -23,7 +23,7 @@ if [ ! -z "${1}" ]; then
 		*) echo "Not support PHP: ${1}"; exit; ;;
 	esac;
 fi;
-if [ ! -z "${2}" ] && [ -z "${php_bin}" ]; then
+if [ -n "${2}" ] && [ -z "${php_bin}" ]; then
 	case "${2}" in
 		# "7.3") php_bin="/usr/bin/php7.3 "; ;;
 		# "7.4") php_bin="/usr/bin/php7.4 "; ;;

4dev/tests/Security/CoreLibsSecuritySymmetricEncryptionTest.php

@@ -46,12 +46,34 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 	public function testEncryptDecryptSuccess(string $input, string $expected): void
 	{
 		$key = CreateKey::generateRandomKey();
-		$encrypted = SymmetricEncryption::encrypt($input, $key);
+
-		$decrypted = SymmetricEncryption::decrypt($encrypted, $key);
+		// test class
+		$crypt = new SymmetricEncryption($key);
+		$encrypted = $crypt->encrypt($input);
+		$decrypted = $crypt->decrypt($encrypted);
+		$this->assertEquals(
+			$expected,
+			$decrypted,
+			'Class call',
+		);
+
+		// test indirect
+		$encrypted = SymmetricEncryption::getInstance($key)->encrypt($input);
+		$decrypted = SymmetricEncryption::getInstance($key)->decrypt($encrypted);
+		$this->assertEquals(
+			$expected,
+			$decrypted,
+			'Class Instance call',
+		);
+
+		// test static
+		$encrypted = SymmetricEncryption::encryptKey($input, $key);
+		$decrypted = SymmetricEncryption::decryptKey($encrypted, $key);
 
 		$this->assertEquals(
 			$expected,
-			$decrypted
+			$decrypted,
+			'Static call',
 		);
 	}
 
@@ -86,10 +108,24 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 	public function testEncryptFailed(string $input, string $exception_message): void
 	{
 		$key = CreateKey::generateRandomKey();
-		$encrypted = SymmetricEncryption::encrypt($input, $key);
 		$wrong_key = CreateKey::generateRandomKey();
+
+		// wrong key in class call
+		$crypt = new SymmetricEncryption($key);
+		$encrypted = $crypt->encrypt($input);
 		$this->expectExceptionMessage($exception_message);
-		SymmetricEncryption::decrypt($encrypted, $wrong_key);
+		$crypt->setKey($key);
+		$crypt->decrypt($encrypted);
+
+		// class instance
+		$encrypted = SymmetricEncryption::getInstance($key)->encrypt($input);
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::getInstance($wrong_key)->decrypt($encrypted);
+
+		// class static
+		$encrypted = SymmetricEncryption::encryptKey($input, $key);
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::decryptKey($encrypted, $wrong_key);
 	}
 
 	/**
@@ -107,7 +143,6 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 			'too short hex key' => [
 				'key' => '1cabd5cba9e042f12522f4ff2de5c31d233b',
 				'excpetion_message' => 'Key is not the correct size (must be '
-					. 'SODIUM_CRYPTO_SECRETBOX_KEYBYTES bytes long).'
 			],
 		];
 	}
@@ -126,13 +161,33 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 	 */
 	public function testWrongKey(string $key, string $exception_message): void
 	{
-		$this->expectExceptionMessage($exception_message);
-		SymmetricEncryption::encrypt('test', $key);
-		// we must encrypt valid thing first so we can fail with the wrong kjey
 		$enc_key = CreateKey::generateRandomKey();
-		$encrypted = SymmetricEncryption::encrypt('test', $enc_key);
+
+		// class
+		$crypt = new SymmetricEncryption($key);
 		$this->expectExceptionMessage($exception_message);
-		SymmetricEncryption::decrypt($encrypted, $key);
+		$crypt->encrypt('test');
+		$crypt->setKey($enc_key);
+		$encrypted = $crypt->encrypt('test');
+		$this->expectExceptionMessage($exception_message);
+		$crypt->setKey($key);
+		$crypt->decrypt($encrypted);
+
+		// class instance
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::getInstance($key)->encrypt('test');
+		// we must encrypt valid thing first so we can fail with the wrong key
+		$encrypted = SymmetricEncryption::getInstance($enc_key)->encrypt('test');
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::getInstance($key)->decrypt($encrypted);
+
+		// class static
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::encryptKey('test', $key);
+		// we must encrypt valid thing first so we can fail with the wrong key
+		$encrypted = SymmetricEncryption::encryptKey('test', $enc_key);
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::decryptKey($encrypted, $key);
 	}
 
 	/**
@@ -145,7 +200,7 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 		return [
 			'too short ciphertext' => [
 				'input' => 'short',
-				'exception_message' => 'Invalid ciphertext (too short)'
+				'exception_message' => 'Decipher message failed: '
 			],
 		];
 	}
@@ -164,8 +219,18 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 	public function testWrongCiphertext(string $input, string $exception_message): void
 	{
 		$key = CreateKey::generateRandomKey();
+		// class
+		$crypt = new SymmetricEncryption($key);
 		$this->expectExceptionMessage($exception_message);
-		SymmetricEncryption::decrypt($input, $key);
+		$crypt->decrypt($input);
+
+		// class instance
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::getInstance($key)->decrypt($input);
+
+		// class static
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::decryptKey($input, $key);
 	}
 }
 

phpstan.neon

@@ -2,7 +2,7 @@
 includes:
 	- phpstan-conditional.php
 parameters:
-	tmpDir: /tmp/phpstan-corelibs
+	tmpDir: %currentWorkingDirectory%/tmp/phpstan-corelibs
 	level: 8 # max is now 9
 	checkMissingCallableSignature: true
 	treatPhpDocTypesAsCertain: false

tmp/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

tools/php-cs-fixer

@@ -1 +1 @@
-/home/clemens/.phive/phars/php-cs-fixer-3.53.0.phar
+/home/clemens/.phive/phars/php-cs-fixer-3.57.2.phar

tools/phpcbf

@@ -1 +1 @@
-/home/clemens/.phive/phars/phpcbf-3.9.1.phar
+/home/clemens/.phive/phars/phpcbf-3.10.0.phar

tools/phpcs

@@ -1 +1 @@
-/home/clemens/.phive/phars/phpcs-3.9.1.phar
+/home/clemens/.phive/phars/phpcs-3.10.0.phar

tools/phpstan

@@ -1 +1 @@
-/home/clemens/.phive/phars/phpstan-1.10.67.phar
+/home/clemens/.phive/phars/phpstan-1.11.1.phar

tools/psalm

@@ -1 +1 @@
-/home/clemens/.phive/phars/psalm-5.23.1.phar
+/home/clemens/.phive/phars/psalm-5.24.0.phar

www/admin/class_test.array.php

@@ -21,7 +21,7 @@ ob_end_flush();
 use CoreLibs\Combined\ArrayHandler;
 use CoreLibs\Debug\Support as DgS;
 use CoreLibs\Convert\SetVarType;
-use PHPUnit\Framework\Constraint\ArrayHasKey;
+// use PHPUnit\Framework\Constraint\ArrayHasKey;
 
 $log = new CoreLibs\Logging\Logging([
 	'log_folder' => BASE . LOG,

www/admin/class_test.datetime.php

@@ -451,6 +451,7 @@ function intervalStringFormatDeprecated(
 			$value = $interval->days;
 			$skip = true;
 		} else {
+			/** @phan-suppress-next-line PhanUndeclaredProperty */
 			$value = $interval->$part;
 		}
 		if ($value == 0 && $skip_last_zero === true) {

www/admin/class_test.db.query-placeholder.php

@@ -20,7 +20,7 @@ $LOG_FILE_ID = 'classTest-db-query-placeholder';
 ob_end_flush();
 
 use CoreLibs\Debug\Support;
-use CoreLibs\DB\Support\ConvertPlaceholder;
+// use CoreLibs\DB\Support\ConvertPlaceholder;
 
 $log = new CoreLibs\Logging\Logging([
 	'log_folder' => BASE . LOG,

www/admin/class_test.db.single.php

@@ -19,7 +19,7 @@ require 'config.php';
 $LOG_FILE_ID = 'classTest-db-query-placeholders';
 ob_end_flush();
 
-use CoreLibs\Debug\Support;
+// use CoreLibs\Debug\Support;
 
 $log = new CoreLibs\Logging\Logging([
 	'log_folder' => BASE . LOG,

www/admin/class_test.encryption.php

@@ -40,16 +40,33 @@ $key = CreateKey::generateRandomKey();
 print "Secret Key: " . $key . "<br>";
 
 $string = "I a some deep secret";
-$encrypted = SymmetricEncryption::encrypt($string, $key);
+//
-$decrypted = SymmetricEncryption::decrypt($encrypted, $key);
+$crypt = new SymmetricEncryption($key);
+$encrypted = $crypt->encrypt($string);
+$decrypted = $crypt->decrypt($encrypted);
+print "[C] Encrypted: " . $encrypted . "<br>";
+print "[C] Decrytped: " . $decrypted . "<br>";
+$encrypted = SymmetricEncryption::getInstance($key)->encrypt($string);
+$decrypted = SymmetricEncryption::getInstance($key)->decrypt($encrypted);
+print "[S] Original: " . $string . "<br>";
+print "[S] Encrypted: " . $encrypted . "<br>";
+print "[S] Decrytped: " . $decrypted . "<br>";
+$encrypted = SymmetricEncryption::encryptKey($string, $key);
+$decrypted = SymmetricEncryption::decryptKey($encrypted, $key);
+print "[SS] Encrypted: " . $encrypted . "<br>";
+print "[SS] Decrytped: " . $decrypted . "<br>";
 
-print "Original: " . $string . "<br>";
+print "<br>INIT KEY MISSING<br>";
-print "Encrypted: " . $encrypted . "<br>";
+try {
-print "Decrytped: " . $decrypted . "<br>";
+	$crypt = new SymmetricEncryption();
+	$encrypted = $crypt->decrypt($string);
+} catch (Exception $e) {
+	print("Error: " . $e->getMessage() . "<br>");
+}
 
 print "<br>WRONG CIPHERTEXT<br>";
 try {
-	$decrypted = SymmetricEncryption::decrypt('flupper', $key);
+	$decrypted = SymmetricEncryption::decryptKey('flupper', $key);
 } catch (Exception $e) {
 	print "Error: " . $e->getMessage() . "<br>";
 }
@@ -57,7 +74,7 @@ try {
 print "<br>SHORT and WRONG KEY<br>";
 $key = 'wrong_key';
 try {
-	$encrypted = SymmetricEncryption::encrypt($string, $key);
+	$encrypted = SymmetricEncryption::encryptKey($string, $key);
 } catch (Exception $e) {
 	print "Error: " . $e->getMessage() . "<br>";
 }
@@ -65,7 +82,7 @@ try {
 print "<br>INVALID HEX KEY<br>";
 $key = '1cabd5cba9e042f12522f4ff2de5c31d233b';
 try {
-	$encrypted = SymmetricEncryption::encrypt($string, $key);
+	$encrypted = SymmetricEncryption::encryptKey($string, $key);
 } catch (Exception $e) {
 	print "Error: " . $e->getMessage() . "<br>";
 }
@@ -73,21 +90,10 @@ try {
 print "<br>WRONG KEY TO DECRYPT<br>";
 $key = CreateKey::generateRandomKey();
 $string = "I a some deep secret";
-$encrypted = SymmetricEncryption::encrypt($string, $key);
+$encrypted = SymmetricEncryption::encryptKey($string, $key);
-$key = CreateKey::generateRandomKey();
-try {
-	$decrypted = SymmetricEncryption::decrypt($encrypted, $key);
-} catch (Exception $e) {
-	print "Error: " . $e->getMessage() . "<br>";
-}
-
-print "<br>WRONG KEY TO DECRYPT<br>";
-$key = CreateKey::generateRandomKey();
-$string = "I a some deep secret";
-$encrypted = SymmetricEncryption::encrypt($string, $key);
 $key = 'wrong_key';
 try {
-	$decrypted = SymmetricEncryption::decrypt($encrypted, $key);
+	$decrypted = SymmetricEncryption::decryptKey($encrypted, $key);
 } catch (Exception $e) {
 	print "Error: " . $e->getMessage() . "<br>";
 }

www/admin/class_test.smarty.php

@@ -97,7 +97,7 @@ $smarty->DATA['drop_down_test'] = [
 	'foobar' => 'Foo Bar',
 ];
 $smarty->DATA['drop_down_test_selected'] = 'bar';
-$smarty->DATA['drop_down_test_nested']  = [
+$smarty->DATA['drop_down_test_nested'] = [
 	'' => '選択してください',
 	'4/25(木)' => [
 		'4/25(木) 11:00-11:50' => '4/25(木) 11:00-11:50',

www/lib/CoreLibs/DB/Support/ConvertPlaceholder.php

@@ -39,9 +39,11 @@ class ConvertPlaceholder
 	): array {
 		$convert_to = strtolower($convert_to);
 		$matches = [];
+		$query_split = '[(=,?-]|->|->>|#>|#>>|@>|<@|\?\|\?\&|\|\||#-';
 		$pattern = '/'
 			// prefix string part, must match towards
-			. '(?:\'.*?\')?\s*(?:\?\?|[(=,])\s*'
+			// seperator for ( = , ? - [and json/jsonb in pg doc section 9.15]
+			. '(?:\'.*?\')?\s*(?:\?\?|' . $query_split . ')\s*'
 			// match for replace part
 			. '(?:'
 			// digit -> ignore
@@ -96,7 +98,10 @@ class ConvertPlaceholder
 			$type = 'named';
 			$matches_return = $named_matches;
 			// only check for :named
-			$pattern_replace = '/((?:\'.*?\')?\s*(?:\?\?|[(=,])\s*)(\d+|(?:\'.*?\')|(:\w+))/s';
+			$pattern_replace = '/'
+				. '((?:\'.*?\')?\s*(?:\?\?|' . $query_split . ')\s*)'
+				. '(\d+|(?:\'.*?\')|(:\w+))'
+				. '/s';
 			// 0: full
 			// 1: pre part
 			// 2: keep part UNLESS '3' is set
@@ -134,7 +139,10 @@ class ConvertPlaceholder
 			// order and data stays the same
 			$params_new = $params;
 			// only check for ?
-			$pattern_replace = '/((?:\'.*?\')?\s*(?:\?\?|[(=,])\s*)(\d+|(?:\'.*?\')|(?:(?:\?\?)?\s*(\?{1})))/s';
+			$pattern_replace = '/'
+				. '((?:\'.*?\')?\s*(?:\?\?|' . $query_split . ')\s*)'
+				. '(\d+|(?:\'.*?\')|(?:(?:\?\?)?\s*(\?{1})))'
+				. '/s';
 			// 0: full
 			// 1: pre part
 			// 2: keep part UNLESS '3' is set
@@ -163,7 +171,10 @@ class ConvertPlaceholder
 			$type = 'numbered';
 			$matches_return = $numbered_matches;
 			// only check for $n
-			$pattern_replace = '/((?:\'.*?\')?\s*(?:\?\?|[(=,])\s*)(\d+|(?:\'.*?\')|(\$[1-9]{1}(?:[0-9]{1,})?))/s';
+			$pattern_replace = '/'
+				. '((?:\'.*?\')?\s*(?:\?\?|' . $query_split . ')\s*)'
+				. '(\d+|(?:\'.*?\')|(\$[1-9]{1}(?:[0-9]{1,})?))'
+				. '/s';
 			// 0: full
 			// 1: pre part
 			// 2: keep part UNLESS '3' is set

www/lib/CoreLibs/Language/Core/CachedFileReader.php

@@ -46,7 +46,7 @@ class CachedFileReader extends \CoreLibs\Language\Core\StringReader
 			if (!is_resource($fd)) {
 				$this->error = 3; // Cannot read file, probably permissions
 			} else {
-				$this->fd_str = fread($fd, filesize($filename) ?: 0) ?: '';
+				$this->fd_str = fread($fd, filesize($filename) ?: 1) ?: '';
 				fclose($fd);
 			}
 		} else {

www/lib/CoreLibs/Security/SymmetricEncryption.php

@@ -21,66 +21,82 @@ use SodiumException;
 
 class SymmetricEncryption
 {
+	/** @var SymmetricEncryption self instance */
+	private static SymmetricEncryption $instance;
+
+	/** @var string bin hex key */
+	private string $key = '';
+
+	/**
+	 * init class
+	 * if key not passed, key must be set with createKey
+	 *
+	 * @param  string|null|null $key
+	 */
+	public function __construct(
+		string|null $key = null
+	) {
+		if ($key != null) {
+			$this->setKey($key);
+		}
+	}
+
+	/**
+	 * Returns the singleton self object.
+	 * For function wrapper use
+	 *
+	 * @return SymmetricEncryption object
+	 */
+	public static function getInstance(string|null $key = null): self
+	{
+		if (empty(self::$instance)) {
+			self::$instance = new self($key);
+		}
+		return self::$instance;
+	}
+
+	/* ************************************************************************
+	 * MARK: PRIVATE
+	 * *************************************************************************/
+
 	/**
 	 * create key and check validity
 	 *
 	 * @param  string $key The key from which the binary key will be created
 	 * @return string      Binary key string
 	 */
-	public static function createKey(string $key): string
+	private function createKey(string $key): string
 	{
 		try {
 			$key = CreateKey::hex2bin($key);
 		} catch (SodiumException $e) {
-			throw new \UnexpectedValueException('Invalid hex key');
+			throw new \UnexpectedValueException('Invalid hex key: ' . $e->getMessage());
 		}
 		if (mb_strlen($key, '8bit') !== SODIUM_CRYPTO_SECRETBOX_KEYBYTES) {
 			throw new \RangeException(
 				'Key is not the correct size (must be '
-					. 'SODIUM_CRYPTO_SECRETBOX_KEYBYTES bytes long).'
+					. SODIUM_CRYPTO_SECRETBOX_KEYBYTES . ' bytes long).'
 			);
 		}
 		return $key;
 	}
 
 	/**
-	 * Encrypt a message
+	 * Decryption call
 	 *
-	 * @param  string $message Message to encrypt
+	 * @param  string  $encrypted Text to decrypt
-	 * @param  string $key     Encryption key (as hex string)
+	 * @param  ?string $key       Mandatory encryption key, will throw exception if empty
-	 * @return string
+	 * @return string             Plain text
-	 * @throws \Exception
 	 * @throws \RangeException
+	 * @throws \UnexpectedValueException
+	 * @throws \UnexpectedValueException
 	 */
-	public static function encrypt(string $message, string $key): string
+	private function decryptData(string $encrypted, ?string $key): string
 	{
-		$key = self::createKey($key);
+		if (empty($key)) {
-		$nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
+			throw new \UnexpectedValueException('Key not set');
-
+		}
-		$cipher = base64_encode(
+		$key = $this->createKey($key);
-			$nonce
-			. sodium_crypto_secretbox(
-				$message,
-				$nonce,
-				$key
-			)
-		);
-		sodium_memzero($message);
-		sodium_memzero($key);
-		return $cipher;
-	}
-
-	/**
-	 * Decrypt a message
-	 *
-	 * @param  string $encrypted Message encrypted with safeEncrypt()
-	 * @param  string $key       Encryption key (as hex string)
-	 * @return string
-	 * @throws \Exception
-	 */
-	public static function decrypt(string $encrypted, string $key): string
-	{
-		$key = self::createKey($key);
 		$decoded = base64_decode($encrypted);
 		$nonce = mb_substr($decoded, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, '8bit');
 		$ciphertext = mb_substr($decoded, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit');
@@ -93,7 +109,7 @@ class SymmetricEncryption
 				$key
 			);
 		} catch (SodiumException $e) {
-			throw new \UnexpectedValueException('Invalid ciphertext (too short)');
+			throw new \UnexpectedValueException('Decipher message failed: ' . $e->getMessage());
 		}
 		if (!is_string($plain)) {
 			throw new \UnexpectedValueException('Invalid Key');
@@ -102,6 +118,117 @@ class SymmetricEncryption
 		sodium_memzero($key);
 		return $plain;
 	}
+
+	/**
+	 * Encrypt a message
+	 *
+	 * @param  string  $message Message to encrypt
+	 * @param  ?string $key     Mandatory encryption key, will throw exception if empty
+	 * @return string
+	 * @throws \Exception
+	 * @throws \RangeException
+	 */
+	private function encryptData(string $message, ?string $key): string
+	{
+		if (empty($this->key) || $key === null) {
+			throw new \UnexpectedValueException('Key not set');
+		}
+		$key = $this->createKey($key);
+		$nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
+		try {
+			$cipher = base64_encode(
+				$nonce
+				. sodium_crypto_secretbox(
+					$message,
+					$nonce,
+					$key,
+				)
+			);
+		} catch (SodiumException $e) {
+			throw new \UnexpectedValueException("Create encrypted message failed: " . $e->getMessage());
+		}
+		sodium_memzero($message);
+		sodium_memzero($key);
+		return $cipher;
+	}
+
+	/* ************************************************************************
+	 * MARK: PUBLIC
+	 * *************************************************************************/
+
+
+	/**
+	 * set a new key for encryption
+	 *
+	 * @param  string $key
+	 * @return void
+	 */
+	public function setKey(string $key)
+	{
+		if (empty($key)) {
+			throw new \UnexpectedValueException('Key cannot be empty');
+		}
+		$this->key = $key;
+	}
+
+	/**
+	 * Decrypt a message
+	 * static version
+	 *
+	 * @param  string $encrypted Message encrypted with safeEncrypt()
+	 * @param  string $key       Encryption key (as hex string)
+	 * @return string
+	 * @throws \Exception
+	 * @throws \RangeException
+	 * @throws \UnexpectedValueException
+	 * @throws \UnexpectedValueException
+	 */
+	public static function decryptKey(string $encrypted, string $key): string
+	{
+		return self::getInstance()->decryptData($encrypted, $key);
+	}
+
+	/**
+	 * Decrypt a message
+	 *
+	 * @param  string $encrypted Message encrypted with safeEncrypt()
+	 * @return string
+	 * @throws \RangeException
+	 * @throws \UnexpectedValueException
+	 * @throws \UnexpectedValueException
+	 */
+	public function decrypt(string $encrypted): string
+	{
+		return $this->decryptData($encrypted, $this->key);
+	}
+
+	/**
+	 * Encrypt a message
+	 * static version
+	 *
+	 * @param  string $message Message to encrypt
+	 * @param  string $key     Encryption key (as hex string)
+	 * @return string
+	 * @throws \Exception
+	 * @throws \RangeException
+	 */
+	public static function encryptKey(string $message, string $key): string
+	{
+		return self::getInstance()->encryptData($message, $key);
+	}
+
+	/**
+	 * Encrypt a message
+	 *
+	 * @param  string $message Message to encrypt
+	 * @return string
+	 * @throws \Exception
+	 * @throws \RangeException
+	 */
+	public function encrypt(string $message): string
+	{
+		return $this->encryptData($message, $this->key);
+	}
 }
 
 // __END__

www/lib/CoreLibs/Template/SmartyExtend.php

@@ -185,7 +185,7 @@ class SmartyExtend extends \Smarty
 		// call basic smarty
 		// or Smarty::__construct();
 		parent::__construct();
-		// iinit lang
+		// init lang
 		$this->l10n = $l10n;
 		// parse and read, legacy stuff
 		$locale = $this->l10n->getLocaleAsArray();