function getAuthorizationHeader($verb, $url) { // UrlPath = <HTTP-Request-URI, from the port to the query string> $str = join("\n", array($verb, $date, $url)); $h = new Hash('sha1'); $sig = base64($h->hmac(str, $privkey)); $header = 'BNET ' . $pubkey . ':' . $sig; }
stderr($lang_usercp['std_error'], $lang_usercp['std_passwords_unmatched'] . goback("-2"), 0); die; } $sec = mksecret(); $passhash = md5($sec . $chpassword . $sec); $updateset[] = "secret = " . sqlesc($sec); $updateset[] = "passhash = " . sqlesc($passhash); //die($securelogin . base64_decode($_COOKIE["c_secure_login"])); if ($_COOKIE["c_secure_login"] == base64("yeah")) { $passh = md5($passhash . $_SERVER["REMOTE_ADDR"]); $securelogin_indentity_cookie = true; } else { $passh = md5($passhash); $securelogin_indentity_cookie = false; } if ($_COOKIE["c_secure_ssl"] == base64("yeah")) { $ssl = true; } else { $ssl = false; } logincookie($CURUSER["id"], $passh, 1, 0x7fffffff, $securelogin_indentity_cookie, $ssl); //sessioncookie($CURUSER["id"], $passh); $passupdated = 1; } if ($disableemailchange != 'no' && $smtptype != 'none' && $email != $CURUSER["email"]) { if (EmailBanned($email)) { bark($lang_usercp['std_email_address_banned']); } if (!EmailAllowed($email)) { bark($lang_usercp['std_wrong_email_address_domains'] . allowedemails()); }
function jsonBase64($arr) { if (is_array($arr)) { return base64(json_encode($arr)); } }
function logincookie($id, $passhash, $updatedb = 1, $expires = 0x7fffffff, $securelogin = false, $ssl = false, $trackerssl = false) { if ($expires != 0x7fffffff) { $expires = time() + $expires; } setcookie("c_secure_uid", base64($id), $expires, "/"); setcookie("c_secure_pass", $passhash, $expires, "/"); if ($ssl) { setcookie("c_secure_ssl", base64("yeah"), $expires, "/"); } else { setcookie("c_secure_ssl", base64("nope"), $expires, "/"); } if ($trackerssl) { setcookie("c_secure_tracker_ssl", base64("yeah"), $expires, "/"); } else { setcookie("c_secure_tracker_ssl", base64("nope"), $expires, "/"); } if ($securelogin) { setcookie("c_secure_login", base64("yeah"), $expires, "/"); } else { setcookie("c_secure_login", base64("nope"), $expires, "/"); } if ($updatedb) { sql_query("UPDATE users SET last_login = NOW(), lang=" . sqlesc(get_langid_from_langcookie()) . " WHERE id = " . sqlesc($id)); } }