Beispiel #1
0
require_once "query/message.php";
$DOJSS = $_COOKIE['DOJSS'];
$name = safe($_POST['name']);
$pwd = safe($_POST['password']);
$user = checkDOJSS($DOJSS);
if (!checkName($name)) {
    send(1, $err['invalidName']);
}
if ($user) {
    if ($user->name == $name) {
        send(2, $warning['sameMsg']);
    }
    if ($u = getUserByName($name)) {
        if ($u->id != $user->id) {
            send(1, $err['sameName']);
        }
    }
    if (dc_decrypt($user->password, $key_pwd) != $pwd) {
        send(1, $err['wrongPwd']);
    }
    $uid = $user->id;
    mysql_query("UPDATE `users` SET \n\t\t\t`name` = '{$name}'\n\t\tWHERE `id` = {$uid} ");
    if (mysql_affected_rows()) {
        send(0, $tip['changedName'], "\$('#myName').html('{$name}');");
    } else {
        send(1, $err['notSaved']);
    }
} else {
    send(1, $err['wrongDOJSS']);
}
Beispiel #2
0
function checkDOJSS($dojss)
{
    global $key_log;
    $res = json_decode(dc_decrypt($dojss, $key_log));
    if ($res == '') {
        return false;
    }
    if (isset($res->i)) {
        $i = $res->i;
    } else {
        $i = "";
    }
    if (isset($res->p)) {
        $p = $res->p;
    } else {
        $p = "";
    }
    $o = getUserByID($i);
    if ($o == null) {
        return false;
    }
    if (md5($o->password) != $p) {
        return false;
    }
    return $o;
}