function encryptionDemo($password)
{
//your password
$getpass = $password;
//generate unique string of 32 chars
$salt = genRandomPassword(32);
//this function encypt your password with generated salt
$crypt = getCryptedPassword($getpass, $salt);
//salt encrypted password
$encrypted_password = $crypt . ':' . $salt;
return $encrypted_password;
}
function WriteAdmin($uid, $database)
{
$user = new user($uid);
$salt = genRandomPassword(32);
$crypt = getCryptedPassword($user->password, $salt);
$cryptpass = $crypt . ':' . $salt;
$nullDate = null;
$installdate = date('Y-m-d H:i:s');
$q = new mysql();
$sql = "SELECT gid FROM jos_users WHERE id=62";
$ligne = @mysql_fetch_array($q->QUERY_SQL($sql, 'artica_backup'));
if ($ligne["gid"] == 0) {
$query = "INSERT INTO jos_users VALUES (62, 'Administrator', '{$user->uid}', '{$user->mail}', '{$cryptpass}', 'Super Administrator', 0, 1, 25, '{$installdate}', '{$nullDate}', '', '')";
$q->QUERY_SQL($query, $database);
if (!$q->ok) {
write_events("set admin/password failed...");
}
$query = "INSERT INTO jos_core_acl_aro VALUES (10,'users','62',0,'Administrator',0)";
$q->QUERY_SQL($query, $database);
if (!$q->ok) {
write_events("set admin/password failed...");
}
$query = "INSERT INTO jos_core_acl_groups_aro_map VALUES (25,'',10)";
$q->QUERY_SQL($query, $database);
if (!$q->ok) {
write_events("set admin/password failed...");
}
} else {
write_events("updating {$uid}/password...");
$sql = "UPDATE jos_users SET password='******' WHERE id=62";
$q->QUERY_SQL($query, $database);
if (!$q->ok) {
write_events("set admin/password failed...");
}
}
}
echo json_encode(array("message" => "0"));
/*************** wrong email *************/
}
} else {
$email = $_REQUEST['email'];
############################ CHECKING USERNAME EXIST OR NOT ##################
$sql_username = "******" . $prefix . "users where email = '" . $email . "' ";
$rs_username = mysql_query($sql_username);
$num_rows = mysql_num_rows($rs_username);
if ($num_rows > 0) {
############### send email for token ##############
$records = mysql_fetch_assoc($rs_username);
$id = $records['id'];
$secret = 'JfXAcjoH0jbAMqF4';
// Generate a new token
$random = genRandomPassword();
$randpasstemp = '';
for ($ik = 0; $ik < 4; $ik++) {
$randpasstemp .= chr(mt_rand(48, 57));
}
$token = md5($randpasstemp);
$salt = getSalt('crypt-md5');
$hashedToken = md5($token . $salt) . ':' . $salt;
$query = "UPDATE " . $prefix . "users SET activation = '" . $token . "' WHERE id = " . $id . " ";
mysql_query($query);
/*$msg .= "Hello,'.$records['id']";
$msg .= "<br><br>A request has been made to reset your account password. To reset your password, you will need to submit this verification code in order to verify that the request was legitimate.";
$msg .= "<br><br>The verification code is ".$randpasstemp."<br><br>";
