function vInsertIntoOwnerLoginTable($SafeFirstName, $SafeLastName, $SafeEmail, $SafePWD)
{
global $mysqli;
$UserID = $SafeFirstName . $SafeLastName;
$iOwnerExists = iCheckIfOwnerEmailExists($SafeEmail);
#if this is the first claim.
if ($iOwnerExists == 0) {
#Obtain a cryption and save it in the DB.
$salt = salt();
#Hash a string that is comprised of password and a salt.
#Save it as a password. This will create a second level of security.
$hash = getHash($SafePWD, $salt);
# The folloing is for email activation of validation.
$email_code = md5($SafeEmail + microtime());
if (DEBUG) {
echo "salt =" . $salt . "<br>";
echo "SafePWD =" . $SafePWD . "<br>";
echo "hash =" . $hash . "<br>";
}
#user_id is also email address.
$mysqli->autocommit(FALSE);
$InsertCommand = "INSERT INTO \r\n login_table ( id, user_id, salt, password, email_address, email_code, type )\r\n\t\t\t\t values ( NULL, '" . $SafeEmail . "', '" . $salt . "', '" . $hash . "', '" . $SafeEmail . "', '" . $email_code . "', 'O' )";
$add_post_res = $mysqli->query($InsertCommand);
# or die($mysqli->error);
if (!$mysqli->commit()) {
$mysqli->rollback();
}
SendActivateEmailNotice($SafeEmail, $email_code);
echo "Please activate your email to complete the registration. Please respond to your email. Thanks.";
} else {
/*popup( "You have already registere!", OWNER_LOGIN_PAGE ); */
echo "You have already registered!";
}
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
*/
public function actionCreate()
{
$model = new User();
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if (isset($_POST['User'])) {
$model->attributes = $_POST['User'];
$model->password = getHash($model->password);
if (Yii::app()->user->isFranchiseAdmin()) {
$model->franchise = Yii::app()->user->franchise;
$model->role_id = 2;
}
if (Yii::app()->user->isAdmin()) {
$franchise = new Franchise();
$franchise->name = $model->username;
$franchise->save();
$model->franchise = $franchise->id;
$model->role_id = 3;
}
if ($model->save()) {
// $this->redirect(array('view', 'id' => $model->id));
$this->redirect(array('user/admin'));
}
}
$this->render('create', array('model' => $model));
}
/**
* Updates a particular model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id the ID of the model to be updated
*/
public function actionUpdate($id)
{
$model = $this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if (isset($_POST['Banner'])) {
$image = CUploadedFile::getInstance($model, 'image');
$modelImg = $model->image;
$model->attributes = $_POST['Banner'];
if (!$image) {
$model->image = $modelImg;
}
if ($image) {
$extarr = explode('.', $image->name);
$ext = end($extarr);
$imgName = getHash(time());
$model->image = $imgName . '.' . $ext;
$PATH = Yii::getPathOfAlias("webroot.productimg") . '/' . $model->image;
}
if ($model->save()) {
if ($image) {
$image->saveAs($PATH);
}
// $this->redirect(array('view', 'id' => $model->id));
$this->redirect(array('banner/admin'));
}
}
$this->render('update', array('model' => $model));
}
/**
* 随机生成文件名
* @param $ext 文件扩展名
* @return string
*/
public static function fileNameByRandom($ext = null)
{
if (empty($ext)) {
$ext = "tmp";
}
$randomStr = getHash(rand(1, 30000) . time() . $ext . rand(1, 30000));
return $randomStr . "." . $ext;
}
function getPassword($username, $token)
{
if (getTokenValid($username, $token)) {
global $salt;
$hash = getHash($username);
$password = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($salt), base64_decode($hash), MCRYPT_MODE_CBC, md5(md5($salt))), "");
return $password;
} else {
return false;
}
}
function validateHash($password, $hash)
{
$hashArr = explode(':', $hash);
switch (count($hashArr)) {
case 1:
return getHash($password) === $hash;
case 2:
return getHash($hashArr[1] . $password) === $hashArr[0];
}
return 'Invalid hash.';
}
public function actionLogin()
{
$return['sucess'] = false;
if (isset($params['username']) && isset($params['password'])) {
$user = User::model()->findByAttributes(array('username' => $params['username'], 'password' => getHash($params['password'])));
if ($user) {
$return['sucess'] = true;
$return['user'] = $user->attributes;
}
}
echo json_encode($return);
}
public function login($username, $password)
{
if (intval(f('SELECT COUNT(1) FROM ' . FAILED_LOGINS_TABLE . ' WHERE UserTable="tblWebUser" AND Username="******" AND isValid="true" AND LoginDate >DATE_SUB(NOW(), INTERVAL ' . intval(SECURITY_LIMIT_CUSTOMER_NAME_HOURS) . ' hour)')) >= intval(SECURITY_LIMIT_CUSTOMER_NAME) || intval(f('SELECT COUNT(1) FROM ' . FAILED_LOGINS_TABLE . ' WHERE UserTable="tblWebUser" AND IP="' . $_SERVER['REMOTE_ADDR'] . '" AND LoginDate >DATE_SUB(NOW(), INTERVAL ' . intval(SECURITY_LIMIT_CUSTOMER_IP_HOURS) . ' hour)')) >= intval(SECURITY_LIMIT_CUSTOMER_IP)) {
logApiRequests('endpoint: ' . $this->request['request'] . '; Login denied for User : '******'; apiKey : ' . (array_key_exists('apiKey', $this->request) ? $this->request['apiKey'] : 'No API key given') . '; App version : ' . (array_key_exists('appVersion', $this->request) ? $this->request['appVersion'] : 'No App version given') . '; App platform : ' . (array_key_exists('appPlatform', $this->request) ? $this->request['appPlatform'] : 'No App plattform given'));
throw new Exception('Login denied for user');
}
$u = getHash('SELECT * FROM ' . CUSTOMER_TABLE . ' WHERE Password!="" AND LoginDenied=0 AND Username="******"', null, MYSQL_ASSOC);
if (empty($u)) {
logApiRequests('endpoint: ' . $this->request['request'] . '; Invalid User : '******'; apiKey : ' . (array_key_exists('apiKey', $this->request) ? $this->request['apiKey'] : 'No API key given') . '; App version : ' . (array_key_exists('appVersion', $this->request) ? $this->request['appVersion'] : 'No App version given') . '; App platform : ' . (array_key_exists('appPlatform', $this->request) ? $this->request['appPlatform'] : 'No App plattform given'));
throw new Exception('Invalid User');
}
return $u && we_customer_customer::comparePassword($u['Password'], $password) ? array('UserIDHash' => $u['App_UserIDHash']) : array('UserIDHash' => false);
}
/**
* 构造函数,检查配置是否完成
*/
protected function __construct()
{
SimpleSession::init(null, getHash($_POST['FromUserName']));
if (!$_SESSION['wechatActivity']) {
$_SESSION['wechatActivity'] = null;
}
if (!$_SESSION['callbackStack']) {
$_SESSION['callbackStack'] = null;
}
$this->activity =& $_SESSION['wechatActivity'];
$this->callbackStack =& $_SESSION['callbackStack'];
$this->token = getConfig("wechat", "token");
$this->appInfo =& getAppInfo();
}
function iCheckIfOwnerEmailExists($SafeEmail, $SafePW, &$ID, &$Email_status, &$Email_code, &$Password_status)
{
global $mysqli;
$QueryResultSet = "SELECT count(*) AS row_exists, \r\n salt, \r\n password, \r\n id,\r\n\t\t\t\t email_active,\r\n\t\t\t\t email_code,\r\n\t\t\t\t password_recover\r\n\t\t\t FROM login_table\r\n\t\t\t WHERE email_address = '{$SafeEmail}'";
$objGetResult = $mysqli->query($QueryResultSet);
if (DEBUG) {
echo "{$QueryResultSet}<br>";
var_dump($objGetResult);
}
if ($objGetResult) {
$anArray = $objGetResult->fetch_array(MYSQLI_ASSOC);
$numof_rows = stripslashes($anArray['row_exists']);
$salt = stripslashes($anArray['salt']);
$password = stripslashes($anArray['password']);
$Password_status = stripslashes($anArray['password_recover']);
if (DEBUG) {
echo "Inside<br>";
echo "numof_rows = {$numof_rows}<br>";
echo "salt = {$salt}<br>";
echo "password = {$password}<br>";
}
if ($numof_rows == 1) {
$hash = getHash($SafePW, $salt);
if (DEBUG) {
echo "Inside<br>";
echo "numof_rows = {$numof_rows}<br>";
echo "salt = {$salt}<br>";
echo "password = {$password}<br>";
echo "SafePW = {$SafePW}<br>";
echo "hash = {$hash}<br>";
}
if ($hash == $password) {
$ID = stripslashes($anArray['id']);
$Email_status = stripslashes($anArray['email_active']);
$Email_code = stripslashes($anArray['email_code']);
if (DEBUG) {
echo "email_code" . $Email_code . "<br>";
}
$Email_Exists = 1;
} else {
$Email_Exists = 0;
}
} else {
$Email_Exists = 0;
}
$objGetResult->free_result();
}
return $Email_Exists;
}
function loginUser($un, $psw)
{
$_SESSION['uid'] = $uid = Adapter::getAValue('UID', '`person`', 'name=?', array($un), "s");
$_SESSION['type'] = Adapter::getAValue('type', '`person`', 'uid=?', array($uid), "i");
if ($uid == -1) {
print 1;
return;
}
if (!Adapter::isExists('`person`', 'UID=? AND hash=?', array($uid, getHash($psw)), "is")) {
print 2;
return;
}
/*login code*/
$_SESSION['logged'] = 1;
print 3;
}
public function checkUser()
{
if (isset($_COOKIE['userinfo'])) {
$string = $_COOKIE['userinfo'];
$cookieText = explode('||', $string);
$inputLogin = $cookieText[1];
$this->user_model->getUserDataByLogin($inputLogin);
$trueLogin = $this->user_model->getLogin();
$truePassword = $this->user_model->getPassword();
$name = $this->user_model->getUserName();
$userHash = getHash($trueLogin, $truePassword);
if ($string === $userHash) {
$userData = array('username' => $name, 'logged_in' => TRUE);
$this->session->set_userdata($userData);
} else {
setcookie('userinfo', '');
}
}
}
function vInsertIntoClientLoginTable($SafeFirstName, $SafeLastName, $SafeEmail, $SafePWD)
{
global $mysqli;
$UserID = $SafeFirstName . $SafeLastName;
$iClientExists = iCheckIfClientEmailExists($SafeEmail);
#if this is the first claim.
if ($iClientExists == 0) {
$salt = salt();
$hash = getHash($SafePWD, $salt);
$email_code = md5($SafeEmail + microtime());
#user_id is also email address.
$mysqli->autocommit(FALSE);
$InsertCommand = "INSERT INTO client_login_table \r\n ( id, first_name, last_name, email_address, email_code, salt, password )\r\n values \r\n (NULL,'{$SafeFirstName}', '{$SafeLastName}', '{$SafeEmail}', '{$email_code}', '{$salt}', '{$hash}' )";
$add_post_res = $mysqli->query($InsertCommand) or die($mysqli->error);
if (!$mysqli->commit()) {
$mysqli->rollback();
}
SendActivateEmailNotice($SafeEmail, $email_code);
echo "Please activate your email to complete the registration. Please respond to your email. Thanks.";
} else {
/*popup('You have already registered.', "http://" . IP_ADDRESS . "/member/client_login_register.php");*/
echo "You have already registered";
}
}
* @param array $data Array of transmitted data (see above)
* @param string $password Your Gateway-Password
*/
function getHash(array $data, $password)
{
$hash_source = null;
foreach ($data as $value) {
$hash_source .= $value . '|';
}
$hash_source .= $password;
$hash_md5 = md5($hash_source);
return $hash_md5;
}
$databases = array(1);
$data = array('msg_id' => $_POST['messageId'], 'number' => $_POST['responseSender'], 'message' => $_POST['responseMessage'], 'timestamp' => $_POST['responseTimestamp']);
if (getHash($data, SMS_PASSWORD) == $_POST['hash']) {
// DO something here like sending mail, store in database ...
$found = false;
if (!empty($data['msg_id'])) {
foreach ($databases as $database) {
$redis->SELECT($database);
if ($redis->EXISTS("sms:send:{$data['msg_id']}")) {
$send = $redis->HGETALL("sms:send:{$data['msg_id']}");
if (is_array($send)) {
$found = true;
$redis->HMSET("sms:send:{$data['msg_id']}", array('status' => SMS_STATUS_ANSWERED));
$redis->HMSET("sms:receive:{$data['msg_id']}", array('returnto' => $send['returnto'], 'sender' => $send['receiver'], 'receiver' => $send['sender'], 'datetime' => $data['timestamp'], 'message' => $data['message']));
$redis->SADD("sms:inbound", (string) $data['msg_id']);
break;
} else {
$line = trim(date("[d/m @ H:i:s]") . "SMS response Error: " . implode(', ', $data)) . "\n";
function inputHash()
{
return '<input type="hidden" name="hash" value="' . getHash() . '">';
}
if ($page == "") {
$page = "1";
}
$currentpage = $page;
STemplate::assign('page', $page);
if ($page >= 2) {
$pagingstart = ($page - 1) * $config['items_per_page'];
} else {
$pagingstart = "0";
}
$query1 = "SELECT count(*) as total from posts A, members B where A.active='1' AND A.USERID=B.USERID AND A.phase>'1' order by A.htime desc limit {$config['maximum_results']}";
$query2 = "SELECT A.*, B.username from posts A, members B where A.active='1' AND A.USERID=B.USERID AND A.phase>'1' order by A.htime desc limit {$pagingstart}, {$config['items_per_page']}";
$executequery1 = $conn->Execute($query1);
$totalvideos = $executequery1->fields['total'];
if ($totalvideos > 0) {
if ($executequery1->fields['total'] <= $config[maximum_results]) {
$total = $executequery1->fields['total'];
} else {
$total = $config[maximum_results];
}
$toppage = ceil($total / $config[items_per_page]);
if ($page <= $toppage) {
$executequery2 = $conn->Execute($query2);
$posts = $executequery2->getrows();
$posts = getTags($posts);
$posts = countComments($posts);
$posts = getHash($posts);
STemplate::assign('posts', $posts);
STemplate::display('posts_bit_more.tpl');
}
}
if (isset($_POST['input']) && !empty($_POST['input']) && isset($_POST["modifies"])) {
$inputString = $_POST['input'];
$modifies = $_POST['modifies'];
$result = '';
switch ($modifies) {
case 'palindrome':
$result = $inputString . ' ' . getPalindrome($inputString);
break;
case 'reverse':
$result = getReverse($inputString);
break;
case 'split':
$result = getSplit($inputString);
break;
case 'hash':
$result = getHash($inputString);
break;
case 'shuffle':
$result = getShuffle($inputString);
break;
default:
echo 'Error!';
break;
}
echo $result;
}
?>
</body>
</html>
/** 파일정보를 DB에 추가한다
* @class write
* @param
$data: chkFile 후에 넘어온 데이터
-id: 게시판번호. 없으면 mini[board]의 정보를 활용
-target_member: 회원번호. 없으면 mini[member]의 정보를 활용
-target: 대상자료번호
-target_pos: 대상게시물번호(댓글일때만)
-mode: post|comment|memo|box
* @return Array
*/
function addFile($data, $param = '')
{
global $mini;
$param = param($param);
$ins = array();
if (!empty($param['id'])) {
def($ins['id'], $param['id']);
}
if (!empty($data['id'])) {
def($ins['id'], $data['id']);
}
if (!empty($mini['board']['no'])) {
def($ins['id'], $mini['board']['no']);
}
if (!empty($param['target_member'])) {
def($ins['target_member'], $param['target_member']);
}
if (!empty($data['target_member']) && !empty($mini['member']['level_admin'])) {
def($ins['target_member'], $data['target_member']);
}
if (!empty($mini['member']['no'])) {
def($ins['target_member'], $mini['member']['no']);
}
if (!empty($data['ip']) && !empty($mini['member']['level_admin'])) {
def($ins['ip'], $data['ip']);
}
def($ins['ip'], $mini['ip']);
if (!empty($data['date']) && !empty($mini['member']['level_admin'])) {
def($ins['date'], $data['date']);
}
def($ins['date'], $mini['date']);
if (!empty($param['mode'])) {
def($ins['mode'], $param['mode']);
}
if (!empty($data['mode'])) {
def($ins['mode'], $data['mode']);
}
def($ins['mode'], '');
if (!empty($param['target'])) {
def($ins['target'], $param['target']);
}
if (!empty($data['target'])) {
def($ins['target'], $data['target']);
}
def($ins['target'], 0);
if (!empty($param['target_post']) && $ins['mode'] == 'comment') {
$ins['target_post'] = $param['target_post'];
}
$ins['name'] = $data['name'];
$ins['url'] = $data['path'];
$ins['size'] = $data['size'];
$ins['is_admit'] = !empty($mini['board']['use_file_admit']) && empty($mini['member']['level_admin']) ? 0 : 1;
$ins['width'] = !empty($data['width']) ? $data['width'] : 0;
$ins['height'] = !empty($data['height']) ? $data['height'] : 0;
$ins['ext'] = $data['ext'];
$ins['type'] = $data['type'];
// 파일해시
$ins['hash'] = getHash($data);
sql("INSERT INTO {$mini['name']['file']} " . query($ins, 'insert'));
// 후처리
$ins['no'] = getLastId($mini['name']['file'], "(ip='{$ins['ip']}' and date='{$ins['date']}' and name='{$ins['name']}')");
$ins['error'] = 0;
return $ins;
}
public function actionUpdate($id)
{
$model = $this->loadModel($id);
$jaspers_franchise = JaspersFranchise::model()->findAll();
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if (isset($_POST['User'])) {
$this->password = $model->password;
$model->attributes = $_POST['User'];
if ($_POST['User']['password']) {
$model->password = getHash($_POST['User']['password']);
} else {
$model->password = $this->password;
}
if ($model->save()) {
// $this->redirect(array('view', 'id' => $model->id));
if (isset($_GET['isUser'])) {
$this->redirect(array('user/admin', 'isUser' => 1));
}
$this->redirect(array('user/admin'));
}
}
unset($model->password);
$this->render('update', array('model' => $model, 'jaspers_franchise' => $jaspers_franchise));
}
/**
*
* Extract the current home directory for the site, or return
* __root if the site is root. This is then used to write the cache
* file as $dirName.css
*
* @return string The directory
*
*/
function extractDir()
{
//get public directory structure eg "/top/second/third"
$publicDirectory = dirname($_SERVER['PHP_SELF']);
//place each directory into array
$directoryAr = explode('/', $publicDirectory);
//get highest or top level in array of directory strings
$publicBase = max($directoryAr);
if ($publicBase == "") {
$publicBase = getHash();
}
return $publicBase;
}
function verify($username, $password)
{
// Get hash from db
$connection = new mysqli(MYSQL_HOSTNAME, MYSQL_USERNAME, MYSQL_PASSWORD, MYSQL_DATABASE);
$sql = "SELECT passwort FROM benutzer WHERE benutzername = '{$username}'";
$result = $connection->query($sql);
$hash = getHash($result);
$verification = password_verify($password, $hash);
// file_put_contents('verification.txt', 'ergebnis: ' . $verification . ' passwort: ' . $password . ' hash: ' . $hash);
if ($verification) {
return true;
} else {
return false;
}
}
<?php
// Require app files
require 'app/User.php';
require 'app/Validator.php';
require 'app/Helper.php';
// Set data and validation rules
$rules = array('email' => 'required|email', 'password' => 'required|min:8');
$data = array('email' => '*****@*****.**', 'password' => '12346789');
// Run validation
$validator = new Validator();
if ($validator->validate($data, $rules) == true) {
// Validation passed. Set user values.
$joost = new User();
// method chaining is used
$joost->setEmail($data['email'])->setPassword(getHash($data['password']));
// Dump user
var_dump($joost);
} else {
// Validation failed. Dump validation errors.
var_dump($validator->getErrors());
}
<?php
session_start();
header("HTTP/1.0 401 Unautorized");
require_once "secure.inc.php";
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$user = trim(strip_tags($_POST['user']));
$pw = trim(strip_tags($_POST['pw']));
$ref = trim(strip_tags($_GET['ref']));
if (!$ref) {
$ref = '/admin';
}
if ($user and $pw) {
if ($result = userExists($user)) {
list($login, $password, $salt, $iteration) = explode(':', $result);
if (getHash($pw, $salt, $iteration) == $password) {
$_SESSION['admin'] = true;
header("Location: {$ref}");
exit;
} else {
$title = 'Неправильный пароль';
}
} else {
$title = 'Неправильное имя пользователя';
}
} else {
$title = 'Заполните все поля формы';
}
}
$title = 'Авторизация';
$user = '';
protected function keyHash($key)
{
return getHash($this->site, $this->set, $key);
}
<?php
// $Id: sendPass.php 23863 2015-09-14 00:27:14Z 1070356 $
require_once 'functions.php';
if (isset($_POST['id'])) {
$id = $_POST['id'];
$result = sql("SELECT mail, name FROM users WHERE id={$id}");
if ($result->num_rows) {
$row = $result->fetch_row();
$pass = sendPass($row[0], $row[1]);
// 비밀번호를 만들어 메일로 보낸다
if ($pass) {
$pass = escapeString(getHash($pass));
sql("UPDATE users SET pass='******' WHERE id = {$id}");
echo affectedRows();
// 반환 값이 1이면 정상이다
}
}
$result->close();
}
$token = $InputArray[1];
$SafeEmail = mysqli_real_escape_string($mysqli, $owner_email);
$iOwnerExists = iCheckIfOwnerEmailExists($SafeEmail);
if (Token::check("OWNER_RECOVER_PW_FORM", $token)) {
if ($iOwnerExists == 1) {
// This assignment is used at owner_reset_password.php.
$_SESSION['email'] = $SafeEmail;
// Generates a temporary password.
$Temp_PW = substr(md5(rand(999, 999999)), 0, 8);
//Send temporary password via email.
SendTemporaryPWNotice($SafeEmail, $Temp_PW);
//Obtain a encryption and save it in the DB.
$salt = salt();
#Hash a string that is comprised of password and salt and save it as a password.
#This will create a second level of security.
$hash = getHash($Temp_PW, $salt);
// Update password_recover flag to 1. This tells that the user is going thru password recover phase.
$mysqli->autocommit(FALSE);
$UpdateSQL = "UPDATE `login_table`\r\n\t\t\t\t SET `password_recover` = 1,\r\n\t\t\t\t\t `salt` = '{$salt}', \r\n\t\t\t\t\t `password` = '{$hash}'\r\n\t\t\t\t WHERE `email_address` = '{$SafeEmail}'";
echo "You will receive a temporary password via email.";
if (DEBUG) {
echo $UpdateSQL;
}
if (!$mysqli->query($UpdateSQL)) {
echo "CALL failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$mysqli->commit()) {
$mysqli->rollback();
}
//popup ( "You will receive a temporary password via email. Please login using this temporary password.", OWNER_LOGIN_PAGE );
} else {
$chars = array_merge(range('a', 'z'), range('A', 'Z'), [0, 1, 2, 3, 4, 5, 6, 7, 8, 9]);
/*
foreach (range(chr(192),chr(255)) as $v)
$chars[] = iconv('CP1251','UTF-8',$v);
*/
$hashs = [];
foreach ($fonts as $font) {
foreach ($chars as $char) {
$size = [6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 20, 22, 24];
foreach ($size as $s) {
$im = imagecreatetruecolor(40, 40);
$white = imagecolorallocate($im, 0xff, 0xff, 0xff);
$black = imagecolorallocate($im, 0x0, 0x0, 0x0);
imagefill($im, 0, 0, $white);
//echo $fontDir . $font . "\n"; exit();
imagefttext($im, $s, 0, 5, 30, $black, $fontDir . $font, $char);
$hash = getHash($im);
$hashs[strlen($hash)][] = [$hash, $char];
//imagepng($im, './images/'.md5($font). '_' .$char. '_' . $s . '.png');
imagedestroy($im);
}
}
}
foreach ($hashs as $length => $data) {
$file = './data/' . $length . '.json';
if (file_exists($file)) {
$dataOld = json_decode(file_get_contents($file));
$data += $dataOld;
}
file_put_contents($file, json_encode($data));
}
/**
* get the image data
*
* @return void
* @private
*/
private function getImageData($getBinary = false)
{
$this->db->query('SELECT l.Name,c.Dat FROM ' . CONTENT_TABLE . ' c JOIN ' . LINK_TABLE . ' l ON c.ID=l.CID WHERE l.DID=' . intval($this->imageID) . ' AND l.DocumentTable="tblFile"');
while ($this->db->next_record()) {
if ($this->db->f('Name') === 'origwidth') {
$this->imageWidth = $this->db->f('Dat');
} else {
if ($this->db->f('Name') === 'origheight') {
$this->imageHeight = $this->db->f('Dat');
}
}
if ($this->db->f('Name') === 'xfocus') {
$this->xfocus = $this->db->f('Dat');
}
if ($this->db->f('Name') === 'yfocus') {
$this->yfocus = $this->db->f('Dat');
}
}
$imgdat = getHash('SELECT ID,Filename,Extension,Path FROM ' . FILE_TABLE . ' WHERE ID=' . intval($this->imageID), $this->db);
if (!$imgdat) {
return false;
}
$this->imageFileName = $imgdat['Filename'];
$this->imagePath = $imgdat['Path'];
$this->imageExtension = $imgdat['Extension'];
if ($getBinary) {
$this->getBinaryData();
}
return true;
}
function loadArticleData()
{
global $config;
if ($this->preview) {
//get from db
dbConnect();
$artData = new artEditorLib();
$artData->preview = true;
$artData->preview = $this->preview;
$artData->getArtFromDB($this->artId);
$this->art = $artData->getArtString();
} else {
$file = $config["articleVault"] . getHash($this->artId) . "/{$this->artId}.dat";
if ($page = getFile($file)) {
$this->art = unserialize($page);
//set stats
$statLog["aid"] = $this->art["artId"];
$statLog["conf"] = $this->art["conference"];
} else {
logit(REPORT, "Could not open article file {$file} (Refer: {$_SERVER["HTTP_REFERER"]})");
$error = true;
}
}
//get images
if (is_numeric($this->artId)) {
$sql = "SELECT artId FROM articleImages WHERE artId = {$this->artId} ";
if ($rc = dbQuery($sql)) {
if ($rowImg = dbFetch($rc)) {
$this->art["image"] = "/img_{$this->art["artId"]}.jpg";
} else {
$this->art["image"] = "";
}
} else {
logit(WARN, " DB Error: {$sql} in " . __FILE__ . " on line: " . __LINE__);
}
//get Image, internal
$sql = "SELECT artId FROM articleInternalImages WHERE artId = {$this->artId} ";
if ($rc = dbQuery($sql)) {
if ($rowImg = dbFetch($rc)) {
$this->art["imageInternal"] = "/imgNews_{$this->art["artId"]}.jpg";
} else {
$this->art["imageInternal"] = $this->art["image"];
//if no internal use hp
}
} else {
logit(WARN, " DB Error: {$sql} in " . __FILE__ . " on line: " . __LINE__);
}
} else {
$this->art["imageInternal"] = "";
$this->art["image"] = "";
}
//get subtopic names
/*
if (is_array($this->art["subtopics"]))
$sql="SELECT confId,confName FROM confNames WHERE confId IN (".implode(",",$this->art["subtopics"]).",{$this->art["conference"]}) ";
else $sql="SELECT confId,confName FROM confNames WHERE confId ='{$this->art["conference"]}' ";
*/
//get all confs because the page now needs all of them
$sql = "SELECT confId,confName FROM confNames";
if ($rc = dbQuery($sql)) {
while ($row = dbFetch($rc)) {
$this->confNames[$row["confId"]] = $row["confName"];
}
} else {
logit(WARN, " DB Error: {$sql} in " . __FILE__ . " on line: " . __LINE__);
}
//dumpVar($this->art);
if ($this->preview) {
$this->art["headline"] .= " (preview)";
}
}
$SafeEmail = mysqli_real_escape_string($mysqli, $SafeEmail);
//unset( $_SESSION['email'] );
$QueryResultSet = "SELECT count(*) AS row_exists, salt, password, id, email_active, email_code, password_recover\r\n\t\t\t\t\t\t\t\t FROM client_login_table\r\n\t\t\t\t\t\t\t\t WHERE email_address = '{$SafeEmail}'";
$objGetResult = $mysqli->query($QueryResultSet);
#remember that even if there is no single row has returned, it will return an object which is non-zero.
if ($objGetResult) {
$anArray = $objGetResult->fetch_array(MYSQLI_ASSOC);
$salt = stripslashes($anArray['salt']);
$password = stripslashes($anArray['password']);
$numof_rows = stripslashes($anArray['row_exists']);
if ($numof_rows == 1) {
$hash = getHash($Temp_PW, $salt);
#Check if the hash value matches the hash value from the table.
if ($hash === $password) {
$salt = salt();
$hash = getHash($New_PW1, $salt);
$mysqli->autocommit(FALSE);
$UpdateSQL = "UPDATE `client_login_table`\r\n\t\t\t\t\t\t\t\t\t\t SET `password_recover` = 0, \r\n\t\t\t\t\t\t\t\t\t\t\t `password` = '{$hash}',\r\n\t\t\t\t\t\t\t\t\t\t\t `salt` = '{$salt}'\r\n\t\t\t\t\t\t\t\t\t\t WHERE email_address = '{$SafeEmail}'";
echo "You have successfully resetted your password.";
//if( DEBUG )
//{
//echo $UpdateSQL;
//}
if (!$mysqli->query($UpdateSQL)) {
echo "CALL failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$mysqli->commit()) {
$mysqli->rollback();
}
} else {
echo "Temp password doesn't match. Please enter correct temp password.";
