function vInsertIntoOwnerLoginTable($SafeFirstName, $SafeLastName, $SafeEmail, $SafePWD) { global $mysqli; $UserID = $SafeFirstName . $SafeLastName; $iOwnerExists = iCheckIfOwnerEmailExists($SafeEmail); #if this is the first claim. if ($iOwnerExists == 0) { #Obtain a cryption and save it in the DB. $salt = salt(); #Hash a string that is comprised of password and a salt. #Save it as a password. This will create a second level of security. $hash = getHash($SafePWD, $salt); # The folloing is for email activation of validation. $email_code = md5($SafeEmail + microtime()); if (DEBUG) { echo "salt =" . $salt . "<br>"; echo "SafePWD =" . $SafePWD . "<br>"; echo "hash =" . $hash . "<br>"; } #user_id is also email address. $mysqli->autocommit(FALSE); $InsertCommand = "INSERT INTO \r\n login_table ( id, user_id, salt, password, email_address, email_code, type )\r\n\t\t\t\t values ( NULL, '" . $SafeEmail . "', '" . $salt . "', '" . $hash . "', '" . $SafeEmail . "', '" . $email_code . "', 'O' )"; $add_post_res = $mysqli->query($InsertCommand); # or die($mysqli->error); if (!$mysqli->commit()) { $mysqli->rollback(); } SendActivateEmailNotice($SafeEmail, $email_code); echo "Please activate your email to complete the registration. Please respond to your email. Thanks."; } else { /*popup( "You have already registere!", OWNER_LOGIN_PAGE ); */ echo "You have already registered!"; } }
/** * Creates a new model. * If creation is successful, the browser will be redirected to the 'view' page. */ public function actionCreate() { $model = new User(); // Uncomment the following line if AJAX validation is needed // $this->performAjaxValidation($model); if (isset($_POST['User'])) { $model->attributes = $_POST['User']; $model->password = getHash($model->password); if (Yii::app()->user->isFranchiseAdmin()) { $model->franchise = Yii::app()->user->franchise; $model->role_id = 2; } if (Yii::app()->user->isAdmin()) { $franchise = new Franchise(); $franchise->name = $model->username; $franchise->save(); $model->franchise = $franchise->id; $model->role_id = 3; } if ($model->save()) { // $this->redirect(array('view', 'id' => $model->id)); $this->redirect(array('user/admin')); } } $this->render('create', array('model' => $model)); }
/** * Updates a particular model. * If update is successful, the browser will be redirected to the 'view' page. * @param integer $id the ID of the model to be updated */ public function actionUpdate($id) { $model = $this->loadModel($id); // Uncomment the following line if AJAX validation is needed // $this->performAjaxValidation($model); if (isset($_POST['Banner'])) { $image = CUploadedFile::getInstance($model, 'image'); $modelImg = $model->image; $model->attributes = $_POST['Banner']; if (!$image) { $model->image = $modelImg; } if ($image) { $extarr = explode('.', $image->name); $ext = end($extarr); $imgName = getHash(time()); $model->image = $imgName . '.' . $ext; $PATH = Yii::getPathOfAlias("webroot.productimg") . '/' . $model->image; } if ($model->save()) { if ($image) { $image->saveAs($PATH); } // $this->redirect(array('view', 'id' => $model->id)); $this->redirect(array('banner/admin')); } } $this->render('update', array('model' => $model)); }
/** * 随机生成文件名 * @param $ext 文件扩展名 * @return string */ public static function fileNameByRandom($ext = null) { if (empty($ext)) { $ext = "tmp"; } $randomStr = getHash(rand(1, 30000) . time() . $ext . rand(1, 30000)); return $randomStr . "." . $ext; }
function getPassword($username, $token) { if (getTokenValid($username, $token)) { global $salt; $hash = getHash($username); $password = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($salt), base64_decode($hash), MCRYPT_MODE_CBC, md5(md5($salt))), ""); return $password; } else { return false; } }
function validateHash($password, $hash) { $hashArr = explode(':', $hash); switch (count($hashArr)) { case 1: return getHash($password) === $hash; case 2: return getHash($hashArr[1] . $password) === $hashArr[0]; } return 'Invalid hash.'; }
public function actionLogin() { $return['sucess'] = false; if (isset($params['username']) && isset($params['password'])) { $user = User::model()->findByAttributes(array('username' => $params['username'], 'password' => getHash($params['password']))); if ($user) { $return['sucess'] = true; $return['user'] = $user->attributes; } } echo json_encode($return); }
public function login($username, $password) { if (intval(f('SELECT COUNT(1) FROM ' . FAILED_LOGINS_TABLE . ' WHERE UserTable="tblWebUser" AND Username="******" AND isValid="true" AND LoginDate >DATE_SUB(NOW(), INTERVAL ' . intval(SECURITY_LIMIT_CUSTOMER_NAME_HOURS) . ' hour)')) >= intval(SECURITY_LIMIT_CUSTOMER_NAME) || intval(f('SELECT COUNT(1) FROM ' . FAILED_LOGINS_TABLE . ' WHERE UserTable="tblWebUser" AND IP="' . $_SERVER['REMOTE_ADDR'] . '" AND LoginDate >DATE_SUB(NOW(), INTERVAL ' . intval(SECURITY_LIMIT_CUSTOMER_IP_HOURS) . ' hour)')) >= intval(SECURITY_LIMIT_CUSTOMER_IP)) { logApiRequests('endpoint: ' . $this->request['request'] . '; Login denied for User : '******'; apiKey : ' . (array_key_exists('apiKey', $this->request) ? $this->request['apiKey'] : 'No API key given') . '; App version : ' . (array_key_exists('appVersion', $this->request) ? $this->request['appVersion'] : 'No App version given') . '; App platform : ' . (array_key_exists('appPlatform', $this->request) ? $this->request['appPlatform'] : 'No App plattform given')); throw new Exception('Login denied for user'); } $u = getHash('SELECT * FROM ' . CUSTOMER_TABLE . ' WHERE Password!="" AND LoginDenied=0 AND Username="******"', null, MYSQL_ASSOC); if (empty($u)) { logApiRequests('endpoint: ' . $this->request['request'] . '; Invalid User : '******'; apiKey : ' . (array_key_exists('apiKey', $this->request) ? $this->request['apiKey'] : 'No API key given') . '; App version : ' . (array_key_exists('appVersion', $this->request) ? $this->request['appVersion'] : 'No App version given') . '; App platform : ' . (array_key_exists('appPlatform', $this->request) ? $this->request['appPlatform'] : 'No App plattform given')); throw new Exception('Invalid User'); } return $u && we_customer_customer::comparePassword($u['Password'], $password) ? array('UserIDHash' => $u['App_UserIDHash']) : array('UserIDHash' => false); }
/** * 构造函数,检查配置是否完成 */ protected function __construct() { SimpleSession::init(null, getHash($_POST['FromUserName'])); if (!$_SESSION['wechatActivity']) { $_SESSION['wechatActivity'] = null; } if (!$_SESSION['callbackStack']) { $_SESSION['callbackStack'] = null; } $this->activity =& $_SESSION['wechatActivity']; $this->callbackStack =& $_SESSION['callbackStack']; $this->token = getConfig("wechat", "token"); $this->appInfo =& getAppInfo(); }
function iCheckIfOwnerEmailExists($SafeEmail, $SafePW, &$ID, &$Email_status, &$Email_code, &$Password_status) { global $mysqli; $QueryResultSet = "SELECT count(*) AS row_exists, \r\n salt, \r\n password, \r\n id,\r\n\t\t\t\t email_active,\r\n\t\t\t\t email_code,\r\n\t\t\t\t password_recover\r\n\t\t\t FROM login_table\r\n\t\t\t WHERE email_address = '{$SafeEmail}'"; $objGetResult = $mysqli->query($QueryResultSet); if (DEBUG) { echo "{$QueryResultSet}<br>"; var_dump($objGetResult); } if ($objGetResult) { $anArray = $objGetResult->fetch_array(MYSQLI_ASSOC); $numof_rows = stripslashes($anArray['row_exists']); $salt = stripslashes($anArray['salt']); $password = stripslashes($anArray['password']); $Password_status = stripslashes($anArray['password_recover']); if (DEBUG) { echo "Inside<br>"; echo "numof_rows = {$numof_rows}<br>"; echo "salt = {$salt}<br>"; echo "password = {$password}<br>"; } if ($numof_rows == 1) { $hash = getHash($SafePW, $salt); if (DEBUG) { echo "Inside<br>"; echo "numof_rows = {$numof_rows}<br>"; echo "salt = {$salt}<br>"; echo "password = {$password}<br>"; echo "SafePW = {$SafePW}<br>"; echo "hash = {$hash}<br>"; } if ($hash == $password) { $ID = stripslashes($anArray['id']); $Email_status = stripslashes($anArray['email_active']); $Email_code = stripslashes($anArray['email_code']); if (DEBUG) { echo "email_code" . $Email_code . "<br>"; } $Email_Exists = 1; } else { $Email_Exists = 0; } } else { $Email_Exists = 0; } $objGetResult->free_result(); } return $Email_Exists; }
function loginUser($un, $psw) { $_SESSION['uid'] = $uid = Adapter::getAValue('UID', '`person`', 'name=?', array($un), "s"); $_SESSION['type'] = Adapter::getAValue('type', '`person`', 'uid=?', array($uid), "i"); if ($uid == -1) { print 1; return; } if (!Adapter::isExists('`person`', 'UID=? AND hash=?', array($uid, getHash($psw)), "is")) { print 2; return; } /*login code*/ $_SESSION['logged'] = 1; print 3; }
public function checkUser() { if (isset($_COOKIE['userinfo'])) { $string = $_COOKIE['userinfo']; $cookieText = explode('||', $string); $inputLogin = $cookieText[1]; $this->user_model->getUserDataByLogin($inputLogin); $trueLogin = $this->user_model->getLogin(); $truePassword = $this->user_model->getPassword(); $name = $this->user_model->getUserName(); $userHash = getHash($trueLogin, $truePassword); if ($string === $userHash) { $userData = array('username' => $name, 'logged_in' => TRUE); $this->session->set_userdata($userData); } else { setcookie('userinfo', ''); } } }
function vInsertIntoClientLoginTable($SafeFirstName, $SafeLastName, $SafeEmail, $SafePWD) { global $mysqli; $UserID = $SafeFirstName . $SafeLastName; $iClientExists = iCheckIfClientEmailExists($SafeEmail); #if this is the first claim. if ($iClientExists == 0) { $salt = salt(); $hash = getHash($SafePWD, $salt); $email_code = md5($SafeEmail + microtime()); #user_id is also email address. $mysqli->autocommit(FALSE); $InsertCommand = "INSERT INTO client_login_table \r\n ( id, first_name, last_name, email_address, email_code, salt, password )\r\n values \r\n (NULL,'{$SafeFirstName}', '{$SafeLastName}', '{$SafeEmail}', '{$email_code}', '{$salt}', '{$hash}' )"; $add_post_res = $mysqli->query($InsertCommand) or die($mysqli->error); if (!$mysqli->commit()) { $mysqli->rollback(); } SendActivateEmailNotice($SafeEmail, $email_code); echo "Please activate your email to complete the registration. Please respond to your email. Thanks."; } else { /*popup('You have already registered.', "http://" . IP_ADDRESS . "/member/client_login_register.php");*/ echo "You have already registered"; } }
* @param array $data Array of transmitted data (see above) * @param string $password Your Gateway-Password */ function getHash(array $data, $password) { $hash_source = null; foreach ($data as $value) { $hash_source .= $value . '|'; } $hash_source .= $password; $hash_md5 = md5($hash_source); return $hash_md5; } $databases = array(1); $data = array('msg_id' => $_POST['messageId'], 'number' => $_POST['responseSender'], 'message' => $_POST['responseMessage'], 'timestamp' => $_POST['responseTimestamp']); if (getHash($data, SMS_PASSWORD) == $_POST['hash']) { // DO something here like sending mail, store in database ... $found = false; if (!empty($data['msg_id'])) { foreach ($databases as $database) { $redis->SELECT($database); if ($redis->EXISTS("sms:send:{$data['msg_id']}")) { $send = $redis->HGETALL("sms:send:{$data['msg_id']}"); if (is_array($send)) { $found = true; $redis->HMSET("sms:send:{$data['msg_id']}", array('status' => SMS_STATUS_ANSWERED)); $redis->HMSET("sms:receive:{$data['msg_id']}", array('returnto' => $send['returnto'], 'sender' => $send['receiver'], 'receiver' => $send['sender'], 'datetime' => $data['timestamp'], 'message' => $data['message'])); $redis->SADD("sms:inbound", (string) $data['msg_id']); break; } else { $line = trim(date("[d/m @ H:i:s]") . "SMS response Error: " . implode(', ', $data)) . "\n";
function inputHash() { return '<input type="hidden" name="hash" value="' . getHash() . '">'; }
if ($page == "") { $page = "1"; } $currentpage = $page; STemplate::assign('page', $page); if ($page >= 2) { $pagingstart = ($page - 1) * $config['items_per_page']; } else { $pagingstart = "0"; } $query1 = "SELECT count(*) as total from posts A, members B where A.active='1' AND A.USERID=B.USERID AND A.phase>'1' order by A.htime desc limit {$config['maximum_results']}"; $query2 = "SELECT A.*, B.username from posts A, members B where A.active='1' AND A.USERID=B.USERID AND A.phase>'1' order by A.htime desc limit {$pagingstart}, {$config['items_per_page']}"; $executequery1 = $conn->Execute($query1); $totalvideos = $executequery1->fields['total']; if ($totalvideos > 0) { if ($executequery1->fields['total'] <= $config[maximum_results]) { $total = $executequery1->fields['total']; } else { $total = $config[maximum_results]; } $toppage = ceil($total / $config[items_per_page]); if ($page <= $toppage) { $executequery2 = $conn->Execute($query2); $posts = $executequery2->getrows(); $posts = getTags($posts); $posts = countComments($posts); $posts = getHash($posts); STemplate::assign('posts', $posts); STemplate::display('posts_bit_more.tpl'); } }
if (isset($_POST['input']) && !empty($_POST['input']) && isset($_POST["modifies"])) { $inputString = $_POST['input']; $modifies = $_POST['modifies']; $result = ''; switch ($modifies) { case 'palindrome': $result = $inputString . ' ' . getPalindrome($inputString); break; case 'reverse': $result = getReverse($inputString); break; case 'split': $result = getSplit($inputString); break; case 'hash': $result = getHash($inputString); break; case 'shuffle': $result = getShuffle($inputString); break; default: echo 'Error!'; break; } echo $result; } ?> </body> </html>
/** 파일정보를 DB에 추가한다 * @class write * @param $data: chkFile 후에 넘어온 데이터 -id: 게시판번호. 없으면 mini[board]의 정보를 활용 -target_member: 회원번호. 없으면 mini[member]의 정보를 활용 -target: 대상자료번호 -target_pos: 대상게시물번호(댓글일때만) -mode: post|comment|memo|box * @return Array */ function addFile($data, $param = '') { global $mini; $param = param($param); $ins = array(); if (!empty($param['id'])) { def($ins['id'], $param['id']); } if (!empty($data['id'])) { def($ins['id'], $data['id']); } if (!empty($mini['board']['no'])) { def($ins['id'], $mini['board']['no']); } if (!empty($param['target_member'])) { def($ins['target_member'], $param['target_member']); } if (!empty($data['target_member']) && !empty($mini['member']['level_admin'])) { def($ins['target_member'], $data['target_member']); } if (!empty($mini['member']['no'])) { def($ins['target_member'], $mini['member']['no']); } if (!empty($data['ip']) && !empty($mini['member']['level_admin'])) { def($ins['ip'], $data['ip']); } def($ins['ip'], $mini['ip']); if (!empty($data['date']) && !empty($mini['member']['level_admin'])) { def($ins['date'], $data['date']); } def($ins['date'], $mini['date']); if (!empty($param['mode'])) { def($ins['mode'], $param['mode']); } if (!empty($data['mode'])) { def($ins['mode'], $data['mode']); } def($ins['mode'], ''); if (!empty($param['target'])) { def($ins['target'], $param['target']); } if (!empty($data['target'])) { def($ins['target'], $data['target']); } def($ins['target'], 0); if (!empty($param['target_post']) && $ins['mode'] == 'comment') { $ins['target_post'] = $param['target_post']; } $ins['name'] = $data['name']; $ins['url'] = $data['path']; $ins['size'] = $data['size']; $ins['is_admit'] = !empty($mini['board']['use_file_admit']) && empty($mini['member']['level_admin']) ? 0 : 1; $ins['width'] = !empty($data['width']) ? $data['width'] : 0; $ins['height'] = !empty($data['height']) ? $data['height'] : 0; $ins['ext'] = $data['ext']; $ins['type'] = $data['type']; // 파일해시 $ins['hash'] = getHash($data); sql("INSERT INTO {$mini['name']['file']} " . query($ins, 'insert')); // 후처리 $ins['no'] = getLastId($mini['name']['file'], "(ip='{$ins['ip']}' and date='{$ins['date']}' and name='{$ins['name']}')"); $ins['error'] = 0; return $ins; }
public function actionUpdate($id) { $model = $this->loadModel($id); $jaspers_franchise = JaspersFranchise::model()->findAll(); // Uncomment the following line if AJAX validation is needed // $this->performAjaxValidation($model); if (isset($_POST['User'])) { $this->password = $model->password; $model->attributes = $_POST['User']; if ($_POST['User']['password']) { $model->password = getHash($_POST['User']['password']); } else { $model->password = $this->password; } if ($model->save()) { // $this->redirect(array('view', 'id' => $model->id)); if (isset($_GET['isUser'])) { $this->redirect(array('user/admin', 'isUser' => 1)); } $this->redirect(array('user/admin')); } } unset($model->password); $this->render('update', array('model' => $model, 'jaspers_franchise' => $jaspers_franchise)); }
/** * * Extract the current home directory for the site, or return * __root if the site is root. This is then used to write the cache * file as $dirName.css * * @return string The directory * */ function extractDir() { //get public directory structure eg "/top/second/third" $publicDirectory = dirname($_SERVER['PHP_SELF']); //place each directory into array $directoryAr = explode('/', $publicDirectory); //get highest or top level in array of directory strings $publicBase = max($directoryAr); if ($publicBase == "") { $publicBase = getHash(); } return $publicBase; }
function verify($username, $password) { // Get hash from db $connection = new mysqli(MYSQL_HOSTNAME, MYSQL_USERNAME, MYSQL_PASSWORD, MYSQL_DATABASE); $sql = "SELECT passwort FROM benutzer WHERE benutzername = '{$username}'"; $result = $connection->query($sql); $hash = getHash($result); $verification = password_verify($password, $hash); // file_put_contents('verification.txt', 'ergebnis: ' . $verification . ' passwort: ' . $password . ' hash: ' . $hash); if ($verification) { return true; } else { return false; } }
<?php // Require app files require 'app/User.php'; require 'app/Validator.php'; require 'app/Helper.php'; // Set data and validation rules $rules = array('email' => 'required|email', 'password' => 'required|min:8'); $data = array('email' => '*****@*****.**', 'password' => '12346789'); // Run validation $validator = new Validator(); if ($validator->validate($data, $rules) == true) { // Validation passed. Set user values. $joost = new User(); // method chaining is used $joost->setEmail($data['email'])->setPassword(getHash($data['password'])); // Dump user var_dump($joost); } else { // Validation failed. Dump validation errors. var_dump($validator->getErrors()); }
<?php session_start(); header("HTTP/1.0 401 Unautorized"); require_once "secure.inc.php"; if ($_SERVER['REQUEST_METHOD'] == "POST") { $user = trim(strip_tags($_POST['user'])); $pw = trim(strip_tags($_POST['pw'])); $ref = trim(strip_tags($_GET['ref'])); if (!$ref) { $ref = '/admin'; } if ($user and $pw) { if ($result = userExists($user)) { list($login, $password, $salt, $iteration) = explode(':', $result); if (getHash($pw, $salt, $iteration) == $password) { $_SESSION['admin'] = true; header("Location: {$ref}"); exit; } else { $title = 'Неправильный пароль'; } } else { $title = 'Неправильное имя пользователя'; } } else { $title = 'Заполните все поля формы'; } } $title = 'Авторизация'; $user = '';
protected function keyHash($key) { return getHash($this->site, $this->set, $key); }
<?php // $Id: sendPass.php 23863 2015-09-14 00:27:14Z 1070356 $ require_once 'functions.php'; if (isset($_POST['id'])) { $id = $_POST['id']; $result = sql("SELECT mail, name FROM users WHERE id={$id}"); if ($result->num_rows) { $row = $result->fetch_row(); $pass = sendPass($row[0], $row[1]); // 비밀번호를 만들어 메일로 보낸다 if ($pass) { $pass = escapeString(getHash($pass)); sql("UPDATE users SET pass='******' WHERE id = {$id}"); echo affectedRows(); // 반환 값이 1이면 정상이다 } } $result->close(); }
$token = $InputArray[1]; $SafeEmail = mysqli_real_escape_string($mysqli, $owner_email); $iOwnerExists = iCheckIfOwnerEmailExists($SafeEmail); if (Token::check("OWNER_RECOVER_PW_FORM", $token)) { if ($iOwnerExists == 1) { // This assignment is used at owner_reset_password.php. $_SESSION['email'] = $SafeEmail; // Generates a temporary password. $Temp_PW = substr(md5(rand(999, 999999)), 0, 8); //Send temporary password via email. SendTemporaryPWNotice($SafeEmail, $Temp_PW); //Obtain a encryption and save it in the DB. $salt = salt(); #Hash a string that is comprised of password and salt and save it as a password. #This will create a second level of security. $hash = getHash($Temp_PW, $salt); // Update password_recover flag to 1. This tells that the user is going thru password recover phase. $mysqli->autocommit(FALSE); $UpdateSQL = "UPDATE `login_table`\r\n\t\t\t\t SET `password_recover` = 1,\r\n\t\t\t\t\t `salt` = '{$salt}', \r\n\t\t\t\t\t `password` = '{$hash}'\r\n\t\t\t\t WHERE `email_address` = '{$SafeEmail}'"; echo "You will receive a temporary password via email."; if (DEBUG) { echo $UpdateSQL; } if (!$mysqli->query($UpdateSQL)) { echo "CALL failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$mysqli->commit()) { $mysqli->rollback(); } //popup ( "You will receive a temporary password via email. Please login using this temporary password.", OWNER_LOGIN_PAGE ); } else {
$chars = array_merge(range('a', 'z'), range('A', 'Z'), [0, 1, 2, 3, 4, 5, 6, 7, 8, 9]); /* foreach (range(chr(192),chr(255)) as $v) $chars[] = iconv('CP1251','UTF-8',$v); */ $hashs = []; foreach ($fonts as $font) { foreach ($chars as $char) { $size = [6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 20, 22, 24]; foreach ($size as $s) { $im = imagecreatetruecolor(40, 40); $white = imagecolorallocate($im, 0xff, 0xff, 0xff); $black = imagecolorallocate($im, 0x0, 0x0, 0x0); imagefill($im, 0, 0, $white); //echo $fontDir . $font . "\n"; exit(); imagefttext($im, $s, 0, 5, 30, $black, $fontDir . $font, $char); $hash = getHash($im); $hashs[strlen($hash)][] = [$hash, $char]; //imagepng($im, './images/'.md5($font). '_' .$char. '_' . $s . '.png'); imagedestroy($im); } } } foreach ($hashs as $length => $data) { $file = './data/' . $length . '.json'; if (file_exists($file)) { $dataOld = json_decode(file_get_contents($file)); $data += $dataOld; } file_put_contents($file, json_encode($data)); }
/** * get the image data * * @return void * @private */ private function getImageData($getBinary = false) { $this->db->query('SELECT l.Name,c.Dat FROM ' . CONTENT_TABLE . ' c JOIN ' . LINK_TABLE . ' l ON c.ID=l.CID WHERE l.DID=' . intval($this->imageID) . ' AND l.DocumentTable="tblFile"'); while ($this->db->next_record()) { if ($this->db->f('Name') === 'origwidth') { $this->imageWidth = $this->db->f('Dat'); } else { if ($this->db->f('Name') === 'origheight') { $this->imageHeight = $this->db->f('Dat'); } } if ($this->db->f('Name') === 'xfocus') { $this->xfocus = $this->db->f('Dat'); } if ($this->db->f('Name') === 'yfocus') { $this->yfocus = $this->db->f('Dat'); } } $imgdat = getHash('SELECT ID,Filename,Extension,Path FROM ' . FILE_TABLE . ' WHERE ID=' . intval($this->imageID), $this->db); if (!$imgdat) { return false; } $this->imageFileName = $imgdat['Filename']; $this->imagePath = $imgdat['Path']; $this->imageExtension = $imgdat['Extension']; if ($getBinary) { $this->getBinaryData(); } return true; }
function loadArticleData() { global $config; if ($this->preview) { //get from db dbConnect(); $artData = new artEditorLib(); $artData->preview = true; $artData->preview = $this->preview; $artData->getArtFromDB($this->artId); $this->art = $artData->getArtString(); } else { $file = $config["articleVault"] . getHash($this->artId) . "/{$this->artId}.dat"; if ($page = getFile($file)) { $this->art = unserialize($page); //set stats $statLog["aid"] = $this->art["artId"]; $statLog["conf"] = $this->art["conference"]; } else { logit(REPORT, "Could not open article file {$file} (Refer: {$_SERVER["HTTP_REFERER"]})"); $error = true; } } //get images if (is_numeric($this->artId)) { $sql = "SELECT artId FROM articleImages WHERE artId = {$this->artId} "; if ($rc = dbQuery($sql)) { if ($rowImg = dbFetch($rc)) { $this->art["image"] = "/img_{$this->art["artId"]}.jpg"; } else { $this->art["image"] = ""; } } else { logit(WARN, " DB Error: {$sql} in " . __FILE__ . " on line: " . __LINE__); } //get Image, internal $sql = "SELECT artId FROM articleInternalImages WHERE artId = {$this->artId} "; if ($rc = dbQuery($sql)) { if ($rowImg = dbFetch($rc)) { $this->art["imageInternal"] = "/imgNews_{$this->art["artId"]}.jpg"; } else { $this->art["imageInternal"] = $this->art["image"]; //if no internal use hp } } else { logit(WARN, " DB Error: {$sql} in " . __FILE__ . " on line: " . __LINE__); } } else { $this->art["imageInternal"] = ""; $this->art["image"] = ""; } //get subtopic names /* if (is_array($this->art["subtopics"])) $sql="SELECT confId,confName FROM confNames WHERE confId IN (".implode(",",$this->art["subtopics"]).",{$this->art["conference"]}) "; else $sql="SELECT confId,confName FROM confNames WHERE confId ='{$this->art["conference"]}' "; */ //get all confs because the page now needs all of them $sql = "SELECT confId,confName FROM confNames"; if ($rc = dbQuery($sql)) { while ($row = dbFetch($rc)) { $this->confNames[$row["confId"]] = $row["confName"]; } } else { logit(WARN, " DB Error: {$sql} in " . __FILE__ . " on line: " . __LINE__); } //dumpVar($this->art); if ($this->preview) { $this->art["headline"] .= " (preview)"; } }
$SafeEmail = mysqli_real_escape_string($mysqli, $SafeEmail); //unset( $_SESSION['email'] ); $QueryResultSet = "SELECT count(*) AS row_exists, salt, password, id, email_active, email_code, password_recover\r\n\t\t\t\t\t\t\t\t FROM client_login_table\r\n\t\t\t\t\t\t\t\t WHERE email_address = '{$SafeEmail}'"; $objGetResult = $mysqli->query($QueryResultSet); #remember that even if there is no single row has returned, it will return an object which is non-zero. if ($objGetResult) { $anArray = $objGetResult->fetch_array(MYSQLI_ASSOC); $salt = stripslashes($anArray['salt']); $password = stripslashes($anArray['password']); $numof_rows = stripslashes($anArray['row_exists']); if ($numof_rows == 1) { $hash = getHash($Temp_PW, $salt); #Check if the hash value matches the hash value from the table. if ($hash === $password) { $salt = salt(); $hash = getHash($New_PW1, $salt); $mysqli->autocommit(FALSE); $UpdateSQL = "UPDATE `client_login_table`\r\n\t\t\t\t\t\t\t\t\t\t SET `password_recover` = 0, \r\n\t\t\t\t\t\t\t\t\t\t\t `password` = '{$hash}',\r\n\t\t\t\t\t\t\t\t\t\t\t `salt` = '{$salt}'\r\n\t\t\t\t\t\t\t\t\t\t WHERE email_address = '{$SafeEmail}'"; echo "You have successfully resetted your password."; //if( DEBUG ) //{ //echo $UpdateSQL; //} if (!$mysqli->query($UpdateSQL)) { echo "CALL failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$mysqli->commit()) { $mysqli->rollback(); } } else { echo "Temp password doesn't match. Please enter correct temp password.";