/**
* This function will set the users cookie login ID in a secure cookie and hashes
* @author Sam Mottley (smottley@zpanelcp.com)
* @return boolean.
*/
public static function setCookie()
{
$random = runtime_randomstring::randomHash(100);
if (isset($_SESSION['zUserSalt']) && isset($_COOKIE['zUserSaltCookie']) && $_COOKIE['zUserSaltCookie'] == $_SESSION['zUserSalt']) {
//already set
} else {
$_SESSION['zUserSalt'] = $random;
setcookie("zUserSaltCookie", $random, time() + 60 * 60 * 24 * 30, "/");
}
return true;
}
ctrl_auth::KillSession();
ctrl_auth::KillCookies();
header("location: ./?loggedout");
exit;
}
if (isset($_GET['returnsession'])) {
if (isset($_SESSION['ruid'])) {
ctrl_auth::SetUserSession($_SESSION['ruid'], runtime_sessionsecurity::getSessionSecurityEnabled());
$_SESSION['ruid'] = null;
}
header("location: ./");
exit;
}
if (isset($_POST['inForgotPassword'])) {
runtime_csfr::Protect();
$randomkey = runtime_randomstring::randomHash();
$forgotPass = runtime_xss::xssClean($_POST['inForgotPassword']);
$sth = $zdbh->prepare("SELECT ac_id_pk, ac_user_vc, ac_email_vc FROM x_accounts WHERE ac_email_vc = :forgotPass");
$sth->bindParam(':forgotPass', $forgotPass);
$sth->execute();
$rows = $sth->fetchAll();
if ($rows) {
$result = $rows['0'];
$zdbh->exec("UPDATE x_accounts SET ac_resethash_tx = '" . $randomkey . "' WHERE ac_id_pk=" . $result['ac_id_pk'] . "");
if (isset($_SERVER['HTTPS'])) {
$protocol = 'https://';
} else {
$protocol = 'http://';
}
$phpmailer = new sys_email();
$phpmailer->Subject = "Hosting Panel Password Reset";
/**
* Generates a new CSFR token.
* @author Bobby Allen (ballen@bobbyallen.me)
* @return bool
*/
static function Tokeniser()
{
$_SESSION['zpcsfr'] = runtime_randomstring::randomHash();
return true;
}
