Beispiel #1
0
 protected function setUserPreferences()
 {
     $this->userdata = $this->users->getById($this->users->currentUserId());
     $this->userdata['categoryexclusions'] = $this->users->getCategoryExclusion($this->users->currentUserId());
     // Change to the user's selected theme, if they selected one, else use the admin set one.
     $this->theme = isset($this->userdata['style']) ? $this->userdata['style'] : 'None';
     if ($this->theme == 'None') {
         $this->theme = $this->settings->getSetting('site.main.style');
     }
     if (lcfirst($this->theme) === $this->theme) {
         // TODO add redirect to error page telling the user their theme name is invalid (after SQL patch to update current users is added).
         $this->theme = ucfirst($this->theme);
     }
     // Update last login every 15 mins.
     if (strtotime($this->userdata['now']) - 900 > strtotime($this->userdata['lastlogin'])) {
         $this->users->updateSiteAccessed($this->userdata['id']);
     }
     $this->smarty->assign('userdata', $this->userdata);
     $this->smarty->assign('loggedin', 'true');
     $sab = new SABnzbd($this);
     $this->smarty->assign('sabintegrated', $sab->integratedBool);
     if ($sab->integratedBool !== false && $sab->url != '' && $sab->apikey != '') {
         $this->smarty->assign('sabapikeytype', $sab->apikeytype);
     }
     switch ((int) $this->userdata['role']) {
         case Users::ROLE_ADMIN:
             $this->smarty->assign('isadmin', 'true');
             break;
         case Users::ROLE_MODERATOR:
             $this->smarty->assign('ismod', 'true');
     }
 }
Beispiel #2
0
if (!$cfg->isInitialized()) {
    header("Location: index.php");
    die;
}
$cfg = $cfg->getSession();
if ($page->isPostBack()) {
    $cfg->doCheck = true;
    $cfg->ADMIN_USER = trim($_POST['user']);
    $cfg->ADMIN_FNAME = trim($_POST['fname']);
    $cfg->ADMIN_LNAME = trim($_POST['lname']);
    $cfg->ADMIN_PASS = trim($_POST['pass']);
    $cfg->ADMIN_EMAIL = trim($_POST['email']);
    if ($cfg->ADMIN_USER == '' || $cfg->ADMIN_PASS == '' || $cfg->ADMIN_EMAIL == '') {
        $cfg->error = true;
    } else {
        $user = new Users();
        if (!$user->isValidUsername($cfg->ADMIN_USER)) {
            $cfg->error = true;
            $cfg->ADMIN_USER = '';
        } else {
            $usrCheck = $user->getByUsername($cfg->ADMIN_USER);
            if ($usrCheck) {
                $cfg->error = true;
                $cfg->ADMIN_USER = '';
            }
        }
        if (!$user->isValidEmail($cfg->ADMIN_EMAIL)) {
            $cfg->error = true;
            $cfg->ADMIN_EMAIL = '';
        }
        if (!$cfg->error) {
Beispiel #3
0
 * Hopefully that will allow admin access to fix any further problems.
 */
require_once dirname(__FILE__) . '/../../../www/config.php';
use nzedb\Users;
use nzedb\db\Settings;
$pdo = new Settings();
if ($argc < 3) {
    exit($pdo->log->error('Not enough parameters!' . PHP_EOL . 'Argument 1: New password.' . PHP_EOL . 'Argument 2: ID or username of the user.' . PHP_EOL));
}
$password = $argv[1];
$identifier = $argv[2];
if (is_numeric($password)) {
    exit($pdo->log->error('Password cannot be numbers only!'));
}
$field = is_numeric($identifier) ? 'id' : 'username';
$user = $pdo->queryOneRow(sprintf("SELECT id, username FROM users WHERE %s = %s", $field, is_numeric($identifier) ? $identifier : $pdo->escapeString($identifier)));
if ($user !== false) {
    $users = new Users(['Settings' => $pdo]);
    $hash = $users->hashPassword($password);
    $result = false;
    if ($hash !== false) {
        $hash = $pdo->queryExec(sprintf('UPDATE users SET password = %s WHERE id = %d', $hash, $user['id']));
    }
    if ($result === false || $hash === false) {
        echo $pdo->log->error('An error occured during update attempt.' . PHP_EOL . $pdo->errorInfo());
    } else {
        echo $pdo->log->headerOver("Updated {$user['username']}'s password hash to: ") . $pdo->log->primary("{$hash}");
    }
} else {
    echo $pdo->log->error("Unable to find {$field} '{$identifier}' in the users. Cannot change password.");
}
secure (a user's email addresses may be known to other users). If you only have
a few users then run setUsersPasswordHash.php for each of them instead.
WARNING;
$usage = "\nUsage: php {$argv[0]} <IUnderStandTheRisks>";
echo $colorCLI->warning($warning);
if ($argc != 2) {
    exit($colorCLI->error("\nWrong number of parameters{$usage}"));
} else {
    if ($argv[1] !== 1 && $argv[1] != '<IUnderStandTheRisks>' && $argv[1] != 'IUnderStandTheRisks' && $argv[1] != 'true') {
        exit($colorCLI->error("\nInvalid parameter(s){$usage}"));
    }
}
$pdo = new Settings();
$users = $pdo->query("SELECT id, username, email, password FROM users");
$update = $pdo->Prepare('UPDATE users SET password = :password WHERE id = :id');
$Users = new Users(['Settings' => $pdo]);
foreach ($users as $user) {
    if (needUpdate($user)) {
        $hash = $Users->hashPassword($user['email']);
        if ($hash !== false) {
            $update->execute([':password' => $hash, ':id' => $user['id']]);
            echo $colorCLI->primary('Updating hash for user:'******'username'];
        } else {
            echo $colorCLI->error('Error updating hash for user:'******'username'];
        }
    }
}
function needUpdate($user)
{
    global $colorCLI;
    $status = true;
Beispiel #5
0
 /**
  * Set up session / smarty / user variables.
  */
 public function __construct()
 {
     $this->https = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? true : false;
     session_set_cookie_params(0, '/', '', $this->https, true);
     @session_start();
     if (nZEDb_FLOOD_CHECK) {
         $this->floodCheck();
     }
     if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc() || ini_get('magic_quotes_sybase')) {
         $this->stripSlashes($_GET);
         $this->stripSlashes($_POST);
         $this->stripSlashes($_REQUEST);
         $this->stripSlashes($_COOKIE);
     }
     // Buffer settings/DB connection.
     $this->settings = new Settings();
     $this->smarty = new Smarty();
     $this->smarty->setTemplateDir(array('user_frontend' => nZEDb_WWW . 'themes/' . $this->settings->getSetting('style') . '/templates/frontend', 'frontend' => nZEDb_WWW . 'themes/Default/templates/frontend'));
     $this->smarty->setCompileDir(SMARTY_DIR . 'templates_c/');
     $this->smarty->setConfigDir(SMARTY_DIR . 'configs/');
     $this->smarty->setCacheDir(SMARTY_DIR . 'cache/');
     $this->smarty->error_reporting = nZEDb_DEBUG ? E_ALL : E_ALL - E_NOTICE;
     if (isset($_SERVER['SERVER_NAME'])) {
         $this->serverurl = ($this->https === true ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . ($_SERVER['SERVER_PORT'] != '80' && $_SERVER['SERVER_PORT'] != '443' ? ':' . $_SERVER['SERVER_PORT'] : '') . WWW_TOP . '/';
         $this->smarty->assign('serverroot', $this->serverurl);
     }
     $this->page = isset($_GET['page']) ? $_GET['page'] : 'content';
     $this->users = new Users(['Settings' => $this->settings]);
     if ($this->users->isLoggedIn()) {
         $this->userdata = $this->users->getById($this->users->currentUserId());
         $this->userdata['categoryexclusions'] = $this->users->getCategoryExclusion($this->users->currentUserId());
         // Change the theme to user's selected theme if they selected one, else use the admin one.
         if (isset($this->userdata['style']) && $this->userdata['style'] !== 'None') {
             $this->smarty->setTemplateDir(array('user_frontend' => nZEDb_WWW . 'themes/' . $this->userdata['style'] . '/templates/frontend', 'frontend' => nZEDb_WWW . 'themes/Default/templates/frontend'));
         }
         // Update last login every 15 mins.
         if (strtotime($this->userdata['now']) - 900 > strtotime($this->userdata['lastlogin'])) {
             $this->users->updateSiteAccessed($this->userdata['id']);
         }
         $this->smarty->assign('userdata', $this->userdata);
         $this->smarty->assign('loggedin', 'true');
         $sab = new SABnzbd($this);
         $this->smarty->assign('sabintegrated', $sab->integratedBool);
         if ($sab->integratedBool !== false && $sab->url != '' && $sab->apikey != '') {
             $this->smarty->assign('sabapikeytype', $sab->apikeytype);
         }
         switch ((int) $this->userdata['role']) {
             case Users::ROLE_ADMIN:
                 $this->smarty->assign('isadmin', 'true');
                 break;
             case Users::ROLE_MODERATOR:
                 $this->smarty->assign('ismod', 'true');
         }
     } else {
         $this->smarty->assign('isadmin', 'false');
         $this->smarty->assign('ismod', 'false');
         $this->smarty->assign('loggedin', 'false');
     }
     $this->smarty->assign('site', $this->settings);
     $this->smarty->assign('page', $this);
 }