<?php require_once "query/message.php"; $DOJSS = $_COOKIE['DOJSS']; $opwd = safe($_POST['opwd']); $npwd = safe($_POST['npwd']); $user = checkDOJSS($DOJSS); if (!checkPwd($npwd)) { send(1, $err['invalidPwd']); } if ($user) { if (dc_decrypt($user->password, $key_pwd) != $opwd) { send(1, $err['wrongPwd']); } if ($opwd == $npwd) { send(2, $warning['samePwd']); } $uid = $user->id; $pwd_enc = dc_encrypt($npwd, $key_pwd); mysql_query("UPDATE `users` SET \n\t\t\t`password` = '{$pwd_enc}'\n\t\tWHERE `id` = {$uid} "); if (mysql_affected_rows()) { send(0, $tip['changedPwd'], "setTimeout(logout, 3000);"); } else { send(1, $err['notSaved']); } } else { send(1, $err['wrongDOJSS']); }
} else { if (getUserByName($name)) { $error = $err['sameName']; } else { if (getUserByEmail($mail)) { $error = $err['sameEmail']; } } } } } $kmail = checkKey($key); if ($kmail == $mail . '&') { $admin = 1; } else { if ($kmail == $mail) { $admin = 0; } else { $error = $err['invalidKey']; } } if (!isset($error)) { $pwd_enc = dc_encrypt($password, $key_pwd); mysql_query("INSERT INTO `users` (`name`,`mail`,`password`,`reg_time`,`admin`)\n\t\t\tVALUES ('{$name}','{$mail}','{$pwd_enc}',NOW(),{$admin})") or $error = $err['insertError']; } if (isset($error)) { require_once 'template/register.php'; } else { $hint = $tip['finishRegister']; require_once 'template/login.php'; }
function DOJSS($id, $pass) { global $key_log; $o = new stdClass(); $o->i = $id; $o->p = md5($pass); return dc_encrypt(json_encode($o), $key_log); }
<?php require_once 'query/message.php'; $DOJSS = $_COOKIE['DOJSS']; $user = checkDOJSS($DOJSS); $mail = $_GET['mail']; $admin = intval($_GET['admin']); if ($admin == 1) { $subfix = '&'; } else { $subfix = ''; } if ($user && $user->admin > 0) { send(0, dc_encrypt($mail . $subfix, $key_reg)); } else { send(1, $err['notAdmin']); }