$json = array('username' => $username, 'auth' => $authcode, 'dev' => "API test script", 'device' => "API device", 'mode' => "update", 'links' => array(array('id' => $links[0]), array('id' => $links[1], 'comments' => '123'), array('id' => $links[2], 'comments' => '321', 'both' => true), array('id' => $links[3]), array('id' => $links[4], 'comments' => '456')));
$res = json_decode(sendRequest(array('data' => json_encode($json))), true);
if (isset($res['success'])) {
echo "added links";
$success++;
} else {
echo "<h2>ERROR: " . json_encode($res, true) . "</h2>";
$error++;
}
echo "<br />";
//////////////////////////////////////
/////// CHECK LINKS
echo "<h3>checking links</h3>";
echo "checking 8 links for {$username}";
echo "<br />";
$json = array('username' => $username, 'auth' => $authcode, 'dev' => "API test script", 'device' => "API device", 'mode' => "read", 'links' => array(array('id' => $links[0]), array('id' => $links[1]), array('id' => $links[2]), array('id' => $links[3]), array('id' => $links[4]), array('id' => genrand()), array('id' => genrand()), array('id' => genrand())));
$res = json_decode(sendRequest(array('data' => json_encode($json))), true);
if (isset($res)) {
$worked = true;
$count = 0;
if (count($res) != 5) {
echo "<h2>ERROR: incorrect number of links found " . json_encode($res, true) . "</h2>";
$error++;
} else {
echo count($res) . " links found. ";
foreach ($res as $r) {
if ($links[0] == $r['id'] && $r['lastvisit'] > 0 && $r['commentvisit'] < 1) {
$count++;
}
if ($links[1] == $r['id'] && $r['lastvisit'] < 1 && $r['commentvisit'] > 0 && $r['comments'] == "123") {
$count++;
function addAuth($username, $userid, $device, $developer)
{
global $mysql;
$success = "";
$error = "";
$key = genrand();
$sql = "INSERT INTO `authcodes` (\n `id`,\n `userid`,\n `username`,\n `authhash`,\n `description`,\n `created`,\n `createdby`\n ) VALUES (\n NULL,\n '" . $mysql->real_escape_string($userid) . "',\n '" . $mysql->real_escape_string($username) . "',\n '" . $key . "',\n '" . $mysql->real_escape_string($device) . "',\n '" . time() . "',\n '" . $mysql->real_escape_string($developer) . "'\n )";
if ($res = $mysql->query($sql)) {
$success = $key;
} else {
$error = "database error";
}
return array("success" => $success, "error" => $error);
}
// though you can do this with most things
// a limit should probably be added
$error = "email not found";
}
}
}
}
if (isset($_GET['u']) && (int) $_GET['u'] > 0 && isset($_GET['t'])) {
$u = (int) $_GET['u'];
$sql = "SELECT * FROM `user`\n WHERE\n `id` = '" . $mysql->real_escape_string($u) . "'\n AND\n `resethash` = '" . $mysql->real_escape_string($_GET['t']) . "'\n AND\n `canreset` = '1'\n LIMIT 1";
$user = $mysql->query($sql);
$user = $user->fetch_assoc();
if ($user) {
$hideform = 1;
$user_id = $user['id'];
$generated_password = genrand() . genrand();
$hashset = create_hash($generated_password);
$pieces = explode(":", $hashset);
$salt = $pieces[2];
$hash = $pieces[3];
$sql = "\n UPDATE `user`\n SET\n `passhash` = '" . $mysql->real_escape_string($hash) . "',\n `salt` = '" . $mysql->real_escape_string($salt) . "',\n `canreset` = '0'\n WHERE\n `id` = '" . $mysql->real_escape_string($user_id) . "'\n LIMIT 1\n ";
$reset = $mysql->query($sql);
if ($reset) {
send_email($user['email'], "synccit password reset", "your password has been reset to, " . $generated_password . "\r\n\r\n\n\n try logging in with it");
$error = "new password has been emailed to you";
} else {
$error = "database error. sorry, try again";
}
} else {
$error = "wrong reset code. try resetting again";
}
$error = "updated successfully";
} else {
$error = "database error. try again";
}
} else {
$error = "incorrect password";
}
}
$links = $mysql->query("SELECT count(*) as `count` FROM `links` WHERE `userid` = '" . $mysql->real_escape_string($user->id) . "'");
$links = $links->fetch_assoc();
$links = $links['count'];
$devices = $mysql->query("SELECT count(*) as `count` FROM `authcodes` where `userid` = '" . $mysql->real_escape_string($user->id) . "'");
$devices = $devices->fetch_assoc();
$devices = $devices['count'];
htmlHeader("edit your profile - synccit - reddit history/link sync", $loggedin);
$_SESSION['temphash'] = hash("sha256", genrand());
?>
<div class="fourcol">
<p><h2>edit profile</h2></p>
</div>
<div class="fourcol">
<div class="">
<span class="error"><?php
echo $error;
?>
</span><br /><br />
<form action="<?php
echo PROFILEURL;
?>
" method="post" id="editprofile">
function addAuth($username, $password, $device, $developer)
{
global $mysql;
$success = "";
$error = "";
$key = genrand();
$userinfo = $mysql->query("SELECT * FROM `user` WHERE `username` = '" . $mysql->real_escape_string($username) . "' LIMIT 1");
if ($userinfo->num_rows > 0) {
$user = $userinfo->fetch_assoc();
$hash = $user["passhash"];
$salt = $user["salt"];
$hashset = "sha512:10000:" . $salt . ":" . $hash;
$result = validate_password($password, $hashset);
if ($result) {
$sql = "INSERT INTO `authcodes` (\n `id`,\n `userid`,\n `username`,\n `authhash`,\n `description`,\n `created`,\n `createdby`\n ) VALUES (\n NULL,\n '" . $mysql->real_escape_string($user["id"]) . "',\n '" . $mysql->real_escape_string($user["username"]) . "',\n '" . $key . "',\n '" . $mysql->real_escape_string($device) . "',\n '" . time() . "',\n '" . $mysql->real_escape_string($developer) . "'\n )";
if ($res = $mysql->query($sql)) {
$success = $key;
} else {
$error = "database error";
}
} else {
$error = "username or password incorrect";
}
} else {
$error = "user not found";
}
return array("success" => $success, "error" => $error);
}
