Example #1
0
 public function updItem($data)
 {
     $id = NULL;
     if (array_key_exists($this->pk_name, $data)) {
         $id = $data[$this->pk_name];
     }
     $postfields = array('username', 'password', 'confirmpassword', 'name', 'email');
     // set the data into a query to update the record
     $db = $this->getDbo();
     $query = $db->getQuery(true);
     $query->clear();
     $query2 = $db->getQuery(true);
     $query->clear();
     if ($id) {
         $query->update($this->table_name);
         $query->where($this->pk_name . ' = ' . (int) $id);
         $query2->update('#__users');
         $query2->where('id = ' . (int) $id);
     } else {
         $data['id'] = createJoomlaUser($data);
         $query->insert($this->table_name);
     }
     $data = $this->makeDataConversions($data);
     foreach ($data as $k => $v) {
         if (in_array($k, $postfields)) {
             if ($k == 'confirmpassword') {
                 continue;
             }
             if ($id) {
                 if ($k == 'password') {
                     if (!$v) {
                         continue;
                     }
                     $v = getCryptedPassword($v);
                 }
                 $query2->set($db->NameQuote($k) . ' = ' . $db->Quote($v));
             }
             continue;
         }
         $query->set($db->NameQuote($k) . ' = ' . $db->Quote($v));
     }
     $db->setQuery((string) $query);
     if (!$db->query()) {
         JError::raiseError(500, $db->getErrorMsg());
         return false;
     }
     if ($id) {
         $db->setQuery((string) $query2);
         if (!$db->query()) {
             JError::raiseError(500, $db->getErrorMsg());
             return false;
         }
     }
     return true;
 }
function decryptionDemo($encrypted_password, $test_password)
{
    /* this return an array of encrypted password and salt as we appended        
       using delimiter “:” during encryption process */
    $parts = explode(':', $encrypted_password);
    //encrypted password at index 0
    $crypt = $parts[0];
    //salt at index 1
    $salt = @$parts[1];
    //this function encypt your password
    $testcrypt = getCryptedPassword($test_password, $salt);
    if ($crypt == $testcrypt) {
        //password match
        return true;
    } else {
        return false;
    }
}
function register_save()
{
    $password = $_REQUEST['password'];
    $name = $_REQUEST['name'];
    $username = $_REQUEST['username'];
    $email = $_REQUEST['email'];
    $gender = $_REQUEST['gender'];
    $age = $_REQUEST['age'];
    $query = $_DB->Query("select * from jos_users where username='******'");
    //and from_mobile_id='$from_mobile_id'");
    $count = $_DB->GetResultNumber($query);
    //  $res = mysql_query($query);
    if ($count > 0) {
        $dataDB['Result']['Data'][0] = array('Status' => "Username Already Exist");
        echo json_encode($dataDB);
    } else {
        $salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
        $len = strlen($salt);
        $makepass = '';
        $length = 32;
        $stat = @stat(__FILE__);
        if (empty($stat) || !is_array($stat)) {
            $stat = array(php_uname());
        }
        mt_srand(crc32(microtime() . implode('|', $stat)));
        for ($i = 0; $i < $length; $i++) {
            $makepass .= $salt[mt_rand(0, $len - 1)];
        }
        $salt = $makepass;
        $crypt = getCryptedPassword($password, $salt);
        $array['password'] = $crypt . ':' . $salt;
        $password = $array['password'];
        $act = gethash(genAct());
        $reg_date = date('Y-m-d H:i:s');
        $sql = $_DB->Execute("INSERT INTO jos_users(name,username,email,password,usertype,block,sendEmail,gid,registerDate,activation) VALUES ('{$name}','{$username}','{$email}','{$password}','Registered','0','0','18','{$reg_date}','{$act}')");
        //mysql_query($sql);
        //echo $sql."jhkjhjk";
        $sql = $_DB->Query("SELECT * FROM jos_users WHERE username = '******'");
        //$uid = mysql_query($sql);
        $user_id = $_DB->GetResultValue($sql, 0, 'id');
        $gid = $_DB->GetResultValue($sql, 0, 'gid');
        /*while ($row = mysql_fetch_assoc($uid)) {
        		    $user_id = $row['id'];
        		    $gid = $row['gid'];
        		}*/
        $query = $_DB->Query("INSERT INTO jos_core_acl_aro(section_value,value,order_value,name,hidden) VALUES ('users','{$user_id}','0','{$name}','0')");
        //mysql_query($query);
        $sql = $_DB->Query("SELECT * FROM jos_core_acl_aro WHERE value = {$user_id}");
        //$aro = mysql_query($sql);
        $aid = $_DB->GetResultValue($sql, 0, 'id');
        /*while ($row = mysql_fetch_assoc($aro)) {
        		    $aid = $row['id'];
        		}*/
        $query = $_DB->Execute("INSERT INTO jos_core_acl_groups_aro_map(group_id,section_value,aro_id) VALUES ('{$gid}','','{$aid}')");
        //mysql_query($query);
        $query = $_DB->Execute("INSERT INTO user_profile(gender,age,user_id) VALUES ('{$gender}','{$age}','{$user_id}')");
        //mysql_query($query);
        $count = $_DB->GetResultNumber($query);
        //if(mysql_affected_rows()>0)
        if ($count > 0) {
            $dataDB['Result']['Data'][0] = array('Status' => "Registered Successfully");
            echo json_encode($dataDB);
        } else {
            $dataDB['Result']['Data'][0] = array('Status' => "Registration Failed");
            echo json_encode($dataDB);
        }
    }
}
Example #4
0
function WriteAdmin($uid, $database)
{
    $user = new user($uid);
    $salt = genRandomPassword(32);
    $crypt = getCryptedPassword($user->password, $salt);
    $cryptpass = $crypt . ':' . $salt;
    $nullDate = null;
    $installdate = date('Y-m-d H:i:s');
    $q = new mysql();
    $sql = "SELECT gid FROM jos_users WHERE id=62";
    $ligne = @mysql_fetch_array($q->QUERY_SQL($sql, 'artica_backup'));
    if ($ligne["gid"] == 0) {
        $query = "INSERT INTO jos_users VALUES (62, 'Administrator', '{$user->uid}', '{$user->mail}', '{$cryptpass}', 'Super Administrator', 0, 1, 25, '{$installdate}', '{$nullDate}', '', '')";
        $q->QUERY_SQL($query, $database);
        if (!$q->ok) {
            write_events("set admin/password failed...");
        }
        $query = "INSERT INTO jos_core_acl_aro VALUES (10,'users','62',0,'Administrator',0)";
        $q->QUERY_SQL($query, $database);
        if (!$q->ok) {
            write_events("set admin/password failed...");
        }
        $query = "INSERT INTO jos_core_acl_groups_aro_map VALUES (25,'',10)";
        $q->QUERY_SQL($query, $database);
        if (!$q->ok) {
            write_events("set admin/password failed...");
        }
    } else {
        write_events("updating {$uid}/password...");
        $sql = "UPDATE jos_users SET password='******' WHERE id=62";
        $q->QUERY_SQL($query, $database);
        if (!$q->ok) {
            write_events("set admin/password failed...");
        }
    }
}
 <?php 
ob_start();
error_reporting(0);
include_once 'config.php';
$mode = $_REQUEST['mode'];
$serverurl = $_SERVER['HTTP_HOST'];
if ($mode == "setpassword") {
    $userid = $_REQUEST['userid'];
    $userpassword = $_REQUEST['newpassword'];
    $result = array();
    // Generate the new password hash.
    $salt = genRandomPassword(32);
    $crypted = getCryptedPassword($userpassword, $salt);
    $password = $crypted . ':' . $salt;
    $hashparts = explode(':', $password);
    if (mysql_query("UPDATE " . $prefix . "users set password = '******',activation='' where id = '{$userid}' ")) {
        //header('Content-Type: application/json');
        $result['valid'] = '1';
        // Invalid Token
        echo json_encode($result);
        //echo"1";// Invalid Token
    } else {
        //header('Content-Type: application/json');
        $result['invalid'] = '0';
        // Invalid Token
        echo json_encode($result);
    }
} elseif ($mode == "verifytoken") {
    $username = $_REQUEST['username'];
    $token = $_REQUEST['token'];
    $result = array();
Example #6
0
function createJoomlaUser($data)
{
    $user =& JFactory::getUser();
    $uid = $user->get('id');
    $custumgroupparentids = "";
    // Initialize variable
    $normalgroupids = "";
    // Initialize variable
    $normalgroupidsstring = "";
    // Initialize variable
    $custumgroupparentidsstring = "";
    // Initialize variable
    $usergroups = $user->getAuthorisedGroups();
    // get all usergroups for this user
    foreach ($usergroups as $usergroup) {
        // For each usergroup do something
        if ($usergroup > "8") {
            // If the usergroup ID is higher then 8 and therefore is a custum usergroup
            $result = get_parent_id($usergroup);
            // If the resulting parent_id is also a custom usergroup
            while ($result > 8) {
                // Loop to get parent_id untill we find a parent id of the standard joomla usergroups
                $result = get_parent_id($result);
            }
            $custumgroupparentidsstring .= $result . ",";
            // Make comma seperated string out of results
        } else {
            // Else of: if($usergroup > "8") { - (usergroup is not higher then 8 and therefore is a 'normal' usergroup)
            $normalgroupidsstring .= $usergroup . ",";
            // Make comma seperated string out of results
        }
    }
    // END - (foreach ($usergroups as $usergroup) { - For each usergroup do something)
    $custumgroupparentidsstring = substr($custumgroupparentidsstring, 0, -1);
    // Delete not needed comma's
    $custumgroupparentids = explode(",", $custumgroupparentidsstring);
    // Explode comma seperated string to array
    $normalgroupidsstring = substr($normalgroupidsstring, 0, -1);
    // Delete not needed comma's
    $normalgroupids = explode(",", $normalgroupidsstring);
    // Explode comma seperated string to array
    $allgroupids = array_merge($custumgroupparentids, $normalgroupids);
    // Merge the 2 arrays
    $allgroupids = array_unique($allgroupids);
    // Remove duplicate value's from array
    sort($allgroupids, SORT_NUMERIC);
    // Sort all groups numeric
    $highestgroup = max($allgroupids);
    // Get highest groupid or parent groupid
    $groupid = $highestgroup;
    $showpass = $data['password'];
    $password = getCryptedPassword($showpass, $salt = '', $encryption = 'md5-hex', $show_encrypt = false);
    $name = $data['name'];
    # |  3 |         2 |   3 |   8 | Reseller      |
    # |  4 |         3 |   4 |   7 | Company       |
    # | 16 |         4 |   5 |   6 | Group         |
    # (1, 'Reseller'),
    # (2, 'Group'),
    # (3, 'Company'),
    switch ($data['entity_type']) {
        case 1:
            # Reseller
            $usertype = 3;
            $usertypename = 'Reseller';
            break;
        case 2:
            # Company
            $usertype = 4;
            $usertypename = 'Company';
            break;
        case 3:
            # Group
            $usertype = 16;
            $usertypename = 'Group';
            break;
    }
    $group = $usertype;
    if ($group > 8) {
        $parentgrouporgroup = get_parent_id($group);
        while ($parentgrouporgroup > 8) {
            // Loop to get parent_id untill we find a parent_id of the standard joomla usergroups
            $parentgrouporgroup = get_parent_id($parentgrouporgroup);
        }
    } else {
        $parentgrouporgroup = $group;
    }
    $username = clean_now($data['username']);
    $db =& JFactory::getDBO();
    $query = "SELECT " . $db->nameQuote('title') . " FROM " . $db->nameQuote('#__usergroups') . " WHERE id = " . $db->quote($usertype) . "";
    $db->setQuery($query);
    $usertypename = $db->loadResult();
    if ($usertypename == "") {
        die("user group id not found in db");
    }
    $sql = "SELECT COUNT(*) " . $db->nameQuote('username') . " FROM " . $db->nameQuote('#__users') . " WHERE " . $db->nameQuote('username') . " = " . $db->quote($username) . "";
    $db->setQuery($sql);
    $num_rows = $db->loadResult();
    if ($num_rows != 0) {
        die("user name taken");
    }
    $email = trim($data['email']);
    $sql = "SELECT COUNT(*) " . $db->nameQuote('email') . " FROM " . $db->nameQuote('#__users') . " WHERE " . $db->nameQuote('email') . " = " . $db->quote($email) . "";
    $db->setQuery($sql);
    $num_rows = $db->loadResult();
    if ($num_rows == 0) {
        //die("email already in use");
    }
    $block = '0';
    $sendmail = '0';
    $sql1 = "INSERT INTO " . $db->nameQuote('#__users') . " SET\n    " . $db->nameQuote('name') . "            = " . $db->quote($name) . ",\n    " . $db->nameQuote('username') . "        = " . $db->quote($username) . ",\n    " . $db->nameQuote('email') . "           = " . $db->quote($email) . ",\n    " . $db->nameQuote('password') . "        = " . $db->quote($password) . ",\n    " . $db->nameQuote('usertype') . "        = " . $db->quote($usertypename) . ",\n    " . $db->nameQuote('block') . "           = " . $db->quote($block) . ",\n    " . $db->nameQuote('sendEmail') . "       = " . $db->quote($sendmail) . ",\n    " . $db->nameQuote('registerDate') . "    = NOW(),\n    " . $db->nameQuote('lastvisitDate') . "   = " . $db->quote('0000-00-00 00:00:00') . ",\n    " . $db->nameQuote('activation') . "      = '',\n    " . $db->nameQuote('params') . "          = ''\n    ";
    $db->setQuery($sql1);
    $db->query();
    $user_id = $db->insertid();
    $sql2 = "INSERT INTO " . $db->nameQuote('#__user_usergroup_map') . " SET\n    " . $db->nameQuote('group_id') . "        = " . $db->quote($usertype) . ",\n    " . $db->nameQuote('user_id') . "         = " . $db->quote($user_id) . "\n    ";
    $db->setQuery($sql2);
    $db->query();
    $config =& JFactory::getConfig();
    $fromname = $config->getValue('config.fromname');
    $from = $config->getValue('config.mailfrom');
    $recipient = $email;
    $subject = "Your user details for " . $_SERVER['HTTP_HOST'];
    $body = <<<BODY
You have been added as a User to __HTTP_HOST__.
<br><br>
This e-mail contains your username and password to log in to __HTTP_HOST__.
<br><br>
Username: __USERNAME__
<br>
Password: __PASSWORD__
<br><br>
Please do not respond to this message as it is automatically generated
and is for information purposes only.
BODY;
    $body = str_replace('__HTTP_HOST__', $_SERVER['HTTP_HOST'], $body);
    $body = str_replace('__USERNAME__', $username, $body);
    $body = str_replace('__PASSWORD__', $showpass, $body);
    JUtility::sendMail($from, $fromname, $recipient, $subject, $body, $mode = 1, $cc = null, $bcc = null, $attachment = null, $replyto = null, $replytoname = null);
    $recipient = $from;
    $subject = "A new user has been added to " . $_SERVER['HTTP_HOST'] . "";
    $body = "A new user has been added to " . $_SERVER['HTTP_HOST'] . ". This is a copy off the email notification that this user received:<br>" . $body;
    JUtility::sendMail($from, $fromname, $recipient, $subject, $body, $mode = 1, $cc = null, $bcc = null, $attachment, $replyto = null, $replytoname = null);
    return $user_id;
}