public function updItem($data) { $id = NULL; if (array_key_exists($this->pk_name, $data)) { $id = $data[$this->pk_name]; } $postfields = array('username', 'password', 'confirmpassword', 'name', 'email'); // set the data into a query to update the record $db = $this->getDbo(); $query = $db->getQuery(true); $query->clear(); $query2 = $db->getQuery(true); $query->clear(); if ($id) { $query->update($this->table_name); $query->where($this->pk_name . ' = ' . (int) $id); $query2->update('#__users'); $query2->where('id = ' . (int) $id); } else { $data['id'] = createJoomlaUser($data); $query->insert($this->table_name); } $data = $this->makeDataConversions($data); foreach ($data as $k => $v) { if (in_array($k, $postfields)) { if ($k == 'confirmpassword') { continue; } if ($id) { if ($k == 'password') { if (!$v) { continue; } $v = getCryptedPassword($v); } $query2->set($db->NameQuote($k) . ' = ' . $db->Quote($v)); } continue; } $query->set($db->NameQuote($k) . ' = ' . $db->Quote($v)); } $db->setQuery((string) $query); if (!$db->query()) { JError::raiseError(500, $db->getErrorMsg()); return false; } if ($id) { $db->setQuery((string) $query2); if (!$db->query()) { JError::raiseError(500, $db->getErrorMsg()); return false; } } return true; }
function decryptionDemo($encrypted_password, $test_password) { /* this return an array of encrypted password and salt as we appended using delimiter “:” during encryption process */ $parts = explode(':', $encrypted_password); //encrypted password at index 0 $crypt = $parts[0]; //salt at index 1 $salt = @$parts[1]; //this function encypt your password $testcrypt = getCryptedPassword($test_password, $salt); if ($crypt == $testcrypt) { //password match return true; } else { return false; } }
function register_save() { $password = $_REQUEST['password']; $name = $_REQUEST['name']; $username = $_REQUEST['username']; $email = $_REQUEST['email']; $gender = $_REQUEST['gender']; $age = $_REQUEST['age']; $query = $_DB->Query("select * from jos_users where username='******'"); //and from_mobile_id='$from_mobile_id'"); $count = $_DB->GetResultNumber($query); // $res = mysql_query($query); if ($count > 0) { $dataDB['Result']['Data'][0] = array('Status' => "Username Already Exist"); echo json_encode($dataDB); } else { $salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $len = strlen($salt); $makepass = ''; $length = 32; $stat = @stat(__FILE__); if (empty($stat) || !is_array($stat)) { $stat = array(php_uname()); } mt_srand(crc32(microtime() . implode('|', $stat))); for ($i = 0; $i < $length; $i++) { $makepass .= $salt[mt_rand(0, $len - 1)]; } $salt = $makepass; $crypt = getCryptedPassword($password, $salt); $array['password'] = $crypt . ':' . $salt; $password = $array['password']; $act = gethash(genAct()); $reg_date = date('Y-m-d H:i:s'); $sql = $_DB->Execute("INSERT INTO jos_users(name,username,email,password,usertype,block,sendEmail,gid,registerDate,activation) VALUES ('{$name}','{$username}','{$email}','{$password}','Registered','0','0','18','{$reg_date}','{$act}')"); //mysql_query($sql); //echo $sql."jhkjhjk"; $sql = $_DB->Query("SELECT * FROM jos_users WHERE username = '******'"); //$uid = mysql_query($sql); $user_id = $_DB->GetResultValue($sql, 0, 'id'); $gid = $_DB->GetResultValue($sql, 0, 'gid'); /*while ($row = mysql_fetch_assoc($uid)) { $user_id = $row['id']; $gid = $row['gid']; }*/ $query = $_DB->Query("INSERT INTO jos_core_acl_aro(section_value,value,order_value,name,hidden) VALUES ('users','{$user_id}','0','{$name}','0')"); //mysql_query($query); $sql = $_DB->Query("SELECT * FROM jos_core_acl_aro WHERE value = {$user_id}"); //$aro = mysql_query($sql); $aid = $_DB->GetResultValue($sql, 0, 'id'); /*while ($row = mysql_fetch_assoc($aro)) { $aid = $row['id']; }*/ $query = $_DB->Execute("INSERT INTO jos_core_acl_groups_aro_map(group_id,section_value,aro_id) VALUES ('{$gid}','','{$aid}')"); //mysql_query($query); $query = $_DB->Execute("INSERT INTO user_profile(gender,age,user_id) VALUES ('{$gender}','{$age}','{$user_id}')"); //mysql_query($query); $count = $_DB->GetResultNumber($query); //if(mysql_affected_rows()>0) if ($count > 0) { $dataDB['Result']['Data'][0] = array('Status' => "Registered Successfully"); echo json_encode($dataDB); } else { $dataDB['Result']['Data'][0] = array('Status' => "Registration Failed"); echo json_encode($dataDB); } } }
function WriteAdmin($uid, $database) { $user = new user($uid); $salt = genRandomPassword(32); $crypt = getCryptedPassword($user->password, $salt); $cryptpass = $crypt . ':' . $salt; $nullDate = null; $installdate = date('Y-m-d H:i:s'); $q = new mysql(); $sql = "SELECT gid FROM jos_users WHERE id=62"; $ligne = @mysql_fetch_array($q->QUERY_SQL($sql, 'artica_backup')); if ($ligne["gid"] == 0) { $query = "INSERT INTO jos_users VALUES (62, 'Administrator', '{$user->uid}', '{$user->mail}', '{$cryptpass}', 'Super Administrator', 0, 1, 25, '{$installdate}', '{$nullDate}', '', '')"; $q->QUERY_SQL($query, $database); if (!$q->ok) { write_events("set admin/password failed..."); } $query = "INSERT INTO jos_core_acl_aro VALUES (10,'users','62',0,'Administrator',0)"; $q->QUERY_SQL($query, $database); if (!$q->ok) { write_events("set admin/password failed..."); } $query = "INSERT INTO jos_core_acl_groups_aro_map VALUES (25,'',10)"; $q->QUERY_SQL($query, $database); if (!$q->ok) { write_events("set admin/password failed..."); } } else { write_events("updating {$uid}/password..."); $sql = "UPDATE jos_users SET password='******' WHERE id=62"; $q->QUERY_SQL($query, $database); if (!$q->ok) { write_events("set admin/password failed..."); } } }
<?php ob_start(); error_reporting(0); include_once 'config.php'; $mode = $_REQUEST['mode']; $serverurl = $_SERVER['HTTP_HOST']; if ($mode == "setpassword") { $userid = $_REQUEST['userid']; $userpassword = $_REQUEST['newpassword']; $result = array(); // Generate the new password hash. $salt = genRandomPassword(32); $crypted = getCryptedPassword($userpassword, $salt); $password = $crypted . ':' . $salt; $hashparts = explode(':', $password); if (mysql_query("UPDATE " . $prefix . "users set password = '******',activation='' where id = '{$userid}' ")) { //header('Content-Type: application/json'); $result['valid'] = '1'; // Invalid Token echo json_encode($result); //echo"1";// Invalid Token } else { //header('Content-Type: application/json'); $result['invalid'] = '0'; // Invalid Token echo json_encode($result); } } elseif ($mode == "verifytoken") { $username = $_REQUEST['username']; $token = $_REQUEST['token']; $result = array();
function createJoomlaUser($data) { $user =& JFactory::getUser(); $uid = $user->get('id'); $custumgroupparentids = ""; // Initialize variable $normalgroupids = ""; // Initialize variable $normalgroupidsstring = ""; // Initialize variable $custumgroupparentidsstring = ""; // Initialize variable $usergroups = $user->getAuthorisedGroups(); // get all usergroups for this user foreach ($usergroups as $usergroup) { // For each usergroup do something if ($usergroup > "8") { // If the usergroup ID is higher then 8 and therefore is a custum usergroup $result = get_parent_id($usergroup); // If the resulting parent_id is also a custom usergroup while ($result > 8) { // Loop to get parent_id untill we find a parent id of the standard joomla usergroups $result = get_parent_id($result); } $custumgroupparentidsstring .= $result . ","; // Make comma seperated string out of results } else { // Else of: if($usergroup > "8") { - (usergroup is not higher then 8 and therefore is a 'normal' usergroup) $normalgroupidsstring .= $usergroup . ","; // Make comma seperated string out of results } } // END - (foreach ($usergroups as $usergroup) { - For each usergroup do something) $custumgroupparentidsstring = substr($custumgroupparentidsstring, 0, -1); // Delete not needed comma's $custumgroupparentids = explode(",", $custumgroupparentidsstring); // Explode comma seperated string to array $normalgroupidsstring = substr($normalgroupidsstring, 0, -1); // Delete not needed comma's $normalgroupids = explode(",", $normalgroupidsstring); // Explode comma seperated string to array $allgroupids = array_merge($custumgroupparentids, $normalgroupids); // Merge the 2 arrays $allgroupids = array_unique($allgroupids); // Remove duplicate value's from array sort($allgroupids, SORT_NUMERIC); // Sort all groups numeric $highestgroup = max($allgroupids); // Get highest groupid or parent groupid $groupid = $highestgroup; $showpass = $data['password']; $password = getCryptedPassword($showpass, $salt = '', $encryption = 'md5-hex', $show_encrypt = false); $name = $data['name']; # | 3 | 2 | 3 | 8 | Reseller | # | 4 | 3 | 4 | 7 | Company | # | 16 | 4 | 5 | 6 | Group | # (1, 'Reseller'), # (2, 'Group'), # (3, 'Company'), switch ($data['entity_type']) { case 1: # Reseller $usertype = 3; $usertypename = 'Reseller'; break; case 2: # Company $usertype = 4; $usertypename = 'Company'; break; case 3: # Group $usertype = 16; $usertypename = 'Group'; break; } $group = $usertype; if ($group > 8) { $parentgrouporgroup = get_parent_id($group); while ($parentgrouporgroup > 8) { // Loop to get parent_id untill we find a parent_id of the standard joomla usergroups $parentgrouporgroup = get_parent_id($parentgrouporgroup); } } else { $parentgrouporgroup = $group; } $username = clean_now($data['username']); $db =& JFactory::getDBO(); $query = "SELECT " . $db->nameQuote('title') . " FROM " . $db->nameQuote('#__usergroups') . " WHERE id = " . $db->quote($usertype) . ""; $db->setQuery($query); $usertypename = $db->loadResult(); if ($usertypename == "") { die("user group id not found in db"); } $sql = "SELECT COUNT(*) " . $db->nameQuote('username') . " FROM " . $db->nameQuote('#__users') . " WHERE " . $db->nameQuote('username') . " = " . $db->quote($username) . ""; $db->setQuery($sql); $num_rows = $db->loadResult(); if ($num_rows != 0) { die("user name taken"); } $email = trim($data['email']); $sql = "SELECT COUNT(*) " . $db->nameQuote('email') . " FROM " . $db->nameQuote('#__users') . " WHERE " . $db->nameQuote('email') . " = " . $db->quote($email) . ""; $db->setQuery($sql); $num_rows = $db->loadResult(); if ($num_rows == 0) { //die("email already in use"); } $block = '0'; $sendmail = '0'; $sql1 = "INSERT INTO " . $db->nameQuote('#__users') . " SET\n " . $db->nameQuote('name') . " = " . $db->quote($name) . ",\n " . $db->nameQuote('username') . " = " . $db->quote($username) . ",\n " . $db->nameQuote('email') . " = " . $db->quote($email) . ",\n " . $db->nameQuote('password') . " = " . $db->quote($password) . ",\n " . $db->nameQuote('usertype') . " = " . $db->quote($usertypename) . ",\n " . $db->nameQuote('block') . " = " . $db->quote($block) . ",\n " . $db->nameQuote('sendEmail') . " = " . $db->quote($sendmail) . ",\n " . $db->nameQuote('registerDate') . " = NOW(),\n " . $db->nameQuote('lastvisitDate') . " = " . $db->quote('0000-00-00 00:00:00') . ",\n " . $db->nameQuote('activation') . " = '',\n " . $db->nameQuote('params') . " = ''\n "; $db->setQuery($sql1); $db->query(); $user_id = $db->insertid(); $sql2 = "INSERT INTO " . $db->nameQuote('#__user_usergroup_map') . " SET\n " . $db->nameQuote('group_id') . " = " . $db->quote($usertype) . ",\n " . $db->nameQuote('user_id') . " = " . $db->quote($user_id) . "\n "; $db->setQuery($sql2); $db->query(); $config =& JFactory::getConfig(); $fromname = $config->getValue('config.fromname'); $from = $config->getValue('config.mailfrom'); $recipient = $email; $subject = "Your user details for " . $_SERVER['HTTP_HOST']; $body = <<<BODY You have been added as a User to __HTTP_HOST__. <br><br> This e-mail contains your username and password to log in to __HTTP_HOST__. <br><br> Username: __USERNAME__ <br> Password: __PASSWORD__ <br><br> Please do not respond to this message as it is automatically generated and is for information purposes only. BODY; $body = str_replace('__HTTP_HOST__', $_SERVER['HTTP_HOST'], $body); $body = str_replace('__USERNAME__', $username, $body); $body = str_replace('__PASSWORD__', $showpass, $body); JUtility::sendMail($from, $fromname, $recipient, $subject, $body, $mode = 1, $cc = null, $bcc = null, $attachment = null, $replyto = null, $replytoname = null); $recipient = $from; $subject = "A new user has been added to " . $_SERVER['HTTP_HOST'] . ""; $body = "A new user has been added to " . $_SERVER['HTTP_HOST'] . ". This is a copy off the email notification that this user received:<br>" . $body; JUtility::sendMail($from, $fromname, $recipient, $subject, $body, $mode = 1, $cc = null, $bcc = null, $attachment, $replyto = null, $replytoname = null); return $user_id; }