} else {
$pwd = passwordHash($_POST['adminuser'], $pass);
}
$notify = '';
$currentadmins = getAdministrators();
foreach ($currentadmins as $admin) {
if ($admin['user'] == $user) {
$notify = 'exists';
break;
}
}
if (!is_valid_email_zp($admin_e)) {
$notify = 'invalidemail';
}
if (empty($notify)) {
saveAdmin($user, $pwd, $admin_n, $admin_e, 0, NULL);
$link = FULLWEBPATH . '/index.php?p=' . substr($_zp_gallery_page, 0, -4) . '&verify=' . bin2hex(serialize(array('user' => $user, 'email' => $admin_e)));
$message = sprintf(gettext('You have received this email because you registered on the site. To complete your registration visit %s.'), $link);
$headers = "From: " . get_language_string(getOption('gallery_title'), getOption('locale')) . "<zenphoto@" . $_SERVER['SERVER_NAME'] . ">";
$_zp_UTF8->send_mail($admin_e, gettext('Registration confirmation'), $message, $headers);
$notify = 'accepted';
}
} else {
$notify = 'mismatch';
}
} else {
$notify = 'incomplete';
}
}
}
/**
<?php
$file = '../jsonDB/admins.json';
$sessions = '../jsonDB/sessions.json';
$method = '';
if (isset($_POST['method'])) {
$method = $_POST['method'];
}
if ($method == 'saveAdmin') {
saveAdmin($file);
} else {
if ($method == 'saveSession') {
saveSession($sessions);
} else {
if ($method == 'deleteSession') {
deleteSession($sessions);
}
}
}
function saveAdmin($file)
{
$eventJSON = filter_input(INPUT_POST, 'json');
file_put_contents($file, $eventJSON);
$responseArray['status'] = 'success';
echo json_encode($responseArray);
}
function saveSession($file)
{
$data = filter_input(INPUT_POST, 'data');
$jsonInPHP = json_decode(file_get_contents($file));
array_push($jsonInPHP->sessions, $data);
}
if (count($managedalbums > 0)) {
$albums = array_unique($managedalbums);
} else {
$albums = NULL;
}
} else {
$rights = null;
$albums = NULL;
}
if (empty($pass)) {
$pwd = null;
} else {
$pwd = passwordHash($_POST[$i . '-adminuser'], $pass);
}
saveAdmin($user, $pwd, $admin_n, $admin_e, $rights, $albums);
if ($i == 0) {
setOption('admin_reset_date', '1');
}
} else {
$notify = '?mismatch=password';
}
}
}
$returntab = "&tab=admin";
}
/*** Gallery options ***/
if (isset($_POST['savegalleryoptions'])) {
if (isset($_POST['allowed_tags_reset'])) {
setOption('allowed_tags', getOption('allowed_tags_default'));
} else {
}
require dirname(__FILE__) . '/zp-config.php';
setOption('zenphoto_release', ZENPHOTO_RELEASE);
//clear out old admin user and cleartext password
unset($_zp_conf_vars['adminuser']);
unset($_zp_conf_vars['adminpass']);
$admin = getOption('adminuser');
if (!empty($admin)) {
// transfer the old credentials and then remove them
if (count(getAdministrators()) == 0) {
// don't revert anything!
$pass = getOption('adminpass');
$string = preg_replace("/[^a-f0-9]/", "", $pass);
if (strlen($pass) == 32 && $pass == $string) {
// best guess it that it is a md5 pasword, not cleartext
saveAdmin($admin, $pass, getOption('admin_name'), getOption('admin_email'), ALL_RIGHTS, array());
}
}
$sql = 'DELETE FROM ' . prefix('options') . ' WHERE `name`="adminuser"';
query($sql);
$sql = 'DELETE FROM ' . prefix('options') . ' WHERE `name`="adminpass"';
query($sql);
$sql = 'DELETE FROM ' . prefix('options') . ' WHERE `name`="admin_name"';
query($sql);
$sql = 'DELETE FROM ' . prefix('options') . ' WHERE `name`="admin_email"';
query($sql);
}
// old zp-config.php opitons. preserve them
$conf = $_zp_conf_vars;
setDefault('gallery_title', "Gallery");
setDefault('website_title', "");
