include 'includes/function.php'; loggedIn(); if ($_POST['to_email'] != "") { // Passed variable $user = trim($_POST['to_email']); // Numeric value is passed so check to be sure that is it. if (!preg_match("/^[0-9]{1,10}\$/", $user)) { die("User not found."); } $pub_connection = mysql_connect("localhost", $db_user_public, $db_user_pass) or die("Error with database connection. Please try again."); mysql_select_db($db_name, $pub_connection) or die("Error selecting database."); /** Be sure the ID exists. */ $check_sql = mressf("SELECT email,pub_key FROM users WHERE id = '%d'", $user); // Execute query $sql_result = mysql_query($check_sql, $pub_connection) or die("Error retrieving user." . mysql_error()); $i = mysql_fetch_object($sql_result); // Pub certificate $pub_print = "{$i->pub_key}"; // Check for results if (mysql_num_rows($sql_result) == "0") { echo "User not found."; exit; } else { echo "<b>Fingerprint for the above user is:</b> <br />"; // Split into readable chunks of four print chunk_split(sha1_thumbprint($pub_print), 4); exit; } } else { die("No email address was provided."); }
$_SESSION['s_pub'] = ""; $_SESSION['s_authed'] = ""; $_SESSION['s_phone'] = ""; $_SESSION['s_delivery'] = ""; $_SESSION['s_fprint'] = ""; // Session variables to be used throughout the login session $_SESSION['s_id'] = $id; $_SESSION['s_delivery'] = $delivery; $_SESSION['s_email'] = $username; $_SESSION['s_pass'] = $priv_pass; $_SESSION['s_priv_tmp'] = $priv_key; $_SESSION['s_pub'] = $pub; $_SESSION['s_phone'] = $priv_phone_no; $_SESSION['s_authed'] = "USER_AUTHENTICATED"; // SHA1 fingerprint $fprint = sha1_thumbprint($pub); $fprint = chunk_split($fprint, 4); $_SESSION['s_fprint'] = $fprint; // If the user uses SMS then we prepare the code to be sent to that address if ($_SESSION['s_delivery'] == "s") { $priv_sms = $priv_tmp[3]; $_SESSION['s_sms_gateway'] = "{$priv_phone_no}" . "@" . "{$priv_sms}"; } // Set initial login time // $t_check_timeout = date("YmdHi"); //$_SESSION['s_check_timeout_1'] = ""; //$_SESSION['s_check_timeout_1'] = $t_check_timeout; //$_SESSION['s_timeout'] = ""; //$_SESSION['s_timeout'] = $timeout; $_SESSION['s_preauth'] = "HAS_PREAUTH"; // Redirect to the login screen