public static function getOnlineSessions() { // var_dump('getSess', self::$SESSION); $cut = time() - GWF_ONLINE_TIMEOUT; $sid = self::$SESSION->getSessSID(); // return array_merge(array(self::$SESSION), self::table(__CLASS__)->selectObjects('*, COUNT(*) as num_online', "sess_time>{$cut} AND sess_sid!='{$sid}'", 'user_name ASC', -1, -1, 'sess_user')); $sessions = self::table(__CLASS__)->selectObjects('*, COUNT(1) as sessioncount', "sess_time>{$cut} OR sess_id={$sid}", 'user_name ASC', -1, -1, 'sess_user'); if (!self::haveCookies()) { $sessions = array_merge(array(self::$SESSION), $sessions); } return $sessions; }
function ttr2_request(WC_Challenge $chall, GWF_Form $form) { if (false !== ($errors = $form->validate($chall))) { return $errors; } # Generate reset token $sid = GWF_Session::getSessSID(); $email = $form->getVar('email'); $token = ttr2_random(16); if (!TTR2_Tokens::insertToken($sid, $email, $token)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } # If it's your own real mail, even send it for the lulz :) if ($email === GWF_User::getStaticOrGuest()->getValidMail()) { ttr2_mail_me($chall, $email, $token); } return GWF_HTML::message($chall->lang('title'), $chall->lang('msg_mail_sent')); }
function ttr2_submit(WC_Challenge $chall) { if ('' === ($answer = Common::getPostString('answer', ''))) { return; } $sessid = GWF_Session::getSessSID(); # First check all "custom" solutions $solutions = TTR2_Tokens::getSolutions($sessid); foreach ($solutions as $solution) { if ($solution['ttr_token'] === $answer) { echo GWF_HTML::message($chall->lang('title'), $chall->lang('msg_reset_own', array(htmlspecialchars($solution['ttr_email'])))); return; } } # Now lets check "THE" solution $solution = TTR2_Tokens::getSolution($sessid); $chall->setSolution($solution['ttr_token']); $chall->onSolve(GWF_User::getStaticOrGuest(), $answer); }
/** * Get the correct solution. * This counts as one attemp. * @return string|false */ function blightGetHash() { blightCountUp(); # 1 attemp $db = blightDB(); $sessid = GWF_Session::getSessSID(); $query = "SELECT password FROM blight WHERE sessid={$sessid}"; if (false === ($result = $db->queryFirst($query))) { return false; } return $result['password']; }