function session_auth_server() { global $xoopsDB, $xoopsModuleConfig; $server = $xoopsModuleConfig['update_server']; if (!preg_match('/^\\w+:/', $server)) { return false; } $res = $xoopsDB->query("SELECT hash,fileid FROM " . UPDATE_FILE . " WHERE pkgref=0 AND path='' AND hash<>''"); if (!$res || $xoopsDB->getRowsNum($res) == 0) { return false; } list($pass, $fid) = $xoopsDB->fetchRow($res); $domain = auth_domain_name(); require_once XOOPS_ROOT_PATH . '/class/snoopy.php'; $snoopy = new Snoopy(); $param = array('domain' => $domain, 'pass' => $pass); $uri = $server . "/modules/server/authsvr.php"; $status = false; if ($snoopy->submit($uri, $param)) { $next = ''; foreach (split("\n", $snoopy->results) as $ln) { if (empty($ln)) { continue; } list($head, $body) = preg_split('/:\\s*/', rtrim($ln), 2); $head = strtolower($head); switch ($head) { case 'x-status': $status = $body == 'OK'; break; case 'x-next-password': $next = $body; break; } } if ($status && $pass != $next) { $res = $xoopsDB->queryF("UPDATE " . UPDATE_FILE . " SET hash=" . $xoopsDB->quoteString($next) . " WHERE fileid={$fid}"); } } return $status; }
include '../../../include/cp_header.php'; include '../functions.php'; $myts =& MyTextSanitizer::getInstance(); if (isset($_POST['pass'])) { $pass = $xoopsDB->quoteString($myts->stripSlashesGPC($_POST['pass'])); $res = $xoopsDB->query("UPDATE " . UPDATE_FILE . " SET hash={$pass} WHERE pkgref=0 AND path=''"); package_expire(); redirect_header('auth.php', 1, _AM_DBUPDATED); exit; } xoops_cp_header(); include 'mymenu.php'; echo "<h2>" . _AM_AUTH_NEWPASS . "</h2>"; $server = $xoopsModuleConfig['update_server']; if (preg_match('/^\\w+:/', $server)) { $url = $server . '/modules/server/authme.php?url=' . urlencode(XOOPS_URL); if (session_auth_server()) { echo "<p style='font-weight: bold;'>" . _AM_AUTH_SESSION_OK . "</p>"; } else { echo "<p style='color: #c00; font-weight: bold;'>" . _AM_AUTH_SESSION_NONE . "</p>"; } echo "<div><a href='{$url}'>" . _AM_AUTH_REGISTER . "</a></div>\n"; } $pass = htmlspecialchars(isset($_GET['pass']) ? $myts->stripSlashesGPC($_GET['pass']) : ''); $domain = auth_domain_name(); $res = $xoopsDB->query("SELECT fileid FROM " . UPDATE_FILE . " WHERE pkgref=0 AND path=''"); if ($xoopsDB->getRowsNum($res) == 0) { $xoopsDB->queryF("INSERT INTO " . UPDATE_FILE . "(pkgref, path) VALUES (0, '')"); } echo "<form action='auth.php' method='POST'>\n<table cellspacing='1' cellpadding='5' class='outer'>\n<tr><td class='head'>" . _AM_AUTH_DOMAIN . "</td><td class='even'>{$domain}</td></tr>\n<tr><td class='head'>" . _AM_AUTH_MYPASS . "</td><td class='odd'><input name='pass' value='{$pass}'/></td></tr>\n<tr><td class='head'></td><td class='even'><input type='submit' value='" . _AM_AUTH_SUBMIT . "'/></td></tr>\n</table>\n</form>"; xoops_cp_footer();