function verify_user() { global $salt; $email_cookie = $_COOKIE['email']; $vhash_cookie = $_COOKIE['vhash']; $vdate_cookie = $_COOKIE['vdate']; $user_string = $email_cookie . $vdate_cookie . $salt; $vhash = hash('sha256', $user_string); if (strcmp($vhash, $vhash_cookie)) { clear_cookies(); header("Location: http://rsshose.com/"); } }
function validate_cookies() { $CI =& get_instance(); if ($CI->input->cookie('bakarmedia_login_user')) { $u = $CI->input->cookie('bakarmedia_login_user'); $k = $CI->input->cookie('bakarmedia_login_key'); if ($k == false) { clear_cookies(); return; } $CI->load->database(); $q = $CI->db->query('SELECT password FROM user WHERE email=?', array($u)); if ($q->num_rows() < 1) { clear_cookies(); return; } if ($k != MD5($u . '-bakarmedia_key-' . $q->row()->password)) { echo $k . '//' . MD5($u . '-bakarmedia_key-' . $q->row()->password); clear_cookies(); } } }
<br><br> <?php admin_footer(); } elseif ($admin_action == 'login_submit') { list($uid, $uname, $pwd, $email) = uc_user_login($cyask_user, $_POST['password']); if ($uid > 0 && $cyask_adminid == 1) { $adminhash = ADMINHASH; uc_dsetcookie("adminhash", ADMINHASH); echo '<meta http-equiv=refresh content=0;URL="./admin.php?admin_action=' . $_POST['backaction'] . '">'; } else { admin_header(); echo '<script language="javaScript">alert("' . $lang['admin_passwd_wrong'] . '");history.back();</script>'; admin_footer(); } } elseif ($admin_action == 'logout_sys') { clear_cookies(); uc_dsetcookie('adminhash', ''); echo '<script language="JavaScript">top.location.href="./";</script>'; exit; } elseif ($admin_action == 'logout_admin') { uc_dsetcookie('adminhash', ''); echo '<script language="JavaScript">top.location.href="./";</script>'; exit; } else { if ($cyask_adminid == 1) { $admin_script = ''; if ($admin_action == 'sort_list' || $admin_action == 'sort_add' || $admin_action == 'sort_edit' || $admin_action == 'sort_add_submit' || $admin_action == 'sort_edit_submit' || $admin_action == 'sort_del' || $admin_action == 'sort_join' || $admin_action == 'sort_join_submit') { $admin_script = 'sort_manage'; } elseif ($admin_action == 'ques_sort' || $admin_action == 'ques_nosolve' || $admin_action == 'ques_solve' || $admin_action == 'ques_vote' || $admin_action == 'ques_intro' || $admin_action == 'ques_list' || $admin_action == 'ques_edit' || $admin_action == 'ques_del' || $admin_action == 'ques_top' || $admin_action == 'ques_close') { $admin_script = 'ques_manage'; } elseif ($admin_action == 'ques_answer' || $admin_action == 'answer_edit' || $admin_action == 'answer_del') {