function cp_session_cleanup($clean_all = false) { foreach (dir_read_files(DIR_CP_SESSION) as $file) { $file = DIR_CP_SESSION . '/' . $file; list($username, $session, $timestamp, $browser, $ip) = explode('|', file_first_line($file)); if ($clean_all || $timestamp < time() - CP_SESSION_DURATION) { file_delete($file); } } }
function _xChangeLogin() { $v =& Validator::Get(); list($username, $password) = explode('|', file_first_line(FILE_CP_USER)); $v->Register($_REQUEST['username'], VT_NOT_EMPTY, 'The Username field is required'); $v->Register($_REQUEST['password'], VT_NOT_EMPTY, 'The Password field is required'); $v->Register(sha1($_REQUEST['old_password']), VT_EQUALS, 'The Old Password is invalid', $password); $v->Register($_REQUEST['username'] . $_REQUEST['password'], VT_NOT_CONTAINS, 'The | character is not allowed in your username or password', '|'); $v->Register(FILE_CP_USER, VT_FILE_IS_WRITEABLE, 'The ' . FILE_CP_USER . ' file has incorrect permissions; change them to 666'); if (!$v->Validate()) { return JSON::Warning(array(JSON_KEY_MESSAGE => 'Login information could not be updated; please fix the following items', JSON_KEY_WARNINGS => $v->GetErrors())); } file_write(FILE_CP_USER, $_REQUEST['username'] . '|' . sha1($_REQUEST['password'])); JSON::Success(array(JSON_KEY_MESSAGE => 'Control panel login has been successfully updated', JSON_KEY_DIALOG => _xIncludeCapture('change-login.php'))); }