echo $_POST['uname']; ?> successfully added.</strong></p> <?php } else { ?> <p style="padding:2px;border:1px solid #CC9966;margin-bottom:10px;"><strong>Information missing (passwords do not match or username empty).</strong></p> <?php } } else { if ($_POST['aact'] == 'chguser' && $id !== FALSE) { if ($_POST['pass'] == $_POST['pass2'] && dname2name($_POST['uname'])) { $_PERSIST['users'][$id]['dname'] = $_POST['uname']; $_PERSIST['users'][$id]['name'] = dname2name($_POST['uname']); if ($_POST['pass'] && ($id > 1 || $id == 1 && $uid == 1)) { $_PERSIST['users'][$id]['pass'] = pwencode(dname2name($_POST['uname']), $_POST['pass']); } if ($_POST['temppass'] && ($id > 1 || $id == 1 && $uid == 1)) { $_PERSIST['users'][$id]['temppass'] = true; } else { if ($_PERSIST['users'][$id]['temppass']) { unset($_PERSIST['users'][$id]['temppass']); } } $_PERSIST['users'][$id]['psub'] = $_POST['psub']; $_PERSIST['users'][$id]['dpsub'] = $_POST['dpsub'] === '*' ? $_POST['psub'] : $_POST['dpsub']; $_PERSIST['users'][$id]['priv'] = upriv($_POST['rank']); if ($_PERSIST['users'][$id]['priv'] == 2 && $id == 0) { $_PERSIST['users'][$id]['priv'] = 1; } persist_update() or die('<strong>Error:</strong>Persist not writable, please CHMOD persist.inc.php to 777.');
$user['dpsub'] = $_PERSIST['users'][$uid]['dpsub'] = $d; if (!persist_update()) { fm_close(); die('<strong>Error:</strong>Persist not writable, please see admin.'); } ?> <p style="padding:2px;border:1px solid #CC9966;"><strong>Default folder successfully changed.</strong></p> <?php } if (@$_POST['opass'] || $_POST['nopass']) { if ($_POST['nopass']) { $_POST['opass'] = ''; } if (empty($user['pass']) || $user['pass'] === pwencode($user['name'], $_POST['opass'])) { if ($_POST['npass'] && $_POST['npass'] === $_POST['npass2']) { $_PERSIST['users'][$uid]['pass'] = pwencode($user['name'], $_POST['npass']); if (!persist_update()) { fm_close(); die('<strong>Error:</strong>Persist not writable, please see admin.'); } ?> <p style="padding:2px;border:1px solid #CC9966;"><strong>Password successfully changed.</strong></p> <?php } else { if ($_POST['npass']) { ?> <p style="padding:2px 4px;border:2px solid #FF7755;"><strong><span style="color:#FF2211">Error:</span> New passwords do not match.</strong></p> <?php } else { ?> <p style="padding:2px 4px;border:2px solid #FF7755;"><strong><span style="color:#FF2211">Error:</span> You forgot to enter a new password.</strong></p>
//==================== // Log in //==================== $d = isset($_GET['d']) ? cleanPath($_GET['d']) : false; // $d is replaced after login. $status = ''; if ($_POST['logout']) { setcookie('fmsid', '', time() - 86400); $status = 'lo'; } else { if ($_POST['login'] && $_POST['uname'] && dname2name($_POST['uname']) !== 'guest') { $uname = dname2name($_POST['uname']); $status = 'nli'; foreach ($_PERSIST['users'] as $i => $cuser) { if ($cuser['name'] === $uname) { if ($cuser['pass'] === FALSE || $cuser['pass'] === pwencode($uname, $_POST['pass'])) { if ($cuser['priv']) { $uid = $i; if (!$uid) { die('Trying to log in as guest.'); } $sid = md5($_POST['uname'] . microtime() . rand() . '_s9k84ry'); $_PERSIST['users'][$i]['sid'] = $sid; $_PERSIST['users'][$i]['pli'] = time(); $_PERSIST['users'][$i]['rem'] = $_POST['rem'] ? true : false; persist_update() or die('<err>Users not writable; CHMOD persist to 777.</err>'); $user = $cuser; setcookie('fmsid', $sid, $_POST['rem'] ? time() + 60 * 60 * 24 * 30 : 0); $status = 'li'; $d = $user['dpsub'] ? $user['dpsub'] : $user['psub']; } else {