/** * Verify the credentials given * @param mysqli $db * @param string $username * @param string $resettoken */ function verifyResetToken($db, $username, $resettoken) { if ($stmt = checkprepare($db, 'SELECT UNIX_TIMESTAMP()-UNIX_TIMESTAMP(`resettime`) AS `age` FROM `users` WHERE `user`=? AND `resettoken`=?')) { checkBindParam($db, $stmt, "ss", $username, $resettoken); checkBindResult($db, $stmt, $age); if (checkExecute($db, $stmt)) { $result = $stmt->fetch(); $stmt->close(); if ($result === True) { return $age < MAX_RESET_VALIDITY; } else { return False; } } $stmt->close(); return False; } }
$data = str_replace("\n ", "\n", $data); $data = str_replace("\n\n", "\n", $data); } while ($oldkey != $data); $data = strtolower(trim($data)); if (strlen($data) == 0) { return false; } else { return md5($data); } } switch ($_GET["a"]) { case "post": if ($_GET["writekey"] != $settings["writekey"]) { echo "ERROR:Invalid writekey."; } else { if (function_exists("custom_checkprepare") ? custom_checkprepare() : checkprepare()) { dbconnect(); $data = stripslashes($_POST["text"]); if ($data) { if (strlen($data) > $settings["maxlength"]) { echo "ERROR:Comic too long (>" . $settings["maxlength"] . " chars)"; } else { $signature = generatesignature($data); if ($signature) { $data = mysql_real_escape_string($data); $sql = "insert into " . $settings["table"] . " (striptext,signature) values ('" . $data . "','" . $signature . "')"; if (!mysql_query($sql)) { if (mysql_errno() == 1062) { echo "ERROR:This comic already exists."; } else { echo "ERROR:SQL Error - (" . mysql_errno() . ") " . mysql_error();