function resetPassword($email, $token, $newpass) { global $SITE_SECRET; $token = str_replace(array('-','_'), array('.','/'), $token); $check = crypt($email . $SITE_SECRET, $token); if ($check != $token) { return false; } $newpass = db_escape($newpass); $newpass = crypt($newpass); db_query_set("update user set password = '******' where email = '$email'"); $rslt = firstRow(db_query_get("select n.id from note n, user u where u.id = n.userid and u.email = '$email'")); setNoteID($rslt['id']); return true; }
<? require("_functions.php"); require("_database.php"); $id = $_GET['id']; $version = $_GET['version']; if (!$id) { die('Where is $id?'); } if (!$version) { die('Where is $version?'); } $id = db_escape($id); $version = db_escape($version); $rslt = firstRow(db_query_get("select version, content from note where id = '$id' and version > '$version'")); if (!$rslt) { print "OK"; } else { $version = $rslt['version']; $content = $rslt['content']; print "OUT_OF_DATE\n$version\n$content"; } ?>
function resetPassword($email, $token, $newpass) { global $SITE_SECRET; $token = str_replace(array('-', '_'), array('.', '/'), $token); $check = crypt($email . $SITE_SECRET, $token); if ($check != $token) { return false; } $newpass = db_escape($newpass); $newpass = crypt($newpass); db_query_set("update user set password = '******' where email = '{$email}'"); $rslt = firstRow(db_query_get("select id from user where email = '{$email}'")); setUserCookie($rslt['id'], $email); return true; }
// used to endorse or promote products derived from this software without // specific prior written permission. // // THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED // WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO // EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, // PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; // OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, // WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR // OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF // ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // This PHP file initializes a new client by assinging a client ID and returning // the current version of the note. require "_functions.php"; require "_database.php"; $id = validateUserCookie(); $id = db_escape($id); // Create a new client ID. // We use a MySQL variable to capture the value that next_client_id had before // the update so that we are atomic. Variables are connection-specific, and we // open a new connection for each PHP page view. db_query_set("update user set next_client_id = next_client_id + 1 \n where id = '{$id}' and @prev_client_id := next_client_id"); $client = firstRow(db_query_get("select @prev_client_id as prev_client_id")); $client = $client['prev_client_id']; // Now get the latest version of the note from the database. $rslt = firstRow(db_query_get("select version, content from user\n where id = '{$id}'")); $version = $rslt['version']; $content = $rslt['content']; print "{$client}\n{$version}\n{$content}";
// and/or other materials provided with the distribution. // 3. Neither the name of Google Inc. nor the names of its contributors may be // used to endorse or promote products derived from this software without // specific prior written permission. // // THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED // WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO // EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, // PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; // OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, // WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR // OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF // ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. require "_functions.php"; require "_database.php"; $id = validateUserCookie(); $version = $_GET['version']; if (!$version) { die('Where is $version?'); } $id = db_escape($id); $version = db_escape($version); $rslt = firstRow(db_query_get("select version, content from user where " . "id = '{$id}' and version > '{$version}'")); if ($rslt) { $version = $rslt['version']; $content = $rslt['content']; print "{$version}\n{$content}"; } // else serve an empty 200 OK response, which means the client is up to date.