<?php
require_once "query/message.php";
$DOJSS = $_COOKIE['DOJSS'];
$opwd = safe($_POST['opwd']);
$npwd = safe($_POST['npwd']);
$user = checkDOJSS($DOJSS);
if (!checkPwd($npwd)) {
send(1, $err['invalidPwd']);
}
if ($user) {
if (dc_decrypt($user->password, $key_pwd) != $opwd) {
send(1, $err['wrongPwd']);
}
if ($opwd == $npwd) {
send(2, $warning['samePwd']);
}
$uid = $user->id;
$pwd_enc = dc_encrypt($npwd, $key_pwd);
mysql_query("UPDATE `users` SET \n\t\t\t`password` = '{$pwd_enc}'\n\t\tWHERE `id` = {$uid} ");
if (mysql_affected_rows()) {
send(0, $tip['changedPwd'], "setTimeout(logout, 3000);");
} else {
send(1, $err['notSaved']);
}
} else {
send(1, $err['wrongDOJSS']);
}
} else {
if (getUserByName($name)) {
$error = $err['sameName'];
} else {
if (getUserByEmail($mail)) {
$error = $err['sameEmail'];
}
}
}
}
}
$kmail = checkKey($key);
if ($kmail == $mail . '&') {
$admin = 1;
} else {
if ($kmail == $mail) {
$admin = 0;
} else {
$error = $err['invalidKey'];
}
}
if (!isset($error)) {
$pwd_enc = dc_encrypt($password, $key_pwd);
mysql_query("INSERT INTO `users` (`name`,`mail`,`password`,`reg_time`,`admin`)\n\t\t\tVALUES ('{$name}','{$mail}','{$pwd_enc}',NOW(),{$admin})") or $error = $err['insertError'];
}
if (isset($error)) {
require_once 'template/register.php';
} else {
$hint = $tip['finishRegister'];
require_once 'template/login.php';
}
function DOJSS($id, $pass)
{
global $key_log;
$o = new stdClass();
$o->i = $id;
$o->p = md5($pass);
return dc_encrypt(json_encode($o), $key_log);
}
<?php
require_once 'query/message.php';
$DOJSS = $_COOKIE['DOJSS'];
$user = checkDOJSS($DOJSS);
$mail = $_GET['mail'];
$admin = intval($_GET['admin']);
if ($admin == 1) {
$subfix = '&';
} else {
$subfix = '';
}
if ($user && $user->admin > 0) {
send(0, dc_encrypt($mail . $subfix, $key_reg));
} else {
send(1, $err['notAdmin']);
}
