if (!empty($_POST["change"])) { if (!verifyToken()) { ## csrf check, should be added in more places print Error($GLOBALS['I18N']->get('No Access')); return; } if (empty($_POST["id"])) { # Check if fields login name and email are present if (!is_null($_POST["loginname"]) && $_POST["loginname"] !== '' && !is_null($_POST["email"]) && $_POST["email"] !== '') { if (validateEmail($_POST["email"])) { # new one $result = Sql_query(sprintf('SELECT count(*) FROM %s WHERE namelc="%s" OR email="%s"', $tables["admin"], strtolower(normalize($_POST["loginname"])), strtolower(normalize($_POST["email"])))); $totalres = Sql_fetch_Row($result); $total = $totalres[0]; if (!$total) { Sql_Query(sprintf('insert into %s (loginname,namelc,password,created) values("%s","%s","%s",current_timestamp)', $tables["admin"], strtolower(normalize($_POST["loginname"])), strtolower(normalize($_POST["loginname"])), encryptPass(md5(rand(0, 1000))))); $id = Sql_Insert_Id($tables['admin'], 'id'); } else { $id = 0; } } else { ## email doesn't validate $id = 0; } } else { $id = 0; } } else { $id = sprintf('%d', $_POST["id"]); } if ($id) {
if (isset($_GET['p']) && $_GET["p"] == "subscribe") { $_SESSION["userloggedin"] = 0; $_SESSION["userdata"] = array(); } $login_required = ASKFORPASSWORD && $userpassword && $_GET["p"] == "preferences" || ASKFORPASSWORD && UNSUBSCRIBE_REQUIRES_PASSWORD && $userpassword && $_GET["p"] == "unsubscribe"; if ($login_required && empty($_SESSION["userloggedin"])) { $canlogin = 0; if (!empty($_POST["login"])) { # login button pushed, let's check formdata if (empty($_POST["email"])) { $msg = $strEnterEmail; } elseif (empty($_POST["password"])) { $msg = $strEnterPassword; } else { if (ENCRYPTPASSWORD) { $encP = encryptPass($_POST["password"]); $canlogin = false; $canlogin = !empty($encP) && !empty($_POST['password']) && !empty($emailcheck) && $encP == $userpassword && $_POST["email"] == $emailcheck; # print $_POST['password'].' '.$encP.' '.$userpassword.' '.$canlogin; exit; } else { $canlogin = $_POST["password"] == $userpassword && $_POST["email"] == $emailcheck; } } if (!$canlogin) { $msg = '<p class="error">' . $strInvalidPassword . '</p>'; } else { loadUser($emailcheck); $_SESSION["userloggedin"] = $_SERVER["REMOTE_ADDR"]; } } elseif (!empty($_POST["forgotpassword"])) { # forgot password button pushed
if ($row[0] != $_GET['uid']) { Fatal_Error('Cannot change to that email address. <br/>This email already exists. <br/>Please use the preferences URL for this email to make updates. <br/>Click <a href="' . getConfig('preferencesurl') . "&email={$email}\">here</a> to request your personal location"); exit; } } # read the current values to compare changes $old_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['user'], $userid)); $old_data = array_merge($old_data, getUserAttributeValues('', $userid)); $history_entry = ''; #'http://'.getConfig("website").$GLOBALS["adminpages"].'/?page=user&id='.$userid."\n\n"; if (ASKFORPASSWORD && $_POST['password']) { if (ENCRYPTPASSWORD) { $newpassword = encryptPass($_POST['password']); } else { $newpassword = sprintf('%s', $_POST['password']); } # see whether is has changed $curpwd = Sql_Fetch_Row_Query("select password from {$GLOBALS['tables']['user']} where id = {$userid}"); if ($_POST['password'] != $curpwd[0]) { $storepassword = '******' . $newpassword . '",'; Sql_query("update {$GLOBALS['tables']['user']} set passwordchanged = now() where id = {$userid}"); $history_entry .= "\nUser has changed their password\n"; addSubscriberStatistics('password change', 1); } else { $storepassword = ''; } } else { $storepassword = '';
$req = Sql_Query("select uniqid from {$GLOBALS["tables"]["user"]} where email = \"{$email}\""); if (Sql_Affected_Rows()) { $row = Sql_Fetch_Row($req); if ($row[0] != $_GET["uid"]) { Fatal_Error("Cannot change to that email address.\n <br/>This email already exists.\n <br/>Please use the preferences URL for this email to make updates.\n <br/>Click <a href=\"" . getConfig("preferencesurl") . "&email={$email}\">here</a> to request your personal location"); exit; } } # read the current values to compare changes $old_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS["tables"]["user"], $userid)); $old_data = array_merge($old_data, getUserAttributeValues('', $userid)); $history_entry = ''; #'http://'.getConfig("website").$GLOBALS["adminpages"].'/?page=user&id='.$userid."\n\n"; if (ASKFORPASSWORD && $_POST["password"]) { if (ENCRYPTPASSWORD) { $newpassword = encryptPass($_POST["password"]); } else { $newpassword = sprintf('%s', $_POST["password"]); } # see whether is has changed $curpwd = Sql_Fetch_Row_Query("select password from {$GLOBALS["tables"]["user"]} where id = {$userid}"); if ($_POST["password"] != $curpwd[0]) { $storepassword = '******' . $newpassword . '",'; Sql_query("update {$GLOBALS["tables"]["user"]} set passwordchanged = current_timestamp where id = {$userid}"); $history_entry .= "\nUser has changed their password\n"; addSubscriberStatistics('password change', 1); } else { $storepassword = ""; } } else { $storepassword = "";
$old_listmembership = array(); $req = Sql_Query("select * from {$tables['listuser']} where userid = {$id}"); while ($row = Sql_Fetch_Array($req)) { $old_listmembership[$row['listid']] = listName($row['listid']); } while (list($key, $val) = each($struct)) { if (is_array($val)) { if (isset($val[1]) && strpos($val[1], ':')) { list($a, $b) = explode(':', $val[1]); } else { $a = $b = ''; } if (strpos($a, 'sys') === false && $val[1]) { if ($key == 'password') { if (!empty($_POST[$key])) { Sql_Query("update {$tables['user']} set {$key} = \"" . encryptPass($_POST[$key]) . "\" where id = {$id}"); } } else { if ($key != 'password' || !empty($_POST[$key])) { if ($key == 'password') { $_POST[$key] = hash('sha256', $_POST[$key]); } Sql_Query("update {$tables['user']} set {$key} = \"" . sql_escape($_POST[$key]) . "\" where id = {$id}"); } } } elseif ((!$require_login || $require_login && isSuperUser()) && $key == 'confirmed') { Sql_Query("update {$tables['user']} set {$key} = \"" . sql_escape($_POST[$key]) . "\" where id = {$id}"); } } } if (!empty($_FILES) && is_array($_FILES)) {
if (!$error || $force) { if ($table == 'admin') { # create a default admin $_SESSION['firstinstall'] = 1; if (isset($_REQUEST['adminemail'])) { $adminemail = $_REQUEST['adminemail']; } else { $adminemail = ''; } if (isset($_REQUEST['adminpassword'])) { $adminpass = $_REQUEST['adminpassword']; } else { $adminpass = '******'; } Sql_Query(sprintf('insert into %s (loginname,namelc,email,created,modified,password,passwordchanged,superuser,disabled) values("%s","%s","%s",now(),now(),"%s",now(),%d,0)', $tables['admin'], 'admin', 'admin', $adminemail, encryptPass($adminpass), 1)); ## let's add them as a subscriber as well $userid = addNewUser($adminemail, $adminpass); Sql_Query(sprintf('update %s set confirmed = 1 where id = %d', $tables['user'], $userid)); /* to send the token at the end, doesn't work yet $adminid = Sql_Insert_Id(); */ } elseif ($table == 'task') { while (list($type, $pages) = each($system_pages)) { foreach ($pages as $page => $access_level) { Sql_Query(sprintf('replace into %s (page,type) values("%s","%s")', $tables['task'], $page, $type)); } } } echo '... ' . s('ok') . "<br />\n"; } else {
if (!$error || $force) { if ($table == "admin") { # create a default admin $_SESSION['firstinstall'] = 1; if (isset($_REQUEST['adminemail'])) { $adminemail = $_REQUEST['adminemail']; } else { $adminemail = ''; } if (isset($_REQUEST['adminpassword'])) { $adminpass = $_REQUEST['adminpassword']; } else { $adminpass = '******'; } Sql_Query(sprintf('insert into %s (loginname,namelc,email,created,modified,password,passwordchanged,superuser,disabled) values("%s","%s","%s",now(),now(),"%s",now(),%d,0)', $tables["admin"], "admin", "admin", $adminemail, encryptPass($adminpass), 1)); ## let's add them as a subscriber as well $userid = addNewUser($adminemail, $adminpass); Sql_Query(sprintf('update %s set confirmed = 1 where id = %d', $tables['user'], $userid)); /* to send the token at the end, doesn't work yet $adminid = Sql_Insert_Id(); */ } elseif ($table == "task") { while (list($type, $pages) = each($system_pages)) { foreach ($pages as $page => $access_level) { Sql_Query(sprintf('replace into %s (page,type) values("%s","%s")', $tables["task"], $page, $type)); } } } echo "... " . s("ok") . "<br />\n"; } else {
$html .= '<tr><td>' . $GLOBALS['I18N']->get('Initialise Database') . '</td> <td>' . $link . '</td><td>'; if (Sql_Table_Exists($tables['config'], 1)) { $html .= $GLOBALS['img_tick']; } else { $html .= $GLOBALS['img_cross']; $alldone = 0; } $html .= '</td></tr>'; } $link = PageLink2('admin&id=1', s('Go there')); if (!empty($link) && $GLOBALS['require_login']) { $html .= '<tr><td>' . s('Change admin password') . ' </td> <td>' . $link . '</td><td>'; $curpwd = Sql_Fetch_Row_Query("select password from {$tables['admin']} where loginname = \"admin\""); if ($curpwd[0] != 'phplist' && $curpwd[0] != encryptPass('phplist')) { $html .= $GLOBALS['img_tick']; } else { $alldone = 0; $html .= $GLOBALS['img_cross']; } $html .= '</td></tr>'; } $link = PageLink2('configure', $GLOBALS['I18N']->get('Go there')); if (!empty($link)) { $html .= '<tr><td>' . $GLOBALS['I18N']->get('Verify Settings') . '</td> <td>' . $link . '</td><td>'; $data = Sql_Fetch_Row_Query("select value from {$tables['config']} where item = \"subscribeurl\""); if ($data[0]) { $html .= $GLOBALS['img_tick']; } else {
if (!$error || $force) { if ($table == "admin") { # create a default admin $_SESSION['firstinstall'] = 1; if (isset($_REQUEST['adminemail'])) { $adminemail = $_REQUEST['adminemail']; } else { $adminemail = ''; } if (isset($_REQUEST['adminpassword'])) { $adminpass = $_REQUEST['adminpassword']; } else { $adminpass = '******'; } Sql_Query(sprintf('insert into %s (loginname,namelc,email,created,modified,password,passwordchanged,superuser,disabled) values("%s","%s","%s",current_timestamp,current_timestamp,"%s",current_timestamp,%d,0)', $tables["admin"], "admin", "admin", $adminemail, encryptPass($adminpass), 1)); ## let's add them as a subscriber as well $userid = addNewUser($adminemail, $adminpass); Sql_Query(sprintf('update %s set confirmed = 1 where id = %d', $tables['user'], $userid)); /* to send the token at the end, doesn't work yet $adminid = Sql_Insert_Id(); */ } elseif ($table == "task") { while (list($type, $pages) = each($system_pages)) { foreach ($pages as $page => $access_level) { Sql_Query(sprintf('replace into %s (page,type) values("%s","%s")', $tables["task"], $page, $type)); } } } echo "... " . s("ok") . "<br />\n"; } else {
$query = sprintf('update %s set email = "%s", loginname = "%s", namelc = "%s", modifiedby = "%s", passwordchanged = current_timestamp, password = "******", superuser = 0, disabled = 0, privileges = "%s" where id = %d', $tables["admin"], sql_escape($email), sql_escape($loginname), normalize($loginname), adminName($_SESSION["logindetails"]["id"]), encryptPass($data["password"]), sql_escape(serialize($privs)), $adminid); $result = Sql_query($query); } else { $query = sprintf('INSERT INTO %s (email,loginname,namelc,created,modifiedby,passwordchanged,password,superuser,disabled,privileges) values("%s","%s","%s",current_timestamp,"%s",current_timestamp,"%s",0,0,"%s")', $tables["admin"], sql_escape($email), sql_escape($loginname), normalize($loginname), adminName($_SESSION["logindetails"]["id"]), encryptPass($data["password"]), sql_escape(serialize($privs))); $result = Sql_query($query); $adminid = Sql_Insert_Id($tables['admin'], 'id'); $count_email_add++; $some = 1; } reset($import_attribute); foreach ($import_attribute as $item) { if (!empty($data['values'][$item["index"]])) { $attribute_index = $item["record"]; $value = $data['values'][$item["index"]]; # check whether this is a textline or a selectable item $att = Sql_Fetch_Row_Query("select type,tablename,name from " . $tables["adminattribute"] . " where id = {$attribute_index}"); switch ($att[0]) { case "select": case "radio":
if (isset($_POST['event']) && $_REQUEST['event'] == 'login_now') { if (!isset($_POST['email_address']) || !isset($_POST['password'])) { $tpl->set_msg_err(_('Error: missing fields')); $tpl->wrap_exit('login.tpl'); } if (!checkEmailFormat($_POST['email_address'])) { $tpl->set_msg_err(_('Error: invalid email address format')); $tpl->wrap_exit('login.tpl'); } $email_array = explode('@', $_POST['email_address']); $login_user = $email_array[0]; $login_domain = $email_array[1]; $vp = new vpopmail_admin($login_domain, $login_user, $_POST['password'], $server_ip, $server_port); if ($vp->Error) { unset($_SESSION['user']); unset($_SESSION['domain']); unset($_SESSION['password']); unset($_SESSION['email']); $tpl->set_msg("Unable to open vpopmaild - {$vp->Error}"); $tpl->wrap_exit(); } else { $_SESSION['user'] = $login_user; $_SESSION['domain'] = $login_domain; $_SESSION['password'] = encryptPass($_POST['password'], $mcrypt_key); $_SESSION['email'] = $_SESSION['user'] . '@' . $_SESSION['domain']; header("Location: " . $_SERVER['PHP_SELF'] . '?module=Domains'); exit; } } // Else show login screen $tpl->wrap_exit('login.tpl');
<?php include_once '../lib/session.inc.php'; include_once '../lib/user.inc.php'; $user = $_POST['user']; $pass = $_POST['pass']; $userId = authenticateUser($user, $pass); if ($userId) { $_SESSION['user'] = loadUser($userId); print json_encode(array('success' => true, 'pass' => encryptPass($pass))); } else { print json_encode(array('success' => false)); }
function insertUser($data) { //random, unique to user salt @($data['salt'] = randomString(15)); //if no pass available, create a random one if (!isset($data['pass']) or empty($data['pass'])) { @($data['pass'] = randomString(15)); } //now encrypt pass $clear_pass = $data['pass']; $encrypted_pass = encryptPass($clear_pass, $data['salt']); $data['pass'] = $encrypted_pass; //creation data @($data['create_date'] = date('Y-m-d H:i:s')); //insert into db $db = Database::obtain(); $results = $db->insert('users', $data); return $results; }
if (isset($_GET['p']) && $_GET['p'] == 'subscribe') { $_SESSION['userloggedin'] = 0; $_SESSION['userdata'] = array(); } $login_required = ASKFORPASSWORD && $userpassword && $_GET['p'] == 'preferences' || ASKFORPASSWORD && UNSUBSCRIBE_REQUIRES_PASSWORD && $userpassword && $_GET['p'] == 'unsubscribe'; if ($login_required && empty($_SESSION['userloggedin'])) { $canlogin = 0; if (!empty($_POST['login'])) { # login button pushed, let's check formdata if (empty($_POST['email'])) { $msg = $strEnterEmail; } elseif (empty($_POST['password'])) { $msg = $strEnterPassword; } else { if (ENCRYPTPASSWORD) { $encP = encryptPass($_POST['password']); $canlogin = false; $canlogin = !empty($encP) && !empty($_POST['password']) && !empty($emailcheck) && $encP == $userpassword && $_POST['email'] == $emailcheck; # print $_POST['password'].' '.$encP.' '.$userpassword.' '.$canlogin; exit; } else { $canlogin = $_POST['password'] == $userpassword && $_POST['email'] == $emailcheck; } } if (!$canlogin) { $msg = '<p class="error">' . $strInvalidPassword . '</p>'; } else { loadUser($emailcheck); $_SESSION['userloggedin'] = $_SERVER['REMOTE_ADDR']; } } elseif (!empty($_POST['forgotpassword'])) { # forgot password button pushed
$query = sprintf('update %s set email = "%s", loginname = "%s", namelc = "%s", modifiedby = "%s", passwordchanged = now(), password = "******", superuser = 0, disabled = 0, privileges = "%s" where id = %d', $tables['admin'], sql_escape($email), sql_escape($loginname), normalize($loginname), adminName($_SESSION['logindetails']['id']), encryptPass($data['password']), sql_escape(serialize($privs)), $adminid); $result = Sql_query($query); } else { $query = sprintf('INSERT INTO %s (email,loginname,namelc,created,modifiedby,passwordchanged,password,superuser,disabled,privileges) values("%s","%s","%s",now(),"%s",now(),"%s",0,0,"%s")', $tables['admin'], sql_escape($email), sql_escape($loginname), normalize($loginname), adminName($_SESSION['logindetails']['id']), encryptPass($data['password']), sql_escape(serialize($privs))); $result = Sql_query($query); $adminid = Sql_insert_id(); ++$count_email_add; $some = 1; } reset($import_attribute); foreach ($import_attribute as $item) { if (!empty($data['values'][$item['index']])) { $attribute_index = $item['record']; $value = $data['values'][$item['index']]; # check whether this is a textline or a selectable item $att = Sql_Fetch_Row_Query('select type,tablename,name from ' . $tables['adminattribute'] . " where id = {$attribute_index}"); switch ($att[0]) { case 'select': case 'radio':
function addNewUser($email, $password = "") { if (empty($GLOBALS['tables']['user'])) { $GLOBALS['tables']['user'] = '******'; } /* "id" => array("integer not null primary key auto_increment","sys:ID"), "email" => array("varchar(255) not null","Email"), "confirmed" => array("tinyint default 0","sys:Is the email of this user confirmed"), "entered" => array("datetime","sys:Time Created"), "modified" => array("timestamp","sys:Time modified"), "uniqid" => array("varchar(255)","sys:Unique ID for User"), "unique" => array("(email)","sys:unique"), "htmlemail" => array("tinyint default 0","Send this user HTML emails"), "subscribepage" => array("integer","sys:Which page was used to subscribe"), "rssfrequency" => array("varchar(100)","rss Frequency"), // Leftover from the preplugin era "password" => array("varchar(255)","Password"), "passwordchanged" => array("datetime","sys:Last time password was changed"), "disabled" => array("tinyint default 0","Is this account disabled?"), "extradata" => array("text","Additional data"), */ // insert into user db $exists = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $GLOBALS['tables']['user'], $email)); if ($exists[0]) { return $exists[0]; } $passwordEnc = encryptPass($password); Sql_Query(sprintf('insert into %s set email = "%s", entered = now(),modified = now(),password = "******", passwordchanged = now(),disabled = 0, uniqid = "%s",htmlemail = 1 ', $GLOBALS['tables']['user'], $email, $passwordEnc, getUniqid())); $id = Sql_Insert_Id(); return $id; }
$html .= '<tr><td>' . $GLOBALS['I18N']->get('Initialise Database') . '</td> <td>' . $link . '</td><td>'; if (Sql_Table_Exists($tables["config"], 1)) { $html .= $GLOBALS["img_tick"]; } else { $html .= $GLOBALS["img_cross"]; $alldone = 0; } $html .= '</td></tr>'; } $link = PageLink2("admin&id=1", s('Go there')); if (!empty($link) && $GLOBALS["require_login"]) { $html .= '<tr><td>' . s('Change admin password') . ' </td> <td>' . $link . '</td><td>'; $curpwd = Sql_Fetch_Row_Query("select password from {$tables["admin"]} where loginname = \"admin\""); if ($curpwd[0] != "phplist" && $curpwd[0] != encryptPass('phplist')) { $html .= $GLOBALS["img_tick"]; } else { $alldone = 0; $html .= $GLOBALS["img_cross"]; } $html .= '</td></tr>'; } $link = PageLink2("configure", $GLOBALS['I18N']->get('Go there')); if (!empty($link)) { $html .= '<tr><td>' . $GLOBALS['I18N']->get('Verify Settings') . '</td> <td>' . $link . '</td><td>'; $data = Sql_Fetch_Row_Query("select value from {$tables["config"]} where item = \"admin_address\""); if ($data[0]) { $html .= $GLOBALS["img_tick"]; } else {
$SQLquery = sprintf('delete from %s where date_add( date, INTERVAL %s) < now( )', $GLOBALS['tables']['admin_password_request'], PASSWORD_CHANGE_TIMEFRAME); $query = Sql_Query($SQLquery); } //if (ENCRYPT_PASSWORDS) { if (isset($_POST['password1']) && isset($_POST['password2'])) { $SQLquery = sprintf('select date, admin from %s where key_value = "%s" and admin = %d', $GLOBALS['tables']['admin_password_request'], sql_escape($_GET['token']), $_POST['admin']); $tokenData = Sql_Fetch_Row_Query($SQLquery); $p1 = $_POST['password1']; $p2 = $_POST['password2']; $adminId = $tokenData[1]; $SQLquery = sprintf('select loginname from %s where id = %d;', $GLOBALS['tables']['admin'], $adminId); $adminData = Sql_Fetch_Row_Query($SQLquery); $admin = $adminData[0]; if ($p1 == $p2 && !empty($admin)) { #Database update. $SQLquery = sprintf("update %s set password='******', passwordchanged=now() where loginname = '%s';", $GLOBALS['tables']['admin'], encryptPass($p1), $admin); ## print $SQLquery; $query = Sql_Query($SQLquery); print $GLOBALS['I18N']->get('Your password was changed succesfully') . '<br/>'; print '<p><a href="./" class="action-button">' . $GLOBALS['I18N']->get('Continue') . '</a></p>'; #Token deletion. $SQLquery = sprintf('delete from %s where admin = %d;', $GLOBALS['tables']['admin_password_request'], $adminId); $query = Sql_Query($SQLquery); } else { print $GLOBALS['I18N']->get('The passwords you entered are not the same.'); } } elseif (isset($_GET['token'])) { $SQLquery = sprintf("select date, admin from %s where key_value = '" . sql_escape($_GET['token']) . "';", $GLOBALS['tables']['admin_password_request']); $row = Sql_Fetch_Row_Query($SQLquery); $tokenDate = date('U', strtotime($row[0])); $actualDate = date('U');
if (!empty($_POST['change'])) { if (!verifyToken()) { ## csrf check, should be added in more places print Error($GLOBALS['I18N']->get('No Access')); return; } if (empty($_POST['id'])) { # Check if fields login name and email are present if (!is_null($_POST['loginname']) && $_POST['loginname'] !== '' && !is_null($_POST['email']) && $_POST['email'] !== '') { if (validateEmail($_POST['email'])) { # new one $result = Sql_query(sprintf('SELECT count(*) FROM %s WHERE namelc="%s" OR email="%s"', $tables['admin'], strtolower(normalize($_POST['loginname'])), strtolower(normalize($_POST['email'])))); $totalres = Sql_fetch_Row($result); $total = $totalres[0]; if (!$total) { Sql_Query(sprintf('insert into %s (loginname,namelc,password,email,created) values("%s","%s","%s","%s",now())', $tables['admin'], strtolower(normalize($_POST['loginname'])), strtolower(normalize($_POST['loginname'])), encryptPass(md5(rand(0, 1000))), sql_escape($_POST['email']))); $id = Sql_Insert_Id($tables['admin'], 'id'); } else { $id = 0; } } else { ## email doesn't validate $id = 0; } } else { $id = 0; } } else { $id = sprintf('%d', $_POST['id']); ##17388 - disallow changing an admin email to an already existing one if (!empty($_POST['email'])) {