function redirect2gateway($payment = array()) { $this->_set_payment($payment); $qs = array('x_login' => $this->config['sid'], 'id_type' => 1, 'fixed' => 'Y', 'pay_method' => 'CC', 'x_receipt_link_url' => _BASEURL_ . '/thankyou.php?p=' . $this->module_code, 'x_invoice_num' => 'inv' . gen_pass(5), 'x_amount' => $this->payment['price'], 'c_price' => $this->payment['price'], 'c_prod' => $this->payment['internal_id'], 'c_name' => $this->payment['internal_name'], 'c_description' => isset($this->payment['internal_diz']) ? $this->payment['internal_diz'] : '', 'c_tangible' => 'N', 'internal_id' => $this->payment['internal_id'], 'dm_item_type' => $this->payment['dm_item_type']); if ($this->config['demo_mode'] == 1) { $qs['demo'] = 'Y'; } if (!empty($this->payment['user_id'])) { $qs['user_id'] = $this->payment['user_id']; } // redirect2page('https://www2.2checkout.com/2co/buyer/purchase',array(),array2qs($qs),true); post2page('https://www2.2checkout.com/2co/buyer/purchase', $qs, true); }
/** * Метод для генерации пароля для подтверждения рассылки * @param $tema * @param $msg * @return sms */ public function generate_pass($tema, $msg) { $this->db->write_log(6, $tema . "; " . $msg); $this->set_result(true); //генерация пароля $rand = gen_pass(); $query = "INSERT INTO want_to_send (pass, user_id, tema, msg)\n VALUES ('{$rand}', '{$_SESSION['id']}', '{$tema}', '{$msg}')"; $this->db->query($query) or $this->set_result(false); if ($this->get_result()) { $msg = "Немедленно сообщите администратору, если вы не совершали рассылку! Пароль для рассылки: {$rand}. Тема рассылки: " . $tema . ". Сообщение: " . $msg; $result = $this->send_sms($msg, $this->phone)->get_result(); if ($result['code'] == 0) { $this->set_result($this->db->get_last_id()); } else { $this->set_result(false); } } return $this; }
function __construct($login, $pass = "", $id = false) { $this->db = new data_base(); $settings = $this->db->super_query("SELECT * FROM system_settings", false)->get_res(); if ($id) { $query = "SELECT admin.id, admin.login, admin.phone, settings.id AS settings, settings.confirm_reg, settings.cofirm_msg, obl.id AS obl, goroda.id AS gorod, prava.id AS prava FROM admin\n LEFT JOIN obl ON obl.id = admin.obl\n LEFT JOIN goroda ON goroda.id = admin.gorod\n LEFT JOIN prava ON prava.id = admin.prava\n LEFT JOIN settings ON settings.id = admin.settings_id\n WHERE admin.login='******' AND admin.id='{$id}' AND admin.is_activ='1'"; $res = $this->db->super_query($query, false)->get_res() or $res = false; //print_arr($res); if ($res) { $this->set_login($login)->set_id($res['id'])->set_prava($res['prava'])->set_gorod($res['gorod'])->set_obl($res['obl'])->set_conf_reg($res['confirm_reg'])->set_conf_msg($res['cofirm_msg'])->set_settings($res['settings']); /*$devices = explode(",", $res['devices']); $i = 0; foreach ($devices as $item){ $_SESSION['devices'][$i] = $item; $i++; } $_SESSION['count_dev'] = count($devices); $_SESSION['default'] = $res['default_dev'];*/ $this->phone = $res['phone']; } } else { $pass = md5($pass); $_SESSION['added'] = ""; $query = "SELECT admin.id, login, prava.id AS prava, auth_pass, phone FROM admin\n INNER JOIN prava ON prava.id = admin.prava \n WHERE login='******' AND pass='******' AND is_activ='1'"; $res = $this->db->super_query($query, false)->get_res() or $res = false; $count_rows = $this->db->rows; //глобальная переменная, определяющая успешность авторизации global $auth; if ($count_rows == 1) { if ($res[auth_pass] == 0) { $auth = "pass"; $password = gen_pass(); $msg = str_replace("[пароль]", $password, $settings[auth_masg]); $this->send_sms($msg, $res[phone]); $this->db->query("UPDATE admin SET auth_pass="******" WHERE id=" . $res[id]); //return false; } else { if ($res[auth_pass] == $_POST[password]) { $_SESSION['login'] = $res['login']; $_SESSION['id'] = $res['id']; $_SESSION['access'] = $res['prava']; $this->db->write_log(1, "Вход! IP: " . $_SERVER[REMOTE_ADDR] . "; " . $_SERVER[HTTP_USER_AGENT]); $this->db->query("UPDATE admin SET auth_pass=0 WHERE id=" . $res[id]); $auth = "true"; } else { if ($res[auth_pass] != $_POST[password]) { $auth = "false"; } else { $auth = "pass"; } } } } else { if ($count_rows == 0) { $query = "SELECT login, id FROM admin WHERE login='******'"; $res = $this->db->super_query($query, false)->get_res(); $this->db->write_log(1, "Неудачная попытка входа в учетную запись " . $res[login] . "! IP: " . $_SERVER[REMOTE_ADDR] . "; " . $_SERVER[HTTP_USER_AGENT], $res[id]); $auth = "false"; } } } }
$fname = text_filter($_POST['fname']); if (!$fname) { $error .= "Error: Please enter your Frind's Name!<br />"; } if (!$yname) { $error .= "Error: Please enter your Name!<br />"; } $gfx_check = intval($_POST['gfx_check']); if ($_POST['gfx_check'] != $_SESSION['Var_session'] or !isset($_SESSION['Var_session'])) { $error .= "Error: Security Code Invalid <br />"; } if ($error) { $tengah .= '<div class="error">' . $error . '</div>'; } else { $subject = "Ada artikel bagus di {$url_situs}"; $full_pesan = "Hallo,\n\nBerikut ini ada artikel yang bagus untuk dibaca,\n<br />Artikel dengan judul : {$judul_artikel}, silahkan klik aja <a href='{$url_situs}/?pilih=news&mod=yes&aksi=lihat&id={$id}'>{$url_situs}/?pilih=news&mod=yes&aksi=lihat&id={$id}</a>.\n<br />\n<br />\n{$pesan}\n<br />\n<br />Terima kasih."; mail_send($femail, $yemail, $subject, $full_pesan, 0, 3); $tengah .= '<div class="sukses"><p>Pesan Anda telah dikirim ke teman Anda.<br />Terima kasih mau mendistribusikan artikel di situs ini.</p></div>'; $tengah .= '<meta http-equiv="refresh" content="3; url=?pilih=news&mod=yes&aksi=lihat&id=' . $id . '">'; } } $tengah .= '<div class="border">'; $tengah .= "\n<form method=\"post\" action=\"\">\n<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" align=\"center\">\n <tr>\n <td valign=\"top\">Your Name</td>\n <td valign=\"top\">:</td>\n <td valign=\"top\"><input type=\"text\" name=\"yname\" style=\"width:150px\" size=\"50\" /></td>\n </tr>\n <tr>\n <td valign=\"top\">Your E-mail</td>\n <td valign=\"top\">:</td>\n <td valign=\"top\"><input type=\"text\" name=\"yemail\" style=\"width:150px\" size=\"50\" /></td>\n </tr>\n <tr>\n <td valign=\"top\">Your Friend's Name</td>\n <td valign=\"top\">:</td>\n <td valign=\"top\"><input type=\"text\" name=\"fname\" style=\"width:150px\" size=\"50\" /></td>\n </tr>\n <tr>\n <td valign=\"top\">Your Friend's E-Mail</td>\n <td valign=\"top\">:</td>\n <td valign=\"top\"><input type=\"text\" name=\"femail\" style=\"width:150px\" size=\"50\" /></td>\n </tr>\n <tr>\n <td valign=\"top\">Message (option)</td>\n <td valign=\"top\">:</td>\n <td valign=\"top\"><textarea name=\"pesan\" cols=\"50\" rows=\"10\" style=\"width:250px\"></textarea></td>\n </tr>"; if (extension_loaded("gd")) { $random_num = gen_pass(10); $tengah .= "\n <tr>\n <td valign=\"top\">Security Code</td>\n <td valign=\"top\">:</td>\n <td valign=\"top\"><img src=\"{web}/includes/code_image.php\" border=\"1\" alt=\"Security Code\" /></td>\n </tr>\n <tr>\n <td valign=\"top\">Type Code</td>\n <td valign=\"top\">:</td>\n <td valign=\"top\"><input type=\"text\" name=\"gfx_check\" size=\"10\" maxlength=\"6\" /></td>\n </tr>"; } $tengah .= "\n <tr>\n <td valign=\"top\"></td>\n <td valign=\"top\"></td>\n <td valign=\"top\"></td>\n </tr>\n <tr>\n <td valign=\"top\"></td>\n <td valign=\"top\"></td>\n <td valign=\"top\"><input type=\"submit\" name=\"submit\" value=\"Submit\" /></td>\n </tr>\n</table>\n</form>"; $tengah .= '</div>'; } echo $tengah;
} if ($_GET['aksi'] == "forgotpass") { $tengah .= '<h5 class="bg">Lupa Password / User ?</h5>'; if (isset($_POST['submit'])) { $email = $_POST['email']; if (!$email) { $error .= "Error: Formulir Email belum diisi , silahkan ulangi.<br />"; } if ($error) { $tengah .= '<div class="error">' . $error . '</div>'; } else { $jumlah = $koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT * FROM useraura WHERE email='{$email}' AND tipe='aktif'")); if ($jumlah < 1) { $tengah .= '<div class="error">Sorry,no member with that data</div>'; } else { $newpass = gen_pass(10); $userdata = "SELECT * FROM useraura WHERE email = '{$email}'"; $userdata = $koneksi_db->sql_query($userdata); $datauser = mysql_fetch_array($userdata); $user = $datauser['user']; $emailuser = $datauser['email']; $newpassword = md5($newpass); $update = "update useraura set password = '******' where email='{$emailuser}'"; $updatedata = $koneksi_db->sql_query($update); //forgot_login(); $subject = "{$judul_situs} - Berikut Data Account Anda"; $pesan .= ' <table width="700" align="center"> <tr> <td><img src="' . $url_situs . '/images/head.png" alt="teamworks.co.id" width="700" height="80" style=""/></td> </tr>
if (empty($temp['text'])) { $topass['message']['text'] = $GLOBALS['_lang'][69]; } else { $topass['message']['text'] = $temp['text']; } $input['error_' . $field->config['dbfield']] = 'red_border'; } if (!$error) { if (!empty($field->config['fn_on_change'])) { $on_changes[] = array('fn' => $field->config['fn_on_change'], 'param2' => $field->get_value(), 'param3' => $field->config['dbfield']); } } } if (!$error) { if ($input['page'] == 1) { $input['temp_pass'] = md5(gen_pass(6)); $query = "INSERT IGNORE INTO `" . USER_ACCOUNTS_TABLE . "` SET `" . USER_ACCOUNT_USER . "`='" . $input['user'] . "',`" . USER_ACCOUNT_PASS . "`=md5('" . $input['pass'] . "'),`email`='" . $input['email'] . "',`membership`=2,`status`=" . ASTAT_UNVERIFIED . ",`temp_pass`='" . $input['temp_pass'] . "'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $_SESSION[_LICENSE_KEY_]['user']['reg_id'] = mysql_insert_id(); $_SESSION[_LICENSE_KEY_]['user']['user'] = $input['user']; // for `dsb_payments` $_SESSION[_LICENSE_KEY_]['user']['email'] = $input['email']; // for info_signup.html $input['uid'] = $_SESSION[_LICENSE_KEY_]['user']['reg_id']; send_template_email($input['email'], sprintf($GLOBALS['_lang'][70], _SITENAME_), 'confirm_reg.html', get_my_skin(), $input); } $query = "SELECT `fk_user_id` FROM `{$dbtable_prefix}user_profiles` WHERE `fk_user_id`=" . $_SESSION[_LICENSE_KEY_]['user']['reg_id']; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR);
function print_form($user_in_db = "", $uinfo = "", $name = "", $password_notice = "") { $pass = gen_pass(); $form = "\n<div id=\"form_div\">\n<fieldset>\n<legend><span id=\"leg\">Adding Database User : {$uinfo}</span></legend>\n<form action=\"main.php?update=1\" method=\"post\">\n <table id=\"change_form\">\n <tr><td>Database</td><td><input type=\"text\" name=\"db_name\" value=\"{$name}\" size=\"25\"></td></tr>\n <tr><td>Password*</td><td><input type=\"text\" name=\"pass\" value=\"{$pass}\" size=\"25\"><input type=\"hidden\" name=\"name\" value=\"{$name}\"/></td></tr>\n <tr><td colspan=\"2\"><input type=\"submit\" value=\"Update User Information Now.\"></td></tr>\n </table>\n</form>\n{$password_notice}\n</fieldset>\n{$user_in_db}\n</div></div>"; return $form; }
case 1: $pass = $pass. $num; break; case 2: $pass = $pass. $lowcase; break; case 3: $pass = $pass. $upcase; break; } } return($pass); } $pass = gen_pass(); $found = array(); $found[0] = json_encode(array('Method' => 'ForgotPassword', 'WebPassword' => md5(WEBUI_PASSWORD) , 'UUID' => cleanQuery($UUID) , 'Password' => cleanQuery($pass))); $do_post_requested = do_post_request($found); $recieved = json_decode($do_post_requested); // echo '<pre>'; // var_dump($recieved); // var_dump($do_post_requested); // echo '</pre>'; if ($recieved->{'Verified'} == "true")
Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require '../includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/join.inc.php'; $qs = 'type=signup'; $qssep = '&'; $uid = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0); if (!empty($uid)) { $query = "SELECT `" . USER_ACCOUNT_ID . "` as `uid`,`email`,`temp_pass` FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `" . USER_ACCOUNT_ID . "`={$uid}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $input = mysql_fetch_assoc($res); if (empty($input['temp_pass'])) { $input['temp_pass'] = gen_pass(7); $query = "UPDATE `" . USER_ACCOUNTS_TABLE . "` SET `temp_pass`='" . $input['temp_pass'] . "' WHERE `" . USER_ACCOUNT_ID . "`={$uid}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } send_template_email($input['email'], sprintf($GLOBALS['_lang'][70], _SITENAME_), 'confirm_reg.html', get_my_skin(), $input); $qs .= $qssep . 'email=' . $input['email']; } } redirect2page('info.php', array(), $qs);
$Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ define('CACHE_LIMITER', 'private'); require 'includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/join.inc.php'; $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs'); $uid = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0); $secret = sanitize_and_format_gpc($_GET, 'secret', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''); if (!empty($uid) && !empty($secret)) { $query = "UPDATE `" . USER_ACCOUNTS_TABLE . "` SET `status`=" . ASTAT_ACTIVE . ",`temp_pass`='" . gen_pass(7) . "' WHERE `" . USER_ACCOUNT_ID . "`={$uid} AND `status`=" . ASTAT_UNVERIFIED . " AND `temp_pass`='{$secret}' LIMIT 1"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (isset($_SESSION[_LICENSE_KEY_]['user']['timedout'])) { unset($_SESSION[_LICENSE_KEY_]['user']['timedout']); } if (mysql_affected_rows()) { $qs = 'type=acctok'; redirect2page('info.php', array(), $qs); } else { $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = $GLOBALS['_lang'][1]; redirect2page('info.php', $topass); } }
} ftp_close($link); } else { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'][] = 'FTP Host is wrong.'; } } else { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'][] = 'Server configuration does not allow ftp connections.'; } } if (!$error) { $input['fileop_mode'] = $_SESSION['install']['write']; $input['license_key'] = strtoupper(gen_pass(22)); $input['license_key_md5'] = md5($input['license_key']); $tpl = new phemplate('../skin/', 'remove_nonjs'); $tpl->set_file('content', 'defines.inc.php'); $tpl->set_var('input', $input); $towrite = $tpl->process('content', 'content', TPL_FINISH); define('_BASEPATH_', $input['basepath']); define('_FILEOP_MODE_', $input['fileop_mode']); define('_FTPHOST_', $input['ftphost']); define('_FTPPATH_', $input['ftppath']); define('_FTPUSER_', $input['ftpuser']); define('_FTPPASS_', $input['ftppass']); require_once '../../includes/classes/fileop.class.php'; $fileop = new fileop(); $fileop->delete($input['basepath'] . '/includes/defines.inc.php'); $fileop->file_put_contents($input['basepath'] . '/includes/defines.inc.php', $towrite);
$error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'][] = $GLOBALS['_lang'][58]; } if (get_site_option('use_captcha', 'core')) { $captcha = sanitize_and_format_gpc($_POST, 'captcha', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''); if (!$error && (!isset($_SESSION['captcha_word']) || strcasecmp($captcha, $_SESSION['captcha_word']) != 0)) { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'][] = $GLOBALS['_lang'][24]; $input['error_captcha'] = 'red_border'; } } unset($_SESSION['captcha_word']); if (!$error) { $query = "UPDATE `" . USER_ACCOUNTS_TABLE . "` SET `" . USER_ACCOUNT_PASS . "`=" . PASSWORD_ENC_FUNC . "('" . $input['pass'] . "'),`temp_pass`='" . gen_pass(7) . "' WHERE `" . USER_ACCOUNT_ID . "`=" . $input['uid'] . " AND `" . USER_ACCOUNT_USER . "`='" . $input['user'] . "' AND `temp_pass`='" . $input['secret'] . "'"; if (isset($_on_before_update)) { for ($i = 0; isset($_on_before_update[$i]); ++$i) { call_user_func($_on_before_update[$i]); } } if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_affected_rows()) { $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = $GLOBALS['_lang'][59]; } else { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = $GLOBALS['_lang'][60];