/** * Get the groups filters data. * * @return \Illuminate\Support\Collection */ private function getFilters() { $filters = new Collection(); foreach ($this->getCachedPermissionGroups() as $group) { /** @var \Arcanesoft\Auth\Models\PermissionsGroup $group */ $filters->push(['name' => $group->name, 'params' => [$group->hashed_id]]); } // Custom Permission group //---------------------------------- if (Permission::where('group_id', 0)->count()) { $filters->push(['name' => 'Custom', 'params' => [hasher()->encode(0)]]); } return $filters; }
/** * Compose the view. * * @param \Illuminate\Contracts\View\View $view */ public function composeFilters(View $view) { $filters = collect(); // Permission groups //---------------------------------- $groups = $this->cacheResults('permissions-groups.filters', function () { return PermissionsGroup::has('permissions')->get(); }); foreach ($groups as $group) { /** @var \Arcanesoft\Auth\Models\PermissionsGroup $group */ $filters->put($group->slug, link_to_route('auth::foundation.permissions.group', $group->name, [$group->hashed_id])); } // Custom Permission group //---------------------------------- if (Permission::where('group_id', 0)->count()) { $filters->put('custom', link_to_route('auth::foundation.permissions.group', 'Custom', [hasher()->encode(0)])); } $view->with('groupFilters', $filters->toArray()); // TODO: return a collection instead of simple array }
$M_query = "SELECT * FROM users WHERE username='******';"; $M_result = $mysqli->query($M_query); $M_count = $M_result->num_rows; if ($M_count != 1) { logEvent('pswd-change', 'no-user', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`")); die('{"result": "Incorrect username."}'); } $M_row = $M_result->fetch_assoc(); if (strlen($password) != strlen(hash('md5', 'pi'))) { $password = strtolower(hash('md5', hasher(hasher($_POST['p'])) . hasher(hasher($username)))); } $password = strtolower(hash('md5', hasher(hasher($M_row['createip'] . $password . $M_row['id'])))); $ip = $_SERVER['REMOTE_ADDR']; $current = $ip; if ($M_row['password'] != $password) { logEvent('pswd-change', 'bad-password', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, password: `{$password}`, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}")); die('{"result": "Incorrect old password."}'); } if (strlen($newpassw) != strlen(hash('md5', 'pi'))) { $newpassw = strtolower(hash('md5', hasher(hasher($_POST['p'])) . hasher(hasher($username)))); } $newpassw = strtolower(hash('md5', hasher(hasher($M_row['createip'] . $newpassw . $M_row['id'])))); $M_query6 = "UPDATE users SET password='******' WHERE id='" . $M_row['id'] . "';"; $M_result6 = $mysqli->query($M_query6); if ($M_result6) { logEvent('pswd-change', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`")); print '{"result": "success"}'; } else { logEvent('pswd-change', 'misc-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`")); die('{"result": "Error saving password."}'); }
public static function create($params) { $user = new User(); $user->username = $params['user']; $user->credential = hasher($params['password']); $user->email = $params['email']; $user->date_joined = date("Y-m-d H:i:s"); $user->ip = $_SERVER['REMOTE_ADDR']; $user->validation = md5(time() . rand()); $user->validated = 0; $user->member_id = $params['member_id']; $user->date_joined = date('Y-m-d H:i:s'); $user->role = 0; $user->last_logged = 0; $user->last_seen = 0; $user->developer = 0; $user->save(); Email::validate($user); }
$M_result = $mysqli->query($M_query); $M_count = $M_result->num_rows; if ($M_count != 1) { logEvent('login', 'no-user', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`")); die('{ "result": "Wrong password."}'); } $M_row = $M_result->fetch_assoc(); if (strlen($password) != strlen(hash('md5', 'pi'))) { $password = strtolower(hash('md5', hasher(hasher($password)) . hasher(hasher($username)))); } $password = strtolower(hash('md5', hasher(hasher($M_row['createip'] . $password . $M_row['id'])))); if ($password2) { if (strlen($password2) != strlen(hash('md5', 'pi'))) { $password2 = strtolower(hash('md5', hasher(hasher($password2)) . hasher(hasher($username)))); } $password2 = strtolower(hash('md5', hasher(hasher($M_row['createip'] . $password2 . $M_row['id'])))); } if ($M_row['rank'] == 'b') { logEvent('login', 'banned-user', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}")); die('{ "result": "Bad username."}'); } $ip = $_SERVER['REMOTE_ADDR']; $current = $ip; $current = json_decode($M_row['currentip'] ? $M_row['currentip'] : '[]', true); $current[] = $ip; $current = json_encode($current); if ($M_row['old_password'] == $password || $password2 != '' && $M_row['password'] == $password2) { $_SESSION['li'] = 'true'; $_SESSION['username'] = $username; $_SESSION['uid'] = $M_row['id']; $_SESSION['rank'] = $M_row['rank'];
/** * Get the Hash Driver instance. * * @param string $connection * @param string|null $driver * * @return \Arcanedev\Hasher\Contracts\HashDriver */ function hash_with($connection, $driver = null) { return hasher()->with($connection, $driver); }
/** * Get the hasher. * * @return \Arcanedev\Hasher\Contracts\HashManager */ protected static function hasher() { return hasher(); }