function sessionstart($nuserID) { // session times out after x seconds, eg 30 minutes = 1800 seconds global $global_sessionexpiry; // session can at most last x seconds, eg 1 week = 604800 seconds global $global_sessionmaxtime; // create 2 16 digit random tokens $sessiontoken1 = makepassword(16); $sessiontoken2 = makepassword(16); // get ip address and user agent $ipaddress = $_SERVER['REMOTE_ADDR']; $useragent = substr($_SERVER['HTTP_USER_AGENT'], 0, 64); // cookie 1 holds ipaddress, sessiontoken1 and userid $cookie1 = $ipaddress . "|||" . $sessiontoken1 . "|||" . $nuserID; // cookie 2 holds sessiontoken2 and useragent $cookie2 = $sessiontoken2 . "&&&" . $useragent; // encrypt the cookies $cookie1 = aes_encrypt($cookie1); $cookie2 = aes_encrypt($cookie2); // send 2 cookies setcookie("TOKEN1", $cookie1, time() + $global_sessionmaxtime, "/"); setcookie("TOKEN2", $cookie2, time() + $global_sessionmaxtime, "/"); // update COOKIE globals $_COOKIE['TOKEN1'] = $cookie1; $_COOKIE['TOKEN2'] = $cookie2; // save data to the database $result = doSQL("update users set sessiontoken1=?, sessiontoken2=?, sessionipaddress=?, sessionuseragent=?, sessionlastdateSQL=now() where userID=?;", $sessiontoken1, $sessiontoken2, $ipaddress, $useragent, $nuserID) or die("ERR"); }
die("hacking attempt"); } $oldSession = isset($_SESSION["login_rand"]) ? $_SESSION["login_rand"] : ''; $_SESSION["login_rand"] = mt_rand(); unset($_SESSION["idhost"]); require_once "php/password.php"; if (isset($_GET["logout"])) { redirect(BASEDIR); } if (isset($_POST["login"]) && $_POST["login"] == $oldSession && isset($_POST["hostname"]) && isset($_POST["password"])) { $stmt = $mysqli->prepare('SELECT * FROM `hosts` WHERE `hostname` = ?') or die('query failed'); $stmt->bind_param('s', $_POST["hostname"]); $stmt->execute() or die('query failed'); $result = $stmt->get_result(); $row = $result->fetch_assoc(); if ($result->num_rows == 0 || makepassword($_POST["password"], $row["password"]) != $row["password"]) { echo "<p>User does not exist or wrong password!</p>"; } else { $_SESSION["idhost"] = $row["idhost"]; redirect(BASEDIR . "admin/compo"); } $result->free(); $stmt->close(); } ?> <h2> Login </h2> <form action="{{BASE}}login" method="post">
$response["uid"] = $user["unique_id"]; $response["user"]["name"] = $user["name"]; $response["user"]["email"] = $user["email"]; $response["user"]["plate"] = $user["plate"]; $response["user"]["bank"] = $user["bank"]; $response["user"]["tel"] = $user["tel"]; $response["user"]["created_at"] = $user["created_at"]; $response["user"]["updated_at"] = $user["updated_at"]; echo json_encode($response); } } } else { if ($tag == 'forget') { $email = $_POST['email']; if (isUserExisted($email, $db)) { $new_password = makepassword(10); $is_stored = saveNewPassword($email, $new_password, $db); if ($is_stored != false) { $response["error"] = FALSE; $response["password"] = $new_password; echo json_encode($response); } else { $response["error"] = TRUE; $response["error_msg"] = "Error occured in Operation, Try again"; echo json_encode($response); } } else { // user is NOT existed - error response $response["error"] = TRUE; $response["error_msg"] = "User does NOT exist!"; echo json_encode($response);
function updateUser() { global $mysqli; $user = intval($_POST["which"]); $result = $mysqli->query("SELECT * FROM `hosts` WHERE `idhost` = {$user}") or die('query failed'); $row = $result->fetch_assoc(); $result->free(); if (!canEditUser($row)) { redirect(BASEDIR); } if (!canAddRole($_POST["role"]) && $_POST["role"] != $row["access_level"]) { echo "<p>Invalid role specified!</p>"; editUser($user); return; } if ($_POST["password"] != $_POST["password_rep"]) { echo "<p>Passwords did not match!</p>"; editUser($user); return; } $stmt = $mysqli->prepare("SELECT * FROM `hosts` WHERE (`idhost` != ?) AND (`hostname` = ?)") or die('query failed'); $stmt->bind_param('is', $user, $_POST["hostname"]); $stmt->execute() or die('query failed'); $result = $stmt->get_result(); $userExists = $result->num_rows > 0; $result->free(); $stmt->close(); if ($userExists) { echo "<p>User name is already taken!</p>"; editUser($user); return; } if (isset($_POST["password"]) && $_POST["password"] != '') { $password = makepassword($_POST["password"]); } else { $password = $row['password']; } $stmt = $mysqli->prepare('UPDATE `hosts` SET `hostname` = ?, `password` = ?, `access_level` = ? WHERE `idhost` = ?') or die('query failed'); $stmt->bind_param('ssii', $_POST["hostname"], $password, intval($_POST["role"]), $user); $stmt->execute() or die('query failed'); $stmt->close(); if ($_POST["which"] == $_SESSION["idhost"]) { redirect(BASEDIR . "admin/mydetails"); } else { redirect(BASEDIR . "admin/users"); } }