function dominio_editar($iddominio, $idcliente, $dominio, $usuario, $password, $cuentas, $quotacorreo, $quotaftp)
{
    require_once _CFG_INTERFACE_DIRMODULES . "mod_xmlconfig/include_funciones.php";
    $mPassword = md5_encrypt(trim($password), _CFG_INTERFACE_BLOWFISH);
    $conf = new patConfiguration();
    $conf->setConfigDir(_CFG_XML_CONFIG_DIR);
    $conf->parseConfigFile(_CFG_XML_DOMINIOS, a);
    $conf->setConfigValue($iddominio, array("ID" => $iddominio, "IDCLIENTE" => $idcliente, "DOMINIO" => $dominio, "BASE" => $usuario, "USUARIO" => $usuario, "PASSWORD" => $mPassword, "CUENTAS" => $cuentas, "REDIRECCIONES" => $cuentas, "ALIAS" => $cuentas, "AUTORESPUESTA" => $cuentas, "LISTA" => $cuentas, "QUOTACORREO" => $quotacorreo, "IDFTP" => 0, "QUOTAFTP" => $quotaftp, "ESTADO" => 0), "array");
    $conf->writeConfigFile(_CFG_XML_DOMINIOS, "xml", array("mode" => "pretty"));
}
Esempio n. 2
0
function post(&$vars)
{
    extract($vars);
    if (!get_profile_id()) {
        trigger_error('Sorry, the setting could not be saved', E_USER_ERROR);
    }
    $request->set_param(array('setting', 'profile_id'), get_profile_id());
    if (strpos($request->params['setting']['name'], 'password') !== false) {
        $request->set_param(array('setting', 'value'), md5_encrypt($request->params['setting']['value'], $db->dbname));
    }
    $settingname = $request->params['setting']['name'];
    $set = split('\\.', $settingname);
    if (is_array($set) && $set[0] == 'config') {
        if (!member_of('administrators')) {
            trigger_error('Sorry, you must be an administrator to do that', E_USER_ERROR);
        }
        $s = $Setting->find_by('name', $settingname);
        if ($s) {
            $db->delete_record($s);
        }
    }
    if ($settingname == 'app') {
        $do_install = false;
        $app = $settingname;
        $sources = environment('remote_sources');
        $remote_list = array();
        foreach ($sources as $name => $url) {
            $p = get_profile();
            $url = "http://" . $url . "&p=" . urlencode($p->profile_url) . "&a=" . urlencode($app);
            $curl = curl_init($url);
            curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
            curl_setopt($curl, CURLOPT_HEADER, false);
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
            $result = curl_exec($curl);
            if ($result) {
                if (trim($result) == 'install') {
                    $do_install = true;
                }
                continue;
            }
            curl_close($curl);
        }
        if (!$do_install) {
            trigger_error('Sorry, you are not authorized to install ' . $app, E_USER_ERROR);
        }
    }
    $resource->insert_from_post($request);
    header_status('201 Created');
    redirect_to($request->resource);
}
function process_signup_2($POST)
{
    global $seo_tag, $consts;
    #/ encrypt password
    include_once '../includes/func_enc.php';
    $new_pass = @$POST['pass_w'];
    $pass_w = @md5_encrypt($new_pass);
    $joined_on = date('Y-m-d H:i:s');
    #/save users
    $sql_users = "INSERT INTO users (package_id, email_add, pass_w, first_name, middle_name, last_name, company_name, joined_on)\n    VALUES ('{$POST['package_id']}', '{$POST['email_add']}', '{$pass_w}', '{$POST['first_name']}', '{$POST['middle_name']}', '{$POST['last_name']}', '{$POST['company_name']}', '{$joined_on}')";
    @mysql_exec($sql_users, 'save');
    $user_id = @mysql_insert_id();
    //var_dump($user_id); die();
    if ($user_id > 0) {
        $POST['secret_question_id'] = (int) @$POST['secret_question_id'];
        #/save user_info
        $sql_user_info = "INSERT INTO user_info (user_id, secret_question_id, secret_answer)\n        VALUES ('{$user_id}', '{$POST['secret_question_id']}', '{$POST['secret_answer']}')";
        @mysql_exec($sql_user_info, 'save');
        #/save acc_verifications
        $verification_str = mt_rand() . md5(uniqid(rand())) . mt_rand();
        $sql_veri = "INSERT INTO acc_verifications (user_id, verification_str)\n        VALUES ('{$user_id}', '{$verification_str}')";
        @mysql_exec($sql_veri, 'save');
        include_once '../includes/email_templates.php';
        include_once '../includes/send_mail.php';
        #/ Send Emails to User
        $heading = $subject = "Account Confirmation from collaborateUSA.com";
        $body_in = signup_success($POST['first_name'], $user_id, $verification_str);
        send_mail($POST['email_add'], $subject, $heading, $body_in);
        #/ Send Emails to Admin
        $subject = "New Member Signup Notification from collaborateUSA.com";
        $heading = "New Member Joined Us at collaborateUSA.com";
        $body_in_admin = signup_notice_to_admin($POST, $joined_on);
        send_mail($consts['support_em'], $subject, $heading, $body_in_admin);
        //die('x');
        #/ Lock & Redirect
        $_SESSION['signup_success'] = '1';
        $_SESSION['signup_stage'] = 'signup-details';
        reset_attempt_counts();
        redirect_me('signup-details');
    } else {
        $_SESSION["CUSA_MSG_GLOBAL"] = array(false, 'Unable to process your request at this moment! Please try again later.');
        redirect_me($seo_tag);
    }
}
 if ($u_id > 0) {
     #/ users
     $sql_users = "UPDATE users SET package_id='{$_POST['package_id']}', email_add='{$_POST['email_add']}',\n            screen_name='{$_POST['screen_name']}', first_name='{$_POST['first_name']}', middle_name='{$_POST['middle_name']}', last_name='{$_POST['last_name']}',\n            company_name='{$_POST['company_name']}', account_activated='{$account_activated}', is_blocked='{$is_blocked}'\n            WHERE id='{$u_id}'";
     mysql_exec($sql_users, 'save');
     #/ user_info
     $sql_user_info = "UPDATE user_info SET country_code='{$_POST['country_code']}', state='{$_POST['state']}',\n            city='{$_POST['city']}', address_ln_1='{$_POST['address_ln_1']}', address_ln_2='{$_POST['address_ln_2']}',\n        \tzip='{$_POST['zip']}', phone_number='{$_POST['phone_number']}'\n            WHERE user_id='{$u_id}'";
     mysql_exec($sql_user_info, 'save');
     $_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(true, 'The User data was successfully Updated..');
     //redirect_me("{$consts['DOC_ROOT_ADMIN']}admin_users_opp.php{$param2}&u_id={$u_id}", true);
     ////////////////-------
 } else {
     ////////////////-------
     #/ encrypt password
     include_once '../../includes/func_enc.php';
     $new_pass = (string) createRandomPassword();
     $pass_w = md5_encrypt($new_pass);
     ###/ Updating Database
     #/ users
     $sql_users = "INSERT INTO users\n        \t(package_id, email_add, pass_w, screen_name, first_name, middle_name, last_name, company_name, account_activated, is_blocked, joined_on)\n        \tvalues('{$_POST['package_id']}', '{$_POST['email_add']}', '{$pass_w}', '{$_POST['screen_name']}', '{$_POST['first_name']}', '{$_POST['middle_name']}', '{$_POST['last_name']}', '{$_POST['company_name']}', '{$account_activated}', '{$is_blocked}', NOW())";
     mysql_exec($sql_users, 'save');
     $u_id = (int) @mysql_insert_id();
     #-
     if ($u_id > 0) {
         #/ user_info
         $sql_user_info = "INSERT INTO user_info\n            \t(user_id, country_code, state, city, address_ln_1, address_ln_2, zip, phone_number)\n            \tvalues('{$u_id}', '{$_POST['country_code']}', '{$_POST['state']}', '{$_POST['city']}', '{$_POST['address_ln_1']}', '{$_POST['address_ln_2']}', '{$_POST['zip']}', '{$_POST['phone_number']}')";
         mysql_exec($sql_user_info, 'save');
         #/acc_verifications
         $verification_str = mt_rand() . md5(uniqid(rand())) . mt_rand();
         $sql_veri = "INSERT INTO acc_verifications (user_id, verification_str)\n                VALUES ('{$u_id}', '{$verification_str}')";
         @mysql_exec($sql_veri, 'save');
         #/save user_permissions //private fields only
Esempio n. 5
0
$modulos_instalados = modules_array(_CFG_INTERFACE_DIRMODULES);
foreach ($modulos_instalados as $modulo) {
    require _CFG_INTERFACE_DIRMODULES . "mod_" . $modulo . "/include_funciones.php";
}
$conf = new patConfiguration();
$conf->setConfigDir(_CFG_XML_CONFIG_DIR);
$conf->parseConfigFile(_CFG_XML_DOMINIOS, a);
$mIDCliente = $_SESSION['SEC_ID'];
$mDominio = trim($_POST['frmDominio']);
$mBase = trim($_POST['frmBase']);
$mUsuario = trim($_POST['frmUsuario']);
if ($_POST['frmPassword'] == "") {
    $datos = $conf->getConfigValue(xmlconfig_buscaid($_GET['id'], _CFG_XML_DOMINIOS));
    $mPassword = $datos['PASSWORD'];
} else {
    $mPassword = md5_encrypt(trim($_POST['frmPassword']), _CFG_INTERFACE_BLOWFISH);
}
$mCuentas = trim($_POST['frmCuentas']);
$mRedirecciones = trim($_POST['frmRedirecciones']);
$mAlias = trim($_POST['frmAlias']);
$mAutoRespuesta = trim($_POST['frmAutoRespuesta']);
$mLista = trim($_POST['frmLista']);
$mQuotaCORREO = trim($_POST['frmQuotaCORREO']);
$mIDFTP = trim($_POST['frmIDFTP']);
$mQuotaFTP = trim($_POST['frmQuotaFTP']);
$mEstado = $_POST['frmEstado'];
if ($_GET['id'] != 0) {
    $conf->setConfigValue($_GET['id'], array("ID" => $_GET['id'], "IDCLIENTE" => $mIDCliente, "DOMINIO" => $mDominio, "BASE" => $mBase, "USUARIO" => $mUsuario, "PASSWORD" => $mPassword, "CUENTAS" => $mCuentas, "REDIRECCIONES" => $mRedirecciones, "ALIAS" => $mAlias, "AUTORESPUESTA" => $mAutoRespuesta, "LISTA" => $mLista, "QUOTACORREO" => $mQuotaCORREO, "IDFTP" => $mIDFTP, "QUOTAFTP" => $mQuotaFTP, "ESTADO" => $mEstado), "array");
    if (function_exists("awstats_info")) {
        $mUsuario_Antiguo = awstats_usuariohtpasswd($mDominio);
        awstats_htpasswdsave($mDominio, $mUsuario_Antiguo, $mUsuario, $_POST['frmPassword']);
Esempio n. 6
0
 function BanUser($ip, $modname, $globalban, $duration, $boards, $reason, $staffnote, $appealat = 0, $type = 0, $allowread = 1, $proxyban = false)
 {
     global $tc_db;
     if ($proxyban) {
         $check = $tc_db->GetOne("SELECT COUNT(*) FROM `" . KU_DBPREFIX . "banlist` WHERE `type` = '" . $type . "' AND `ipmd5` = '" . md5($ip) . "'");
         if ($check[0] > 0) {
             return false;
         }
     }
     if ($duration > 0) {
         $ban_globalban = '0';
     } else {
         $ban_globalban = '1';
     }
     if ($duration > 0) {
         $ban_until = time() + $duration;
     } else {
         $ban_until = '0';
     }
     $tc_db->Execute("INSERT INTO `" . KU_DBPREFIX . "banlist` ( `ip` , `ipmd5` , `type` , `allowread` , `globalban` , `boards` , `by` , `at` , `until` , `reason`, `staffnote`, `appealat` ) VALUES ( " . $tc_db->qstr(md5_encrypt($ip, KU_RANDOMSEED)) . " , " . $tc_db->qstr(md5($ip)) . " , " . intval($type) . " , " . intval($allowread) . " , " . intval($globalban) . " , " . $tc_db->qstr($boards) . " , " . $tc_db->qstr($modname) . " , " . time() . " , " . intval($ban_until) . " , " . $tc_db->qstr($reason) . " , " . $tc_db->qstr($staffnote) . ", " . intval($appealat) . " ) ");
     if (!$proxyban && $type == 1) {
         $this->UpdateHtaccess();
     }
     return true;
 }
Esempio n. 7
0
     redirect_me($seo_tag);
 }
 ##/ Validate Fields
 include_once '../includes/form_validator.php';
 $form_v = new Valitron\Validator($_POST);
 $rules = ['required' => [['email_add'], ['pass_w']], 'lengthMax' => [['email_add', 150], ['pass_w', 20]], 'email' => [['email_add']]];
 $form_v->labels(array('email_add' => 'Email Address', 'pass_w' => 'Password'));
 $form_v->rules($rules);
 $form_v->validate();
 $fv_errors = $form_v->errors();
 //var_dump("<pre>", $_POST, $fv_errors); die();
 #-
 ##/ Find User Info
 if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
     include_once '../includes/func_enc.php';
     $pass_w = @md5_encrypt($_POST['pass_w']);
     #/ Match User
     $sql_1 = "SELECT *, US.id as user_id\n        FROM users US\n        LEFT JOIN user_info UI ON US.id = UI.user_id\n        WHERE email_add='{$_POST['email_add']}' AND pass_w='{$pass_w}'";
     //die($sql_1);
     $chk_usr = @mysql_exec($sql_1, 'single');
     if (empty($chk_usr) || !is_array($chk_usr)) {
         $fv_errors[] = array("Unable to <b>Authenticate</b> your given info! Please try again.<br />- If you dont have an Account setup here yet, please <b>Register</b> for an Account instead.");
     } else {
         #/ Check if account is not activated
         if ($chk_usr['account_activated'] == 0) {
             $fv_errors[] = array("Your Account has <b>NOT been ACTIVATED</b> yet!<br />- Please follow the <b>Account Activation email</b> sent to you at the time of Signup in order to activate your Account first.");
             $fv_errors[] = array("If you have lost that email, please <a href=\"{$consts['DOC_ROOT']}account-confirm/resend\" style='font-weight:bold; color:red'>Click Here</a> to <b>RESEND</b> the Activation Email.");
             $show_form = false;
             $_SESSION['resend_chk'] = true;
             //allow Resend Form to be visible
         }
Esempio n. 8
0
 *
 * @package kusaba
 */
session_start();
require 'config.php';
require KU_ROOTDIR . 'lib/dwoo.php';
require KU_ROOTDIR . 'inc/functions.php';
require KU_ROOTDIR . 'inc/classes/manage.class.php';
$manage_class = new Manage();
$dwoo_data->assign('styles', explode(':', KU_MENUSTYLES));
$tpl_links = '';
if (!$manage_class->ValidateSession(true)) {
    $tpl_links .= '<li><a href="' . KU_WEBFOLDER . '" target="_top">' . _gettext('Home') . '</a></li>' . "\n";
    $tpl_links .= '<li><a href="manage_page.php">' . ucfirst(_gettext('log in')) . '</a></li>';
} else {
    $manage_postpassword = md5_encrypt($_SESSION['manageusername'], KU_RANDOMSEED);
    $tpl_links .= _gettext('Welcome') . ', <strong>' . $_SESSION['manageusername'] . '</strong>';
    if ($_SESSION['manageusername'] == 'admin') {
        $salt = $tc_db->GetOne("SELECT `salt` FROM " . KU_DBPREFIX . "staff WHERE `username` = " . $tc_db->qstr($_SESSION['manageusername']));
        if ($_SESSION['managepassword'] == md5('admin' . $salt)) {
            $tpl_links .= '<br /><strong><font color="red">' . _gettext('NOTICE: You are using the default administrator account. Anyone can log in to this account, so a second administrator account needs to be created. Create another, log in to it, and delete this one.') . '</font></strong>';
        }
    }
    $tpl_links .= '<br />' . _gettext('Staff rights') . ': <strong>';
    if ($manage_class->CurrentUserIsAdministrator()) {
        $tpl_links .= _gettext('Administrator');
    } elseif ($manage_class->CurrentUserIsModerator()) {
        $tpl_links .= _gettext('Moderator');
    } else {
        $tpl_links .= _gettext('Janitor');
    }
function process_signup_2($POST, $chk_pkg, $redir = true, $joined_on = '')
{
    global $seo_tag, $consts;
    #/ encrypt password
    include_once '../includes/func_enc.php';
    $new_pass = @$POST['pass_w'];
    $pass_w = @md5_encrypt($new_pass);
    if (empty($joined_on)) {
        $joined_on = date('Y-m-d H:i:s');
    }
    #/save users
    $sql_users = "INSERT INTO users (package_id, email_add, pass_w, first_name, middle_name, last_name, company_name, joined_on)\n    VALUES ('{$POST['package_id']}', '{$POST['email_add']}', '{$pass_w}', '{$POST['first_name']}', '{$POST['middle_name']}', '{$POST['last_name']}', '{$POST['company_name']}', '{$joined_on}')";
    @mysql_exec($sql_users, 'save');
    $user_id = @mysql_insert_id();
    //var_dump("<pre>", $sql_users, $user_id); die();
    if ($user_id > 0) {
        $POST['secret_question_id'] = (int) @$POST['secret_question_id'];
        #/save user_info
        $sql_user_info = "INSERT INTO user_info (user_id, secret_question_id, secret_answer)\n        VALUES ('{$user_id}', '{$POST['secret_question_id']}', '{$POST['secret_answer']}')";
        @mysql_exec($sql_user_info, 'save');
        #/save acc_verifications
        $verification_str = mt_rand() . md5(uniqid(rand())) . mt_rand();
        $sql_veri = "INSERT INTO acc_verifications (user_id, verification_str)\n        VALUES ('{$user_id}', '{$verification_str}')";
        @mysql_exec($sql_veri, 'save');
        #/save user_permissions //private fields only
        $fields_perm = 'email_add,state,city,address_ln_1,address_ln_2,zip,phone_number';
        $sql_fields_perm = "INSERT INTO user_permissions (user_id, fields_perm)\n        VALUES ('{$user_id}', '{$fields_perm}')";
        @mysql_exec($sql_fields_perm, 'save');
        include_once '../includes/email_templates.php';
        include_once '../includes/send_mail.php';
        #/ Send Emails to User
        $heading = $subject = "Account Confirmation from collaborateUSA.com";
        $body_in = signup_success($POST['first_name'], $user_id, $verification_str, '', $chk_pkg);
        send_mail($POST['email_add'], $subject, $heading, $body_in, 'collaborateUSA.com', $consts['mem_support_em']);
        #/ Send Emails to Admin
        $subject = "New Member Signup Notification from collaborateUSA.com";
        $heading = "New Member Joined Us at collaborateUSA.com";
        $body_in_admin = signup_notice_to_admin($POST, $joined_on, $chk_pkg['is_basic']);
        send_mail($consts['mem_support_em'], $subject, $heading, $body_in_admin);
        //die('x');
        #/ Generate Welcome Notification
        include_once '../includes/notif_func.php';
        $notif_data = array('template_id' => "5", 'user_id' => "{$user_id}", 'from_user_id' => "0", 'objects' => '', 'object_id' => '0', 'object_location' => '');
        @generate_notification($notif_data);
        if ($redir != false) {
            #/ Lock & Redirect
            $_SESSION['signup_success'] = '1';
            $_SESSION['signup_stage'] = 'signup-details';
            reset_attempt_counts();
            redirect_me('signup-details');
        } else {
            return $user_id;
        }
    } else {
        if ($redir != false) {
            $_SESSION["CUSA_MSG_GLOBAL"] = array(false, 'Unable to process your request at this moment! Please try again later.');
            redirect_me($seo_tag);
        } else {
            return false;
        }
    }
}
Esempio n. 10
0
    function recentposts()
    {
        global $tc_db, $tpl_page;
        $this->ModeratorsOnly();
        if (!isset($_SESSION['postsperpage'])) {
            $_SESSION['postsperpage'] = 50;
        }
        if (isset($_GET['show'])) {
            if ($_GET['show'] == '25' || $_GET['show'] == '50' || $_GET['show'] == '75' || $_GET['show'] == '100') {
                $_SESSION['postsperpage'] = $_GET['show'];
            }
        }
        $tpl_page .= '<h2>' . _gettext('Recent posts') . '</h2><br />
		' . _gettext('Number of posts to show per page') . ': <a href="?action=recentposts&show=25">25</a>, <a href="?action=recentposts&show=50">50</a>, <a href="?action=recentposts&show=75">75</a>, <a href="?action=recentposts&show=100">100</a> ' . _gettext('(note that this is a rough limit, more may be shown)') . '<br />';
        if (isset($_POST['clear'])) {
            if ($_POST['clear'] != '') {
                $clear_decrypted = md5_decrypt($_POST['clear'], KU_RANDOMSEED);
                if ($clear_decrypted != '') {
                    $clear_unserialized = unserialize($clear_decrypted);
                    foreach ($clear_unserialized as $clear_sql) {
                        $tc_db->Execute($clear_sql);
                    }
                    $tpl_page .= _gettext('Successfully marked previous posts as reviewed.') . '<hr />';
                }
            }
        }
        $dayago = time() - 86400;
        $postsshown = 0;
        $reviewsql_array = array();
        $boardlist = $this->BoardList($_SESSION['manageusername']);
        if ($postsshown <= $_SESSION['postsperpage']) {
            $results = $tc_db->GetAll("SELECT HIGH_PRIORITY `" . KU_DBPREFIX . "boards`.`name` AS `boardname`, `" . KU_DBPREFIX . "posts`.`boardid` AS boardid, `" . KU_DBPREFIX . "posts`.`id` AS id, `" . KU_DBPREFIX . "posts`.`parentid` AS parentid, `" . KU_DBPREFIX . "posts`.`message` AS message, `" . KU_DBPREFIX . "posts`.`ip` AS ip FROM `" . KU_DBPREFIX . "posts`, `" . KU_DBPREFIX . "boards` WHERE `" . KU_DBPREFIX . "posts`.`timestamp` > " . $dayago . " AND `reviewed` = 0 AND `IS_DELETED` = 0 AND `" . KU_DBPREFIX . "boards`.`id` = `" . KU_DBPREFIX . "posts`.`boardid` ORDER BY `timestamp` DESC LIMIT " . intval($_SESSION['postsperpage']));
            if (count($results) > 0) {
                $reviewsql = "UPDATE `" . KU_DBPREFIX . "posts` SET `reviewed` = 1 WHERE ";
                $tpl_page .= '<table border="1" width="1005%">' . "\n";
                $tpl_page .= '<tr><th width="75px">' . _gettext('Post Number') . '</th><th>' . _gettext('Post Message') . '</th><th width="100px">' . _gettext('Poster IP') . '</th></tr>' . "\n";
                foreach ($results as $line) {
                    $reviewsql .= '(`boardid` = ' . $line['boardid'] . ' AND `id` = ' . $line['id'] . ') OR ';
                    $real_parentid = $line['parentid'] == 0 ? $line['id'] : $line['parentid'];
                    $tpl_page .= '<tr><td><a href="' . KU_BOARDSPATH . '/' . $line['boardname'] . '/res/' . $real_parentid . '.html#' . $line['id'] . '">/' . $line['boardname'] . '/' . $line['id'] . '</td><td>' . stripslashes($line['message']) . '</td><td>' . md5_decrypt($line['ip'], KU_RANDOMSEED) . '</tr>';
                }
                $tpl_page .= '</table>';
                $reviewsql = substr($reviewsql, 0, -3) . ' LIMIT ' . count($results);
                $reviewsql_array[] = $reviewsql;
                $postsshown += count($results);
            }
        }
        if ($postsshown > 0) {
            $tpl_page .= '<br /><br />' . sprintf(_gettext('%s posts shown.'), $postsshown) . '<br />
			<form action="?action=recentposts" method="post">
			<input type="hidden" name="clear" value="' . md5_encrypt(serialize($reviewsql_array), KU_RANDOMSEED) . '" />
			<input type="submit" value="' . _gettext('Clear All On Page As Reviewed') . '" />
			</form><br />';
        } else {
            $tpl_page .= '<br /><br />' . _gettext('No recent posts currently need review.');
        }
    }
Esempio n. 11
0
 public static function BanUser($ip, $modname, $globalban, $duration, $boards, $reason, $staffnote, $appealat = 0, $type = 0, $allowread = 1, $proxyban = false)
 {
     if ($duration > 0) {
         $ban_globalban = '0';
     } else {
         $ban_globalban = '1';
     }
     if ($duration > 0) {
         $ban_until = time() + $duration;
     } else {
         $ban_until = '0';
     }
     kxDB::getinstance()->exec("INSERT INTO `" . kxEnv::Get('kx:db:prefix') . "banlist` ( `ip` , `ipmd5` , `type` , `allowread` , `globalban` , `boards` , `by` , `at` , `until` , `reason`, `staffnote`, `appealat` ) VALUES ( " . $kx_db->qstr(md5_encrypt($ip, kxEnv::Get('kx:misc:randomseed'))) . " , " . $kx_db->qstr(md5($ip)) . " , " . intval($type) . " , " . intval($allowread) . " , " . intval($globalban) . " , " . $kx_db->qstr($boards) . " , " . $kx_db->qstr($modname) . " , " . time() . " , " . intval($ban_until) . " , " . $kx_db->qstr($reason) . " , " . $kx_db->qstr($staffnote) . ", " . intval($appealat) . " ) ");
     if (!$proxyban && $type == 1) {
         $this->UpdateHtaccess();
     }
     return true;
 }
Esempio n. 12
0
File: Login.php Progetto: poppen/p2
 /**
  * IDとPASSと時間をくるめて暗号化したCookie情報(CID)を生成取得する
  *
  * @access  private
  * @return  string|false
  */
 function makeCid($user_u, $pass_x)
 {
     if (is_null($user_u) || is_null($pass_x)) {
         return false;
     }
     require_once P2_LIB_DIR . '/md5_crypt.funcs.php';
     $user_time = $user_u . ':' . time() . ':';
     $md5_utpx = md5($user_time . $pass_x);
     $cid_src = $user_time . $md5_utpx;
     return $cid = md5_encrypt($cid_src, $this->getMd5CryptPassForCid());
 }
Esempio n. 13
0
File: P2Util.php Progetto: poppen/p2
    /**
     * 2ch●ログインのIDとPASSと自動ログイン設定を保存する
     *
     * @access  public
     * @return  boolean
     */
    function saveIdPw2ch($login2chID, $login2chPW, $autoLogin2ch = 0)
    {
        global $_conf;
        require_once P2_LIB_DIR . '/md5_crypt.funcs.php';
        // 念のため、ここでも不正な文字列は弾いておく
        require_once P2_LIB_DIR . '/P2Validate.php';
        // 2ch ID (メアド)
        if ($login2chID and $errmsg = P2Validate::mail($login2chID)) {
            //P2Util::pushInfoHtml('<p>p2 error: 使用できないID文字列が含まれています</p>');
            trigger_error($errmsg, E_USER_WARNING);
            return false;
        }
        // 正確な許可文字列は不明
        if ($login2chPW and $errmsg = P2Validate::login2chPW($login2chPW)) {
            //P2Util::pushInfoHtml('<p>p2 error: 使用できないパスワード文字列が含まれています</p>');
            trigger_error($errmsg, E_USER_WARNING);
            return false;
        }
        $autoLogin2ch = intval($autoLogin2ch);
        $crypted_login2chPW = md5_encrypt($login2chPW, P2Util::getMd5CryptPass());
        $idpw2ch_cont = <<<EOP
<?php
\$rec_login2chID = '{$login2chID}';
\$rec_login2chPW = '{$crypted_login2chPW}';
\$rec_autoLogin2ch = '{$autoLogin2ch}';
?>
EOP;
        FileCtl::make_datafile($_conf['idpw2ch_php'], $_conf['pass_perm']);
        if (false === file_put_contents($_conf['idpw2ch_php'], $idpw2ch_cont, LOCK_EX)) {
            p2die('データを更新できませんでした');
            return false;
        }
        return true;
    }
function awstats_htpasswdsave($dominio, $usuario_actual, $usuario_nuevo, $password)
{
    $b_nuevo = false;
    $lines = file(_CFG_AWSTATS_PASSWD_FILE);
    $fichero_nuevo = fopen(_CFG_AWSTATS_PASSWD_FILE, "w");
    foreach ($lines as $line) {
        list($ht_usuario, $ht_password) = split(":", $line, 2);
        if ($ht_usuario == $usuario_actual) {
            if ($usuario_nuevo != $usuario_actual) {
                $usuario = trim($usuario_nuevo);
            } else {
                $usuario = trim($usuario_actual);
            }
            if ($password != "") {
                $pass_crypt = encriptar(trim($password));
            } else {
                $pass_crypt = trim($ht_password);
            }
            $contenido = "{$usuario}:{$pass_crypt}\n";
            fputs($fichero_nuevo, $contenido);
            $b_nuevo = true;
        } else {
            if (trim($line) != "") {
                fputs($fichero_nuevo, $line);
            }
        }
    }
    if (!$b_nuevo) {
        $pass_crypt = encriptar($password);
        $contenido = "{$usuario_nuevo}:{$pass_crypt}\n";
        fputs($fichero_nuevo, $contenido);
    }
    fclose($fichero_nuevo);
    //Si modifica el password del awstats, tambien lo actualiza en los datos del dominio
    $ID = xmlconfig_buscar(_CFG_XML_DOMINIOS, "DOMINIO", $dominio, "", "", "posicion");
    if ($ID != 0 and $password != "") {
        //Crea copia seguridad antes de modificar
        xmlconfig_backup(_CFG_XML_DOMINIOS);
        //Crea la configuracion en el XML
        $conf = new patConfiguration();
        $conf->setConfigDir(_CFG_XML_CONFIG_DIR);
        $conf->parseConfigFile(_CFG_XML_DOMINIOS, a);
        $datos = $conf->getConfigValue($ID);
        $datos['PASSWORD'] = md5_encrypt(trim($password), _CFG_INTERFACE_BLOWFISH);
        $conf->setConfigValue($ID, $datos, "array");
        $conf->writeConfigFile(_CFG_XML_DOMINIOS, "xml", array("mode" => "pretty"));
    }
    //Fin fichero configuracion XML
    return true;
}
function db_mysql_dbasecrear($dominio, $dbase, $password)
{
    $link = mysql_connect(_CFG_MYSQL_SERVER, _CFG_MYSQL_USER, _CFG_MYSQL_PASSWORD);
    mysql_select_db(_CFG_MYSQL_DB, $link);
    @mysql_query("CREATE DATABASE `{$dbase}`;", $link);
    $version = db_mysql_version(1);
    switch ($version) {
        case "3.23":
            mysql_query("INSERT INTO user VALUES('localhost','{$dbase}',PASSWORD('{$password}'),'N','N','N','N','N','N','N','N','N','N','N','N','N','N');", $link);
            mysql_query("INSERT INTO db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv) values ('localhost','{$dbase}','{$dbase}','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y');", $link);
            break;
        case "4.0":
            mysql_query("INSERT INTO user VALUES('localhost','{$dbase}',PASSWORD('{$password}'),'N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','','','','',0,0,0);", $link);
            mysql_query("INSERT INTO db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv) values ('localhost','{$dbase}','{$dbase}','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y');", $link);
            break;
        case "4.1":
            mysql_query("INSERT INTO user VALUES('localhost','{$dbase}',OLD_PASSWORD('{$password}'),'N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','','','','',0,0,0);", $link);
            mysql_query("INSERT INTO db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv) values ('localhost','{$dbase}','{$dbase}','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y');", $link);
            break;
        case "5.0":
            mysql_query("INSERT INTO user VALUES('localhost','{$dbase}',OLD_PASSWORD('{$password}'),'N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','','','','',0,0,0,0);", $link);
            mysql_query("INSERT INTO db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv) values ('localhost','{$dbase}','{$dbase}','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y');", $link);
            break;
    }
    @mysql_query("FLUSH PRIVILEGES;", $link);
    mysql_close($link);
    //Crea la configuracion en el XML
    $EXISTE = xmlconfig_buscar(_CFG_XML_BASEDATOS, "DOMINIO", $dominio, "DATABASE", $dbase, "posicion");
    if ($EXISTE == 0) {
        //Crea copia seguridad antes de modificar
        xmlconfig_backup(_CFG_XML_BASEDATOS);
        $conf = new patConfiguration();
        $conf->setConfigDir(_CFG_XML_CONFIG_DIR);
        $conf->parseConfigFile(_CFG_XML_BASEDATOS, a);
        $NEW_ID = xmlconfig_generaid(_CFG_XML_BASEDATOS);
        $conf->setConfigValue($NEW_ID, array("ID" => $NEW_ID, "DOMINIO" => $dominio, "DATABASE" => $dbase, "USUARIO" => $dbase, "PASSWORD" => md5_encrypt($password, _CFG_INTERFACE_BLOWFISH), "ESTADO" => 1), "array");
        $conf->writeConfigFile(_CFG_XML_BASEDATOS, "xml", array("mode" => "pretty"));
        //Fin fichero configuracion XML
    }
}
     $sql_admin_users = "UPDATE admin_users SET first_name='{$_POST['first_name']}', last_name='{$_POST['last_name']}',\n            email_add='{$_POST['email_add']}', {$p_string} is_active='{$is_active}'\n            WHERE id='{$au_id}'";
     mysql_exec($sql_admin_users, 'save');
     #/ admin_permissions
     update_permissions($au_id, $permissions);
     #-
     //die(mysql_error());
     $_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(true, 'The Admin User data successfully Updated');
     reset_attempt_counts();
     redirect_me("{$consts['DOC_ROOT_ADMIN']}admin_users_opp.php{$param2}&au_id={$au_id}", true);
     ////////////////-------
 } else {
     ////////////////-------
     #/ encrypt password
     include_once '../../includes/func_enc.php';
     $new_pass = (string) $_POST['new_pass'];
     $new_password = md5_encrypt($new_pass);
     ###/ Updating Database
     #/ admin_users
     $sql_admin_users = "insert into admin_users\n        \t(email_add, first_name, last_name, is_active, pass_w, added_on)\n        \tvalues('{$_POST['email_add']}', '{$_POST['first_name']}', '{$_POST['last_name']}', '{$is_active}', '{$new_password}', now())";
     mysql_exec($sql_admin_users, 'save');
     $au_id = mysql_insert_id();
     if ($au_id > 0) {
         #/ admin_permissions
         insert_permissions($au_id, $permissions);
     }
     #-
     $_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(true, 'The Admin User added successfully into the system.');
     reset_attempt_counts();
     redirect_me("{$consts['DOC_ROOT_ADMIN']}admin_users_opp.php{$param2}&au_id={$au_id}", true);
 }
 //end Add ..
Esempio n. 17
0
<?php

/* $Id: createuser.php 1819 2011-04-26 23:26:38Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/tags/version2.4/createuser.php $ */
if (!defined('W2P_BASE_DIR')) {
    die('You should not access this file directly');
}
require_once $AppUI->getLibraryClass('captcha/Captcha.class');
require_once $AppUI->getLibraryClass('captcha/Functions');
require_once W2P_BASE_DIR . '/style/' . $uistyle . '/overrides.php';
/*
Re-Generating variables for html form...
*/
$rnd = strtoupper(rnd_string());
$uid = urlencode(md5_encrypt($rnd));
$cid = md5_encrypt($rnd);
// Can not load the passwordstrength.js file via AppUI->addJavascriptFile()
// because AppUI->loadFooterJS() is never called...
?>
<script type="text/javascript" src="<?php 
echo W2P_BASE_URL;
?>
/js/passwordstrength.js"></script>
<script language="javascript">
function submitIt(){
    var form = document.editFrm;
   if (form.user_username.value.length < <?php 
echo w2PgetConfig('username_min_len');
?>
) {
        alert("<?php 
echo $AppUI->_('Username size is invalid, should be greater than', UI_OUTPUT_JS);
Esempio n. 18
0
 function Report()
 {
     global $tc_db;
     return $tc_db->Execute("INSERT INTO `" . KU_DBPREFIX . "reports` ( `board` , `postid` , `when` , `ip`, `reason` ) VALUES ( " . $tc_db->qstr($this->board['name']) . " , " . $tc_db->qstr($this->post['id']) . " , " . time() . " , '" . md5_encrypt($_SERVER['REMOTE_ADDR'], KU_RANDOMSEED) . "', " . $tc_db->qstr($_POST['reportreason']) . " )");
 }