function douserset($data, $user) { $err = ''; $chg = getparam('Change', false); $api = false; switch ($chg) { case 'API Key': $ans = getAtts($user, 'KAPIKey.str,KAPIKey.dateexp'); if ($ans['STATUS'] != 'ok') { dbdown(); } // Should be no other reason? if (isset($ans['KAPIKey.dateexp']) && $ans['KAPIKey.dateexp'] == 'N') { $err = 'You can only change it once a day'; if (isset($ans['KAPIKey.str'])) { $api = $ans['KAPIKey.str']; } } else { $ran = $ans['STAMP'] . $user . rand(100000000, 999999999); $api = hash('md4', $ran); $day = 60 * 60 * 24; $ans = setAtts($user, array('ua_KAPIKey.str' => $api, 'ua_KAPIKey.date' => "now+{$day}")); if ($ans['STATUS'] != 'ok') { syserror(); } } break; } if ($api === false) { $ans = getAtts($user, 'KAPIKey.str'); if ($ans['STATUS'] != 'ok') { dbdown(); } // Should be no other reason? if (isset($ans['KAPIKey.str'])) { $api = $ans['KAPIKey.str']; } } $pg = uset($data, $user, $api, $err); return $pg; }
function getOpts($user, $optlist) { if ($user == false) { showIndex(); } $flds = array('username' => $user, 'optlist' => $optlist); $msg = msgEncode('getopts', 'getopts', $flds, $user); $rep = sendsockreply('getOpts', $msg); if (!$rep) { dbdown(); } return repDecode($rep); }
function emailcheck($user) { $ans = userSettings($user); if ($ans['STATUS'] != 'ok') { dbdown(); } // Should be no other reason? if (!isset($ans['email'])) { return 'You need to setup an email address first'; } else { return bademail($ans['email'], true); } }
function dosettings($data, $user) { $err = ''; $chg = getparam('Change', false); $check = false; switch ($chg) { case 'EMail': $email = getparam('email', false); if (stripos($email, 'hotmail') !== false) { $err = 'hotmail not allowed'; } else { $pass = getparam('pass', false); $twofa = getparam('2fa', false); $ans = userSettings($user, $email, null, $pass, $twofa); $err = 'EMail changed'; $check = true; } break; case 'Address': if (!isset($data['info']['u_multiaddr'])) { $addr = getparam('baddr', false); $addrarr = array(array('addr' => $addr)); $pass = getparam('pass', false); $twofa = getparam('2fa', false); $ans = userSettings($user, null, $addrarr, $pass, $twofa); $err = 'Payout address changed'; $check = true; } break; case 'Password': $oldpass = getparam('oldpass', false); $pass1 = getparam('pass1', false); $pass2 = getparam('pass2', false); $twofa = getparam('2fa', false); if (!safepass($pass1)) { $err = 'Unsafe password. ' . passrequires(); } elseif ($pass1 != $pass2) { $err = "Passwords don't match"; } else { $ans = setPass($user, $oldpass, $pass1, $twofa); $err = 'Password changed'; $check = true; } break; } $doemail = false; if ($check === true) { if ($ans['STATUS'] != 'ok') { $err = $ans['STATUS']; if ($ans['ERROR'] != '') { $err .= ': ' . $ans['ERROR']; } } else { $doemail = true; } } $ans = userSettings($user); if ($ans['STATUS'] != 'ok') { dbdown(); } // Should be no other reason? if (isset($ans['email'])) { $email = $ans['email']; } else { $email = ''; } // Use the first one - updating will expire all others if (isset($ans['rows']) and $ans['rows'] > 0) { $addr = $ans['addr:0']; } else { $addr = ''; } if ($doemail) { if ($email == '') { if ($err != '') { $err .= '<br>'; } $err .= 'An error occurred, check your details below'; goto iroiroattanoyo; } $emailinfo = getOpts($user, emailOptList()); if ($emailinfo['STATUS'] != 'ok') { if ($err != '') { $err .= '<br>'; } $err .= 'An error occurred, check your details below'; goto iroiroattanoyo; } switch ($chg) { case 'EMail': if (isset($_SESSION['old_set_email'])) { $old = $_SESSION['old_set_email']; } else { $old = null; } emailAddressChanged($email, zeip(), $emailinfo, $old); break; case 'Address': payoutAddressChanged($email, zeip(), $emailinfo); break; case 'Password': passChanged($email, zeip(), $emailinfo); break; } } iroiroattanoyo: $pg = settings($data, $user, $email, $addr, $err); return $pg; }
function do2fa($data, $user) { $mailmode = ''; $err = ''; $msg = ''; $setup = getparam('Setup', false); if ($setup === 'Setup') { // rand() included as part of the entropy $ans = get2fa($user, 'setup', rand(1073741824, 2147483647), 0); $mailmode = 'Setup'; } else { $can = getparam('Cancel', false); if ($can === 'Cancel') { $ans = get2fa($user, 'untest', 0, 0); $mailmode = 'Cancel'; } else { $value = getparam('Value', false); $test = getparam('Test', false); if ($test === 'Test' and $value !== null) { $ans = get2fa($user, 'test', 0, $value); $mailmode = 'Test'; } else { $nw = getparam('New', false); if ($nw === 'New' and $value !== null) { $ans = get2fa($user, 'new', rand(1073741824, 2147483647), $value); $mailmode = 'New'; } else { $rem = getparam('Remove', false); if ($rem === 'Remove' and $value !== null) { $ans = get2fa($user, 'remove', 0, $value); $mailmode = 'Remove'; } else { $ans = get2fa($user, '', 0, 0); } } } } } if ($ans['STATUS'] != 'ok') { $err = 'DBERR'; } else { if (isset($ans['2fa_error'])) { $err = $ans['2fa_error']; } if ($mailmode != '' and $err == '') { $ans2 = userSettings($user); if ($ans2['STATUS'] != 'ok') { dbdown(); } // Should be no other reason? if (!isset($ans2['email'])) { $err = 'An error occurred, check your details below'; } else { $email = $ans2['email']; $emailinfo = getOpts($user, emailOptList()); if ($emailinfo['STATUS'] != 'ok') { $err = 'An error occurred, check your details below'; } else { if ($mailmode === 'Setup') { twofaSetup($email, zeip(), $emailinfo); } else { if ($mailmode === 'Test') { twofaEnabled($email, zeip(), $emailinfo); } else { if ($mailmode === 'New') { twofaSetup($email, zeip(), $emailinfo); } else { if ($mailmode === 'Cancel') { twofaCancel($email, zeip(), $emailinfo); } else { if ($mailmode === 'Remove') { twofaRemove($email, zeip(), $emailinfo); } } } } } } } } } if (!isset($ans['2fa_status'])) { $tfa = null; } else { $tfa = $ans['2fa_status']; } if (isset($ans['2fa_msg'])) { $msg = $ans['2fa_msg']; } $pg = set_2fa($data, $user, $tfa, $ans, $err, $msg); return $pg; }
function eventCmd($user, $flds) { if ($user == false) { showIndex(); } $msg = msgEncode('events', 'events', $flds, $user); $rep = sendsockreply('eventCmd', $msg); if (!$rep) { dbdown(); } return repDecode($rep); }