function is_valid($token)
{
global $validargs, $failedarg;
if ($token == "") {
// empty token is valid too
return true;
} elseif (is_numeric($token)) {
// numeric arguments do not harm
return true;
} elseif (is_sha1($token)) {
// we usually apply sha1 as arguments
return true;
}
foreach ($validargs as $va) {
if ($va == $token) {
return true;
}
}
$failedarg = $token;
return false;
}
/**
* Check if a user has a SHA1 password hash,
* allows login if password hashes match, then
* updates password hash to wp format.
*
* Hooks into check_password filter, mostly
* copied from md5 upgrade function with
* pluggable.php/wp_check_password
*
* @param string $check
* @param string $password
* @param string $hash
* @param string $user_id
* @return results of sha1 hash comparison, or $check if $password is not a SHA1 hash
*/
function check_sha1_password($check, $password, $hash, $user_id)
{
if (is_sha1($hash)) {
$check = $hash == sha1($password);
if ($check && $user_id) {
// Rehash using new proper WP hash
wp_set_password($password, $user_id);
$hash = wp_hash_password($password);
// Allow login
return true;
} else {
// SHA1 hash in db, but SHA1 has of provided $password did not match. Do not allow login.
// echo $password . ' did not match ' . $check;
return false;
}
}
// Not SHA1 password, so return what was passed
return $check;
}
function check_new_head_in_bundle($what, &$out1)
{
$repo = $_GET['p'];
$cmd1 = "GIT_DIR=" . get_repo_path(basename($repo)) . " git bundle verify " . escapeshellarg($what) . " 2>&1 ";
//echo $cmd1;
$out1 = array();
$status = 1;
exec($cmd1, &$out1, &$status);
if ($status == 0) {
foreach ($out1 as $line) {
unset($d);
$d = explode(" ", $line);
if (is_sha1($d[0])) {
if (!check_tag_in_repo($d[0])) {
return true;
}
}
}
}
$out1[] = "*** Error *** No new tag found in bundle!";
return false;
}
