function action_login() { global $DETDB; if (check_login() && action_check_login()) { replace_page('index'); } if (isset($_POST['form_login'])) { $checker = actions_zone('login_check'); if (!in_array(false, $checker, true)) { $login = $_POST['form_login']; if ($user = $DETDB->select('users', 'ID, login, password, salt', true, "WHERE login='******'")) { $password = md5($_POST['form_password']); if (crypt($password, $user->salt) == $user->password) { setcookie('user_ID', $user->ID, time() + get_option('cookie_login_live'), '/'); $hash = random_hash(10); setcookie('user_hash', $hash, time() + get_option('cookie_login_live'), '/'); if ($DETDB->update('users', array('hash' => $hash, 'last_ip' => $_SERVER['REMOTE_ADDR'], 'last_activity' => date('c'), 'last_agent' => $_SERVER['HTTP_USER_AGENT']), "WHERE ID='" . $user->ID . "'")) { $_COOKIE['user_ID'] = $user->ID; $_COOKIE['user_hash'] = $hash; $url = isset($_COOKIE['from_page']) ? $_COOKIE['from_page'] : 'index'; destroy_cookie('from_page'); int_user(); if (make_action('check_login')) { replace_page($url); } } } } if (!$user || !isset($hash)) { push_output_message(array('text' => 'Неверный логин или пароль', 'title' => 'Ошибка!', 'class' => 'alert alert-danger', 'type' => 'error')); } } } }
/** * Validate and create account. */ public function createAction() { // Validate user $user = new User($this->userParams()); // Check for errors if ($user->validate()) { $user->save(); // Is email validation turned on? if (setting('email_validation')) { // Insert validation row $activationCode = random_hash(); $this->db->insert(PREFIX . 'user_activation_codes', ['user_id' => $user->id, 'activation_code' => $activationCode, 'type' => 'email_validation']); // Send notification and render login form Notification::accountActivation($user, $activationCode)->send(); return $this->render("sessions/new.phtml", ['activationRequired' => true]); } return $this->redirectTo('session_new'); } else { $this->title($this->translate('register')); return $this->render('users/new.phtml', ['user' => $user]); } }
$s .= "\$captcha_key = \"{$captcha_key}\";\n"; $s .= "\n"; $s .= "date_default_timezone_set(\"UTC\");\n"; $s .= "\$https_enabled = true;\n"; $s .= "\$story_image_enabled = false;\n"; $sql_server = "mysql:host={$sql_server}"; $sql_open = false; open_database(); fs_slap("{$top_root}/conf.php", $s); if (!db_has_database($sql_database)) { run_sql("create database {$sql_database}"); run_sql("use {$sql_database}"); run_sql_file("{$top_root}/schema.sql"); run_sql_file("{$top_root}/default.sql"); $zid = "{$admin_username}@{$server_name}"; $salt = random_hash(); $pass = crypt_sha256("{$admin_password}{$salt}"); run_sql("insert into user_conf (zid, name, value) values (?, ?, ?)", array($zid, "admin", "1")); run_sql("insert into user_conf (zid, name, value) values (?, ?, ?)", array($zid, "editor", "1")); run_sql("insert into user_conf (zid, name, value) values (?, ?, ?)", array($zid, "password", $pass)); run_sql("insert into user_conf (zid, name, value) values (?, ?, ?)", array($zid, "salt", $salt)); } header("Location: /"); die; } writeln('<!DOCTYPE html>'); writeln('<html>'); writeln('<head>'); writeln('<title>Pipecode Setup</title>'); writeln('<meta http-equiv="Content-type" content="text/html;charset=UTF-8">'); writeln('<link rel="stylesheet" href="/style.css" type="text/css"/>');
function generate_remote_key() { return random_hash(rand(16, 20)); }