} else { $pwd = passwordHash($_POST['adminuser'], $pass); } $notify = ''; $currentadmins = getAdministrators(); foreach ($currentadmins as $admin) { if ($admin['user'] == $user) { $notify = 'exists'; break; } } if (!is_valid_email_zp($admin_e)) { $notify = 'invalidemail'; } if (empty($notify)) { saveAdmin($user, $pwd, $admin_n, $admin_e, 0, NULL); $link = FULLWEBPATH . '/index.php?p=' . substr($_zp_gallery_page, 0, -4) . '&verify=' . bin2hex(serialize(array('user' => $user, 'email' => $admin_e))); $message = sprintf(gettext('You have received this email because you registered on the site. To complete your registration visit %s.'), $link); $headers = "From: " . get_language_string(getOption('gallery_title'), getOption('locale')) . "<zenphoto@" . $_SERVER['SERVER_NAME'] . ">"; $_zp_UTF8->send_mail($admin_e, gettext('Registration confirmation'), $message, $headers); $notify = 'accepted'; } } else { $notify = 'mismatch'; } } else { $notify = 'incomplete'; } } } /**
<?php $file = '../jsonDB/admins.json'; $sessions = '../jsonDB/sessions.json'; $method = ''; if (isset($_POST['method'])) { $method = $_POST['method']; } if ($method == 'saveAdmin') { saveAdmin($file); } else { if ($method == 'saveSession') { saveSession($sessions); } else { if ($method == 'deleteSession') { deleteSession($sessions); } } } function saveAdmin($file) { $eventJSON = filter_input(INPUT_POST, 'json'); file_put_contents($file, $eventJSON); $responseArray['status'] = 'success'; echo json_encode($responseArray); } function saveSession($file) { $data = filter_input(INPUT_POST, 'data'); $jsonInPHP = json_decode(file_get_contents($file)); array_push($jsonInPHP->sessions, $data);
} if (count($managedalbums > 0)) { $albums = array_unique($managedalbums); } else { $albums = NULL; } } else { $rights = null; $albums = NULL; } if (empty($pass)) { $pwd = null; } else { $pwd = passwordHash($_POST[$i . '-adminuser'], $pass); } saveAdmin($user, $pwd, $admin_n, $admin_e, $rights, $albums); if ($i == 0) { setOption('admin_reset_date', '1'); } } else { $notify = '?mismatch=password'; } } } $returntab = "&tab=admin"; } /*** Gallery options ***/ if (isset($_POST['savegalleryoptions'])) { if (isset($_POST['allowed_tags_reset'])) { setOption('allowed_tags', getOption('allowed_tags_default')); } else {
} require dirname(__FILE__) . '/zp-config.php'; setOption('zenphoto_release', ZENPHOTO_RELEASE); //clear out old admin user and cleartext password unset($_zp_conf_vars['adminuser']); unset($_zp_conf_vars['adminpass']); $admin = getOption('adminuser'); if (!empty($admin)) { // transfer the old credentials and then remove them if (count(getAdministrators()) == 0) { // don't revert anything! $pass = getOption('adminpass'); $string = preg_replace("/[^a-f0-9]/", "", $pass); if (strlen($pass) == 32 && $pass == $string) { // best guess it that it is a md5 pasword, not cleartext saveAdmin($admin, $pass, getOption('admin_name'), getOption('admin_email'), ALL_RIGHTS, array()); } } $sql = 'DELETE FROM ' . prefix('options') . ' WHERE `name`="adminuser"'; query($sql); $sql = 'DELETE FROM ' . prefix('options') . ' WHERE `name`="adminpass"'; query($sql); $sql = 'DELETE FROM ' . prefix('options') . ' WHERE `name`="admin_name"'; query($sql); $sql = 'DELETE FROM ' . prefix('options') . ' WHERE `name`="admin_email"'; query($sql); } // old zp-config.php opitons. preserve them $conf = $_zp_conf_vars; setDefault('gallery_title', "Gallery"); setDefault('website_title', "");