コード例 #1
0
 public function render($body, $template)
 {
     session_start();
     if (!isset($_SESSION['admin'])) {
         header('HTTP/1.0 401 Unautorized');
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $this->user = trim(strip_tags($_POST['user']));
             $this->pwd = trim(strip_tags($_POST['pwd']));
             if ($this->user and $this->pwd) {
                 $secure = new Secure();
                 if ($result = $secure->userExists($this->user)) {
                     list($login, $password, $salt, $iteration) = explode(':', $result);
                     if ($secure->getHash($this->pwd, $salt, $iteration) == $password) {
                         $_SESSION['admin'] = true;
                         header('Location: /admin');
                     } else {
                         $this->result = 'Неравильный логин или пароль';
                     }
                 } else {
                     $this->result = 'Неравильный логин или пароль';
                 }
             } else {
                 $this->result = 'Заполнены не все поля';
             }
         }
         include $template;
     } else {
         header('Location: /admin');
     }
 }
コード例 #2
0
 public function addUser()
 {
     $secure = new Secure();
     if (!$this->salt) {
         $this->salt = str_replace('=', '', base64_encode(md5(microtime() . md5(microtime()))));
     }
     if (!$secure->userExists($this->user)) {
         $hash = $secure->getHash($this->pwd, $this->salt, $this->iteration);
         if ($secure->saveHash($this->user, $hash, $this->salt, $this->iteration)) {
             $this->result = "Хеш {$pwd} успешно записан в файл";
         } else {
             $this->result = "Произошла ошибка при записи хеша";
         }
     } else {
         $this->result = "Пользователь с таким именем уже существует";
     }
 }
コード例 #3
0
 public function testSecureHasMessageAndUrl()
 {
     $secure = Secure::createRequest('eJxVUuFygjAMfhXPw9IWh', 'https://acs—ap.3dsecure.net/shopping');
     $this->assertSame('eJxVUuFygjAMfhXPw9IWh', $secure->request);
     $this->assertSame('https://acs—ap.3dsecure.net/shopping', $secure->url);
     $secure = Secure::createResponse('eJxVUuFygjAMfhXPw9IWh', 'https://acs—ap.3dsecure.net/shopping');
     $this->assertSame('eJxVUuFygjAMfhXPw9IWh', $secure->response);
     $this->assertSame('https://acs—ap.3dsecure.net/shopping', $secure->url);
 }
コード例 #4
0
ファイル: affprod.php プロジェクト: n-dps-projects/locaski
/**
 * Fonction qui récupère des agruments et lance une requête SQL
 * permet d'afficher les produits
 * @param $recept
 * @param $name
 */
function testarg($recept, $name)
{
    require_once '../../control/gestion/Secure.php';
    include_once '../../model/front/ReqFront.php';
    $idprod = Secure::bdd($recept);
    $namcat = Secure::bdd($name);
    if (is_numeric($idprod)) {
        $aff = new ReqFront();
        $aff->presenterProds($idprod, $namcat);
    } else {
        echo "Requete non conforme -> vérifier le type de l'id.";
    }
}
コード例 #5
0
ファイル: index.php プロジェクト: plummvc/PlumWebServiceDb
//echo PATH_USER_SECURE;die();
//----- path Template
define('PATH_VUE_TEMPLATE', PLUM_RACINE . "vue/template." . TEMPLATE . "/");
define('PATH_WWW_TEMPLATE', PATH_WWW . "template." . TEMPLATE . "/");
define('PATH_WWW_EXPOSE', PATH_WWW . "expose/");
//contient les fichiers css, js et image supplémentaires.utilisé par Plum_vue
//include des fichiers php externes
define('PATH_INCLUDE', PLUM_RACINE . "include/");
define('PATH_FONCTION', PLUM_RACINE . "fonction/");
//----- includes du framework plum
include_once PLUM_RACINE . "plum/plum.sacoche.php";
include_once PLUM_RACINE . "plum/plum.controleur.php";
include_once PLUM_RACINE . "plum/plum.fonction.php";
include_once PLUM_RACINE . "plum/plum.secure.php";
//----- démarrage session 'only cookie' + 'id unique pour chaque paquetage'
Secure::session_start();
//----- Engine : -- démarrage du contrôleur --
class Engine extends Plum_controleur
{
    function __construct($param)
    {
        parent::__construct($param);
        $controleur = $this->paramUrl->mvc_controleur;
        $action = $this->paramUrl->mvc_action;
        if ($controleur == "") {
            $controleur = DEFAUT_CONTROLEUR;
        }
        if ($action == "") {
            $action = DEFAUT_ACTION;
        }
        $c = $this->execute($controleur, $action);
コード例 #6
0
ファイル: UsersController.php プロジェクト: igorbalden/zoot
 public function change_password()
 {
     $this->cut_notlogged();
     $this->user = new UsersModel();
     if (!empty($_POST)) {
         // Check for CSRF first.
         Secure::csrf_checknredir($_POST['csrf_tkn']);
         $in = new In();
         $validation = $in->validate_input($_POST, array('password' => array('required' => 'true', 'min' => '6', 'max' => '16'), 'password2' => array('required' => 'true', 'equal_field' => 'password')));
         if ($validation) {
             $salt = Secure::salt(32);
             $upd_user['password'] = Secure::do_hash($_POST['password'], $salt);
             $upd_user['salt'] = $salt;
             $upd_user['id'] = $_SESSION['user']['id'];
             $this->user->update($upd_user);
             //
             Out::flash('Password updated.');
             header("Location: " . ROOT_URI . '/admin/users');
             exit;
         } else {
             // output errors
             $ers = '';
             foreach ($in->errors as $er) {
                 $ers .= $er . "<br />";
             }
             Out::flash($ers);
             header("Location: " . ROOT_URI . "/admin/users/change_password");
             exit;
         }
     }
     //  end if POST
     // which user to edit
     $id = $_SESSION['user']['id'];
     $user2edit = $this->user->get_user($id);
     $this->set_view_var($user2edit);
 }
コード例 #7
0
<?php

/**
 * Created by Nicolas DUPUIS.
 * ---- LPSIL 2015-2016 ----
 * Date: 30/12/15
 * Time: 02:03
 */
include_once '../../model/gestion/Requete.php';
require_once './Secure.php';
/**
 * Controle et gère le reclassement d'une catégorie
 */
if (isset($_POST['idcl']) && isset($_POST['licl'])) {
    // Sécurisation des entrées qui proviennent de l'utilisateur.
    $idcategorie = Secure::bdd($_POST['idcl']);
    $idlien = Secure::bdd($_POST['licl']);
    if (is_numeric($idcategorie) && is_numeric($idlien)) {
        $add = new Requete();
        $add->reclasserCategorie($idcategorie, $idlien);
        echo "L'oppération s'est déroulée sans problème.";
    } else {
        echo "Requete non conforme -> vérifier le type de l'id.";
    }
}
コード例 #8
0
ファイル: register.php プロジェクト: igorbalden/zoot
            <input type="text" name="email" class="col-md-offset-0 col-md-8" value="<?php 
if (isset($_POST['email'])) {
    echo Out::esc($_POST['email']);
}
?>
"/>
        </div>
        <div class="input-group col-md-8 row">
            <label for="password" class="col-md-offset-0 col-md-4">Password:</label>
            <input type="password" name="password" class="col-md-offset-0 col-md-8" />
        </div>
        <div class="input-group col-md-8 row">
            <label for="password2" class="col-md-offset-0 col-md-4">Re-enter Password:</label>
            <input type="password" name="password2" class="col-md-offset-0 col-md-8" />
        </div>
        
        <input type="hidden" name="csrf_tkn" value="<?php 
echo Secure::csrf_generate();
?>
" />
      
      <div class="input-group col-md-8 row">
        <div class="submit">
            <input name="submit" class="col-md-offset-4 col-md-8" type="submit" value="Register"/>
        </div>
      </div>
    </form>
      
  </div>
</div>
コード例 #9
0
ファイル: remProd.php プロジェクト: n-dps-projects/locaski
<?php

/**
 * Created by Nicolas DUPUIS.
 * ---- LPSIL 2015-2016 ----
 * Date: 05/01/16
 * Time: 01:29
 */
include_once '../../model/gestion/Requete.php';
require_once './Secure.php';
/**
 * Control et lance une requête por supprimer un produit
 */
if (isset($_POST['refpro'])) {
    // Vérification obligatoire, la donnée provient d'un input utilisateur.
    $verifId = Secure::bdd($_POST['refpro']);
    if (is_numeric($verifId)) {
        $drop = new Requete();
        $result = $drop->supprimerProduit($verifId);
        if ($result) {
            echo "Requête effectuée";
        } else {
            echo "requête non effectuée";
        }
    } else {
        echo "Requête non conforme.";
    }
}
コード例 #10
0
ファイル: checkresa.php プロジェクト: n-dps-projects/locaski
/**
 * Permet de sécuriser une id transmise via GET
 * donc potentiellement à risque
 */
function retourarg()
{
    require_once '../../control/gestion/Secure.php';
    $ret = Secure::bdd($GLOBALS['id']);
    echo $ret;
}
コード例 #11
0
<?php

/**
 * Created by Nicolas DUPUIS.
 * ---- LPSIL 2015-2016 ----
 * Date: 29/12/15
 * Time: 23:01
 */
include_once '../../model/gestion/Requete.php';
require_once './Secure.php';
/**
 * Contrôle et gère la modif d'une rubrique
 */
if (isset($_POST['refr']) && isset($_POST['rubr'])) {
    // Sécurisation des entrées qui proviennent de l'utilisateur.
    $nom = Secure::bdd($_POST['rubr']);
    $id = Secure::bdd($_POST['refr']);
    if (is_numeric($id)) {
        $add = new Requete();
        $add->modifierCategorie($id, $nom);
        echo "L'oppération s'est déroulée sans problème.";
    } else {
        echo "Requete non conforme -> vérifier le type de l'id.";
    }
}
コード例 #12
0
function retarg($recept)
{
    require_once './Secure.php';
    $ret = Secure::bdd($recept);
    echo $ret;
}
コード例 #13
0
ファイル: server.php プロジェクト: nemesis866/codeando
session_start();
set_time_limit(0);
// Ajustamos la zona horaria
date_default_timezone_set('America/Mexico_City');
// Importamos las clases
require_once '../config.php';
require_once '../phpmailer/PHPMailerAutoload.php';
require_once '../include/Secure.php';
require_once '../include/Db.php';
require_once '../include/Fnc.php';
require_once '../include/Template.php';
// Inicializamos los objetos
$db = new Db();
$fnc = new Fnc();
$mail = new PHPMailer();
$sec = new Secure();
$template = new Template();
// Evitamos ataques sql
$sec->secureGlobals();
if (empty($_POST['type'])) {
    $type = '';
} else {
    $type = addslashes($_POST['type']);
}
// Router del server
switch ($type) {
    case 'form_contacto':
        form_contacto($db, $fnc);
        break;
    case 'form_login':
        form_login($db, $fnc, $mail, $data_email);
コード例 #14
0
<?php

/**
 * Created by Nicolas DUPUIS.
 * ---- LPSIL 2015-2016 ----
 * Date: 21/12/15
 * Time: 23:33
 */
include_once '../../model/gestion/Requete.php';
require_once './Secure.php';
/**
 * Control et lance la requête de création d'une catégorie
 */
$choix = $_POST['chx'];
if (isset($_POST['catname']) && isset($_POST['idpere'])) {
    // Sécurisation des entrées qui proviennent de l'utilisateur.
    $nom = Secure::bdd($_POST['catname']);
    $idp = Secure::bdd($_POST['idpere']);
    if (is_numeric($idp)) {
        $add = new Requete();
        $add->creerCategorie($idp, $nom, $choix);
        echo "L'opération s'est déroulée sans problème.";
        echo $choix;
    } else {
        echo "Requete non conforme -> vérifier le type de l'id.";
    }
}
コード例 #15
0
 * Created by Nicolas DUPUIS.
 * ---- LPSIL 2015-2016 ----
 * Date: 07/01/16
 * Time: 23:27
 */
include_once '../../model/gestion/Requete.php';
require_once '../../control/gestion/Secure.php';
/**
 * code pour transferer le fichier sur le site avec un id unique.
 */
/**
 * Controle et gère l'upload des images des produits
 * A améliorer
 */
$addnom = md5(uniqid(rand(), true));
//Pour la base de donnée..
$nom = "ski" . $addnom;
//Pour le serveur
$nomcomp = "../../model/images/ski" . $addnom;
//Déplacement du fichier du rep temporaire du serveur vers le répertoire choisis.
$resultat = move_uploaded_file($_FILES['fich']['tmp_name'], $nomcomp);
if ($resultat) {
    echo "transfert réussi";
}
$secid = Secure::bdd($_POST['refprodimg']);
$img = new Requete();
$img->ajouterImage($secid, $nom);
header('Location:../../control/gestion/explorer.php');
?>

コード例 #16
0
ファイル: UsersModel.php プロジェクト: igorbalden/zoot
 public function login($in_email, $in_pass)
 {
     $user_exists = $this->find($in_email);
     $data = $this->user_data[0];
     if ($user_exists) {
         if ($data->password == Secure::do_hash($in_pass, $data->salt)) {
             // TODO update last_login field in DB
             //die("user_exists :" . $user_exists);
             $_SESSION['user']['id'] = $data->id;
             $_SESSION['user']['email'] = $data->email;
             $_SESSION['user']['active'] = $data->active;
             $_SESSION['user']['user_group_id'] = $data->user_group_id;
             $_SESSION['user_group']['descr'] = $data->descr;
             $upd_user['id'] = $data->id;
             $upd_user['last_login'] = date("Y-m-d H:i:s", time());
             $this->update($upd_user);
             return TRUE;
         }
     }
     return FALSE;
 }
コード例 #17
0
ファイル: edit.php プロジェクト: igorbalden/zoot
$hid_inp_id = !empty($user2edit['id']) ? $user2edit['id'] : '';
?>
        <input type="hidden" name="id" value="<?php 
echo $hid_inp_id;
?>
" />
        <!-- CSRF only protection
        <input type="hidden" name="csrf_tkn" 
               value="<php echo Secure::csrf_generate()?>" />
        -->
        <?php 
// build an array with all protected inputs and their values.
$locked_inputs = array('id' => $hid_inp_id);
?>
        <input type="hidden" name="frmlock_tkn" value="<?php 
echo Secure::frmlock_generate($locked_inputs);
?>
" />
      
      
      <div class="input-group col-md-6 row">
        <div class="submit">
            <input name="submit" class="col-md-offset-4 col-md-8" type="submit" value="Update"/>
        </div>
      </div>
    </form>
      
  </div>
<?php 
//echo "<pre>";
//print_r($_SESSION);
コード例 #18
0
ファイル: UsersController.php プロジェクト: igorbalden/zoot
 public function login()
 {
     $this->app->config->layout = "default";
     if ($this->check_logged()) {
         if ($this->isAdmin()) {
             header("Location: " . ROOT_URI . "/admin");
             exit;
         } else {
             header("Location: " . ROOT_URI);
             exit;
         }
     }
     if (!empty($_POST)) {
         // Check for CSRF first.
         Secure::csrf_checknredir($_POST['csrf_tkn']);
         $this->user = new UsersModel();
         $in = new In();
         $validation = $in->validate_input($_POST, array('email' => array('required' => 'true', 'valid_email' => 'true'), 'password' => array('required' => 'true')));
         if ($validation) {
             $login = $this->user->login($_POST['email'], $_POST['password']);
             if ($login) {
                 if ($this->isAdmin()) {
                     Out::flash('Welcome admin');
                     header("Location: " . ROOT_URI . '/admin');
                     exit;
                 } else {
                     Out::flash('Welcome user');
                     header("Location: " . ROOT_URI);
                     exit;
                 }
             } else {
                 Out::flash('Wrong login.');
             }
         } else {
             // output errors
             $ers = '';
             foreach ($in->errors as $er) {
                 $ers .= $er . "<br />";
             }
             Out::flash($ers);
         }
     }
 }
コード例 #19
0
ファイル: addProd.php プロジェクト: n-dps-projects/locaski
/**
 * Created by Nicolas DUPUIS.
 * ---- LPSIL 2015-2016 ----
 * Date: 05/01/16
 * Time: 01:28
 */
include_once '../../model/gestion/Requete.php';
require_once './Secure.php';
/**
 * Controle et lance une requête pour ajouter un produit
 */
if (isset($_POST['catid'])) {
    // Vérification obligatoire, la donnée provient d'un input utilisateur.
    $verifIdcat = Secure::bdd($_POST['catid']);
    $nom = Secure::bdd($_POST['name']);
    $comment = Secure::bdd($_POST['com']);
    if (is_numeric($verifIdcat)) {
        $add = new Requete();
        $result = $add->ajouterProduit($verifIdcat, $nom, $comment);
        if ($result) {
            echo "Requête effectuée";
        } else {
            echo "requête non effectuée";
        }
    } else {
        echo "Requête non conforme.";
    }
} else {
    echo "Pas de paramètres";
}
コード例 #20
0
 private static function iou()
 {
     include Secure::pathFile("config.php", PATH_USER_SECURE);
     $io = $configXuSec['io'];
     switch ($io) {
         case 'file':
             return new UserIoFile($configXuSec);
         case 'database':
             return new UserIoDatabase($configXuSec);
         case 'ldap':
             return null;
     }
     die("plum.secure.php::iou() mode 'io' inconnu pour [" . PATH_CONTROLEUR_SECURE . "]");
 }
コード例 #21
0
 public function connect($user, $password)
 {
     $this->secure = Secure::connect($user, $password);
 }
コード例 #22
0
ファイル: database.php プロジェクト: ryankennedy1991/toure
 public function update(array $input)
 {
     if ($this->secure == true && isset($input['password'])) {
         $s = new Secure();
         $input['password'] = $s->make($input['password']);
     }
     // pull keys from assoc array
     $fields = array_keys($input);
     // pull values from assoc array
     $this->values = array_values($input);
     // Check if table has been chosen, if not return a string telling them to choose one!
     if (!isset($this->table)) {
         return "Please choose a table first using the selectTable function.";
     }
     $sql = "UPDATE " . $this->table . " SET ";
     if (count($fields) == 1) {
         $sql .= $fields[0] . "= ?";
     } else {
         for ($i = 0; $i < count($fields) - 1; $i++) {
             $sql .= $fields[$i] . "= ?, ";
         }
         $sql .= $fields[count($fields) - 1] . "= ?";
     }
     if ($this->timestamps == true) {
         $sql .= ", updated_at = now()";
     }
     $this->sql = $sql;
     return $this;
 }
コード例 #23
0
 /**
  * @param array  $data
  * @param string $type
  * @param string $secret
  */
 public function __construct(array $data, $type, $secret)
 {
     Secure::sign($data, $type, $secret);
     $this->data = $data;
 }
コード例 #24
0
ファイル: gestresa.php プロジェクト: n-dps-projects/locaski
// Désactivation des messages d'erreur de l'interpréteur php
// Contrôle de l'environnement, seul les messages voulus arriveront
// au client (sensation de fiabilité) et évite les pirates de base.
ini_set("display_errors", 0);
error_reporting(0);
/**
 * Ces lignes permettent de lancer la requête de reservation
 */
require '../../control/gestion/Secure.php';
include_once '../../model/gestion/RequeteRESA.php';
if (isset($_POST['name']) && isset($_POST['forname']) && isset($_POST['adr']) && isset($_POST['letter']) && isset($_POST['deb']) && isset($_POST['end'])) {
    //Sécurisation des variables car elle proviennent de l'utilisateur pour la plupart.
    //Sauf mat, mais il a transité, donc à pu être remplacé.
    $nom = Secure::bdd($_POST['name']);
    $prenom = Secure::bdd($_POST['forname']);
    $adresse = Secure::bdd($_POST['adr']);
    $mail = Secure::bdd($_POST['letter']);
    $datedeb = Secure::bdd($_POST['deb']);
    $datefin = Secure::bdd($_POST['end']);
    $idmat = Secure::bdd($_POST['mat']);
    $appel = new RequeteRESA();
    $retour = $appel->reservationMateriel($nom, $prenom, $adresse, $mail, $datedeb, $datefin, $idmat);
    if ($retour) {
        echo "<h4><span class='glyphicon glyphicon-thumbs-up' aria-hidden='true'></span>  Votre réservation est confirmée.";
        echo "</br></br>Merci de patienter, retour à l'accueil...</h4>";
    } else {
        echo "La réservation n'a pu être faite.";
    }
} else {
    echo "Recommencer SVP";
}
コード例 #25
0
ファイル: changProd.php プロジェクト: n-dps-projects/locaski
<?php

/**
 * Created by Nicolas DUPUIS.
 * ---- LPSIL 2015-2016 ----
 * Date: 05/01/16
 * Time: 15:31
 */
include_once '../../model/gestion/Requete.php';
require_once './Secure.php';
/**
 * Controle et lance une requête pour changer les cacractéristique d'un produit
 */
if (isset($_POST['refr']) && isset($_POST['namp']) && isset($_POST['txt'])) {
    // Sécurisation des entrées qui proviennent de l'utilisateur.
    $nom = Secure::bdd($_POST['namp']);
    $id = Secure::bdd($_POST['refr']);
    $text = Secure::bdd($_POST['txt']);
    if (is_numeric($id)) {
        $modif = new Requete();
        $modif->changerProduit($id, $nom, $text);
        echo "L'oppération s'est déroulée sans problème.";
    } else {
        echo "Requete non conforme -> vérifier le type de l'id.";
    }
}
コード例 #26
0
<?php

/**
 * Created by Nicolas DUPUIS.
 * ---- LPSIL 2015-2016 ----
 * Date: 20/12/15
 * Time: 02:09
 */
include_once '../../model/gestion/Requete.php';
require_once './Secure.php';
/**
 * Controle et lance la requête d'effacement d'une catégorie
 * Non utilisée car non demandée de plus dangeureuse car risque de perte de donnée sur fausse manip
 */
if (isset($_POST['num'])) {
    // Vérification obligatoire, la donnée provient d'un input utilisateur.
    $verifId = Secure::bdd($_POST['num']);
    if (is_numeric($verifId)) {
        $drop = new Requete();
        $result = $drop->effacerCategorie($verifId);
        if (is_null($result)) {
            echo "Aucun requête n'a été faite.";
        } elseif ($result == 00) {
            echo "La requête à été effectuée.";
        } else {
            echo "Un code d'erreur à été retourné.";
        }
    } else {
        echo "Requête non conforme.";
    }
}
コード例 #27
0
ファイル: accounts.curuser.php プロジェクト: superwow/cms
 public function setLoggedIn($id, $passhash)
 {
     $ss = new Secure();
     $ss->cb = true;
     $ss->cib = 2;
     $ss->open();
     unset($ss);
     $_SESSION['uid'] = $id;
     $_SESSION['pass'] = $passhash;
     return true;
 }
コード例 #28
0
ファイル: account.php プロジェクト: superwow/cms
 public static function userCheck($ACP = false)
 {
     global $CURUSER, $AUTH_DB, $DB, $CORE;
     //If we are not logged in empty the session meaning logout
     if (!isset($_SESSION['uid']) || !isset($_SESSION['pass'])) {
         return;
     }
     //get the user id if set
     $id = 0 + (int) $_SESSION['uid'];
     //empty session if there is no id or the passhash is incorrect length
     if (!$id || strlen($_SESSION['pass']) != 40) {
         return;
     }
     //get the column names for table accounts
     $columns = CORE_COLUMNS::get('accounts');
     //Select accounts_more
     $res = $AUTH_DB->prepare("SELECT * FROM `" . $columns['self'] . "` WHERE `" . $columns['id'] . "` = :id LIMIT 1");
     $res->bindParam(':id', $id, PDO::PARAM_INT);
     $res->execute();
     $row = $res->fetch();
     unset($res);
     //If user with that ID actually exists else empty session
     if (!$row) {
         $_SESSION = array();
         return;
     }
     //check user pass
     if (strtolower($_SESSION['pass']) !== strtolower($row['sha_pass_hash'])) {
         $_SESSION = array();
         return;
     }
     //if this is check for the admin panel
     if ($ACP) {
         $perms = new Permissions($row[$columns['id']]);
         //check if the account is allowed
         if (!$perms->IsAllowedToUseACP()) {
             $_SESSION = array();
             return;
         }
         //save the permission object
         $CURUSER->setPermissionsObject($perms);
     }
     //let's add some security to the session
     $ss = new Secure();
     $ss->cb = true;
     $ss->cib = 2;
     //if the session is stolen we empty it
     if (!$ss->check()) {
         unset($ss);
         $_SESSION = array();
         return;
     }
     unset($ss);
     //find the webiste record
     $res = $DB->prepare("SELECT * FROM `account_data` WHERE `id` = :id LIMIT 1");
     $res->bindParam(':id', $id, PDO::PARAM_INT);
     $res->execute();
     $webRow = $res->fetch(PDO::FETCH_ASSOC);
     unset($res);
     //create new translated row
     $newRow['id'] = $row[$columns['id']];
     $newRow['username'] = $row[$columns['username']];
     $newRow['shapasshash'] = $row[$columns['shapasshash']];
     $newRow['lastip'] = $row[$columns['lastip']];
     $newRow['lastlogin'] = $row[$columns['lastlogin']];
     $newRow['flags'] = $row[$columns['flags']];
     $newRow['email'] = $row[$columns['email']];
     $newRow['joindate'] = $row[$columns['joindate']];
     $newRow['recruiter'] = $row[$columns['recruiter']];
     //merge the website row with the newly made auth row
     if ($webRow) {
         $newRow = array_merge($newRow, $webRow);
     }
     //set the CMS database accounts_more record of this user
     $CURUSER->setrecord($newRow);
     //free the result and unset the row
     unset($row);
     unset($newRow);
     //if the session is not tagged as logged we do so
     if (!isset($_SESSION['logged'])) {
         $_SESSION['logged'] = '1';
     }
 }