コード例 #1
0
 /**
  * Save a user's new password
  *
  */
 function ChangePass()
 {
     global $langmessage, $config;
     $fields = 0;
     if (!empty($_POST['oldpassword'])) {
         $fields++;
     }
     if (!empty($_POST['password'])) {
         $fields++;
     }
     if (!empty($_POST['password1'])) {
         $fields++;
     }
     if ($fields < 2) {
         return;
         //assume user didn't try to reset password
     }
     //make sure password and password1 match
     if (!$this->CheckPasswords()) {
         return false;
     }
     //check the old password
     $pass_hash = gpsession::PassAlgo($this->user_info);
     $oldpass = common::hash($_POST['oldpassword'], $pass_hash);
     if ($this->user_info['password'] != $oldpass) {
         message($langmessage['couldnt_reset_pass']);
         return false;
     }
     self::SetUserPass($this->users[$this->username], $_POST['password']);
 }
コード例 #2
0
 function ChangePass()
 {
     global $langmessage;
     $fields = 0;
     if (!empty($_POST['oldpassword'])) {
         $fields++;
     }
     if (!empty($_POST['password'])) {
         $fields++;
     }
     if (!empty($_POST['password1'])) {
         $fields++;
     }
     if ($fields < 2) {
         return;
         //assume user didn't try to reset password
     }
     //see also admin_users for password checking
     if (!$this->CheckPasswords()) {
         return false;
     }
     $oldpass = common::hash(trim($_POST['oldpassword']));
     if ($this->user_info['password'] != $oldpass) {
         message($langmessage['couldnt_reset_pass']);
         return false;
     }
     $this->users[$this->username]['password'] = common::hash(trim($_POST['password']));
 }
コード例 #3
0
 /**
  * Save a user's new password
  *
  */
 function ResetPass()
 {
     global $langmessage, $config;
     if (!$this->CheckPasswords()) {
         return false;
     }
     $username = $_POST['username'];
     if (!isset($this->users[$username])) {
         message($langmessage['OOPS']);
         return false;
     }
     $pass_hash = gpsession::PassAlgo($this->users[$username]);
     $this->users[$username]['password'] = common::hash($_POST['password'], $pass_hash);
     return $this->SaveUserFile();
 }
コード例 #4
0
ファイル: install.php プロジェクト: stegrams/Typesetter
    static function Install_DataFiles_New($destination = false, $config = array(), $base_install = true)
    {
        global $langmessage;
        if ($destination === false) {
            $destination = $GLOBALS['dataDir'];
        }
        //set config variables
        //$config = array(); //because of ftp values
        $gpLayouts = array();
        //use bootswatch theme if server has enough memory
        $gpLayouts['default']['theme'] = 'Bootswatch_Flatly/4_Sticky_Footer';
        $gpLayouts['default']['label'] = 'Bootswatch_Flatly/4_Sticky_Footer';
        if (@ini_set('memory_limit', '96M') === false) {
            $limit = ini_get('memory_limit');
            $limit = common::getByteValue($limit);
            if ($limit < 100663296) {
                $gpLayouts['default']['theme'] = 'Three_point_5/Shore';
                $gpLayouts['default']['label'] = 'Three_point_5/Shore';
            }
        }
        $gpLayouts['default']['color'] = '#93c47d';
        $_config['toemail'] = $_POST['email'];
        $_config['gpLayout'] = 'default';
        $_config['title'] = Install_Tools::Install_Title();
        $_config['keywords'] = CMS_NAME . ' , Easy CMS, Content Management, PHP, Free CMS, Website builder, Open Source';
        $_config['desc'] = 'A new ' . CMS_NAME . ' installation. You can change your site\'s description in the configuration.';
        $_config['timeoffset'] = '0';
        $_config['langeditor'] = 'inherit';
        $_config['dateformat'] = '%m/%d/%y - %I:%M %p';
        $_config['gpversion'] = gpversion;
        $_config['passhash'] = 'sha512';
        $_config['gpuniq'] = common::RandomString(20);
        $_config['combinecss'] = Install_Tools::BooleanValue('combinecss', true);
        $_config['combinejs'] = Install_Tools::BooleanValue('combinejs', true);
        $_config['etag_headers'] = Install_Tools::BooleanValue('etag_headers', true);
        $_config['language'] = 'en';
        $config += $_config;
        //directories
        gpFiles::CheckDir($destination . '/data/_uploaded/image');
        gpFiles::CheckDir($destination . '/data/_uploaded/media');
        gpFiles::CheckDir($destination . '/data/_uploaded/file');
        gpFiles::CheckDir($destination . '/data/_uploaded/flash');
        gpFiles::CheckDir($destination . '/data/_sessions');
        // gp_index
        $new_index = array();
        $new_index['Home'] = 'a';
        $new_index['Heading_Page'] = 'b';
        $new_index['Help_Videos'] = 'c';
        $new_index['Child_Page'] = 'd';
        $new_index['More'] = 'e';
        $new_index['About'] = 'f';
        $new_index['Contact'] = 'special_contact';
        $new_index['Site_Map'] = 'special_site_map';
        $new_index['Galleries'] = 'special_galleries';
        $new_index['Missing'] = 'special_missing';
        $new_index['Search'] = 'special_gpsearch';
        //	gpmenu
        $new_menu = array();
        $new_menu['a'] = array('level' => 0);
        $new_menu['b'] = array('level' => 0);
        $new_menu['c'] = array('level' => 1);
        $new_menu['d'] = array('level' => 1);
        $new_menu['e'] = array('level' => 0);
        $new_menu['f'] = array('level' => 1);
        $new_menu['special_contact'] = array('level' => 1);
        //	links
        $new_titles = array();
        $new_titles['a']['label'] = 'Home';
        $new_titles['a']['type'] = 'text';
        $new_titles['b']['label'] = 'Heading Page';
        $new_titles['b']['type'] = 'text';
        $new_titles['c']['label'] = 'Help Videos';
        $new_titles['c']['type'] = 'text';
        $new_titles['d']['label'] = 'Child Page';
        $new_titles['d']['type'] = 'text';
        $new_titles['e']['label'] = 'More';
        $new_titles['e']['type'] = 'text';
        $new_titles['f']['label'] = 'About';
        $new_titles['f']['type'] = 'text';
        $new_titles['special_contact']['lang_index'] = 'contact';
        $new_titles['special_contact']['type'] = 'special';
        $new_titles['special_site_map']['lang_index'] = 'site_map';
        $new_titles['special_site_map']['type'] = 'special';
        $new_titles['special_galleries']['lang_index'] = 'galleries';
        $new_titles['special_galleries']['type'] = 'special';
        $new_titles['special_missing']['label'] = 'Missing';
        $new_titles['special_missing']['type'] = 'special';
        $new_titles['special_gpsearch']['label'] = 'Search';
        $new_titles['special_gpsearch']['type'] = 'special';
        $pages = array();
        $pages['gp_index'] = $new_index;
        $pages['gp_menu'] = $new_menu;
        $pages['gp_titles'] = $new_titles;
        $pages['gpLayouts'] = $gpLayouts;
        echo '<li>';
        if (!gpFiles::SaveData($destination . '/data/_site/pages.php', 'pages', $pages)) {
            echo '<span class="failed">';
            //echo 'Could not save pages.php';
            echo sprintf($langmessage['COULD_NOT_SAVE'], 'pages.php');
            echo '</span>';
            echo '</li>';
            return false;
        }
        echo '<span class="passed">';
        //echo 'Pages.php saved.';
        echo sprintf($langmessage['_SAVED'], 'pages.php');
        echo '</span>';
        echo '</li>';
        // Home
        $content = '<h2>Welcome!</h2>
		<p>Welcome to your new ' . CMS_NAME . ' powered website. Now that ' . CMS_NAME . ' is installed, you can start editing the content and customizing your site.</p>
		<h3>Getting Started</h3>
		<p>You are currently viewing the default home page of your website. Here\'s a quick description of how to edit this page.</p>
		<ol>
		<li>First make sure you&#39;re ' . Install_Tools::Install_Link_Content('Admin', 'logged in', 'file=Home') . '.</li>
		<li>Then, to edit this page, click the &quot;Edit&quot; link that appears when you move your mouse over the content.</li>
		<li>Make your edits, click &quot;Save&quot; and you&#39;re done!</li>
		</ol>
		<h3>More Options</h3>
		<ul>
		<li>Adding, renaming, deleting and organising your pages can all be done in the ' . Install_Tools::Install_Link_Content('Admin_Menu', 'Page Manager') . '.</li>
		<li>Choose from a ' . Install_Tools::Install_Link_Content('Admin_Theme_Content', 'variety of themes') . ' to give your site a custom look.</li>
		<li>Then, you can ' . Install_Tools::Install_Link_Content('Admin_Theme_Content', 'add, remove and rearrange', 'cmd=editlayout') . ' the content of your site without editing the html.</li>
		<li>Take a look at the Administrator Toolbar to access all the features of ' . CMS_NAME . '.</li>
		</ul>
		<h3>Online Resources</h3>
		<p>' . CMS_READABLE_DOMAIN . ' has a number of resources to help you do even more.</p>
		<ul>
		<li>Find more community developed <a href="' . CMS_DOMAIN . '/Themes" title="' . CMS_NAME . ' Themes">themes</a> and <a href="' . CMS_DOMAIN . '/Plugins" title="' . CMS_NAME . ' Plugin">plugins</a> to enhance your site.</li>
		<li>Get help in the <a href="' . CMS_DOMAIN . '/Forum" title="' . CMS_NAME . ' Forum">' . CMS_NAME . ' forum</a>.</li>
		<li>Show off your <a href="' . CMS_DOMAIN . '/Powered_by" title="Sites Using ' . CMS_NAME . '">' . CMS_NAME . ' powered site</a> or list your <a href="' . CMS_DOMAIN . '/Service_Provider" title="Businesses Using ' . CMS_NAME . '">' . CMS_NAME . ' related business</a>.</li>
		</ul>';
        self::NewTitle($destination, 'Home', $content, $config, $new_index);
        // Heading Page
        $content = '<h1>A Heading Page</h1>
		<ul><li>' . Install_Tools::Install_Link_Content('Help_Videos', 'Help Videos') . '</li>
		<li>' . Install_Tools::Install_Link_Content('Child_Page', 'Child Page') . '</li>
		</ul>';
        self::NewTitle($destination, 'Heading_Page', $content, $config, $new_index);
        // Help Videos
        $content = '<h1>Help Videos</h1>
		<p>Video tutorials are often a fast and easy way to learn new things quickly.
		We now have an English version and Deutsch (German) available below.
		If you make a video tutorial for ' . CMS_NAME . ', <a href="' . CMS_DOMAIN . '/Contact">let us know</a>, and we\'ll make sure it\'s included in our list.
		</p>
		<p>And as always, to edit this page, just click the "Edit" button while logged in.</p>

		<h2>Português</h2>
		<p><iframe width="640" height="360" src="http://www.youtube.com/embed/KCnGpUzYTbQ" frameborder="0" allowfullscreen></iframe></p>

		<h2>Deutsch</h2>
		<p>Created by <a href="' . CMS_DOMAIN . '/Service_Provider?id=57" title="IT Ricther on ' . CMS_READABLE_DOMAIN . '">IT Richter</a></p>
		<p><iframe width="640" height="360" src="http://www.youtube.com/embed/04cNgR1EiFY" frameborder="0" allowfullscreen></iframe></p>';
        self::NewTitle($destination, 'Help_Videos', $content, $config, $new_index);
        // Child Page
        $content = '<h1>A Child Page</h1><p>This was created as a subpage of your <em>Help Videos</em> . You can easily change the arrangement of all your pages using the ' . Install_Tools::Install_Link_Content('Admin_Menu', 'Page Manager') . '.</p>';
        self::NewTitle($destination, 'Child_Page', $content, $config, $new_index);
        // More
        $content = '<h1>More</h1>
		<ul><li>' . Install_Tools::Install_Link_Content('About', 'About') . '</li>
		<li>' . Install_Tools::Install_Link_Content('Contact', 'Contact') . '</li>
		</ul>';
        self::NewTitle($destination, 'More', $content, $config, $new_index);
        // About
        $content = '<h1>About ' . CMS_NAME . '</h1><p><a href="' . CMS_DOMAIN . '" title="' . CMS_READABLE_DOMAIN . '">' . CMS_NAME . '</a> is a complete Content Management System (CMS) that can help you create rich and flexible web sites with a simple and easy to use interface.</p>
		<h2>' . CMS_NAME . ' How To</h2>
		<p>Learn how to <a href="' . CMS_DOMAIN . '/Docs/Main/Admin" title="' . CMS_NAME . ' File Management">manage your files</a>,
		<a href="' . CMS_DOMAIN . '/Docs/Main/Creating%20Galleries" title="Creating Galleries in ' . CMS_NAME . '">create galleries</a> and more in the
		<a href="' . CMS_DOMAIN . '/Docs/index.php/" title="' . CMS_NAME . ' Documentation">' . CMS_NAME . ' Documentation</a>.
		</p>

		<h2>' . CMS_NAME . ' Features</h2>
		<ul>
		<li>True WYSIWYG (Using CKEditor)</li>
		<li>Galleries (Using ColorBox)</li>
		<li>SEO Friendly Links</li>
		<li>Free and Open Source (GPL)</li>
		<li>Runs on PHP</li>
		<li>File Upload Manager</li>
		<li>Drag \'n Drop Theme Content</li>
		<li>Deleted File Trash Can</li>
		<li>Multiple User Administration</li>
		<li>Flat File Storage</li>
		<li>Fast Page Loading</li>
		<li>Fast and Easy Installation</li>
		<li>reCaptcha for Contact Form</li>
		<li>HTML Tidy (when available)</li>
		</ul>';
        self::NewTitle($destination, 'About', $content, $config, $new_index);
        //Side_Menu
        $file = $destination . '/data/_extra/Side_Menu.php';
        $content = '<h3>Join the ' . CMS_NAME . ' Community</h3>
		<p>Visit ' . CMS_READABLE_DOMAIN . ' to access the many <a href="' . CMS_DOMAIN . '/Resources" title="' . CMS_NAME . ' Community Resources">available resources</a> to help you get the most out of our CMS.</p>
		<ul>
		<li><a href="' . CMS_DOMAIN . '/Themes" title="' . CMS_NAME . ' Themes">Download Themes</a></li>
		<li><a href="' . CMS_DOMAIN . '/Plugins" title="' . CMS_NAME . ' Plugin">Download Plugins</a></li>
		<li><a href="' . CMS_DOMAIN . '/Forum" title="' . CMS_NAME . ' Forum">Get Help in the Forum</a></li>
		<li><a href="' . CMS_DOMAIN . '/Powered_by" title="Sites using ' . CMS_NAME . '">Show off Your Site</a></li>
		<li><a href="' . CMS_DOMAIN . '/Resources" title="' . CMS_NAME . ' Community Resources">And Much More...</a></li>
		</ul>
		<p class="sm">(Edit this content by clicking &quot;Edit&quot;, it&#39;s that easy!)</p>';
        self::NewExtra($file, $content);
        //Header
        $file = $destination . '/data/_extra/Header.php';
        $content = '<h1>' . $config['title'] . '</h1>
		<h4>' . 'The Fast and Easy CMS' . '</h4>';
        self::NewExtra($file, $content);
        //Footer
        $file = $destination . '/data/_extra/Footer.php';
        $content = '<h3><a href="' . CMS_DOMAIN . '/Our_CMS" title="Features of Our CMS">' . CMS_NAME . ' Features</a></h3>
		<p>Easy to use True WYSIWYG Editing.</p>
		<p>Flat-file data storage and advanced resource management for fast websites.</p>
		<p>Community driven development</p>
		<p><a href="' . CMS_DOMAIN . '/Our_CMS" title="Features of Our CMS">And More...</a></p>
		<p>If you like ' . CMS_NAME . ', then you might also like
		<a href="http://lessphp.gpeasy.com" title="A Less to CSS compiler based on the official lesscss project">Less.php</a>,
		<a href="http://whatcms.org" title="What CMS? Find out what CMS a site is using">WhatCMS.org</a> and
		<a href="http://whichcms.org" title="Which CMS? Find out which CMS has the features you\'re looking for.">WhichCMS.org</a>.
		</p>';
        self::NewExtra($file, $content);
        //Another example area
        $file = $destination . '/data/_extra/Lorem.php';
        $content = '<h3>Heading</h3>
		<p>Donec sed odio dui. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Vestibulum id ligula porta felis euismod semper. Fusce dapibus, tellus ac cursus commodo, tortor mauris condimentum nibh, ut fermentum massa justo sit amet risus.</p>';
        self::NewExtra($file, $content);
        //contact html
        $file = $destination . '/data/_extra/Contact.php';
        self::NewExtra($file, '<h2>Contact Us</h2><p>Use the form below to contact us, and be sure to enter a valid email address if you want to hear back from us.</p>');
        //users
        echo '<li>';
        $user_info = array();
        $user_info['password'] = common::hash($_POST['password'], 'sha512');
        $user_info['passhash'] = 'sha512';
        $user_info['granted'] = 'all';
        $user_info['editing'] = 'all';
        $user_info['email'] = $_POST['email'];
        $users = array();
        $username = $_POST['username'];
        //log user in here to finish user_info
        if ($base_install) {
            includeFile('tool/sessions.php');
            gp_defined('gp_session_cookie', gpsession::SessionCookie($config['gpuniq']));
            gpsession::create($user_info, $username, $sessions);
        }
        $users[$username] = $user_info;
        if (!gpFiles::SaveData($destination . '/data/_site/users.php', 'users', $users)) {
            echo '<span class="failed">';
            echo sprintf($langmessage['COULD_NOT_SAVE'], 'users.php');
            echo '</span>';
            echo '</li>';
            return false;
        }
        echo '<span class="passed">';
        echo sprintf($langmessage['_SAVED'], 'users.php');
        echo '</span>';
        echo '</li>';
        //save config
        //not using SaveConfig() because $config is not global here
        echo '<li>';
        $config['file_count'] = self::$file_count;
        if (!gpFiles::SaveData($destination . '/data/_site/config.php', 'config', $config)) {
            echo '<span class="failed">';
            echo sprintf($langmessage['COULD_NOT_SAVE'], 'config.php');
            echo '</span>';
            echo '</li>';
            return false;
        }
        echo '<span class="passed">';
        echo sprintf($langmessage['_SAVED'], 'config.php');
        echo '</span>';
        echo '</li>';
        if ($base_install) {
            Install_Tools::InstallHtaccess($destination, $config);
        }
        gpFiles::Unlock('write', gp_random);
        return true;
    }
コード例 #5
0
ファイル: admin_users.php プロジェクト: VTAMAGNO/gpEasy-CMS
 /**
  * Set the user password and password hash algorithm
  *
  */
 static function SetUserPass(&$user_info, $password)
 {
     if (function_exists('password_hash') && $_REQUEST['algo'] == 'password_hash') {
         $temp = common::hash($_POST['password'], 'sha512', 50);
         $user_info['password'] = password_hash($temp, PASSWORD_DEFAULT);
         $user_info['passhash'] = 'password_hash';
     } else {
         $user_info['password'] = common::hash($_POST['password'], 'sha512');
         $user_info['passhash'] = 'sha512';
     }
 }
コード例 #6
0
ファイル: admin_display.php プロジェクト: rizub4u/gpEasy-CMS
 function SendPassword()
 {
     global $langmessage, $dataDir, $gp_mailer;
     includeFile('tool/email_mailer.php');
     include $dataDir . '/data/_site/users.php';
     $username = $_POST['username'];
     if (!isset($users[$username])) {
         message($langmessage['OOPS']);
         return false;
     }
     $userinfo = $users[$username];
     if (empty($userinfo['email'])) {
         message($langmessage['no_email_provided']);
         return false;
     }
     $passwordChars = str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', 3);
     $newpass = str_shuffle($passwordChars);
     $newpass = substr($newpass, 0, 8);
     $users[$username]['newpass'] = common::hash(trim($newpass));
     if (!gpFiles::SaveArray($dataDir . '/data/_site/users.php', 'users', $users)) {
         message($langmessage['OOPS']);
         return false;
     }
     if (isset($_SERVER['HTTP_HOST'])) {
         $server = $_SERVER['HTTP_HOST'];
     } else {
         $server = $_SERVER['SERVER_NAME'];
     }
     $link = common::AbsoluteLink('Admin_Main', $langmessage['login']);
     $message = sprintf($langmessage['passwordremindertext'], $server, $link, $username, $newpass);
     if ($gp_mailer->SendEmail($userinfo['email'], $langmessage['new_password'], $message)) {
         list($namepart, $sitepart) = explode('@', $userinfo['email']);
         $showemail = substr($namepart, 0, 3) . '...@' . $sitepart;
         message(sprintf($langmessage['password_sent'], $username, $showemail));
         return true;
     }
     message($langmessage['OOPS'] . ' (Email not sent)');
     return false;
 }
コード例 #7
0
ファイル: sessions.php プロジェクト: rizub4u/gpEasy-CMS
 /**
  * check password, choose between plaintext, md5 encrypted or sha-1 encrypted
  * @param string $user_pass
  */
 function CheckPassword($user_pass)
 {
     // $user_pass is the already encrypted password (md5 or sha)
     // the second level hash is always done with sha
     $nonced_pass = sha1($_POST['login_nonce'] . $user_pass);
     //without encryption
     if (!gp_require_encrypt && !empty($_POST['password'])) {
         $pass = common::hash(trim($_POST['password']));
         if ($user_pass === $pass) {
             return true;
         }
         return false;
     }
     //with md5 encryption
     if (isset($config['shahash']) && !$config['shahash']) {
         if ($nonced_pass === $_POST['pass_md5']) {
             return true;
         }
         return false;
     }
     //with sha encryption
     if ($nonced_pass === $_POST['pass_sha']) {
         return true;
     }
     return false;
 }
コード例 #8
0
ファイル: admin_users.php プロジェクト: rizub4u/gpEasy-CMS
 /**
  * Save a user's new password
  */
 function ResetPass()
 {
     global $langmessage;
     if (!$this->CheckPasswords()) {
         return false;
     }
     $username = $_POST['username'];
     if (!isset($this->users[$username])) {
         message($langmessage['OOPS']);
         return false;
     }
     $this->users[$username]['password'] = common::hash(trim($_POST['password']));
     return $this->SaveUserFile();
 }
コード例 #9
0
ファイル: sessions.php プロジェクト: barbrick/gpEasy-CMS
 /**
  * Check password, choose between plaintext, md5 encrypted or sha-1 encrypted
  * @param string $user_pass
  * @param string $nonce
  * @param string $pass_algo Password hashing algorithm
  *
  */
 static function CheckPassword($user_pass, $nonce, $pass_algo)
 {
     global $config;
     $posted_pass = false;
     switch ($pass_algo) {
         case 'md5':
             $posted_pass = $_POST['pass_md5'];
             $user_pass = sha1($nonce . $user_pass);
             break;
         case 'sha1':
             $posted_pass = $_POST['pass_sha'];
             $user_pass = sha1($nonce . $user_pass);
             break;
         case 'sha512':
             //javascript only loops through sha512 50 times
             $posted_pass = common::hash($_POST['pass_sha512'], 'sha512', 950);
             break;
         case 'password_hash':
             return password_verify($_POST['pass_sha512'], $user_pass);
     }
     if ($posted_pass && $posted_pass === $user_pass) {
         return true;
     }
     return false;
 }