function test_decode_password()
{
# assume following passed in via the login request from the Access Point:
$RA = "2590CC8A3930DB222781921A8F8B88B1";
$encoded_pw = "D8A7B0E4A6122A73705C4640E86CD62EA499201D98C5F436103448C39A537B07";
# and the shared secret
$secret = "verysecretstring";
echo '$RA = ' . $RA . "<br/>";
echo '$encoded_pw = ' . $encoded_pw . "<br/>";
echo 'strlen($encoded) = ' . strlen($encoded_pw) . "<br/>";
echo '$secret = ' . $secret . "<br/>";
$password = decode_password($RA, $encoded_pw, $secret);
echo "decoded password = "******"123456abcdefghijklmnopqrs"
if (strcmp($password, "123456abcdefghijklmnopqrs") == 0) {
echo "DECODING WAS SUCCESSFUL";
} else {
echo "DECODING FAILED";
}
}
<?php
checkauthentication();
$table = "xuser_pegawai";
$field = array("username", "password", "reset");
$p_next = 55;
if (@$_POST['xuser']) {
extract($_POST);
if ($oldpassword != "") {
if ($password != "") {
if ($retrypassword != "") {
$ocheck = xuser("password", "username = '******'");
$check = mysql_fetch_array($ocheck);
$len = strlen($oldpassword);
if (md5($oldpassword) == decode_password($check['password'], $len)) {
if ($password == $retrypassword) {
$username = $susername;
$len = strlen($password);
$password = encode_password(md5($password), $len);
$reset = "0";
foreach ($field as $k => $val) {
$value[$k] = ${$val};
}
$sql = sql_update($table, $field, $value);
$sql = str_replace("''", "NULL", $sql);
$query = mysql_query($sql);
if ($query == 1) {
$msg = "Ubah kata sandi berhasil. Id = " . $susername . ".";
update_log($msg, $table, $susername, 1);
$_SESSION['errmsg'] = $msg;
} else {
#@
session_start();
include_once "includes.php";
$xlogin = @$_POST['xlogin'];
$xusername = @$_POST['xusername'];
$xpassword = @$_POST['xpassword'];
if ($xlogin == "28B60A2D") {
if ($xusername != "") {
if ($xpassword != "") {
$ouser = xuser("username, password, unit, aktif, reset, kunci", "username = '******'");
$nuser = mysql_num_rows($ouser);
if ($nuser == 1) {
$xuser = mysql_fetch_array($ouser);
if ($xuser['aktif'] == "1") {
$len = strlen($xpassword);
if (decode_password($xuser['password'], $len) == md5($xpassword)) {
$session_name = "Kh41r4";
$_SESSION[$session_name] = 1;
$_SESSION['xusername_' . $session_name] = $xuser['username'];
$_SESSION['xunit_' . $session_name] = $xuser['unit'];
$_SESSION['kunci_' . $session_name] = $xuser['kunci'];
$ouserlevel = xuserlevel("level", "username = '******'username'] . "'");
$xuserlevel = mysql_fetch_array($ouserlevel);
$_SESSION['xlevel_' . $session_name] = $xuserlevel['level'];
$msg = "Login berhasil.";
update_log($msg, 'xlogin', $xuser['username'], 1);
last_login($xuser['username']);
if ($xuser['reset'] == "0") {
?>
<meta http-equiv="refresh" content="0;URL=../index.php" /><?php
$j++;
}
}
if ($j > 0) {
$password = substr($password, 0, strlen($password) - $j);
}
return $password;
}
/* copy request authenticator */
if (array_key_exists('ra', $_GET) && strlen($_GET['ra']) == 32 && ($ra = hex2bin($_GET['ra'])) !== FALSE && strlen($ra) == 16) {
$response['RA'] = $_GET['ra'];
}
/* decode password when available */
$password = FALSE;
if (array_key_exists('username', $_GET) && array_key_exists('password', $_GET)) {
$password = decode_password($response, $_GET['password'], $secret);
}
/* store mac when available */
$mac = FALSE;
if (array_key_exists('mac', $_GET)) {
$mac = $_GET['mac'];
}
/* decode request */
if (array_key_exists('type', $_GET)) {
$type = $_GET['type'];
switch ($type) {
case 'login':
if ($password === FALSE) {
break;
}
if ($password == 'ThisIsThePassword' && $_GET['username'] == 'testuser') {