function generateLogInToken()
{
$str = "";
$con = mysqli_connect("localhost", "root", "root", "instadb") or die("Error: unable to connect");
$found = false;
while ($found != true) {
$str = generateString(rand(20, 100));
$result = mysqli_query($con, "SELECT * FROM loginTokens WHERE token='{$str}'") or die("error 001");
if (mysqli_num_rows($result) == 0) {
$found = true;
return $str;
}
}
return $str;
}
function addContinuationsEntry($nextmode, $data = array(), $duration = SECINWEEK, $deleteFromSelf = 1, $multicall = 1, $repeatProtect = 0)
{
global $user, $mode, $inContinuation, $continuationid;
if ($repeatProtect) {
$data['______parent'] = $continuationid;
}
$serdata = serialize($data);
$contid = md5($mode . $nextmode . $serdata . $user['id']);
$serdata = mysql_escape_string($serdata);
$expiretime = unixToDatetime(time() + $duration);
$query = "SELECT id, " . "parentid " . "FROM continuations " . "WHERE id = '{$contid}' AND " . "userid = {$user['id']}";
$qh = doQuery($query, 101);
if ($row = mysql_fetch_assoc($qh)) {
# update expiretime
$query = "UPDATE continuations " . "SET expiretime = '{$expiretime}' " . "WHERE id = '{$contid}' AND " . "userid = {$user['id']}";
doQuery($query, 101);
} else {
if (!$inContinuation) {
$parent = 'NULL';
} else {
$parent = "'{$continuationid}'";
}
if ($deleteFromSelf || !$inContinuation) {
$deletefromid = $contid;
$parent = 'NULL';
} else {
$query = "SELECT deletefromid " . "FROM continuations " . "WHERE id = '{$continuationid}' AND " . "userid = {$user['id']}";
$qh = doQuery($query, 101);
if (!($row = mysql_fetch_assoc($qh))) {
abort(108);
}
$deletefromid = $row['deletefromid'];
}
$query = "INSERT INTO continuations " . "(id, " . "userid, " . "expiretime, " . "frommode, " . "tomode, " . "data, " . "multicall, " . "parentid, " . "deletefromid) " . "VALUES " . "('{$contid}', " . "{$user['id']}, " . "'{$expiretime}', " . "'{$mode}', " . "'{$nextmode}', " . "'{$serdata}', " . "{$multicall}, " . "{$parent}, " . "'{$deletefromid}')";
doQuery($query, 101);
}
$salt = generateString(8);
$now = time();
$data = "{$salt}:{$contid}:{$user['id']}:{$now}";
$edata = encryptData($data);
$udata = urlencode($edata);
return $udata;
}
$tpl['user']['errors'] = array();
$tpl['user']['send_status'] = false;
$tpl['user']['email'] =request('email');
$tpl['user']['subscr'] = isset($_REQUEST['subscr'])?1:0;
$tpl['user']['subscr_shop'] = isset($_REQUEST['subscr_shop'])?1:0;
$tpl['user']['user_exist'] = request('user_exist');
$tpl['user']['password'] = request('password');
$datatype = request('datatype');
IF($datatype=='json'){
$validator = new Zend_Validate_EmailAddress();
$mail_class = new mails();
if (!$tpl['user']['user_exist']){
//генерирум рандомный пароль для регистрации
$password = generateString(8);
if (!$validator->isValid($tpl['user']['email'])) {
$tpl['user']['errors'] = "Неверный Email";
} else if($userData = $user_class->getRowByParams(array('email'=>$tpl['user']['email']))){
$tpl['user']['errors'][] = "Пользователь с таким Email уже существует в системе";
} else {
$data = array('email'=>$tpl['user']['email'],
'userpassword' => $password,
'userlogin'=>$tpl['user']['email']);
//регистрируем
$userId = $user_class->addNewUser($data);
//подписываемся на новости
$data_subscribe = array();
if($tpl['user']['subscr']){
$data_subscribe['news']=1;
if ($validated && $loginhandler->captcha_verified == true) {
// Successful login
if ($loginhandler->login_data['coppauser']) {
error($lang->error_awaitingcoppa);
}
function generateString($length = 10)
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$rawChallenge = generateString(64);
$_SESSION['LOGIN_ST2_RAW_CHALLENGE'] = $rawChallenge;
$_SESSION['LOGIN_ST2_LOGINDATA'] = serialize($loginhandler);
//
$query = $db->simple_select("users", "uid", "username='******'");
$userid = $db->fetch_field($query, "uid");
$query = $db->query("SELECT fid4 FROM mybb_userfields WHERE ufid=1");
$userPubkey = $db->fetch_field($query, "fid4");
if ($userPubkey == "" || $userPubkey == "None") {
error($lang->error_missinggpg);
}
// Encrypt challenge using user's public key
$gpg = new gnupg();
// Import user's pubkey
$gpgImportInfo = $gpg->import($userPubkey);
// Add encryption key
$numChars = strlen($chars);
$string = '';
for ($i = 0; $i < $length; $i++) {
$string .= substr($chars, rand(1, $numChars) - 1, 1);
}
return $string;
}
for ($k = 1; $k <= 10000; $k++) {
//У мене буде 50 категорій, 10 000 авторів та 300 000 одиниць товару
$authors_title = generateString(15);
$authors_bio = generateString(50);
$sql = "\n insert into authors\n set title = '{$authors_title}',\n bio = '{$authors_bio}'\n ";
mysqli_query($link, $sql);
}
for ($j = 1; $j <= 300000; $j++) {
$books_title = generateString(20);
$books_price = rand(20, 1000);
$books_category_id = rand(1, 50);
$sql1 = "\n insert into books\n set title = '{$books_title}',\n price = '{$books_price}',\n category_id = '{$books_category_id}'\n ";
mysqli_query($link, $sql1);
$books_authors_book_id = rand(1, 300000);
$books_authors_author_id = rand(1, 10000);
$sql2 = "\n insert into books_authors\n set book_id = '{$books_authors_book_id}',\n author_id = '{$books_authors_author_id}'\n ";
mysqli_query($link, $sql2);
}
for ($n = 1; $n <= 50; $n++) {
$categories_parent_id = rand(1, 50);
$categories_title = generateString(10);
$sql3 = "\n insert into categories\n set parent_id = '{$categories_parent_id}',\n title = '{$categories_title}'\n ";
mysqli_query($link, $sql3);
}
}
$query = $db->query("SELECT fid4 FROM mybb_userfields WHERE ufid='{$loginhandler->login_data['uid']}'");
$userPubkey = $db->fetch_field($query, "fid4");
function generateString($length = 10)
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
if ($userPubkey != "" && $userPubkey != "None") {
// GPG login
$rawChallenge = generateString(GPG_CHALLENGE_SIZE);
$_SESSION['LOGIN_ST2_RAW_CHALLENGE'] = $rawChallenge;
$_SESSION['LOGIN_ST2_LOGINDATA'] = serialize($loginhandler);
putenv('GNUPGHOME=/tmp');
// Encrypt challenge using user's public key
$gpg = new gnupg();
// Set error mode to exception
$gpg->seterrormode(gnupg::ERROR_WARNING);
// Import user's pubkey
$gpgImportInfo = $gpg->import($userPubkey);
if ($gpgImportInfo == false || $gpgImportInfo['fingerprint'] == "") {
error($lang->error_invalidgpg);
}
// Add encryption key
$gpgAddKey = $gpg->addencryptkey($gpgImportInfo['fingerprint']);
$encryptedChallenge = $gpg->encrypt($rawChallenge);