function adminRegisterAccount($email, $password, $name) { global $db; $email = escape($email); if (substr($password, 0, 6) == ":hash:") { $password = escape(substr($password, 6)); } else { require_once includePath() . "/pbkdf2.php"; $password = escape("*pbkdf2*" . pbkdf2_create_hash($password)); } $name = escape($name); $db->query("INSERT INTO accounts (email, password, name) VALUES ('{$email}', '{$password}', '{$name}')"); }
include "include/common.php"; include "include/pbkdf2.php"; if (isset($_REQUEST['password'])) { $password = $_REQUEST['password']; $format = "pbkdf2"; if (isset($_REQUEST['format'])) { if ($_REQUEST['format'] == "hash") { $format = "hash"; } else { if ($_REQUEST['format'] == "plain") { $format = "plain"; } } } if ($format == "pbkdf2") { $password = pbkdf2_create_hash($password); } else { if ($format == "hash") { $password = chash($password); } } echo "<p>mkpasswd result: {$password}</p>"; } ?> <form method="POST" action="mkpasswd.php"> Password: <input type="password" name="password" /> <br />Format: <select name="format"> <option value="pbkdf2">PBKDF2 (recommended)</option> <option value="hash">SHA-512</option> <option value="plain">Plain text</option>
function authChangePassword($user_id, $old_password, $new_password) { global $config, $db; if (!checkLock("checkuser")) { return "Too many failed attempts. Please try again later."; } if (strlen($new_password) < 6) { return "The new password is too short. Please use at least six characters."; } if ($old_password == $new_password) { return "The old and new passwords are identical."; } if (!authCheckPassword($user_id, $old_password, "id")) { lockAction("checkuser"); return "The password you entered is not correct."; } $user_id = escape($user_id); require_once includePath() . "/pbkdf2.php"; $new_password = escape("*pbkdf2*" . pbkdf2_create_hash($new_password)); $db->query("UPDATE accounts SET password = '******' WHERE id = '{$user_id}'"); return true; }
function installConfig() { require_once "../include/pbkdf2.php"; $fout = fopen("../config_local.php_", 'w') or die("Could not write to local configuration file!"); fwrite($fout, "<?php\n"); fwrite($fout, '$config["site_name"] = "' . readline("Site name? ") . '";' . "\n"); fwrite($fout, '$config["root_path"] = "' . readline("Root path (ex: /uxpanel/)? ") . '";' . "\n"); fwrite($fout, '$config["mail_from"] = "' . readline("E-mail address to send as? ") . '";' . "\n"); fwrite($fout, '$config["admin_username"] = "******"Admin username? ") . '";' . "\n"); fwrite($fout, '$config["admin_password"] = "******"Admin password? ")) . '";' . "\n"); fwrite($fout, '$config["admin_passwordtype"] = "pbkdf2";' . "\n"); fwrite($fout, '$config["db_hostname"] = "' . readline("Database hostname? ") . '";' . "\n"); fwrite($fout, '$config["db_name"] = "' . readline("Database name? ") . '";' . "\n"); fwrite($fout, '$config["db_username"] = "******"Database username? ") . '";' . "\n"); fwrite($fout, '$config["db_password"] = "******"Database password? ") . '";' . "\n"); do { $slave = readline("Install as slave (y/n)? "); } while ($slave != "y" && $slave != "n"); $slave = $slave == "y"; fwrite($fout, '$config["slave"] = ' . ($slave ? "true" : "false") . ';' . "\n"); if ($slave) { fwrite($fout, '$config["slave_master"] = "' . readline("Master URL (ex: http://master.yourdomain.com/uxpanel/)? ") . '";' . "\n"); fwrite($fout, '$config["slave_id"] = ' . readline("Slave ID number? ") . ';' . "\n"); } fwrite($fout, "?>\n"); fclose($fout); rename("../config_local.php_", "../config_local.php"); }