function add($loginId, $password, $name, $email) { global $database, $db, $event; if (empty($loginId) || empty($password) || empty($name) || empty($email)) { return false; } $loginId = $db->escape($loginId); $mpassword = $db->escape(Encrypt::hmac($loginId, md5(md5($password)))); $name = $db->escape($name); $email = $db->escape($email); $is_accepted = (Settings::get('restrictJoin') == 'y') ? 'n' : 'y'; $input = array('loginid'=>$loginId, 'password'=>$password, 'name'=>$name, 'email'=>$email, 'is_accepted'=>Validator::getBool($is_accepted)); if ($event->on('User.add', $input) === false) return false; if (!$db->execute('INSERT INTO '.$database['prefix'].'Users (loginid, name, password, email, created, is_accepted) VALUES ("'.$loginId.'","'.$name.'","'.$mpassword.'","'.$email.'",UNIX_TIMESTAMP(),"'.$is_accepted.'")')) { $event->on('User.add.rollback'); return false; } return true; }
function getEncryptedPassword($userid, $plainPassword) { return Encrypt::hmac($userid, md5(md5($plainPassword))); }
foreach ($_POST as $key=>$value) { if (Validator::enum($key, 'userid,userpw')) $IV[$key] = $db->escape($value); } if (!isset($IV['userid']) || !isset($IV['userpw'])) { header("Location: {$path}/setup/?step=uninstall&error=10"); exit; } if (!list($loginid, $password, $is_admin) = $db->pick("SELECT loginid, password, is_admin FROM {$database['prefix']}Users WHERE loginid='{$IV['userid']}'")) { header("Location: {$path}/setup/?step=uninstall&error=11"); exit; } if ($password != Encrypt::hmac($IV['userid'], md5(md5($IV['userpw'])))) { header("Location: {$path}/setup/?step=uninstall&error=12"); exit; } if (!Validator::getBool($is_admin)) { header("Location: {$path}/setup/?step=uninstall&error=13"); exit; } $db->execute("DROP TABLE {$database['prefix']}Booms, {$database['prefix']}Categories, {$database['prefix']}CategoryRelations, {$database['prefix']}DailyStatistics, {$database['prefix']}DeleteHistory,
if($_POST['is_secede'] == '1') { // 탈퇴 if($readUser['is_admin'] == 'y') { echo '<script type="text/javascript">alert("'._t('관리자 권한을 가지고 있는 회원은 탈퇴처리할 수 없습니다.').'");</script>'; } else { User::delete($_POST['id']); } } else { if (($readUser['is_admin'] == 'y') && ($isAdmin == 'n')) { $countAdmin = User::getAdminCount(); if ($countAdmin <= 1) { echo '<script type="text/javascript">alert("'._t('한 명 이상의 관리자는 존재해야 합니다.').'");</script>'; $isAdmin = 'y'; } } $isAccepted = (isset($_POST['is_accepted'])) ? 'y' : 'n'; $passw = (!empty($_POST['password'])) ? Encrypt::hmac($readUser['loginid'], md5(md5($_POST['password']))) : ''; $moArr = array("name"=>$_POST['name'], "email"=>$_POST['email'], "password"=>$passw, "plainpassword"=>$_POST['password'], "is_admin"=>$isAdmin, "is_accepted"=>$isAccepted); if (!User::edit($_POST['id'], $moArr, 'plainpassword')) { $msg = _t('회원정보 수정 실패'); } else { $msg = _t('회원정보 수정 성공'); } } } $readUser = User::getAll($read); } $pageCount = 15; // 페이지갯수 $page = isset($_GET['page']) ? $_GET['page'] : 1; if(!isset($page) || empty($page)) $page = 1;
} else { if ($myPassword != Encrypt::hmac($_POST['loginid'], md5(md5($_POST['leaveoutpassword'])))) { // echo '<script type="text/javascript">alert("'._t('비밀번호가 잘못되었습니다').'");</script>'; } else { User::delete(getLoggedId()); logout(); echo '<script type="text/javascript">alert("'._t('탈퇴했습니다. 안녕히가세요.').'"); document.location.replace("http://'.$_SERVER['HTTP_HOST'].$service['path'].'");</script>'; } } } else if (isset($_POSt['leaveout']) && empty($_POST['leaveoutpassword'])) { // echo '<script type="text/javascript">alert("'._t('탈퇴 과정을 진행하려면 비밀번호 확인 입력을 해주세요').'");</script>'; } else { if (isset($_POST['name'])) { $moArr = array("name"=>$_POST['name'], "email"=>$_POST['email']); if (!empty($_POST['password'])) { $moArr['password'] = Encrypt::hmac($_POST['loginid'], md5(md5($_POST['password']))); $moArr['plainpassword'] = $_POST['password']; } if (!User::edit($session['id'], $moArr, 'plainpassword')) { //echo '<script type="text/javascript">alert("'._t('회원정보를 수정할 수 없습니다').'");</script>'; } else { $userInformation = getUsers(); //echo '<script type="text/javascript">alert("'._t('회원정보를 수정했습니다').'");</script>'; addAppMessage(_t('수정 완료했습니다.')); } } } include ROOT. '/lib/piece/adminHeader.php'; ?>
} else { if ($myPassword != Encrypt::hmac($userInformation['loginid'], md5(md5($_POST['leaveoutpassword'])))) { // echo '<script type="text/javascript">alert("'._t('비밀번호가 잘못되었습니다').'");</script>'; } else { User::delete(getLoggedId()); logout(); echo '<script type="text/javascript">alert("'._t('탈퇴했습니다. 안녕히가세요.').'"); document.location.replace("http://'.$_SERVER['HTTP_HOST'].$service['path'].'");</script>'; } } } else if (isset($_POSt['leaveout']) && empty($_POST['leaveoutpassword'])) { // echo '<script type="text/javascript">alert("'._t('탈퇴 과정을 진행하려면 비밀번호 확인 입력을 해주세요').'");</script>'; } else { if (isset($_POST['name'])) { $moArr = array("name"=>$_POST['name'], "email"=>$_POST['email']); if (!empty($_POST['password'])) { $moArr['password'] = Encrypt::hmac($userInformation['loginid'], md5(md5($_POST['password']))); $moArr['plainpassword'] = $_POST['password']; } if (!User::edit($session['id'], $moArr, 'plainpassword')) { //echo '<script type="text/javascript">alert("'._t('회원정보를 수정할 수 없습니다').'");</script>'; } else { $userInformation = getUsers(); //echo '<script type="text/javascript">alert("'._t('회원정보를 수정했습니다').'");</script>'; } } } ?> <link rel="stylesheet" href="<?php echo $service['path'];?>/style/admin_user.css" type="text/css" /> <script type="text/javascript"> </script>