예제 #1
0
 public static function getOnlineSessions()
 {
     // 		var_dump('getSess', self::$SESSION);
     $cut = time() - GWF_ONLINE_TIMEOUT;
     $sid = self::$SESSION->getSessSID();
     // 		return array_merge(array(self::$SESSION), self::table(__CLASS__)->selectObjects('*, COUNT(*) as num_online', "sess_time>{$cut} AND sess_sid!='{$sid}'", 'user_name ASC', -1, -1, 'sess_user'));
     $sessions = self::table(__CLASS__)->selectObjects('*, COUNT(1) as sessioncount', "sess_time>{$cut} OR sess_id={$sid}", 'user_name ASC', -1, -1, 'sess_user');
     if (!self::haveCookies()) {
         $sessions = array_merge(array(self::$SESSION), $sessions);
     }
     return $sessions;
 }
예제 #2
0
파일: reset.php 프로젝트: sinfocol/gwf3 
function ttr2_request(WC_Challenge $chall, GWF_Form $form)
{
    if (false !== ($errors = $form->validate($chall))) {
        return $errors;
    }
    # Generate reset token
    $sid = GWF_Session::getSessSID();
    $email = $form->getVar('email');
    $token = ttr2_random(16);
    if (!TTR2_Tokens::insertToken($sid, $email, $token)) {
        return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
    }
    # If it's your own real mail, even send it for the lulz :)
    if ($email === GWF_User::getStaticOrGuest()->getValidMail()) {
        ttr2_mail_me($chall, $email, $token);
    }
    return GWF_HTML::message($chall->lang('title'), $chall->lang('msg_mail_sent'));
}
예제 #3
0
파일: index.php 프로젝트: sinfocol/gwf3 
function ttr2_submit(WC_Challenge $chall)
{
    if ('' === ($answer = Common::getPostString('answer', ''))) {
        return;
    }
    $sessid = GWF_Session::getSessSID();
    # First check all "custom" solutions
    $solutions = TTR2_Tokens::getSolutions($sessid);
    foreach ($solutions as $solution) {
        if ($solution['ttr_token'] === $answer) {
            echo GWF_HTML::message($chall->lang('title'), $chall->lang('msg_reset_own', array(htmlspecialchars($solution['ttr_email']))));
            return;
        }
    }
    # Now lets check "THE" solution
    $solution = TTR2_Tokens::getSolution($sessid);
    $chall->setSolution($solution['ttr_token']);
    $chall->onSolve(GWF_User::getStaticOrGuest(), $answer);
}
예제 #4
0
파일: vuln.php 프로젝트: sinfocol/gwf3 
/**
 * Get the correct solution.
 * This counts as one attemp.
 * @return string|false
 */
function blightGetHash()
{
    blightCountUp();
    # 1 attemp
    $db = blightDB();
    $sessid = GWF_Session::getSessSID();
    $query = "SELECT password FROM blight WHERE sessid={$sessid}";
    if (false === ($result = $db->queryFirst($query))) {
        return false;
    }
    return $result['password'];
}