Exemplo n.º 1
0
function init()
{
    global $MayBeDuplicate;
    if (get_magic_quotes_gpc()) {
        bw_error("The software is not meant to work with PHP magic_quotes_gpc = On. Please turn it Off (probably in php.ini).");
    }
    $phpexts = get_loaded_extensions();
    if (!in_array("gd", $phpexts)) {
        bw_error("Install GD module in PHP before going on.");
    }
    if (isset($_SERVER["SERVERNAME"])) {
        // This is only to be done for interactive session (typically mailbot.php, run by a cron gives an error for this)
        $apacheexts = apache_get_modules();
        if (!in_array("mod_rewrite", $apacheexts)) {
            bw_error("Install mod_rewrite module in Apache before going on.");
        }
    }
    if (version_compare(phpversion(), "5.0.0") < 0) {
        bw_error("PHP version is lower than 5.0.0. Please update. ");
    }
    SetupSession();
    DBConnect();
    // a duplicate use by several users has been detected
    if (!empty($MayBeDuplicate)) {
        LogStr($MayBeDuplicate);
    }
    LanguageChangeTest();
    // evaluate the events (messages received, keep uptodate whoisonline ...)
    EvaluateMyEvents();
    // Check if the navigation of the user must be logged
    if (HasFlag("RecordLogs")) {
        $url = $_SERVER['PHP_SELF'];
        if (!empty($_SERVER['QUERY_STRING'])) {
            $url .= "?" . $_SERVER['QUERY_STRING'];
        }
        LogStr("url=" . $url, "RecordLogs");
    }
}
Exemplo n.º 2
0
<?php

session_start();
require_once 'config.php';
$isSuccess = false;
$isValid = false;
$expired = '';
$token = htmlspecialchars($_GET["token"]);
if (isset($_SESSION['current_user']['login_username'])) {
    header("Location: photography.php");
    return;
}
$isValid = SetupSession($token);
if (isset($_POST['changePass'])) {
    resetPassword($_POST['newpass']);
}
function SetupSession($token)
{
    $conn = mysqli_connect(db_host, db_user, db_pass, db_name);
    if (mysqli_connect_errno()) {
        echo "Error connecting to database";
        return false;
    }
    $currentDate = date('m/d/Y h:i:s a', time());
    $query = "SELECT DISTINCT * FROM users WHERE token = '" . $token . "' AND tokenexpiration >= '" . $currentDate . "'";
    $result = mysqli_fetch_assoc(mysqli_query($conn, $query));
    if (!$result) {
        mysqli_close($conn);
        echo "Error connecting to database";
        return false;
    }