/** * send new password * @input post data * @return mixed [0] 1:success | 2:login failed | 3:spamer [max|try|time] */ public function CheckEmail() { $registry = TRegistry::GetInstance(); $trylog = new TTryLog(); $time = $registry->GetValue(ROOT_SYSTEM, 'login_ignore_time'); // check login try $try = $trylog->Check(TRY_PASSWORD, $time); // get max try ; $max_try = $registry->GetValue(ROOT_SYSTEM, 'login_max_try'); // check is try more than max try if ($try <= $max_try) { // can login // log try $trylog->Log(TRY_PASSWORD); // check input length if (strlen($_POST['manager_username']) < 3 || empty($_POST['manager_email'])) { // take access $ret[0] = 2; return $ret; } $sql = "SELECT * FROM %table% WHERE \n manager_username = :username AND manager_email = :email ;"; $result = $this->db->Select($sql, array('manager'), array('type' => 'ss', ":username" => $_POST['manager_username'], ":email" => $_POST['manager_email'])); //manager access control init if (count($result) == 1) { //sending $ret['passwd'] = THash::SaltGenerator(8); // update last login $this->db->Update('manager', array('type' => 'i', "manager_password" => Password($ret['passwd'])), "manager_id = '{$result[0]['manager_id']}'"); $ret[0] = 1; return $ret; } else { //not send $ret[0] = 2; return $ret; } } else { // can't login $ret[0] = 3; $ret['max'] = $max_try; $ret['time'] = $time; // and show error return $ret; } }
die("Toos is installed before than <br /> Please check db or choose " . "another prefix for install other system inside installed " . "system(s)"); } } catch (Exception $exc) { echo $exc->getTraceAsString(); die('<br /> We can connect to Database please check your input'); } // replace value for write on config file $f_content = str_replace('%url%', trim($_POST['url'], '/') . '/', $f_content); $f_content = str_replace('%host%', $_POST['dbhost'], $f_content); $f_content = str_replace('%user%', $_POST['dbuser'], $f_content); $f_content = str_replace('%pass%', $_POST['dbpass'], $f_content); $f_content = str_replace('%db%', $_POST['dbname'], $f_content); $f_content = str_replace('%prefix%', $_POST['dbprf'], $f_content); // generate random salt $f_content = str_replace('%salt1%', THash::SaltGenerator(32), $f_content); $f_content = str_replace('%salt2%', THash::SaltGenerator(32), $f_content); // write config file $f_name = '../tconfig.php'; $f_handle = fopen($f_name, 'w'); $is_write = fwrite($f_handle, $f_content); fclose($f_handle); // check if writed on cconfig redirect on next step if ($is_write !== false) { header("location: systemSetting.php"); exit; } ob_end_flush(); // else show this follwing form to user. ?> <!DOCTYPE html> <html>
/** * * @param string real $password * @return string hashed password */ function Password($password) { $ret = THash::Create('sha256', $password); $ret = THash::Create('md5', $ret); return $ret; }