function login() { if (!isset($_POST['name']) || !isset($_POST['pass'])) { http_status_code(HTTP_BAD_REQUEST); echo 'name and pass params required'; } $userInfo = getUserRow($_POST['name']); if (count($userInfo) != 1) { return; } $userInfo = $userInfo[0]; if (!password_verify($_POST['pass'], $userInfo['pass'])) { return; } setSessionUser($userInfo['id'], $userInfo['name']); }
<?php /* * ReDonate is more free software. It is licensed under the WTFPL, which * allows you to do pretty much anything with it, without having to * ask permission. Commercial use is allowed, and no attribution is * required. We do politely request that you share your modifications * to benefit other developers, but you are under no enforced * obligation to do so :) * * Please read the accompanying LICENSE document for the full WTFPL * licensing text. */ $_APP = true; require "includes/base.php"; $sPageTitle = ""; $sPageContents = ""; $sError = ""; $router = new CPHPRouter(); $router->allow_slash = true; $router->ignore_query = true; $router->routes = array(0 => array("^/\$" => array('target' => "modules/index.php", '_padded' => false), "^/sign-up\$" => "modules/signup.php", "^/login\$" => "modules/login.php", "^/about\$" => "modules/about.php", "^/logout/([a-zA-Z0-9]+)\$" => "modules/logout.php", "^/confirm/(.+)/([a-zA-Z0-9]+)\$" => "modules/confirm.php", "^/create\$" => array('target' => "modules/campaign/create.php", 'authenticator' => "authenticators/user.php", 'auth_error' => "modules/error/guest.php"), "^/dashboard\$" => array('target' => "modules/dashboard.php", 'authenticator' => "authenticators/user.php", 'auth_error' => "modules/error/guest.php"), "^/dashboard/([a-zA-Z0-9-]+)\$" => array('target' => "modules/campaign/dashboard.php", 'authenticator' => "authenticators/user.php", 'auth_error' => "modules/error/guest.php"), "^/dashboard/([a-zA-Z0-9-]+)/add-payment-method\$" => array('target' => "modules/campaign/addmethod.php", 'authenticator' => "authenticators/user.php", 'auth_error' => "modules/error/guest.php"), "^/dashboard/([a-zA-Z0-9-]+)/remove-payment-method/([0-9]+)\$" => array('target' => "modules/campaign/removemethod.php", 'authenticator' => "authenticators/user.php", 'auth_error' => "modules/error/guest.php"), "^/dashboard/([a-zA-Z0-9-]+)/change-settings\$" => array('target' => "modules/campaign/changesettings.php", 'authenticator' => "authenticators/user.php", 'auth_error' => "modules/error/guest.php"), "^/pay/(.+)/([0-9]+)/([a-zA-Z0-9]+)/(.+)/done\$" => array('target' => "modules/payment/notify_done.php", 'authenticator' => "authenticators/payment.php", 'auth_error' => "modules/error/nosuchpayment.php"), "^/pay/(.+)/([0-9]+)/([a-zA-Z0-9]+)/skip\$" => array('target' => "modules/payment/notify_skip.php", 'authenticator' => "authenticators/payment.php", 'auth_error' => "modules/error/nosuchpayment.php"), "^/pay/(.+)/([0-9]+)/([a-zA-Z0-9]+)/paypal\$" => array('target' => "modules/payment/paypal.php", 'authenticator' => "authenticators/payment.php", 'auth_error' => "modules/error/nosuchpayment.php"), "^/pay/(.+)/([0-9]+)/([a-zA-Z0-9]+)/bitcoin\$" => array('target' => "modules/payment/bitcoin.php", 'authenticator' => "authenticators/payment.php", 'auth_error' => "modules/error/nosuchpayment.php"), "^/pay/(.+)/([0-9]+)/([a-zA-Z0-9]+)/([0-9]+)\$" => array('target' => "modules/payment/other.php", 'authenticator' => "authenticators/payment.php", 'auth_error' => "modules/error/nosuchpayment.php"), "^/change/(.+)/([0-9]+)/([a-zA-Z0-9]+)\$" => array('target' => "modules/change.php", 'authenticator' => "authenticators/change.php", 'auth_error' => "modules/error/nosuchchange.php"), "^/manage/(.+?)/([a-zA-Z0-9]+)/change-amount\$" => array('target' => "modules/subscription/change_amount.php", 'authenticator' => "authenticators/subscription.php", 'auth_error' => "modules/error/nosuchsubscription.php"), "^/manage/(.+?)/([a-zA-Z0-9]+)/unsubscribe\$" => array('target' => "modules/subscription/unsubscribe.php", 'authenticator' => "authenticators/subscription.php", 'auth_error' => "modules/error/nosuchsubscription.php"), "^/manage/(.+?)/([a-zA-Z0-9]+)[.]?\$" => array('target' => "modules/subscription/manage.php", 'authenticator' => "authenticators/subscription.php", 'auth_error' => "modules/error/nosuchsubscription.php"), "^/campaign/([a-zA-Z0-9-]+)\$" => array('target' => "modules/landing.php", '_resizable' => true), "^/campaign/([a-zA-Z0-9-]+)/subscribe\$" => array('target' => "modules/subscribe.php", '_resizable' => true), "^/campaign/([a-zA-Z0-9-]+)/donate/([0-9]+)\$" => array('target' => "modules/donate.php", '_resizable' => true), "^/thanks/([a-zA-Z0-9-]+)\$" => "modules/thanks.php", "^/test\$" => "modules/test.php")); try { $router->RouteRequest(); } catch (RouterException $e) { http_status_code(404); $sPageTitle = "Page not found"; $sPageContents = NewTemplater::Render("404", $locale->strings, array()); } echo NewTemplater::Render("layout", $locale->strings, array("contents" => $sPageContents, "title" => $sPageTitle, "padded" => isset($router->uVariables['padded']) ? $router->uVariables['padded'] : true, "resizable" => !empty($router->uVariables['resizable'])));
/* * ReDonate is more free software. It is licensed under the WTFPL, which * allows you to do pretty much anything with it, without having to * ask permission. Commercial use is allowed, and no attribution is * required. We do politely request that you share your modifications * to benefit other developers, but you are under no enforced * obligation to do so :) * * Please read the accompanying LICENSE document for the full WTFPL * licensing text. */ $_APP = true; require "includes/base.php"; if (php_sapi_name() !== "cli") { http_status_code(403); die; } /* This cronjob will send out donation reminder e-mails for every user * that hasn't received an e-mail in the past month. It will also * re-generate statistics for every campaign, and store them in the * historical statistics logs. */ /* First, we will update the exchange rates. */ Currency::UpdateRates(); /* Then, we'll start out sending reminder e-mails. */ try { $sSubscriptions = Subscription::CreateFromQuery("SELECT * FROM subscriptions WHERE `Confirmed` = 1 AND `Active` = 1 AND (`LastEmail` IS NULL OR `LastEmail` < DATE_SUB(NOW(), INTERVAL 1 MONTH))"); } catch (NotFoundException $e) { $sSubscriptions = array(); }