function gen_token($username, $password) { $safe = array(); $safe['username'] = Validation::sanitize_html($username); $safe['password'] = Validation::sanitize_html($password); if (!$Login->verify_login(array('username' => $safe['username'], 'password' => $safe['password']))) { return false; } if (require FILE_KEYS == false) { return false; } $token = Crypt::get_hash($safe['username'], $_KEYS[2]); return $token; }
$node = $obj->addGodChild('user', array('username' => $_POST['username'])); $node->addChild('id', 0); $node->addChild('session_fail_count', 0); $node->addChild('session_date', 0); $obj->asXml(FILE_XML_USERS); // shadow.php $new_salt = Text::random_text(11); $new_hash = Crypt::get_hash($_POST['password'], $new_salt); $text = '<?php $_USER[0]["uid"] = "0"; $_USER[0]["username"] = "******"; $_USER[0]["password"] = "******"; $_USER[0]["salt"] = "' . $new_salt . '"; $_USER[0]["email"] = "' . $_POST['email'] . '"; ?>'; $file = fopen(FILE_SHADOW, 'w'); fputs($file, $text); fclose($file); // keys.php $key1 = Crypt::get_hash(Text::random_text(11)); $key2 = Crypt::get_hash(Text::random_text(11)); $key3 = Crypt::get_hash(Text::random_text(11)); $text = '<?php $_KEYS[0] = "nibbl' . $key1 . '"; $_KEYS[1] = "eblog' . $key2 . '"; $_KEYS[2] = "rulez' . $key3 . '"; ?>'; $file = fopen(FILE_KEYS, 'w'); fputs($file, $text); fclose($file); // welcome post $content = '<p>' . $_LANG['WELCOME_POST_LINE1'] . '</p>'; $content .= '<p>' . $_LANG['WELCOME_POST_LINE2'] . '</p>'; $content .= '<p>' . $_LANG['WELCOME_POST_LINE3'] . '</p>'; $_DB_POST = new DB_POSTS(FILE_XML_POSTS); $_DB_POST->add(array('id_user' => 0, 'id_cat' => 0, 'type' => 'simple', 'description' => $_LANG['WELCOME_POST_TITLE'], 'title' => $_LANG['WELCOME_POST_TITLE'], 'content' => $content, 'allow_comments' => '1', 'sticky' => '0', 'slug' => 'welcome-post')); // Plugins $plugins = array('pages', 'categories', 'latest_posts'); foreach ($plugins as $plugin) { include_once PATH_PLUGINS . $plugin . '/plugin.bit'; $class = 'PLUGIN_' . strtoupper($plugin);
public function set_hash() { $hash = Crypt::get_hash(time(), time()); Session::set('hash', $hash); }
$key_for_sync = Crypt::get_hash($_KEYS[1]); if ($url['sync'] != $key_for_sync) { exit(json_encode(array('error' => 'Nibbleblog: Error key for sync'))); } // Prevent flood requests // $_DB_USERS->set_blacklist(); if ($url['other'] == 'status') { $posts = $_DB_POST->get_list_by_page(array('page' => 0, 'amount' => $POSTS_TO_SYNC)); $posts = array_reverse($posts); $tmp = array('posts' => array(), 'mark' => $mark); foreach ($posts as $post) { $time = max($post['pub_date_unix'], $post['mod_date_unix']); $sync = array(); $sync['id'] = $post['id']; $sync['time'] = $time; $sync['hash'] = Crypt::get_hash(json_encode($post)); $sync['post'] = post_to_json($post, false); array_push($tmp['posts'], $sync); } echo json_encode($tmp); } elseif ($url['other'] == 'post') { // Get the post $post = $_DB_POST->get(array('id' => $url['id_post'])); // Post to Json echo post_to_json($post); } elseif ($url['other'] == 'latest') { $list = $_DB_POST->get_list_by_page(array('page' => 0, 'amount' => 5)); $tmp = array(); foreach ($list as $post) { array_push($tmp, post_to_json($post, false)); }