function scrambleString($s)
{
global $validCharList;
$sRet = "";
if (!isset($s) || empty($s)) {
return $s;
}
$str = encodePassword($s);
if (strlen($str) < 32) {
$sRet .= dummyString;
}
for ($iR = strlen($str) - 1; $iR >= 0; $iR--) {
//
// Reverse string.
//
$sRet .= substr($str, $iR, 1);
}
if (strlen($sRet) < 32) {
$sRet .= dummyString;
}
$app = getRandomValidCharFromList();
$k = ord($app);
$l = $k + strlen($sRet) - 2;
$sRet = $app . $sRet;
for ($i1 = 1; $i1 < strlen($sRet); $i1++) {
$app2 = substr($sRet, $i1, 1);
$j = findCharInList($app2);
if ($j == -1) {
return $sRet;
}
$i = ($j + $l * ($i1 + 1)) % numValidCharList;
$car = $validCharList[$i];
$sRet = substr_replace($sRet, $car, $i1, 1);
}
$c = ord(getRandomValidCharFromList()) + 2;
$c2 = chr($c);
$sRet = $sRet . $c2;
return htmlspecialchars($sRet, ENT_QUOTES);
}
$fullData = false;
$username = trim($_POST["identifiant"]);
$password = trim($_POST["motdepasse"]);
$email = trim($_POST["email"]);
$nameMainPlanet = trim($_POST["PM"]);
$id_language = (int) $_POST['Lang'];
if (isset($username) && respectsLengthWord($username, ">=", 3) && isset($password) && respectsLengthWord($password, ">=", 3) && isset($email) && respectsLengthWord($email, ">=", 3) && isset($nameMainPlanet) && respectsLengthWord($nameMainPlanet, ">=", 3) && isset($id_language)) {
$fullData = true;
}
//Toutes les informations sont complètes...
if ($fullData) {
if (!UtilisateurDAO::userExistByUsernameAndEmail($username, $email)) {
//Création planète
$p = new Planet();
$p->assignValueDefault();
//Création utilisateur
$u = new User();
$u->id_language = $id_language;
$u->username = $username;
$u->hash_password = encodePassword($password);
$u->email = $email;
UtilisateurDAO::add($u);
$message = $lang['sign_finish'] . "" . $username . "" . $lang['return_mail'];
MessageSIWE::showAjaxMessage($message, $lang['title_sign'] . $lang['title_game'], null, MessageSIWE::MESSAGE_SUCCESS);
} else {
MessageSIWE::showAjaxMessage($lang['error_isset_user'], $lang['title_sign'], null, MessageSIWE::MESSAGE_ERROR);
}
} else {
MessageSIWE::showAjaxMessage($lang['error_champs_empty'], $lang['title_sign'] . $lang['title_game'], null, MessageSIWE::MESSAGE_ERROR);
}
<?php
ob_start();
$fullData = false;
$username = trim($_POST["identifiant"]);
$password = $_POST["motdepasse"];
if (isset($username) && respectsLengthWord($username, ">=", 3) && isset($password) && respectsLengthWord($password, ">=", 3)) {
$fullData = true;
}
//Toutes les informations sont complètes...
if ($fullData) {
$user = UtilisateurDAO::getUserByLogins($username, encodePassword($password));
//Si les données sont exactes, on va alors tenté la redirection
if (isset($user) && $user->id_user > 0) {
$_SESSION = array();
$_SESSION["id"] = $user->id_user;
echo "<script>window.location = '" . $_SERVER['HTTP_REFERER'] . "';</script>";
exit;
} else {
MessageSIWE::showAjaxMessage($lang['error_write_conn'], $lang['title_conn'] . $lang['title_game'], null, MessageSIWE::MESSAGE_ERROR);
}
} else {
MessageSIWE::showAjaxMessage($lang['error_champs_empty'], $lang['title_conn'] . $lang['title_game'], null, MessageSIWE::MESSAGE_ERROR);
}
ob_end_flush();
$bytes = false;
}
}
// let's just hope we got a good seed
if (false === $bytes) {
$bytes = hash('sha256', uniqid(mt_rand(), true), true);
}
return base_convert(bin2hex($bytes), 16, 36);
}
// encode Password
function encodePassword($raw, $salt)
{
$algorithm = 'sha512';
$encodeHashAsBase64 = false;
$iterations = 1;
if (!in_array($algorithm, hash_algos(), true)) {
throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $algorithm));
}
#$salt = base_convert(sha1(uniqid(mt_rand(), true)), 16, 36);
$salted = mergePasswordAndSalt($raw, $salt);
$digest = hash($algorithm, $salted, true);
// "stretch" hash
for ($i = 1; $i < $iterations; $i++) {
$digest = hash($algorithm, $digest . $salted, true);
}
return $encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);
}
$salt = base_convert(sha1(uniqid(mt_rand(), true)), 16, 36);
$token = generateToken();
encodePassword('password', $salt);
function UpdateHttpProxy($idSess, $proxyHost, $proxyPort, $userNameProxy, $passwordNameProxy, $rememberProxyAuth)
{
include "builder.cfg";
$queryCheck = "SELECT `password` from httpProxy WHERE idSession='{$idSess}' ";
$executeQueryCheck = @mysql_query($queryCheck);
$checkPwd = mysql_fetch_array($executeQueryCheck);
if ($checkPwd['password'] != $passwordNameProxy) {
$passwordNameProxy = encodePassword($passwordNameProxy);
}
$result = false;
$queryProxy = "UPDATE httpProxy SET `host`='{$proxyHost}' , `port`='{$proxyPort}' , `username`='{$userNameProxy}' , `password`='{$passwordNameProxy}' , `remember`='{$rememberProxyAuth}' WHERE idSession='{$idSess}'";
$execute = @mysql_query($queryProxy);
$update = @mysql_affected_rows();
$query = "Select * FROM `httpProxy` WHERE idSession='{$idSess}' ";
$execQuery = @mysql_query($query);
$exist = mysql_num_rows($execQuery);
if ($exist > 0) {
$result = true;
@mysql_close($dbconn);
}
if (!$execute) {
$result = false;
}
return $result;
}
$fetch = mysql_fetch_array($res);
$resultat = intval($fetch["res"]);
if ($resultat < 1) {
$password = encodePassword($password);
createUser($login, $password);
echo buildJSONResponse(array("create" => "ok", "login" => $login, "password" => $password));
} else {
echo returnErrorCode(2);
}
} else {
echo returnErrorCode(1);
}
} else {
if (isset($_GET['type']) && $_GET['type'] == "user" && isset($_GET['action']) && $_GET['action'] == 'auth') {
if (check($login) == 1) {
$password = encodePassword($password);
if (authenticate($login, $password)) {
echo buildJSONResponse(array("create" => "ok", "login" => $login, "password" => $password));
} else {
echo returnErrorCode(2);
}
} else {
echo returnErrorCode(1);
}
} else {
if (isset($_GET['type']) && $_GET['type'] == "user" && isset($_GET['action']) && $_GET['action'] == "explore") {
if (check($login) == 1) {
if (authenticate($login, $password)) {
echo buildJSONResponse(array("create" => "ok", "projets" => listProjects($login)));
} else {
echo returnErrorCode(2);