public function newstate()
{
$this->start_session();
$state = md5rand();
$_SESSION['state'] = $state;
$_SESSION['sessdata'] = $this->sessdata;
session_write_close();
return $state;
}
public function checkpassword($p)
{
if ($this->password != md5($this->login . litepublisher::$secret . $p . litepublisher::$options->solt)) {
return false;
}
$login = md5rand();
$password = md5($login . litepublisher::$secret . $this->password . litepublisher::$options->solt);
$cookie = $login . '.' . $password;
$expired = isset($_POST['remember']) ? time() + 31536000 : time() + 8 * 3600;
setcookie($this->getcookiename(), $cookie, $expired, litepublisher::$site->subdir . '/', false);
return true;
}
public function check_ftp_root()
{
$temp = litepublisher::$paths->data . md5rand();
file_put_contents($temp, ' ');
@chmod($temp, 0666);
$filename = str_replace('\\\\', '/', $temp);
$filename = str_replace('\\', '/', $filename);
$this->filer->chdir('/');
if ($this->ftproot == '' || !strbegin($filename, $this->ftproot) || !$this->filer->exists(substr($filename, strlen($this->ftproot)))) {
$this->ftproot = $this->find_ftp_root($temp);
$this->save();
}
unlink($temp);
}
public function reguser($email, $name)
{
$email = strtolower(trim($email));
if (!tcontentfilter::ValidateEmail($email)) {
return $this->error(tlocal::get('comment', 'invalidemail'));
}
if (substr_count($email, '.', 0, strpos($email, '@')) > 2) {
return $this->error(tlocal::get('comment', 'invalidemail'));
}
$users = tusers::i();
if ($id = $users->emailexists($email)) {
if ('comuser' != $users->getvalue($id, 'status')) {
return $this->error(tlocal::i()->invalidregdata);
}
}
tsession::start('reguser-' . md5(litepublisher::$options->hash($email)));
$_SESSION['email'] = $email;
$_SESSION['name'] = $name;
$confirm = md5rand();
$_SESSION['confirm'] = $confirm;
$password = md5uniq();
$_SESSION['password'] = $password;
$_SESSION['backurl'] = isset($_GET['backurl']) ? $_GET['backurl'] : '';
session_write_close();
$args = new targs();
$args->name = $name;
$args->email = $email;
$args->confirm = $confirm;
$args->password = $password;
$args->confirmurl = litepublisher::$site->url . '/admin/reguser/' . litepublisher::$site->q . 'email=' . urlencode($email);
tlocal::usefile('mail');
$lang = tlocal::i('mailusers');
$theme = ttheme::i();
$subject = $theme->parsearg($lang->subject, $args);
$body = $theme->parsearg($lang->body, $args);
tmailer::sendmail(litepublisher::$site->name, litepublisher::$options->fromemail, $name, $email, $subject, $body);
return true;
}
public function restore($email)
{
$lang = tlocal::admin('password');
$email = strtolower(trim($email));
if (empty($email)) {
return $this->error($lang->error);
}
$id = $this->getiduser($email);
if (!$id) {
return $this->error($lang->error);
}
$args = new targs();
tsession::start('password-restore-' . md5(litepublisher::$options->hash($email)));
if (!isset($_SESSION['count'])) {
$_SESSION['count'] = 1;
} else {
if ($_SESSION['count']++ > 3) {
return $this->error($lang->outofcount);
}
}
$_SESSION['email'] = $email;
$password = md5uniq();
$_SESSION['password'] = $password;
$_SESSION['confirm'] = md5rand();
$args->confirm = $_SESSION['confirm'];
session_write_close();
$args->email = urlencode($email);
if ($id == 1) {
$name = litepublisher::$site->author;
} else {
$item = tusers::i()->getitem($id);
$args->add($item);
$name = $item['name'];
}
$args->password = $password;
tlocal::usefile('mail');
$lang = tlocal::i('mailpassword');
$theme = ttheme::i();
$subject = $theme->parsearg($lang->subject, $args);
$body = $theme->parsearg($lang->body, $args);
tmailer::sendmail(litepublisher::$site->name, litepublisher::$options->fromemail, $name, $email, $subject, $body);
return true;
}
public function gettempname($parts)
{
return 'tmp.' . md5rand() . '.' . $parts['filename'] . (empty($parts['extension']) ? '' : '.' . $parts['extension']);
}