当前位置: 首页>>代码示例>>PHP>>正文


PHP make_passhash函数代码示例

本文整理汇总了PHP中make_passhash函数的典型用法代码示例。如果您正苦于以下问题:PHP make_passhash函数的具体用法?PHP make_passhash怎么用?PHP make_passhash使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了make_passhash函数的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: implode

    }
    return 'DELETE ' . implode(', ', $tables) . " FROM " . implode(' ', $joins) . " WHERE t1.id='{$userid}' AND t1.class < '{$maxclass}';";
}
//==
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $username = trim(htmlsafechars($_POST["username"]));
    $password = trim(htmlsafechars($_POST["password"]));
    if (!$username || !$password) {
        stderr("{$lang['text_error']}", "{$lang['text_please']}");
    }
    $res = sql_query("SELECT id, secret, passhash FROM users WHERE username=" . sqlesc($username) . "") or sqlerr(__FILE__, __LINE__);
    if (mysqli_num_rows($res) != 1) {
        stderr("{$lang['text_error']}", "{$lang['text_bad']}");
    }
    $arr = mysqli_fetch_assoc($res);
    $wantpasshash = make_passhash($arr['secret'], md5($password));
    if ($arr['passhash'] != $wantpasshash) {
        stderr("{$lang['text_error']}", "{$lang['text_bad']}");
    }
    $userid = (int) $arr['id'];
    $res = sql_query(account_delete($userid)) or sqlerr(__FILE__, __LINE__);
    //$res = sql_query("DELETE FROM users WHERE id=" . sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
    if (mysqli_affected_rows($GLOBALS["___mysqli_ston"]) !== false) {
        $mc1->delete_value('MyUser_' . $userid);
        $mc1->delete_value('user' . $userid);
        write_log("User: {$username} Was deleted by {$CURUSER['username']}");
        stderr("{$lang['stderr_success']}", "{$lang['text_success']}");
    } else {
        stderr($lang['text_error'], $lang['text_unable']);
    }
}
开发者ID:Bigjoos,项目名称:U-232-V5,代码行数:31,代码来源:delacct.php

示例2: isset

 }
 $email = isset($_POST["mail"]) ? htmlsafechars($_POST["mail"]) : "";
 if (empty($email)) {
     stderr("Error", "No email adress, you forgot about that?");
 }
 if (!validemail($email)) {
     stderr("Error", "That dosen't look like an email adress");
 }
 check_banned_emails($email);
 //==Check if username or password already exists
 $var_check = sql_query("SELECT id, editsecret FROM users where username=" . sqlesc($username) . " OR email=" . sqlesc($email)) or sqlerr(__FILE__, __LINE__);
 if (mysqli_num_rows($var_check) == 1) {
     stderr("Error", "Username or password already exists");
 }
 $secret = mksecret();
 $passhash = make_passhash($secret, md5($password));
 //$editsecret = make_passhash_login_key();
 $editsecret = EMAIL_CONFIRM ? make_passhash_login_key() : "";
 $res = sql_query("INSERT INTO users(username, passhash, secret, editsecret, email, added, uploaded, invites, seedbonus) VALUES (" . implode(",", array_map("sqlesc", array($username, $passhash, $secret, $editsecret, $email, TIME_NOW, $ar_check["bonus_upload"] * 1073741824, $ar_check["bonus_invites"], $ar_check["bonus_karma"]))) . ") ") or sqlerr(__FILE__, __LINE__);
 if ($res) {
     //==Updating promo table
     $userid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res;
     $users = empty($ar_check["users"]) ? $userid : $ar_check["users"] . "," . $userid;
     sql_query("update promo set accounts_made=accounts_made+1 , users=" . sqlesc($users) . " WHERE id=" . sqlesc($ar_check["id"])) or sqlerr(__FILE__, __LINE__);
     //==Email part :)
     $sec = $editsecret;
     $subject = $INSTALLER09['site_name'] . " user registration confirmation";
     $message = "Hi!\n\t\t\t\t\t\tYou used the link from promo " . htmlsafechars($ar_check["name"]) . " and registred a new account at {$INSTALLER09['site_name']}\n\t\t\t\t\t\t\t\n\t\t\t\t\t\tTo confirm your account click the link below\n\t\t\t\t\t\t{$INSTALLER09['baseurl']}/confirm.php?id=" . (int) $userid . "&secret={$sec}\n\n\t\t\t\t\t\tWelcome and enjoy your stay \n\t\t\t\t\t\tStaff at {$INSTALLER09['site_name']}";
     $headers = 'From: ' . $INSTALLER09['site_email'] . "\r\n" . 'Reply-To:' . $INSTALLER09['site_email'] . "\r\n" . 'X-Mailer: PHP/' . phpversion();
     $mail = @mail($email, $subject, $message, $headers);
     stderr("Success!", "Account was created! and an email was sent to <b>" . htmlsafechars($email) . "</b>, you can use your account once you confirm the email!");
开发者ID:Bigjoos,项目名称:U-232-V5,代码行数:31,代码来源:promo.php

示例3: class_check

}
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'password_functions.php';
require_once CLASS_DIR . 'class_check.php';
class_check(UC_ADMINISTRATOR);
$lang = array_merge($lang, load_language('ad_adduser'));
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $insert = array('username' => '', 'email' => '', 'secret' => '', 'passhash' => '', 'status' => 'confirmed', 'added' => TIME_NOW, 'last_access' => TIME_NOW);
    if (isset($_POST['username']) && strlen($_POST['username']) >= 5) {
        $insert['username'] = $_POST['username'];
    } else {
        stderr($lang['std_err'], $lang['err_username']);
    }
    if (isset($_POST['password']) && isset($_POST['password2']) && strlen($_POST['password']) > 6 && $_POST['password'] == $_POST['password2']) {
        $insert['secret'] = mksecret();
        $insert['passhash'] = make_passhash($insert['secret'], md5($_POST['password']));
    } else {
        stderr($lang['std_err'], $lang['err_password']);
    }
    if (isset($_POST['email']) && validemail($_POST['email'])) {
        $insert['email'] = $_POST['email'];
    } else {
        stderr($lang['std_err'], $lang['err_email']);
    }
    if (sql_query(sprintf('INSERT INTO users (username, email, secret, passhash, status, added, last_access) VALUES (%s)', join(', ', array_map('sqlesc', $insert))))) {
        $user_id = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res;
        stderr($lang['std_success'], sprintf($lang['text_user_added'], $user_id));
    } else {
        if ((is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false)) == 1062) {
            $res = sql_query(sprintf('SELECT id FROM users WHERE username = %s', sqlesc($insert['username']))) or sqlerr(__FILE__, __LINE__);
            if (mysqli_num_rows($res)) {
开发者ID:CharlieHD,项目名称:U-232-V3,代码行数:31,代码来源:adduser.php

示例4: bark

if (!$row) {
    bark();
}
if (!$row) {
    $ip = sqlesc(getip());
    $added = sqlesc(time());
    $fail = @mysql_fetch_row(@sql_query("select count(*) from failedlogins where ip={$ip}")) or sqlerr(__FILE__, __LINE__);
    if ($fail[0] == 0) {
        sql_query("INSERT INTO failedlogins (ip, added, attempts) VALUES ({$ip}, {$added}, 1)") or sqlerr(__FILE__, __LINE__);
    } else {
        sql_query("UPDATE failedlogins SET attempts = attempts + 1 where ip={$ip}") or sqlerr(__FILE__, __LINE__);
    }
    @fclose(@fopen('' . $INSTALLER09['dictbreaker'] . '/' . sha1($_SERVER['REMOTE_ADDR']), 'w'));
    bark();
}
if ($row['passhash'] != make_passhash($row['secret'], md5($password))) {
    $ip = sqlesc(getip());
    $added = sqlesc(time());
    $fail = @mysql_fetch_row(@sql_query("select count(*) from failedlogins where ip={$ip}")) or sqlerr(__FILE__, __LINE__);
    if ($fail[0] == 0) {
        sql_query("INSERT INTO failedlogins (ip, added, attempts) VALUES ({$ip}, {$added}, 1)") or sqlerr(__FILE__, __LINE__);
    } else {
        sql_query("UPDATE failedlogins SET attempts = attempts + 1 where ip={$ip}") or sqlerr(__FILE__, __LINE__);
    }
    @fclose(@fopen('' . $INSTALLER09['dictbreaker'] . '/' . sha1($_SERVER['REMOTE_ADDR']), 'w'));
    $to = $row["id"];
    $subject = "Failed login";
    $msg = "[color=red]Security alert[/color]\n Account: ID=" . $row['id'] . " Somebody (probably you, " . $username . " !) tried to login but failed!" . "\nTheir [b]Ip Address [/b] was : " . $ip . "\n If this wasn't you please report this event to a {$INSTALLER09['site_name']} staff member\n - Thank you.\n";
    $sql = "INSERT INTO messages (sender, receiver, msg, subject, added) VALUES('System', '{$to}', " . sqlesc($msg) . ", " . sqlesc($subject) . ", {$added});";
    $res = sql_query($sql) or sqlerr(__FILE__, __LINE__);
    stderr("Login failed !", "<b>Error</b>: Username or password entry incorrect <br />Have you forgotten your password? <a href='{$INSTALLER09['baseurl']}/resetpw.php'><b>Recover</b></a> your password !");
开发者ID:CharlieHD,项目名称:U-232-V2,代码行数:31,代码来源:takelogin.php

示例5: stderr

     }
     if ($chpassword != $passagain) {
         stderr("Error", $lang['takeeditcp_pass_not_match']);
     }
     $secret = mksecret();
     $passhash = make_passhash($secret, md5($chpassword));
     $updateset[] = "secret = " . sqlesc($secret);
     $updateset[] = "passhash = " . sqlesc($passhash);
     logincookie($CURUSER["id"], md5($passhash . $_SERVER["REMOTE_ADDR"]));
 }
 if ($email != $CURUSER["email"]) {
     if (!validemail($email)) {
         stderr("Error", $lang['takeeditcp_not_valid_email']);
     }
     $r = @sql_query("SELECT id FROM users WHERE email=" . sqlesc($email)) or sqlerr();
     if (mysql_num_rows($r) > 0 || $CURUSER["passhash"] != make_passhash($CURUSER['secret'], md5($chmailpass))) {
         stderr("Error", $lang['takeeditcp_address_taken']);
     }
     $changedemail = 1;
 }
 if ($secretanswer != '') {
     if (strlen($secretanswer) > 40) {
         stderr("Sorry", "secret answer is too long (max is 40 chars)");
     }
     if (strlen($secretanswer) < 6) {
         stderr("Sorry", "secret answer is too sort (min is 6 chars)");
     }
     $new_secret_answer = md5($secretanswer);
     $updateset[] = "hintanswer = " . sqlesc($new_secret_answer);
 }
 if (get_parked() == '1') {
开发者ID:CharlieHD,项目名称:U-232-V2,代码行数:31,代码来源:takeeditcp.php

示例6: register_account

function register_account($email, $password, $team_name, $country, $type = null, $phoneNo, $age, $eduI, $eduLevel, $fullName, $instanceID)
{
    if (!CONFIG_ACCOUNTS_SIGNUP_ALLOWED) {
        message_error('Registration is currently closed.');
    }
    if (empty($email) || empty($password) || empty($team_name)) {
        message_error('Please fill in all the details correctly.');
    }
    if (isset($type) && !is_valid_id($type)) {
        message_error('That does not look like a valid team type.');
    }
    if (strlen($team_name) > CONFIG_MAX_TEAM_NAME_LENGTH || strlen($team_name) < CONFIG_MIN_TEAM_NAME_LENGTH) {
        message_error('Your team name was too long or too short.');
    }
    validate_email($email);
    if (!allowed_email($email)) {
        message_error('Email not on whitelist. Please choose a whitelisted email or contact organizers.');
    }
    $num_countries = db_select_one('countries', array('COUNT(*) AS num'));
    if (!isset($country) || !is_valid_id($country) || $country > $num_countries['num']) {
        message_error('Please select a valid country.');
    }
    $user = db_select_one('users', array('id'), array('team_name' => $team_name, 'email' => $email), null, 'OR');
    if ($user['id']) {
        message_error('An account with this team name or email already exists.');
    }
    $user_id = db_insert('users', array('email' => $email, 'passhash' => make_passhash($password), 'team_name' => $team_name, 'added' => time(), 'enabled' => CONFIG_ACCOUNTS_DEFAULT_ENABLED ? '1' : '0', 'user_type' => isset($type) ? $type : 0, 'country_id' => $country, 'DOB' => $age, 'mobileNo' => $phoneNo, 'eduInstitution' => $eduI, 'eduLevel' => $eduLevel, 'fullName' => $fullName, 'instanceID' => $instanceID));
    // insertion was successful
    if ($user_id) {
        // log signup IP
        log_user_ip($user_id);
        // if account isn't enabled by default, display message and die
        if (!CONFIG_ACCOUNTS_DEFAULT_ENABLED) {
            message_generic('Signup successful', 'Thank you for registering!
            Your chosen email is: ' . htmlspecialchars($email) . '.
            Make sure to check your spam folder as emails from us may be placed into it.
            Please stay tuned for updates!');
        } else {
            return true;
        }
    }
    // no rows were inserted
    return false;
}
开发者ID:ZlhlmChZ,项目名称:source-code-mell,代码行数:44,代码来源:session.inc.php

示例7: validate_captcha

        }
    }
    // stage 1, part 2
    if ($_POST['action'] == 'reset_password') {
        if (CONFIG_RECAPTCHA_ENABLE_PUBLIC) {
            validate_captcha();
        }
        $user = db_select_one('users', array('id', 'team_name', 'email'), array('email' => $_POST[md5(CONFIG_SITE_NAME . 'EMAIL')]));
        if ($user['id']) {
            $auth_key = hash('sha256', generate_random_string(128));
            db_insert('reset_password', array('added' => time(), 'user_id' => $user['id'], 'ip' => get_ip(true), 'auth_key' => $auth_key));
            $email_subject = 'Password recovery for team ' . htmlspecialchars($user['team_name']);
            // body
            $email_body = htmlspecialchars($user['team_name']) . ', please follow the link below to reset your password:' . "\r\n" . "\r\n" . CONFIG_SITE_URL . 'reset_password?action=choose_password&auth_key=' . $auth_key . '&id=' . $user['id'] . "\r\n" . "\r\n" . 'Regards,' . "\r\n" . CONFIG_SITE_NAME;
            // send details to user
            send_email(array($user['email']), $email_subject, $email_body);
        }
        message_generic('Success', 'If the email you provided was found in the database, an email has now been sent to it with further instructions!');
    } else {
        if ($_POST['action'] == 'choose_password' && is_valid_id($auth['user_id'])) {
            $new_password = $_POST[md5(CONFIG_SITE_NAME . 'PWD')];
            if (empty($new_password)) {
                message_error('You can\'t have an empty password');
            }
            $new_passhash = make_passhash($new_password);
            db_update('users', array('passhash' => $new_passhash), array('id' => $auth['user_id']));
            db_delete('reset_password', array('user_id' => $auth['user_id']));
            message_generic('Success', 'Your password has been reset.');
        }
    }
}
开发者ID:azizjonm,项目名称:ctf-engine,代码行数:31,代码来源:reset_password.php

示例8: register_account

function register_account($email, $password, $team_name, $country, $type = null)
{
    if (!CONFIG_ACCOUNTS_SIGNUP_ALLOWED) {
        message_error(lang_get('registration_closed'));
    }
    if (empty($email) || empty($password) || empty($team_name)) {
        message_error(lang_get('please_fill_details_correctly'));
    }
    if (isset($type) && !is_valid_id($type)) {
        message_error(lang_get('invalid_team_type'));
    }
    if (strlen($team_name) > CONFIG_MAX_TEAM_NAME_LENGTH || strlen($team_name) < CONFIG_MIN_TEAM_NAME_LENGTH) {
        message_error('team_name_too_long_or_short');
    }
    validate_email($email);
    if (!allowed_email($email)) {
        message_error(lang_get('email_not_whitelisted'));
    }
    $num_countries = db_select_one('countries', array('COUNT(*) AS num'));
    if (!isset($country) || !is_valid_id($country) || $country > $num_countries['num']) {
        message_error(lang_get('please_supply_country_code'));
    }
    $user = db_select_one('users', array('id'), array('team_name' => $team_name, 'email' => $email), null, 'OR');
    if ($user['id']) {
        message_error(lang_get('user_already_exists'));
    }
    $user_id = db_insert('users', array('email' => $email, 'passhash' => make_passhash($password), 'team_name' => $team_name, 'added' => time(), 'enabled' => CONFIG_ACCOUNTS_DEFAULT_ENABLED ? '1' : '0', 'user_type' => isset($type) ? $type : 0, 'country_id' => $country));
    // insertion was successful
    if ($user_id) {
        // log signup IP
        log_user_ip($user_id);
        // signup email
        $email_subject = lang_get('signup_email_subject', array('site_name' => CONFIG_SITE_NAME));
        // body
        $email_body = lang_get('signup_email_success', array('team_name' => htmlspecialchars($team_name), 'site_name' => CONFIG_SITE_NAME, 'signup_email_availability' => CONFIG_ACCOUNTS_DEFAULT_ENABLED ? lang_get('signup_email_account_availability_message_login_now') : lang_get('signup_email_account_availability_message_login_later'), 'signup_email_password' => CONFIG_ACCOUNTS_EMAIL_PASSWORD_ON_SIGNUP ? lang_get('your_password_is') . ': ' . $password : lang_get('your_password_was_set')));
        // send details to user
        send_email(array($email), $email_subject, $email_body);
        // if account isn't enabled by default, display message and die
        if (!CONFIG_ACCOUNTS_DEFAULT_ENABLED) {
            message_generic(lang_get('signup_successful'), lang_get('signup_successful_text', array('email' => htmlspecialchars($email))));
        } else {
            return true;
        }
    }
    // no rows were inserted
    return false;
}
开发者ID:azizjonm,项目名称:ctf-engine,代码行数:47,代码来源:session.inc.php

示例9: mysql_query

        die;
    }
    $select = mysql_query('SELECT id, editsecret FROM users WHERE id = ' . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
    $fetch = mysql_fetch_assoc($select) or stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error8']}");
    if (empty($newpass)) {
        stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error9']}");
    }
    if ($newpass != $newpassagain) {
        stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error10']}");
    }
    if (strlen($newpass) < 6) {
        stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error11']}");
    }
    if (strlen($newpass) > 40) {
        stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error12']}");
    }
    $secret = mksecret();
    $newpassword = make_passhash($secret, md5($newpass));
    mysql_query('UPDATE users SET secret = ' . sqlesc($secret) . ', editsecret = "", passhash=' . sqlesc($newpassword) . ' WHERE id = ' . sqlesc($id) . ' AND editsecret = ' . sqlesc($fetch["editsecret"]));
    if (!mysql_affected_rows()) {
        stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error13']}");
    } else {
        stderr("{$lang['stderr_successhead']}", "{$lang['stderr_error14']} <a href='{$TBDEV['baseurl']}/login.php' class='altlink'><b>{$lang['stderr_error15']}</b></a> {$lang['stderr_error16']}", FALSE);
    }
} else {
    if (isset($_SESSION['captcha_time'])) {
        time() - $_SESSION['captcha_time'] < 10 ? exit($lang['captcha_spam']) : NULL;
    }
    $HTMLOUT .= "<script type='text/javascript' src='scripts/jquery.js'></script>\r\n    <script type='text/javascript' src='scripts/jquery.simpleCaptcha-0.2.js'></script>\r\n    <script type='text/javascript'>\r\n\t  \$(document).ready(function () {\r\n\t  \$('#captchalogin').simpleCaptcha();\r\n    });\r\n    </script>\r\n<p>{$lang['main_body']}</p>\r\n<br />\r\n<form method='post' action='" . $_SERVER['PHP_SELF'] . "?step=1'>\r\n<table border='1' cellspacing='0' cellpadding='10'>\r\n<tr>\r\n<td class='rowhead'>{$lang['main_email_add']}</td><td><input type='text' size='40' name='email' /></td></tr>\r\n<tr>\r\n<td class='rowhead' colspan='2' id='captchalogin'></td>\r\n</tr>\r\n<tr><td colspan='2' align='center'><input type='submit' value='{$lang['main_recover']}' style='height: 25px' /></td></tr></table>\r\n</form>";
    print stdhead('Reset Lost Password') . $HTMLOUT . stdfoot();
}
开发者ID:thefkboss,项目名称:U-232,代码行数:31,代码来源:resetpw.php

示例10: header

    header("Location: {$TBDEV['baseurl']}/index.php");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if ($_POST["username"] == "" || $_POST["password"] == "" || $_POST["email"] == "") {
        stderr("{$lang['stderr_error']}", "{$lang['text_missing']}");
    }
    if ($_POST["password"] != $_POST["password2"]) {
        stderr("{$lang['stderr_error']}", "{$lang['text_passwd']}");
    }
    if (!validemail($_POST['email'])) {
        stderr("{$lang['stderr_error']}", "{$lang['text_email']}");
    }
    $username = sqlesc($_POST["username"]);
    $password = $_POST["password"];
    $email = sqlesc($_POST["email"]);
    $secret = mksecret();
    $passhash = sqlesc(make_passhash($secret, md5($password)));
    $secret = sqlesc($secret);
    $time_now = time();
    @mysql_query("INSERT INTO users (added, last_access, secret, username, passhash, status, email) VALUES({$time_now}, {$time_now}, {$secret}, {$username}, {$passhash}, 'confirmed', {$email})") or sqlerr(__FILE__, __LINE__);
    $res = @mysql_query("SELECT id FROM users WHERE username={$username}");
    $arr = mysql_fetch_row($res);
    if (!$arr) {
        stderr("{$lang['stderr_error']}", "{$lang['text_username']}");
    }
    header("Location: {$TBDEV['baseurl']}/userdetails.php?id={$arr['0']}");
    die;
}
$HTMLOUT = '';
$HTMLOUT .= "<h1>{$lang['text_adduser']}</h1>\r\n    <br />\r\n    <form method='post' action='admin.php?action=adduser'>\r\n    <table border='1' cellspacing='0' cellpadding='5'>\r\n    <tr><td class='rowhead'>{$lang['table_username']}</td><td><input type='text' name='username' size='40' /></td></tr>\r\n    <tr><td class='rowhead'>{$lang['table_password']}</td><td><input type='password' name='password' size='40' /></td></tr>\r\n    <tr><td class='rowhead'>{$lang['table_repasswd']}</td><td><input type='password' name='password2' size='40' /></td></tr>\r\n    <tr><td class='rowhead'>{$lang['table_email']}</td><td><input type='text' name='email' size='40' /></td></tr>\r\n    <tr><td colspan='2' align='center'><input type='submit' value='{$lang['btn_okay']}' class='btn' /></td></tr>\r\n    </table>\r\n    </form>";
print stdhead("{$lang['stdhead_adduser']}") . $HTMLOUT . stdfoot();
开发者ID:thefkboss,项目名称:U-232,代码行数:31,代码来源:adduser.php

示例11: db_update

                db_update('users', array('2fa_status' => 'enabled'), array('id' => $_SESSION['id']));
                redirect('profile?generic_success=1');
            } else {
                if ($_POST['action'] == '2fa_disable') {
                    db_update('users', array('2fa_status' => 'disabled'), array('id' => $_SESSION['id']));
                    db_delete('two_factor_auth', array('user_id' => $_SESSION['id']));
                    redirect('profile?generic_success=1');
                } else {
                    if ($_POST['action'] == 'reset_password') {
                        $user = db_select_one('users', array('passhash'), array('id' => $_SESSION['id']));
                        if (!check_passhash($_POST['current_password'], $user['passhash'])) {
                            message_error('Current password was incorrect.');
                        }
                        if (!strlen($_POST['new_password'])) {
                            message_error('Password cannot be empty.');
                        }
                        if ($_POST['new_password'] != $_POST['new_password_again']) {
                            message_error('Passwords did not match.');
                        }
                        $new_passhash = make_passhash($_POST['new_password']);
                        $password_set = db_update('users', array('passhash' => $new_passhash), array('id' => $_SESSION['id']));
                        if (!$password_set) {
                            message_error('Password not set.');
                        }
                        redirect('profile?generic_success=1');
                    }
                }
            }
        }
    }
}
开发者ID:dirvuk,项目名称:mellivora,代码行数:31,代码来源:profile.php

示例12: enforce_authentication

<?php

require '../../../include/mellivora.inc.php';
enforce_authentication(CONFIG_UC_MODERATOR);
enforce_instance_auth();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_xsrf_token($_POST['xsrf_token']);
    if ($_POST['action'] == 'new') {
        $user_id = db_insert('users', array('email' => $_POST['email'], 'passhash' => make_passhash($_POST['password']), 'team_name' => $_POST['team_name'], 'added' => time(), 'enabled' => CONFIG_ACCOUNTS_DEFAULT_ENABLED ? '1' : '0', 'user_type' => isset($type) ? $type : 0, 'country_id' => '200', 'class' => '1', 'competing' => '0'));
        $instanceID = db_insert('instances', array('name' => $_POST['name'], 'instanceURI' => $_POST['uri'], 'authoratativeAccountID' => $user_id));
        if ($_POST['import_sample_challenge_set'] == true) {
            //        db_insert_manual('insert into categories (instanceID,added, added_by, title, description, available_from, available_until) select '.$instanceID.' as instanceID,added, added_by, title,description, available_from, available_until from categories where instanceID = 0');
            //        $types = db_query_fetch_all('SELECT * FROM categories WHERE instanceID =\''.$instanceID.'\' ORDER BY instanceID ASC');
            //
            //        foreach($types as $type){
            //            question_replication($type['title'],$type['id']);
            //        }
            // Get all categories from base instance.
            $baseInstanceCategories = db_query_fetch_all('SELECT * FROM categories WHERE instanceID = 0');
            foreach ($baseInstanceCategories as $baseCategory) {
                $baseChallenges = db_query_fetch_all('SELECT * FROM challenges WHERE category =' . $baseCategory['id']);
                // create new category and retrive autoincremented ID
                $categoryID = db_insert('categories', array('added' => time(), 'added_by' => $_SESSION['id'], 'title' => $baseCategory['title'], 'instanceID' => $instanceID, 'description' => $baseCategory['description'], 'available_from' => strtotime('2015-02-03 21:17:57'), 'available_until' => strtotime('2099-02-03 21:17:57')));
                // loop through each challenge
                foreach ($baseChallenges as $baseChallenge) {
                    $challengeID = db_insert('challenges', array('added' => time(), 'added_by' => $_SESSION['id'], 'title' => $baseChallenge['title'], 'description' => $baseChallenge['description'], 'flag' => $baseChallenge['flag'], 'automark' => $baseChallenge['automark'], 'case_insensitive' => $baseChallenge['case_insensitive'], 'points' => $baseChallenge['points'], 'category' => $categoryID, 'num_attempts_allowed' => $baseChallenge['num_attempts_allowed'], 'min_seconds_between_submissions' => $baseChallenge['min_seconds_between_submissions'], 'available_from' => strtotime('2015-02-03 21:17:57'), 'available_until' => strtotime('2099-02-03 21:17:57'), 'instanceID' => $instanceID, 'cloneOf' => $baseChallenge['id']));
                    $challengeHints = db_query_fetch_all('SELECT * FROM hints WHERE challenge =' . $baseChallenge['id']);
                    foreach ($challengeHints as $hint) {
                        $id = db_insert('hints', array('added' => time(), 'added_by' => $_SESSION['id'], 'challenge' => $challengeID, 'visible' => $hint['visible'], 'body' => $hint['body'], 'instanceID' => $instanceID, 'value' => $hint["value"]));
                    }
                }
开发者ID:ZlhlmChZ,项目名称:source-code-mell,代码行数:31,代码来源:new_instance.php

示例13: elseif

} elseif ($_GET) {
    $id = 0 + $_GET["id"];
    $md5 = $_GET["secret"];
    if (!$id) {
        die;
    }
    $res = sql_query("SELECT username, email, passhash, editsecret FROM users WHERE id = " . sqlesc($id));
    $arr = mysqli_fetch_assoc($res);
    $email = $arr["email"];
    $sec = $arr['editsecret'];
    if ($md5 != md5($sec . $email . $arr["passhash"] . $sec)) {
        die;
    }
    $newpassword = make_password();
    $sec = mksecret();
    $newpasshash = make_passhash($sec, md5($newpassword));
    sql_query("UPDATE users SET secret=" . sqlesc($sec) . ", editsecret='', passhash=" . sqlesc($newpasshash) . " WHERE id=" . sqlesc($id) . " AND editsecret=" . sqlesc($arr["editsecret"])) or sqlerr(__FILE__, __LINE__);
    $mc1->begin_transaction('MyUser_' . $id);
    $mc1->update_row(false, array('secret' => $sec, 'editsecret' => '', 'passhash' => $newpasshash));
    $mc1->commit_transaction($INSTALLER09['expires']['curuser']);
    $mc1->begin_transaction('user' . $id);
    $mc1->update_row(false, array('secret' => $secret, 'editsecret' => '', 'passhash' => $newpasshash));
    $mc1->commit_transaction($INSTALLER09['expires']['user_cache']);
    if (!mysqli_affected_rows($GLOBALS["___mysqli_ston"])) {
        stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_noupdate']}");
    }
    $body = sprintf($lang['email_newpass'], $arr["username"], $newpassword, $INSTALLER09['baseurl']) . $INSTALLER09['site_name'];
    @mail($email, "{$INSTALLER09['site_name']} {$lang['email_subject']}", $body, "From: {$INSTALLER09['site_email']}") or stderr($lang['stderr_errorhead'], $lang['stderr_nomail']);
    stderr($lang['stderr_successhead'], sprintf($lang['stderr_mailed'], $email));
} else {
    $HTMLOUT = '';
开发者ID:Bigjoos,项目名称:U-232-V5,代码行数:31,代码来源:recover.php

示例14: register_account

function register_account($email, $password, $team_name, $country, $type = null)
{
    if (!CONFIG_ACCOUNTS_SIGNUP_ALLOWED) {
        message_error('Registration is currently closed.');
    }
    if (empty($email) || empty($password) || empty($team_name)) {
        message_error('Please fill in all the details correctly.');
    }
    if (isset($type) && !is_valid_id($type)) {
        message_error('That does not look like a valid team type.');
    }
    if (strlen($team_name) > CONFIG_MAX_TEAM_NAME_LENGTH || strlen($team_name) < CONFIG_MIN_TEAM_NAME_LENGTH) {
        message_error('Your team name was too long or too short.');
    }
    validate_email($email);
    if (!allowed_email($email)) {
        message_error('Email not on whitelist. Please choose a whitelisted email or contact organizers.');
    }
    $num_countries = db_select_one('countries', array('COUNT(*) AS num'));
    if (!isset($country) || !is_valid_id($country) || $country > $num_countries['num']) {
        message_error('Please select a valid country.');
    }
    $user = db_select_one('users', array('id'), array('team_name' => $team_name, 'email' => $email), null, 'OR');
    if ($user['id']) {
        message_error('An account with this team name or email already exists.');
    }
    $user_id = db_insert('users', array('email' => $email, 'passhash' => make_passhash($password), 'team_name' => $team_name, 'added' => time(), 'enabled' => CONFIG_ACCOUNTS_DEFAULT_ENABLED ? '1' : '0', 'user_type' => isset($type) ? $type : 0, 'country_id' => $country));
    // insertion was successful
    if ($user_id) {
        // log signup IP
        log_user_ip($user_id);
        // signup email
        $email_subject = CONFIG_SITE_NAME . ' account details';
        // body
        $email_body = htmlspecialchars($team_name) . ', your registration at ' . CONFIG_SITE_NAME . ' was successful.' . "\r\n" . "\r\n" . (CONFIG_ACCOUNTS_DEFAULT_ENABLED ? 'You can now log in using your email and chosen password.' : 'Once the competition starts, please use this email address to log in.') . "\r\n";
        if (CONFIG_ACCOUNTS_EMAIL_PASSWORD_ON_SIGNUP) {
            $email_body .= 'Your password is: ' . $password . "\r\n";
        }
        $email_body .= "\r\n" . 'Please stay tuned for updates!' . "\r\n" . "\r\n" . 'Regards,' . "\r\n" . CONFIG_SITE_NAME;
        // send details to user
        send_email(array($email), $email_subject, $email_body);
        // if account isn't enabled by default, display message and die
        if (!CONFIG_ACCOUNTS_DEFAULT_ENABLED) {
            message_generic('Signup successful', 'Thank you for registering!
            Your chosen email is: ' . htmlspecialchars($email) . '.
            Make sure to check your spam folder as emails from us may be placed into it.
            Please stay tuned for updates!');
        } else {
            return true;
        }
    }
    // no rows were inserted
    return false;
}
开发者ID:RowdyChildren,项目名称:49sd-ctf,代码行数:54,代码来源:session.inc.php


注:本文中的make_passhash函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。