[Easymod-cvs] easymod2/mods/easymod/includes admin_easymod.php.txt,1.31,1.32
Status: Beta
Brought to you by:
wgeric
Menu
▾
▴
[Easymod-cvs] easymod2/mods/easymod/includes admin_easymod.php.txt,1.31,1.32
|
From: Markus P. <mar...@us...> - 2005-11-02 09:31:29
|
Update of /cvsroot/easymod/easymod2/mods/easymod/includes In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12026/mods/easymod/includes Modified Files: admin_easymod.php.txt Log Message: Changed the way the EM password is passed between panels. Index: admin_easymod.php.txt =================================================================== RCS file: /cvsroot/easymod/easymod2/mods/easymod/includes/admin_easymod.php.txt,v retrieving revision 1.31 retrieving revision 1.32 diff -C2 -d -r1.31 -r1.32 *** admin_easymod.php.txt 2 Nov 2005 05:58:51 -0000 1.31 --- admin_easymod.php.txt 2 Nov 2005 09:31:21 -0000 1.32 *************** *** 506,510 **** // look in the config table to get the EM settings ! function get_em_settings( $filename, $path, $em_pass, $preview = false) { global $db, $phpbb_root_path; --- 506,510 ---- // look in the config table to get the EM settings ! function get_em_settings($filename, $path, $em_pass, $preview = false) { global $db, $phpbb_root_path; *************** *** 514,518 **** // $sql = "SELECT * ! FROM " . CONFIG_TABLE; if( !$result = $db->sql_query($sql) ) { --- 514,519 ---- // $sql = "SELECT * ! FROM " . CONFIG_TABLE . " ! WHERE config_name LIKE 'EM_%'"; if( !$result = $db->sql_query($sql) ) { *************** *** 521,563 **** // loop through all the settings and assign the EM ones as appropriate ! while ( $row = $db->sql_fetchrow($result)) { ! if ( $row['config_name'] == 'EM_read') { $read = $row['config_value']; } ! else if ( $row['config_name'] == 'EM_write') { $write = $row['config_value']; } ! else if ( $row['config_name'] == 'EM_move') { $move = $row['config_value']; } ! else if ( $row['config_name'] == 'EM_ftp_dir') { $ftp_dir = $row['config_value']; } ! else if ( $row['config_name'] == 'EM_ftp_user') { $ftp_user = $row['config_value']; } ! else if ( $row['config_name'] == 'EM_ftp_pass') { ! $ftp_pass = $row['config_value']; } ! else if ( $row['config_name'] == 'EM_ftp_host') { $ftp_host = $row['config_value']; } ! else if ( $row['config_name'] == 'EM_ftp_port') { $ftp_port = $row['config_value']; } ! else if ( $row['config_name'] == 'EM_ftp_type') { $ftp_type = $row['config_value']; } ! else if ( $row['config_name'] == 'EM_ftp_cache') { $ftp_cache = $row['config_value']; --- 522,564 ---- // loop through all the settings and assign the EM ones as appropriate ! while ($row = $db->sql_fetchrow($result)) { ! if ($row['config_name'] == 'EM_read') { $read = $row['config_value']; } ! else if ($row['config_name'] == 'EM_write') { $write = $row['config_value']; } ! else if ($row['config_name'] == 'EM_move') { $move = $row['config_value']; } ! else if ($row['config_name'] == 'EM_ftp_dir') { $ftp_dir = $row['config_value']; } ! else if ($row['config_name'] == 'EM_ftp_user') { $ftp_user = $row['config_value']; } ! else if ($row['config_name'] == 'EM_ftp_pass') { ! $ftp_pass = crypt_ftp_pass(EM_DECRYPT, $row['config_value'], $em_pass); } ! else if ($row['config_name'] == 'EM_ftp_host') { $ftp_host = $row['config_value']; } ! else if ($row['config_name'] == 'EM_ftp_port') { $ftp_port = $row['config_value']; } ! else if ($row['config_name'] == 'EM_ftp_type') { $ftp_type = $row['config_value']; } ! else if ($row['config_name'] == 'EM_ftp_cache') { $ftp_cache = $row['config_value']; *************** *** 565,575 **** } - // decrypt the FTP password - include($phpbb_root_path . 'admin/em_includes/em_cipher.php'); - $cipher = new Cipher_BlockMode_cbc(); - $cipher->blowfish->setKey( $em_pass); - $ftp_pass = $cipher->decrypt($ftp_pass); - - // if we are in preview mode, then no matter what we will set to display to screen if ($preview) --- 566,569 ---- *************** *** 583,587 **** } - // look in the config table to get the EM Version function get_em_version() --- 577,580 ---- *************** *** 666,669 **** --- 659,666 ---- $password = ( !empty($HTTP_POST_VARS['password']) ) ? stripslashes($HTTP_POST_VARS['password']) : ''; + if( isset($HTTP_POST_VARS['login']) ) + { + $password = md5($password); + } $install_file = ( !empty($HTTP_POST_VARS['install_file']) ) ? stripslashes(trim($HTTP_POST_VARS['install_file'])) : ''; $install_path = ( !empty($HTTP_POST_VARS['install_path']) ) ? stripslashes(trim($HTTP_POST_VARS['install_path'])) : ''; *************** *** 697,701 **** { // compare passwords and send them back to the password screen if they fail ! if ( md5($password) != get_em_pw()) { $get_password = true; --- 694,698 ---- { // compare passwords and send them back to the password screen if they fail ! if ( $password !== get_em_pw()) { $get_password = true; *************** *** 922,926 **** 'L_SUBMIT' => $lang['EM_settings_update'], ! 'EM_PASS' => $password, 'EM_VERSION' => get_em_version(), --- 919,923 ---- 'L_SUBMIT' => $lang['EM_settings_update'], ! 'EM_PASS' => htmlspecialchars($password), 'EM_VERSION' => get_em_version(), *************** *** 970,974 **** // confirm passwords match and update pw if needed ! if ( $em_pass === $em_pass_confirm) { // update the password; starting with 0.0.11 store as MD5 hash --- 967,971 ---- // confirm passwords match and update pw if needed ! if ($em_pass === $em_pass_confirm) { // update the password; starting with 0.0.11 store as MD5 hash *************** *** 978,982 **** } // the confirm is empty so they are not trying to update the pw, so don't ! else if ( $em_pass_confirm == '') { $pass_msg = $lang['EM_pass_not_updated']; --- 975,979 ---- } // the confirm is empty so they are not trying to update the pw, so don't ! else if ($em_pass_confirm == '') { $pass_msg = $lang['EM_pass_not_updated']; *************** *** 984,993 **** } // passwords do not match so throw an error ! else if ( $em_pass !== $em_pass_confirm) { message_die(GENERAL_ERROR, $lang['EM_err_set_pw']); } - // update the settings em_db_update('EM_read', str_replace("'", "''", $read)); --- 981,989 ---- } // passwords do not match so throw an error ! else if ($em_pass !== $em_pass_confirm) { message_die(GENERAL_ERROR, $lang['EM_err_set_pw']); } // update the settings em_db_update('EM_read', str_replace("'", "''", $read)); *************** *** 999,1009 **** if ( $force_ftp_pass || !empty($ftp_pass) ) { ! // decrypt the FTP password ! include($phpbb_root_path . '/admin/em_includes/em_cipher.php'); ! $cipher = new Cipher_BlockMode_cbc(); ! $cipher->blowfish->setKey($em_pass); ! $ftp_pass = $cipher->encrypt($ftp_pass); ! ! em_db_update('EM_ftp_pass', str_replace("'", "''", $ftp_pass)); } --- 995,999 ---- if ( $force_ftp_pass || !empty($ftp_pass) ) { ! em_db_update('EM_ftp_pass', str_replace("'", "''", crypt_ftp_pass(EM_ENCRYPT, $ftp_pass, $em_pass))); } *************** *** 1017,1021 **** } - // // history --- 1007,1010 ---- *************** *** 1410,1414 **** $hidden_vars_ary = array( 'mod_id' => $mod_id, ! 'password' => $password, 'mode' => $mode, 'install_path' => dirname($mod_file).'/', --- 1399,1403 ---- $hidden_vars_ary = array( 'mod_id' => $mod_id, ! 'password' => htmlspecialchars($password), 'mode' => $mode, 'install_path' => dirname($mod_file).'/', |
