Menu
▾
▴
[phpBT-dev] CVS: phpbt include.php,1.13,1.14 newaccount.php,1.5,1.6
|
From: Benjamin C. <bc...@us...> - 2001-07-30 13:47:37
|
Update of /cvsroot/phpbt/phpbt
In directory usw-pr-cvs1:/tmp/cvs-serv16533
Modified Files:
include.php newaccount.php
Log Message:
Added new constant, ENCRYPTPASS, to define whether you want passwords to be stored encrypted
Index: include.php
===================================================================
RCS file: /cvsroot/phpbt/phpbt/include.php,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- include.php 2001/07/26 17:22:23 1.13
+++ include.php 2001/07/30 13:47:33 1.14
@@ -10,6 +10,7 @@
define ('DATEFORMAT','m-d-Y');
define ('TIMEFORMAT','g:i A');
define ('ADMINEMAIL','ph...@be...');
+define ('ENCRYPTPASS',0); // Whether to store passwords encrypted
require PHPLIBPATH.'db_mysql.inc';
require PHPLIBPATH.'ct_sql.inc';
@@ -92,16 +93,27 @@
if (!$username) return false;
if ($emailpass) {
list($email, $password) = $q->grab("select Email, Password from User where Email = '$username' and UserLevel > 0");
- if (!$q->num_rows()) {echo 'bob'; return false;}
+ if (!$q->num_rows()) {
+ return false;
+ }
+ if (ENCRYPTPASS) {
+ $password = genpassword(10);
+ $mpassword = md5($password);
+ $q->query("update User set Password = '$mpassword' where Email = '$username'");
+ }
mail($email, $STRING['newacctsubject'], sprintf($STRING['newacctmessage'],
$password), 'From: '.ADMINEMAIL);
$emailsuccess = true;
return false;
}
$this->auth['uname'] = $username;
+ if (ENCRYPTPASS) {
+ $password = md5($password);
+ }
$u = $q->grab("select * from User where Email = '$username' and Password = '$password' and UserLevel > 0");
- if (!$q->num_rows()) return false;
- else {
+ if (!$q->num_rows()) {
+ return false;
+ } else {
$this->auth['fname'] = $u['FirstName'];
$this->auth['lname'] = $u['LastName'];
$this->auth['email'] = $u['Email'];
Index: newaccount.php
===================================================================
RCS file: /cvsroot/phpbt/phpbt/newaccount.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- newaccount.php 2001/07/26 17:22:23 1.5
+++ newaccount.php 2001/07/30 13:47:33 1.6
@@ -5,7 +5,7 @@
include 'include.php';
function do_form() {
- global $q, $t, $email, $firstname, $lastname, $STRING;
+ global $q, $t, $email, $firstname, $lastname, $STRING, $now;
if (!$email or !valid_email($email))
$error = $STRING['giveemail'];
@@ -18,7 +18,12 @@
$firstname = htmlspecialchars($firstname);
$lastname = htmlspecialchars($lastname);
$password = genpassword(10);
- $q->query("insert into User (UserID, FirstName, LastName, Email, Password, CreatedDate, UserLevel) values (".$q->nextid('User').", '$firstname', '$lastname', '$email', '$password', ".time().", 1)");
+ if (ENCRYPTPASS) {
+ $mpassword = md5($password);
+ } else {
+ $mpassword = $password;
+ }
+ $q->query("insert into User (UserID, FirstName, LastName, Email, Password, CreatedDate, UserLevel) values (".$q->nextid('User').", '$firstname', '$lastname', '$email', '$mpassword', $now, 1)");
mail($email, $STRING['newacctsubject'], sprintf($STRING['newacctmessage'],
$password), 'From: '.ADMINEMAIL);
$t->set_file('content','newaccountsuccess.html');
|
