[Xoops-svn] SF.net SVN: xoops-svn:[13362] *.xoops.org (Subdomain APIs & Sites)/ zones.xoops.org/include/functions.php

[<chr...@us...>]

Revision: 13362
          http://sourceforge.net/p/xoops/svn/13362
Author:   chronolabscoop
Date:     2018-06-09 06:29:01 +0000 (Sat, 09 Jun 2018)
Log Message:
-----------
Zones DNS API + Propogation v1.0.7 (fixed)

Modified Paths:
--------------
    *.xoops.org (Subdomain APIs & Sites)/zones.xoops.org/include/functions.php

Modified: *.xoops.org (Subdomain APIs & Sites)/zones.xoops.org/include/functions.php
===================================================================
--- *.xoops.org (Subdomain APIs & Sites)/zones.xoops.org/include/functions.php	2018-06-09 04:13:50 UTC (rev 13361)
+++ *.xoops.org (Subdomain APIs & Sites)/zones.xoops.org/include/functions.php	2018-06-09 06:29:01 UTC (rev 13362)
@@ -44,10 +44,10 @@
         {
             $time = time();
             if ($last_login < $time - 3600) {
-                $GLOBALS['APIDB']->queryF("UPDATE `users` SET `last_login` = '$time', `hits` = `hits` + 1 WHERE `uid` = '$uid'");
+                $GLOBALS['APIDB']->queryF("UPDATE `users` SET `last_login` = '$time', `hits` = `hits` + 1, `actkey` = '" . substr(md5(mt_rand(-time(), time())), 32 - ($len = mt_rand(3,6)), $len) . "' WHERE `uid` = '$uid'");
                 $last_login = $time;
             }
-            $sql = "SELECT md5(concat(`uid`, `uname`, `email`, `last_login`)) FROM `users` WHERE `uid` = '$uid'";
+            $sql = "SELECT md5(concat(`uid`, `uname`, `email`, `last_login`, `actkey`)) FROM `users` WHERE `uid` = '$uid'";
             list($authkey) = $GLOBALS['APIDB']->fetchRow($GLOBALS['APIDB']->queryF($sql));
             $_SESSION['authkey'] = $authkey;
             setcookie('authkey', $_SESSION['authkey'], 3600 + $time, '/', API_COOKIE_DOMAIN);
@@ -167,7 +167,7 @@
      */
     function checkAuthKey($authkey = '')
     {
-        $sql = "SELECT `uid`, `uname` FROM `users` WHERE '$authkey' LIKE md5(concat(`uid`, `uname`, `email`, `last_login`))";
+        $sql = "SELECT `uid`, `uname` FROM `users` WHERE '$authkey' LIKE md5(concat(`uid`, `uname`, `email`, `last_login`, `actkey`))";
         list($uid, $uname) = $GLOBALS['APIDB']->fetchRow($GLOBALS['APIDB']->queryF($sql));
         if ($uid <> 0 && !empty($uname))
         {
@@ -348,10 +348,10 @@
                     $mail->sendMail($email, array(), array(), "Zone API Creditials as established by: " . $GLOBALS['account'], $body, array(), "", true);
                     
                 } else {
-                    $return = array('code' => 501, 'recordkey' => md5(NULL. 'user'), 'errors' => array($GLOBALS['APIDB']->errno() => $GLOBALS['APIDB']->error()));
+                    $return = array('code' => 501, 'userkey' => md5(NULL. 'user'), 'errors' => array($GLOBALS['APIDB']->errno() => $GLOBALS['APIDB']->error()));
                 }
             } else {
-                $return = array('code' => 501, 'recordkey' => md5(NULL. 'user'), 'errors' => array('107' => 'User Record Already Exists!!!'));
+                $return = array('code' => 501, 'userkey' => md5(NULL. 'user'), 'errors' => array('107' => 'User Record Already Exists!!!'));
             }
         }
         return $return;