| /register-do.php |
|---|
| 42,9 → 42,11 |
| $page->redirect('register.php?error=Incorrect reCAPTCHA response'); |
| } |
| $args = array(2, $username, sha1($password), $email, $name, 0); |
| $page->query("INSERT INTO Users (AccessID, Username, Password, EmailAddress, Name, ChallengeID) VALUES (?, ?, ?, ?, ?, ?)", $args); |
| $salt = $username . "horses"; |
| $args = array(2, $username, $page->saltAndBurn($password, $salt), $salt, $email, $name, $page->rndString(), 0); |
| $page->query("INSERT INTO Users (AccessID, Username, Password, Salt, EmailAddress, Name, CSRFToken, ChallengeID) VALUES (?, ?, ?, ?, ?, ?, ?, ?)", $args); |
| $page->redirect('login.php'); |
| ?> |
| /_taios.php |
|---|
| 142,7 → 142,7 |
| write('</p><br />'); |
| } |
| $ids = $this->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"'); |
| $ids = $this->findIDs('BlogPosts', 'WHERE ParentID=?', array($id)); |
| for ($i = 0; $i < count($ids); $i++) |
| { |
| write('<div class="indent">'); |
| 356,8 → 356,10 |
| $user->accessID = $row['AccessID']; |
| $user->username = $row['Username']; |
| $user->password = $row['Password']; |
| $user->salt = $row['Salt']; |
| $user->emailAddress = $row['EmailAddress']; |
| $user->name = $row['Name']; |
| $user->csrftoken = $row['CSRFToken']; |
| $user->challengeID = $row['ChallengeID']; |
| return $user; |
| 470,6 → 472,37 |
| $this->query("DELETE FROM BlogPosts WHERE ID = ?", array($id)); |
| } |
| function saltAndBurn($pass, $salt) { |
| return sha1($salt . $pass); |
| } |
| function rndString($len = 8) { |
| $chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZlolphp'; |
| $clen = strlen($characters); |
| $res = ''; |
| for ($i = $len - 1; $i >= 0; $i--) { |
| $res .= $chars[rand(0, clen - 1)]; |
| } |
| return $res; |
| } |
| function getCRSFToken($id) { |
| $token = $this->rndString(); |
| $this->query("UPDATE USERS Set CSRFToken = ? WHERE ID = ?", array($token, $id)); |
| return $token; |
| } |
| function checkCRSFToken($id, $token) { |
| $user = $this->getUserByID($id); |
| if ($token !== $user->csrftoken) { |
| die("a death"); |
| } |
| $this->getCRSFToken($id); // change to something else so we can't re-use it |
| } |
| function getGetID() { |
| $id = $_GET['id']; |
| if (empty($id)) { |
| 496,8 → 529,10 |
| public $accessID; |
| public $username; |
| public $password; |
| public $salt; |
| public $emailAddress; |
| public $name; |
| public $csrftoken; |
| public $challengeID; |
| } |
| /install.sql |
|---|
| 11,6 → 11,8 |
| Password TEXT, |
| EmailAddress TEXT, |
| Name TEXT, |
| Salt TEXT, |
| CSRFToken TEXT, |
| ChallengeID INT, |
| PRIMARY KEY(ID) |
| ); |
| /admin/account-do.php |
|---|
| 19,7 → 19,8 |
| } |
| if (!empty($password)) { |
| $page->query("UPDATE Users SET Password = ? WHERE ID = ?", array(sha1($password), $userID)); |
| $salt = $user->username . "sheeps"; |
| $page->query("UPDATE Users SET Password = ?, Salt = ? WHERE ID = ?", array($page->saltAndBurn($password, $salt), $salt, $userID)); |
| } |
| if (!empty($email)) { |
| /admin/all-accounts.php |
|---|
| 17,7 → 17,7 |
| write('<td class="bold">ID</td>'); |
| write('<td class="bold">AccessID</td>'); |
| write('<td class="bold">Username</td>'); |
| write('<td class="bold">SHA1 Password</td>'); |
| write('<td class="bold">Salt and Burned Password</td>'); |
| write('<td class="bold">Name</td>'); |
| write('<td class="bold">Email Address</td>'); |
| write('<td class="bold">Challenge ID</td>'); |
| /login-do.php |
|---|
| 23,7 → 23,7 |
| } |
| $user = $page->getUserByUsername($username); |
| if (!$user || $user->password !== sha1($password)) |
| if (!$user || $user->password !== $page->saltAndBurn($password, $user->salt)) |
| { |
| $page->redirect('login.php?error=Incorrect Username or Password&oldurl=' . urlencode($redirurl)); |
| } |
| /wiki/index.php |
|---|
| 8,7 → 8,21 |
| } |
| require '../_taios.php'; |
| if (get_magic_quotes_gpc()) { |
| $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST); |
| while (list($key, $val) = each($process)) { |
| foreach ($val as $k => $v) { |
| unset($process[$key][$k]); |
| if (is_array($v)) { |
| $process[$key][stripslashes($k)] = $v; |
| $process[] = &$process[$key][stripslashes($k)]; |
| } else { |
| $process[$key][stripslashes($k)] = stripslashes($v); |
| } |
| } |
| } |
| unset($process); |
| } |
| $pageName = $_GET['page']; |
| if (empty($pageName)) |
| { |
| 15,7 → 29,7 |
| $pageName = 'Index'; |
| } |
| $page = new Taios_Page('Wiki - ' . $pageName, '../'); |
| $page = new Taios_Page('Wiki · ' . $pageName, '../'); |
| if (isset($_GET['random'])) |
| { |
| /wiki/edit.php |
|---|
| 1,7 → 1,21 |
| <?php |
| require '../_taios.php'; |
| if (get_magic_quotes_gpc()) { |
| $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST); |
| while (list($key, $val) = each($process)) { |
| foreach ($val as $k => $v) { |
| unset($process[$key][$k]); |
| if (is_array($v)) { |
| $process[$key][stripslashes($k)] = $v; |
| $process[] = &$process[$key][stripslashes($k)]; |
| } else { |
| $process[$key][stripslashes($k)] = stripslashes($v); |
| } |
| } |
| } |
| unset($process); |
| } |
| $pageName = $_GET['page']; |
| if (empty($pageName)) |
| { |
| /blog/post.php |
|---|
| 9,6 → 9,8 |
| $page->redirect('index.php'); |
| } |
| $page->title = 'Blog Post · ' . $page->getBlogPost($page->getGetID())->title; |
| $page->drawHeader(); |
| $page->drawBlogCategoriesMenu(); |
| $page->drawMiddle(); |