| /_taios.php |
|---|
| 356,9 → 356,10 |
| $user->accessID = $row['AccessID']; |
| $user->username = $row['Username']; |
| $user->password = $row['Password']; |
| $user->salt = $row['Salt']; |
| $user->emailAddress = $row['EmailAddress']; |
| $user->name = $row['Name']; |
| $user->csrftoken = $row['CSRFToken']; |
| $user->salt = $row['Salt']; |
| $user->challengeID = $row['ChallengeID']; |
| return $user; |
| 501,9 → 502,10 |
| public $accessID; |
| public $username; |
| public $password; |
| public $salt; |
| public $emailAddress; |
| public $name; |
| public $salt; |
| public $csrftoken; |
| public $challengeID; |
| } |
| /install.sql |
|---|
| 12,6 → 12,7 |
| EmailAddress TEXT, |
| Name TEXT, |
| Salt TEXT, |
| CSRFToken TEXT, |
| ChallengeID INT, |
| PRIMARY KEY(ID) |
| ); |
| /admin/account-do.php |
|---|
| 11,7 → 11,6 |
| $password = $_POST['password']; |
| $email = $_POST['email']; |
| $name = $_POST['name']; |
| $salt = $name + "sheeps"; |
| $user = $page->getUserByID($userID); |
| if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser())) { |
| 20,7 → 19,8 |
| } |
| if (!empty($password)) { |
| $page->query("UPDATE Users SET Password = ? WHERE ID = ?", array($page->saltAndBurn($password, $salt), $userID)); |
| $salt = $user->username . "sheeps"; |
| $page->query("UPDATE Users SET Password = ?, Salt = ? WHERE ID = ?", array($page->saltAndBurn($password, $salt), $salt, $userID)); |
| } |
| if (!empty($email)) { |
| /register-do.php |
|---|
| 42,7 → 42,7 |
| $page->redirect('register.php?error=Incorrect reCAPTCHA response'); |
| } |
| $salt = $username + "horses"; |
| $salt = $username . "horses"; |
| $args = array(2, $username, $page->saltAndBurn($password, $salt), $salt, $email, $name, 0); |
| $page->query("INSERT INTO Users (AccessID, Username, Password, Salt, EmailAddress, Name, ChallengeID) VALUES (?, ?, ?, ?, ?, ?, ?)", $args); |