Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-04-30 03:09:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

$config_account_salt -> USE_ACCOUNT_SALT

Browse Source
This commit is contained in:
slawkens 2023-02-07 10:48:29 +01:00
parent d0c479d11d
commit b82c021ff7
13 changed files with 20 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
admin/pages/accounts.php
View File

@ -185,8 +185,7 @@ else if (isset($_REQUEST['search'])) {
$account->setCustomField('web_lastlogin', $web_lastlogin);
if (isset($password)) {
$config_salt_enabled = $db->hasColumn('accounts', 'salt');
if ($config_salt_enabled) {
if (USE_ACCOUNT_SALT) {
$salt = generateRandomString(10, false, true, true);
$password = $salt . $password;
$account->setCustomField('salt', $salt);
@ -195,7 +194,7 @@ else if (isset($_REQUEST['search'])) {
$password = encrypt($password);
$account->setPassword($password);
if ($config_salt_enabled)
if (USE_ACCOUNT_SALT)
$account->setCustomField('salt', $salt);
}

5
install/steps/7-finish.php
View File

@ -15,8 +15,7 @@ else {
$password = $_SESSION['var_password'];
$config_salt_enabled = $db->hasColumn('accounts', 'salt');
if($config_salt_enabled)
if(USE_ACCOUNT_SALT)
{
$salt = generateRandomString(10, false, true, true);
$password = $salt . $password;
@ -75,7 +74,7 @@ else {
$account_used = &$new_account;
}
if($config_salt_enabled)
if(USE_ACCOUNT_SALT)
$account_used->setCustomField('salt', $salt);
$account_used->setCustomField('web_flags', FLAG_ADMIN + FLAG_SUPER_ADMIN);

3
login.php
View File

@ -127,8 +127,7 @@ switch ($action) {
$account->find($inputAccountName);
}
$config_salt_enabled = fieldExist('salt', 'accounts');
$current_password = encrypt(($config_salt_enabled ? $account->getCustomField('salt') : '') . $request->password);
$current_password = encrypt((USE_ACCOUNT_SALT ? $account->getCustomField('salt') : '') . $request->password);
if (!$account->isLoaded() || $account->getPassword() != $current_password) {
sendError(($inputEmail != false ? 'Email' : 'Account name') . ' or password is not correct.');

1
system/init.php
View File

@ -132,6 +132,7 @@ require_once SYSTEM . 'database.php';
define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
// load vocation names
$tmp = '';

5
system/login.php
View File

@ -80,13 +80,12 @@ if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
}
}
$config_salt_enabled = $db->hasColumn('accounts', 'salt');
if($account_logged->isLoaded() && encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $login_password) == $account_logged->getPassword()
if($account_logged->isLoaded() && encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password) == $account_logged->getPassword()
&& (!isset($t) || $t['attempts'] < 5)
)
{
setSession('account', $account_logged->getNumber());
setSession('password', encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $login_password));
setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
if($remember_me) {
setSession('remember_me', true);
}

1
system/pages/account/base.php
View File

@ -26,5 +26,4 @@ if(!$logged)
}
else {
$show_form = true;
$config_salt_enabled = $db->hasColumn('accounts', 'salt');
}

2
system/pages/account/change_email.php
View File

@ -36,7 +36,7 @@ if($email_new_time < 10) {
$errors[] = 'Please enter password to your account.';
}
else {
$post_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $post_password);
$post_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $post_password);
if($post_password != $account_logged->getPassword()) {
$errors[] = 'Wrong password to account.';
}

4
system/pages/account/change_password.php
View File

@ -39,7 +39,7 @@ else
}
/** @var OTS_Account $account_logged */
$old_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $old_password);
$old_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $old_password);
if($old_password != $account_logged->getPassword()) {
$errors[] = "Current password is incorrect!";
}
@ -55,7 +55,7 @@ else
{
$org_pass = $new_password;
if($config_salt_enabled)
if(USE_ACCOUNT_SALT)
{
$salt = generateRandomString(10, false, true, true);
$new_password = $salt . $new_password;

5
system/pages/account/create.php
View File

@ -173,8 +173,7 @@ if($save)
$new_account->create(NULL, $account_id);
}
$config_salt_enabled = $db->hasColumn('accounts', 'salt');
if($config_salt_enabled)
if(USE_ACCOUNT_SALT)
{
$salt = generateRandomString(10, false, true, true);
$password = $salt . $password;
@ -185,7 +184,7 @@ if($save)
$new_account->unblock();
$new_account->save();
if($config_salt_enabled)
if(USE_ACCOUNT_SALT)
$new_account->setCustomField('salt', $salt);
$new_account->setCustomField('created', time());

2
system/pages/account/delete_character.php
View File

@ -19,7 +19,7 @@ if(!$logged) {
$player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : null;
$password_verify = isset($_POST['delete_password']) ? $_POST['delete_password'] : null;
$password_verify = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $password_verify);
$password_verify = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $password_verify);
if(isset($_POST['deletecharactersave']) && $_POST['deletecharactersave'] == 1) {
if(empty($player_name) || empty($password_verify)) {
$errors[] = 'Character name or/and password is empty. Please fill in form.';

7
system/pages/account/lost.php
View File

@ -17,7 +17,6 @@ if(!$config['mail_enabled'])
return;
}
$config_salt_enabled = $db->hasColumn('accounts', 'salt');
$action_type = isset($_REQUEST['action_type']) ? $_REQUEST['action_type'] : '';
if($action == '')
{
@ -292,7 +291,7 @@ elseif($action == 'step3')
$account->setEMail($new_email);
$tmp_new_pass = $new_pass;
if($config_salt_enabled)
if(USE_ACCOUNT_SALT)
{
$salt = generateRandomString(10, false, true, true);
$tmp_new_pass = $salt . $new_pass;
@ -301,7 +300,7 @@ elseif($action == 'step3')
$account->setPassword(encrypt($tmp_new_pass));
$account->save();
if($config_salt_enabled)
if(USE_ACCOUNT_SALT)
$account->setCustomField('salt', $salt);
echo 'Your account name, new password and new e-mail.<BR>
@ -481,7 +480,7 @@ elseif($action == 'setnewpassword')
if(Validator::password($newpassword))
{
$tmp_new_pass = $newpassword;
if($config_salt_enabled)
if(USE_ACCOUNT_SALT)
{
$salt = generateRandomString(10, false, true, true);
$tmp_new_pass = $salt . $newpassword;

4
system/pages/account/register.php
View File

@ -17,8 +17,8 @@ if(!$logged) {
return;
}
$_POST['reg_password'] = isset($_POST['reg_password']) ? $_POST['reg_password'] : '';
$reg_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
$_POST['reg_password'] = $_POST['reg_password'] ?? '';
$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
$old_key = $account_logged->getCustomField("key");
if(isset($_POST['registeraccountsave']) && $_POST['registeraccountsave'] == "1") {

2
system/pages/account/register_new.php
View File

@ -18,7 +18,7 @@ if(!$logged) {
}
if(isset($_POST['reg_password']))
$reg_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
$reckey = $account_logged->getCustomField('key');
if((!$config['generate_new_reckey'] || !$config['mail_enabled']) || empty($reckey)) {