Fixed some syntax. Fixed upload to encode html and changed plugin loop index variable to $pluginIndex so it's less likely to be used by a plugin. Probably should be using foreach or whatever it is, but I am stubborn. Added to the logout a time change to invalidate the login session. Fixed issue with pus state back to filter/index whenever you click the x button or background. Fixed user creation to use the correct password hashing system.
This commit is contained in:
parent
d2f7bfebaf
commit
c94bdc878f
@ -55,7 +55,7 @@ if (isset($_MGM['user']) && $_MGM['user']['level']==1 && $_MGM['path'][1]=="user
|
|||||||
$level = (isset($_REQUEST['level']) ? trim($_REQUEST['level']) : "");
|
$level = (isset($_REQUEST['level']) ? trim($_REQUEST['level']) : "");
|
||||||
if (!empty($email) && !empty($level)) {
|
if (!empty($email) && !empty($level)) {
|
||||||
$salt = substr(sha1(rand()),0,12);
|
$salt = substr(sha1(rand()),0,12);
|
||||||
$epassword = $salt.hash("sha512", $salt.hash("sha512", $password));
|
$epassword = $salt.hashPassword($password,hex2bin($salt));
|
||||||
databaseQuery("INSERT INTO users (email, password, time, level) VALUES (%s,%s,%d,%s)", $email, $epassword, $_MGM['time'], $level);
|
databaseQuery("INSERT INTO users (email, password, time, level) VALUES (%s,%s,%d,%s)", $email, $epassword, $_MGM['time'], $level);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -322,7 +322,7 @@ $(document).ready(function() {
|
|||||||
|
|
||||||
repositionImage(2);
|
repositionImage(2);
|
||||||
|
|
||||||
if (urlHistory==undefined) {
|
if (urlHistory!=true) {
|
||||||
if (filter!="") {
|
if (filter!="") {
|
||||||
window.history.pushState({state: currentState}, "<?=$_MGM['title']?>", "<?=$_MGM['installPath']?>?filter="+encodeURIComponent(filter));
|
window.history.pushState({state: currentState}, "<?=$_MGM['title']?>", "<?=$_MGM['installPath']?>?filter="+encodeURIComponent(filter));
|
||||||
} else {
|
} else {
|
||||||
|
@ -13,6 +13,8 @@
|
|||||||
// DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
|
// DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
|
||||||
// ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
// ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||||
//
|
//
|
||||||
|
|
||||||
|
databaseQuery("UPDATE users SET time=%d WHERE docid=%s", $_MGM['time'], $_MGM['user']['docid']);
|
||||||
setcookie("{$_MGM['CookiePrefix']}user_email", "", $_MGM['time'], $_MGM['CookiePath'], $_MGM['CookieDomain']);
|
setcookie("{$_MGM['CookiePrefix']}user_email", "", $_MGM['time'], $_MGM['CookiePath'], $_MGM['CookieDomain']);
|
||||||
setcookie("{$_MGM['CookiePrefix']}user_password", "", $_MGM['time'], $_MGM['CookiePath'], $_MGM['CookieDomain']);
|
setcookie("{$_MGM['CookiePrefix']}user_password", "", $_MGM['time'], $_MGM['CookiePath'], $_MGM['CookieDomain']);
|
||||||
header("location: ".generateURL());
|
header("location: ".generateURL());
|
||||||
|
@ -88,18 +88,18 @@ if ($_MGM['path'][1]=="complete") {
|
|||||||
$ocr .= $line;
|
$ocr .= $line;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
echo "OCR: ".$ocr."<br />\n";
|
echo "OCR: ".htmlspecialchars($ocr, ENT_COMPAT | ENT_HTML401, 'UTF-8', true)."<br />\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
$tags = array();
|
$tags = array();
|
||||||
$external_data = "";
|
$external_data = "";
|
||||||
|
|
||||||
$plugins = glob("./external_data_plugins/*.php");
|
$plugins = glob("./external_data_plugins/*.php");
|
||||||
for ($i=0; $i<count($plugins); $i++) {
|
for ($pluginIndex=0; $pluginIndex<count($plugins); $pluginIndex++) {
|
||||||
require($plugins[$i]);
|
require($plugins[$pluginIndex]);
|
||||||
}
|
}
|
||||||
|
|
||||||
echo "External Data: ".$external_data."<br />\n";
|
echo "External Data: ".htmlspecialchars($external_data, ENT_COMPAT | ENT_HTML401, 'UTF-8', true)."<br />\n";
|
||||||
|
|
||||||
$thumbFile = "./thumbs/".$hash.".".$extension;
|
$thumbFile = "./thumbs/".$hash.".".$extension;
|
||||||
$target = 150;
|
$target = 150;
|
||||||
@ -142,16 +142,19 @@ if ($_MGM['path'][1]=="complete") {
|
|||||||
Processing...<br />
|
Processing...<br />
|
||||||
<div id="result"></div>
|
<div id="result"></div>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
var files = new Array(<?
|
var files = new Array(
|
||||||
|
<?
|
||||||
$array = "";
|
$array = "";
|
||||||
for ($i=0; $i<count($files); $i++) {
|
for ($i=0; $i<count($files); $i++) {
|
||||||
//if (in_array(pathinfo($files[$i], PATHINFO_EXTENSION), $allowedExtensions)) {
|
//if (in_array(pathinfo($files[$i], PATHINFO_EXTENSION), $allowedExtensions)) {
|
||||||
if ($array!="")
|
if ($array!="")
|
||||||
$array .= ",";
|
$array .= ",\n\t\t";
|
||||||
$array .= "\"".str_replace("\"", "\\\"", $files[$i])."\"";
|
$array .= "\"".str_replace("\"", "\\\"", $files[$i])."\"";
|
||||||
}
|
}
|
||||||
echo $array;
|
echo $array;
|
||||||
?>);
|
?>
|
||||||
|
|
||||||
|
);
|
||||||
var i=0;
|
var i=0;
|
||||||
function processFiles() {
|
function processFiles() {
|
||||||
if (i<files.length) {
|
if (i<files.length) {
|
||||||
|
@ -72,7 +72,7 @@ require_once("header.php");
|
|||||||
</table>
|
</table>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
function loadUsers() {
|
function loadUsers() {
|
||||||
$("#users_list tbody").load("<?=generateURL("api/users/list")?>/")
|
$("#users_list tbody").load("<?=generateURL("api/users/list")?>/");
|
||||||
}
|
}
|
||||||
$(document).ready(function() {
|
$(document).ready(function() {
|
||||||
$("#users_list").on("click", "tbody tr", function() {
|
$("#users_list").on("click", "tbody tr", function() {
|
||||||
|
@ -25,7 +25,7 @@
|
|||||||
|
|
||||||
<link href="<?=$_MGM['installPath']?>css/bootstrap.min.css" rel="stylesheet">
|
<link href="<?=$_MGM['installPath']?>css/bootstrap.min.css" rel="stylesheet">
|
||||||
<style>
|
<style>
|
||||||
body {
|
body {
|
||||||
padding-top: 60px;
|
padding-top: 60px;
|
||||||
}
|
}
|
||||||
</style>
|
</style>
|
||||||
|
Loading…
Reference in New Issue
Block a user