Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
Browse Source

Enabled status is a string, not an integer, why?

pjc 5 years ago
parent
569a3f50e8
commit
220d70d1fd
2 changed files with 66 additions and 67 deletions
Unified View Show Diff Stats
  1. 5
    3
      sections/login/index.php
  2. 61
    64
      sections/tools/misc/create_user.php

+ 5
- 3
sections/login/index.php View File

253 
           }
 253 
           }
254
254
255 
           if (empty($TwoFactor) || $TwoFA->verifyCode($TwoFactor, $_POST['twofa'])) {
 255 
           if (empty($TwoFactor) || $TwoFA->verifyCode($TwoFactor, $_POST['twofa'])) {
256 
-            if ($Enabled == 1) {
256 
+            # todo: Make sure the type is (int)
257 
+            if ($Enabled === '1') {
257
258
258 
               // Check if the current login attempt is from a location previously logged in from
 259 
               // Check if the current login attempt is from a location previously logged in from
259 
               if (apcu_exists('DBKEY')) {
 260 
               if (apcu_exists('DBKEY')) {
276 
                   $DB->query("SELECT ASN FROM geoip_asn WHERE StartIP<=INET6_ATON('$_SERVER[REMOTE_ADDR]') AND EndIP>=INET6_ATON('$_SERVER[REMOTE_ADDR]')");
 277 
                   $DB->query("SELECT ASN FROM geoip_asn WHERE StartIP<=INET6_ATON('$_SERVER[REMOTE_ADDR]') AND EndIP>=INET6_ATON('$_SERVER[REMOTE_ADDR]')");
277 
                   list($CurrentASN) = $DB->next_record();
 278 
                   list($CurrentASN) = $DB->next_record();
278
279
279 
-                  // if FEATURE_ENFORCE_LOCATIONS is enabled, require users to confirm new logins
280 
+                  // If FEATURE_ENFORCE_LOCATIONS is enabled, require users to confirm new logins
280 
                   if (!in_array($CurrentASN, $PastASNs) && FEATURE_ENFORCE_LOCATIONS) {
 281 
                   if (!in_array($CurrentASN, $PastASNs) && FEATURE_ENFORCE_LOCATIONS) {
281 
                     // Never logged in from this location before
 282 
                     // Never logged in from this location before
282 
                     if ($Cache->get_value('new_location_'.$UserID.'_'.$CurrentASN) !== true) {
 283 
                     if ($Cache->get_value('new_location_'.$UserID.'_'.$CurrentASN) !== true) {
398 
                 // Save the username in a cookie for the disabled page
 399 
                 // Save the username in a cookie for the disabled page
399 
                 setcookie('username', db_string($_POST['username']), time() + 60 * 60, '/', '', false);
 400 
                 setcookie('username', db_string($_POST['username']), time() + 60 * 60, '/', '', false);
400 
                 header('Location: login.php?action=disabled');
 401 
                 header('Location: login.php?action=disabled');
401 
-              } elseif ($Enabled == 0) {
402 
+                # todo: Make sure the type is (int)
403 
+              } elseif ($Enabled === '0') {
402 
                 $Err = 'Your account has not been confirmed.<br />Please check your email.';
 404 
                 $Err = 'Your account has not been confirmed.<br />Please check your email.';
403 
               }
 405 
               }
404 
               setcookie('keeplogged', '', time() + 60 * 60 * 24 * 365, '/', '', false);
 406 
               setcookie('keeplogged', '', time() + 60 * 60 * 24 * 365, '/', '', false);

+ 61
- 64
sections/tools/misc/create_user.php View File

1 
-<?
1 
+<?php
2 
+
2 
 // todo: Rewrite this, make it cleaner, make it work right, add it common stuff
 3 
 // todo: Rewrite this, make it cleaner, make it work right, add it common stuff
3 
 if (!check_perms('admin_create_users')) {
 4 
 if (!check_perms('admin_create_users')) {
4 
-  error(403);
5 
+    error(403);
5 
 }
 6 
 }
6
7
7 
-//Show our beautiful header
8 
+// Show our beautiful header
8 
 View::show_header('Create a User');
 9 
 View::show_header('Create a User');
9
10
10 
-//Make sure the form was sent
11 
+// Make sure the form was sent
11 
 if (isset($_POST['Username'])) {
 12 
 if (isset($_POST['Username'])) {
12 
-  authorize();
13 
+    authorize();
13
14
14 
-  //Create variables for all the fields
15 
-  $Username = trim($_POST['Username']);
16 
-  $Email = trim($_POST['Email']);
17 
-  $Password = $_POST['Password'];
15 
+    // Create variables for all the fields
16 
+    $Username = trim($_POST['Username']);
17 
+    $Email = trim($_POST['Email']);
18 
+    $Password = $_POST['Password'];
18
19
19 
-  //Make sure all the fields are filled in
20 
-  //Don't allow a username of "0" or "1" because of PHP's type juggling
21 
-  if (!empty($Username) && !empty($Email) && !empty($Password) && $Username != '0' && $Username != '1') {
20 
+    // Make sure all the fields are filled in
21 
+    // Don't allow a username of "0" or "1" because of PHP's type juggling
22 
+    if (!empty($Username) && !empty($Email) && !empty($Password) && $Username != '0' && $Username != '1') {
22
23
23 
-    //Create hashes...
24 
-    $torrent_pass = Users::make_secret();
24 
+    // Create hashes...
25 
+        $torrent_pass = Users::make_secret();
25
26
26 
-    //Create the account
27 
-    $DB->query("
27 
+        // Create the account
28 
+        $DB->query("
28 
       INSERT INTO users_main
 29 
       INSERT INTO users_main
29 
         (Username, Email, PassHash, torrent_pass, Enabled, PermissionID)
 30 
         (Username, Email, PassHash, torrent_pass, Enabled, PermissionID)
30 
       VALUES
 31 
       VALUES
31 
         ('".db_string($Username)."', '".Crypto::encrypt($Email)."', '".db_string(Users::make_sec_hash($Password))."', '".db_string($torrent_pass)."', '1', '".USER."')");
 32 
         ('".db_string($Username)."', '".Crypto::encrypt($Email)."', '".db_string(Users::make_sec_hash($Password))."', '".db_string($torrent_pass)."', '1', '".USER."')");
32
33
33 
-    //Increment site user count
34 
-    $Cache->increment('stats_user_count');
34 
+        // Increment site user count
35 
+        $Cache->increment('stats_user_count');
35
36
36 
-    //Grab the userID
37 
-    $UserID = $DB->inserted_id();
37 
+        // Grab the UserID
38 
+        $UserID = $DB->inserted_id();
38
39
39 
-    Tracker::update_tracker('add_user', array('id' => $UserID, 'passkey' => $torrent_pass));
40 
+        Tracker::update_tracker('add_user', array('id' => $UserID, 'passkey' => $torrent_pass));
40
41
41 
-    //Default stylesheet
42 
-    $DB->query("
42 
+        // Default stylesheet
43 
+        $DB->query("
43 
       SELECT ID
 44 
       SELECT ID
44 
       FROM stylesheets");
 45 
       FROM stylesheets");
45 
-    list($StyleID) = $DB->next_record();
46 
+        list($StyleID) = $DB->next_record();
46
47
47 
-    //Auth key
48 
-    $AuthKey = Users::make_secret();
48 
+        // Auth key
49 
+        $AuthKey = Users::make_secret();
49
50
50 
-    //Give them a row in users_info
51 
-    $DB->query("
51 
+        // Give them a row in users_info
52 
+        $DB->query("
52 
       INSERT INTO users_info
 53 
       INSERT INTO users_info
53 
         (UserID, StyleID, AuthKey, JoinDate)
 54 
         (UserID, StyleID, AuthKey, JoinDate)
54 
       VALUES
 55 
       VALUES
55 
         ('".db_string($UserID)."', '".db_string($StyleID)."', '".db_string($AuthKey)."', NOW())");
 56 
         ('".db_string($UserID)."', '".db_string($StyleID)."', '".db_string($AuthKey)."', NOW())");
56
57
57 
-    // Give the notification settings
58 
-    $DB->query("INSERT INTO users_notifications_settings (UserID) VALUES ('$UserID')");
59 
-
60 
-    //Redirect to users profile
61 
-    header ("Location: user.php?id=$UserID");
62 
-
63 
-  //What to do if we don't have a username, email, or password
64 
-  } elseif (empty($Username)) {
58 
+        // Give the notification settings
59 
+        $DB->query("INSERT INTO users_notifications_settings (UserID) VALUES ('$UserID')");
65
60
66 
-    //Give the Error -- We do not have a username
67 
-    error('Please supply a username');
61 
+        // Redirect to users profile
62 
+        header("Location: user.php?id=$UserID");
68
63
69 
-  } elseif (empty($Email)) {
64 
+    // What to do if we don't have a username, email, or password
65 
+    } elseif (empty($Username)) {
70
66
71 
-    //Give the Error -- We do not have an email address
72 
-    error('Please supply an email address');
67 
+    // Give the Error -- We do not have a username
68 
+        error('Please supply a username');
69 
+    } elseif (empty($Email)) {
73
70
74 
-  } elseif (empty($Password)) {
71 
+    // Give the Error -- We do not have an email address
72 
+        error('Please supply an email address');
73 
+    } elseif (empty($Password)) {
75
74
76 
-    //Give the Error -- We do not have a password
77 
-    error('Please supply a password');
75 
+    // Give the Error -- We do not have a password
76 
+        error('Please supply a password');
77 
+    } else {
78
78
79 
-  } else {
79 
+    // Uh oh, something went wrong
80 
+        error('Unknown error');
81 
+    }
80
82
81 
-    //Uh oh, something went wrong
82 
-    error('Unknown error');
83 
-
84 
-  }
85 
-
86 
-//Form wasn't sent -- Show form
83 
+    // Form wasn't sent -- Show form
87 
 } else {
 84 
 } else {
85 
+    ?>
86 
+<div class="header">
87 
+  <h2>Create a User</h2>
88 
+</div>
88
89
89 
-  ?>
90 
-  <div class="header">
91 
-    <h2>Create a User</h2>
92 
-  </div>
93 
-
94 
-  <div class="thin box pad">
90 
+<div class="thin box pad">
95 
   <form class="create_form" name="user" method="post" action="">
 91 
   <form class="create_form" name="user" method="post" action="">
96 
     <input type="hidden" name="action" value="create_user" />
 92 
     <input type="hidden" name="action" value="create_user" />
97 
-    <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
93 
+    <input type="hidden" name="auth"
94 
+      value="<?=$LoggedUser['AuthKey']?>" />
98 
     <table class="layout" cellpadding="2" cellspacing="1" border="0" align="center">
 95 
     <table class="layout" cellpadding="2" cellspacing="1" border="0" align="center">
99 
       <tr valign="top">
 96 
       <tr valign="top">
100 
-        <td align="right" class="label">Username:</td>
97 
+        <td align="right" class="label">Username</td>
101 
         <td align="left"><input type="text" name="Username" id="username" class="inputtext" /></td>
 98 
         <td align="left"><input type="text" name="Username" id="username" class="inputtext" /></td>
102 
       </tr>
 99 
       </tr>
103 
       <tr valign="top">
 100 
       <tr valign="top">
104 
-        <td align="right" class="label">Email address:</td>
101 
+        <td align="right" class="label">Email Address</td>
105 
         <td align="left"><input type="email" name="Email" id="email" class="inputtext" /></td>
 102 
         <td align="left"><input type="email" name="Email" id="email" class="inputtext" /></td>
106 
       </tr>
 103 
       </tr>
107 
       <tr valign="top">
 104 
       <tr valign="top">
108 
-        <td align="right" class="label">Password:</td>
105 
+        <td align="right" class="label">Password</td>
109 
         <td align="left"><input type="password" name="Password" id="password" class="inputtext" /></td>
 106 
         <td align="left"><input type="password" name="Password" id="password" class="inputtext" /></td>
110 
       </tr>
 107 
       </tr>
111 
       <tr>
 108 
       <tr>
115 
       </tr>
 112 
       </tr>
116 
     </table>
 113 
     </table>
117 
   </form>
 114 
   </form>
118 
-  </div>
119 
-<?
115 
+</div>
116 
+<?php
120 
 }
 117 
 }
121
118
122 
-View::show_footer(); ?>
119 
+View::show_footer();

Write Preview
Loading…
Cancel
Save