kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

change $db_password to $db_pass

Browse Source
This commit is contained in:
Ibnu Maksum 2024-07-29 09:06:27 +07:00
parent 3b9c5d16f8
commit fa154b007f
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
11 changed files with 41 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
config.sample.php
View File

@ -1,16 +1,18 @@
<?php <?php
$db_host = "localhost"; # Database Host
$db_port = ""; # Database Port. Keep it blank if you are un sure.
$db_user = "root"; # Database Username
$db_password = ""; # Database Password
$db_name = "phpnuxbill"; # Database Name
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://"; $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://";
$host = $_SERVER['HTTP_HOST']; $host = $_SERVER['HTTP_HOST'];
$baseDir = rtrim(dirname($_SERVER['SCRIPT_NAME']), '/\\'); $baseDir = rtrim(dirname($_SERVER['SCRIPT_NAME']), '/\\');
define('APP_URL', $protocol . $host . $baseDir); define('APP_URL', $protocol . $host . $baseDir);
#Please include http and do not use trailing slash after the url. For example use in this format- http://www.example.com Or http://www.example.com/finance
$_app_stage = 'Live'; # Do not change this $_app_stage = 'Live'; # Do not change this
$db_host = "localhost"; # Database Host
$db_port = ""; # Database Port. Keep it blank if you are un sure.
$db_user = "root"; # Database Username
$db_pass = ""; # Database Password
$db_name = "phpnuxbill"; # Database Name

6
init.php
View File

@ -71,6 +71,10 @@ if(!empty($db_password)){
// compability for old version // compability for old version
$db_pass = $db_password; $db_pass = $db_password;
} }
if(!empty($db_pass)){
// compability for old version
$db_password = $db_pass;
}
ORM::configure("mysql:host=$db_host;dbname=$db_name"); ORM::configure("mysql:host=$db_host;dbname=$db_name");
ORM::configure('username', $db_user); ORM::configure('username', $db_user);
ORM::configure('password', $db_pass); ORM::configure('password', $db_pass);
@ -329,7 +333,7 @@ function _alert($text, $type = 'success', $url = "home", $time = 3)
if (!isset($api_secret)) { if (!isset($api_secret)) {
$api_secret = $db_password; $api_secret = $db_pass;
} }
function displayMaintenanceMessage(): void function displayMaintenanceMessage(): void

10
install/step4.php
View File

@ -9,14 +9,14 @@
$appurl = $_POST['appurl']; $appurl = $_POST['appurl'];
$db_host = $_POST['dbhost']; $db_host = $_POST['dbhost'];
$db_user = $_POST['dbuser']; $db_user = $_POST['dbuser'];
$db_password = $_POST['dbpass']; $db_pass = $_POST['dbpass'];
$db_name = $_POST['dbname']; $db_name = $_POST['dbname'];
$cn = '0'; $cn = '0';
try { try {
$dbh = new pdo( $dbh = new pdo(
"mysql:host=$db_host;dbname=$db_name", "mysql:host=$db_host;dbname=$db_name",
"$db_user", "$db_user",
"$db_password", "$db_pass",
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION) array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION)
); );
$cn = '1'; $cn = '1';
@ -39,13 +39,13 @@ $_app_stage = "Live";
// Database PHPNuxBill // Database PHPNuxBill
$db_host = "' . $db_host . '"; $db_host = "' . $db_host . '";
$db_user = "' . $db_user . '"; $db_user = "' . $db_user . '";
$db_pass = "' . $db_password . '"; $db_pass = "' . $db_pass . '";
$db_name = "' . $db_name . '"; $db_name = "' . $db_name . '";
// Database Radius // Database Radius
$radius_host = "' . $db_host . '"; $radius_host = "' . $db_host . '";
$radius_user = "' . $db_user . '"; $radius_user = "' . $db_user . '";
$radius_pass = "' . $db_password . '"; $radius_pass = "' . $db_pass . '";
$radius_name = "' . $db_name . '"; $radius_name = "' . $db_name . '";
if($_app_stage!="Live"){ if($_app_stage!="Live"){
@ -70,7 +70,7 @@ $_app_stage = "Live";
// Database PHPNuxBill // Database PHPNuxBill
$db_host = "' . $db_host . '"; $db_host = "' . $db_host . '";
$db_user = "' . $db_user . '"; $db_user = "' . $db_user . '";
$db_pass = "' . $db_password . '"; $db_pass = "' . $db_pass . '";
$db_name = "' . $db_name . '"; $db_name = "' . $db_name . '";
if($_app_stage!="Live"){ if($_app_stage!="Live"){

2
install/update.php
View File

@ -26,7 +26,7 @@
try{ try{
$dbh = new pdo( "mysql:host=$db_host;dbname=$db_name", $dbh = new pdo( "mysql:host=$db_host;dbname=$db_name",
"$db_user", "$db_user",
"$db_password", "$db_pass",
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION)); array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
echo "CREATE TABLE `tbl_payment_gateway` ( echo "CREATE TABLE `tbl_payment_gateway` (

8
system/autoload/Admin.php
View File

@ -11,7 +11,7 @@ class Admin
public static function getID() public static function getID()
{ {
global $db_password, $config; global $db_pass, $config;
$enable_session_timeout = $config['enable_session_timeout']; $enable_session_timeout = $config['enable_session_timeout'];
$session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds $session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds
@ -27,7 +27,7 @@ class Admin
elseif (isset($_COOKIE['aid'])) { elseif (isset($_COOKIE['aid'])) {
// id.time.sha1 // id.time.sha1
$tmp = explode('.', $_COOKIE['aid']); $tmp = explode('.', $_COOKIE['aid']);
if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_password) == $tmp[2]) { if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_pass) == $tmp[2]) {
if (time() - $tmp[1] < 86400 * 7) { if (time() - $tmp[1] < 86400 * 7) {
$_SESSION['aid'] = $tmp[0]; $_SESSION['aid'] = $tmp[0];
if ($enable_session_timeout) { if ($enable_session_timeout) {
@ -43,12 +43,12 @@ class Admin
public static function setCookie($aid) public static function setCookie($aid)
{ {
global $db_password, $config; global $db_pass, $config;
$enable_session_timeout = $config['enable_session_timeout']; $enable_session_timeout = $config['enable_session_timeout'];
$session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds $session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds
if (isset($aid)) { if (isset($aid)) {
$time = time(); $time = time();
$token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_password); $token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_pass);
setcookie('aid', $token, time() + 86400 * 7); setcookie('aid', $token, time() + 86400 * 7);
$_SESSION['aid'] = $aid; $_SESSION['aid'] = $aid;
if ($enable_session_timeout) { if ($enable_session_timeout) {

8
system/autoload/User.php
View File

@ -10,13 +10,13 @@ class User
{ {
public static function getID() public static function getID()
{ {
global $db_password; global $db_pass;
if (isset($_SESSION['uid']) && !empty($_SESSION['uid'])) { if (isset($_SESSION['uid']) && !empty($_SESSION['uid'])) {
return $_SESSION['uid']; return $_SESSION['uid'];
} else if (isset($_COOKIE['uid'])) { } else if (isset($_COOKIE['uid'])) {
// id.time.sha1 // id.time.sha1
$tmp = explode('.', $_COOKIE['uid']); $tmp = explode('.', $_COOKIE['uid']);
if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_password) == $tmp[2]) { if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_pass) == $tmp[2]) {
if (time() - $tmp[1] < 86400 * 30) { if (time() - $tmp[1] < 86400 * 30) {
$_SESSION['uid'] = $tmp[0]; $_SESSION['uid'] = $tmp[0];
return $tmp[0]; return $tmp[0];
@ -159,10 +159,10 @@ class User
public static function setCookie($uid) public static function setCookie($uid)
{ {
global $db_password; global $db_pass;
if (isset($uid)) { if (isset($uid)) {
$time = time(); $time = time();
setcookie('uid', $uid . '.' . $time . '.' . sha1($uid . '.' . $time . '.' . $db_password), time() + 86400 * 30); setcookie('uid', $uid . '.' . $time . '.' . sha1($uid . '.' . $time . '.' . $db_pass), time() + 86400 * 30);
} }
} }

8
system/controllers/accounts.php
View File

@ -149,8 +149,8 @@ switch ($action) {
mkdir($otpPath); mkdir($otpPath);
touch($otpPath . 'index.html'); touch($otpPath . 'index.html');
} }
$otpFile = $otpPath . sha1($username . $db_password) . ".txt"; $otpFile = $otpPath . sha1($username . $db_pass) . ".txt";
$phoneFile = $otpPath . sha1($username . $db_password) . "_phone.txt"; $phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";
// expired 10 minutes // expired 10 minutes
if (file_exists($otpFile) && time() - filemtime($otpFile) < 1200) { if (file_exists($otpFile) && time() - filemtime($otpFile) < 1200) {
@ -189,8 +189,8 @@ switch ($action) {
} }
if (!empty($config['sms_url'])) { if (!empty($config['sms_url'])) {
$otpFile = $otpPath . sha1($username . $db_password) . ".txt"; $otpFile = $otpPath . sha1($username . $db_pass) . ".txt";
$phoneFile = $otpPath . sha1($username . $db_password) . "_phone.txt"; $phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";
// Check if OTP file exists // Check if OTP file exists
if (!file_exists($otpFile)) { if (!file_exists($otpFile)) {

4
system/controllers/register.php
View File

@ -46,7 +46,7 @@ switch ($do) {
} }
if (!empty($config['sms_url'])) { if (!empty($config['sms_url'])) {
$otpPath .= sha1($username . $db_password) . ".txt"; $otpPath .= sha1($username . $db_pass) . ".txt";
run_hook('validate_otp'); #HOOK run_hook('validate_otp'); #HOOK
//expired 10 minutes //expired 10 minutes
if (file_exists($otpPath) && time() - filemtime($otpPath) > 1200) { if (file_exists($otpPath) && time() - filemtime($otpPath) > 1200) {
@ -122,7 +122,7 @@ switch ($do) {
mkdir($otpPath); mkdir($otpPath);
touch($otpPath . 'index.html'); touch($otpPath . 'index.html');
} }
$otpPath .= sha1($username . $db_password) . ".txt"; $otpPath .= sha1($username . $db_pass) . ".txt";
//expired 10 minutes //expired 10 minutes
if (file_exists($otpPath) && time() - filemtime($otpPath) < 1200) { if (file_exists($otpPath) && time() - filemtime($otpPath) < 1200) {
$ui->assign('username', $username); $ui->assign('username', $username);

2
system/controllers/settings.php
View File

@ -701,7 +701,7 @@ switch ($action) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$dbc = new mysqli($db_host, $db_user, $db_password, $db_name); $dbc = new mysqli($db_host, $db_user, $db_pass, $db_name);
if ($result = $dbc->query('SHOW TABLE STATUS')) { if ($result = $dbc->query('SHOW TABLE STATUS')) {
$tables = array(); $tables = array();
while ($row = $result->fetch_array()) { while ($row = $result->fetch_array()) {

7
system/lan/english.json
View File

@ -673,5 +673,10 @@
"End_Date": "End Date", "End_Date": "End Date",
"New_Version_Notification": "New Version Notification", "New_Version_Notification": "New Version Notification",
"Enabled": "Enabled", "Enabled": "Enabled",
"This_is_to_notify_you_when_new_updates_is_available": "This is to notify you when new updates is available" "This_is_to_notify_you_when_new_updates_is_available": "This is to notify you when new updates is available",
"Enable_Session_Timeout": "Enable Session Timeout",
"Logout_Admin_if_not_Available_Online_a_period_of_time": "Logout Admin if not Available\/Online a period of time",
"Timeout_Duration": "Timeout Duration",
"Enter_the_session_timeout_duration__minutes_": "Enter the session timeout duration (minutes)",
"Idle_Timeout__Logout_Admin_if_Idle_for_xx_minutes": "Idle Timeout, Logout Admin if Idle for xx minutes"
} }

2
update.php
View File

@ -104,7 +104,7 @@ if (empty($step)) {
$db = new pdo( $db = new pdo(
"mysql:host=$db_host;dbname=$db_name", "mysql:host=$db_host;dbname=$db_name",
$db_user, $db_user,
$db_password, $db_pass,
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION) array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION)
); );