nestict/mitrobill
1
0
Fork 0
forked from kevinowino869/mitrobill
Code Pull Requests Activity

change $db_password to $db_pass

Browse Source
This commit is contained in:
Ibnu Maksum
2024-07-29 09:06:27 +07:00
parent 3b9c5d16f8
commit fa154b007f
11 changed files with 41 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
system/autoload/Admin.php
View File

@ -11,7 +11,7 @@ class Admin
public static function getID()
{
global $db_password, $config;
global $db_pass, $config;
$enable_session_timeout = $config['enable_session_timeout'];
$session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds
@ -27,7 +27,7 @@ class Admin
elseif (isset($_COOKIE['aid'])) {
// id.time.sha1
$tmp = explode('.', $_COOKIE['aid']);
if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_password) == $tmp[2]) {
if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_pass) == $tmp[2]) {
if (time() - $tmp[1] < 86400 * 7) {
$_SESSION['aid'] = $tmp[0];
if ($enable_session_timeout) {
@ -43,12 +43,12 @@ class Admin
public static function setCookie($aid)
{
global $db_password, $config;
global $db_pass, $config;
$enable_session_timeout = $config['enable_session_timeout'];
$session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds
if (isset($aid)) {
$time = time();
$token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_password);
$token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_pass);
setcookie('aid', $token, time() + 86400 * 7);
$_SESSION['aid'] = $aid;
if ($enable_session_timeout) {

8
system/autoload/User.php
View File

@ -10,13 +10,13 @@ class User
{
public static function getID()
{
global $db_password;
global $db_pass;
if (isset($_SESSION['uid']) && !empty($_SESSION['uid'])) {
return $_SESSION['uid'];
} else if (isset($_COOKIE['uid'])) {
// id.time.sha1
$tmp = explode('.', $_COOKIE['uid']);
if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_password) == $tmp[2]) {
if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_pass) == $tmp[2]) {
if (time() - $tmp[1] < 86400 * 30) {
$_SESSION['uid'] = $tmp[0];
return $tmp[0];
@ -159,10 +159,10 @@ class User
public static function setCookie($uid)
{
global $db_password;
global $db_pass;
if (isset($uid)) {
$time = time();
setcookie('uid', $uid . '.' . $time . '.' . sha1($uid . '.' . $time . '.' . $db_password), time() + 86400 * 30);
setcookie('uid', $uid . '.' . $time . '.' . sha1($uid . '.' . $time . '.' . $db_pass), time() + 86400 * 30);
}
}

8
system/controllers/accounts.php
View File

@ -149,8 +149,8 @@ switch ($action) {
mkdir($otpPath);
touch($otpPath . 'index.html');
}
$otpFile = $otpPath . sha1($username . $db_password) . ".txt";
$phoneFile = $otpPath . sha1($username . $db_password) . "_phone.txt";
$otpFile = $otpPath . sha1($username . $db_pass) . ".txt";
$phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";
// expired 10 minutes
if (file_exists($otpFile) && time() - filemtime($otpFile) < 1200) {
@ -189,8 +189,8 @@ switch ($action) {
}
if (!empty($config['sms_url'])) {
$otpFile = $otpPath . sha1($username . $db_password) . ".txt";
$phoneFile = $otpPath . sha1($username . $db_password) . "_phone.txt";
$otpFile = $otpPath . sha1($username . $db_pass) . ".txt";
$phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";
// Check if OTP file exists
if (!file_exists($otpFile)) {

4
system/controllers/register.php
View File

@ -46,7 +46,7 @@ switch ($do) {
}
if (!empty($config['sms_url'])) {
$otpPath .= sha1($username . $db_password) . ".txt";
$otpPath .= sha1($username . $db_pass) . ".txt";
run_hook('validate_otp'); #HOOK
//expired 10 minutes
if (file_exists($otpPath) && time() - filemtime($otpPath) > 1200) {
@ -122,7 +122,7 @@ switch ($do) {
mkdir($otpPath);
touch($otpPath . 'index.html');
}
$otpPath .= sha1($username . $db_password) . ".txt";
$otpPath .= sha1($username . $db_pass) . ".txt";
//expired 10 minutes
if (file_exists($otpPath) && time() - filemtime($otpPath) < 1200) {
$ui->assign('username', $username);

2
system/controllers/settings.php
View File

@ -701,7 +701,7 @@ switch ($action) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
$dbc = new mysqli($db_host, $db_user, $db_password, $db_name);
$dbc = new mysqli($db_host, $db_user, $db_pass, $db_name);
if ($result = $dbc->query('SHOW TABLE STATUS')) {
$tables = array();
while ($row = $result->fetch_array()) {

7
system/lan/english.json
View File

@ -673,5 +673,10 @@
"End_Date": "End Date",
"New_Version_Notification": "New Version Notification",
"Enabled": "Enabled",
"This_is_to_notify_you_when_new_updates_is_available": "This is to notify you when new updates is available"
"This_is_to_notify_you_when_new_updates_is_available": "This is to notify you when new updates is available",
"Enable_Session_Timeout": "Enable Session Timeout",
"Logout_Admin_if_not_Available_Online_a_period_of_time": "Logout Admin if not Available\/Online a period of time",
"Timeout_Duration": "Timeout Duration",
"Enter_the_session_timeout_duration__minutes_": "Enter the session timeout duration (minutes)",
"Idle_Timeout__Logout_Admin_if_Idle_for_xx_minutes": "Idle Timeout, Logout Admin if Idle for xx minutes"
}