Current File : //proc/self/root/var/softaculous/lychee/_edit.php |
<?php
//////////////////////////////////////////////////////////////
//===========================================================
// edit.php(For individual softwares)
//===========================================================
// SOFTACULOUS
// Version : 1.0
// Inspired by the DESIRE to be the BEST OF ALL
// ----------------------------------------------------------
// Started by: Alons
// Date: 10th Jan 2009
// Time: 21:00 hrs
// Site: http://www.softaculous.com/ (SOFTACULOUS)
// ----------------------------------------------------------
// Please Read the Terms of use at http://www.softaculous.com
// ----------------------------------------------------------
//===========================================================
// (c)Softaculous Inc.
//===========================================================
//////////////////////////////////////////////////////////////
if(!defined('SOFTACULOUS')){
die('Hacking Attempt');
}
/////////////////////////////////////////
// All functions in this PAGE must begin
// with TWO UNDERSCORE '__' to avoid
// clashes with SOFTACULOUS Functions
// e.g. __funcname()
/////////////////////////////////////////
//////////////////////////////////////////
// Note : The path of the upgrade package
// is $software['path'].'/' . So to
// access other files use
// $software['path'].'/other_file.ext'
//////////////////////////////////////////
//The Edit process
function __edit($installation){
global $__settings, $globals, $setupcontinue, $software, $error;
$__settings = $installation;
$__settings['admin_username'] = optPOST('admin_username');
$__settings['admin_pass'] = optPOST('admin_pass');
// Do we need to reset the password ?
if(!empty($__settings['admin_pass'])){
// We need the username
if(empty($__settings['admin_username'])){
$error[] = '{{err_no_username}}';
return false;
}
// This is to get dbprefix from import.php
sp_include_once($software['path'].'/import.php');
$r = call_user_func('__import_'.$software['softname'], $__settings['softpath']);
$__settings['dbprefix'] = $r['dbprefix'];
$__settings['softdbhost'] = $r['softdbhost'];
$__settings['softdbuser'] = $r['softdbuser'];
$__settings['softdbpass'] = $r['softdbpass'];
$__settings['softdb'] = $r['softdb'];
if(!empty($error)){
return false;
}
//This is to retrieve hashed value of admin username from the database
$query = "SELECT `value` FROM `".$__settings['dbprefix']."_lychee_settings` WHERE `key` = 'username';";
$result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
$__settings['admin_username_db'] = $result[0]['value'];
//Creating crypted admin username hash
$__settings['admin_username_crypt'] = crypt($__settings['admin_username'], $__settings['admin_username_db']);
//Verifying admin username db hash with the crypted hash
if(!($__settings['admin_username_db'] === $__settings['admin_username_crypt'])){
$error[] = '{{err_no_such_user}}';
return false;
}else{
// This is to obtain password method from install.php
sp_include_once($software['path'].'/install.php');
//We have commented the $user variable as it reassigns hash value for $__settings['admin_username']
if(sversion_compare(phpversion(), '5.3', '<')){
sconfigure('update_pass.php');
$data = swget($__settings['softurl'].'/update_pass.php');
$data = explode('__softaculous__', $data);
//$user = $data['0'];
$pass = $data['1'];
sunlink($__settings['softpath'].'/update_pass.php');
}else{
//$user = __getHashedString($__settings['admin_username']);
$pass = __getHashedString($__settings['admin_pass']);
}
$__settings['admin_pass'] = $pass;
//$__settings['admin_username'] = $user;
if(!empty($error)){
return false;
}
// Update the password now
$update_query = "UPDATE `".$__settings['dbprefix']."_lychee_settings` SET `value` = '".$__settings['admin_pass']."' WHERE `key` = 'password';";
$result = sdb_query($update_query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
}
}
}
?>