API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 5th, 2017
273
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.01 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3. UserSpice 4
  4. An Open Source PHP User Management System
  5. by the UserSpice Team at http://UserSpice.com
  6.  
  7. This program is free software: you can redistribute it and/or modify
  8. it under the terms of the GNU General Public License as published by
  9. the Free Software Foundation, either version 3 of the License, or
  10. (at your option) any later version.
  11.  
  12. This program is distributed in the hope that it will be useful,
  13. but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15. GNU General Public License for more details.
  16.  
  17. You should have received a copy of the GNU General Public License
  18. along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19. */
  20. ?>
  21. <?php require_once '../users/init.php'; ?>
  22. <?php require_once $abs_us_root.$us_url_root.'users/includes/header.php'; ?>
  23. <?php require_once $abs_us_root.$us_url_root.'users/includes/navigation.php'; ?>
  24.  
  25. <?php if (!securePage($_SERVER['PHP_SELF'])){die();} ?>
  26. <?php
  27. $lang = array_merge($lang,array(
  28.     "ADMIN_VERIFY_NOREF"        => "There is no referrer, you cannot verify yourself. Please return to the Dashboard.",
  29.     "INCORRECT_ADMINPW"         => "Incorrect password. Administrator Verification Failed!"
  30.     ));
  31. //PHP Goes Here!
  32. $errors = $successes = [];
  33. $form_valid=TRUE;
  34. $current=date("Y-m-d H:i:s");
  35. $actual_link = Input::get('actual_link');
  36. $page = Input::get('page');
  37. if (empty($actual_link) || empty($page)) {
  38.     $actual_link = '';
  39.     $page = '';
  40.     $errors[] = lang("ADMIN_VERIFY_NOREF");
  41. }
  42. //Verify Admin Redirect
  43. $findUserQ = $db->query("SELECT last_confirm FROM users WHERE id = ?",array($user->data()->id));
  44.   $findUser = $findUserQ->first();
  45.   //get the current time
  46.     $current=date("Y-m-d H:i:s");
  47.  
  48.   //convert the string time to a time format php can use
  49.     $ctFormatted = date("Y-m-d H:i:s", strtotime($current));
  50.  
  51.   //convert the db time to a time format php can use
  52.     $dbTime = strtotime($findUser->last_confirm);
  53.  
  54.   //take the db time and add 2 hours to it.
  55.     $dbPlus = date("Y-m-d H:i:s", strtotime('+2 hours', $dbTime));
  56.  
  57.   //See what you've got, uncomment this
  58.         // echo $ctFormatted;
  59.         // echo '<br>';
  60.         // echo $dbPlus;
  61.         // echo '<br>';
  62.  
  63.  
  64.   if (strtotime($ctFormatted) < strtotime($dbPlus)){
  65.     Redirect::to($actual_link);
  66.   }
  67. //Forms posted
  68. if (!empty($_POST)) {
  69.   //Manually Add User
  70.   if(!empty($_POST['verifyAdmin'])) {
  71.     $password=Input::get('password');
  72.     if (password_verify($password,$user->data()->password)) {
  73.     $fields = array(
  74.     'last_confirm' => $current,
  75.     );
  76.     $db->update('users',$user->data()->id,$fields);
  77.         if(!empty($actual_link)){
  78.             Redirect::to($actual_link);
  79.         }
  80.     } else {
  81.     $errors[] = lang("INCORRECT_ADMINPW");
  82.     }
  83.   }
  84. }
  85.  
  86. ?>
  87. <div id="page-wrapper">
  88.  
  89.   <div class="container">
  90.  
  91.     <!-- Page Heading -->
  92.     <div class="row">
  93. <?=resultBlock($errors,$successes);?>
  94. <? if ($actual_link !='') { ?>
  95.         <div class="col-xs-12 col-md-6">
  96.         <h1>Password Verification</h1>
  97.       </div>
  98.  
  99.      </div>
  100.     <div class="row">
  101.     <form class="verify-admin" action="adminverify.php?actual_link=<?=$actual_link?>&page=<?=$page?>" method="POST" id="payment-form">
  102.     <div class="col-md-5">
  103.     <input class="form-control" type="hidden" id="disabledInput" value="<? echo "$actual_link";?>" />
  104.     <input class="form-control" type="password" name="password" id="password" placeholder="Please enter your password..." required autofocus><br />
  105.     <input type="hidden" value="<?=Token::generate();?>" name="csrf">
  106.     <input class='btn btn-primary' type='submit' name='verifyAdmin' value='Verify' /><? } ?>
  107.     </div>
  108.      </div>
  109.    </form><br />
  110.    </div>
  111.    </div>
  112.  
  113.  
  114.   </div>
  115. </div>
  116.  
  117.  
  118.     <!-- End of main content section -->
  119.  
  120. <?php require_once $abs_us_root.$us_url_root.'users/includes/page_footer.php'; // the final html footer copyright row + the external js calls ?>
  121.  
  122.     <!-- Place any per-page javascript here -->
  123.  
  124. <?php require_once $abs_us_root.$us_url_root.'users/includes/html_footer.php'; // currently just the closing /body and /html ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!