Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Index: db.class.php
- ===================================================================
- --- db.class.php (revision 20533)
- +++ db.class.php (working copy)
- @@ -64,12 +64,6 @@
- timestamp FLOAT
- )
- END;
- - $admin_table = <<<END
- -CREATE TABLE admins (
- - name TEXT PRIMARY KEY,
- - pass TEXT
- -)
- -END;
- $target_table = <<<END
- CREATE TABLE targets (
- shortname TEXT PRIMARY KEY,
- @@ -91,7 +85,6 @@
- $this->query($target_table);
- $this->query($checkwps_table);
- $this->query($theme_table);
- - $this->query($admin_table);
- $this->query($log_table);
- }
- }
- Index: adduser.sh
- ===================================================================
- --- adduser.sh (revision 20533)
- +++ adduser.sh (working copy)
- @@ -1,27 +0,0 @@
- -#!/bin/sh
- -if [ -z "$1" -o ! -f "$1" ]; then
- - printf "Usage: %s dbfile\n" `basename "$0"`
- - exit 1
- -elif [ ! -w "$1" ]; then
- - printf "Error: You need write permissions for %s\n" "$1" 1>&2
- - exit 2
- -else
- - dbfile=$1
- -fi
- -for util in md5sum sqlite; do
- - if [ ! -x "`which $util 2>/dev/null`" ]; then
- - echo "We need the $util utility"
- - exit 3
- - fi
- -done
- -
- -echo "Add a user to the admin table"
- -echo ""
- -
- -printf "Username: "
- -read user
- -printf "Password: "
- -read pass
- -md5pass=`printf "$pass"|md5sum|cut -c 1-32`
- -sql=`printf "INSERT INTO admins (name, pass) VALUES ('%s', '%s')" "$user" "$md5pass"`
- -sqlite "$dbfile" "$sql"
- Index: themesite.class.php
- ===================================================================
- --- themesite.class.php (revision 20533)
- +++ themesite.class.php (working copy)
- @@ -116,12 +116,25 @@
- }
- public function adminlogin($user, $pass) {
- - $sql = sprintf("SELECT COUNT(*) as count FROM admins WHERE name='%s' AND pass='%s'",
- - db::quote($user),
- - db::quote(md5($pass))
- + /* Don't use db.class.php for this, as that could be non-MySQL */
- + $r = mysql_connect(config::smf_server, config::smf_username, config::smf_password);
- + if($r === false)
- + return false;
- +
- + mysql_select_db(config::smf_db, $r);
- +
- + $sql = sprintf("SELECT realName FROM %smembers WHERE memberName = '%s' AND passwd = '%s' AND ID_GROUP IN (%s)",
- + config::smf_db_prefix,
- + mysql_escape_string($user),
- + sha1(strtolower($user . $pass)), /* Found in ./Sources/LogInOut.php in SMF 1.1.4 */
- + config::smf_groupids
- );
- - $result = $this->db->query($sql)->next();
- - return $result['count'] == 1 ? true : false;
- +
- + $q = mysql_query($sql, $r);
- + $result = mysql_num_rows($q);
- + mysql_close($r);
- +
- + return $result == 1 ? true : false;
- }
- public function target2fullname($shortname) {
- Index: config.inc.php
- ===================================================================
- --- config.inc.php (revision 20533)
- +++ config.inc.php (working copy)
- @@ -51,6 +51,15 @@
- // Location of 'unzip'
- const unzip = "/usr/bin/unzip";
- +
- + // The data for the SMF MySQL database containing the users allowed to login
- + // smf_groupids contains the SMF groups that are allow to log in (comma-separated)
- + const smf_db_prefix = "";
- + const smf_server = "localhost";
- + const smf_username = "";
- + const smf_password = "";
- + const smf_db = "";
- + const smf_groupids = "0,1";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement