-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth
72 lines (62 loc) · 2.2 KB
/
auth
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<?php
/**
* Script to get list of files with !ignoreFiles option
*
* @version 2021.11.11
* @author Aiden Fox
* @link https://github.com/AidenF0X
* @license GNU/GPL http://www.gnu.org/licenses/gpl.html
* FOXXEY library file `authorize`
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
*/
if(!defined('FOXXEY')) {
die ('{"message": "Not in FOXXEY thread"}');
}
class authorize {
public static function generateLoginHash($length = 9){
if(function_exists('openssl_random_pseudo_bytes')) {
$stronghash = md5(openssl_random_pseudo_bytes(15));
} else {
$stronghash = md5(uniqid(mt_rand(),TRUE));
}
$salt = sha1(str_shuffle("abcdefghjkmnpqrstuvwxyz0123456789").$stronghash);
$hash = '';
for($i = 0; $i < $length; $i++) {
$hash .= $salt[mt_rand( 0, 39 )];
}
$hash = md5($hash);
return $hash;
}
public static function passVerify($input, $realPass) {
$status = false;
if(strlen($realPass) == 32 && ctype_xdigit($realPass)) {
if($realPass == md5(md5($input))) {
$status = true;
}
} else {
if(password_verify($input, $realPass)) {
$status = true;
}
}
return $status;
}
public static function passwordReHash($pass, $realPass, $realName){
global $config;
$db = new db($config['db_user'],$config['db_pass'],$config['db_database']);
if (password_needs_rehash($realPass, PASSWORD_DEFAULT)) {
session_regenerate_id();
$this->realPass = password_hash($this->pass, PASSWORD_DEFAULT);
$new_pass_hash = 'password='.$db->safesql($realPass).', ';
} else {
$new_pass_hash = '';
}
$hash = self::generateLoginHash();
$db->run("UPDATE LOW_PRIORITY dle_users SET ".$new_pass_hash." hash='".$hash."', lastdate='".CURRENT_TIME."' WHERE name='".$realName."'");
}
}