From: konrad Date: Fri, 7 Aug 2009 12:48:18 +0000 (+0000) Subject: new admin.php and better random.php X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=5824d1b112571c340feff0d383a2310de5cb2173;p=web%2Fkonrad%2Fsmoke.git new admin.php and better random.php git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@317 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33 --- diff --git a/www/admin.php b/www/admin.php index ae90962..5f53c01 100644 --- a/www/admin.php +++ b/www/admin.php @@ -18,6 +18,8 @@ function form($m="GET") }else print("
\n"); } + +include_once('./inc/classes/random.php'); ?>

Magic Smoke Admin Utility

@@ -104,21 +106,25 @@ if(isset($_POST["adminuser"])&&isset($_POST["adminpwd1"])&&isset($_POST["adminpw } //does user exist? $un=$_POST["adminuser"]; - $usr=$db->select("users","uname","uname=".$db->escapeString($un)); + $usr=$db->select("user","uname","uname=".$db->escapeString($un)); if(count($usr)>0){ print("Error: User already exists.

"); break; } //create user - $db->insert("users",array("uname"=>$un,"passwd"=>$_POST["adminpwd1"])); + $salt=getSalt(); + $pwd=$salt." ".sha1($salt.$_POST["adminpwd1"]); + $db->insert("user",array("uname"=>$un,"passwd"=>$pwd,"flags"=>"admin")); //make it admin $db->insert("userrole",array("uname"=>$un,"role"=>"_admin")); //allow it on all hosts - $db->insert("userhosts",array("uname"=>$un,"host"=>"_anon")); - $db->insert("userhosts",array("uname"=>$un,"host"=>"_any")); - $db->insert("userhosts",array("uname"=>$un,"host"=>"_online")); + $db->insert("userhost",array("uname"=>$un,"host"=>"_any")); } }while(0); + +if(isset($_GET["addanyhost"])){ + $db->insert("userhost",array("uname"=>$_GET["addanyhost"], "host"=>"_any")); +} ?> List of Admins: @@ -126,7 +132,11 @@ List of Admins: select("userrole","uname","role='_admin'"); for($i=0;$i".$admlst[$i][0].""); + print("

  • ".$admlst[$i][0]); + $hst=$db->select("userhost","uname","host='_any' AND uname=".$db->escapeString($admlst[$i][0])); + if(count($hst)<1) + print(" Add _any host."); + print("
    • \n"); } ?>

    @@ -139,6 +149,49 @@ for($i=0;$iRepeat Password: +

    + +

    Checking for Hosts

    + +escapeString(trim($host[1])); +// print_r($key); + $data=array("hostname" => trim($host[1]), "hostkey" => $key); + $res=$db->select("host","hostname","hostname=".$hname); + if(count($res)>0) + $db->update("host",$data,"hostname=".$hname); + else + $db->insert("host",$data); + unlink($_FILES["host"]["tmp_name"]); + print("Successfully updated ".$host[1].".

    \n"); +} +?> + +List of Hosts: +

    + +Import Host File:
    + +
    + \ No newline at end of file diff --git a/www/inc/classes/random.php b/www/inc/classes/random.php index 34eadab..b65a7d3 100644 --- a/www/inc/classes/random.php +++ b/www/inc/classes/random.php @@ -12,10 +12,23 @@ // // -//TODO: try to use /dev/random +//try to use /dev/*random +function randseedfile($fn,$sz) +{ + $fd=fopen($fn,"r"); + stream_set_blocking($fd,0); + global $RANDSEED; + $RANDSEED.=sha1(fread($fd,$sz)); + fclose($fd); +} //get current random seed -$RANDSEED=$db->getConfig("randseed"); +$RANDSEED="".microtime(); +$RANDCTR=0; +if($db->canUseDb())$RANDSEED.=$db->getConfig("randseed"); +if(file_exists("/dev/urandom"))randseedfile("/dev/urandom",64); +if(file_exists("/dev/random"))randseedfile("/dev/random",16); +if(isset($_SERVER["UNIQUE_ID"]))$RANDSEED.=$_SERVER["UNIQUE_ID"]; /**add some seed into the random function*/ function randseed($rand) @@ -30,15 +43,15 @@ function getRandom($bits) //number of digits... $bits/=4; //init - global $RANDSEED,$db; + global $RANDSEED,$db,$RANDCTR; $ret="";$ctr=0; //get string while(strlen($ret)<$bits){ - $ctr++; - $ret.=sha1($RANDSEED.microtime().$ctr); + $ret.=sha1($RANDSEED.microtime().$RANDCTR); + $RANDCTR++; } //rewrite seed to DB - $RANDSEED=sha1($RANDSEED.microtime().$ret); + $RANDSEED=sha1($RANDSEED.microtime().$ret.$RANDCTR);$RANDCTR=0; $db->setConfig("randseed",$RANDSEED); //return return substr($ret,0,$bits);