File: //var/softaculous/ossn/_edit.php
<?php
//////////////////////////////////////////////////////////////
//===========================================================
// edit.php(For individual softwares)
//===========================================================
// SOFTACULOUS
// Version : 1.0
// Inspired by the DESIRE to be the BEST OF ALL
// ----------------------------------------------------------
// Started by: Alons
// Date: 10th Jan 2009
// Time: 21:00 hrs
// Site: http://www.softaculous.com/ (SOFTACULOUS)
// ----------------------------------------------------------
// Please Read the Terms of use at http://www.softaculous.com
// ----------------------------------------------------------
//===========================================================
// (c)Softaculous Inc.
//===========================================================
//////////////////////////////////////////////////////////////
if(!defined('SOFTACULOUS')){
die('Hacking Attempt');
}
/////////////////////////////////////////
// All functions in this PAGE must begin
// with TWO UNDERSCORE '__' to avoid
// clashes with SOFTACULOUS Functions
// e.g. __funcname()
/////////////////////////////////////////
//////////////////////////////////////////
// Note : The path of the upgrade package
// is $software['path'].'/' . So to
// access other files use
// $software['path'].'/other_file.ext'
//////////////////////////////////////////
//The Edit process
function __edit($installation){
global $__settings, $globals, $setupcontinue, $software, $error;
$__settings['admin_username'] = optPOST('admin_username');
$__settings['admin_pass'] = optPOST('admin_pass');
// Do we need to reset the password ?
if(!empty($__settings['admin_pass'])){
// We need the username
if(empty($__settings['admin_username'])){
$error[] = '{{err_no_username}}';
return false;
}
//Calling __ad_pass() function to validate password length
sp_include_once($software['path'].'/install.php');
$__settings['admin_pass'] = __ad_pass($__settings['admin_pass']);
// This is to get dbprefix from import.php
sp_include_once($software['path'].'/import.php');
$r = call_user_func('__import_'.$software['softname'], $installation['softpath']);
$__settings['softdbhost'] = $r['softdbhost'];
$__settings['softdbuser'] = $r['softdbuser'];
$__settings['softdbpass'] = $r['softdbpass'];
$__settings['softdb'] = $r['softdb'];
if(!empty($error)){
return false;
}
$query = "SELECT `guid`, `salt` FROM `ossn_users` WHERE `username` = '".$__settings['admin_username']."';";
// Does this user exist ?
$result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
$userid = $result[0]['guid'];
if(empty($userid)){
$error[] = '{{err_no_such_user}}';
return false;
}else{
//Fetching value of salt from the database
$__settings['salt'] = $result[0]['salt'];
if(empty($__settings['salt'])){
$__settings['salt'] = substr(uniqid(), 5);
$update_query_salt = "UPDATE `ossn_users` SET `salt` = '".$__settings['salt']."' WHERE `guid` = '".$userid."';";
}
//The password is generated using md5() function (Since this is a curl call we define password method)
$__settings['admin_pass'] = md5($__settings['admin_pass'] . $__settings['salt']);
if(!empty($error)){
return false;
}
// Update the password now
if(!empty($update_query_salt)){
$result = sdb_query($update_query_salt, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
}
$update_query = "UPDATE `ossn_users` SET `password` = '".$__settings['admin_pass']."' WHERE `guid` = '".$userid."';";
$result = sdb_query($update_query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
}
}
}
?>