diff --git a/Rocksolid_Light/rocksolid/files.php b/Rocksolid_Light/rocksolid/files.php index e67645d..3b438f3 100644 --- a/Rocksolid_Light/rocksolid/files.php +++ b/Rocksolid_Light/rocksolid/files.php @@ -2,14 +2,13 @@ include "config.inc.php"; include "newsportal.php"; -include $config_dir.'/admin.inc.php'; if(isset($_COOKIE['tzo'])) { $offset=$_COOKIE['tzo']; } else { $offset=$CONFIG['timezone']; } - if($_REQUEST['command'] == 'Show' && $_REQUEST['key'] == hash('md5', $admin['key'])) { + if($_REQUEST['command'] == 'Show' && password_verify($CONFIG['thissitekey'], $_REQUEST['key'])) { $getfilename = $spooldir.'/upload/'.$_REQUEST['showfile']; $getfh = fopen($getfilename, "rb"); $getfile = fread($getfh, filesize($getfilename)); @@ -41,7 +40,7 @@ include "head.inc"; echo "Select a user directory to browse"; echo '
'; echo ''; - echo ''; + echo ''; echo ''; echo ''; - echo ''; + echo ''; echo ''; echo ''; echo '
'; echo ''; -// echo ''.$file.''; echo ''.$mime.''; echo ''.$newdate.''; echo ''; diff --git a/Rocksolid_Light/rocksolid/search.php b/Rocksolid_Light/rocksolid/search.php index fb9a37f..dee43f8 100644 --- a/Rocksolid_Light/rocksolid/search.php +++ b/Rocksolid_Light/rocksolid/search.php @@ -4,11 +4,10 @@ session_start(); include "config.inc.php"; include "newsportal.php"; -include $config_dir.'/admin.inc.php'; $snippet_size = 100; -if(!isset($_POST['key']) || $_POST['key'] !== hash('md5', $admin['key'])) { +if(!isset($_POST['key']) || !password_verify($CONFIG['thissitekey'], $_POST['key'])) { include "head.inc"; echo '

'; @@ -66,7 +65,7 @@ if ($_GET['searchpoint'] == 'Poster') { if(isset($_GET['group'])) { echo ''; } - echo ''; + echo ''; ?> diff --git a/Rocksolid_Light/rocksolid/upload.php b/Rocksolid_Light/rocksolid/upload.php index a613024..7faba6d 100644 --- a/Rocksolid_Light/rocksolid/upload.php +++ b/Rocksolid_Light/rocksolid/upload.php @@ -1,7 +1,6 @@ '; echo '
'; -echo 'Please Login to Upload
(max size=1MB)
'; +echo 'Please Login to Upload
(max size=2MB)
'; echo 'Username:'; echo 'Password:'; echo ''; -echo ''; +echo ''; echo ' '; echo ' ';