'; } else { echo ''; } ?> '; $thisusername = $username; $username = strtolower($username); $userFilename = $workpath.$username; $keyFilename = $keypath.$username; # Check all input if (empty($_POST['username'])) { echo "Please enter a Username\r\n"; echo '
Back'; exit(2); } if (!check_bbs_auth($username, $current)) { echo "Failed to authenticate\r\n"; echo '
Back'; exit(2); } if ($_POST['password'] !== $_POST['password2']) { echo "Your passwords entered do not match\r\n"; echo '
Back'; exit(2); } $ok=true; # User is authenticated or to be created. Either way, create the file if ($ok || ($command == "Change") ) { if ($userFileHandle = @fopen($userFilename, 'w+')) { fwrite($userFileHandle, password_hash($password, PASSWORD_DEFAULT)); fclose($userFileHandle); chmod($userFilename, 0666); } echo "User:".$thisusername." Password changed\r\n"; echo '
Back'; exit(0); } else { echo "Authentication Failed\r\n"; exit(1); } function make_key($username) { $key = openssl_random_pseudo_bytes(44); return base64_encode($key); } function check_bbs_auth($username, $password) { global $config_dir; $workpath = $config_dir."users/"; $username = strtolower($username); $userFilename = $workpath.$username; if ($userFileHandle = @fopen($userFilename, 'r')) { $userFileInfo = fread($userFileHandle, filesize($userFilename)); fclose($userFileHandle); if (password_verify ( $password , $userFileInfo)) { touch($userFilename); $ok = TRUE; } else { $ok = FALSE; } } else { $ok = FALSE; } if ($ok) { return TRUE; } else { return FALSE; } } ?>