Source Code Index
<?php
 
function setup() {
 
	userlogout();				// this deletes cookie
						//  not needed except for me
	$html = html();
	$config = config();
 
	$arg = '';				// for templates
	$status = '';
	$formtitle = "";
	$url = basename($_SERVER['PHP_SELF']);
 
	$file = 'dat/defines.php';
	$message = 'defines';			// htm/admin/messages.php
 
	if (!isset($_POST['salt1'])) {
		$_POST['salt1'] = $_POST['salt2'] = '';
		$_POST['salt3'] = randomstring(16);
		if (!config('configuresalts')) {
			$_POST['salt1'] = '$5$'.randomstring(16);
			$_POST['salt2'] = '$5$'.randomstring(16);
		}
	}
 
	$post = 'ad_name,ad_pass,db_user,db_pass,db_name,salt1,salt2,salt3,button';
	eval(POST_);
 
	eval(shit_file('htm/admin/open.html'));
 
	$f = is_writeable($file);
	if (!$f) {
		echo "The file '$file' does not have the proper permissions ".
		"so your settings cannot be saved. (A PHP script cannot ".
		"change the file's permissions.)<br><br>";
	}
 
	if ($button == 'write' || $button == 'test') {
		$e = '';
 
		// test mysql
 
		if (!function_exists('mysqli_connect') || config('mysql')) {
			$t = @mysql_connect('localhost',$db_user,$db_pass);
			$mysqlerror = 'mysql_error';
		}
		else {
			$t = @mysqli_connect('localhost',$db_user,$db_pass,$db_name);
			$mysqlerror = 'mysqli_connect_error';
		}
 
		// test login name characters
 
		preg_match('/([a-zA-Z0-9_]+)/',$ad_name,$res);
		if (isset($res[1]) && $ad_name != $res[1])
			$e = "Improper Login ID.";
 
		// check empty fields
 
		if (!$ad_name||!$ad_pass||!$db_user||!$db_pass||!$db_name)
			$e = "No field can be empty.";
 
		if (config('configuresalts') && (!$salt1 || !$salt2))
			$e = "No field can be empty.";
 
		// check password
 
		$p = _chkpassword($ad_pass);
		if ($p)
			$e = $p;
 
		// see if anything is wrne
 
		if (!$e && isset($t) && !$t)
			$e = "myslq: ".$mysqlerror().".";
		if ($e)
			$status = $e;
		if (!$e && $button == 'test')
			$status = "Data is valid.";
 
		// if okay write file
 
		if (!$e && $button == 'write' && $f) {
			if (!_savesetup($file))
				$status = "Error saving file!";
			else
				$message = 'goodtogo';
		}
	}
 
	eval(shit_show(_message($message)));
	eval(shit_file('htm/admin/close.html'));
}
 
/* save data to file */
 
function _savesetup($file) {
 
	$post = 'ad_name,ad_pass,db_user,db_pass,db_name,salt1,salt2,salt3';
	eval(POST_);
 
	if (!$ad_name||!$ad_pass||!$db_user||!$db_pass||!$db_name)
		return FALSE; // should not happen but can if making changes
 
	$fd = @fopen($file,'w');
	if (!$fd)
		return FALSE;
 
	$ad_pass = crypt($ad_pass,$salt1);
 
	fwrite($fd,"<?php\n// this file gets written by the admin code\n\n");
	foreach (explode(",",$post) as $_)
		fwrite($fd,"define('".strtoupper($_)."','".$$_."');\n");
	fclose($fd);
 
	return TRUE;
}
 
/* password creation */
 
function password() {
 
	$url = basename($_SERVER['PHP_SELF']);
	$status = "";
	$html = html();
	$config = config();
	$arg = getvar('arg');
	$formtitle = "";
	$p = isset($_POST['password']) ? $_POST['password'] : "";
	$button = isset($_POST['button']) ? $_POST['button'] : "";
 
	eval(shit_file('htm/admin/open.html'));
 
	$message = 'password';
 
	if ($button == "generate") {
 
		$e = _chkpassword($p);
		if ($e)
			$status = $e;
		else {
			$PASS = thiscrypt($p);
			$message = 'yerpassword';
			$status = '';
		}
	}
 
	eval(shit_show(_message($message)));
	eval(shit_file('htm/admin/close.html'));
 
// NOTE yes, yes, we know we are using a 'text' input, and yes, we are 
// displaying the password -- but, you're not doing this while 
// in a public place, are you?
}
 
 
function _chkpassword($p) {
 
	$e = '';
	if (trim($p) != $p)
		$e = 'Password cannot have leading/trailing spaces.';
		// input type=password removes them
	elseif ($p == "")
		$e = 'Password cannot be empty.';
/* do we really need these? 
	elseif (strlen($p) < 4)
		$e = 'Password must be greater than 4 characters.';
	elseif (strlen($p) > 64)
		$e = 'Password must be shorter than 65 characters.';
*/
	return $e;
 
// NOTE obviously, can check for password strength as well, but we have a 
// dislike for forcing people to do that, especially when testing! You are 
// testing this code, aren't you? we don't even like the length checks
}
 
 
THIS source compiler