-
+
diff --git a/admin/user.php b/admin/user.php
index 1e87ebe..da2a7c0 100644
--- a/admin/user.php
+++ b/admin/user.php
@@ -27,7 +27,7 @@ if (isset($_POST['permission']))
}
-if ($_GET['what']=='toggle')
+if (isset($_GET['what']) && $_GET['what']=='toggle')
{
$displayed_user->toggle();
}
diff --git a/classes/token.php b/classes/token.php
index fdf6b82..d334223 100644
--- a/classes/token.php
+++ b/classes/token.php
@@ -8,7 +8,7 @@ class Token
{
global $mysqli;
$salt = uniqid(mt_rand(), true);
- $token = hash('sha256', $seed.$salt);
+ $token = hash('sha256', $id.$salt);
$stmt = $mysqli->prepare("INSERT INTO tokens VALUES(?, ?, ?, ?)");
$stmt->bind_param("siis", $token, $id, $expire, $data);
$stmt->execute();
diff --git a/classes/user.php b/classes/user.php
index c57598b..0193615 100644
--- a/classes/user.php
+++ b/classes/user.php
@@ -41,6 +41,11 @@ class User
return $this->username;
}
+ public function is_active()
+ {
+ return $this->active;
+ }
+
public function get_rank()
{
return $this->rank;
@@ -180,11 +185,9 @@ class User
if (isset($_POST['remember'])&&$_POST['remember'])
{
$year = strtotime('+356 days', time());
- $salt = uniqid(mt_rand(), true);
- $token = hash('sha256', $id.$salt);
+ $token = Token::new($id, 'remember', $year);
setcookie('token', $token, $year, "/");
setcookie('user', $id, $year, "/");
- Token::new($id, 'remember', $year);
}
$_SESSION['user'] = $id;
header("Location: /admin");
@@ -205,13 +208,11 @@ class User
$time = time();
if (Token::validate_token($token, $id, "remember"))
{
- $year = strtotime('+356 days', $timestamp);
+ $year = strtotime('+356 days', time());
unset($_COOKIE['token']);
$_SESSION['user'] = $id;
- $salt = uniqid(mt_rand(), true);
- $token = hash('sha256', $id.$salt);
+ $token = Token::new($id, 'remember', $year);
setcookie('token', $token, $year);
- Token::new($id, 'remember', $year);
}
else
{
diff --git a/header.php b/header.php
index b70a3fc..2889637 100644
--- a/header.php
+++ b/header.php
@@ -66,8 +66,8 @@ else{
diff --git a/locale.php b/locale.php
index cd641ca..114b3aa 100644
--- a/locale.php
+++ b/locale.php
@@ -5,6 +5,17 @@ function mb_ucfirst($string)
return mb_strtoupper(mb_substr($string, 0, 1)).mb_strtolower(mb_substr($string, 1));
}
+
+$accepted_langs = glob(__DIR__ . '/locale/*' , GLOB_ONLYDIR);
+$lang_names = array();
+foreach ($accepted_langs as $key => $value) {
+ $accepted_langs[$key] = basename($value);
+}
+
+foreach ($accepted_langs as $lang) {
+ $lang_names[$lang] = mb_ucfirst(locale_get_display_language($lang, $lang));
+}
+
if (!isset($_SESSION['locale'])||isset($_GET['lang']))
{
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
@@ -29,11 +40,6 @@ if (!isset($_SESSION['locale'])||isset($_GET['lang']))
$langs = array_flip($langs);
- $accepted_langs = glob(__DIR__ . '/locale/*' , GLOB_ONLYDIR);
- $lang_names = array();
- foreach ($accepted_langs as $key => $value) {
- $accepted_langs[$key] = basename($value);
- }
$best_match = false;
@@ -56,10 +62,6 @@ if (!isset($_SESSION['locale'])||isset($_GET['lang']))
}
}
- foreach ($accepted_langs as $lang) {
- $lang_names[$lang] = mb_ucfirst(locale_get_display_language($lang, $lang));
- }
-
if ($best_match === false){
$best_match = DEFAULT_LANGUAGE;
}