lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-22 02:47:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

self enable

Browse Source
This commit is contained in:
xiaomlove
2026-03-29 21:42:43 +07:00
parent af66ec806d
commit db4982f8f7
19 changed files with 165 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/functions.php
+8 -3
View File
@@ -2072,7 +2072,6 @@ function userlogin() {
if (empty($row)) {
return $loginResult = false;
}
if (!$row["passkey"]){
$passkey = md5($row['username'].date("Y-m-d H:i:s").$row['passhash']);
sql_query("UPDATE users SET passkey = ".sqlesc($passkey)." WHERE id=" . sqlesc($row["id"]));
@@ -2093,6 +2092,9 @@ function userlogin() {
// error_reporting(E_ALL & ~E_NOTICE);
// error_reporting(-1);
// }
if ($row['enabled'] !== 'yes') {
}
return $loginResult = true;
}
@@ -3168,8 +3170,9 @@ function base64 ($string, $encode=true) {
function loggedinorreturn($mainpage = false) {
global $CURUSER,$BASEURL;
$script = nexus()->getScript();
if (!$CURUSER) {
if (nexus()->getScript() == 'ajax') {
if ($script == 'ajax') {
exit(fail('Not login!', $_POST));
}
if ($mainpage) {
@@ -3181,7 +3184,9 @@ function loggedinorreturn($mainpage = false) {
}
exit();
}
// do_log("[USER]: " . $CURUSER['id']);
if ($CURUSER['enabled'] != 'yes' && $script != 'self-enable') {
nexus_redirect('self-enable.php');
}
}
function deletetorrent($id, $notify = false) {
include/globalfunctions.php
+13 -2
View File
@@ -1505,8 +1505,15 @@ function get_user_from_cookie(array $cookie, $isArray = true): array|\App\Models
$tokenJson = $result['token_json'];
$signature = $result['signature'];
$log .= ", uid = $id";
$isAjax = nexus()->isAjax();
//only in nexus web can self-enable
$shouldIgnoreEnabled = IN_NEXUS && !$isAjax;
if ($isArray) {
$res = sql_query("SELECT * FROM users WHERE users.id = ".sqlesc($id)." AND users.enabled='yes' AND users.status = 'confirmed' LIMIT 1");
$whereStr = sprintf("id = %d and status = 'confirmed'", $id);
if (!$shouldIgnoreEnabled) {
$whereStr .= " and enabled = 'yes'";
}
$res = sql_query("SELECT * FROM users WHERE $whereStr LIMIT 1");
$row = mysql_fetch_array($res);
if (!$row) {
do_log("$log, user not exists");
@@ -1520,7 +1527,11 @@ function get_user_from_cookie(array $cookie, $isArray = true): array|\App\Models
do_log("$log, user not exists");
return null;
}
$row->checkIsNormal();
$checkFields = ['status'];
if (!$shouldIgnoreEnabled) {
$checkFields[] = 'enabled';
}
$row->checkIsNormal($checkFields);
$authKey = $row->auth_key;
}
$expectedSignature = hash_hmac('sha256', $tokenJson, $authKey);