KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache
System : Linux cs317.bluehost.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
User : andertr9 ( 1047)
PHP Version : 8.2.18
Disable Function : NONE
Directory :  /var/softaculous/lychee/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //var/softaculous/lychee/_edit.php
<?php

//////////////////////////////////////////////////////////////
//===========================================================
// edit.php(For individual softwares)
//===========================================================
// SOFTACULOUS 
// Version : 1.0
// Inspired by the DESIRE to be the BEST OF ALL
// ----------------------------------------------------------
// Started by: Alons
// Date:       10th Jan 2009
// Time:       21:00 hrs
// Site:       http://www.softaculous.com/ (SOFTACULOUS)
// ----------------------------------------------------------
// Please Read the Terms of use at http://www.softaculous.com
// ----------------------------------------------------------
//===========================================================
// (c)Softaculous Inc.
//===========================================================
//////////////////////////////////////////////////////////////

if(!defined('SOFTACULOUS')){

    die('Hacking Attempt');

}

/////////////////////////////////////////
// All functions in this PAGE must begin
// with TWO UNDERSCORE '__' to avoid 
// clashes with SOFTACULOUS Functions
// e.g. __funcname()
/////////////////////////////////////////

//////////////////////////////////////////
// Note : The path of the upgrade package 
//        is $software['path'].'/' . So to
//        access other files use 
//        $software['path'].'/other_file.ext'
//////////////////////////////////////////

//The Edit process
function __edit($installation){

global $__settings, $globals, $setupcontinue, $software, $error;
    
    $__settings = $installation;
    
    $__settings['admin_username'] = optPOST('admin_username');
    $__settings['admin_pass'] = optPOST('admin_pass');

    // Do we need to reset the password ?
    if(!empty($__settings['admin_pass'])){
    
        // We need the username
        if(empty($__settings['admin_username'])){
         $error[] = '{{err_no_username}}';
		return false;
        }
        
        // This is to get dbprefix from import.php
        sp_include_once($software['path'].'/import.php');
        
        $r = call_user_func('__import_'.$software['softname'], $__settings['softpath']);
        
        $__settings['dbprefix'] = $r['dbprefix'];
        $__settings['softdbhost'] = $r['softdbhost'];
        $__settings['softdbuser'] = $r['softdbuser'];
        $__settings['softdbpass'] = $r['softdbpass'];
        $__settings['softdb'] = $r['softdb'];
        
        if(!empty($error)){
		return false;
        }
        
        //This is to retrieve hashed value of admin username from the database 
        $query = "SELECT `value` FROM `".$__settings['dbprefix']."_lychee_settings` WHERE `key` = 'username';";
        
        $result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
        
        $__settings['admin_username_db'] = $result[0]['value'];
        
        //Creating crypted admin username hash
        $__settings['admin_username_crypt'] = crypt($__settings['admin_username'], $__settings['admin_username_db']);
		
        //Verifying admin username db hash with the crypted hash 
        if(!($__settings['admin_username_db'] === $__settings['admin_username_crypt'])){
		$error[] = '{{err_no_such_user}}';
		return false;           
        }else{          
		
		// This is to obtain password method from install.php
         sp_include_once($software['path'].'/install.php');      
		
		//We have commented the $user variable as it reassigns hash value for $__settings['admin_username']
         if(sversion_compare(phpversion(), '5.3', '<')){
			sconfigure('update_pass.php');  
			$data = swget($__settings['softurl'].'/update_pass.php');
			$data = explode('__softaculous__', $data);
			//$user = $data['0'];
			$pass = $data['1'];
			sunlink($__settings['softpath'].'/update_pass.php');
            }else{
			//$user = __getHashedString($__settings['admin_username']);                
			$pass = __getHashedString($__settings['admin_pass']);
            }
            
            $__settings['admin_pass'] = $pass;
            //$__settings['admin_username'] = $user;

            if(!empty($error)){
			return false;
            }
            
            // Update the password now
            $update_query = "UPDATE `".$__settings['dbprefix']."_lychee_settings` SET `value` = '".$__settings['admin_pass']."' WHERE `key` = 'password';";
            
            $result = sdb_query($update_query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);			
        }
    
    }

}

?>

Anon7 - 2021