From fa154b007f23302dbd9c459e4944b7bf69a4474d Mon Sep 17 00:00:00 2001
From: Ibnu Maksum <ibnumaksum@gmail.com>
Date: Mon, 29 Jul 2024 09:06:27 +0700
Subject: [PATCH] change $db_password to $db_pass
---
config.sample.php | 14 ++++++++------
init.php | 6 +++++-
install/step4.php | 10 +++++-----
install/update.php | 2 +-
system/autoload/Admin.php | 8 ++++----
system/autoload/User.php | 8 ++++----
system/controllers/accounts.php | 8 ++++----
system/controllers/register.php | 4 ++--
system/controllers/settings.php | 2 +-
system/lan/english.json | 7 ++++++-
update.php | 2 +-
11 files changed, 41 insertions(+), 30 deletions(-)
diff --git a/config.sample.php b/config.sample.php
index 84ecf9b2..fe4461b6 100644
--- a/config.sample.php
+++ b/config.sample.php
@@ -1,16 +1,18 @@
<?php
-$db_host = "localhost"; # Database Host
-$db_port = ""; # Database Port. Keep it blank if you are un sure.
-$db_user = "root"; # Database Username
-$db_password = ""; # Database Password
-$db_name = "phpnuxbill"; # Database Name
+
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://";
$host = $_SERVER['HTTP_HOST'];
$baseDir = rtrim(dirname($_SERVER['SCRIPT_NAME']), '/\\');
define('APP_URL', $protocol . $host . $baseDir);
-#Please include http and do not use trailing slash after the url. For example use in this format- http://www.example.com Or http://www.example.com/finance
+
$_app_stage = 'Live'; # Do not change this
+$db_host = "localhost"; # Database Host
+$db_port = ""; # Database Port. Keep it blank if you are un sure.
+$db_user = "root"; # Database Username
+$db_pass = ""; # Database Password
+$db_name = "phpnuxbill"; # Database Name
+
diff --git a/init.php b/init.php
index baf747bd..c88676ae 100644
--- a/init.php
+++ b/init.php
@@ -71,6 +71,10 @@ if(!empty($db_password)){
// compability for old version
$db_pass = $db_password;
}
+if(!empty($db_pass)){
+ // compability for old version
+ $db_password = $db_pass;
+}
ORM::configure("mysql:host=$db_host;dbname=$db_name");
ORM::configure('username', $db_user);
ORM::configure('password', $db_pass);
@@ -329,7 +333,7 @@ function _alert($text, $type = 'success', $url = "home", $time = 3)
if (!isset($api_secret)) {
- $api_secret = $db_password;
+ $api_secret = $db_pass;
}
function displayMaintenanceMessage(): void
diff --git a/install/step4.php b/install/step4.php
index e9a139a0..2898ec08 100644
--- a/install/step4.php
+++ b/install/step4.php
@@ -9,14 +9,14 @@
$appurl = $_POST['appurl'];
$db_host = $_POST['dbhost'];
$db_user = $_POST['dbuser'];
-$db_password = $_POST['dbpass'];
+$db_pass = $_POST['dbpass'];
$db_name = $_POST['dbname'];
$cn = '0';
try {
$dbh = new pdo(
"mysql:host=$db_host;dbname=$db_name",
"$db_user",
- "$db_password",
+ "$db_pass",
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION)
);
$cn = '1';
@@ -39,13 +39,13 @@ $_app_stage = "Live";
// Database PHPNuxBill
$db_host = "' . $db_host . '";
$db_user = "' . $db_user . '";
-$db_pass = "' . $db_password . '";
+$db_pass = "' . $db_pass . '";
$db_name = "' . $db_name . '";
// Database Radius
$radius_host = "' . $db_host . '";
$radius_user = "' . $db_user . '";
-$radius_pass = "' . $db_password . '";
+$radius_pass = "' . $db_pass . '";
$radius_name = "' . $db_name . '";
if($_app_stage!="Live"){
@@ -70,7 +70,7 @@ $_app_stage = "Live";
// Database PHPNuxBill
$db_host = "' . $db_host . '";
$db_user = "' . $db_user . '";
-$db_pass = "' . $db_password . '";
+$db_pass = "' . $db_pass . '";
$db_name = "' . $db_name . '";
if($_app_stage!="Live"){
diff --git a/install/update.php b/install/update.php
index d58e551c..a1c0a7d0 100644
--- a/install/update.php
+++ b/install/update.php
@@ -26,7 +26,7 @@
try{
$dbh = new pdo( "mysql:host=$db_host;dbname=$db_name",
"$db_user",
- "$db_password",
+ "$db_pass",
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
echo "CREATE TABLE `tbl_payment_gateway` (
diff --git a/system/autoload/Admin.php b/system/autoload/Admin.php
index 68d84698..4964734c 100644
--- a/system/autoload/Admin.php
+++ b/system/autoload/Admin.php
@@ -11,7 +11,7 @@ class Admin
public static function getID()
{
- global $db_password, $config;
+ global $db_pass, $config;
$enable_session_timeout = $config['enable_session_timeout'];
$session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds
@@ -27,7 +27,7 @@ class Admin
elseif (isset($_COOKIE['aid'])) {
// id.time.sha1
$tmp = explode('.', $_COOKIE['aid']);
- if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_password) == $tmp[2]) {
+ if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_pass) == $tmp[2]) {
if (time() - $tmp[1] < 86400 * 7) {
$_SESSION['aid'] = $tmp[0];
if ($enable_session_timeout) {
@@ -43,12 +43,12 @@ class Admin
public static function setCookie($aid)
{
- global $db_password, $config;
+ global $db_pass, $config;
$enable_session_timeout = $config['enable_session_timeout'];
$session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds
if (isset($aid)) {
$time = time();
- $token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_password);
+ $token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_pass);
setcookie('aid', $token, time() + 86400 * 7);
$_SESSION['aid'] = $aid;
if ($enable_session_timeout) {
diff --git a/system/autoload/User.php b/system/autoload/User.php
index 86d42c31..5baa5988 100644
--- a/system/autoload/User.php
+++ b/system/autoload/User.php
@@ -10,13 +10,13 @@ class User
{
public static function getID()
{
- global $db_password;
+ global $db_pass;
if (isset($_SESSION['uid']) && !empty($_SESSION['uid'])) {
return $_SESSION['uid'];
} else if (isset($_COOKIE['uid'])) {
// id.time.sha1
$tmp = explode('.', $_COOKIE['uid']);
- if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_password) == $tmp[2]) {
+ if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_pass) == $tmp[2]) {
if (time() - $tmp[1] < 86400 * 30) {
$_SESSION['uid'] = $tmp[0];
return $tmp[0];
@@ -159,10 +159,10 @@ class User
public static function setCookie($uid)
{
- global $db_password;
+ global $db_pass;
if (isset($uid)) {
$time = time();
- setcookie('uid', $uid . '.' . $time . '.' . sha1($uid . '.' . $time . '.' . $db_password), time() + 86400 * 30);
+ setcookie('uid', $uid . '.' . $time . '.' . sha1($uid . '.' . $time . '.' . $db_pass), time() + 86400 * 30);
}
}
diff --git a/system/controllers/accounts.php b/system/controllers/accounts.php
index 0e0c74cf..373cce22 100644
--- a/system/controllers/accounts.php
+++ b/system/controllers/accounts.php
@@ -149,8 +149,8 @@ switch ($action) {
mkdir($otpPath);
touch($otpPath . 'index.html');
}
- $otpFile = $otpPath . sha1($username . $db_password) . ".txt";
- $phoneFile = $otpPath . sha1($username . $db_password) . "_phone.txt";
+ $otpFile = $otpPath . sha1($username . $db_pass) . ".txt";
+ $phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";
// expired 10 minutes
if (file_exists($otpFile) && time() - filemtime($otpFile) < 1200) {
@@ -189,8 +189,8 @@ switch ($action) {
}
if (!empty($config['sms_url'])) {
- $otpFile = $otpPath . sha1($username . $db_password) . ".txt";
- $phoneFile = $otpPath . sha1($username . $db_password) . "_phone.txt";
+ $otpFile = $otpPath . sha1($username . $db_pass) . ".txt";
+ $phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";
// Check if OTP file exists
if (!file_exists($otpFile)) {
diff --git a/system/controllers/register.php b/system/controllers/register.php
index 2d7eefe0..25e41480 100644
--- a/system/controllers/register.php
+++ b/system/controllers/register.php
@@ -46,7 +46,7 @@ switch ($do) {
}
if (!empty($config['sms_url'])) {
- $otpPath .= sha1($username . $db_password) . ".txt";
+ $otpPath .= sha1($username . $db_pass) . ".txt";
run_hook('validate_otp'); #HOOK
//expired 10 minutes
if (file_exists($otpPath) && time() - filemtime($otpPath) > 1200) {
@@ -122,7 +122,7 @@ switch ($do) {
mkdir($otpPath);
touch($otpPath . 'index.html');
}
- $otpPath .= sha1($username . $db_password) . ".txt";
+ $otpPath .= sha1($username . $db_pass) . ".txt";
//expired 10 minutes
if (file_exists($otpPath) && time() - filemtime($otpPath) < 1200) {
$ui->assign('username', $username);
diff --git a/system/controllers/settings.php b/system/controllers/settings.php
index 652c3ca3..986b68fd 100644
--- a/system/controllers/settings.php
+++ b/system/controllers/settings.php
@@ -701,7 +701,7 @@ switch ($action) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
- $dbc = new mysqli($db_host, $db_user, $db_password, $db_name);
+ $dbc = new mysqli($db_host, $db_user, $db_pass, $db_name);
if ($result = $dbc->query('SHOW TABLE STATUS')) {
$tables = array();
while ($row = $result->fetch_array()) {
diff --git a/system/lan/english.json b/system/lan/english.json
index 25a57913..e1361675 100644
--- a/system/lan/english.json
+++ b/system/lan/english.json
@@ -673,5 +673,10 @@
"End_Date": "End Date",
"New_Version_Notification": "New Version Notification",
"Enabled": "Enabled",
- "This_is_to_notify_you_when_new_updates_is_available": "This is to notify you when new updates is available"
+ "This_is_to_notify_you_when_new_updates_is_available": "This is to notify you when new updates is available",
+ "Enable_Session_Timeout": "Enable Session Timeout",
+ "Logout_Admin_if_not_Available_Online_a_period_of_time": "Logout Admin if not Available\/Online a period of time",
+ "Timeout_Duration": "Timeout Duration",
+ "Enter_the_session_timeout_duration__minutes_": "Enter the session timeout duration (minutes)",
+ "Idle_Timeout__Logout_Admin_if_Idle_for_xx_minutes": "Idle Timeout, Logout Admin if Idle for xx minutes"
}
\ No newline at end of file
diff --git a/update.php b/update.php
index c542112d..ceb4d63b 100644
--- a/update.php
+++ b/update.php
@@ -104,7 +104,7 @@ if (empty($step)) {
$db = new pdo(
"mysql:host=$db_host;dbname=$db_name",
$db_user,
- $db_password,
+ $db_pass,
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION)
);