Poste mal den kompletten Inhalt Deiner includes/functions/password_funcs.php als Code (Raute Schaltflächen verwenden)
Ankündigung
Einklappen
Keine Ankündigung bisher.
Nach Registrierung kommt Ups Ihre Session ist abgelaufen
Einklappen
X
-
Code:function zen_validate_password($plain, $encrypted) { if (zen_not_null($plain) && zen_not_null($encrypted)) { // split apart the hash / salt $stack = explode(':', $encrypted); if (sizeof($stack) != 2) return false; if (md5($stack[1] . $plain) == $stack[0]) { return true; } } return false; } //// // This function makes a new password from a plaintext password. function zen_encrypt_password($plain) { $password = ''; for ($i = 0; $i < 10; $i++) { $password .= zen_rand(); } $salt = substr(md5($password), 0, 2); $password = md5($salt . $plain) . ':' . $salt; return $password; } //// function zen_create_random_value($length, $type = 'mixed') { if (($type != 'mixed') && ($type != 'chars') && ($type != 'digits')) return false; $rand_value = ''; while (strlen($rand_value) < $length) { if ($type == 'digits') { $char = zen_rand(0, 9); } else { $char = chr(zen_rand(0, 255)); } if ($type == 'mixed') { if (preg_match('/^[a-z0-9]$/i', $char)) $rand_value .= $char; } elseif ($type == 'chars') { if (preg_match('/^[a-z]$/i', $char)) $rand_value .= $char; } elseif ($type == 'digits') { if (preg_match('/^[0-9]$/', $char)) $rand_value .= $char; } } if ($type == 'mixed' && !preg_match('/^(?=.*[\w]+.*)(?=.*[\d]+.*)[\d\w]{' . $length . ',}$/', $rand_value)) { $rand_value .= zen_rand(0, 9); } return $rand_value; } function zen_get_entropy($seed) { $entropy = ''; $fp = @fopen('/dev/urandom', 'rb'); if ($fp !== FALSE) { $entropy .= @fread($fp, 16); // echo "USING /dev/random" . "<br>"; @fclose($fp); } // MS-Windows platform? if (@class_exists('COM')) { // [URL]http://msdn.microsoft.com/en-us/library/aa388176(VS.85).aspx[/URL] try { $CAPI_Util = new COM('CAPICOM.Utilities.1'); $entropy .= $CAPI_Util->GetRandom(16, 0); if ($entropy) { $entropy = md5($entropy, TRUE); //echo "USING WINDOWS" . "<br>"; } } catch (Exception $ex) { // echo 'Exception: ' . $ex->getMessage(); } } if (strlen($entropy) < 16) { $entropy = sha1_file('/includes/configure.php'); $entropy .= microtime() . mt_rand() . $seed; //echo "USING FALLBACK" . "<br>"; } return sha1($entropy); } function zen_create_PADSS_password($length = 8) { $charsAlpha = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $charsNum = '0123456789'; $charsMixed = $charsAlpha . $charsNum; $password = ""; for ($i = 0; $i < $length; $i++) { $addChar = substr($charsMixed, zen_pwd_rand(0, strlen($charsMixed) - 1), 1); while (strpos($password, $addChar)) { $addChar = substr($charsMixed, zen_pwd_rand(0, strlen($charsMixed) - 1), 1); } $password .= $addChar; } if (!preg_match('/[0-9]/', $password)) { $addChar = substr($charsNum, zen_pwd_rand(0, strlen($charsNum) - 1), 1); $addPos = zen_pwd_rand(0, strlen($password) - 1); $password[$addPos] = $addChar; } return $password; } function zen_pwd_rand($min = 0, $max = 10) { static $seed; if (!isset($seed)) $seed = zen_get_entropy(microtime()); $random = zen_get_entropy($seed); $random .= zen_get_entropy($random); $random = sha1($random); $random = substr($random, 0, 8); $value = abs(hexdec($random)); $value = $min + (($max - $min + 1) * ($value / (4294967295 + 1))); $value = abs(intval($value)); return $value; }
Zuletzt geändert von NascarFan; 17.05.2016, 14:00.
Kommentar
-
Was Du da postest ist aus Zen Cart 1.5.1
Du verwendest aber wie Du schreibst Zen Cart 1.5.4
Wenn schon diese Datei so offensichtlich nicht 1.5.4 ist, dann sind es andere Dateien sicher auch nicht.
Mit einem Mischmasch aus Dateien unterschiedlicher Zen Cart Versionen kann ein Shop halt nicht funktionieren.
Kommentar
-
Zitat von webchills Beitrag anzeigenWas Du da postest ist aus Zen Cart 1.5.1
Du verwendest aber wie Du schreibst Zen Cart 1.5.4
Wenn schon diese Datei so offensichtlich nicht 1.5.4 ist, dann sind es andere Dateien sicher auch nicht.
Mit einem Mischmasch aus Dateien unterschiedlicher Zen Cart Versionen kann ein Shop halt nicht funktionieren.
Code:// This function validates a plain text password with an encrpyted password function zen_validate_password($plain, $encrypted, $userRef = NULL) { $zcPassword = zcPassword::getInstance(PHP_VERSION); return $zcPassword->validatePassword($plain, $encrypted); } // // // This function makes a new password from a plaintext password. function zen_encrypt_password($plain) { $password = ''; for($i = 0; $i < 10; $i ++) { $password .= zen_rand(); } $salt = substr(md5($password), 0, 2); $password = md5($salt . $plain) . ':' . $salt; return $password; } function zen_encrypt_password_new($plain) { $password = ''; for($i = 0; $i < 40; $i ++) { $password .= zen_rand(); } $salt = hash('sha256', $password); $password = hash('sha256', $salt . $plain) . ':' . $salt; return $password; } // // function zen_create_random_value($length, $type = 'mixed') { if (($type != 'mixed') && ($type != 'chars') && ($type != 'digits')) return false; $rand_value = ''; while ( strlen($rand_value) < $length ) { if ($type == 'digits') { $char = zen_rand(0, 9); } else { $char = chr(zen_rand(0, 255)); } if ($type == 'mixed') { if (preg_match('/^[a-z0-9]$/i', $char)) $rand_value .= $char; } elseif ($type == 'chars') { if (preg_match('/^[a-z]$/i', $char)) $rand_value .= $char; } elseif ($type == 'digits') { if (preg_match('/^[0-9]$/', $char)) $rand_value .= $char; } } if ($type == 'mixed' && ! preg_match('/^(?=.*[\w]+.*)(?=.*[\d]+.*)[\d\w]{' . $length . ',}$/', $rand_value)) { $rand_value .= zen_rand(0, 9); } return $rand_value; } /** * Returns entropy using a hash of various available methods for obtaining * random data. * The default hash method is "sha1" and the default size is 32. * * @param string $hash * the hash method to use while generating the hash. * @param int $size * the size of random data to use while generating the hash. * @return string the randomized salt */ function zen_get_entropy($hash = 'sha1', $size = 32) { $data = null; if (! in_array($hash, hash_algos())) $hash = 'sha1'; if (! is_int($size)) $size = (int)$size; // Use openssl if available if (function_exists('openssl_random_pseudo_bytes')) { // echo('Attempting to create entropy using openssl'); $entropy = openssl_random_pseudo_bytes($size, $strong); if ($strong) $data = $entropy; unset($strong, $entropy); } // Use mcrypt with /dev/urandom if available if ($data === null && function_exists('mcrypt_create_iv') && ( // There is a bug in Windows + IIS in older versions of PHP ( strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN' || version_compare(PHP_VERSION, '5.3.7', '>=')))) { // echo('Attempting to create entropy using mcrypt'); $entropy = mcrypt_create_iv($size, MCRYPT_DEV_URANDOM); if ($entropy !== FALSE) $data = $entropy; unset($entropy); } if ($data === null) { // Fall back to using /dev/urandom if available $fp = @fopen('/dev/urandom', 'rb'); if ($fp !== FALSE) { // echo('Attempting to create entropy using /dev/urandom'); $entropy = @fread($fp, $size); @fclose($fp); if (strlen($entropy) == $size) $data = $entropy; unset($fp, $entropy); } } // Final fallback (mixture of various methods) if ($data === null) { // echo('Attempting to create entropy using FINAL FALLBACK'); if (!defined('DIR_FS_ROOT')) define('DIR_FS_ROOT', DIR_FS_CATALOG); $filename = DIR_FS_ROOT . 'includes/configure.php'; $stat = @stat($filename); if ($stat === FALSE) { $stat = array( 'microtime' => microtime() ); } $stat ['mt_rand'] = mt_rand(); $stat ['file_hash'] = hash_file($hash, $filename, TRUE); // Attempt to get a random value on windows // [URL]http://msdn.microsoft.com/en-us/library/aa388176(VS.85).aspx[/URL] if (@class_exists('COM')) { try { $CAPI_Util = new COM('CAPICOM.Utilities.1'); $entropy = $CAPI_Util->GetRandom($size, 0); if ($entropy) { // echo('Adding random data to entropy using CAPICOM.Utilities'); $stat ['CAPICOM_Utilities_random'] = md5($entropy, TRUE); } unset($CAPI_Util, $entropy); } catch ( Exception $ex ) { } } // echo('Adding random data to entropy using file information and contents'); @shuffle($stat); foreach ( $stat as $value ) { $data .= $value; } unset($filename, $value, $stat); } return hash($hash, $data); } function zen_create_PADSS_password($length = 8) { $charsAlpha = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $charsNum = '0123456789'; $charsMixed = $charsAlpha . $charsNum; $password = ""; for($i = 0; $i < $length; $i ++) { $addChar = substr($charsMixed, zen_pwd_rand(0, strlen($charsMixed) - 1), 1); while ( strpos($password, $addChar) ) { $addChar = substr($charsMixed, zen_pwd_rand(0, strlen($charsMixed) - 1), 1); } $password .= $addChar; } if (! preg_match('/[0-9]/', $password)) { $addChar = substr($charsNum, zen_pwd_rand(0, strlen($charsNum) - 1), 1); $addPos = zen_pwd_rand(0, strlen($password) - 1); $password [$addPos] = $addChar; } return $password; } function zen_pwd_rand($min = 0, $max = 10) { static $seed; if (! isset($seed)) $seed = zen_get_entropy(); $random = hash('sha1', zen_get_entropy() . $seed); $random .= hash('sha1', zen_get_entropy() . $random); $random = hash('sha1', $random); $random = substr($random, 0, 8); $value = abs(hexdec($random)); $value = $min + (($max - $min + 1) * ($value / (4294967295 + 1))); $value = abs(intval($value)); return $value; }
Kommentar
-
Was auf Deiner Festplatte liegt ist ziemlich egal, am Server scheint die Datei aus 1.5.1 zu liegen, sonst wäre ein solches Logfile nicht möglich:
[13-May-2016 17:04:14 Europe/Berlin] PHP Warning: sha1_file(/includes/configure.php): failed to open stream: No such file or directory in /var/www/xxxx/includes/functions/password_funcs.php on line 118
Lade die Version 1.5.4 aus den Downloads herunter und entpacke sie in einen Ordner auf Deiner Festplatte
Installiere Beyond Compare
Lege in Beyond Compare ein FTP Profil mit den Zugangsdaten zu Deinem Server an
Und führe dann einen Ordnervergleich zwischen Original 1.5.4 auf der Festplatte und der Zen Cart Installation am Server durch.
Kommentar
Kommentar