Different ACP Password - 1.0.0 - BETA

**sabri ünal** 18.12.2006, 15:09

mod adı:Different ACP Password
sürüm: 1.0.0 BETA

mod işlevi: yönetim panelini şifrelemek için kullanabileceğiniz yöntemlerden birisi de bu moddur... bu mod ile yönetim paneline girişte kişiye sorulacak 2. bir şifre oluşturulmaktadır...

http://www.phpbbhacks.com/download/7272

Kod: Tümünü seç: ############################################################## ## MOD Title: Different ACP Password ## MOD Author: OXPUS < webmaster@oxpus.de > (Karsten Ude) http://www.oxpus.de ## MOD Description: Implements a second password for administrators to login into the admin panel. ## This password can only be changed in the admin panel. ## MOD Version: 1.0.0 ## ## Installation Level: Easy ## Installation Time: 5-10 Minutes ## Files To Edit: 8 ## login.php ## admin/admin_board.php ## admin/admin_up_auth.php ## admin/admin_users.php ## language/lang_english/lang_admin.php ## language/lang_english/lang_main.php ## templates/subSilver/admin/board_config_body.tpl ## templates/subSilver/admin/user_edit_body.tpl ## ## Included Files: N/A ## ############################################################## ## For security purposes, please check: http://www.phpbb.com/mods/ ## for the latest version of this MOD. Although MODs are checked ## before being allowed in the MODs Database there is no guarantee ## that there are no security problems within the MOD. No support ## will be given for MODs not found within the MODs Database which ## can be found at http://www.phpbb.com/mods/ ############################################################## ## Author Notes: ## ## Languages ## --------- ## Additional language packs can be found in the folder translations/ ## ## Super Moderator / Orion 2x ## -------------------------- ## Look into the folder contrib/ for the needed Add-On. ## ############################################################## ## MOD History: ## ## 2006-12-09 - Version 1.0.0 ## - First release ## ############################################################## ## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD ############################################################## # #-----[ SQL ]------------------------------------------ # ALTER TABLE phpbb_users ADD COLUMN user_acp_password VARCHAR(32) NOT NULL DEFAULT '' AFTER user_password; UPDATE phpbb_users SET user_acp_password = user_password WHERE user_level IN (1, 3); INSERT INTO phpbb_config (config_name, config_value) VALUES ('complex_acp_pw', '1'); # #-----[ OPEN ]------------------------------------------ # login.php # #-----[ FIND ]------------------------------------------ # $sql = "SELECT user_id, username, user_password, user_active, user_level, user_login_tries, user_last_login_try FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'"; # #-----[ IN-LINE FIND ]------------------------------------------ # user_password # #-----[ IN-LINE AFTER, ADD ]------------------------------------------ # , user_acp_password # #-----[ FIND ]------------------------------------------ # if( md5($password) == $row['user_password'] && $row['user_active'] ) # #-----[ REPLACE WITH ]------------------------------------------ # if (isset($HTTP_POST_VARS['admin'])) { if (!$row['user_acp_password']) { message_die(GENERAL_MESSAGE, $lang['No_ACP_Password']); } $user_password = $row['user_acp_password']; } else { $user_password = $row['user_password']; } if( md5($password) == $user_password && $row['user_active'] ) # #-----[ FIND ]------------------------------------------ # $template->set_filenames(array( 'body' => 'login_body.tpl') ); # #-----[ BEFORE, ADD ]------------------------------------------ # if (isset($HTTP_GET_VARS['admin']) && $userdata['user_acp_password'] == '') { message_die(GENERAL_MESSAGE, $lang['No_ACP_Password']); } # #-----[ OPEN ]------------------------------------------ # admin/admin_board.php # #-----[ FIND ]------------------------------------------ # $smtp_yes = ( $new['smtp_delivery'] ) ? "checked=\"checked\"" : ""; $smtp_no = ( !$new['smtp_delivery'] ) ? "checked=\"checked\"" : ""; # #-----[ AFTER, ADD ]------------------------------------------ # $complex_acp_pw_yes = ( $new['complex_acp_pw'] ) ? "checked=\"checked\"" : ""; $complex_acp_pw_no = ( !$new['complex_acp_pw'] ) ? "checked=\"checked\"" : ""; # #-----[ FIND ]------------------------------------------ # "L_SEARCH_FLOOD_INTERVAL_EXPLAIN" => $lang['Search_Flood_Interval_explain'], # #-----[ AFTER, ADD ]------------------------------------------ # "L_COMPLEX_ACP_PW" => $lang['Complex_ACP_PW'], "COMPLEX_ACP_PW_YES" => $complex_acp_pw_yes, "COMPLEX_ACP_PW_NO" => $complex_acp_pw_no, # #-----[ OPEN ]------------------------------------------ # admin/admin_up_auth.php # #-----[ FIND ]------------------------------------------ # $sql = "UPDATE " . USERS_TABLE . " SET user_level = " . ADMIN . " WHERE user_id = $user_id"; # #-----[ IN-LINE FIND ]------------------------------------------ # user_level = " . ADMIN . " # #-----[ IN-LINE AFTER, ADD ]------------------------------------------ # , user_acp_password = user_password # #-----[ FIND ]------------------------------------------ # $sql = "UPDATE " . USERS_TABLE . " SET user_level = " . USER . " WHERE user_id = $user_id"; # #-----[ IN-LINE FIND ]------------------------------------------ # user_level = " . USER . " # #-----[ IN-LINE AFTER, ADD ]------------------------------------------ # , user_acp_password = '' # #-----[ OPEN ]------------------------------------------ # admin/admin_users.php # #-----[ FIND ]------------------------------------------ # $password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : ''; # #-----[ AFTER, ADD ]------------------------------------------ # $acp_password = ( !empty($HTTP_POST_VARS['acp_password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['acp_password'] ) )) : ''; $acp_password_confirm = ( !empty($HTTP_POST_VARS['acp_password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['acp_password_confirm'] ) )) : ''; # #-----[ FIND ]------------------------------------------ # $password = ''; $password_confirm = ''; # #-----[ AFTER, ADD ]------------------------------------------ # $acp_password = ''; $acp_password_confirm = ''; # #-----[ FIND ]------------------------------------------ # $passwd_sql = ''; # #-----[ AFTER, ADD ]------------------------------------------ # if ($board_config['complex_acp_pw'] && !empty($acp_password)) { if (!empty($password) && $password == $acp_password) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['ACP_Password_match_pw']; } else { $sql = "SELECT user_password FROM " . USERS_TABLE . " WHERE user_id = $user_id"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not read current password', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row['user_password'] == md5($acp_password)) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['ACP_Password_match_pw']; } } } if( !empty($acp_password) && !empty($acp_password_confirm) ) { if($acp_password != $acp_password_confirm) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['ACP_Password_mismatch']; } else { $acp_password = md5($acp_password); $passwd_sql .= "user_acp_password = '$acp_password', "; } } else if( $acp_password && !$acp_password_confirm ) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['ACP_Password_mismatch']; } else if( !$acp_password && $acp_password_confirm ) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['ACP_Password_mismatch']; } # #-----[ FIND ]------------------------------------------ # $password = ''; $password_confirm = ''; # #-----[ AFTER, ADD ]------------------------------------------ # $acp_password = ''; $acp_password_confirm = ''; # #-----[ FIND ]------------------------------------------ # $password = ''; $password_confirm = ''; # #-----[ AFTER, ADD ]------------------------------------------ # $acp_password = ''; $acp_password_confirm = ''; # #-----[ FIND ]------------------------------------------ # 'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'], # #-----[ AFTER, ADD ]------------------------------------------ # 'L_ACP_PASSWORD' => $lang['ACP_password'], 'L_ACP_PASSWORD_CONFIRM' => $lang['ACP_password_confirm'], 'L_ACP_PASSWORD_EXPLAIN' => $lang['ACP_password_explain'], 'L_ACP_PASSWORD_COMPLEX' => ($board_config['complex_acp_pw']) ? $lang['ACP_password_complex'] : '', # #-----[ OPEN ]------------------------------------------ # language/lang_english/lang_admin.php # #-----[ FIND ]------------------------------------------ # ?> # #-----[ BEFORE, ADD ]------------------------------------------ # $lang['Complex_ACP_PW'] = 'Password for ACP login must be different to normal password'; $lang['ACP_Password_mismatch'] = 'The ACP password does not match the confirmation!'; $lang['ACP_Password_match_pw'] = 'The ACP password matches the normal password, but you must enter a different one!'; $lang['ACP_password'] = 'Password for the Admin Panel'; $lang['ACP_password_confirm'] = 'Confirm the ACP Password'; $lang['ACP_password_explain'] = 'This password will be used to login into the Admin Panel. From now the normal password can not longer used to login the ACP.'; $lang['ACP_password_complex'] = '<br />Be sure, to enter a different password as your normal one!'; # #-----[ OPEN ]------------------------------------------ # language/lang_english/lang_main.php # #-----[ FIND ]------------------------------------------ # ?> # #-----[ BEFORE, ADD ]------------------------------------------ # $lang['No_ACP_Password'] = '<b>You have no valid password to login the Admin Panel!</b><br /><br />Please contact the board admin to get one.'; # #-----[ OPEN ]------------------------------------------ # templates/subSilver/admin/board_config_body.tpl # #-----[ FIND ]------------------------------------------ # <tr> <td class="row1">{L_AUTOLOGIN_TIME} <br /><span class="gensmall">{L_AUTOLOGIN_TIME_EXPLAIN}</span></td> <td class="row2"><input class="post" type="text" size="3" maxlength="4" name="max_autologin_time" value="{AUTOLOGIN_TIME}" /></td> </tr> # #-----[ AFTER, ADD ]------------------------------------------ # <tr> <td class="row1">{L_COMPLEX_ACP_PW}</td> <td class="row2"><input type="radio" name="complex_acp_pw" value="1" {COMPLEX_ACP_PW_YES} /> {L_YES}  <input type="radio" name="complex_acp_pw" value="0" {COMPLEX_ACP_PW_NO} /> {L_NO}</td> </tr> # #-----[ OPEN ]------------------------------------------ # templates/subSilver/admin/user_edit_body.tpl # #-----[ FIND ]------------------------------------------ # <input class="post" type="password" name="password_confirm" size="35" maxlength="32" value="" /> </td> </tr> # #-----[ AFTER, ADD ]------------------------------------------ # <tr> <td class="row1"><span class="gen">{L_ACP_PASSWORD}:</span><br /><span class="gensmall">{L_ACP_PASSWORD_EXPLAIN}{L_ACP_PASSWORD_COMPLEX}</span></td> <td class="row2"> <input class="post" type="password" name="acp_password" size="35" maxlength="32" value="" /> </td> </tr> <tr> <td class="row1"><span class="gen">{L_ACP_PASSWORD_CONFIRM}:</span></td> <td class="row2"> <input class="post" type="password" name="acp_password_confirm" size="35" maxlength="32" value="" /> </td> </tr> # #-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ # # EoM

Different ACP Password - 1.0.0 - BETA

Different ACP Password - 1.0.0 - BETA

Kimler çevrimiçi