Launcher/compat/auth/dle.php

<?php

$auth = [

	'logged' => false,

	'login' => filter_input(INPUT_GET, 'login', FILTER_SANITIZE_STRING),
	'password' => filter_input(INPUT_GET, 'password', FILTER_SANITIZE_STRING)

];

if( isset( $auth['login'] ) AND isset( $auth['password'] ) ) {
	
	define( 'DATALIFEENGINE', true );
	require_once(  __DIR__ . '/engine/classes/mysql.php' );
	require_once(  __DIR__ . '/engine/data/dbconfig.php' );

	$auth['login'] = $db->safesql( $auth['login'] );
	$auth['password'] = $db->safesql( $auth['password'] );

	if( strlen($auth['password']) > 72 ) $auth['password'] = substr($auth['password'], 0, 72);

	$member_id = $db->super_query( "SELECT name, email, password, hash  FROM dle_users WHERE name='{$auth['login']}' OR email='{$auth['login']}'" );

	if( !$member_id['name'] AND !$member_id['email'] ) {
		
		die('Введены неверные данные');
	}
		
	if( strlen($member_id['password']) == 32 && ctype_xdigit($member_id['password']) ) {
		
		if( $member_id['password'] == md5(md5($auth['password'])) ) {
			$auth['logged'] = true;
		}
		
	} else {
		
		if( password_verify($auth['password'], $member_id['password']) ) {
			$auth['logged'] = true;
		}
		
	}

	if( $auth['logged'] ) {
		
		session_regenerate_id();

		if ( password_needs_rehash($member_id['password'], PASSWORD_DEFAULT) ) {

			$member_id['password'] = password_hash($auth['password'], PASSWORD_DEFAULT);
			
			$new_pass_hash = 'password='.$db->safesql($member_id['password']).', ';
				
		} else $new_pass_hash = '';

		if( function_exists('openssl_random_pseudo_bytes') ) {

			$stronghash = md5(openssl_random_pseudo_bytes(15));

		} else $stronghash = md5(uniqid( mt_rand(), TRUE ));

		$salt = sha1( str_shuffle('abcdefghjkmnpqrstuvwxyz0123456789') . $stronghash );
		$hash = '';

		for($i = 0; $i < 9; $i ++) {
			$hash .= $salt{mt_rand( 0, 39 )};
		}

		$hash = md5( $hash );
		$member_id['hash'] = $hash;
		
		$db->query( "UPDATE LOW_PRIORITY dle_users SET {$new_pass_hash}hash='{$hash}' WHERE name='{$member_id['name']}'" );

		die('OK:'.$member_id['name'].'');

	} else {
		
		die('Ошибка при авторизации');
	}
}

?>
4.0.0 init commit 2018-09-17 10:07:32 +03:00			`<?php`

			`$auth = [`

			`'logged' => false,`

			`'login' => filter_input(INPUT_GET, 'login', FILTER_SANITIZE_STRING),`
			`'password' => filter_input(INPUT_GET, 'password', FILTER_SANITIZE_STRING)`

			`];`

			`if( isset( $auth['login'] ) AND isset( $auth['password'] ) ) {`

			`define( 'DATALIFEENGINE', true );`
			`require_once( __DIR__ . '/engine/classes/mysql.php' );`
			`require_once( __DIR__ . '/engine/data/dbconfig.php' );`

			`$auth['login'] = $db->safesql( $auth['login'] );`
			`$auth['password'] = $db->safesql( $auth['password'] );`

			`if( strlen($auth['password']) > 72 ) $auth['password'] = substr($auth['password'], 0, 72);`

			`$member_id = $db->super_query( "SELECT name, email, password, hash FROM dle_users WHERE name='{$auth['login']}' OR email='{$auth['login']}'" );`

			`if( !$member_id['name'] AND !$member_id['email'] ) {`

			`die('Введены неверные данные');`
			`}`

			`if( strlen($member_id['password']) == 32 && ctype_xdigit($member_id['password']) ) {`

			`if( $member_id['password'] == md5(md5($auth['password'])) ) {`
			`$auth['logged'] = true;`
			`}`

			`} else {`

			`if( password_verify($auth['password'], $member_id['password']) ) {`
			`$auth['logged'] = true;`
			`}`

			`}`

			`if( $auth['logged'] ) {`

			`session_regenerate_id();`

			`if ( password_needs_rehash($member_id['password'], PASSWORD_DEFAULT) ) {`

			`$member_id['password'] = password_hash($auth['password'], PASSWORD_DEFAULT);`

			`$new_pass_hash = 'password='.$db->safesql($member_id['password']).', ';`

			`} else $new_pass_hash = '';`

			`if( function_exists('openssl_random_pseudo_bytes') ) {`

			`$stronghash = md5(openssl_random_pseudo_bytes(15));`

			`} else $stronghash = md5(uniqid( mt_rand(), TRUE ));`

			`$salt = sha1( str_shuffle('abcdefghjkmnpqrstuvwxyz0123456789') . $stronghash );`
			`$hash = '';`

			`for($i = 0; $i < 9; $i ++) {`
			`$hash .= $salt{mt_rand( 0, 39 )};`
			`}`

			`$hash = md5( $hash );`
			`$member_id['hash'] = $hash;`

			`$db->query( "UPDATE LOW_PRIORITY dle_users SET {$new_pass_hash}hash='{$hash}' WHERE name='{$member_id['name']}'" );`

			`die('OK:'.$member_id['name'].'');`

			`} else {`

			`die('Ошибка при авторизации');`
			`}`
			`}`

			`?>`