3 if( !defined( 'YOURLS_ABSPATH' ) ) die();
5 $auth = yourls_is_valid_user();
10 if ( yourls_is_API() ) {
11 $format = ( isset($_REQUEST['format']) ? $_REQUEST['format'] : 'xml' );
12 $callback = ( isset($_REQUEST['callback']) ? $_REQUEST['callback'] : '' );
13 yourls_api_output( $format, array(
17 'callback' => $callback,
22 yourls_login_screen( $auth );
28 yourls_do_action( 'auth_successful' );
31 * The following code is a shim that helps users store passwords securely in config.php
32 * by storing a password hash and removing the plaintext.
34 * TODO: Remove this once real user management is implemented
37 // Did we just fail at encrypting passwords ?
38 if ( isset( $_GET['dismiss'] ) && $_GET['dismiss'] == 'hasherror' ) {
39 yourls_update_option( 'defer_hashing_error', time() + 86400 * 7 ); // now + 1 week
43 // Encrypt passwords that are clear text
44 if ( !defined( 'YOURLS_NO_HASH_PASSWORD' ) && yourls_has_cleartext_passwords() ) {
45 $hash = yourls_hash_passwords_now( YOURLS_CONFIGFILE );
46 if ( $hash === true ) {
47 // Hashing succesful. Remove flag from DB if any.
48 if( yourls_get_option( 'defer_hashing_error' ) )
49 yourls_delete_option( 'defer_hashing_error' );
51 // It failed, display message for first time or if last time was a week ago
52 if ( time() > yourls_get_option( 'defer_hashing_error' ) or !yourls_get_option( 'defer_hashing_error' ) ) {
53 $message = yourls_s( 'Could not auto-encrypt passwords. Error was: "%s".', $hash );
55 $message .= yourls_s( '<a href="%s">Get help</a>.', 'http://yourls.org/userpassword' );
56 $message .= '</p><p>';
57 $message .= yourls_s( '<a href="%s">Click here</a> to dismiss this message for one week.', '?dismiss=hasherror' );
59 yourls_add_notice( $message );