$auth,
'message' => $auth,
'errorCode' => 403,
'callback' => $callback,
) );
// Regular mode
} else {
yourls_login_screen( $auth );
}
die();
}
yourls_do_action( 'auth_successful' );
/*
* The following code is a shim that helps users store passwords securely in config.php
* by storing a password hash and removing the plaintext.
*
* TODO: Remove this once real user management is implemented
*/
// Did we just fail at encrypting passwords ?
if ( isset( $_GET['dismiss'] ) && $_GET['dismiss'] == 'hasherror' ) {
yourls_update_option( 'defer_hashing_error', time() + 86400 * 7 ); // now + 1 week
} else {
// Encrypt passwords that are clear text
if ( !defined( 'YOURLS_NO_HASH_PASSWORD' ) && yourls_has_cleartext_passwords() ) {
$hash = yourls_hash_passwords_now( YOURLS_CONFIGFILE );
if ( $hash === true ) {
// Hashing succesful. Remove flag from DB if any.
if( yourls_get_option( 'defer_hashing_error' ) )
yourls_delete_option( 'defer_hashing_error' );
} else {
// It failed, display message for first time or if last time was a week ago
if ( time() > yourls_get_option( 'defer_hashing_error' ) or !yourls_get_option( 'defer_hashing_error' ) ) {
$message = yourls_s( 'Could not auto-encrypt passwords. Error was: "%s".', $hash );
$message .= ' ';
$message .= yourls_s( 'Get help.', 'http://yourls.org/userpassword' );
$message .= '';
$message .= yourls_s( 'Click here to dismiss this message for one week.', '?dismiss=hasherror' );
yourls_add_notice( $message );
}
}
}
}