From c8e7acb3b28eafd682f1810e1de232fbbf843da7 Mon Sep 17 00:00:00 2001
From: mxmehl <mail@mehl.mx>
Date: Fri, 10 Jul 2015 13:41:14 +0300
Subject: [PATCH] first try to avoid passwords in arguments but instead using
 files

---
 config.cfg.sample | 2 +-
 submit.php        | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/config.cfg.sample b/config.cfg.sample
index 6a902f5..757d8cb 100644
--- a/config.cfg.sample
+++ b/config.cfg.sample
@@ -1,7 +1,7 @@
 SYSUSER=$(whoami)
+DOMAIN=panel.domain.tld
 
 # Email stuff
-DOMAIN=panel.domain.tld
 TOEMAIL=user@domain.tld
 FREMAIL=user@domain.tld
 SENDMAILPATH=/usr/sbin/sendmail
diff --git a/submit.php b/submit.php
index 417a06f..847af4f 100644
--- a/submit.php
+++ b/submit.php
@@ -20,6 +20,10 @@ $USER = $_POST['user'];
 $PASS = $_POST['pass'];
 $SURE = $_POST['sure'];
 
+$RAND = mt_rand(100000, 999999);
+$PASSFILE = $RAND . 'pass';
+file_put_contents($PASSFILE, $PASS);
+
 // Checks if checkbox is activated (default at most forms)
 if($SURE == "yes")
 {