Mercurial Mercurial > repos > enano-1.1 / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
includes/sessions.php
changeset 320 112debff64bd
parent 317 f8356d9c3481
child 322 5f1cd51bf1be
equal deleted inserted replaced
319:8be996c3740d 320:112debff64bd 
   600     $username = str_replace('_', ' ', $username);
 
   600     $username = str_replace('_', ' ', $username);
 
   601     $db_username_lower = $this->prepare_text(strtolower($username));
 
   601     $db_username_lower = $this->prepare_text(strtolower($username));
 
   602     $db_username       = $this->prepare_text($username);
 
   602     $db_username       = $this->prepare_text($username);
 
   603     
   603     
   604     // Select the user data from the table, and decrypt that so we can verify the password
 
   604     // Select the user data from the table, and decrypt that so we can verify the password
 
   605     $this->sql('SELECT password,old_encryption,user_id,user_level,theme,style,temp_password,temp_password_time FROM '.table_prefix.'users WHERE lcase(username)=\''.$db_username_lower.'\' OR username=\'' . $db_username . '\';');
 
   605     $this->sql('SELECT password,old_encryption,user_id,user_level,theme,style,temp_password,temp_password_time FROM '.table_prefix.'users WHERE ' . ENANO_SQLFUNC_LOWERCASE . '(username)=\''.$db_username_lower.'\' OR username=\'' . $db_username . '\';');
 
   606     if($db->numrows() < 1)
 
   606     if($db->numrows() < 1)
 
   607     {
 
   607     {
 
   608       // This wasn't logged in <1.0.2, dunno how it slipped through
 
   608       // This wasn't logged in <1.0.2, dunno how it slipped through
 
   609       if($level > USER_LEVEL_MEMBER)
 
   609       if($level > USER_LEVEL_MEMBER)
 
   610         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
 
   610         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
 
   728     
   728     
   729     // Initialize our success switch
 
   729     // Initialize our success switch
 
   730     $success = false;
 
   730     $success = false;
 
   731     
   731     
   732     // Retrieve the real password from the database
 
   732     // Retrieve the real password from the database
 
   733     $this->sql('SELECT password,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix.'users WHERE lcase(username)=\''.$this->prepare_text(strtolower($username)).'\';');
 
   733     $this->sql('SELECT password,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix.'users WHERE ' . ENANO_SQLFUNC_LOWERCASE . '(username)=\''.$this->prepare_text(strtolower($username)).'\';');
 
   734     if ( $db->numrows() < 1 )
 
   734     if ( $db->numrows() < 1 )
 
   735     {
 
   735     {
 
   736       // This wasn't logged in <1.0.2, dunno how it slipped through
 
   736       // This wasn't logged in <1.0.2, dunno how it slipped through
 
   737       if($level > USER_LEVEL_MEMBER)
 
   737       if($level > USER_LEVEL_MEMBER)
 
   738         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
 
   738         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
 
  1000                              . '    ON ( u.user_id=x.user_id OR x.user_id IS NULL )' . "\n"
 
  1000                              . '    ON ( u.user_id=x.user_id OR x.user_id IS NULL )' . "\n"
 
  1001                              . '  LEFT JOIN '.table_prefix.'privmsgs AS p' . "\n"
 
  1001                              . '  LEFT JOIN '.table_prefix.'privmsgs AS p' . "\n"
 
  1002                              . '    ON ( p.message_to=u.username AND p.message_read=0 )' . "\n"
 
  1002                              . '    ON ( p.message_to=u.username AND p.message_read=0 )' . "\n"
 
  1003                              . '  WHERE k.session_key=\''.$keyhash.'\'' . "\n"
 
  1003                              . '  WHERE k.session_key=\''.$keyhash.'\'' . "\n"
 
  1004                              . '    AND k.salt=\''.$salt.'\'' . "\n"
 
  1004                              . '    AND k.salt=\''.$salt.'\'' . "\n"
 
  1005                              . '  GROUP BY u.user_id;');
 
  1005                              . '  GROUP BY u.user_id,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,k.source_ip,k.time,k.auth_level,x.user_id, x.user_aim, x.user_yahoo, x.user_msn, x.user_xmpp, x.user_homepage, x.user_location, x.user_job, x.user_hobbies, x.email_public;');
 
       
  1006     
  1006     if ( !$query )
 
  1007     if ( !$query )
 
  1007     {
 
  1008     {
 
  1008       $query = $this->sql('SELECT u.user_id AS uid,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,k.source_ip,k.time,k.auth_level,COUNT(p.message_id) AS num_pms FROM '.table_prefix.'session_keys AS k
 
  1009       $query = $this->sql('SELECT u.user_id AS uid,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,k.source_ip,k.time,k.auth_level,COUNT(p.message_id) AS num_pms FROM '.table_prefix.'session_keys AS k
 
  1009                              LEFT JOIN '.table_prefix.'users AS u
 
  1010                              LEFT JOIN '.table_prefix.'users AS u
 
  1010                                ON ( u.user_id=k.user_id )
 
  1011                                ON ( u.user_id=k.user_id )
 
  1011                              LEFT JOIN '.table_prefix.'privmsgs AS p
 
  1012                              LEFT JOIN '.table_prefix.'privmsgs AS p
 
  1012                                ON ( p.message_to=u.username AND p.message_read=0 )
 
  1013                                ON ( p.message_to=u.username AND p.message_read=0 )
 
  1013                              WHERE k.session_key=\''.$keyhash.'\'
 
  1014                              WHERE k.session_key=\''.$keyhash.'\'
 
  1014                                AND k.salt=\''.$salt.'\'
 
  1015                                AND k.salt=\''.$salt.'\'
 
  1015                              GROUP BY u.user_id;');
 
  1016                              GROUP BY u.user_id,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,k.source_ip,k.time,k.auth_level;');
 
  1016     }
 
  1017     }
 
  1017     if($db->numrows() < 1)
 
  1018     if($db->numrows() < 1)
 
  1018     {
 
  1019     {
 
  1019       // echo '(debug) $session->validate_session: Key was not found in database<br />';
 
  1020       // echo '(debug) $session->validate_session: Key was not found in database<br />';
 
  1020       return false;
 
  1021       return false;
 
  1360     $col_reason = ( $this->compat ) ? '"No reason entered (session manager is in compatibility mode)" AS reason' : 'reason';
 
  1361     $col_reason = ( $this->compat ) ? '"No reason entered (session manager is in compatibility mode)" AS reason' : 'reason';
 
  1361     $banned = false;
 
  1362     $banned = false;
 
  1362     if ( $this->user_logged_in )
 
  1363     if ( $this->user_logged_in )
 
  1363     {
 
  1364     {
 
  1364       // check by IP, email, and username
 
  1365       // check by IP, email, and username
 
  1365       $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE \n"
 
  1366       if ( ENANO_DBLAYER == 'MYSQL' )
 
  1366             . "    ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR \n"
 
  1367       {
 
  1367             . "    ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' REGEXP ban_value ) OR \n"
 
  1368         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE \n"
 
  1368             . "    ( ban_type = " . BAN_USER  . " AND is_regex = 0 AND ban_value = '{$this->username}' ) OR \n"
 
  1369               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR \n"
 
  1369             . "    ( ban_type = " . BAN_USER  . " AND is_regex = 1 AND '{$this->username}' REGEXP ban_value ) OR \n"
 
  1370               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' REGEXP ban_value ) OR \n"
 
  1370             . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 0 AND ban_value = '{$this->email}' ) OR \n"
 
  1371               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 0 AND ban_value = '{$this->username}' ) OR \n"
 
  1371             . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 1 AND '{$this->email}' REGEXP ban_value ) \n"
 
  1372               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 1 AND '{$this->username}' REGEXP ban_value ) OR \n"
 
  1372             . "  ORDER BY ban_type ASC;";
 
  1373               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 0 AND ban_value = '{$this->email}' ) OR \n"
 
       
  1374               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 1 AND '{$this->email}' REGEXP ban_value ) \n"
 
       
  1375               . "  ORDER BY ban_type ASC;";
 
       
  1376       }
 
       
  1377       else if ( ENANO_DBLAYER == 'PGSQL' )
 
       
  1378       {
 
       
  1379         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE \n"
 
       
  1380               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR \n"
 
       
  1381               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' LIKE ban_value ) OR \n"
 
       
  1382               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 0 AND ban_value = '{$this->username}' ) OR \n"
 
       
  1383               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 1 AND '{$this->username}' LIKE ban_value ) OR \n"
 
       
  1384               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 0 AND ban_value = '{$this->email}' ) OR \n"
 
       
  1385               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 1 AND '{$this->email}' LIKE ban_value ) \n"
 
       
  1386               . "  ORDER BY ban_type ASC;";
 
       
  1387       }
 
  1373       $q = $this->sql($sql);
 
  1388       $q = $this->sql($sql);
 
  1374       if ( $db->numrows() > 0 )
 
  1389       if ( $db->numrows() > 0 )
 
  1375       {
 
  1390       {
 
  1376         while ( list($reason, $ban_value, $ban_type, $is_regex) = $db->fetchrow_num() )
 
  1391         while ( list($reason, $ban_value, $ban_type, $is_regex) = $db->fetchrow_num() )
 
  1377         {
 
  1392         {
 
  1398       $db->free_result();
 
  1413       $db->free_result();
 
  1399     }
 
  1414     }
 
  1400     else
 
  1415     else
 
  1401     {
 
  1416     {
 
  1402       // check by IP only
 
  1417       // check by IP only
 
  1403       $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE
 
  1418       if ( ENANO_DBLAYER == 'MYSQL' )
 
  1404                 ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR
 
  1419       {
 
  1405                 ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' REGEXP ban_value )
 
  1420         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE
 
  1406               ORDER BY ban_type ASC;";
 
  1421                   ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR
 
       
  1422                   ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' REGEXP ban_value )
 
       
  1423                 ORDER BY ban_type ASC;";
 
       
  1424       }
 
       
  1425       else if ( ENANO_DBLAYER == 'PGSQL' )
 
       
  1426       {
 
       
  1427         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE
 
       
  1428                   ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR
 
       
  1429                   ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' LIKE ban_value )
 
       
  1430                 ORDER BY ban_type ASC;";
 
       
  1431       }
 
  1407       $q = $this->sql($sql);
 
  1432       $q = $this->sql($sql);
 
  1408       if ( $db->numrows() > 0 )
 
  1433       if ( $db->numrows() > 0 )
 
  1409       {
 
  1434       {
 
  1410         while ( list($reason, $ban_value, $ban_type, $is_regex) = $db->fetchrow_num() )
 
  1435         while ( list($reason, $ban_value, $ban_type, $is_regex) = $db->fetchrow_num() )
 
  1411         {
 
  1436         {
 
  1461     $username = $this->prepare_text($username);
 
  1486     $username = $this->prepare_text($username);
 
  1462     $email = $this->prepare_text($email);
 
  1487     $email = $this->prepare_text($email);
 
  1463     $real_name = $this->prepare_text($real_name);
 
  1488     $real_name = $this->prepare_text($real_name);
 
  1464     
  1489     
  1465     $nameclause = ( $real_name != '' ) ? ' OR real_name=\''.$real_name.'\'' : '';
 
  1490     $nameclause = ( $real_name != '' ) ? ' OR real_name=\''.$real_name.'\'' : '';
 
  1466     $q = $this->sql('SELECT * FROM '.table_prefix.'users WHERE lcase(username)=\''.strtolower($username).'\' OR email=\''.$email.'\''.$nameclause.';');
 
  1491     $q = $this->sql('SELECT * FROM '.table_prefix.'users WHERE ' . ENANO_SQLFUNC_LOWERCASE . '(username)=\''.strtolower($username).'\' OR email=\''.$email.'\''.$nameclause.';');
 
  1467     if($db->numrows() > 0)
 
  1492     if($db->numrows() > 0)
 
  1468     {
 
  1493     {
 
  1469       $r = 'The ';
 
  1494       $r = 'The ';
 
  1470       $i=0;
 
  1495       $i=0;
 
  1471       $row = $db->fetchrow();
 
  1496       $row = $db->fetchrow();
 
  1746     {
 
  1771     {
 
  1747       $q = $this->sql('SELECT user_id,username,email FROM '.table_prefix.'users WHERE user_id='.$user.';'); // This is SAFE! This is only called if $user is an integer
 
  1772       $q = $this->sql('SELECT user_id,username,email FROM '.table_prefix.'users WHERE user_id='.$user.';'); // This is SAFE! This is only called if $user is an integer
 
  1748     }
 
  1773     }
 
  1749     elseif(is_string($user))
 
  1774     elseif(is_string($user))
 
  1750     {
 
  1775     {
 
  1751       $q = $this->sql('SELECT user_id,username,email FROM '.table_prefix.'users WHERE lcase(username)=lcase(\''.$db->escape($user).'\');');
 
  1776       $q = $this->sql('SELECT user_id,username,email FROM '.table_prefix.'users WHERE ' . ENANO_SQLFUNC_LOWERCASE . '(username)=' . ENANO_SQLFUNC_LOWERCASE . '(\''.$db->escape($user).'\');');
 
  1752     }
 
  1777     }
 
  1753     else
 
  1778     else
 
  1754     {
 
  1779     {
 
  1755       return false;
 
  1780       return false;
 
  1756     }
 
  1781     }
 
  2474   
  2499   
  2475   function make_captcha($len = 7)
 
  2500   function make_captcha($len = 7)
 
  2476   {
 
  2501   {
 
  2477     $code = $this->generate_captcha_code($len);
 
  2502     $code = $this->generate_captcha_code($len);
 
  2478     $hash = md5(microtime() . mt_rand());
 
  2503     $hash = md5(microtime() . mt_rand());
 
  2479     $this->sql('INSERT INTO '.table_prefix.'session_keys(session_key,salt,auth_level,source_ip,user_id) VALUES(\''.$hash.'\', \''.$s.'\', -1, \''.ip2hex($_SERVER['REMOTE_ADDR']).'\', -2);');
 
  2504     $this->sql('INSERT INTO '.table_prefix.'session_keys(session_key,salt,auth_level,source_ip,user_id) VALUES(\''.$hash.'\', \'\', -1, \''.ip2hex($_SERVER['REMOTE_ADDR']).'\', -2);');
 
  2480     return $hash;
 
  2505     return $hash;
 
  2481   }
 
  2506   }
 
  2482   
  2507   
  2483   /**
 
  2508   /**
 
  2484    * Generates the actual confirmation code text.
 
  2509    * Generates the actual confirmation code text.
 
  2709     {
 
  2734     {
 
  2710       $pg_info .= ' ( page_id=\'' . $g_id . '\' AND namespace=\'__PageGroup\' ) OR';
 
  2735       $pg_info .= ' ( page_id=\'' . $g_id . '\' AND namespace=\'__PageGroup\' ) OR';
 
  2711     }
 
  2736     }
 
  2712     
  2737     
  2713     // Build a query to grab ACL info
 
  2738     // Build a query to grab ACL info
 
  2714     $bs = 'SELECT rules FROM '.table_prefix.'acl WHERE ' . "\n"
 
  2739     $bs = 'SELECT rules,target_type,target_id FROM '.table_prefix.'acl WHERE ' . "\n"
 
  2715           . '  ( ';
 
  2740           . '  ( ';
 
  2716     $q = Array();
 
  2741     $q = Array();
 
  2717     $q[] = '( target_type='.ACL_TYPE_USER.' AND target_id='.$session->user_id.' )';
 
  2742     $q[] = '( target_type='.ACL_TYPE_USER.' AND target_id='.$session->user_id.' )';
 
  2718     if(count($session->groups) > 0)
 
  2743     if(count($session->groups) > 0)
 
  2719     {
 
  2744     {
Enano CMS (1.1.x)