includes/sessions.php
changeset 135 c5dbad7ec2d0
parent 133 af0f6ec48de3
child 142 ca9118d9c0f2
equal deleted inserted replaced
134:175776498ef1 135:c5dbad7ec2d0
   149    * Regex that defines a valid username, minus the ^ and $, these are added later
   149    * Regex that defines a valid username, minus the ^ and $, these are added later
   150    * @var string
   150    * @var string
   151    */
   151    */
   152    
   152    
   153   //var $valid_username = '([A-Za-z0-9 \!\@\(\)-]+)';
   153   //var $valid_username = '([A-Za-z0-9 \!\@\(\)-]+)';
   154   var $valid_username = '([^<>_&\?\'"%\n\r\t\a]+)';
   154   var $valid_username = '([^<>_&\?\'"%\n\r\t\a\/]+)';
   155    
   155    
   156   /**
   156   /**
   157    * What we're allowed to do as far as permissions go. This changes based on the value of the "auth" URI param.
   157    * What we're allowed to do as far as permissions go. This changes based on the value of the "auth" URI param.
   158    * @var string
   158    * @var string
   159    */
   159    */
   576     
   576     
   577     // Initialize our success switch
   577     // Initialize our success switch
   578     $success = false;
   578     $success = false;
   579     
   579     
   580     // Escaped username
   580     // Escaped username
   581     $db_username = $this->prepare_text(strtolower($username));
   581     $db_username_lower = $this->prepare_text(strtolower($username));
       
   582     $db_username       = $this->prepare_text($username);
   582     
   583     
   583     // Select the user data from the table, and decrypt that so we can verify the password
   584     // Select the user data from the table, and decrypt that so we can verify the password
   584     $this->sql('SELECT password,old_encryption,user_id,user_level,theme,style,temp_password,temp_password_time FROM '.table_prefix.'users WHERE lcase(username)=\''.$db_username.'\' OR username=\'' . $db_username . '\';');
   585     $this->sql('SELECT password,old_encryption,user_id,user_level,theme,style,temp_password,temp_password_time FROM '.table_prefix.'users WHERE lcase(username)=\''.$db_username_lower.'\' OR username=\'' . $db_username . '\';');
   585     if($db->numrows() < 1)
   586     if($db->numrows() < 1)
   586     {
   587     {
       
   588       return "The username and/or password is incorrect.\n$db->latest_query";
   587       // This wasn't logged in <1.0.2, dunno how it slipped through
   589       // This wasn't logged in <1.0.2, dunno how it slipped through
   588       if($level > USER_LEVEL_MEMBER)
   590       if($level > USER_LEVEL_MEMBER)
   589         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
   591         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
   590       else
   592       else
   591         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary) VALUES(\'security\', \'auth_bad\', '.time().', \''.date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\')');
   593         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary) VALUES(\'security\', \'auth_bad\', '.time().', \''.date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\')');
   592         
   594         
   593       return "The username and/or password is incorrect.";
       
   594     }
   595     }
   595     $row = $db->fetchrow();
   596     $row = $db->fetchrow();
   596     
   597     
   597     // Check to see if we're logging in using a temporary password
   598     // Check to see if we're logging in using a temporary password
   598     
   599     
  1399     
  1400     
  1400     // Initialize AES
  1401     // Initialize AES
  1401     $aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
  1402     $aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
  1402     
  1403     
  1403     if(!preg_match('#^'.$this->valid_username.'$#', $username)) return 'The username you chose contains invalid characters.';
  1404     if(!preg_match('#^'.$this->valid_username.'$#', $username)) return 'The username you chose contains invalid characters.';
       
  1405     $user_orig = $username;
  1404     $username = $this->prepare_text($username);
  1406     $username = $this->prepare_text($username);
  1405     $email = $this->prepare_text($email);
  1407     $email = $this->prepare_text($email);
  1406     $real_name = $this->prepare_text($real_name);
  1408     $real_name = $this->prepare_text($real_name);
  1407     
  1409     
  1408     $nameclause = ( $real_name != '' ) ? ' OR real_name=\''.$real_name.'\'' : '';
  1410     $nameclause = ( $real_name != '' ) ? ' OR real_name=\''.$real_name.'\'' : '';
  1482       $db->free_result();
  1484       $db->free_result();
  1483       
  1485       
  1484       $user_id =& $row['user_id'];
  1486       $user_id =& $row['user_id'];
  1485       $this->sql('INSERT INTO '.table_prefix.'users_extra(user_id) VALUES(' . $user_id . ');');
  1487       $this->sql('INSERT INTO '.table_prefix.'users_extra(user_id) VALUES(' . $user_id . ');');
  1486     }
  1488     }
       
  1489     
       
  1490     // Grant edit and very limited mod access to the userpage
       
  1491     $acl_data = array(
       
  1492         'read' => AUTH_ALLOW,
       
  1493         'view_source' => AUTH_ALLOW,
       
  1494         'edit_page' => AUTH_ALLOW,
       
  1495         'post_comments' => AUTH_ALLOW,
       
  1496         'edit_comments' => AUTH_ALLOW, // only allows editing own comments
       
  1497         'history_view' => AUTH_ALLOW,
       
  1498         'history_rollback' => AUTH_ALLOW,
       
  1499         'rename' => AUTH_ALLOW,
       
  1500         'delete_page' => AUTH_ALLOW,
       
  1501         'tag_create' => AUTH_ALLOW,
       
  1502         'tag_delete_own' => AUTH_ALLOW,
       
  1503         'tag_delete_other' => AUTH_ALLOW,
       
  1504         'edit_cat' => AUTH_ALLOW,
       
  1505         'create_page' => AUTH_ALLOW
       
  1506       );
       
  1507     $acl_data = $db->escape($this->perm_to_string($acl_data));
       
  1508     $userpage = $db->escape(sanitize_page_id($user_orig));
       
  1509     $cols = "target_type, target_id, page_id, namespace, rules";
       
  1510     $vals = ACL_TYPE_USER . ", $user_id, '$userpage', 'User', '$acl_data'";
       
  1511     $q = "INSERT INTO ".table_prefix."acl($cols) VALUES($vals);";
       
  1512     $this->sql($q);
  1487     
  1513     
  1488     // Require the account to be activated?
  1514     // Require the account to be activated?
  1489     if ( $coppa )
  1515     if ( $coppa )
  1490     {
  1516     {
  1491       $this->admin_activation_request($username);
  1517       $this->admin_activation_request($username);