function ajax__inlineLogInForm() { $IPBHTML = ""; if (IPSLib::locationHasHooks('skin_login', $this->_funcHooks['ajax__inlineLogInForm'])) { $count_1c5592ad5da07344e7b7c6fb15cb30f1 = is_array($this->functionData['ajax__inlineLogInForm']) ? count($this->functionData['ajax__inlineLogInForm']) : 0; } $uses_name = false; $uses_email = false; $_redirect = ''; foreach ($this->cache->getCache('login_methods') as $method) { if ($method['login_user_id'] == 'username' or $method['login_user_id'] == 'either') { $uses_name = true; } if ($method['login_user_id'] == 'email' or $method['login_user_id'] == 'either') { $uses_email = true; } if ($method['login_login_url']) { $_redirect = $method['login_login_url']; } } if ($uses_name and $uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_name_and_email']; } else { if ($uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_useremail']; } else { $this->lang->words['enter_name'] = $this->lang->words['enter_username']; } } $IPBHTML .= "" . ($_redirect ? "\r\n<script type='text/javascript'>\r\nwindow.location = '{$_redirect}';\r\n</script>\r\n" : "<div id='inline_login_form'>\r\n\t<form action=\"" . $this->registry->getClass('output')->formatUrl($this->registry->getClass('output')->buildUrl("app=core&module=global&section=login&do=process", "public", ''), "", "") . "\" method=\"post\" id='login'>\r\n\t\t<input type='hidden' name='auth_key' value='{$this->member->form_hash}' />\r\n\t\t<input type=\"hidden\" name=\"referer\" value=\"" . str_replace(array('<', '>', '(', ')'), '-', my_getenv('HTTP_REFERER')) . "\" />\r\n\t\t<h3>{$this->lang->words['log_in']}</h3>\r\n\t\t" . (IPSLib::loginMethod_enabled('facebook') || IPSLib::loginMethod_enabled('twitter') || IPSLib::loginMethod_enabled('live') ? "<div class='ipsBox_notice'>\r\n\t\t\t\t<ul class='ipsList_inline'>\r\n\t\t\t\t\t" . (IPSLib::loginMethod_enabled('facebook') ? "\r\n\t\t\t\t\t\t<li><a href=\"" . $this->registry->getClass('output')->formatUrl($this->registry->getClass('output')->buildUrl("app=core&module=global&section=login&serviceClick=facebook", "public", ''), "", "") . "\"><img src=\"{$this->settings['img_url']}/facebook_login.png\" alt=\"\" /></a></li>\r\n\t\t\t\t\t" : "") . "\r\n\t\t\t\t\t" . (IPSLib::loginMethod_enabled('twitter') ? "\r\n\t\t\t\t\t\t<li><a href=\"" . $this->registry->getClass('output')->formatUrl($this->registry->getClass('output')->buildUrl("app=core&module=global&section=login&serviceClick=twitter", "public", ''), "", "") . "\"><img src=\"{$this->settings['img_url']}/twitter_login.png\" alt=\"\" /></a></li>\r\n\t\t\t\t\t" : "") . "\r\n\t\t\t\t\t" . (IPSLib::loginMethod_enabled('live') ? "\r\n\t\t\t\t\t\t<li><a href='" . $this->registry->getClass('output')->formatUrl($this->registry->getClass('output')->buildUrl("app=core&module=global&section=login&do=process&use_live=1&auth_key={$this->member->form_hash}", "public", ''), "", "") . "' title='{$this->lang->words['use_live']}'>" . $this->registry->getClass('output')->getReplacement("live_small") . " {$this->lang->words['sign_in_winlive']}</a></li>\r\n\t\t\t\t\t" : "") . "\r\n\t\t\t\t</ul>\r\n\t\t\t</div>" : "") . "\r\n\t\t<br />\r\n\t\t<div class='ipsForm ipsForm_horizontal'>\r\n\t\t\t<fieldset>\r\n\t\t\t\t<ul>\r\n\t\t\t\t\t<li class='ipsField'>\r\n\t\t\t\t\t\t<div class='ipsField_content'>\r\n\t\t\t\t\t\t\t{$this->lang->words['register_prompt_1']} <a href=\"" . $this->registry->getClass('output')->formatUrl($this->registry->getClass('output')->buildUrl("app=core&module=global&section=register", "public", ''), "", "") . "\" title='{$this->lang->words['register_prompt_2']}'>{$this->lang->words['register_prompt_2']}</a>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t</li>\r\n\t\t\t\t\t<li class='ipsField ipsField_primary'>\r\n\t\t\t\t\t\t<label for='ips_username' class='ipsField_title'>{$this->lang->words['enter_name']}</label>\r\n\t\t\t\t\t\t<div class='ipsField_content'>\r\n\t\t\t\t\t\t\t<input id='ips_username' type='text' class='input_text' name='ips_username' size='30' />\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t</li>\r\n\t\t\t\t\t<li class='ipsField ipsField_primary'>\r\n\t\t\t\t\t\t<label for='ips_password' class='ipsField_title'>{$this->lang->words['enter_pass']}</label>\r\n\t\t\t\t\t\t<div class='ipsField_content'>\r\n\t\t\t\t\t\t\t<input id='ips_password' type='password' class='input_text' name='ips_password' size='30' /><br />\r\n\t\t\t\t\t\t\t<a href='" . $this->registry->getClass('output')->formatUrl($this->registry->getClass('output')->buildUrl("app=core&module=global&section=lostpass", "public", ''), "", "") . "' title='{$this->lang->words['retrieve_pw']}'>{$this->lang->words['login_forgotten_pass']}</a>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t</li>\r\n\t\t\t\t\t<li class='ipsField ipsField_checkbox'>\r\n\t\t\t\t\t\t<input type='checkbox' id='inline_remember' checked='checked' name='rememberMe' value='1' class='input_check' />\r\n\t\t\t\t\t\t<div class='ipsField_content'>\r\n\t\t\t\t\t\t\t<label for='inline_remember'>\r\n\t\t\t\t\t\t\t\t<strong>{$this->lang->words['rememberme']}</strong><br />\r\n\t\t\t\t\t\t\t\t<span class='desc lighter'>{$this->lang->words['notrecommended']}</span>\r\n\t\t\t\t\t\t\t</label>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t</li>\r\n\t\t\t\t\t" . (!$this->settings['disable_anonymous'] ? "\r\n\t\t\t\t\t\t<li class='ipsField ipsField_checkbox'>\r\n\t\t\t\t\t\t\t<input type='checkbox' id='inline_invisible' name='anonymous' value='1' class='input_check' />\r\n\t\t\t\t\t\t\t<div class='ipsField_content'>\r\n\t\t\t\t\t\t\t\t<label for='inline_invisible'>\r\n\t\t\t\t\t\t\t\t\t<strong>{$this->lang->words['form_invisible']}</strong><br />\r\n\t\t\t\t\t\t\t\t\t<span class='desc lighter'>{$this->lang->words['anon_name']}</span>\r\n\t\t\t\t\t\t\t\t</label>\r\n\t\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t</li>\r\n\t\t\t\t\t" : "") . "\r\n\t\t\t\t</ul>\r\n\t\t\t</fieldset>\r\n\t\t\t<div class='ipsForm_submit ipsForm_center'>\r\n\t\t\t\t<input type='submit' class='ipsButton' value='{$this->lang->words['log_in']}' />\r\n\t\t\t</div>\r\n\t\t</div>\r\n\t</form>\r\n</div>") . ""; return $IPBHTML; }
function cdmoin(&$prev, $fd) { if (!isset($prev)) { $prev = my_getenv("PWD"); } chdir($prev); $temp = my_getenv("PWD"); majenv("PWD", $prev); $prev = $temp; majenv("OLDPWD", $temp); func_pwd("incase", $fd); }
/** * Create admin account * * @access public * @return @e void */ public static function createAdminAccount() { /* Build Entry */ $_mke_time = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0; $salt = IPSMember::generatePasswordSalt(5); $passhash = IPSMember::generateCompiledPasshash($salt, md5(IPSSetUp::getSavedData('admin_pass'))); $_dname = IPSSetUp::getSavedData('admin_user'); $member = array('name' => $_dname, 'members_l_username' => strtolower($_dname), 'members_display_name' => $_dname, 'members_l_display_name' => strtolower($_dname), 'members_seo_name' => IPSText::makeSeoTitle($_dname), 'member_login_key' => IPSMember::generateAutoLoginKey(), 'member_login_key_expire' => $_mke_time, 'title' => 'Administrator', 'email' => IPSSetUp::getSavedData('admin_email'), 'member_group_id' => 4, 'posts' => 1, 'joined' => time(), 'last_visit' => time(), 'last_activity' => time(), 'ip_address' => my_getenv('REMOTE_ADDR'), 'view_sigs' => 1, 'restrict_post' => 0, 'msg_show_notification' => 1, 'msg_count_total' => 0, 'msg_count_new' => 0, 'coppa_user' => 0, 'language' => IPSLib::getDefaultLanguage(), 'members_auto_dst' => 1, 'member_uploader' => 'flash', 'allow_admin_mails' => 0, 'members_pass_hash' => $passhash, 'members_pass_salt' => $salt, 'has_blog' => '', 'fb_token' => '', 'ignored_users' => '', 'members_cache' => '', 'failed_logins' => '', 'bday_day' => 0, 'bday_month' => 0, 'bday_year' => 0); /* Insert: MEMBERS */ ipsRegistry::DB()->setDataType(array('name', 'members_display_name', 'members_l_username', 'members_l_display_name'), 'string'); ipsRegistry::DB()->insert('members', $member); $member_id = ipsRegistry::DB()->getInsertId(); $member['member_id'] = $member_id; /* Insert into the custom profile fields DB */ ipsRegistry::DB()->insert('pfields_content', array('member_id' => $member_id)); /* Insert into pp */ ipsRegistry::DB()->insert('profile_portal', array('pp_member_id' => $member_id, 'pp_setting_count_friends' => 1, 'signature' => '', 'pconversation_filters' => '', 'pp_setting_count_comments' => 1, 'pp_setting_count_visitors' => 1)); }
/** * Method constructor * * @access public * @param object Registry Object * @return void */ public function __construct(ipsRegistry $registry) { parent::__construct($registry); /* Are we tracing this user? */ list($_groups, $_ids) = explode('&', trim(IPS_TOPICMARKERS_TRACE)); /* Groups */ list($_t, $groups) = explode('=', trim($_groups)); list($_t, $ids) = explode('=', trim($_ids)); if ($groups) { foreach (explode(',', $groups) as $gid) { if ($this->memberData['member_group_id'] == $gid) { $this->TRACE = TRUE; break; } } } if ($ids and !$this->TRACE) { foreach (explode(',', $ids) as $id) { if ($this->memberData['member_id'] == trim($id)) { $this->TRACE = TRUE; break; } } } /* Create session key */ $this->SESSION_KEY = md5(uniqid(microtime() . 'tms', true)); /* Create URL */ $this->URL = my_getenv('HTTP_HOST') . my_getenv('REQUEST_URI'); /* Got a table? */ //$this->DB->dropTable( 'core_topicmarker_debug' ); if (!$this->DB->checkForTable('core_topicmarker_debug')) { $prefix = $this->registry->dbFunctions()->getPrefix(); $this->DB->query("CREATE TABLE " . $prefix . "core_topicmarker_debug (\n\t\t\t\t\t\t\t\tmarker_member_id\tINT(10) NOT NULL default 0,\n\t\t\t\t\t\t\t\tmarker_session_key\tVARCHAR(32) NOT NULL default '',\n\t\t\t\t\t\t\t\tmarker_message\t\tVARCHAR(255) NOT NULL default '',\n\t\t\t\t\t\t\t\tmarker_data_freezer\tMEDIUMTEXT,\n\t\t\t\t\t\t\t\tmarker_data_storage\tMEDIUMTEXT,\n\t\t\t\t\t\t\t\tmarker_data_memory MEDIUMTEXT,\n\t\t\t\t\t\t\t\tmarker_timestamp\tINT(10) NOT NULL default 0,\n\t\t\t\t\t\t\t\tmarker_microtime\tVARCHAR(200) NOT NULL default '0',\n\t\t\t\t\t\t\t\tmarker_url\t\t\tTEXT,\n\t\t\t\t\t\t\t\tmarker_data_1\t\tTEXT,\n\t\t\t\t\t\t\t\tmarker_data_2\t\tTEXT,\n\t\t\t\t\t\t\t\tmarker_data_3\t\tTEXT,\n\t\t\t\t\t\t\t\tmarker_data_4\t\tTEXT,\n\t\t\t\t\t\t\t\tmarker_data_5\t\tTEXT,\n\t\t\t\t\t\t\t\tKEY marker_member_id (marker_member_id),\n\t\t\t\t\t\t\t\tKEY marker_microtime (marker_microtime),\n\t\t\t\t\t\t\t\tKEY marker_session_key (marker_session_key),\n\t\t\t\t\t\t\t\tKEY marker_timestamp (marker_timestamp ) )"); } /* Kick start the session off */ $this->_addEntry('Marker session INIT done'); }
/** * Display error * * @access public * @param string Error message * @param integer Error code * @return mixed You can print a custom message here, or return formatted data to be sent do registry->output->sendOutput */ public function displayError($message, $code = 0) { list($em_1, $em_2) = explode('@', $this->settings['email_in']); //----------------------------------------- // If we're a guest, show the log in box.. //----------------------------------------- if (!$this->memberData['member_id']) { $safe_string = $this->settings['base_url'] . str_replace('&', '&', IPSText::parseCleanValue(my_getenv('QUERY_STRING'))); $has_openid = false; $uses_name = false; $uses_email = false; $this->registry->getClass('class_localization')->loadLanguageFile(array('public_login'), 'core'); foreach ($this->cache->getCache('login_methods') as $method) { if ($method['login_folder_name'] == 'openid') { $has_openid = true; } if ($method['login_user_id'] == 'username') { $uses_name = true; } if ($method['login_user_id'] == 'email') { $uses_email = true; } } if ($uses_name and $uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_name_and_email']; } else { if ($uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_useremail']; } else { $this->lang->words['enter_name'] = $this->lang->words['enter_username']; } } $login_thing = $this->registry->getClass('output')->getTemplate('global_other')->error_log_in(str_replace('&', '&', $safe_string)); } //----------------------------------------- // Do we have any post data to keepy? //----------------------------------------- // Why even bother checking action? If they posted something and we're here, let 'em save it! //if ( $this->request['act'] == 'post' OR $this->request['module'] == 'messenging' OR $this->request['act'] == 'calendar' ) //{ if ($_POST['Post']) { $post_thing = $this->registry->getClass('output')->getTemplate('global_other')->error_post_textarea(IPSText::htmlspecialchars(IPSText::stripslashes($_POST['Post']))); } //} //----------------------------------------- // Show error //----------------------------------------- $html = $this->registry->getClass('output')->getTemplate('global_other')->Error($message, $code, $em_1, $em_2, 1, $login_thing, $post_thing); return $html; }
/** * Adds the action to the moderator logs * * @param string $title * @param string $topic_title * @return @e void */ protected function addToModLog($title = 'unknown', $topic_title) { $this->DB->insert('moderator_logs', array('forum_id' => $this->request['f'], 'topic_id' => $this->request['t'], 'post_id' => $this->request['p'], 'member_id' => $this->getAuthor('member_id'), 'member_name' => $this->getAuthor('members_display_name'), 'ip_address' => $this->member->ip_address, 'http_referer' => htmlspecialchars(my_getenv('HTTP_REFERER')), 'ctime' => IPS_UNIX_TIME_NOW, 'topic_title' => $topic_title, 'action' => $title, 'query_string' => htmlspecialchars(my_getenv('QUERY_STRING')))); }
/** * Fetches the user's operating system * * @return string */ protected static function _fetch_os() { $useragent = strtolower(my_getenv('HTTP_USER_AGENT')); if (strstr($useragent, 'mac')) { return 'mac'; } if (preg_match('#wi(n|n32|ndows)#', $useragent)) { return 'windows'; } return 'unknown'; }
/** * Constructor :: Authorizes the session * * @access public * @return mixed Void normally, but can print error message */ public function __construct() { /* Make object */ $this->registry = ipsRegistry::instance(); $this->DB = $this->registry->DB(); $this->settings =& $this->registry->fetchSettings(); $this->request =& $this->registry->fetchRequest(); $this->cache = $this->registry->cache(); $this->caches =& $this->registry->cache()->fetchCaches(); $this->_member = self::instance(); $this->_memberData =& self::instance()->fetchMemberData(); /* Delete immediately */ $this->_deleteNow = true; /** * If the sso.php file is present in this folder, we'll load it. * This file can be used to easily integrate single-sign on in * situations where you need to check session data */ if (file_exists(IPS_ROOT_PATH . '/sources/classes/session/sso.php')) { require_once IPS_ROOT_PATH . '/sources/classes/session/sso.php'; if (class_exists("ssoSessionExtension")) { $this->sso = new ssoSessionExtension($this->registry); } } //----------------------------------------- // INIT //----------------------------------------- $cookie = array(); $this->_userAgent = substr($this->_member->user_agent, 0, 200); //----------------------------------------- // Fix up app / section / module //----------------------------------------- $this->current_appcomponent = IPS_APP_COMPONENT; $this->current_module = IPSText::alphanumericalClean($this->request['module']); $this->current_section = IPSText::alphanumericalClean($this->request['section']); $this->settings['session_expiration'] = $this->settings['session_expiration'] ? $this->settings['session_expiration'] : 3600; //----------------------------------------- // Return as guest if running a task //----------------------------------------- if (IPS_IS_TASK) { self::$data_store = IPSMember::setUpGuest(); self::$data_store['last_activity'] = time(); self::$data_store['last_visit'] = time(); return true; } //----------------------------------------- // no new headers if we're simply viewing an attachment.. //----------------------------------------- if ($this->request['section'] == 'attach') { $this->settings['no_print_header'] = 1; } //----------------------------------------- // no new headers if we're updating chat //----------------------------------------- if (IPS_IS_AJAX && $this->request['section'] != 'login' or $this->request['section'] == 'attach' or $this->request['section'] == 'captcha') { $this->settings['no_print_header'] = 1; $this->do_update = 0; } //----------------------------------------- // Continue! //----------------------------------------- $cookie['session_id'] = IPSCookie::get('session_id'); $cookie['member_id'] = IPSCookie::get('member_id'); $cookie['pass_hash'] = IPSCookie::get('pass_hash'); if ($cookie['session_id']) { $this->getSession($cookie['session_id']); $this->session_type = 'cookie'; } elseif (isset($this->request['s']) and $this->request['s']) { $this->getSession($this->request['s']); $this->session_type = 'url'; } else { $this->session_id = 0; } //----------------------------------------- // Do we have a valid session ID? //----------------------------------------- if ($this->session_id) { //----------------------------------------- // We've checked the IP addy and browser, so we can assume that this is // a valid session. //----------------------------------------- if ($this->session_user_id != 0 and !empty($this->session_user_id)) { //----------------------------------------- // It's a member session, so load the member. //----------------------------------------- self::setMember($this->session_user_id); //----------------------------------------- // Did we get a member? //----------------------------------------- if (!self::$data_store['member_id'] or self::$data_store['member_id'] == 0) { $this->_updateGuestSession(); /** * If we have an SSO object, run it for the update guest session call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('update'); } } else { $this->_updateMemberSession(); /** * If we have an SSO object, run it for the update member call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) { $this->sso->checkSSOForMember('update'); } } } else { $this->_updateGuestSession(); /** * If we have an SSO object, run it for the update guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('update'); } } } else { //----------------------------------------- // We didn't have a session, or the session didn't validate // Do we have cookies stored? //----------------------------------------- if ($cookie['member_id'] != "" and $cookie['pass_hash'] != "") { //----------------------------------------- // Load member //----------------------------------------- self::setMember($cookie['member_id']); //----------------------------------------- // INIT log in key stuff //----------------------------------------- $_ok = 1; $_days = 0; $_sticky = 1; $_time = $this->settings['login_key_expire'] ? time() + intval($this->settings['login_key_expire']) * 86400 : 0; if (!self::$data_store['member_id'] or self::$data_store['member_id'] == 0) { $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } else { if (self::$data_store['member_login_key'] == $cookie['pass_hash']) { //----------------------------------------- // Key expired? //----------------------------------------- if ($this->settings['login_key_expire']) { $_sticky = 0; $_days = $this->settings['login_key_expire']; if (time() > self::$data_store['member_login_key_expire']) { $_ok = 0; } } if ($_ok == 1) { $this->_createMemberSession(); /** * If we have an SSO object, run it for the create member call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) { $this->sso->checkSSOForMember('create'); } //----------------------------------------- // Change the log in key to make each authentication // use a unique token. This means that if a cookie is // stolen, the hacker can only use the auth once. //----------------------------------------- if ($this->settings['login_change_key']) { self::$data_store['member_login_key'] = IPSMember::generateAutoLoginKey(); IPSMember::save(self::$data_store['member_id'], array('core' => array('member_login_key' => self::$data_store['member_login_key'], 'member_login_key_expire' => $_time))); IPSCookie::set("pass_hash", self::$data_store['member_login_key'], $_sticky, $_days); } } else { self::setMember(0); $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } } else { self::setMember(0); $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } } } else { $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } } //----------------------------------------- // Knock out Google Web Accelerator //----------------------------------------- if (ipsRegistry::$settings['disable_prefetching']) { if (my_getenv('HTTP_X_MOZ') and strstr(strtolower(my_getenv('HTTP_X_MOZ')), 'prefetch') and self::$data_store['member_id']) { if (IPB_PHP_SAPI == 'cgi-fcgi' or IPB_PHP_SAPI == 'cgi') { @header('Status: 403 Forbidden'); } else { @header('HTTP/1.1 403 Forbidden'); } @header("Cache-Control: no-cache, must-revalidate, max-age=0"); @header("Expires: 0"); @header("Pragma: no-cache"); print "Prefetching or precaching is not allowed. If you have Google Accelerator enabled, please disable"; exit; } } //----------------------------------------- // Still no member id and not a bot? //----------------------------------------- if (!self::$data_store['member_id'] and !$this->_member->is_not_human) { self::setMember(0); self::$data_store['last_activity'] = time(); $this->request['last_visit'] = time(); } //----------------------------------------- // Set a session ID cookie //----------------------------------------- $this->_member->session_type = $this->session_type; $this->_member->session_id = $this->session_id; IPSCookie::set("session_id", $this->session_id, -1); }
/** * Add to the log file * * @access public * @param array Task data * @param string Description to add to the log file * @return @e void */ public function appendTaskLog($task, $desc) { if (!$task['task_log']) { return; } $save = array('log_title' => $task['task_title'], 'log_date' => time(), 'log_ip' => my_getenv('REMOTE_ADDR'), 'log_desc' => $desc); $this->DB->insert('task_logs', $save); }
/** * Revert a setting to the default value * * @return @e void */ protected function _revertSettings() { $this->request['id'] = intval($this->request['id']); if (!$this->request['id']) { $this->registry->output->global_message = $this->lang->words['s_noid']; $this->_settingForm(); return; } $conf = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'core_sys_conf_settings', 'where' => 'conf_id=' . $this->request['id'])); //-------------------------------------------- // Revert... //-------------------------------------------- IPSLib::updateSettings(array($conf['conf_key'] => $conf['conf_default'])); $this->registry->output->global_message = $this->lang->words['s_revertedback']; $this->settingsRebuildCache(); //----------------------------------------- // Boink //----------------------------------------- $referrer = my_getenv('HTTP_REFERER'); if (strstr($referrer, $this->settings['_admin_link']) and !strstr($referrer, 'app=core&module=settings§ion=settings')) { $this->registry->output->silentRedirect($referrer); return; } else { $this->_viewSettings(); } }
/** * Build the secondary menu * * @access private * @return string Menu HTML */ private function _buildSubMenu() { //----------------------------------------- // INIT //----------------------------------------- $clean_module = IPSText::alphanumericalClean(ipsRegistry::$current_module); $this->menu = array(); $_nav_main_done = 0; /* Fetch fke apps */ $fakeApps = $this->registry->output->fetchFakeApps(); $inFakeApp = FALSE; $fakeApp = ''; //----------------------------------------- // In a fake app? //----------------------------------------- foreach ($fakeApps as $_app => $_fdata) { foreach ($_fdata as $__fdata) { if (ipsRegistry::$current_application == $__fdata['app'] and $__fdata['module'] == ipsRegistry::$current_module) { $fakeApp = $_app; $inFakeApp = TRUE; break 2; } } } //----------------------------------------- // Got a cache? //----------------------------------------- if (IN_DEV) { ipsRegistry::cache()->updateCacheWithoutSaving('app_menu_cache', array()); } if (!is_array(ipsRegistry::cache()->getCache('app_menu_cache')) or !count(ipsRegistry::cache()->getCache('app_menu_cache'))) { $this->cache->rebuildCache('app_menu_cache', 'global'); } //----------------------------------------- // Get child XML tabs //----------------------------------------- if (ipsRegistry::$current_application and $clean_module) { //----------------------------------------- // Do stuff //----------------------------------------- foreach (ipsRegistry::cache()->getCache('app_menu_cache') as $app_dir => $data) { if (!ipsRegistry::$applications[$app_dir]['app_enabled']) { continue; } /* Not in this app? */ if ($app_dir != ipsRegistry::$current_application) { continue; } foreach ($data as $_current_module => $module_data) { $skip = TRUE; $__current_module = $_current_module; $_current_module = preg_replace('/^\\d+?_(.*)$/', "\\1", $_current_module); /* Fake app content? If so.. remove.. */ foreach ($fakeApps as $_app => $_fdata) { foreach ($_fdata as $__fdata) { /* If the fake app matches the menu we're gonna show... */ if ($__fdata['app'] == $app_dir and $__fdata['module'] == $_current_module) { if ($inFakeApp === TRUE && $_app == $fakeApp) { $skip = FALSE; } } else { /* If we're in a fake app, skip non fake apps */ if ($inFakeApp !== TRUE) { $skip = FALSE; } } } } if ($skip === TRUE) { continue; } if ($app_dir == ipsRegistry::$request['app'] and !stristr($this->settings['query_string_safe'], 'module=')) { $this->settings['query_string_safe'] = $this->settings['query_string_safe'] . '&module=' . $clean_module; } foreach ($module_data['items'] as $id => $item) { //----------------------------------------- // Permission mask? //----------------------------------------- if ($item['rolekey']) { ipsRegistry::getClass('class_permissions')->return = 1; if (ipsRegistry::getClass('class_permissions')->checkPermission($item['rolekey'], $app_dir, $_current_module) !== TRUE) { //print '<pre>';print $app_dir . ' '. $_current_module.'<br>';print_r($module_data);print_r($item); continue; } } //----------------------------------------- // Force a module/section parameter into the input array //----------------------------------------- if ($app_dir == ipsRegistry::$current_application and ipsRegistry::$current_module == $item['module'] and !ipsRegistry::$request['section'] and $item['section']) { ipsRegistry::$request['section'] = $item['section']; } //----------------------------------------- // Add to nav? //----------------------------------------- if ($app_dir == ipsRegistry::$current_application and ipsRegistry::$request['section'] and ipsRegistry::$request['section'] == $item['section'] and ipsRegistry::$current_module == $item['module']) { //----------------------------------------- // Sure? //----------------------------------------- $_ok = 1; $__sub_item_url = $item['url'] ? '&' . $item['url'] : ''; if (!$_nav_main_done) { if (!$this->ignoreCoreNav) { $this->core_nav[] = array($this->settings['base_url'] . 'module=' . $_current_module . '&section=' . $item['section'], $module_data['title']); } $_nav_main_done = 1; //----------------------------------------- // Sort out do param? //----------------------------------------- if ($item['url'] and !isset($_GET['do'])) { $_do = str_replace("do=", "", $item['url']); ipsRegistry::$request['do'] = $_do; if (!stristr($this->settings['query_string_safe'], 'section=')) { $this->settings['query_string_safe'] = $this->settings['query_string_safe'] . '&section=' . ipsRegistry::$request['section']; } $this->settings['query_string_safe'] = '&do=' . $_do; } } if ($item['url']) { /* Reset */ $_ok = 0; /* Trying something a little different with the nav */ $_url = explode('=', $item['url']); /* Now we're first going to check for an exact do match */ $_ok = $_url[1] == ipsRegistry::$request['do']; /* No? Check the Query string then */ if (!$_ok) { $_n = str_replace('&', '&', strtolower($item['url'])); $_h = str_replace('&', '&', strtolower(my_getenv('QUERY_STRING'))); if (strstr($_h, $_n)) { $_ok = 1; } } } if (!$this->ignoreCoreNav and $_ok) { $this->core_nav[] = array($this->settings['base_url'] . 'module=' . $_current_module . '&section=' . $item['section'] . $__sub_item_url, $item['title']); } } //----------------------------------------- // Continue... //----------------------------------------- if ($item['title'] and $item['section']) { $this->menu[$app_dir][$__current_module]['items'][] = array('title' => $item['title'], 'module' => $_current_module, 'section' => $item['section'], 'url' => $item['url'], 'redirect' => $item['redirect']); $this->menu[$app_dir][$__current_module]['title'] = count($this->menu[$app_dir][$__current_module]['items']) > 1 ? $module_data['title'] : $item['title']; } } } } } //print_r($this->menu); if (isset($this->menu) && count($this->menu)) { return $this->global_template->menu_sub_navigation($this->menu); } }
/** * Log the user out * * @param string Message to show on the form * @return @e void */ public function loginForm($message = '') { //----------------------------------------- // Hang on, do we need the upgrader? //----------------------------------------- if (!IN_DEV and (!defined('SKIP_UPGRADE_CHECK') or !SKIP_UPGRADE_CHECK)) { require_once IPS_ROOT_PATH . 'setup/sources/base/setup.php'; /*noLibHook*/ foreach (ipsRegistry::$applications as $app_dir => $app) { $_a = ($app_dir == 'forums' or $app_dir == 'members') ? 'core' : $app_dir; $numbers = IPSSetUp::fetchAppVersionNumbers($_a); if ($numbers['latest'][0] and $numbers['latest'][0] > $numbers['current'][0]) { $this->registry->output->silentRedirect($this->settings['base_acp_url'] . '/upgrade/index.php?_acpRedirect=1'); return; } } } //----------------------------------------- // INIT //----------------------------------------- $message = $message ? $message : $this->member->sessionClass()->getMessage(); //------------------------------------------------------- // Remove all out of date sessions, like a good boy. Woof. //------------------------------------------------------- $cut_off_stamp = time() - 60 * 60 * 2; $this->DB->delete('core_sys_cp_sessions', "session_running_time < {$cut_off_stamp}"); //------------------------------------------------------ // Start form //------------------------------------------------------ $qs = str_replace('&', '&', IPSText::parseCleanValue(urldecode(my_getenv('QUERY_STRING')))); $qs = str_replace('adsess=', 'old_adsess=', $qs); $qs = str_replace('module=menu', '', $qs); $additional_data = $this->han_login->additionalFormHTML(); $replace = false; $data = array(); if (!is_null($additional_data) and is_array($additional_data) and count($additional_data)) { $replace = $additional_data[0]; $data = $additional_data[1]; } $uses_name = false; $uses_email = false; foreach (ipsRegistry::cache()->getCache('login_methods') as $method) { $login_methods[$method['login_folder_name']] = $method['login_folder_name']; if ($method['login_user_id'] == 'username' or $method['login_user_id'] == 'either') { $uses_name = true; } if ($method['login_user_id'] == 'email' or $method['login_user_id'] == 'either') { $uses_email = true; } } if ($uses_name and $uses_email) { $this->lang->words['gl_signinname'] = $this->lang->words['enter_name_and_email']; } else { if ($uses_email) { $this->lang->words['gl_signinname'] = $this->lang->words['enter_useremail']; } else { $this->lang->words['gl_signinname'] = $this->lang->words['enter_username']; } } ipsRegistry::getClass('output')->html_title = $this->lang->words['ipb_login']; ipsRegistry::getClass('output')->html_main = ipsRegistry::getClass('output')->global_template->log_in_form($qs, $message, $replace == 'replace' ? true : false, $data); ipsRegistry::getClass('output')->html_main = str_replace('<%TITLE%>', ipsRegistry::getClass('output')->html_title, ipsRegistry::getClass('output')->html_main); @header("Content-type: text/html"); print ipsRegistry::getClass('output')->html_main; exit; }
/** * Global template/wrapper * * @access public * @param string Title * @param string Page content * @param array Data * @param array Errors * @param array Warnings * @param array Install step info * @return string HTML */ public function globalTemplate($title, $content, $data = array(), $errors = array(), $warnings = array(), $messages = array(), $installStep = array(), $version, $appData) { $IPBHTML = ""; //--starthtml--// $_cssPath = '../setup/public'; $_productVersion = $this->registry->fetchGlobalConfigValue('version'); $_productName = $this->registry->fetchGlobalConfigValue('name'); $app = IPS_IS_UPGRADER ? 'upgrade' : 'install'; $extraUrl = IPS_IS_UPGRADER ? '&s=' . $this->request['s'] : ''; $extraUrl .= (IPS_IS_UPGRADER and $this->request['workact']) ? '&workact=' . $this->request['workact'] : ''; $extraUrl .= (IPS_IS_UPGRADER and isset($this->request['st'])) ? '&st=' . $this->request['st'] : ''; $extraInfo = (IPS_IS_UPGRADER and $version) ? 'This Module: ' . $version . '<br />(' . $appData['name'] . ')' : ''; $IPBHTML .= <<<EOF <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> \t<head> \t\t<title>IPS SetUp: {$title}</title> \t\t<style type='text/css' media='all'> \t\t\t@import url('{$_cssPath}/install.css'); \t\t</style> \t\t<meta http-equiv="content-type" content="text/html; charset=utf-8" />\t \t</head> \t<body> \t\t<form id='install-form' action='index.php?app={$app}{$extraUrl}§ion={$this->registry->output->nextAction}' method='post'> \t\t<input type='hidden' name='_sd' value='{$data['savedData']}'> \t\t \t\t<div id='ipbwrapper'> \t\t\t<div id='branding'> \t\t\t\t<div class='main_width'> \t\t\t\t\t<div class='logo'><img src='{$this->registry->output->imageUrl}/logo.png' /></div> \t\t\t\t</div>\t \t\t\t</div> \t\t\t<div id='primary_nav' class='clearfix'> \t\t\t\t<div class='main_width'> \t\t\t\t\t<ul class='ipsList_inline' id='community_app_menu'> \t\t\t\t\t\t<li class='active'><a href='#'>{$this->registry->output->sequenceData[$this->registry->output->currentPage]}</a></li> \t\t\t\t\t EOF; if (!IPS_IS_UPGRADER) { $IPBHTML .= <<<EOF \t\t\t\t\t\t<li><a href='http://external.ipslink.com/ipboard30/landing/?p=installation-guide' target='_blank'><b>Installation Guide</b></a></li> EOF; } $IPBHTML .= <<<EOF \t\t\t\t\t</ul> \t\t\t\t</div> \t\t\t</div> \t\t\t<div id='content'> \t\t \t <div class='ipsLayout ipsLayout_withleft ipsLayout_largeleft clearfix'> \t\t \t <div class='ipsLayout_left clearfix'> \t\t \t \t\t<div class='ipsBox'> \t\t \t \t\t\t<div class='ipsBox_container'> \t\t\t\t\t\t\t\t<ul id='progress'> EOF; foreach ($data['progress'] as $p) { $extra = ''; if ($installStep[0] > 0) { $extra = $p[0] == 'step_doing' ? "<p>Step {$installStep[0]}/{$installStep[1]}</p>" : ''; } if ($extraInfo) { $extra .= $p[0] == 'step_doing' ? "<p>{$extraInfo}</p>" : ''; } $IPBHTML .= <<<EOF \t<li class='{$p[0]}'>{$p[1]}{$extra}</li> EOF; } $IPBHTML .= <<<EOF \t\t \t \t\t\t</ul> \t\t \t \t\t</div> \t\t \t \t</div> \t\t \t \t</div> \t\t \t \t<div class='ipsLayout_content clearfix'> EOF; if (count($messages)) { $IPBHTML .= <<<EOF \t\t<br /> \t\t <div class='message' style='overflow:auto;max-height:180px'> EOF; foreach ($messages as $msg) { $IPBHTML .= "<p>{$msg}</p>\n"; } $IPBHTML .= <<<EOF \t\t </div><br /> EOF; } if (count($errors) or count($warnings)) { $IPBHTML .= <<<EOF \t\t<br /> \t\t <div class='message error' style='overflow:auto;max-height:180px'> EOF; foreach ($errors as $msg) { $IPBHTML .= "<p>Error: {$msg}</p>\n"; } foreach ($warnings as $msg) { $IPBHTML .= "<p>Warning: {$msg}</p>\n"; } $IPBHTML .= <<<EOF \t\t </div><br /> EOF; } $IPBHTML .= <<<EOF \t\t \t <div> \t\t \t \t<h3 class='maintitle'>{$_productName} {$_productVersion}</h3> \t\t \t <div class='ipsBox'> \t\t \t \t\t<div id='contentContainer' class='ipsBox_container ipsPad'> \t\t \t {$content} \t\t \t </div> \t\t \t </div> \t\t \t <div style='padding-top: 17px; padding-right: 15px; padding-left: 15px'> \t\t \t <div style='float: right'> EOF; if ($data['hideButton'] !== TRUE and $this->_showNoButtons !== TRUE) { if ($this->registry->output->nextAction == 'disabled' or count($errors)) { $IPBHTML .= <<<EOF \t\t \t <input type='submit' class='nav_button' value='Install can not continue...' disabled='disabled' /> EOF; } else { if (!$this->registry->output->nextAction) { $back = my_getenv('HTTP_REFERER'); $IPBHTML .= <<<EOF \t<input type='button' class='nav_button' value='< Back' onclick="window.location='{$back}';return false;" /> EOF; } $IPBHTML .= <<<EOF \t\t \t <input type='submit' class='nav_button' value='Next >' /> EOF; } } $date = date("Y"); $IPBHTML .= <<<EOF \t\t\t\t\t\t</div> \t\t\t\t\t</div> <!-- buttons --> \t\t\t\t<br /> \t\t\t\t<br /> \t\t\t\t<div class='copyright'> \t\t \t \t© EOF; $IPBHTML .= date("Y"); $IPBHTML .= <<<EOF Invision Power Services, Inc. \t\t\t\t</div> \t\t\t</div><!-- ipsLayout_content --> \t\t</div><!-- ipsLayout--> \t</div><!-- content --> </div><!-- wrapper --> EOF; /* Bit of a kludge */ if (is_array($errors) and count($errors)) { $IPBHTML .= <<<EOF \t\t<script type='text/javascript'> \t\t//<![CDATA[ \t\tfunction form_redirect() \t\t{ \t\t\treturn false; \t\t} \t\t//]]> \t\t</script> EOF; } $IPBHTML .= <<<EOF \t\t</form> \t \t</body> </html> EOF; return $IPBHTML; }
/** * Add an entry to the moderator log * * @param integer Forum id * @param integer Topic id * @param string Topic title * @param string Title to add to moderator log * @return boolean */ public function addModerateLog($fid, $tid, $pid, $t_title, $mod_title = 'Unknown') { $this->DB->setDataType('member_name', 'string'); $this->DB->insert('moderator_logs', array('forum_id' => intval($fid), 'topic_id' => intval($tid), 'post_id' => intval($pid), 'member_id' => $this->memberData['member_id'], 'member_name' => $this->memberData['members_display_name'], 'ip_address' => $this->member->ip_address, 'http_referer' => htmlspecialchars(my_getenv('HTTP_REFERER')), 'ctime' => time(), 'topic_title' => $t_title, 'action' => $mod_title, 'query_string' => htmlspecialchars(my_getenv('QUERY_STRING')))); return TRUE; }
* * @author $Author: bfarber $ * @copyright (c) 2001 - 2009 Invision Power Services, Inc. * @package Invision Power Board * @version $Rev: 3887 $ * */ define('IPS_PUBLIC_SCRIPT', 'index.php'); require_once '../initdata.php'; require_once IPS_ROOT_PATH . 'sources/base/ipsRegistry.php'; /* INIT Registry */ $reg = ipsRegistry::instance(); $reg->init(); /* GET INPUT */ $url = my_getenv('REQUEST_URI') ? my_getenv('REQUEST_URI') : my_getenv('PHP_SELF'); $qs = my_getenv('QUERY_STRING'); $link = 'act=idx'; $id = 0; $st = 0; $justKeepMe = str_replace('.html', '', $qs ? $qs : str_replace("/", "", strrchr($url, "/"))); /* Got pages? */ if (strstr($justKeepMe, "-")) { list($_mainBit, $_startBit) = explode("-", $justKeepMe); $justKeepMe = $_mainBit; $st = intval($_startBit); } if (strstr($justKeepMe, 't') and is_numeric(substr($justKeepMe, 1))) { $id = intval(substr($justKeepMe, 1)); $link = 'showtopic=' . $id; if ($st) { $link .= '&st=' . $st;
/** * Constructor :: Authorizes the session * * @param boolean $noAutoParsingSessions No auto parsing of sessions - set as true when using API-like methods * @return @e mixed Void normally, but can print error message */ public function __construct($noAutoParsingSessions = false) { /* Make object */ $this->registry = ipsRegistry::instance(); $this->DB = $this->registry->DB(); $this->settings =& $this->registry->fetchSettings(); $this->request =& $this->registry->fetchRequest(); $this->cache = $this->registry->cache(); $this->caches =& $this->registry->cache()->fetchCaches(); $this->_member = self::instance(); $this->_memberData =& self::instance()->fetchMemberData(); /* Delete immediately */ $this->_deleteNow = true; /** * If the sso.php file is present in this folder, we'll load it. * This file can be used to easily integrate single-sign on in * situations where you need to check session data */ if (is_file(IPS_ROOT_PATH . '/sources/classes/session/sso.php')) { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/sources/classes/session/sso.php', 'ssoSessionExtension'); if (class_exists($classToLoad)) { $this->sso = new $classToLoad($this->registry); } } //----------------------------------------- // INIT //----------------------------------------- $cookie = array(); $this->_userAgent = substr($this->_member->user_agent, 0, 200); //----------------------------------------- // Fix up app / section / module //----------------------------------------- $this->current_appcomponent = IPS_APP_COMPONENT; $this->current_module = IPSText::alphanumericalClean($this->request['module']); $this->current_section = IPSText::alphanumericalClean($this->request['section']); $this->settings['session_expiration'] = $this->settings['session_expiration'] ? $this->settings['session_expiration'] : 3600; //----------------------------------------- // Return as guest if running a task //----------------------------------------- if (IPS_IS_TASK) { self::$data_store = IPSMember::setUpGuest(); self::$data_store['last_activity'] = time(); self::$data_store['last_visit'] = time(); return true; } /* Not auto parsing sessions? */ if ($noAutoParsingSessions === true) { return true; } //----------------------------------------- // no new headers if we're simply viewing an attachment.. //----------------------------------------- if ($this->request['section'] == 'attach') { $this->settings['no_print_header'] = 1; } //----------------------------------------- // no new headers if we're updating chat //----------------------------------------- if (IPS_IS_AJAX && ($this->request['section'] != 'login' && $this->request['section'] != 'skin') or $this->request['section'] == 'attach' or $this->request['section'] == 'captcha') { $this->settings['no_print_header'] = 1; $this->do_update = 0; } //----------------------------------------- // IPS Connect //----------------------------------------- $ipsConnectEnabled = FALSE; foreach ($this->caches['login_methods'] as $k => $data) { if ($data['login_folder_name'] == 'ipsconnect' and $data['login_enabled']) { $ipsConnectEnabled = TRUE; $ipsConnectSettings = unserialize($data['login_custom_config']); } } //----------------------------------------- // Continue! //----------------------------------------- $cookie['session_id'] = IPSCookie::get('session_id'); $cookie['member_id'] = IPSCookie::get('member_id'); $cookie['pass_hash'] = IPSCookie::get('pass_hash'); if ($cookie['session_id'] && empty($this->request['_nsc'])) { $this->getSession($cookie['session_id']); $this->session_type = 'cookie'; } elseif (!empty($this->request['s'])) { $this->getSession($this->request['s']); $this->session_type = 'url'; } else { $this->session_id = 0; $this->session_type = 'url'; } //----------------------------------------- // Do we have a valid session ID? //----------------------------------------- if ($this->session_id) { $haveMember = FALSE; $forceNoMember = FALSE; /* Check we're not specifically logged out of IPS Connect */ if ($ipsConnectEnabled and isset($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) and !$_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) { $forceNoMember = TRUE; } /* Check Local */ if (!empty($this->session_user_id) and !$forceNoMember) { self::setMember($this->session_user_id); if (self::$data_store['member_id'] and self::$data_store['member_id'] != 0) { $haveMember = TRUE; } } /* Check IPS Connect */ if (!$haveMember and !$forceNoMember) { if ($ipsConnectEnabled and isset($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])])) { if ($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) { require_once IPS_KERNEL_PATH . 'classFileManagement.php'; $cfm = new classFileManagement(); $return = $cfm->getFileContents($ipsConnectSettings['master_url'] . '?' . http_build_query(array('act' => 'cookies', 'data' => json_encode($_COOKIE)))); if ($return = @json_decode($return, TRUE)) { if ($return['connect_status'] == 'SUCCESS') { $this->_handleIpsConnect($return); $haveMember = TRUE; } } } } } /* Handle */ if ($haveMember) { $this->_updateMemberSession(); /** * If we have an SSO object, run it for the update member call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) { $this->sso->checkSSOForMember('update'); } } else { $this->_updateGuestSession(); /** * If we have an SSO object, run it for the update guest session call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('update'); } } } else { //----------------------------------------- // We didn't have a session, or the session didn't validate // Do we have cookies stored? //----------------------------------------- $haveMember = FALSE; if ($ipsConnectEnabled and isset($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])])) { if ($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) { require_once IPS_KERNEL_PATH . 'classFileManagement.php'; $cfm = new classFileManagement(); $return = $cfm->getFileContents($ipsConnectSettings['master_url'] . '?' . http_build_query(array('act' => 'cookies', 'data' => json_encode($_COOKIE)))); if ($return = @json_decode($return, TRUE)) { if ($return['connect_status'] == 'SUCCESS') { $this->_handleIpsConnect($return); $haveMember = TRUE; } } } } elseif ($cookie['member_id'] != "" and $cookie['pass_hash'] != "") { self::setMember($cookie['member_id']); if (self::$data_store['member_id'] and self::$data_store['member_login_key'] == $cookie['pass_hash'] and (!$this->settings['login_key_expire'] or time() <= self::$data_store['member_login_key_expire'])) { $haveMember = TRUE; } } //----------------------------------------- // Handle //----------------------------------------- if ($haveMember) { $this->_createMemberSession(); /** * If we have an SSO object, run it for the create member call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) { $this->sso->checkSSOForMember('create'); } } else { self::setMember(0); $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } } //----------------------------------------- // Knock out Google Web Accelerator //----------------------------------------- if (ipsRegistry::$settings['disable_prefetching']) { if (my_getenv('HTTP_X_MOZ') and strstr(strtolower(my_getenv('HTTP_X_MOZ')), 'prefetch') and self::$data_store['member_id']) { if (isset($_SERVER['SERVER_PROTOCOL']) and strstr($_SERVER['SERVER_PROTOCOL'], '/1.0')) { @header('HTTP/1.0 403 Forbidden'); } else { @header('HTTP/1.1 403 Forbidden'); } @header("Cache-Control: no-cache, must-revalidate, max-age=0"); @header("Expires: 0"); @header("Pragma: no-cache"); print "Prefetching or precaching is not allowed. If you have Google Accelerator enabled, please disable"; exit; } } //----------------------------------------- // Still no member id and not a bot? //----------------------------------------- if (empty(self::$data_store['member_id']) and !$this->_member->is_not_human) { self::setMember(0); self::$data_store['last_activity'] = time(); $this->request['last_visit'] = time(); } //----------------------------------------- // Set a session ID cookie //----------------------------------------- $this->_member->session_type = $this->session_type; $this->_member->session_id = $this->session_id; IPSCookie::set("session_id", $this->session_id, -1); }
/** * Our singleton INIT function * * @access protected * @return void */ protected static function init() { if (self::$initiated !== TRUE) { //----------------------------------------- // IP Address //----------------------------------------- if (ipsRegistry::$settings['xforward_matching']) { foreach (array_reverse(explode(',', my_getenv('HTTP_X_FORWARDED_FOR'))) as $x_f) { $x_f = trim($x_f); if (preg_match('/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$/', $x_f)) { $addrs[] = $x_f; } } $addrs[] = my_getenv('HTTP_CLIENT_IP'); $addrs[] = my_getenv('HTTP_X_CLUSTER_CLIENT_IP'); $addrs[] = my_getenv('HTTP_PROXY_USER'); } $addrs[] = my_getenv('REMOTE_ADDR'); //----------------------------------------- // Do we have one yet? //----------------------------------------- foreach ($addrs as $ip) { if ($ip) { preg_match("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\$/", $ip, $match); self::instance()->ip_address = $match[1] . '.' . $match[2] . '.' . $match[3] . '.' . $match[4]; if (self::instance()->ip_address and self::instance()->ip_address != '...') { break; } } } //----------------------------------------- // Make sure we take a valid IP address //----------------------------------------- if ((!self::instance()->ip_address or self::instance()->ip_address == '...') and !isset($_SERVER['SHELL']) and $_SERVER['SESSIONNAME'] != 'Console') { print "Could not determine your IP address"; exit; } if (IPS_IS_UPGRADER) { require_once IPS_ROOT_PATH . "setup/sources/classes/session/sessions.php"; self::$session_class = new sessions(); } else { self::setMember(0); } } }
/** * Saves a ajax topic title edit * * @return @e void */ public function saveTopicTitle() { /* INIT */ $name = $_POST['name']; $tid = intval($this->request['tid']); $can_edit = 0; /* Check ID */ if (!$tid) { $this->returnJsonError($this->lang->words['ajax_no_topic_id']); } /* Load Topic */ $topic = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'topics', 'where' => 'tid=' . $tid)); if (!$topic['tid']) { $this->returnJsonError($this->lang->words['ajax_topic_not_found']); } /* Check Permissions */ if ($this->memberData['g_is_supmod']) { $can_edit = 1; } else { if (is_array($this->memberData['forumsModeratorData']) and $this->memberData['forumsModeratorData'][$topic['forum_id']]['edit_topic']) { $can_edit = 1; } } if (!$can_edit) { $this->returnJsonError($this->lang->words['ajax_no_t_permission']); } /* Make sure we have a valid name */ if (trim($name) == '' || !$name) { $this->returnJsonError($this->lang->words['ajax_no_t_name']); exit; } /* Clean */ if ($this->settings['etfilter_shout'] && mb_strtoupper($this->_topicTitle) == $this->_topicTitle) { if (function_exists('mb_convert_case')) { if (in_array(strtolower($this->settings['gb_char_set']), array_map('strtolower', mb_list_encodings()))) { $name = mb_convert_case($name, MB_CASE_TITLE, $this->settings['gb_char_set']); } else { $name = ucwords(mb_strtolower($name)); } } else { $name = ucwords(mb_strtolower($name)); } } $name = IPSText::parseCleanValue($name); $name = $this->cleanTopicTitle($name); $name = IPSText::getTextClass('bbcode')->stripBadWords($name); $title_seo = IPSText::makeSeoTitle($name, TRUE); /* Update the topic */ $this->DB->update('topics', array('title' => $name, 'title_seo' => $title_seo), 'tid=' . $tid); $this->DB->insert('moderator_logs', array('forum_id' => intval($topic['forum_id']), 'topic_id' => $tid, 'member_id' => $this->memberData['member_id'], 'member_name' => $this->memberData['members_display_name'], 'ip_address' => $this->member->ip_address, 'http_referer' => htmlspecialchars(my_getenv('HTTP_REFERER')), 'ctime' => time(), 'topic_title' => $name, 'action' => sprintf($this->lang->words['ajax_topictitle'], $topic['title'], $name), 'query_string' => htmlspecialchars(my_getenv('QUERY_STRING')))); /* Update the last topic title? */ if ($topic['tid'] == $this->registry->class_forums->forum_by_id[$topic['forum_id']]['last_id']) { $this->DB->update('forums', array('last_title' => $name, 'seo_last_title' => $title_seo), 'id=' . $topic['forum_id']); } if ($topic['tid'] == $this->registry->class_forums->forum_by_id[$topic['forum_id']]['newest_id']) { $this->DB->update('forums', array('newest_title' => $name), 'id=' . $topic['forum_id']); } /* All Done */ $this->returnJsonArray(array('title' => $name, 'url' => $this->registry->output->buildSEOUrl('showtopic=' . $tid, 'public', $title_seo, 'showtopic'))); }
public function addModlog($mod_title) { $this->registry->DB()->insert('moderator_logs', array('member_id' => $this->memberData['member_id'], 'member_name' => $this->memberData['members_display_name'], 'ip_address' => $this->request['IP_ADDRESS'], 'http_referer' => my_getenv('HTTP_REFERER'), 'ctime' => time(), 'action' => $mod_title, 'query_string' => my_getenv('QUERY_STRING'))); }
/** * Show the login form * * @param string Message to show on login form * @return string Login form HTML */ public function loginForm($message = "", $replacement = '') { //----------------------------------------- // INIT //----------------------------------------- $extra_form = ""; $show_form = 1; $template = ''; $serviceClick = trim($this->request['serviceClick']); //----------------------------------------- // Are they banned? //----------------------------------------- if (IPSMember::isBanned('ip', $this->member->ip_address)) { $this->registry->getClass('output')->showError('you_are_banned', 2011, null, null, 403); } if ($message != "") { if ($replacement) { $message = sprintf($this->lang->words[$message], $replacement); } else { $message = $this->lang->words[$message]; } $name = $this->request['UserName'] ? $this->request['UserName'] : $this->request['address']; $message = str_replace("<#NAME#>", "<b>" . $name . "</b>", $message); $template .= $this->registry->getClass('output')->getTemplate('login')->errors($message); } //----------------------------------------- // Using an alternate log in form? //----------------------------------------- $this->han_login->checkLoginUrlRedirect(); /* Did we click a service? */ if ($serviceClick) { switch ($serviceClick) { case 'facebook': $this->registry->getClass('output')->silentRedirect($this->settings['_original_base_url'] . "/interface/facebook/index.php?_reg=1"); break; case 'twitter': $this->registry->getClass('output')->silentRedirect($this->settings['_original_base_url'] . "/interface/twitter/index.php?_reg=1"); break; } } //----------------------------------------- // Extra HTML? //----------------------------------------- $additionalForm = $this->han_login->additionalFormHTML(); if (count($additionalForm[1])) { if ($additionalForm[0] == 'add') { $extra_form = $additionalForm[1]; $show_form = 1; } else { if (is_array($additionalForm[1])) { foreach ($additionalForm[1] as $_form) { $template .= $_form; } } else { $template .= $additionalForm[1]; } $show_form = 0; } } //----------------------------------------- // Continue... //----------------------------------------- if ($show_form) { if ($this->request['referer']) { $http_referrer = $this->request['referer']; } else { /* @link http://community.invisionpower.com/tracker/issue-32302-login-redirect-when-activating */ $_urlPieces = @parse_url($this->settings['board_url']); if (strpos(my_getenv('HTTP_REFERER'), $_urlPieces['host'] ? $_urlPieces['host'] : $this->settings['board_url']) !== false) { $http_referrer = my_getenv('HTTP_REFERER'); } else { $http_referrer = ''; } } $login_methods = false; $uses_name = false; $uses_email = false; foreach ($this->cache->getCache('login_methods') as $method) { $login_methods[$method['login_folder_name']] = $method['login_folder_name']; if ($method['login_user_id'] == 'username' or $method['login_user_id'] == 'either') { $uses_name = true; } if ($method['login_user_id'] == 'email' or $method['login_user_id'] == 'either') { $uses_email = true; } } if ($uses_name and $uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_name_and_email']; } else { if ($uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_useremail']; } else { $this->lang->words['enter_name'] = $this->lang->words['enter_username']; } } $template .= $this->registry->getClass('output')->getTemplate('login')->showLogInForm($this->lang->words['please_log_in'], htmlentities(urldecode($http_referrer)), $extra_form, $login_methods); } $this->registry->getClass('output')->addNavigation($this->lang->words['log_in'], ''); $this->registry->getClass('output')->setTitle($this->lang->words['log_in'] . ' - ' . ipsRegistry::$settings['board_name']); $this->registry->getClass('output')->addContent($template); $this->registry->getClass('output')->sendOutput(); }
/** * Our singleton INIT function * * @access protected * @return @e void */ protected static function init() { if (self::$initiated !== TRUE) { //----------------------------------------- // IP Address //----------------------------------------- if (ipsRegistry::$settings['xforward_matching']) { foreach (array_reverse(explode(',', my_getenv('HTTP_X_FORWARDED_FOR'))) as $x_f) { $addrs[] = trim($x_f); } $addrs[] = my_getenv('HTTP_CLIENT_IP'); $addrs[] = my_getenv('HTTP_X_CLUSTER_CLIENT_IP'); $addrs[] = my_getenv('HTTP_PROXY_USER'); } $addrs[] = my_getenv('REMOTE_ADDR'); //----------------------------------------- // Do we have one yet? //----------------------------------------- foreach ($addrs as $ip) { //----------------------------------------- // IP v4 //----------------------------------------- if (IPSLib::validateIPv4($ip)) { self::instance()->ip_address = $ip; break; } else { if (IPSLib::validateIPv6($ip)) { self::instance()->ip_address = $ip; break; } } } //----------------------------------------- // Make sure we take a valid IP address //----------------------------------------- if (!self::instance()->ip_address and !isset($_SERVER['SHELL']) and $_SERVER['SESSIONNAME'] != 'Console') { print "Could not determine your IP address"; exit; } if (IPS_IS_UPGRADER) { require_once IPS_ROOT_PATH . "setup/sources/classes/session/sessions.php"; /*noLibHook*/ self::$session_class = new sessions(); } else { self::setMember(0); } } }
/** * handshake_server::handshake_start() * * Returns all data... * * @access public * @param integer $reg_id Converge reg ID * @param string $reg_code Converge API Code (MUST BE PRESENT IN ALL RETURNED API REQUESTS). * @param integer $reg_date Unix stamp of converge request start time * @param integer $reg_product_id Converge product ID (MUST BE PRESENT IN ALL RETURNED API REQUESTS) * @param string $converge_url Converge application base url (no slashes or paths) * @return mixed xml / boolean false **/ public function handshakeStart($reg_id = '', $reg_code = '', $reg_date = '', $reg_product_id = '', $converge_url = '', $acp_email = '', $acp_md5_password = '', $http_user = '', $http_pass = '') { //----------------------------------------- // INIT //----------------------------------------- $reg_id = intval($reg_id); $reg_code = IPSText::md5Clean($reg_code); $reg_date = intval($reg_date); $reg_product_id = intval($reg_product_id); $converge_url = IPSText::parseCleanValue($converge_url); $acp_email = IPSText::parseCleanValue($acp_email); $acp_md5_password = IPSText::md5Clean($acp_md5_password); $this->registry->getClass('class_localization')->loadLanguageFile(array('api_langbits'), 'core'); //----------------------------------------- // Check ACP user //----------------------------------------- if (!$acp_email and !$acp_md5_password) { $this->classApiServer->apiSendError(500, $this->lang->words['missing_email']); return false; } else { $member = IPSMember::load($acp_email, 'extendedProfile,groups'); if (!$member['member_id']) { $this->classApiServer->apiSendError(501, $this->lang->words['bad_email']); return false; } else { //----------------------------------------- // Are we an admin? //----------------------------------------- if ($member['g_access_cp'] != 1) { $this->classApiServer->apiSendError(501, $this->lang->words['no_acp_access']); return false; } //----------------------------------------- // Check password... //----------------------------------------- if (IPSMember::authenticateMember($member['member_id'], $acp_md5_password) != true) { $this->classApiServer->apiSendError(501, $this->lang->words['bad_email']); return false; } } } //----------------------------------------- // Just send it all back and start // A row in the converge_local table with // the info, but don't flag as active... //----------------------------------------- $reply = array('master_response' => 1, 'reg_id' => $reg_id, 'reg_code' => $reg_code, 'reg_date' => $reg_date, 'reg_product_id' => $reg_product_id, 'converge_url' => $converge_url); //----------------------------------------- // Add into DB //----------------------------------------- $this->registry->DB()->insert('converge_local', array('converge_api_code' => $reg_code, 'converge_product_id' => $reg_product_id, 'converge_added' => $reg_date, 'converge_ip_address' => my_getenv('REMOTE_ADDR'), 'converge_url' => $converge_url, 'converge_active' => 0, 'converge_http_user' => $http_user, 'converge_http_pass' => $http_pass)); //----------------------------------------- // Send reply... //----------------------------------------- $this->classApiServer->apiSendReply($reply); }
/** * Show the login form * * @access public * @param string Message to show on login form * @return string Login form HTML */ public function loginForm($message = "", $replacement = '') { //----------------------------------------- // INIT //----------------------------------------- $extra_form = ""; $show_form = 1; $template = ''; //----------------------------------------- // Are they banned? //----------------------------------------- if (IPSMember::isBanned('ip', $this->member->ip_address)) { $this->registry->getClass('output')->showError('you_are_banned', 2011); } if ($message != "") { if ($replacement) { $message = sprintf($this->lang->words[$message], $replacement); } else { $message = $this->lang->words[$message]; } $name = $this->request['UserName'] ? $this->request['UserName'] : $this->request['address']; $message = str_replace("<#NAME#>", "<b>" . $name . "</b>", $message); $template .= $this->registry->getClass('output')->getTemplate('login')->errors($message); } //----------------------------------------- // Using an alternate log in form? //----------------------------------------- $this->han_login->checkLoginUrlRedirect(); //----------------------------------------- // Extra HTML? //----------------------------------------- $additionalForm = $this->han_login->additionalFormHTML(); if (count($additionalForm[1])) { if ($additionalForm[0] == 'add') { $extra_form = $additionalForm[1]; $show_form = 1; } else { $template .= $additionalForm[1]; $show_form = 0; } } //----------------------------------------- // Continue... //----------------------------------------- if ($show_form) { if ($this->request['referer']) { $http_referrer = $this->request['referer']; } else { if (!my_getenv('HTTP_REFERER') or stripos(my_getenv('HTTP_REFERER'), $this->settings['board_url']) === false) { // HTTP_REFERER isn't set when force_login is enabled // This method will piece together the base url, and the querystring arguments // This is not anymore secure/insecure than IPB, as IPB will have to process // those arguments whether force_login is enabled or not. $argv = is_array(my_getenv('argv')) && count(my_getenv('argv')) > 0 ? my_getenv('argv') : array(); $http_referrer = $this->settings['base_url'] . @implode("&", $argv); } else { $http_referrer = my_getenv('HTTP_REFERER'); } } $facebookOpts = array(); $login_methods = false; $uses_name = false; $uses_email = false; foreach ($this->cache->getCache('login_methods') as $method) { $login_methods[$method['login_folder_name']] = $method['login_folder_name']; if ($method['login_user_id'] == 'username') { $uses_name = true; } if ($method['login_user_id'] == 'email') { $uses_email = true; } } if ($uses_name and $uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_name_and_email']; } else { if ($uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_useremail']; } else { $this->lang->words['enter_name'] = $this->lang->words['enter_username']; } } $template .= $this->registry->getClass('output')->getTemplate('login')->showLogInForm($this->lang->words['please_log_in'], htmlentities(urldecode($http_referrer)), $extra_form, $login_methods, $facebookOpts); } /* Work around for bug http://bugs.developers.facebook.com/show_bug.cgi?id=3237 */ if (IPSLib::fbc_enabled()) { $this->_facebook->testConnectSession(); } $this->registry->getClass('output')->addNavigation($this->lang->words['log_in'], ''); $this->registry->getClass('output')->setTitle($this->lang->words['log_in']); $this->registry->getClass('output')->addContent($template); $this->registry->getClass('output')->sendOutput(); }
/** * Converge_Server::__authenticate() * * Checks to see if the request is allowed * * @access protected * @param string $key Authenticate Key * @param string $product_id Product ID * @return string Error message, if any */ protected function __authenticate($key, $product_id) { $this->registry->getClass('class_localization')->loadLanguageFile(array('api_langbits'), 'core'); //----------------------------------------- // Check converge users API DB //----------------------------------------- $info = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'converge_local', 'where' => "converge_product_id=" . intval($product_id) . " AND converge_active=1 AND converge_api_code='{$key}'")); //----------------------------------------- // Got a user? //----------------------------------------- if (!$info['converge_api_code']) { $this->classApiServer->apiSendError(100, $this->registry->getClass('class_localization')->words['unauthorized_user']); return FALSE; } else { if (CVG_IP_MATCH and my_getenv('REMOTE_ADDR') != $info['converge_ip_address']) { $this->classApiServer->apiSendError(101, $this->registry->getClass('class_localization')->words['bad_ip_address']); return FALSE; } else { return TRUE; } } }
/** * Log the user out * * @access public * @param string Message to show on the form * @return void */ public function loginForm($message = '') { //----------------------------------------- // INIT //----------------------------------------- $message = $message ? $message : $this->member->sessionClass()->getMessage(); //------------------------------------------------------- // Remove all out of date sessions, like a good boy. Woof. //------------------------------------------------------- $cut_off_stamp = time() - 60 * 60 * 2; $this->DB->delete('core_sys_cp_sessions', "session_running_time < {$cut_off_stamp}"); //------------------------------------------------------ // Start form //------------------------------------------------------ $qs = str_replace('&', '&', IPSText::parseCleanValue(urldecode(my_getenv('QUERY_STRING')))); $qs = str_replace('adsess=', 'old_adsess=', $qs); $qs = str_replace('module=menu', '', $qs); $additional_data = $this->han_login->additionalFormHTML(); $replace = false; $data = array(); if (!is_null($additional_data) and is_array($additional_data) and count($additional_data)) { $replace = $additional_data[0]; $data = $additional_data[1]; } ipsRegistry::getClass('output')->html_title = $this->lang->words['ipb_login']; ipsRegistry::getClass('output')->html_main = str_replace('<%CONTENT%>', ipsRegistry::getClass('output')->global_template->log_in_form($qs, $message, $replace == 'replace' ? true : false, $data), ipsRegistry::getClass('output')->global_template->global_main_wrapper_no_furniture()); ipsRegistry::getClass('output')->html_main = str_replace('<%TITLE%>', ipsRegistry::getClass('output')->html_title, ipsRegistry::getClass('output')->html_main); @header("Content-type: text/html"); print ipsRegistry::getClass('output')->html_main; exit; }
/** * Log error messages to the error logs table * * @access protected * @param string Error message * @param integer Error code * @return void */ protected function logErrorMessage($message, $code = 0) { $toInsert = array('log_member' => $this->member->getProperty('member_id'), 'log_date' => time(), 'log_error' => $message, 'log_error_code' => $code, 'log_ip_address' => $this->member->ip_address, 'log_request_uri' => my_getenv('REQUEST_URI')); $this->DB->insert('error_logs', $toInsert); }
function func_cd($param, $fd) { static $prev; $nextdir = parse($param); if (isset($nextdir[1][1])) { if ($nextdir[1][1][0] == "~") { $nextdir[1][1] = preg_replace("/~/", my_getenv("HOME"), $nextdir[1][1]); } if ($nextdir[1][1] == "-") { cdmoin($prev, $fd); } else { if (!file_exists($nextdir[1][1])) { echo "cd: {$nextdir[1][1]} No such file or directory\n"; } else { if (!is_readable($nextdir[1][1])) { echo "cd: {$nextdirt[1][1]}: Permission denied\n"; } else { $prev = my_getenv("PWD"); majenv("OLDPWD", my_getenv("PWD")); chdir($nextdir[1][1]); majenv("PWD", getcwd()); } } } } else { func_cd("cd ~", $fd); } }