function bh_get_total_bandwidth($username, $type)
{
$bandrows = select_bhdb("bandwidth", array("username" => $username, "type" => $type), "");
foreach ($bandrows as $bandrow) {
$totalbytes += $bandrow['bytes'];
}
return $totalbytes;
}
function bh_filelink_get($filecode, $what)
{
$filecoderows = select_bhdb("filecodes", array("filecode" => $filecode), "");
if (empty($filecoderows)) {
return false;
} else {
return $filecoderows[0][$what];
}
}
function bh_setview($username, $filepath, $view)
{
# Get our prefs for this dir, if we have any
$filepathrows = select_bhdb("usersviews", array("username" => $username, "filepath" => $filepath), 1);
if (empty($filepathrows)) {
insert_bhdb("usersviews", array("username" => $username, "filepath" => $filepath, "view" => $view), "");
} else {
update_bhdb("usersviews", array("view" => $view), array("username" => $username, "filepath" => $filepath));
}
}
function bh_authenticate($username, $password)
{
$md5password = md5($password);
$authrows = select_bhdb("users", array('username' => $username, 'password' => $md5password), 1);
if (empty($authrows)) {
return 0;
} elseif ($authrows[0]['disabled'] == 1) {
return -1;
} else {
return 1;
}
}
function bh_changeconfig($variable, $value)
{
global $bhconfig;
# See if it's already in the db.
$rows = select_bhdb("config", array("variable" => $variable), 1);
# If it is...
if (!empty($rows)) {
# Update it
update_bhdb("config", array("value" => addslashes($value)), array("variable" => $variable));
} else {
# Add it
insert_bhdb("config", array("variable" => $variable, "value" => addslashes($value)));
}
}
function sendtotype($usertype)
{
$userrows = select_bhdb("users", array("type" => $usertype), "");
if (empty($userrows)) {
return false;
}
$fails = 0;
foreach ($userrows as $userrow) {
$result = $this->sendtouser($userrow['username']);
if ($result == false) {
$fails++;
}
}
return $fails;
}
function bh_authenticate($username, $password)
{
global $bhconfig;
// first, verify that the user is allowed to use this application
// look for the user in the user table
$authrows = select_bhdb("users", array('username' => $username), 1);
if (empty($authrows)) {
return 0;
} elseif ($authrows[0]['disabled'] == 1) {
return -1;
}
// now check against LDAP
$port = $bhconfig['ldapport'] ? $bhconfig['ldapport'] : 389;
// Connect to LDAP server
$ds = @ldap_connect($bhconfig['ldapsrv'], $port);
if ($ds) {
// Bind as anonymous
$r = @ldap_bind($ds);
// find user entry in the tree
$sr = @ldap_search($ds, $bhconfig['ldapbase'], $bhconfig['ldapattr'] . "={$username}");
// Must find one entry, no more no less
if (@ldap_count_entries($ds, $sr) != 1) {
// user unknown
@ldap_close($ds);
return false;
}
// find entry in the result set
if (($entry = @ldap_first_entry($ds, $sr)) == false) {
// user unknown
@ldap_close($ds);
return 0;
}
// bind as the user to verify pasword
$dn = ldap_get_dn($ds, $entry);
$r = @ldap_bind($ds, $dn, $password);
// Link no longer needed
@ldap_close($ds);
if ($r) {
return true;
} else {
return false;
}
} else {
return false;
}
}
#name Groups List
#author Andrew Godwin
#description Displays a list of groups, and lets you add users to them.
#iscore 1
$layout = new bhadminlayout("groupslist");
if (empty($_POST['group'])) {
$_POST['group'] = array();
}
if (empty($_GET['group'])) {
$_GET['group'] = array();
}
$group = array_merge($_POST['group'], $_GET['group']);
if ($group['action'] == "add") {
$grouprows = select_bhdb("groupusers", array("username" => $group['username'], "group" => $group['group']), "");
if (empty($grouprows)) {
$userrows = select_bhdb("users", array("username" => $group['username']), "");
if (empty($userrows)) {
bh_add_logvars(array("username" => $group['username'], "group" => $group['group']));
bh_add_error($bhlang['error:user_does_not_exist']);
} else {
insert_bhdb("groupusers", array("username" => $group['username'], "group" => $group['group']));
bh_add_logvars(array("username" => $group['username'], "group" => $group['group']));
bh_add_notice($bhlang['notice:user_added_to_group']);
}
} else {
bh_add_logvars(array("username" => $group['username'], "group" => $group['group']));
bh_add_error($bhlang['error:user_is_in_group']);
}
}
if ($group['action'] == "remove") {
delete_bhdb("groupusers", array("username" => $group['username'], "group" => $group['group']));
# Open layout object
$layoutobj = new bhlayout("generic");
# Send the file listing to the layout, along with directory name
$layoutobj->title = $bhlang['title:signup'];
$layoutobj->content1 = "<br><br>" . $bhlang['error:username_invalid'];
$layoutobj->display();
} else {
# Generate a random new ten-letter password
$alphabetanumba = "abcdefghijklmnopqrstuvwxyz0123456789";
$newpass = "";
$max = strlen($alphabetanumba) - 1;
$length = 10;
for ($i = 0; $i <= $length; $i++) {
$newpass .= substr($alphabetanumba, rand(0, $max), 1);
}
$userirows = select_bhdb("userinfo", array("username" => $resetrows[0]['username'], "itemname" => "email"), "");
$emailaddr = $userirows[0]['itemcontent'];
# Send the email with the new password
# Email them about it with the validation link
$emailobj = new bhemail($emailaddr);
$emailobj->subject = str_replace("#SITENAME#", $bhconfig['sitename'], $bhlang['emailsubject:passreset_new_password']);
$emailobj->message = str_replace("#PASSWORD#", $newpass, $bhlang['email:passreset_new_password']);
$emailaway = $emailobj->send();
if ($emailaway == false) {
# Open layout object
$layoutobj = new bhlayout("generic");
# Send the file listing to the layout, along with directory name
$layoutobj->title = $bhlang['title:signup'];
$layoutobj->content1 = "<br><br>" . $bhlang['error:email_error'];
$layoutobj->display();
} else {
}
}
if ($_GET['action'] == "reject") {
$regrows = select_bhdb("registrations", array("regid" => $_GET['regid'], "username" => $_GET['username']), "");
if (empty($regrows)) {
log_bh($bhlang['error:registration_doesnt_exist'], "BH_ERROR");
} else {
# Delete the reg row
delete_bhdb("registrations", array("regid" => $_GET['regid'], "username" => $_GET['username']));
# Email the user
$emailobj = new bhemail($regrows[0]['email']);
$emailobj->subject = str_replace("#SITENAME#", $bhconfig['sitename'], $bhlang['emailsubject:registration_rejected']);
$emailobj->message = str_replace("#USERNAME#", $regrows[0]['username'], $bhlang['email:registration_rejected']);
$emailaway = $emailobj->send();
# All done. Say so.
bh_log(str_replace("#USER#", $_GET['username'], $bhlang['notice:#USER#_rejected']), "BH_NOTICE");
}
}
}
if ($bhconfig['signupmoderation'] == 0) {
$layout = new bhadminlayout("generic");
$layout->content1 = $bhlang['notice:registration_moderation_off'];
$layout->title = $bhlang['title:registrations_administration'];
$layout->display();
} else {
$layout = new bhadminlayout("regslist");
$registrations = select_bhdb("registrations", array("status" => "1"), "");
$layout->content1 = $registrations;
$layout->title = $bhlang['title:registrations_administration'];
$layout->display();
}
function set_grouprights($group, $status, $recursion = 1)
{
if ($this->is_dir() && $recursion == 1) {
$this->loadfile();
foreach ($this->filecontents as $file2set) {
$file2setobj = new bhfile($file2set['filepath']);
$file2setobj->set_grouprights($group, $status);
}
}
if ($status >= 0) {
$grouprows = select_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath), "");
if (!empty($grouprows)) {
update_bhdb("aclgroups", array("status" => $status), array("group" => $group, "filepath" => $this->filepath));
} else {
insert_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath, "status" => $status));
}
} else {
delete_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath));
}
}
} else {
# Tell them what they did wrong
bh_log($bhlang['error:old_password_invalid'], "BH_ERROR");
}
}
# See if there's an incoming profile change request
if (!empty($_POST['changeprofile'])) {
# Go through the options and add/update them
foreach ($_POST['changeprofile'] as $option => $value) {
$optionrows = select_bhdb("userinfo", array("username" => $bhsession['username'], "itemname" => $option), "");
if (empty($optionrows)) {
insert_bhdb("userinfo", array("username" => $bhsession['username'], "itemname" => $option, "itemcontent" => $value));
} else {
update_bhdb("userinfo", array("itemcontent" => $value), array("username" => $bhsession['username'], "itemname" => $option));
}
}
# Say it's updated
bh_log($bhlang['notice:profile_saved'], "BH_NOTICE");
}
# Get user profile info
$profilerows = select_bhdb("userinfo", array("username" => $bhsession['username']), "");
$profile = array();
foreach ($profilerows as $profilerow) {
$profile[$profilerow['itemname']] = $profilerow['itemcontent'];
}
# Open layout object
$layoutobj = new bhlayout("options");
# Send the content to the layout
$layoutobj->title = $bhlang['title:options'];
$layoutobj->content1 = $profile;
$layoutobj->display();
function set_grouprights($group, $status)
{
$grouprows = select_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath), "");
if (!empty($grouprows)) {
update_bhdb("aclgroups", array("status" => $status), array("group" => $group, "filepath" => $this->filepath));
} else {
insert_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath, "status" => $status));
}
}
function bh_authenticate($username, $password)
{
global $dbconfig, $bhconfig;
$oldprefix = $dbconfig['prefix'];
$olddb = $dbconfig['db'];
$dbconfig['prefix'] = $bhconfig['phpbb_prefix'];
$dbconfig['db'] = $bhconfig['phpbb_db'];
$md5password = md5($password);
$authrows = select_bhdb("users", array('username' => $username, 'user_password' => $md5password), 1);
$dbconfig['prefix'] = $oldprefix;
$dbconfig['db'] = $olddb;
if (empty($authrows)) {
return 0;
} else {
return 1;
}
}
function bh_updatemoduledb()
{
global $bhconfig;
# Open modules folder
$handle = opendir($bhconfig['bhfilepath'] . "/modules/");
# Go through and see if modules are in db.
while (false !== ($file = readdir($handle))) {
if (!preg_match("/^\\.{1,2}\$/", $file)) {
$filerow = select_bhdb("modules", array("file" => $file), "");
if (empty($filerow)) {
# Open file and check through for name etc.
$filearray = file($bhconfig['bhfilepath'] . "/modules/" . $file);
$nameline = preg_grep("/^#name.*\$/", $filearray);
$name = substr(current($nameline), 6);
$descline = preg_grep("/^#description.*\$/", $filearray);
$desc = substr(current($descline), 13);
$authline = preg_grep("/^#author.*\$/", $filearray);
$auth = substr(current($authline), 8);
insert_bhdb("modules", array("module" => str_replace(".inc.php", "", $file), "file" => $file, "name" => $name, "author" => $auth, "description" => $desc));
}
}
}
}
<?php
/*
* ByteHoard 2.1
* Copyright (c) Andrew Godwin & contributors 2005
*
* Module
* $Id: filelinks.inc.php,v 1.1 2005/07/28 20:11:47 andrewgodwin Exp $
*
*/
#name File Links
#author Andrew Godwin
#description Lets the administrator delete a file link if necessary.
#iscore 1
if (!empty($_GET['deletelink'])) {
bh_filelink_remove($_GET['deletelink']);
bh_log($bhlang['notice:filelink_deleted'], "BH_NOTICE");
}
$flinks = select_bhdb("filecodes", "", "");
foreach ($flinks as $flink) {
$filecodes[$flink['username']][$flink['email']][$flink['filecode']] = $flink;
}
$layoutobj = new bhadminlayout("filelinks");
$layoutobj->content1 = $filecodes;
$layoutobj->title = $bhlang['title:filelinks'];
$layoutobj->display();
function bh_text($textname)
{
$textrows = select_bhdb("texts", array("textname" => $textname), 1);
return $textrows[0]['textbody'];
}
require "modules/login.inc.php";
}
} else {
# This means that The Administrator must Approve this User.
# So, up the status of the regrow to 1 if it exists. Or tell them to go away.
$regrows = select_bhdb("registrations", array("regid" => $_GET['confirmregid'], "username" => $_GET['username']), "");
if (empty($regrows)) {
# Open layout object
$layoutobj = new bhlayout("generic");
# Send the file listing to the layout, along with directory name
$layoutobj->title = $bhlang['title:signup'];
$layoutobj->content1 = "<br><br>" . $bhlang['error:validation_link_wrong'];
$layoutobj->display();
} else {
# check if it's already at stage 1.
$regs1rows = select_bhdb("registrations", array("regid" => $_GET['confirmregid'], "username" => $_GET['username'], "status" => "0"), "");
if (empty($regs1rows)) {
# Open layout object
$layoutobj = new bhlayout("generic");
# Send the file listing to the layout, along with directory name
$layoutobj->title = $bhlang['title:signup'];
$layoutobj->content1 = "<br><br>" . $bhlang['notice:validation_already_done_pending_approval'];
$layoutobj->display();
} else {
# Up the reg row status
update_bhdb("registrations", array("status" => "1"), array("regid" => $_GET['confirmregid'], "username" => $_GET['username']));
# All done. Say so.
bh_log($bhlang['log:user_validated_'] . $username, "BH_SIGNUP_VALIDATED");
bh_log($bhlang['log:user_signup_m_pending_'] . $username, "BH_SIGNUP_M_PENDING");
# Open layout object
$layoutobj = new bhlayout("generic");
function bh_log($message, $type)
{
global $bhlang, $bhcurrent, $bhconfig, $bherrors;
# This is the all-singing, all-dancing logging system.
# First, retrieve all actions matching this type from the database
$matchingactions = select_bhdb("logactions", array("type" => $type), "");
# Then, see if there are some, and go through them if there are.
if (!empty($matchingactions)) {
foreach ($matchingactions as $matchingaction) {
# Try to match the action to the ones we know about.
switch ($matchingaction['action']) {
case "fileappend":
case "logtofile":
# Append to a file. Check if we have a filename, or just log to the default one.
if (!empty($matchingaction['parameters'])) {
$fn = @fopen($bhconfig['bhfilepath'] . "/" . $matchingaction['parameters'], "a");
@fputs($fn, time() . ":" . $_SERVER['REMOTE_ADDR'] . ":" . $message . "\n");
@fclose($fn);
} elseif (!empty($bhconfig['logfile'])) {
$fn = @fopen($bhconfig['bhfilepath'] . "/" . $bhconfig['logfile'], "a");
@fputs($fn, time() . ":" . $_SERVER['REMOTE_ADDR'] . ":" . $message . "\n");
@fclose($fn);
} else {
$fn = @fopen($bhconfig['bhfilepath'] . "/log", "a");
@fputs($fn, time() . ":" . $_SERVER['REMOTE_ADDR'] . ":" . $message . "\n");
@fclose($fn);
}
break;
case "email":
# Email it to someone. Check for a specified email address, or fail.
if (!empty($matchingaction['parameters'])) {
$emailobj = new bhemail($matchingaction['parameters']);
$emailobj->subject = "Notification from ByteHoard @ " . $_SERVER['HTTP_HOST'];
$emailobj->sig = "\n\n\nPowered by ByteHoard " . $bhconfig['version'] . " / Sent at " . date("l dS F Y h:i:s A");
$emailobj->message = $message;
$emailobj->send();
} else {
# Nothing to do. Oh well.
}
break;
case "emailtype":
# Email it to them. Check for a specified type, or fail.
if (!empty($matchingaction['parameters'])) {
$emailobj = new bhemail();
$emailobj->subject = "Notification from ByteHoard @ " . $_SERVER['HTTP_HOST'];
$emailobj->sig = "\n\n\nPowered by ByteHoard " . $bhconfig['version'] . " / Sent at " . date("l dS F Y h:i:s A");
$emailobj->message = $message;
$emailobj->sendtotype($matchingaction['parameters']);
} else {
# Nothing to do. Oh well.
}
break;
case "onscreen":
# Set error in template thingmywatsit.
$bherrors[] = array('message' => $message, 'type' => $matchingaction['parameters']);
break;
}
}
} else {
# Set error in template thingmywatsit.
$bherrors[] = array('message' => $message, 'type' => 'warning');
}
}
# FileLink/FileMail functions
# File array
$file = file($_GET['file']) or die("I'm sorry. That isn't a valid file.");
# Loooop through
foreach ($file as $num => $line) {
if (substr($line, 0, 1) == "#" || substr($line, 0, 1) == ";" || trim($line) == "") {
} else {
$linearray = explode(",", $line);
if (empty($linearray[0])) {
die("No username provided! Line " . ($num + 1));
} elseif (empty($linearray[1])) {
die("No password provided! Line " . ($num + 1));
} elseif (empty($linearray[2])) {
die("No email provided! Line " . ($num + 1));
} else {
$userrows = select_bhdb("users", array("username" => $linearray[0]), "");
if (empty($userrows)) {
if (empty($linearray[4])) {
$linearray[4] = "normal";
}
bh_adduser($linearray[0], $linearray[1], bh_fpclean("/" . $linearray[0]), $linearray[4]);
insert_bhdb("userinfo", array("username" => $linearray[0], "itemname" => "fullname", "itemcontent" => empty($linearray[3])));
insert_bhdb("userinfo", array("username" => $linearray[0], "itemname" => "email", "itemcontent" => empty($linearray[2])));
echo "User " . $linearray[0] . " added! <br>\n\r";
} else {
echo "User " . $linearray[0] . " exists, not added. <br>\n\r";
}
}
}
}
echo $num + 1 . " lines processed. Finished.";
/*
* ByteHoard 2.1
* Copyright (c) Andrew Godwin & contributors 2004
*
* Installer2 - Database Script File
* $Id$
*
*/
# Database scripts expect the following:
# - $dbconfig (config.inc.php) loaded
# - All bhdb_* functions loaded
# - configfunc.inc.php loaded
# 2.1b -> 2.1g
# Import filecodes and users into memory
$filecoderows = select_bhdb("filecodes", "", "");
$userrows = select_bhdb("users", "", "");
# Remove old tables
drop_bhdb("filecodes");
drop_bhdb("users");
$insttables['filecodes'] = array("filecode" => array("type" => "varchar"), "filepath" => array("type" => "text"), "expires" => array("type" => "varchar"), "username" => array("type" => "varchar"), "email" => array("type" => "text"), "notify" => array("type" => "varchar"));
$insttables['log'] = array("entryid" => array("type" => "varchar"), "time" => array("type" => "varchar"), "username" => array("type" => "varchar"), "ip" => array("type" => "varchar"), "type" => array("type" => "varchar"), "page" => array("type" => "text"), "filepath" => array("type" => "text"), "data" => array("type" => "text"));
$insttables['users'] = array("username" => array("type" => "varchar"), "password" => array("type" => "varchar"), "homedir" => array("type" => "text"), "type" => array("type" => "varchar"), "disabled" => array("type" => "varchar"), "quota" => array("type" => "varchar"));
$insttables['filecodereminders'] = array("filecode" => array("type" => "varchar"), "remindat" => array("type" => "varchar"));
$insttables['satellitetransfers'] = array("transferid" => array("type" => "varchar"), "file" => array("type" => "text"), "offset" => array("type" => "varchar"), "length" => array("type" => "varchar"));
# Add them
foreach ($insttables as $tablename => $tablecontent) {
$result = create_bhdb($tablename, $tablecontent);
if ($result === FALSE) {
$errors[] = $dbmoderror;
}
}
* Copyright (c) Andrew Godwin & contributors 2004
*
* Module
* $Id: edituser.inc.php,v 1.2 2005/06/17 18:52:00 andrewgodwin Exp $
*
*/
#name Add User
#author Andrew Godwin
#description Lets you edit a user.
#iscore 1
$addusername = $_GET['username'];
if (!empty($_POST['user'])) {
$signup = $_POST['user'];
$username = strtolower($signup['username']);
$usernamerows = select_bhdb("users", array("username" => $username), "");
$regusernamerows = select_bhdb("registrations", array("username" => $username), "");
if (!empty($usernamerows) || !empty($regusernamerows) || $username == "guest" || $username == "admin" || $username == "administrator" || $username == "all") {
bh_log($bhlang['error:username_in_use'], BH_ERROR);
# Open layout object
$layoutobj = new bhadminlayout("generic");
# Send the file listing to the layout, along with directory name
$layoutobj->title = $bhlang['title:add_user'];
$layoutobj->display();
} elseif (strlen($username) > 255) {
bh_log($bhlang['error:username_too_long'], BH_ERROR);
# Open layout object
$layoutobj = new bhadminlayout("generic");
# Send the file listing to the layout, along with directory name
$layoutobj->title = $bhlang['title:add_user'];
$layoutobj->display();
} else {
$uploadrows = select_bhdb("uploads", array("sessionid" => session_id()), 1);
if (empty($uploadrows) || $uploadrows[0]['status'] == "uploading") {
$layoutobj = new bhlayout("popup_upload");
$layoutobj->display();
} elseif ($uploadrows[0]['status'] = "finished") {
# Echo window closing script
$str = "<html>\n<head>\n</head>\n<body>\n<script>self.close();</script>\n</body>\n</html>";
echo $str;
# Remove entry in DB
delete_bhdb("uploads", array("sessionid" => session_id()));
} else {
bh_log("Fatal error in upload notification system", "BH_ERROR");
}
} elseif (count($fupload) > 0) {
# Notify the popup to close
$uploadrows = select_bhdb("uploads", array("sessionid" => session_id()), 1);
if (empty($uploadrows)) {
insert_bhdb("uploads", array("sessionid" => session_id(), "status" => "finished"));
} else {
update_bhdb("uploads", array("status" => "finished"), array("sessionid" => session_id()));
}
# Calculate used bandwidth
foreach ($fupload as $fileinfo) {
bh_bandwidth($bhsession['username'], "up", $fileinfo['size']);
}
# Check they can write to the destination directory
if (bh_checkrights($infolder, $bhsession['username']) >= 2) {
foreach ($fupload as $fileinfo) {
# If it's a valid upload...
if (empty($fileinfo['name']) !== TRUE) {
# Check the file actually exists.
/*
* ByteHoard 2.1
* Copyright (c) Andrew Godwin & contributors 2004
*
* Installer2 - Database Script File
* $Id$
*
*/
# Database scripts expect the following:
# - $dbconfig (config.inc.php) loaded
# - All bhdb_* functions loaded
# - configfunc.inc.php loaded
# 2.1a -> 2.1b
# Import filecodes into memory
$filecoderows = select_bhdb("filecodes", "", "");
# Remove old filecodes table
drop_bhdb("filecodes");
$insttables['modulesdirectory'] = array("module" => array("type" => "varchar"), "status" => array("type" => "varchar"));
$insttables['packages'] = array("code" => array("type" => "varchar"), "name" => array("type" => "varchar"), "description" => array("type" => "text"), "version" => array("type" => "varchar"), "type" => array("type" => "varchar"));
$insttables['passwordresets'] = array("username" => array("type" => "varchar"), "resetid" => array("type" => "varchar"), "time" => array("type" => "varchar"));
$insttables['registrations'] = array("regid" => array("type" => "varchar"), "username" => array("type" => "varchar"), "password" => array("type" => "varchar"), "email" => array("type" => "text"), "fullname" => array("type" => "text"), "status" => array("type" => "varchar"), "regtime" => array("type" => "varchar"));
$insttables['filecodes'] = array("filecode" => array("type" => "varchar"), "filepath" => array("type" => "text"), "expires" => array("type" => "varchar"), "username" => array("type" => "varchar"), "email" => array("type" => "text"));
# Add them
foreach ($insttables as $tablename => $tablecontent) {
$result = create_bhdb($tablename, $tablecontent);
if ($result === FALSE) {
$errors[] = $dbmoderror;
}
}
# Right. Now add New Stuff (TM)
