/**
* Validates the access-token and performs the login.
*/
protected function checkAccessToken() {
if (isset($_REQUEST['at'])) {
list($userID, $token) = explode('-', StringUtil::trim($_REQUEST['at']));
if (WCF::getUser()->userID) {
if ($userID == WCF::getUser()->userID && PasswordUtil::secureCompare(WCF::getUser()->accessToken, $token)) {
// everything is fine, but we are already logged in
return;
}
else {
// token is invalid
throw new IllegalLinkException();
}
}
else {
$user = new User($userID);
if (PasswordUtil::secureCompare($user->accessToken, $token)) {
// token is valid -> change user
SessionHandler::getInstance()->changeUser($user, true);
}
else {
// token is invalid
throw new IllegalLinkException();
}
}
}
}
/**
* Updates session's last activity time to prevent it from expiring.
*/
public function keepAlive() {
// ignore sessions created by this request
if (WCF::getSession()->lastActivityTime == TIME_NOW) {
return;
}
SessionHandler::getInstance()->keepAlive();
}
/**
* Updates session's last activity time to prevent it from expiring. In addition this method
* will return updated counters for notifications and 3rd party components.
*
* @return array<mixed>
*/
public function keepAlive()
{
// ignore sessions created by this request
if (WCF::getSession()->lastActivityTime == TIME_NOW) {
return;
}
// update last activity time
SessionHandler::getInstance()->keepAlive();
// update notification counts
$this->keepAliveData = array('userNotificationCount' => UserNotificationHandler::getInstance()->getNotificationCount(true));
// notify 3rd party components
EventHandler::getInstance()->fireAction($this, 'keepAlive');
return $this->keepAliveData;
}
/**
* @see wcf\system\worker\IWorker::execute()
*/
public function execute()
{
// load fakers autoloader
require_once WCF_DIR . 'lib/system/api/faker/src/autoload.php';
$className = $this->parameters['faker'];
$faker = new $className(\Faker\Factory::create($this->parameters['fakerLocale']), $this->parameters);
$user = WCF::getUser();
WCF::getDB()->beginTransaction();
for ($i = $this->limit * $this->loopCount, $j = 0; $i < $this->count && $j < $this->limit; $i++, $j++) {
$faker->fake();
}
WCF::getDB()->commitTransaction();
\wcf\system\session\SessionHandler::getInstance()->changeUser($user, true);
}
/**
* @see \wcf\system\faker\IFaker::fake()
*/
public function fake()
{
$sql = "SELECT\t\tuserID\n\t\t\tFROM\t\twcf" . WCF_N . "_user\n\t\t\tORDER BY\tuserID ASC";
$statement = WCF::getDB()->prepareStatement($sql, 1, $this->generator->numberBetween(0, $this->userCount - 1));
$statement->execute();
$target = $statement->fetchObject('\\wcf\\data\\user\\User');
$sql = "SELECT\t\tuserID\n\t\t\tFROM\t\twcf" . WCF_N . "_user\n\t\t\tWHERE\t\tuserID <> ?\n\t\t\tORDER BY\tuserID ASC";
$statement = WCF::getDB()->prepareStatement($sql, 1, $this->userCount - 2 ? $this->generator->numberBetween(0, $this->userCount - 2) : 0);
$statement->execute(array($target->userID));
$issuer = $statement->fetchObject('\\wcf\\data\\user\\User');
\wcf\system\session\SessionHandler::getInstance()->changeUser($issuer, true);
$objectAction = new \wcf\data\user\ignore\UserIgnoreAction(array(), 'ignore', array('data' => array('ignoreUserID' => $target->userID)));
$objectAction->executeAction();
}
/**
* @see \wcf\system\session\ACPSessionFactory::init()
*/
protected function init()
{
$usesCookies = true;
if (isset($_COOKIE[COOKIE_PREFIX . 'cookieHash'])) {
if ($_COOKIE[COOKIE_PREFIX . 'cookieHash'] != SessionHandler::getInstance()->sessionID) {
$usesCookies = false;
}
} else {
$usesCookies = false;
}
if (!$usesCookies) {
// cookie support will be enabled upon next request
HeaderUtil::setCookie('cookieHash', SessionHandler::getInstance()->sessionID);
} else {
// enable cookie support
SessionHandler::getInstance()->enableCookies();
}
parent::init();
}
/**
* @see wcf\system\SingletonFactory::init()
*/
protected final function init()
{
$this->sessionHandler = SessionHandler::getInstance();
// initialize session
$this->initSession();
}
/**
* do need action for done login
*
* @param wcf\data\user\User $oUser
*/
public function doneLogin($oUser)
{
if (!$oUser || !$oUser->userID) {
return false;
}
WCF::getSession()->changeUser($oUser);
HeaderUtil::setCookie('cookieHash', SessionHandler::getInstance()->sessionID);
MbqMain::$oMbqAppEnv->oCurrentUser = $oUser;
$this->initOCurMbqEtUser($oUser->userID);
return true;
}
/** * @author Marcel Werk * @copyright 2001-2011 WoltLab GmbH * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> * @package com.woltlab.wcf * @category Community Framework */ // change the priority of the PIP's to "1" $sql = "UPDATE wcf".WCF_N."_package_installation_plugin SET priority = ?"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(array(1)); // reset sessions SessionHandler::resetSessions(); // update acp templates $sql = "UPDATE wcf".WCF_N."_acp_template SET packageID = ?"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(array(1)); // update language $sql = "UPDATE wcf".WCF_N."_language_item SET packageID = ?"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(array(1)); // update installation logs $sql = "UPDATE wcf".WCF_N."_package_installation_file_log
/**
* Starts the session system.
*/
protected function initSession()
{
$factory = new SessionFactory();
$factory->load();
self::$sessionObj = SessionHandler::getInstance();
}
/**
* Initializes the session system.
*/
protected function init() {
SessionHandler::getInstance()->initSession();
}
/**
* @see wcf\data\IEditableCachedObject::resetCache()
*/
public static function resetCache() {
// clear cache
UserGroupCacheBuilder::getInstance()->reset();
UserGroupPermissionCacheBuilder::getInstance()->reset();
// clear sessions
SessionHandler::resetSessions();
}
/**
* @see \wcf\data\IEditableCachedObject::resetCache()
*/
public static function resetCache()
{
SessionHandler::resetSessions();
}
/**
* @see \wcf\form\IForm::save()
*/
public function save()
{
foreach ($this->userIDs as $userID) {
if ($userID != $this->destinationUserID) {
$this->mergedUserIDs[] = $userID;
}
}
parent::save();
// poll_option_vote
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_poll_option_vote\n\t\t\tSET\t\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// comment
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE\twcf" . WCF_N . "_comment\n\t\t\tSET\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// comment_response
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE\twcf" . WCF_N . "_comment_response\n\t\t\tSET\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// profile comments
$objectType = ObjectTypeCache::getInstance()->getObjectTypeByName('com.woltlab.wcf.comment.commentableContent', 'com.woltlab.wcf.user.profileComment');
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("objectTypeID = ?", array($objectType->objectTypeID));
$conditions->add("objectID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE\twcf" . WCF_N . "_comment\n\t\t\tSET\tobjectID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// like (userID)
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_like\n\t\t\tSET\t\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// like (objectUserID)
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("objectUserID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE\twcf" . WCF_N . "_like\n\t\t\tSET\tobjectUserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// like_object
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("objectUserID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE\twcf" . WCF_N . "_like_object\n\t\t\tSET\tobjectUserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// user_follow (userID)
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$conditions->add("followUserID <> ?", array($this->destinationUserID));
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_follow\n\t\t\tSET\t\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// user_follow (followUserID)
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("followUserID IN (?)", array($this->mergedUserIDs));
$conditions->add("userID <> ?", array($this->destinationUserID));
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_follow\n\t\t\tSET\t\tfollowUserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// user_ignore (userID)
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$conditions->add("ignoreUserID <> ?", array($this->destinationUserID));
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_ignore\n\t\t\tSET\t\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// user_ignore (ignoreUserID)
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("ignoreUserID IN (?)", array($this->mergedUserIDs));
$conditions->add("userID <> ?", array($this->destinationUserID));
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_ignore\n\t\t\tSET\t\tignoreUserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// user_object_watch
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_object_watch\n\t\t\tSET\t\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// user_activity_event
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE\twcf" . WCF_N . "_user_activity_event\n\t\t\tSET\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// attachments
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE\twcf" . WCF_N . "_attachment\n\t\t\tSET\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// modification_log
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->mergedUserIDs));
$sql = "UPDATE\twcf" . WCF_N . "_modification_log\n\t\t\tSET\tuserID = ?\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array_merge(array($this->destinationUserID), $conditions->getParameters()));
// delete merged users
$action = new UserAction($this->mergedUserIDs, 'delete');
$action->executeAction();
// reset clipboard
ClipboardHandler::getInstance()->removeItems($this->objectTypeID);
SessionHandler::resetSessions($this->userIDs);
$this->saved();
// show success message
WCF::getTPL()->assign('message', 'wcf.global.success');
WCF::getTPL()->display('success');
exit;
}
/**
* @see wcf\data\IEditableCachedObject::resetCache()
*/
public static function resetCache()
{
// clear cache
CacheHandler::getInstance()->clear(WCF_DIR . 'cache', 'cache.groups*.php');
// clear sessions
SessionHandler::resetSessions();
}
/**
* Registers with wcf setup delivered packages in the package installation queue.
*/
protected function installPackages()
{
// init database connection
$this->initDB();
// get admin account
$admin = new User(1);
// get delivered packages
$wcfPackageFile = '';
$otherPackages = array();
$tar = new Tar(SETUP_FILE);
foreach ($tar->getContentList() as $file) {
if ($file['type'] != 'folder' && mb_strpos($file['filename'], 'install/packages/') === 0) {
$packageFile = basename($file['filename']);
// ignore any files which aren't an archive
if (preg_match('~\\.(tar\\.gz|tgz|tar)$~', $packageFile)) {
$packageName = preg_replace('!\\.(tar\\.gz|tgz|tar)$!', '', $packageFile);
if ($packageName == 'com.woltlab.wcf') {
$wcfPackageFile = $packageFile;
} else {
$isStrato = !empty($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['DOCUMENT_ROOT'], 'strato') !== false;
if (!$isStrato && preg_match('!\\.(tar\\.gz|tgz)$!', $packageFile)) {
// try to unzip zipped package files
if (FileUtil::uncompressFile(TMP_DIR . 'install/packages/' . $packageFile, TMP_DIR . 'install/packages/' . $packageName . '.tar')) {
@unlink(TMP_DIR . 'install/packages/' . $packageFile);
$packageFile = $packageName . '.tar';
}
}
$otherPackages[$packageName] = $packageFile;
}
}
}
}
$tar->close();
// register packages in queue
// get new process id
$sql = "SELECT\tMAX(processNo) AS processNo\n\t\t\tFROM\twcf" . WCF_N . "_package_installation_queue";
$statement = self::getDB()->prepareStatement($sql);
$statement->execute();
$result = $statement->fetchArray();
$processNo = intval($result['processNo']) + 1;
// search existing wcf package
$sql = "SELECT\tCOUNT(*) AS count\n\t\t\tFROM\twcf" . WCF_N . "_package\n\t\t\tWHERE\tpackage = 'com.woltlab.wcf'";
$statement = self::getDB()->prepareStatement($sql);
$statement->execute();
$row = $statement->fetchArray();
if (!$row['count']) {
if (empty($wcfPackageFile)) {
throw new SystemException('the essential package com.woltlab.wcf is missing.');
}
// register essential wcf package
$queue = PackageInstallationQueueEditor::create(array('processNo' => $processNo, 'userID' => $admin->userID, 'package' => 'com.woltlab.wcf', 'packageName' => 'WoltLab Community Framework', 'archive' => TMP_DIR . 'install/packages/' . $wcfPackageFile, 'isApplication' => 1));
}
// register all other delivered packages
asort($otherPackages);
foreach ($otherPackages as $packageName => $packageFile) {
// extract packageName from archive's package.xml
$archive = new PackageArchive(TMP_DIR . 'install/packages/' . $packageFile);
try {
$archive->openArchive();
} catch (\Exception $e) {
// we've encountered a broken archive, revert everything and then fail
$sql = "SELECT\tqueueID, parentQueueID\n\t\t\t\t\tFROM\twcf" . WCF_N . "_package_installation_queue";
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute();
$queues = array();
while ($row = $statement->fetchArray()) {
$queues[$row['queueID']] = $row['parentQueueID'];
}
$queueIDs = array();
$queueID = $queue->queueID;
while ($queueID) {
$queueIDs[] = $queueID;
$queueID = isset($queues[$queueID]) ? $queues[$queueID] : 0;
}
// remove previously created queues
if (!empty($queueIDs)) {
$sql = "DELETE FROM\twcf" . WCF_N . "_package_installation_queue\n\t\t\t\t\t\tWHERE\t\tqueueID = ?";
$statement = WCF::getDB()->prepareStatement($sql);
WCF::getDB()->beginTransaction();
foreach ($queueIDs as $queueID) {
$statement->execute(array($queueID));
}
WCF::getDB()->commitTransaction();
}
// remove package files
@unlink(TMP_DIR . 'install/packages/' . $wcfPackageFile);
foreach ($otherPackages as $packageFile) {
@unlink(TMP_DIR . 'install/packages/' . $packageFile);
}
// throw exception again
throw new SystemException('', 0, '', $e);
}
$queue = PackageInstallationQueueEditor::create(array('parentQueueID' => $queue->queueID, 'processNo' => $processNo, 'userID' => $admin->userID, 'package' => $packageName, 'packageName' => $archive->getLocalizedPackageInfo('packageName'), 'archive' => TMP_DIR . 'install/packages/' . $packageFile, 'isApplication' => 1));
}
// login as admin
$factory = new ACPSessionFactory();
$factory->load();
SessionHandler::getInstance()->changeUser($admin);
SessionHandler::getInstance()->register('masterPassword', 1);
SessionHandler::getInstance()->register('__wcfSetup_developerMode', self::$developerMode);
SessionHandler::getInstance()->update();
$installPhpDeleted = @unlink('./install.php');
@unlink('./test.php');
$wcfSetupTarDeleted = @unlink('./WCFSetup.tar.gz');
// print page
WCF::getTPL()->assign(array('installPhpDeleted' => $installPhpDeleted, 'wcfSetupTarDeleted' => $wcfSetupTarDeleted));
WCF::getTPL()->display('stepInstallPackages');
// delete tmp files
$directory = TMP_DIR . '/';
DirectoryUtil::getInstance($directory)->removePattern(new Regex('\\.tar(\\.gz)?$'), true);
}
/**
* @see wcf\form\IForm::save()
*/
public function save()
{
parent::save();
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("userID IN (?)", array($this->userIDs));
$sql = "SELECT\tuserID, groupID\n\t\t\tFROM\twcf" . WCF_N . "_user_to_group\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute($conditions->getParameters());
$groups = array();
while ($row = $statement->fetchArray()) {
$groups[$row['userID']][] = $row['groupID'];
}
foreach ($this->users as $user) {
if (!UserGroup::isAccessibleGroup($groups[$user->userID])) {
throw new PermissionDeniedException();
}
$groupsIDs = array_merge($groups[$user->userID], $this->groupIDs);
$groupsIDs = array_unique($groupsIDs);
$userEditor = new UserEditor($user);
$userEditor->addToGroups($groupsIDs, true, false);
}
ClipboardHandler::getInstance()->removeItems($this->typeID);
SessionHandler::resetSessions($this->userIDs);
$this->saved();
WCF::getTPL()->assign('message', 'wcf.acp.user.assignToGroup.success');
WCF::getTPL()->display('success');
exit;
}