/**
* Check if a user is logged in or kick them.
*/
function checkUser()
{
$database = Kimai_Registry::getDatabase();
if (isset($_COOKIE['kimai_user']) && isset($_COOKIE['kimai_key']) && $_COOKIE['kimai_user'] != "0" && $_COOKIE['kimai_key'] != "0") {
$kimai_user = addslashes($_COOKIE['kimai_user']);
$kimai_key = addslashes($_COOKIE['kimai_key']);
if ($database->get_seq($kimai_user) != $kimai_key) {
Logger::logfile("Kicking user {$kimai_user} because of authentication key mismatch.");
kickUser();
} else {
$user = $database->checkUserInternal($kimai_user);
Kimai_Registry::setUser(new Kimai_User($user));
return $user;
}
}
Logger::logfile("Kicking user because of missing cookie.");
kickUser();
}
// Add the new ban non-perma ban
if ($length->getTimeScale() == "minutes" || $length->getTimeScale() == "hours" || $length->getTimeScale() == "days" && $length->getLength() == 1) {
// 1 day bans or shorter take affect immediately for all members
$banId = $banQueries->addBan($steamId, $length->getLength(), $length->getTimeScale(), $expireDate, $reason, $user->getName(), 0, $nameOfBanned, $serverId, $ipOfBanned, $banner);
} else {
// bans longer than 1 day are put into pending mode if the user only has member level priveliges
$banId = $banQueries->addBan($steamId, $length->getLength(), $length->getTimeScale(), $expireDate, $reason, $user->getName(), $pending, $nameOfBanned, $serverId, $ipOfBanned, $banner);
}
} else {
// Add perma ban
$banId = $banQueries->addBan($steamId, $length->getLength(), $length->getTimeScale(), time(), $reason, $user->getName(), $pending, $nameOfBanned, $serverId, $ipOfBanned, $banner);
}
$menssageTOplayer = eregi_replace("gb_reason", $reasonQueries->getReason($reason), eregi_replace("gb_time", $length->getReadable(), $config->banMessage));
$menssageTOserver = "#multi #green " . $LAN_PROCESSBAN_014 . ": #lightgreen " . $nameOfBanned . " #green " . $LAN_PROCESSBAN_015 . " #lightgreen " . $length->getReadable() . " #green " . $LAN_PROCESSBAN_016 . " #lightgreen " . $reasonQueries->getReason($reason) . " #green " . $LAN_PROCESSBAN_017 . " #lightgreen \"" . $steamId . "\" #green !!!";
// Now kick the user
kickUser($steamId, $serverId, $menssageTOplayer, $menssageTOserver);
// Use this to build the URL link (replace processServerBan with updateBan)
$url = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
$url = explode('=', $url);
$url = $url[0] . "=banlist&searchText=" . addslashes($steamId);
if ($config->enableAutoPoste107Forum) {
$postId = NewPostForum_e107(addslashes($nameOfBanned) . " - " . addslashes($steamId), "[b]" . $LAN_PROCESSBAN_001 . ":[/b] [color=#009900]" . addslashes($username) . "[/color]\r\n\r\n[b]" . $LAN_PROCESSBAN_002 . ": [/b][color=#990000][link=" . $url . "]" . addslashes($nameOfBanned) . " - " . addslashes($steamId) . "[/link][/color]\r\n\r\n[b]" . $LAN_PROCESSBAN_003 . ":[/b] " . $motivo . "\r\n\r\n[b]" . $LAN_PROCESSBAN_004 . ":[/b] " . $length->getReadable(), time(), $config);
UpdateBanWebpage($postId, $banId, $config);
}
}
// Make sure $banId is valid and that the user wants emails sent
if ($banId > 0 && $config->sendEmails) {
// Email
$subject = $LAN_PROCESSBAN_005 . " " . $username;
$body = "<html><body><h2>" . $LAN_PROCESSBAN_005 . " " . $username . "</h2><br/>";
$body .= $LAN_PROCESSBAN_006 . " <b>" . $username . "</b> ";
/**
* A drop-in function to replace checkuser() and be compatible with none-cookie environments.
*
* @author th/kp
*/
public function checkUserInternal($kimai_user)
{
global $translations;
$p = $this->kga['server_prefix'];
if (strncmp($kimai_user, 'customer_', 9) == 0) {
$customerName = MySQL::SQLValue(substr($kimai_user, 9));
$query = "SELECT customerID FROM {$p}customers WHERE name = {$customerName} AND NOT trash = '1';";
$this->conn->Query($query);
$row = $this->conn->RowArray(0, MYSQLI_ASSOC);
$customerID = $row['customerID'];
if ($customerID < 1) {
Logger::logfile("Kicking customer {$customerName} because he is unknown to the system.");
kickUser();
}
} else {
$query = "SELECT userID FROM {$p}users WHERE name = '{$kimai_user}' AND active = '1' AND NOT trash = '1';";
$this->conn->Query($query);
$row = $this->conn->RowArray(0, MYSQLI_ASSOC);
$userID = $row['userID'];
$name = $kimai_user;
if ($userID < 1) {
Logger::logfile("Kicking user {$name} because he is unknown to the system.");
kickUser();
}
}
// load configuration and language
$this->get_global_config();
if (strncmp($kimai_user, 'customer_', 9) == 0) {
$this->get_customer_config($customerID);
} else {
$this->get_user_config($userID);
}
// override autoconf language if admin has chosen a language in the advanced tab
if ($this->kga['conf']['language'] != "") {
$translations->load($this->kga['conf']['language']);
$this->kga['language'] = $this->kga['conf']['language'];
}
// override language if user has chosen a language in the prefs
if ($this->kga['conf']['lang'] != "") {
$translations->load($this->kga['conf']['lang']);
$this->kga['language'] = $this->kga['conf']['lang'];
}
return isset($this->kga['user']) ? $this->kga['user'] : null;
}
function checkUser()
{
global $kga, $conn;
$p = $kga['server_prefix'];
if (isset($_COOKIE['kimai_usr']) && isset($_COOKIE['kimai_key']) && $_COOKIE['kimai_usr'] != "0" && $_COOKIE['kimai_key'] != "0") {
$kimai_usr = addslashes($_COOKIE['kimai_usr']);
$kimai_key = addslashes($_COOKIE['kimai_key']);
if (get_seq($kimai_usr) != $kimai_key) {
kickUser();
} else {
if (strncmp($kimai_usr, 'knd_', 4) == 0) {
$knd_name = MySQL::SQLValue(substr($kimai_usr, 4));
$query = "SELECT knd_ID FROM {$p}knd WHERE knd_name = {$knd_name} AND NOT knd_trash = '1';";
$conn->Query($query);
$row = $conn->RowArray(0, MYSQL_ASSOC);
$knd_ID = $row['knd_ID'];
if ($knd_ID < 1) {
kickUser();
}
} else {
$query = "SELECT usr_ID,usr_sts,usr_grp FROM {$p}usr WHERE usr_name = '{$kimai_usr}' AND usr_active = '1' AND NOT usr_trash = '1';";
$conn->Query($query);
$row = $conn->RowArray(0, MYSQL_ASSOC);
$usr_ID = $row['usr_ID'];
$usr_sts = $row['usr_sts'];
// User Status -> 0=Admin | 1=GroupLeader | 2=User
$usr_grp = $row['usr_grp'];
$usr_name = $kimai_usr;
if ($usr_ID < 1) {
kickUser();
}
}
}
} else {
kickUser();
}
if (isset($knd_ID) && $knd_ID < 1 || isset($usr_ID) && $usr_ID < 1) {
kickUser();
}
// load configuration and language
get_global_config();
if (strncmp($kimai_usr, 'knd_', 4) == 0) {
get_customer_config($knd_ID);
} else {
get_user_config($usr_ID);
}
// override default language if user has chosen a language in the prefs
if ($kga['conf']['lang'] != "") {
$kga['language'] = $kga['conf']['lang'];
$kga['lang'] = array_replace_recursive($kga['lang'], include WEBROOT . "language/{$kga['language']}.php");
}
return isset($kga['usr']) ? $kga['usr'] : null;
}
/**
* A drop-in function to replace checkuser() and be compatible with none-cookie environments.
*
* @author th/kp
*/
public function checkUserInternal($kimai_user)
{
$p = $this->kga['server_prefix'];
if (strncmp($kimai_user, 'customer_', 9) == 0) {
$customerName = MySQL::SQLValue(substr($kimai_user, 9));
$query = "SELECT customerID FROM {$p}customers WHERE name = {$customerName} AND NOT trash = '1';";
$this->conn->Query($query);
$row = $this->conn->RowArray(0, MYSQLI_ASSOC);
$customerID = $row['customerID'];
if ($customerID < 1) {
Kimai_Logger::logfile("Kicking customer {$customerName} because he is unknown to the system.");
kickUser();
}
} else {
$query = "SELECT userID FROM {$p}users WHERE name = '{$kimai_user}' AND active = '1' AND NOT trash = '1';";
$this->conn->Query($query);
$row = $this->conn->RowArray(0, MYSQLI_ASSOC);
$userID = $row['userID'];
$name = $kimai_user;
if ($userID < 1) {
Kimai_Logger::logfile("Kicking user {$name} because he is unknown to the system.");
kickUser();
}
}
$this->kga['timezone'] = $this->kga['defaultTimezone'];
// and add user or customer specific settings on top
if (strncmp($kimai_user, 'customer_', 9) == 0) {
$configs = $this->get_customer_config($customerID);
if ($configs !== null) {
foreach ($configs as $key => $value) {
$this->kga['customer'][$key] = $value;
}
$this->kga->setTimezone($this->kga['customer']['timezone']);
}
} else {
$configs = $this->get_user_config($userID);
if ($configs !== null) {
$user = new Kimai_User($configs);
$user->setGroups($this->getGroupMemberships($userID));
$this->kga->setUser($user);
Kimai_Registry::setUser($user);
$this->kga->getSettings()->add($this->user_get_preferences_by_prefix('ui.', $userID));
$userTimezone = $this->user_get_preference('timezone', $userID);
if ($userTimezone != '') {
$this->kga->setTimezone($userTimezone);
}
}
}
date_default_timezone_set($this->kga->getTimezone());
// skin fallback
if (!is_dir(WEBROOT . "/skins/" . $this->kga->getSettings()->getSkin())) {
$this->kga->getSettings()->setSkin($this->kga->getSkin());
}
// load user specific translation
Kimai_Registry::getTranslation()->addTranslations($this->kga->getLanguage());
if (isset($this->kga['user'])) {
return $this->kga['user'];
}
return null;
}
} else {
$username = $_SESSION['name'];
}
$banQueries = new BanQueries();
$userQueries = new UserQueries();
$user = $userQueries->getUserInfo($username);
$banId = 0;
// Check to see if we are adding an IP ban
if (isset($_POST['ipBan'])) {
$banQueries->addIpBan($_POST['ip']);
} else {
// Otherwise we are adding a regular ban
// Add the ban
$banId = $banQueries->addBan($steamId, $length->getLength(), $length->getTimeScale(), $now, $reason, $username, $pending, $bannedName, $serverId, null, $user->getSteamId());
if ($banId > 0) {
kickUser($steamId, $serverId, $config);
// Use this to build the URL link (replace processWebBan with updateBan)
$url = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
$url = str_replace("processWebBan", "banlist", $url) . "&searchText=" . addslashes($steamId);
if ($config->enableAutoPoste107Forum) {
$postId = NewPostForum_e107(addslashes($bannedName) . " - " . addslashes($steamId), "[b]" . $LAN_PROCESSWEBBAN_021 . "[/b] [color=#009900]" . addslashes($username) . "[/color]\r\n\r\n[b]" . $LAN_PROCESSWEBBAN_022 . " [/b][color=#990000][link=" . $url . "]" . addslashes($bannedName) . " - " . addslashes($steamId) . "[/link][/color]\r\n\r\n[b]" . $LAN_PROCESSWEBBAN_023 . " [/b]" . $reasonQueries->getReason($reason) . "\r\n\r\n[b]" . $LAN_PROCESSWEBBAN_024 . " [/b]" . $length->getReadable(), time(), $config);
UpdateBanWebpage($postId, $banId, $config);
}
if ($config->sendEmails) {
// Email
$subject = $LAN_PROCESSWEBBAN_001 . " " . $username;
$body = "<html><body><h2>" . $LAN_PROCESSWEBBAN_001 . " " . $username . "</h2><br/>";
$body .= $LAN_PROCESSWEBBAN_003 . " <b>" . $username . "</b>";
if ($member) {
$body .= " " . $LAN_PROCESSWEBBAN_004;
}
<?php include 'includes/functions.php.inc'; $conference = $_GET['conference']; $channel = $_GET['channel']; kickUser($conference, $channel);
