Ejemplo n.º 1
0
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false)
{
    global $lang, $config, $usrcp, $userinfo;
    global $script_path, $script_encoding, $script_srv, $script_db, $script_user, $script_pass, $script_prefix;
    //check for last slash /
    if (isset($script_path)) {
        if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') {
            $script_path = substr($script_path, 0, strlen($script_path));
        }
        //get some useful data from phbb config file
        if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) {
            include PATH . $script_path . SCRIPT_CONFIG_PATH;
            $forum_srv = $dbhost;
            $forum_db = $dbname;
            $forum_user = $dbuser;
            $forum_pass = $dbpasswd;
            $forum_prefix = $table_prefix;
            if (empty($dbhost)) {
                $forum_srv = 'localhost';
            }
            if (!empty($dbport)) {
                $forum_srv .= ':' . $dbport;
            }
        } else {
            big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'phpBB3'));
        }
    } else {
        $forum_srv = $script_srv;
        $forum_db = $script_db;
        $forum_user = $script_user;
        $forum_pass = $script_pass;
        $forum_prefix = $script_prefix;
    }
    //if no variables of db
    if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) {
        return;
    }
    //conecting ...
    $SQLBB = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true);
    $SQLBB->set_names('utf8');
    unset($forum_pass);
    // We do not need this any longer
    //get utf tools
    global $phpbb_root_path, $phpEx;
    $phpbb_root_path = PATH . $script_path . '/';
    $phpEx = 'php';
    define('IN_PHPBB', true);
    include_once PATH . $script_path . '/includes/utf/utf_tools.' . $phpEx;
    $row_leve = 'user_type';
    $admin_level = 3;
    $query2 = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}users`");
    $query2['WHERE'] = $hashed ? "user_id=" . intval($name) . "  AND user_password='******' " : "username_clean='" . $SQLBB->escape(utf8_clean_string($name)) . "'";
    if ($return_name) {
        $query2['SELECT'] = "username";
        $query2['WHERE'] = "user_id=" . intval($name);
    }
    $query = '';
    if (!$hashed) {
        $result2 = $SQLBB->build($query2);
        while ($row = $SQLBB->fetch($result2)) {
            $SQLBB->free($result2);
            if ($return_name) {
                return $row['username'];
            } else {
                if (phpbb_check_hash($pass, $row['user_password'])) {
                    $query = $query2;
                }
            }
        }
    } else {
        $query = $query2;
    }
    if (empty($query)) {
        $SQLBB->close();
        return false;
    }
    ($hook = $plugin->run_hook('qr_select_usrdata_phpbb_usr_class')) ? eval($hook) : null;
    //run hook
    $result = $SQLBB->build($query);
    if ($SQLBB->num($result) != 0) {
        while ($row = $SQLBB->fetch($result)) {
            if ($SQLBB->num($SQLBB->query("SELECT ban_userid FROM `{$forum_prefix}banlist` WHERE ban_userid=" . intval($row['user_id']))) == 0) {
                if (!$loginadm) {
                    define('USER_ID', $row['user_id']);
                    define('GROUP_ID', $row[$row_leve] == $admin_level ? '1' : '3');
                    define('USER_NAME', $row['username']);
                    define('USER_MAIL', $row['user_email']);
                    if ($row[$row_leve] == $admin_level) {
                        define('USER_ADMIN', true);
                    }
                }
                $userinfo = $row;
                $userinfo['group_id'] = $row[$row_leve] == $admin_level ? '1' : '3';
                $user_y = kleeja_base64_encode(serialize(array('id' => $row['user_id'], 'name' => $row['username'], 'mail' => $row['user_email'], 'last_visit' => time())));
                if (!$hashed && !$loginadm) {
                    $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['user_id'] . '|' . $row['user_password'] . '|' . $expire . '|' . sha1(md5($config['h_key'] . $row['user_password']) . $expire) . '|' . ($row[$row_leve] == $admin_level ? '1' : '3') . '|' . $user_y), $expire);
                }
                ($hook = $plugin->run_hook('qr_while_usrdata_phpbb_usr_class')) ? eval($hook) : null;
                //run hook
            } else {
                //he is banned from phpBB
                $SQLBB->free($result);
                unset($pass);
                $SQLBB->close();
                return false;
            }
        }
        $SQLBB->free($result);
        unset($pass);
        $SQLBB->close();
        return true;
    } else {
        $SQLBB->free($result);
        $SQLBB->close();
        return false;
    }
    //dont know why they come here !
    return false;
}
Ejemplo n.º 2
0
Archivo: vb.php Proyecto: Saleh7/Kleeja
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false)
{
    global $lang, $config, $usrcp, $userinfo;
    global $script_path, $script_cp1256, $script_srv, $script_db, $script_user, $script_pass, $script_prefix, $script_db_charset;
    if (isset($script_path)) {
        //check for last slash
        if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') {
            $script_path = substr($script_path, 0, strlen($script_path));
        }
        //get some useful data from vb config file
        if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) {
            require_once PATH . $script_path . SCRIPT_CONFIG_PATH;
            //
            //get config from config file
            //
            $forum_srv = $config['MasterServer']['servername'];
            $forum_db = $config['Database']['dbname'];
            $forum_user = $config['MasterServer']['username'];
            $forum_pass = $config['MasterServer']['password'];
            $forum_prefix = $config['Database']['tableprefix'];
            if ($config['MasterServer']['port'] != 3306) {
                $forum_srv .= ':' . $config['MasterServer']['port'];
            }
            //some people change their db charset
            if (isset($config['Mysqli']['charset'])) {
                $forum_db_charset = $config['Mysqli']['charset'];
            }
        } else {
            big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'Vbulletin'));
        }
    } else {
        //
        //custom config data
        //
        $forum_srv = $script_srv;
        $forum_db = $script_db;
        $forum_user = $script_user;
        $forum_pass = $script_pass;
        $forum_prefix = $script_prefix;
        //some people change their db charset
        if (isset($script_db_charset)) {
            $forum_db_charset = $script_db_charset;
        }
    }
    if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) {
        return;
    }
    $SQLVB = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true);
    if (isset($forum_db_charset)) {
        //config
        $SQLVB->set_names($forum_db_charset);
    } else {
        $SQLVB->set_names('latin1');
    }
    unset($forum_pass);
    // We do not need this any longer
    $pass = empty($script_cp1256) || !$script_cp1256 ? $pass : $usrcp->kleeja_utf8($pass, false);
    $name = empty($script_cp1256) || !$script_cp1256 || $hashed ? $name : $usrcp->kleeja_utf8($name, false);
    $query_salt = array('SELECT' => $hashed ? '*' : 'salt', 'FROM' => "`{$forum_prefix}user`");
    $query_salt['WHERE'] = $hashed ? "userid=" . intval($name) . " AND password='******' AND usergroupid != '8'" : "username='******' AND usergroupid != '8'";
    //if return only name let's ignore the obove
    if ($return_name) {
        $query_salt['SELECT'] = "username";
        $query_salt['WHERE'] = "userid=" . intval($name);
    }
    ($hook = kleeja_run_hook('qr_select_usrdata_vb_usr_class')) ? eval($hook) : null;
    //run hook
    $result_salt = $SQLVB->build($query_salt);
    if ($SQLVB->num_rows($result_salt) > 0) {
        while ($row1 = $SQLVB->fetch_array($result_salt)) {
            if ($return_name) {
                return empty($script_cp1256) || !$script_cp1256 ? $row1['username'] : $usrcp->kleeja_utf8($row1['username']);
            }
            if (!$hashed) {
                $pass = md5(md5($pass) . $row1['salt']);
                // without normal md5
                $query = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}user`", 'WHERE' => "username='******' AND password='******' AND usergroupid != '8'");
                $result = $SQLVB->build($query);
                if ($SQLVB->num_rows($result) != 0) {
                    while ($row = $SQLVB->fetch_array($result)) {
                        if (!$loginadm) {
                            define('USER_ID', $row['userid']);
                            define('GROUP_ID', $row['usergroupid'] == 6 ? 1 : 3);
                            define('USER_NAME', empty($script_cp1256) || !$script_cp1256 ? $row['username'] : $usrcp->kleeja_utf8($row['username']));
                            define('USER_MAIL', $row['email']);
                            define('USER_ADMIN', $row['usergroupid'] == 6 ? 1 : 0);
                        }
                        //define('LAST_VISIT',$row['last_visit']);
                        $userinfo = $row;
                        $userinfo['group_id'] = $row['usergroupid'] == 6 ? 1 : 3;
                        $user_y = kleeja_base64_encode(serialize(array('id' => $row['userid'], 'name' => USER_NAME, 'mail' => $row['email'], 'last_visit' => time())));
                        $hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire);
                        if (!$loginadm) {
                            $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['userid'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . ($row['usergroupid'] == 6 ? 1 : 3) . '|' . $user_y), $expire);
                        }
                        ($hook = kleeja_run_hook('qr_while_usrdata_vb_usr_class')) ? eval($hook) : null;
                        //run hook
                    }
                    $SQLVB->freeresult($result);
                } else {
                    $SQLVB->close();
                    return false;
                }
            } else {
                if (!$loginadm) {
                    define('USER_ID', $row1['userid']);
                    define('USER_NAME', empty($script_cp1256) || !$script_cp1256 ? $row1['username'] : $usrcp->kleeja_utf8($row1['username']));
                    define('USER_MAIL', $row1['email']);
                    define('USER_ADMIN', $row1['usergroupid'] == 6 ? 1 : 0);
                    define('GROUP_ID', $row1['usergroupid'] == 6 ? 1 : 3);
                    $userinfo = $row1;
                    $userinfo['group_id'] = $row1['usergroupid'] == 6 ? 1 : 3;
                }
            }
        }
        #whil1
        $SQLVB->freeresult($result_salt);
        unset($pass);
        $SQLVB->close();
        return true;
    } else {
        $SQLVB->close();
        return false;
    }
}
Ejemplo n.º 3
0
}
$starttm = get_microtime();
//path
if (!defined('PATH')) {
    define('PATH', './');
}
// there is a config
require PATH . 'includes/config.php';
//include files .. & classes ..
$path = dirname(__FILE__) . '/';
$root_path = PATH;
require $path . 'mysql.php';
require $path . 'style.php';
require $path . 'functions.php';
// start classes ..
$SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname);
//no need after now
unset($dbpass);
$tpl = new phpquran_style();
//$kljup	= new KljUploader;
if (file_exists($root_path . 'cache/data_settings.php')) {
    include_once $root_path . 'cache/data_settings.php';
}
//else
//{
//	big_error('Couldnt find phpquran settings file !!','phpquran is missing important file located in cache/data_settings.php');
//}
//getting cache [KLEEJA CACHE SYSTEM]
if (empty($config) or !file_exists($root_path . 'cache/data_settings.php')) {
    $query = array('SELECT' => 'c.*', 'FROM' => "{$dbprefix}config c");
    $result = $SQL->build($query);
Ejemplo n.º 4
0
     break;
 case 'data':
     if (isset($_POST['datasubmit'])) {
         //check data ...
         if (empty($_POST['sitename']) || empty($_POST['siteurl']) || empty($_POST['sitemail']) || empty($_POST['username']) || empty($_POST['password']) || empty($_POST['email'])) {
             echo $lang['EMPTY_FIELDS'];
             echo $footer_inst;
             exit;
         }
         if (strpos($_POST['email'], '@') === false) {
             echo $lang['WRONG_EMAIL'];
             echo $footer_inst;
             exit;
         }
         //connect .. for check
         $SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname);
         include_once '../includes/usr.php';
         include_once '../includes/functions_alternative.php';
         $usrcp = new usrcp();
         $user_salt = substr(kleeja_base64_encode(pack("H*", sha1(mt_rand()))), 0, 7);
         $user_pass = $usrcp->kleeja_hash_password($_POST['password'] . $user_salt);
         $user_name = $SQL->escape($_POST['username']);
         $user_mail = $SQL->escape($_POST['email']);
         $config_sitename = $SQL->escape($_POST['sitename']);
         $config_siteurl = $SQL->escape($_POST['siteurl']);
         $config_sitemail = $SQL->escape($_POST['sitemail']);
         $config_style = $SQL->escape($_POST['style']);
         $config_urls_type = in_array($_POST['urls_type'], array('id', 'filename', 'direct')) ? $_POST['urls_type'] : 'id';
         $clean_name = $usrcp->cleanusername($SQL->escape($user_name));
         /// ok .. we will get sqls now ..
         include 'includes/install_sqls.php';
Ejemplo n.º 5
0
        break;
    default:
        require PATH . 'includes/mysql.php';
}
require PATH . 'includes/style.php';
require PATH . 'includes/KljUploader.php';
require PATH . 'includes/usr.php';
require PATH . 'includes/pager.php';
require PATH . 'includes/functions.php';
require PATH . 'includes/functions_display.php';
//fix intregation problems
if (empty($script_encoding)) {
    $script_encoding = 'widnows-1256';
}
// start classes ..
$SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname);
//no need after now
unset($dbpass);
$tpl = new kleeja_style();
$kljup = new KljUploader();
$usrcp = new usrcp();
//then get caches
require PATH . 'includes/cache.php';
//check user or guest
$usrcp->kleeja_check_user();
//no tpl caching in dev stage
if (defined('DEV_STAGE')) {
    $tpl->caching = false;
}
//check if admin (true/false)
$is_admin = $usrcp->admin();
Ejemplo n.º 6
0
define('PATH', $_path);
if (file_exists($_path . 'config.php')) {
    include_once $_path . 'config.php';
}
include_once $_path . 'includes/functions.php';
include_once $_path . 'includes/functions_alternative.php';
switch ($db_type) {
    case 'mysqli':
        include_once $_path . 'includes/mysqli.php';
        break;
    default:
        include_once $_path . 'includes/mysql.php';
}
include_once 'includes/functions_install.php';
$order_update_files = array('RC_to_1.5' => 7, '1.0_to_1.5' => 8);
$SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname);
//
// Is current db is up-to-date ?
//
$config['db_version'] = inst_get_config('db_version');
if ($config['db_version'] == false) {
    $SQL->query("INSERT INTO `{$dbprefix}config` (`name` ,`value`) VALUES ('db_version', '')");
}
if (!isset($_GET['step'])) {
    $_GET['step'] = 'action_file';
}
$IN_UPDATE = true;
/**
* print header
*/
if (!isset($_POST['action_file_do'])) {
/**
* Get config value from database directly, if not return false.
*/
function inst_get_config($name)
{
    global $SQL, $dbprefix;
    if (!is_resource($SQL)) {
        global $dbserver, $dbuser, $dbpass, $dbname;
        if (!isset($dbserver)) {
            return false;
        }
        $SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname);
    }
    $SQL->show_errors = false;
    $sql = "SELECT value FROM `{$dbprefix}config` WHERE `name` = '" . $name . "'";
    $result = $SQL->query($sql);
    if ($SQL->num_rows($result) == 0) {
        return false;
    } else {
        $current_ver = $SQL->fetch_array($result);
        return $current_ver['value'];
    }
}
Ejemplo n.º 8
0
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false)
{
    global $lang, $config, $usrcp, $userinfo;
    global $script_path, $script_encoding, $script_srv, $script_db, $script_user, $script_pass, $script_prefix;
    if (isset($script_path)) {
        //check for last slash /
        if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') {
            $script_path = substr($script_path, 0, strlen($script_path));
        }
        //get database data from mysmartbb config file
        if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) {
            require_once PATH . $script_path . SCRIPT_CONFIG_PATH;
            $forum_srv = $config['db']['server'];
            $forum_db = $config['db']['name'];
            $forum_user = $config['db']['username'];
            $forum_pass = $config['db']['password'];
            $forum_prefix = $config['db']['prefix'];
        } else {
            big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'MySmartBB'));
        }
    } else {
        $forum_srv = $script_srv;
        $forum_db = $script_db;
        $forum_user = $script_user;
        $forum_pass = $script_pass;
        $forum_prefix = $script_prefix;
    }
    if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) {
        return;
    }
    $SQLMS = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true);
    $SQLVB->set_names('latin1');
    $pass = $usrcp->kleeja_utf8($pass, false);
    $name = $usrcp->kleeja_utf8($name, false);
    $query = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}member`");
    $query['WHERE'] = $hashed ? "id=" . intval($name) . " AND password='******'" : "username='******' AND password='******'";
    //if return only name let's ignore the obove
    if ($return_name) {
        $query_salt['SELECT'] = "username";
        $query_salt['WHERE'] = "id=" . intval($name);
    }
    ($hook = kleeja_run_hook('qr_select_usrdata_mysbb_usr_class')) ? eval($hook) : null;
    //run hook
    $result = $SQLMS->build($query);
    if ($SQLMS->num_rows($result) != 0) {
        while ($row = $SQLMS->fetch_array($result)) {
            if ($return_name) {
                return $row['username'];
            }
            if (!$loginadm) {
                define('USER_ID', $row['id']);
                define('GROUP_ID', $row['usergroup'] == 1 ? 1 : 3);
                define('USER_NAME', $usrcp->kleeja_utf8($row['username']));
                define('USER_MAIL', $row['email']);
                define('USER_ADMIN', $row['usergroup'] == 1 ? 1 : 0);
            }
            $userinfo = $row;
            $userinfo['group_id'] = GROUP_ID;
            $user_y = kleeja_base64_encode(serialize(array('id' => $row['id'], 'name' => $usrcp->kleeja_utf8($row['username']), 'mail' => $row['email'], 'last_visit' => time())));
            $hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire);
            if (!$hashed && !$loginadm) {
                $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['id'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . GROUP_ID . '|' . $user_y), $expire);
            }
            ($hook = kleeja_run_hook('qr_while_usrdata_mysbb_usr_class')) ? eval($hook) : null;
            //run hook
        }
        $SQLMS->freeresult($result);
        unset($pass);
        $SQLMS->close();
        return true;
    } else {
        $SQLMS->close();
        return false;
    }
}