function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false) { global $lang, $config, $usrcp, $userinfo; global $script_path, $script_encoding, $script_srv, $script_db, $script_user, $script_pass, $script_prefix; //check for last slash / if (isset($script_path)) { if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') { $script_path = substr($script_path, 0, strlen($script_path)); } //get some useful data from phbb config file if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) { include PATH . $script_path . SCRIPT_CONFIG_PATH; $forum_srv = $dbhost; $forum_db = $dbname; $forum_user = $dbuser; $forum_pass = $dbpasswd; $forum_prefix = $table_prefix; if (empty($dbhost)) { $forum_srv = 'localhost'; } if (!empty($dbport)) { $forum_srv .= ':' . $dbport; } } else { big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'phpBB3')); } } else { $forum_srv = $script_srv; $forum_db = $script_db; $forum_user = $script_user; $forum_pass = $script_pass; $forum_prefix = $script_prefix; } //if no variables of db if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) { return; } //conecting ... $SQLBB = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true); $SQLBB->set_names('utf8'); unset($forum_pass); // We do not need this any longer //get utf tools global $phpbb_root_path, $phpEx; $phpbb_root_path = PATH . $script_path . '/'; $phpEx = 'php'; define('IN_PHPBB', true); include_once PATH . $script_path . '/includes/utf/utf_tools.' . $phpEx; $row_leve = 'user_type'; $admin_level = 3; $query2 = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}users`"); $query2['WHERE'] = $hashed ? "user_id=" . intval($name) . " AND user_password='******' " : "username_clean='" . $SQLBB->escape(utf8_clean_string($name)) . "'"; if ($return_name) { $query2['SELECT'] = "username"; $query2['WHERE'] = "user_id=" . intval($name); } $query = ''; if (!$hashed) { $result2 = $SQLBB->build($query2); while ($row = $SQLBB->fetch($result2)) { $SQLBB->free($result2); if ($return_name) { return $row['username']; } else { if (phpbb_check_hash($pass, $row['user_password'])) { $query = $query2; } } } } else { $query = $query2; } if (empty($query)) { $SQLBB->close(); return false; } ($hook = $plugin->run_hook('qr_select_usrdata_phpbb_usr_class')) ? eval($hook) : null; //run hook $result = $SQLBB->build($query); if ($SQLBB->num($result) != 0) { while ($row = $SQLBB->fetch($result)) { if ($SQLBB->num($SQLBB->query("SELECT ban_userid FROM `{$forum_prefix}banlist` WHERE ban_userid=" . intval($row['user_id']))) == 0) { if (!$loginadm) { define('USER_ID', $row['user_id']); define('GROUP_ID', $row[$row_leve] == $admin_level ? '1' : '3'); define('USER_NAME', $row['username']); define('USER_MAIL', $row['user_email']); if ($row[$row_leve] == $admin_level) { define('USER_ADMIN', true); } } $userinfo = $row; $userinfo['group_id'] = $row[$row_leve] == $admin_level ? '1' : '3'; $user_y = kleeja_base64_encode(serialize(array('id' => $row['user_id'], 'name' => $row['username'], 'mail' => $row['user_email'], 'last_visit' => time()))); if (!$hashed && !$loginadm) { $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['user_id'] . '|' . $row['user_password'] . '|' . $expire . '|' . sha1(md5($config['h_key'] . $row['user_password']) . $expire) . '|' . ($row[$row_leve] == $admin_level ? '1' : '3') . '|' . $user_y), $expire); } ($hook = $plugin->run_hook('qr_while_usrdata_phpbb_usr_class')) ? eval($hook) : null; //run hook } else { //he is banned from phpBB $SQLBB->free($result); unset($pass); $SQLBB->close(); return false; } } $SQLBB->free($result); unset($pass); $SQLBB->close(); return true; } else { $SQLBB->free($result); $SQLBB->close(); return false; } //dont know why they come here ! return false; }
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false) { global $lang, $config, $usrcp, $userinfo; global $script_path, $script_cp1256, $script_srv, $script_db, $script_user, $script_pass, $script_prefix, $script_db_charset; if (isset($script_path)) { //check for last slash if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') { $script_path = substr($script_path, 0, strlen($script_path)); } //get some useful data from vb config file if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) { require_once PATH . $script_path . SCRIPT_CONFIG_PATH; // //get config from config file // $forum_srv = $config['MasterServer']['servername']; $forum_db = $config['Database']['dbname']; $forum_user = $config['MasterServer']['username']; $forum_pass = $config['MasterServer']['password']; $forum_prefix = $config['Database']['tableprefix']; if ($config['MasterServer']['port'] != 3306) { $forum_srv .= ':' . $config['MasterServer']['port']; } //some people change their db charset if (isset($config['Mysqli']['charset'])) { $forum_db_charset = $config['Mysqli']['charset']; } } else { big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'Vbulletin')); } } else { // //custom config data // $forum_srv = $script_srv; $forum_db = $script_db; $forum_user = $script_user; $forum_pass = $script_pass; $forum_prefix = $script_prefix; //some people change their db charset if (isset($script_db_charset)) { $forum_db_charset = $script_db_charset; } } if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) { return; } $SQLVB = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true); if (isset($forum_db_charset)) { //config $SQLVB->set_names($forum_db_charset); } else { $SQLVB->set_names('latin1'); } unset($forum_pass); // We do not need this any longer $pass = empty($script_cp1256) || !$script_cp1256 ? $pass : $usrcp->kleeja_utf8($pass, false); $name = empty($script_cp1256) || !$script_cp1256 || $hashed ? $name : $usrcp->kleeja_utf8($name, false); $query_salt = array('SELECT' => $hashed ? '*' : 'salt', 'FROM' => "`{$forum_prefix}user`"); $query_salt['WHERE'] = $hashed ? "userid=" . intval($name) . " AND password='******' AND usergroupid != '8'" : "username='******' AND usergroupid != '8'"; //if return only name let's ignore the obove if ($return_name) { $query_salt['SELECT'] = "username"; $query_salt['WHERE'] = "userid=" . intval($name); } ($hook = kleeja_run_hook('qr_select_usrdata_vb_usr_class')) ? eval($hook) : null; //run hook $result_salt = $SQLVB->build($query_salt); if ($SQLVB->num_rows($result_salt) > 0) { while ($row1 = $SQLVB->fetch_array($result_salt)) { if ($return_name) { return empty($script_cp1256) || !$script_cp1256 ? $row1['username'] : $usrcp->kleeja_utf8($row1['username']); } if (!$hashed) { $pass = md5(md5($pass) . $row1['salt']); // without normal md5 $query = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}user`", 'WHERE' => "username='******' AND password='******' AND usergroupid != '8'"); $result = $SQLVB->build($query); if ($SQLVB->num_rows($result) != 0) { while ($row = $SQLVB->fetch_array($result)) { if (!$loginadm) { define('USER_ID', $row['userid']); define('GROUP_ID', $row['usergroupid'] == 6 ? 1 : 3); define('USER_NAME', empty($script_cp1256) || !$script_cp1256 ? $row['username'] : $usrcp->kleeja_utf8($row['username'])); define('USER_MAIL', $row['email']); define('USER_ADMIN', $row['usergroupid'] == 6 ? 1 : 0); } //define('LAST_VISIT',$row['last_visit']); $userinfo = $row; $userinfo['group_id'] = $row['usergroupid'] == 6 ? 1 : 3; $user_y = kleeja_base64_encode(serialize(array('id' => $row['userid'], 'name' => USER_NAME, 'mail' => $row['email'], 'last_visit' => time()))); $hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire); if (!$loginadm) { $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['userid'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . ($row['usergroupid'] == 6 ? 1 : 3) . '|' . $user_y), $expire); } ($hook = kleeja_run_hook('qr_while_usrdata_vb_usr_class')) ? eval($hook) : null; //run hook } $SQLVB->freeresult($result); } else { $SQLVB->close(); return false; } } else { if (!$loginadm) { define('USER_ID', $row1['userid']); define('USER_NAME', empty($script_cp1256) || !$script_cp1256 ? $row1['username'] : $usrcp->kleeja_utf8($row1['username'])); define('USER_MAIL', $row1['email']); define('USER_ADMIN', $row1['usergroupid'] == 6 ? 1 : 0); define('GROUP_ID', $row1['usergroupid'] == 6 ? 1 : 3); $userinfo = $row1; $userinfo['group_id'] = $row1['usergroupid'] == 6 ? 1 : 3; } } } #whil1 $SQLVB->freeresult($result_salt); unset($pass); $SQLVB->close(); return true; } else { $SQLVB->close(); return false; } }
} $starttm = get_microtime(); //path if (!defined('PATH')) { define('PATH', './'); } // there is a config require PATH . 'includes/config.php'; //include files .. & classes .. $path = dirname(__FILE__) . '/'; $root_path = PATH; require $path . 'mysql.php'; require $path . 'style.php'; require $path . 'functions.php'; // start classes .. $SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname); //no need after now unset($dbpass); $tpl = new phpquran_style(); //$kljup = new KljUploader; if (file_exists($root_path . 'cache/data_settings.php')) { include_once $root_path . 'cache/data_settings.php'; } //else //{ // big_error('Couldnt find phpquran settings file !!','phpquran is missing important file located in cache/data_settings.php'); //} //getting cache [KLEEJA CACHE SYSTEM] if (empty($config) or !file_exists($root_path . 'cache/data_settings.php')) { $query = array('SELECT' => 'c.*', 'FROM' => "{$dbprefix}config c"); $result = $SQL->build($query);
break; case 'data': if (isset($_POST['datasubmit'])) { //check data ... if (empty($_POST['sitename']) || empty($_POST['siteurl']) || empty($_POST['sitemail']) || empty($_POST['username']) || empty($_POST['password']) || empty($_POST['email'])) { echo $lang['EMPTY_FIELDS']; echo $footer_inst; exit; } if (strpos($_POST['email'], '@') === false) { echo $lang['WRONG_EMAIL']; echo $footer_inst; exit; } //connect .. for check $SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname); include_once '../includes/usr.php'; include_once '../includes/functions_alternative.php'; $usrcp = new usrcp(); $user_salt = substr(kleeja_base64_encode(pack("H*", sha1(mt_rand()))), 0, 7); $user_pass = $usrcp->kleeja_hash_password($_POST['password'] . $user_salt); $user_name = $SQL->escape($_POST['username']); $user_mail = $SQL->escape($_POST['email']); $config_sitename = $SQL->escape($_POST['sitename']); $config_siteurl = $SQL->escape($_POST['siteurl']); $config_sitemail = $SQL->escape($_POST['sitemail']); $config_style = $SQL->escape($_POST['style']); $config_urls_type = in_array($_POST['urls_type'], array('id', 'filename', 'direct')) ? $_POST['urls_type'] : 'id'; $clean_name = $usrcp->cleanusername($SQL->escape($user_name)); /// ok .. we will get sqls now .. include 'includes/install_sqls.php';
break; default: require PATH . 'includes/mysql.php'; } require PATH . 'includes/style.php'; require PATH . 'includes/KljUploader.php'; require PATH . 'includes/usr.php'; require PATH . 'includes/pager.php'; require PATH . 'includes/functions.php'; require PATH . 'includes/functions_display.php'; //fix intregation problems if (empty($script_encoding)) { $script_encoding = 'widnows-1256'; } // start classes .. $SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname); //no need after now unset($dbpass); $tpl = new kleeja_style(); $kljup = new KljUploader(); $usrcp = new usrcp(); //then get caches require PATH . 'includes/cache.php'; //check user or guest $usrcp->kleeja_check_user(); //no tpl caching in dev stage if (defined('DEV_STAGE')) { $tpl->caching = false; } //check if admin (true/false) $is_admin = $usrcp->admin();
define('PATH', $_path); if (file_exists($_path . 'config.php')) { include_once $_path . 'config.php'; } include_once $_path . 'includes/functions.php'; include_once $_path . 'includes/functions_alternative.php'; switch ($db_type) { case 'mysqli': include_once $_path . 'includes/mysqli.php'; break; default: include_once $_path . 'includes/mysql.php'; } include_once 'includes/functions_install.php'; $order_update_files = array('RC_to_1.5' => 7, '1.0_to_1.5' => 8); $SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname); // // Is current db is up-to-date ? // $config['db_version'] = inst_get_config('db_version'); if ($config['db_version'] == false) { $SQL->query("INSERT INTO `{$dbprefix}config` (`name` ,`value`) VALUES ('db_version', '')"); } if (!isset($_GET['step'])) { $_GET['step'] = 'action_file'; } $IN_UPDATE = true; /** * print header */ if (!isset($_POST['action_file_do'])) {
/** * Get config value from database directly, if not return false. */ function inst_get_config($name) { global $SQL, $dbprefix; if (!is_resource($SQL)) { global $dbserver, $dbuser, $dbpass, $dbname; if (!isset($dbserver)) { return false; } $SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname); } $SQL->show_errors = false; $sql = "SELECT value FROM `{$dbprefix}config` WHERE `name` = '" . $name . "'"; $result = $SQL->query($sql); if ($SQL->num_rows($result) == 0) { return false; } else { $current_ver = $SQL->fetch_array($result); return $current_ver['value']; } }
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false) { global $lang, $config, $usrcp, $userinfo; global $script_path, $script_encoding, $script_srv, $script_db, $script_user, $script_pass, $script_prefix; if (isset($script_path)) { //check for last slash / if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') { $script_path = substr($script_path, 0, strlen($script_path)); } //get database data from mysmartbb config file if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) { require_once PATH . $script_path . SCRIPT_CONFIG_PATH; $forum_srv = $config['db']['server']; $forum_db = $config['db']['name']; $forum_user = $config['db']['username']; $forum_pass = $config['db']['password']; $forum_prefix = $config['db']['prefix']; } else { big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'MySmartBB')); } } else { $forum_srv = $script_srv; $forum_db = $script_db; $forum_user = $script_user; $forum_pass = $script_pass; $forum_prefix = $script_prefix; } if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) { return; } $SQLMS = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true); $SQLVB->set_names('latin1'); $pass = $usrcp->kleeja_utf8($pass, false); $name = $usrcp->kleeja_utf8($name, false); $query = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}member`"); $query['WHERE'] = $hashed ? "id=" . intval($name) . " AND password='******'" : "username='******' AND password='******'"; //if return only name let's ignore the obove if ($return_name) { $query_salt['SELECT'] = "username"; $query_salt['WHERE'] = "id=" . intval($name); } ($hook = kleeja_run_hook('qr_select_usrdata_mysbb_usr_class')) ? eval($hook) : null; //run hook $result = $SQLMS->build($query); if ($SQLMS->num_rows($result) != 0) { while ($row = $SQLMS->fetch_array($result)) { if ($return_name) { return $row['username']; } if (!$loginadm) { define('USER_ID', $row['id']); define('GROUP_ID', $row['usergroup'] == 1 ? 1 : 3); define('USER_NAME', $usrcp->kleeja_utf8($row['username'])); define('USER_MAIL', $row['email']); define('USER_ADMIN', $row['usergroup'] == 1 ? 1 : 0); } $userinfo = $row; $userinfo['group_id'] = GROUP_ID; $user_y = kleeja_base64_encode(serialize(array('id' => $row['id'], 'name' => $usrcp->kleeja_utf8($row['username']), 'mail' => $row['email'], 'last_visit' => time()))); $hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire); if (!$hashed && !$loginadm) { $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['id'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . GROUP_ID . '|' . $user_y), $expire); } ($hook = kleeja_run_hook('qr_while_usrdata_mysbb_usr_class')) ? eval($hook) : null; //run hook } $SQLMS->freeresult($result); unset($pass); $SQLMS->close(); return true; } else { $SQLMS->close(); return false; } }