public function deleteAllTemplateFiles()
{
$template_path = vB::getDatastore()->getOption('template_cache_path');
$db = vB::getDBAssertor();
$result = $db->select('template', array(), false, array('templateid', 'template'));
foreach ($result as $template) {
$this->deleteTemplateFromFileSystem($template['templateid'], $template_path);
}
}
/**
* This is a temporary getter for retrieving the vbulletin object while we still needed
* TODO: remove this method
*
* @global vB_Registry $vbulletin
* @return vB_Registry
*/
public static function &get_registry()
{
global $vbulletin;
if (!isset($vbulletin)) {
//move some initialization of the registry from the legacy bootstrap.
require_once DIR . '/includes/class_core.php';
$vbulletin = new vB_Registry();
//this is the *only* place we should call getDBConnection!!!
$vbulletin->db =& vB::getDBAssertor()->getDBConnection();
$vbulletin->datastore = vB::getDatastore();
//force load some values the vbulletin object. Otherwise init.php can crap out.
if (!$vbulletin->datastore->registerCount()) {
$vbulletin->datastore->getValue('options');
}
$vbulletin->datastore->init_registry();
$request = self::getRequest();
if ($request) {
$vbulletin->ipaddress = $request->getIpAddress();
$vbulletin->alt_ip = $request->getAltIp();
//a bit of a hack, but we only have URL values if this comes in from the web
//we may need to sort things out better so that we do something with these
//functions when we don't have a web request, but this is simpler and this
//is temporary code anyway.
if ($request instanceof vB_Request_Web) {
$cleaner = self::getCleaner();
// store a relative path that includes the sessionhash for reloadurl
$vbulletin->reloadurl = $request->addQuery($cleaner->xssClean($request->getVbUrlPath()), $request->getVbUrlQueryRaw());
// store the current script
$vbulletin->script = $_SERVER['SCRIPT_NAME'];
// store the scriptpath
$vbulletin->scriptpath = $request->getScriptPath();
}
}
}
return $vbulletin;
}
/**
* Checks to see if a password is in the user's password history
*
* Will also delete any expired records in the password history.
*
* @param integer $userid User ID
* @param string $fe_password -- the frontend encoded password
* @param integer $lookback The time period to look back for passwords in seconds
*
* @return boolean Returns true if password is in the history
*/
protected function checkPasswordHistory($userid, $fe_password, $lookback)
{
$db = vB::getDBAssertor();
// first delete old password history
$db->delete('passwordhistory', array('userid' => $userid, array('field' => 'passworddate', 'value' => $lookback, 'operator' => vB_dB_Query::OPERATOR_LTE)));
$old_passwords = $db->select('passwordhistory', array('userid' => $userid));
foreach ($old_passwords as $old_password) {
//need to use the same scheme as when the history hash was created. If the front end scheme has changed
//then we'll be unable to check -- we'll just have to pass it along. When we implement front end schemes
//other than plain md5 we'll need to do something here to check if its changed.
try {
$verify = vB_Utility_Password_Algorithm::instance($old_password['scheme'])->verifyPassword($fe_password, $old_password['token']);
} catch (Exception $e) {
//if we fail to hash the password we'll just ignore that history record. Better than failing because of an old
//record that has a now invalid scheme or something else equally silly.
continue;
}
if ($verify) {
return false;
}
}
return true;
}
