/** * Perform all quick tasks that has to be ran before we authenticate * * @param String $action The action to perform * @param bool $submit The form has been submitted */ function perform_unauthed_quick_tasks($action, $submit = false) { global $template, $umil, $user; switch ($action) { // If the user wants to destroy their STK login cookie case 'stklogout': setcookie('stk_token', '', time() - 31536000); $user->unset_admin(); meta_refresh(3, append_sid(PHPBB_ROOT_PATH . 'index.' . PHP_EXT)); trigger_error('STK_LOGOUT_SUCCESS'); break; // Can't rely on phpBB to get the phpBB version. // Can't rely on phpBB to get the phpBB version. case 'request_phpbb_version': global $cache, $config, $phpbb_container; $_version_number = $cache->get('_stk_phpbb_version_number'); if ($_version_number === false) { if ($submit) { if (!check_form_key('request_phpbb_version')) { trigger_error('FORM_INVALID'); } $_version_number = request_var('version_number', $config['version']); $cache->put('_stk_phpbb_version_number', $_version_number); } else { add_form_key('request_phpbb_version'); page_header($user->lang['REQUEST_PHPBB_VERSION'], false); $version_helper = $phpbb_container->get('version_helper'); $updates_available = $version_helper->get_suggested_updates(false); if ($updates_available) { foreach ($updates_available as $branch => $version_data) { $announcement = $version_data['announcement']; } // Grep the latest phpBB version number list(, , $_phpbb_version) = explode('.', $version_data['current']); } elseif ($config['version'] != PHPBB_VERSION) { $config['version'] = PHPBB_VERSION; $version_helper = $phpbb_container->get('version_helper'); $updates_available = $version_helper->get_suggested_updates(false); if ($updates_available) { foreach ($updates_available as $branch => $version_data) { $announcement = $version_data['announcement']; } } else { $version_data['current'] = $config['version']; } list(, , $_phpbb_version) = explode('.', PHPBB_VERSION); } // Build the options $version_options = ''; for ($i = $_phpbb_version; $i > 1; $i--) { $v = "3.1.{$i}"; $d = $v == $config['version'] ? " default='default'" : ''; $version_options .= "<option value='{$v}'{$d}>{$v}</option>"; } $template->assign_vars(array('UPDATES_AVAILABLE' => PHPBB_VERSION < $version_data['current'] || $config['version'] < $version_data['current'] ? sprintf($user->lang['UPDATES_AVAILABLE'], $version_data['current'], $announcement) : false, 'PROCEED_TO_STK' => $user->lang('PROCEED_TO_STK', '', ''), 'REQUEST_PHPBB_VERSION_OPTIONS' => $version_options, 'U_ACTION' => append_sid(STK_INDEX, array('action' => 'request_phpbb_version')))); $template->set_filenames(array('body' => 'request_phpbb_version.html')); page_footer(false); } } if ($config['version'] < '3.1.2') { trigger_error(sprintf($user->lang['INCORRECT_PHPBB_VERSION'], $version_data['current']), E_USER_WARNING); } define('PHPBB_VERSION_NUMBER', $_version_number); break; // Check PHPBB version // Check PHPBB version case 'check_phpbb_version': check_phpbb_version(); break; // Generate the passwd file // Generate the passwd file case 'genpasswdfile': // Create a 25 character alphanumeric password (easier to select with a browser and won't cause confusion like it could if it ends in "." or something). $_pass_string = substr(preg_replace(array('#([^a-zA-Z0-9])#', '#0#', '#O#'), array('', 'Z', 'Y'), phpbb_hash(unique_id())), 2, 25); // The password is usable for 6 hours from now $_pass_exprire = time() + 21600; // Print a message and tell the user what to do and where to download this page page_header($user->lang['GEN_PASS_FILE'], false); $template->assign_vars(array('PASS_GENERATED' => sprintf($user->lang['PASS_GENERATED'], $_pass_string, $user->format_date($_pass_exprire, false, true)), 'PASS_GENERATED_REDIRECT' => sprintf($user->lang['PASS_GENERATED_REDIRECT'], append_sid(STK_ROOT_PATH . 'index.' . PHP_EXT)), 'S_HIDDEN_FIELDS' => build_hidden_fields(array('pass_string' => $_pass_string, 'pass_exp' => $_pass_exprire)), 'U_ACTION' => append_sid(STK_INDEX, array('action' => 'downpasswdfile')))); $template->set_filenames(array('body' => 'gen_password.html')); page_footer(false); break; // Download the passwd file // Download the passwd file case 'downpasswdfile': $_pass_string = request_var('pass_string', '', true); $_pass_exprire = request_var('pass_exp', 0); // Something went wrong, stop execution if (!isset($_POST['download_passwd']) || empty($_pass_string) || $_pass_exprire <= 0) { trigger_error($user->lang['GEN_PASS_FAILED'], E_USER_ERROR); } // Create the file and let the user download it header('Content-Type: text/x-delimtext; name="passwd.' . PHP_EXT . '"'); header('Content-disposition: attachment; filename=passwd.' . PHP_EXT); print "<?php\n/**\n* Support Toolkit emergency password.\n* The file was generated on: " . $user->format_date($_pass_exprire - 21600, 'd/M/Y H:i.s', true) . " and will expire on: " . $user->format_date($_pass_exprire, 'd/M/Y H:i.s', true) . ".\n*/\n\n// This file can only be from inside the Support Toolkit\nif (!defined('IN_PHPBB') || !defined('STK_VERSION'))\n{\n\texit;\n}\n\n\$stk_passwd\t\t\t\t= '{$_pass_string}';\n\$stk_passwd_expiration\t= {$_pass_exprire};\n"; exit_handler(); break; } }
$umil = new umil(true); } // Load STK config when not in the erk if (!isset($stk_config)) { $stk_config = array(); include STK_ROOT_PATH . 'config.' . PHP_EXT; } // Setup some common variables $action = request_var('action', ''); $submit = request_var('submit', false); // Try to determine the phpBB version number, we might need that down the road // `PHPBB_VERSION` was added in 3.0.3, for older versions just rely on the config if (!defined('IN_ERK') && (defined('PHPBB_VERSION') && PHPBB_VERSION == $config['version']) || !defined('PHPBB_VERSION')) { define('PHPBB_VERSION_NUMBER', $config['version']); stk_add_lang('common'); // Try to determine the phpBB actually version number $updates_available = false; $version_helper = $phpbb_container->get('version_helper'); try { $updates_available = $version_helper->get_suggested_updates(false); } catch (\RuntimeException $e) { $template->assign_vars(array('S_VERSIONCHECK_FAIL' => true, 'VERSIONCHECK_FAIL_REASON' => $user->lang('VERSIONCHECK_FAIL'))); } if ($updates_available) { check_phpbb_version(); } } else { if ($action != 'genpasswdfile' || $action != 'downpasswdfile' || $action != 'stklogout' || $action != 'request_phpbb_version') { $action = 'request_phpbb_version'; } }