/**
* Find if the given member id and password is valid. If username is NULL, then the member id is used instead.
* All authorisation, cookies, and form-logins, are passed through this function.
* Some forums do cookie logins differently, so a Boolean is passed in to indicate whether it is a cookie login.
*
* @param ?SHORT_TEXT The member username (NULL: don't use this in the authentication - but look it up using the ID if needed)
* @param MEMBER The member id
* @param MD5 The md5-hashed password
* @param string The raw password
* @param boolean Whether this is a cookie login
* @return array A map of 'id' and 'error'. If 'id' is NULL, an error occurred and 'error' is set
*/
function forum_authorise_login($username, $userid, $password_hashed, $password_raw, $cookie_login = false)
{
$out = array();
$out['id'] = NULL;
if (is_null($userid)) {
$rows = $this->connection->query_select('members', array('*'), array('name' => $this->ipb_escape($username)), '', 1);
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['member_id']] = $rows[0];
} else {
$rows = $this->connection->query_select('members', array('*'), array('members_display_name' => $this->ipb_escape($username)), '', 1);
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['member_id']] = $rows[0];
}
}
} else {
$rows[0] = $this->get_member_row($userid);
}
if (!array_key_exists(0, $rows)) {
$out['error'] = do_lang_tempcode('_USER_NO_EXIST', $username);
return $out;
}
$row = $rows[0];
if ($row['member_banned'] == 1) {
$out['error'] = do_lang_tempcode('USER_BANNED');
return $out;
}
if ($cookie_login) {
if ($password_hashed != $row['member_login_key']) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
// Check stronghold
global $SITE_INFO;
if (array_key_exists('stronghold_cookies', $SITE_INFO) && $SITE_INFO['stronghold_cookies'] == 1) {
$ip_octets = explode('.', ocp_srv('REMOTE_ADDR'));
$crypt_salt = md5(get_db_forums_password() . get_db_forums_user());
$a = get_member_cookie();
$b = get_pass_cookie();
for ($i = 0; $i < strlen($a) && $i < strlen($b); $i++) {
if ($a[$i] != $b[$i]) {
break;
}
}
$cookie_prefix = substr($a, 0, $i);
$cookie = ocp_admirecookie($cookie_prefix . 'ipb_stronghold');
$stronghold = md5(md5(strval($row['member_id']) . '-' . $ip_octets[0] . '-' . $ip_octets[1] . '-' . $row['member_login_key']) . $crypt_salt);
if ($cookie != $stronghold) {
$out['error'] = do_lang_tempcode('USER_BAD_STRONGHOLD');
return $out;
}
}
} else {
if (!$this->_auth_hashed($row['member_id'], $password_hashed)) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
}
$pos = strpos(get_member_cookie(), 'member_id');
ocp_eatcookie(substr(get_member_cookie(), 0, $pos) . 'session_id');
$out['id'] = $row['member_id'];
return $out;
}
/**
* Create a member login cookie.
*
* @param MEMBER The member id
* @param ?SHORT_TEXT The username (NULL: lookup)
* @param string The password
*/
function forum_create_cookie($id, $name, $password)
{
unset($name);
unset($password);
$member_cookie_name = get_member_cookie();
$colon_pos = strpos($member_cookie_name, ':');
if ($colon_pos !== false) {
$base = substr($member_cookie_name, 0, $colon_pos);
$real_member_cookie = substr($member_cookie_name, $colon_pos + 1);
$real_pass_cookie = substr(get_pass_cookie(), $colon_pos + 1);
$real_session_cookie = 'sid';
} else {
$real_member_cookie = $member_cookie_name;
$real_pass_cookie = get_pass_cookie();
$real_session_cookie = preg_replace('#\\_u$#', '_sid', $real_member_cookie);
}
$hash = substr(uniqid(strval(mt_rand(0, 32000)), true), 0, 17);
$this->connection->query_insert('sessions_keys', array('key_id' => md5($hash), 'user_id' => $id, 'last_ip' => ip2long(get_ip_address()), 'last_login' => time()));
$session_id = uniqid(strval(mt_rand(0, 32000)), true);
$this->connection->query_insert('sessions', array('session_id' => $session_id, 'session_user_id' => $id, 'session_forum_id' => 0, 'session_last_visit' => time(), 'session_start' => time(), 'session_time' => time(), 'session_ip' => get_ip_address(), 'session_browser' => get_browser_string(), 'session_forwarded_for' => '', 'session_page' => '', 'session_viewonline' => 1, 'session_autologin' => 1, 'session_admin' => $this->_is_super_admin($id)));
$cookie = serialize(array($real_member_cookie => strval($id), $real_pass_cookie => $hash, $real_session_cookie => $session_id));
if ($colon_pos !== false) {
ocp_setcookie($base, $cookie);
$_COOKIE[$base] = $cookie;
} else {
ocp_setcookie($real_member_cookie, strval($id));
ocp_setcookie($real_pass_cookie, $hash);
ocp_setcookie($real_session_cookie, $session_id);
$_COOKIE[$real_member_cookie] = strval($id);
$_COOKIE[$real_pass_cookie] = $hash;
$_COOKIE[$real_session_cookie] = $session_id;
}
}
/**
* Create a member login cookie.
*
* @param MEMBER The member id
* @param ?SHORT_TEXT The username (NULL: lookup)
* @param string The password
*/
function forum_create_cookie($id, $name, $password)
{
unset($name);
unset($password);
// User
ocp_setcookie(get_member_cookie(), strval($id));
$_COOKIE[get_member_cookie()] = strval($id);
// Password
$password_hashed_salted = $this->get_member_row_field($id, 'm_pass_hash_salted');
$password_compat_scheme = $this->get_member_row_field($id, 'm_password_compat_scheme');
if ($password_compat_scheme == 'plain') {
$password_hashed_salted = md5($password_hashed_salted);
}
// can't do direct representation for this, would be a plain text cookie; so in forum_authorise_login we expect it to be md5'd and compare thusly (as per non-cookie call to that function)
ocp_setcookie(get_pass_cookie(), $password_hashed_salted);
$_COOKIE[get_pass_cookie()] = $password_hashed_salted;
}
/**
* Create a member login cookie.
*
* @param MEMBER The member id
* @param ?SHORT_TEXT The username (NULL: lookup)
* @param string The password
*/
function forum_create_cookie($id, $name, $password)
{
unset($name);
unset($password);
// User
ocp_setcookie(get_member_cookie(), strval($id));
$_COOKIE[get_member_cookie()] = strval($id);
// Password
$password_hashed = $this->get_member_row_field($id, 'password');
global $SITE_INFO;
$_password = md5($password_hashed . $SITE_INFO['vb_unique_id']);
ocp_setcookie(get_pass_cookie(), $_password);
$_COOKIE[get_pass_cookie()] = $_password;
}
/**
* Do a cookie login.
*
* @return MEMBER Logged in member (NULL: no login happened)
*/
function try_cookie_login()
{
$member = NULL;
// Preprocess if this is a serialized cookie
$member_cookie_name = get_member_cookie();
$bar_pos = strpos($member_cookie_name, '|');
$colon_pos = strpos($member_cookie_name, ':');
if ($colon_pos !== false) {
$base = substr($member_cookie_name, 0, $colon_pos);
if (array_key_exists($base, $_COOKIE) && $_COOKIE[$base] != '') {
$real_member_cookie = substr($member_cookie_name, $colon_pos + 1);
$real_pass_cookie = substr(get_pass_cookie(), $colon_pos + 1);
$the_cookie = $_COOKIE[$base];
if (get_magic_quotes_gpc()) {
$the_cookie = stripslashes($_COOKIE[$base]);
}
secure_serialized_data($the_cookie, array());
$unserialize = @unserialize($the_cookie);
if (is_array($unserialize)) {
if (array_key_exists($real_member_cookie, $unserialize)) {
$the_member = $unserialize[$real_member_cookie];
if (get_magic_quotes_gpc()) {
$the_member = addslashes(@strval($the_member));
}
$_COOKIE[get_member_cookie()] = $the_member;
}
if (array_key_exists($real_pass_cookie, $unserialize)) {
$the_pass = $unserialize[$real_pass_cookie];
if (get_magic_quotes_gpc()) {
$the_pass = addslashes($the_pass);
}
$_COOKIE[get_pass_cookie()] = $the_pass;
}
}
}
} elseif ($bar_pos !== false) {
$base = substr($member_cookie_name, 0, $bar_pos);
if (array_key_exists($base, $_COOKIE) && $_COOKIE[$base] != '') {
$real_member_cookie = substr($member_cookie_name, $bar_pos + 1);
$real_pass_cookie = substr(get_pass_cookie(), $bar_pos + 1);
$the_cookie = $_COOKIE[$base];
if (get_magic_quotes_gpc()) {
$the_cookie = stripslashes($_COOKIE[$base]);
}
$cookie_contents = explode('||', $the_cookie);
$the_member = $cookie_contents[intval($real_member_cookie)];
if (get_magic_quotes_gpc()) {
$the_member = addslashes($the_member);
}
$_COOKIE[get_member_cookie()] = $the_member;
$the_pass = $cookie_contents[intval($real_pass_cookie)];
if (get_magic_quotes_gpc()) {
$the_pass = addslashes($the_pass);
}
$_COOKIE[get_pass_cookie()] = $the_pass;
}
}
if (array_key_exists(get_member_cookie(), $_COOKIE) && array_key_exists(get_pass_cookie(), $_COOKIE)) {
$store = $_COOKIE[get_member_cookie()];
$pass = $_COOKIE[get_pass_cookie()];
if (get_magic_quotes_gpc()) {
$store = stripslashes($store);
$pass = stripslashes($pass);
}
if ($GLOBALS['FORUM_DRIVER']->is_cookie_login_name()) {
$username = $store;
$store = strval($GLOBALS['FORUM_DRIVER']->get_member_from_username($store));
} else {
$username = $GLOBALS['FORUM_DRIVER']->get_username(intval($store));
}
$member = intval($store);
if (!is_guest($member)) {
if ($GLOBALS['FORUM_DRIVER']->is_hashed()) {
// Test password hash
$login_array = $GLOBALS['FORUM_DRIVER']->forum_authorise_login(NULL, $member, $pass, $pass, true);
$member = $login_array['id'];
} else {
// Test password plain
$login_array = $GLOBALS['FORUM_DRIVER']->forum_authorise_login(NULL, $member, apply_forum_driver_md5_variant($pass, $username), $pass, true);
$member = $login_array['id'];
}
if (!is_null($member)) {
global $IS_A_COOKIE_LOGIN;
$IS_A_COOKIE_LOGIN = true;
create_session($member, 0, isset($_COOKIE[get_member_cookie() . '_invisible']) && $_COOKIE[get_member_cookie() . '_invisible'] == '1');
}
}
}
return $member;
}
/**
* Create a member login cookie.
*
* @param MEMBER The member id
* @param ?SHORT_TEXT The username (NULL: lookup)
* @param string The password
*/
function forum_create_cookie($id, $name, $password)
{
unset($name);
unset($password);
$member_cookie_name = get_member_cookie();
$colon_pos = strpos($member_cookie_name, ':');
$base = substr($member_cookie_name, 0, $colon_pos);
$real_member_cookie = substr($member_cookie_name, $colon_pos + 1);
$real_pass_cookie = substr(get_pass_cookie(), $colon_pos + 1);
$hash = substr(uniqid(strval(mt_rand(0, 32000)), true), 0, 17);
$cookie = serialize(array($real_member_cookie => strval($id), $real_pass_cookie => $hash));
$this->connection->query_insert('sessions', array('session_id' => md5($hash), 'session_user_id' => $id, 'session_ip' => ip2long(get_ip_address()), 'session_time' => time()));
ocp_setcookie($base, $cookie);
$_COOKIE[$base] = $cookie;
}
/**
* Process a login.
*
* @param ID_TEXT Username
*/
function handle_active_login($username)
{
global $SESSION_CACHE;
$result = array();
$member_cookie_name = get_member_cookie();
$colon_pos = strpos($member_cookie_name, ':');
if ($colon_pos !== false) {
$base = substr($member_cookie_name, 0, $colon_pos);
$real_member_cookie = substr($member_cookie_name, $colon_pos + 1);
$real_pass_cookie = substr(get_pass_cookie(), $colon_pos + 1);
$serialized = true;
} else {
$real_member_cookie = get_member_cookie();
$base = $real_member_cookie;
$real_pass_cookie = get_pass_cookie();
$serialized = false;
}
$password = trim(post_param('password'));
$login_array = $GLOBALS['FORUM_DRIVER']->forum_authorise_login($username, NULL, apply_forum_driver_md5_variant($password, $username), $password);
$member = $login_array['id'];
// Run hooks, if any exist
$hooks = find_all_hooks('systems', 'upon_login');
foreach (array_keys($hooks) as $hook) {
require_code('hooks/systems/upon_login/' . filter_naughty($hook));
$ob = object_factory('upon_login' . filter_naughty($hook), true);
if (is_null($ob)) {
continue;
}
$ob->run(true, $username, $member);
// true means "a new login attempt"
}
if (!is_null($member)) {
$remember = post_param_integer('remember', 0);
// Create invisibility cookie
if (array_key_exists(get_member_cookie() . '_invisible', $_COOKIE) || $remember == 1) {
$invisible = post_param_integer('login_invisible', 0);
ocp_setcookie(get_member_cookie() . '_invisible', strval($invisible));
$_COOKIE[get_member_cookie() . '_invisible'] = strval($invisible);
}
// Store the cookies
if ($remember == 1) {
global $IS_A_COOKIE_LOGIN;
$IS_A_COOKIE_LOGIN = true;
// Create user cookie
if (method_exists($GLOBALS['FORUM_DRIVER'], 'forum_create_cookie')) {
$GLOBALS['FORUM_DRIVER']->forum_create_cookie($member, NULL, $password);
} else {
if ($GLOBALS['FORUM_DRIVER']->is_cookie_login_name()) {
$name = $GLOBALS['FORUM_DRIVER']->get_username($member);
if ($serialized) {
$result[$real_member_cookie] = $name;
} else {
ocp_setcookie(get_member_cookie(), $name, false, true);
$_COOKIE[get_member_cookie()] = $name;
}
} else {
if ($serialized) {
$result[$real_member_cookie] = $member;
} else {
ocp_setcookie(get_member_cookie(), strval($member), false, true);
$_COOKIE[get_member_cookie()] = strval($member);
}
}
// Create password cookie
if (!$serialized) {
if ($GLOBALS['FORUM_DRIVER']->is_hashed()) {
ocp_setcookie(get_pass_cookie(), apply_forum_driver_md5_variant($password, $username), false, true);
} else {
ocp_setcookie(get_pass_cookie(), $password, false, true);
}
} else {
if ($GLOBALS['FORUM_DRIVER']->is_hashed()) {
$result[$real_pass_cookie] = apply_forum_driver_md5_variant($password, $username);
} else {
$result[$real_pass_cookie] = $password;
}
$_result = serialize($result);
ocp_setcookie($base, $_result, false, true);
}
}
}
// Create session
require_code('users_inactive_occasionals');
create_session($member, 1, post_param_integer('login_invisible', 0) == 1);
} else {
$GLOBALS['SITE_DB']->query_insert('failedlogins', array('failed_account' => substr(trim(post_param('login_username')), 0, 80), 'date_and_time' => time(), 'ip' => get_ip_address()));
$count = $GLOBALS['SITE_DB']->query_value_null_ok_full('SELECT COUNT(*) FROM ' . get_table_prefix() . 'failedlogins WHERE date_and_time>' . strval(time() - 60 * 15) . ' AND ' . db_string_equal_to('ip', get_ip_address()));
if ($count > 30) {
log_hack_attack_and_exit('BRUTEFORCE_LOGIN_HACK');
}
}
}
