function mystery_process_authentication()
{
// this function processes a user's authentication, displaying login forms,
// error messages, etc.
global $_MYSTERY;
if (@$_SESSION['is_logged_in'] == 'yes') {
return;
}
mystery_setup_default_session();
if (@$_REQUEST['username'] == '' || @$_REQUEST['password'] == '') {
// the user didn't send a password / username, so just display the form
mystery_header();
mystery_display_authentication_form();
mystery_footer();
} else {
// user provided some authentication information, attempt to authenticate
if (!mystery_auth($_REQUEST['username'], $_REQUEST['password'])) {
// user couldn't be authenticated, display error message and login box again
mystery_header();
mystery_display_user_error('You entered an invalid username or password, or cannot login from your current location. Please try again.');
mystery_display_authentication_form();
mystery_footer();
}
}
}
// mystery_db_connect();
// use our custom session handlers instead of the PHP defaults
session_set_save_handler('mystery_session_open', 'mystery_session_close', 'mystery_session_read', 'mystery_session_write', 'mystery_session_destroy', 'mystery_session_gc');
// start the session
session_name($portal_config['session_name']);
session_start();
// allow the users to use the back button
header('Cache-control: private');
// use our custom error handler instead of the PHP default
set_error_handler('mystery_error_handler');
// catch all possible errors
ini_set('error_reporting', E_ALL);
// start the timer
mystery_time_results('start');
// configure the application
if (!mystery_configure()) {
if (mystery_check_installation_status()) {
mystery_header();
mystery_display_user_error('Configuration Problem');
echo '
<p>Could not load the main system configuration. The system
Administrator should verify that the system is correctly
installed and configured.</p>
';
mystery_footer();
} else {
mystery_header();
mystery_display_installation_options();
mystery_footer();
}
}
function mystery_get_table_configuration($table_id)
{
// this function gets the configuration information for a particular
// table and places it in the $_MYSTERY['table_info'] array. If the
// info already exists, the function just returns.
global $_MYSTERY;
// put in an array like this $tables[$table_id]['key'] = $value;
if (isset($_MYSTERY['table_info'][$table_id])) {
return;
}
// Query to see if this user has access to this table.
if ($_SESSION['is_administrator'] == 'yes') {
$query = 'SELECT * FROM ' . $_MYSTERY['table_prefix'] . 'tables WHERE table_id = ?';
$params = array($table_id);
} else {
$query = 'SELECT * FROM ' . $_MYSTERY['table_prefix'] . 'groups_tables AS gtt LEFT JOIN ' . $_MYSTERY['table_prefix'] . 'tables AS tt ON gtt.table_id=tt.table_id WHERE gtt.table_id = ? AND group_id IN ("' . implode('","', $_SESSION['user_groups']) . '") ORDER BY access_type DESC';
$params = array($table_id);
}
$table_info = mystery_select_query($query, $params);
if (count($table_info) == 0) {
// user has selected a table that he doesn't have access to. Bad user...
mystery_log_violation('Purple', 'User entered a table_id they did not have access to');
}
// We only get the first row. If a user is in more than one group that has access to
// this table, results will be unpredictable. The results are sorted by type, so if a
// user has table access in one of the groups, it should show up above the row level access.
$_MYSTERY['table_info'][$table_id]['database'] = $table_info[0]['table_database'];
$_MYSTERY['table_info'][$table_id]['real_name'] = $table_info[0]['table_real_name'];
$_MYSTERY['table_info'][$table_id]['display_name'] = $table_info[0]['table_display_name'];
$_MYSTERY['table_info'][$table_id]['display_comment'] = $table_info[0]['table_display_comment'];
$_MYSTERY['table_info'][$table_id]['display_data_word'] = $table_info[0]['table_display_data_word'];
$_MYSTERY['table_info'][$table_id]['display_field_type'] = $table_info[0]['table_display_field_type'];
$_MYSTERY['table_info'][$table_id]['display_functions'] = $table_info[0]['table_display_functions'];
$_MYSTERY['table_info'][$table_id]['default_action'] = $table_info[0]['table_default_action'];
$_MYSTERY['table_info'][$table_id]['default_query'] = $table_info[0]['table_default_query'];
$_MYSTERY['table_info'][$table_id]['default_order_field'] = $table_info[0]['table_default_order_field'];
$_MYSTERY['table_info'][$table_id]['default_reverse_sort'] = $table_info[0]['table_default_reverse_sort'];
$_MYSTERY['table_info'][$table_id]['default_display'] = $table_info[0]['table_default_display'];
$_MYSTERY['table_info'][$table_id]['default_display_fields'] = $table_info[0]['table_default_display_fields'];
$_MYSTERY['table_info'][$table_id]['default_display_rows'] = $table_info[0]['table_default_display_rows'];
$_MYSTERY['table_info'][$table_id]['default_display_width'] = $table_info[0]['table_default_display_width'];
$_MYSTERY['table_info'][$table_id]['primary_key'] = $table_info[0]['table_primary_key'];
$_MYSTERY['table_info'][$table_id]['owner_key'] = $table_info[0]['table_owner_key'];
$_MYSTERY['table_info'][$table_id]['owner_type'] = $table_info[0]['table_owner_type'];
$_MYSTERY['table_info'][$table_id]['is_many_to_many'] = $table_info[0]['table_is_many_to_many'];
if ($_SESSION['is_administrator'] == 'yes') {
// allow administrator all access
$_MYSTERY['table_info'][$table_id]['access_type'] = 'table';
$_MYSTERY['table_info'][$table_id]['select_access'] = 'yes';
$_MYSTERY['table_info'][$table_id]['insert_access'] = 'yes';
$_MYSTERY['table_info'][$table_id]['update_access'] = 'yes';
$_MYSTERY['table_info'][$table_id]['delete_access'] = 'yes';
$_MYSTERY['table_info'][$table_id]['effective_group_id'] = '1';
} else {
// set access depending on the user's group's permissions
$_MYSTERY['table_info'][$table_id]['access_type'] = $table_info[0]['access_type'];
$_MYSTERY['table_info'][$table_id]['select_access'] = $table_info[0]['select_access'];
$_MYSTERY['table_info'][$table_id]['insert_access'] = $table_info[0]['insert_access'];
$_MYSTERY['table_info'][$table_id]['update_access'] = $table_info[0]['update_access'];
$_MYSTERY['table_info'][$table_id]['delete_access'] = $table_info[0]['delete_access'];
$_MYSTERY['table_info'][$table_id]['effective_group_id'] = $table_info[0]['group_id'];
}
if ($_MYSTERY['table_info'][$table_id]['select_access'] != 'yes' && $_MYSTERY['table_info'][$table_id]['insert_access'] != 'yes' && $_MYSTERY['table_info'][$table_id]['update_access'] != 'yes' && $_MYSTERY['table_info'][$table_id]['delete_access'] != 'yes') {
mystery_display_user_error('Cannot access ' . $_MYSTERY['word_that_means_table']);
echo '
<p>The groups that you are a member of do not have any access to
the ' . $_MYSTERY['word_that_means_table'] . ':
' . $_MYSTERY['table_info'][$table_id]['display_name'] . '</p>
';
mystery_display_admin_contact_info();
mystery_footer();
}
// Get all of the related items for this table
mystery_get_table_owners_list($table_id);
mystery_get_table_custom_menu_items($table_id);
mystery_get_table_custom_actions($table_id);
mystery_get_table_foreign_keys($table_id);
mystery_get_table_hidden_fields($table_id);
mystery_get_table_view_only_fields($table_id);
mystery_get_table_binary_fields($table_id);
mystery_get_table_custom_triggers($table_id);
mystery_get_table_related_tables($table_id);
mystery_get_table_portal_relation_1($table_id);
mystery_get_table_portal_relation_2($table_id);
}
function mystery_log_violation($code, $message = '')
{
// This function process a serious error/violation
global $_MYSTERY;
$types['Red'] = 'Spoofed User';
$types['Orange'] = 'Spoofed File';
$types['Yellow'] = 'Spoofed Action';
$types['Green'] = 'Illegal Query';
$types['Blue'] = 'Virus Upload';
$types['Purple'] = 'Spoofed Table';
$types['Brown'] = 'Illegal Many To Many Addition';
ob_start();
echo "SERVER: ";
print_r($_SERVER);
echo "SESSION: ";
print_r($_SESSION);
echo "REQUEST: ";
print_r($_REQUEST);
$context = ob_get_contents();
ob_end_clean();
$table = $_MYSTERY['table_prefix'] . 'security_log';
$data['exception_type'] = $types[$code] . ' - ' . $message;
$data['exception_code'] = $code;
$data['user_id'] = $_SESSION['user_id'];
$data['user_ip_address'] = $_SERVER['REMOTE_ADDR'];
$data['user_action'] = $_REQUEST['action'];
$data['user_time'] = date('Y-m-d h:i:s');
$data['user_request'] = $_SERVER['REQUEST_URI'];
$data['user_variables'] = $context;
$log_id = mystery_insert_query($table, $data, 'record_id');
// Prepare error string
$error_parts = array();
while (list($key, $value) = each($data)) {
$error_parts[] .= ucwords(str_replace('_', ' ', $key)) . ': ' . $value;
}
$error_string = implode("\n", $error_parts) . "\n\n";
mystery_log_error_to_file('security_log', $error_string);
// make them wait a couple seconds so they won't automate the attack
sleep(2);
mystery_header();
echo '
<h1>Access Denied</h1>
<p>Sorry, but the account you arelogged in as cannot perform the requested action. (<em>Code: ', $code, '</em>)</p>
';
mystery_display_admin_contact_info();
if ($code == 'Blue') {
echo '<p>The file you tried to upload is infected with a <strong>virus</strong>.
Please <strong>disinfect the file</strong> and try again.</p>
<p><code>', $_MYSTERY['virus_feedback'], '</code></p>';
}
mystery_footer();
}
