/**
* Standard modular run function for OcCLE hooks.
*
* @param array The options with which the command was called
* @param array The parameters with which the command was called
* @param array A reference to the OcCLE filesystem object
* @return array Array of stdcommand, stdhtml, stdout, and stderr responses
*/
function run($options, $parameters, &$occle_fs)
{
if (array_key_exists('h', $options) || array_key_exists('help', $options)) {
return array('', do_command_help('reset', array('h'), array()), '', '');
} else {
ocp_eatcookie('occle_dir');
ocp_eatcookie('occle_state');
return array('', '', do_lang('SUCCESS'), '');
}
}
/**
* Find if the given member id and password is valid. If username is NULL, then the member id is used instead.
* All authorisation, cookies, and form-logins, are passed through this function.
* Some forums do cookie logins differently, so a Boolean is passed in to indicate whether it is a cookie login.
*
* @param ?SHORT_TEXT The member username (NULL: don't use this in the authentication - but look it up using the ID if needed)
* @param MEMBER The member id
* @param MD5 The md5-hashed password
* @param string The raw password
* @param boolean Whether this is a cookie login
* @return array A map of 'id' and 'error'. If 'id' is NULL, an error occurred and 'error' is set
*/
function forum_authorise_login($username, $memberid, $password_hashed, $password_raw, $cookie_login = false)
{
unset($cookie_login);
$out = array();
$out['id'] = NULL;
if (is_null($memberid)) {
$rows = $this->connection->query_select('users', array('*'), array('username' => $username), '', 1);
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['userid']] = $rows[0];
}
} else {
$rows[0] = $this->get_member_row($memberid);
}
if (!array_key_exists(0, $rows)) {
$out['error'] = do_lang_tempcode('_USER_NO_EXIST', $username);
return $out;
}
$row = $rows[0];
if ($this->is_banned($row['userid'])) {
$out['error'] = do_lang_tempcode('USER_BANNED');
return $out;
}
if ($row['password'] != $password_hashed) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
ocp_eatcookie('cookiehash');
$out['id'] = $row['userid'];
return $out;
}
/**
* Find if the given member id and password is valid. If username is NULL, then the member id is used instead.
* All authorisation, cookies, and form-logins, are passed through this function.
* Some forums do cookie logins differently, so a Boolean is passed in to indicate whether it is a cookie login.
*
* @param ?SHORT_TEXT The member username (NULL: don't use this in the authentication - but look it up using the ID if needed)
* @param MEMBER The member id
* @param MD5 The md5-hashed password
* @param string The raw password
* @param boolean Whether this is a cookie login
* @return array A map of 'id' and 'error'. If 'id' is NULL, an error occurred and 'error' is set
*/
function forum_authorise_login($username, $userid, $password_hashed, $password_raw, $cookie_login = false)
{
$out = array();
$out['id'] = NULL;
if (is_null($userid)) {
$rows = $this->connection->query_select('users', array('*'), array('username_clean' => strtolower($username)), '', 1);
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['user_id']] = $rows[0];
}
} else {
$rows[0] = $this->get_member_row($userid);
}
if (!array_key_exists(0, $rows)) {
$out['error'] = do_lang_tempcode('_USER_NO_EXIST', $username);
return $out;
}
$row = $rows[0];
if ($this->is_banned($row['user_id'])) {
$out['error'] = do_lang_tempcode('USER_BANNED');
return $out;
}
if ($cookie_login) {
$lookup = $this->connection->query_value_null_ok('sessions_keys', 'user_id', array('key_id' => md5($password_raw)));
if ($row['user_id'] !== $lookup) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
} else {
if ($row['user_password'] != $password_hashed) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
}
$pos = strpos(get_member_cookie(), '_data:userid');
if ($pos !== false) {
ocp_eatcookie(substr(get_member_cookie(), 0, $pos) . '_sid');
}
$out['id'] = $row['user_id'];
return $out;
}
/**
* Find if the given member id and password is valid. If username is NULL, then the member id is used instead.
* All authorisation, cookies, and form-logins, are passed through this function.
* Some forums do cookie logins differently, so a Boolean is passed in to indicate whether it is a cookie login.
*
* @param ?SHORT_TEXT The member username (NULL: don't use this in the authentication - but look it up using the ID if needed)
* @param MEMBER The member id
* @param MD5 The md5-hashed password
* @param string The raw password
* @param boolean Whether this is a cookie login
* @return array A map of 'id' and 'error'. If 'id' is NULL, an error occurred and 'error' is set
*/
function forum_authorise_login($username, $userid, $password_hashed, $password_raw, $cookie_login = false)
{
$out = array();
$out['id'] = NULL;
if (is_null($userid)) {
$rows = $this->connection->query_select('members', array('*'), array('name' => $this->ipb_escape($username)), '', 1);
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['member_id']] = $rows[0];
} else {
$rows = $this->connection->query_select('members', array('*'), array('members_display_name' => $this->ipb_escape($username)), '', 1);
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['member_id']] = $rows[0];
}
}
} else {
$rows[0] = $this->get_member_row($userid);
}
if (!array_key_exists(0, $rows)) {
$out['error'] = do_lang_tempcode('_USER_NO_EXIST', $username);
return $out;
}
$row = $rows[0];
if ($row['member_banned'] == 1) {
$out['error'] = do_lang_tempcode('USER_BANNED');
return $out;
}
if ($cookie_login) {
if ($password_hashed != $row['member_login_key']) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
// Check stronghold
global $SITE_INFO;
if (array_key_exists('stronghold_cookies', $SITE_INFO) && $SITE_INFO['stronghold_cookies'] == 1) {
$ip_octets = explode('.', ocp_srv('REMOTE_ADDR'));
$crypt_salt = md5(get_db_forums_password() . get_db_forums_user());
$a = get_member_cookie();
$b = get_pass_cookie();
for ($i = 0; $i < strlen($a) && $i < strlen($b); $i++) {
if ($a[$i] != $b[$i]) {
break;
}
}
$cookie_prefix = substr($a, 0, $i);
$cookie = ocp_admirecookie($cookie_prefix . 'ipb_stronghold');
$stronghold = md5(md5(strval($row['member_id']) . '-' . $ip_octets[0] . '-' . $ip_octets[1] . '-' . $row['member_login_key']) . $crypt_salt);
if ($cookie != $stronghold) {
$out['error'] = do_lang_tempcode('USER_BAD_STRONGHOLD');
return $out;
}
}
} else {
if (!$this->_auth_hashed($row['member_id'], $password_hashed)) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
}
$pos = strpos(get_member_cookie(), 'member_id');
ocp_eatcookie(substr(get_member_cookie(), 0, $pos) . 'session_id');
$out['id'] = $row['member_id'];
return $out;
}
/**
* Find if the given member id and password is valid. If username is NULL, then the member id is used instead.
* All authorisation, cookies, and form-logins, are passed through this function.
* Some forums do cookie logins differently, so a Boolean is passed in to indicate whether it is a cookie login.
*
* @param ?SHORT_TEXT The member username (NULL: don't use this in the authentication - but look it up using the ID if needed)
* @param MEMBER The member id
* @param MD5 The md5-hashed password
* @param string The raw password
* @param boolean Whether this is a cookie login
* @return array A map of 'id' and 'error'. If 'id' is NULL, an error occurred and 'error' is set
*/
function forum_authorise_login($username, $userid, $password_hashed, $password_raw, $cookie_login = false)
{
$out = array();
$out['id'] = NULL;
if (is_null($userid)) {
$rows = $this->connection->query_select('user', array('*'), array('username' => $username), '', 1);
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['userid']] = $rows[0];
}
} else {
$rows[0] = $this->get_member_row($userid);
}
if (!array_key_exists(0, $rows)) {
$out['error'] = do_lang_tempcode('_USER_NO_EXIST', $username);
return $out;
}
$row = $rows[0];
if ($this->is_banned($row['userid'])) {
$out['error'] = do_lang_tempcode('USER_BANNED');
return $out;
}
global $SITE_INFO;
if (!(md5($row['password'] . $SITE_INFO['vb_unique_id']) == $password_hashed && $cookie_login || !$cookie_login && $row['password'] == md5($password_hashed . $row['salt']))) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
ocp_eatcookie('sessionhash');
$out['id'] = $row['userid'];
return $out;
}
/**
* Find if the given member id and password is valid. If username is NULL, then the member id is used instead.
* All authorisation, cookies, and form-logins, are passed through this function.
* Some forums do cookie logins differently, so a Boolean is passed in to indicate whether it is a cookie login.
*
* @param ?SHORT_TEXT The member username (NULL: don't use this in the authentication - but look it up using the ID if needed)
* @param MEMBER The member id
* @param MD5 The md5-hashed password
* @param string The raw password
* @param boolean Whether this is a cookie login
* @return array A map of 'id' and 'error'. If 'id' is NULL, an error occurred and 'error' is set
*/
function forum_authorise_login($username, $userid, $password_hashed, $password_raw, $from_cookie = false)
{
$out = array();
$out['id'] = NULL;
if (is_null($userid)) {
$rows = $this->connection->query_select('members', array('*'), array('memberName' => $username), '', 1);
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['ID_MEMBER']] = $rows[0];
} else {
$rows = $this->connection->query_select('members', array('*'), array('realName' => $username), '', 1);
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['ID_MEMBER']] = $rows[0];
}
}
} else {
$rows[0] = $this->get_member_row($userid);
}
if (!array_key_exists(0, $rows)) {
$out['error'] = do_lang_tempcode('_USER_NO_EXIST', $username);
return $out;
}
$row = $rows[0];
if ($this->is_banned($row['ID_MEMBER'])) {
$out['error'] = do_lang_tempcode('USER_BANNED');
return $out;
}
$GLOBALS['SMF_NEW'] = array_key_exists('pm_ignore_list', $row) && function_exists('sha1');
// Main authentication
$bits = explode('::', $password_hashed);
if (!array_key_exists(1, $bits)) {
$bits[1] = $bits[0];
}
$test1 = (!$GLOBALS['SMF_NEW'] || !function_exists('sha1')) && ($from_cookie && $this->forum_md5($row['passwd'], 'ys', true) == $bits[0] || !$from_cookie && $row['passwd'] == $bits[0]);
$test2 = $GLOBALS['SMF_NEW'] && function_exists('sha1') && ($from_cookie && sha1($row['passwd'] . $row['passwordSalt']) == $bits[1] || !$from_cookie && $row['passwd'] == $bits[1]);
if (!$test1 && !$test2) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
ocp_eatcookie('PHPSESSID');
$out['id'] = $row['ID_MEMBER'];
return $out;
}
/**
* Process a logout.
*/
function handle_active_logout()
{
// Kill cookie
// $expire=time()-300;
$member_cookie_name = get_member_cookie();
$colon_pos = strpos($member_cookie_name, ':');
if ($colon_pos !== false) {
$base = substr($member_cookie_name, 0, $colon_pos);
} else {
$real_member_cookie = get_member_cookie();
$base = $real_member_cookie;
}
ocp_eatcookie($base);
unset($_COOKIE[$base]);
// Kill session
$session = get_session_id();
if ($session != -1) {
delete_session($session);
}
}
