function UploadFile($file, $parenttype, $parentid, $cap, $description = '', $temporary = false) { global $loguser, $loguserid; $targetdir = DATA_DIR . 'uploads'; $filedata = $_FILES[$file]; $filename = $filedata['name']; if ($filedata['size'] == 0) { return true; } else { if ($filedata['size'] > $cap) { return false; } else { CleanupUploads(); $randomid = Shake(); $pname = $randomid . '_' . Shake(); $temp = $filedata['tmp_name']; Query("\n\t\t\tINSERT INTO {uploadedfiles} (id, physicalname, filename, description, user, date, parenttype, parentid, downloads, deldate) \n\t\t\tVALUES ({0}, {1}, {2}, {3}, {4}, {5}, {6}, {7}, 0, {8})", $randomid, $pname, $filename, $description, $loguserid, time(), $parenttype, $parentid, $temporary ? time() : 0); $fullpath = $targetdir . '/' . $pname; copy($temp, $fullpath); file_put_contents($fullpath . '.hash', hash_hmac_file('sha256', $fullpath, SALT)); Report("[b]" . $loguser['name'] . "[/] uploaded file \"[b]" . $filename . "[/]\"", false); return $randomid; } } }
function uploadFile($file, $cattype, $cat) { global $loguserid, $uploaddirs, $goodfiles, $badfiles, $userquota, $maxSize; $targetdir = $uploaddirs[$cattype]; $totalsize = foldersize($targetdir); $filedata = $_FILES[$file]; $c = FetchResult("SELECT COUNT(*) FROM {uploader} WHERE filename={0} AND cattype={1} AND user={2} AND deldate=0", $filedata['name'], $cattype, $loguserid); if ($c > 0) { return "You already have a file with this name. Please delete the old copy before uploading a new one."; } if ($filedata['size'] == 0) { if ($filedata['tmp_name'] == '') { return 'No file given.'; } else { return 'File is empty.'; } } if ($filedata['size'] > $maxSize) { return 'File is too large. Maximum size allowed is ' . BytesToSize($maxSize) . '.'; } $randomid = Shake(); $pname = $randomid . '_' . Shake(); $fname = $_FILES['newfile']['name']; $temp = $_FILES['newfile']['tmp_name']; $size = $_FILES['size']['size']; $parts = explode(".", $fname); $extension = end($parts); if ($totalsize + $size > $quot) { Alert(format(__("Uploading \"{0}\" would break the quota."), $fname)); } else { if (in_array(strtolower($extension), $badfiles) || is_array($goodfiles) && !in_array(strtolower($extension), $goodfiles)) { return 'Forbidden file type.'; } else { $description = $_POST['description']; $big_descr = $cat['showindownloads'] ? $_POST['big_description'] : ''; Query("insert into {uploader} (id, filename, description, big_description, date, user, private, category, deldate, physicalname) values ({7}, {0}, {1}, {6}, {2}, {3}, {4}, {5}, 0, {8})", $fname, $description, time(), $loguserid, $privateFlag, $_POST['cat'], $big_descr, $randomid, $pname); copy($temp, $targetdir . "/" . $pname); Report("[b]" . $loguser['name'] . "[/] uploaded file \"[b]" . $fname . "[/]\"" . ($privateFlag ? " (privately)" : ""), $privateFlag); die(header("Location: " . actionLink("uploaderlist", "", "cat=" . $_POST["cat"]))); } } }
} else { $newsalt = Shake(); $sha = doHash($_POST['pass'] . $salt . $newsalt); $sex = validateSex($_POST["sex"]); $rUsers = Query("insert into {users} (name, password, pss, regdate, lastactivity, lastip, email, sex, theme) values ({0}, {1}, {2}, {3}, {3}, {4}, {5}, {6}, {7})", $_POST['name'], $sha, $newsalt, time(), $_SERVER['REMOTE_ADDR'], $_POST['email'], $sex, Settings::get("defaultTheme")); $uid = insertId(); if ($uid == 1) { Query("update {users} set powerlevel = 4 where id = 1"); } recalculateKarma($uid); logAction('register', array('user' => $uid)); $user = Fetch(Query("select * from {users} where id={0}", $uid)); $user["rawpass"] = $_POST["pass"]; $bucket = "newuser"; include "lib/pluginloader.php"; $sessionID = Shake(); setcookie("logsession", $sessionID, 0, $boardroot, "", false, true); Query("INSERT INTO {sessions} (id, user, autoexpire) VALUES ({0}, {1}, {2})", doHash($sessionID . $salt), $user["id"], 0); redirectAction("board"); } } $sexes = array(__("Male"), __("Female"), __("N/A")); $name = ""; if (isset($_POST["name"])) { $name = htmlspecialchars($_POST["name"]); } $email = ""; if (isset($_POST["email"])) { $email = htmlspecialchars($_POST["email"]); } $sex = 2;
?>'; if (file_put_contents('config/database.php', $dbconfig) === FALSE) { die('Error: failed to create the config file. Check the permissions of the user running PHP.' . $footer); } $salt = Shake(24); define('SALT', $salt); $saltfile = '<?php define(\'SALT\', ' . phpescape($salt) . '); ?>'; file_put_contents('config/salt.php', $saltfile); $kurifile = '<?php define(\'KURIKEY\', ' . phpescape(Shake(32)) . '); ?>'; file_put_contents('config/kurikey.php', $kurifile); require 'lib/mysql.php'; require 'lib/mysqlfunctions.php'; $debugMode = 1; Upgrade(); Import('database.sql'); $pss = Shake(16); $sha = hash('sha256', $boardpassword . $salt . $pss, FALSE); Query("insert into {users} (id, name, password, pss, primarygroup, regdate, lastactivity, lastip, email, sex, theme) values ({0}, {1}, {2}, {3}, {4}, {5}, {5}, {6}, {7}, {8}, {9})", 1, $boardusername, $sha, $pss, 4, time(), $_SERVER['REMOTE_ADDR'], '', 2, 'blargboard'); ?> <h3>Your new Blargboard board has been successfully installed!</h3> <br> You should now: <ul> <li>delete install.php and database.sql <li><a href="./?page=login">log in to your board</a> and configure it </ul> <br> Thank you for choosing Blargboard!<br> <br> <?php } else {
Kill(format(__("Your password has been reset to <strong>{0}</strong>. You can use this password to log in to the board. We suggest you change it as soon as possible."), $newPass), __("Password reset")); } else { if ($_POST['action'] == __("Send reset email")) { if ($_POST['mail'] != $_POST['mail2']) { Kill(__("The e-mail addresses you entered don't match, try again.")); } $user = Query("select id, name, password, email, lostkeytimer, pss from {users} where name = {0} and email = {1}", $_POST['name'], $_POST['mail']); if (NumRows($user) != 0) { //Do not disclose info about user e-mail. $user = Fetch($user); if ($user['lostkeytimer'] > time() - 60 * 60) { //wait an hour between attempts Kill(__("To prevent abuse, this function can only be used once an hour."), __("Slow down!")); } //Make a RANDOM reset key. $resetKey = Shake(); $hashedResetKey = doHash($resetKey . $salt . $user["pss"]); $from = Settings::get("mailResetSender"); $to = $user['email']; $subject = format(__("Password reset for {0}"), $user['name']); $message = format(__("A password reset was requested for your user account on {0}."), Settings::get("boardname")) . "\n" . __("If you did not submit this request, this message can be ignored.") . "\n\n" . __("To reset your password, visit the following URL:") . "\n\n" . absoluteActionLink("lostpass", $user['id'], "key={$resetKey}") . "\n\n" . __("This link can be used once."); $headers = "From: " . $from . "\r\n" . "Reply-To: " . $from . "\r\n" . "X-Mailer: PHP"; mail($to, $subject, wordwrap($message, 70), $headers); logAction('lostpass', array('user2' => $user["id"])); Query("update {users} set lostkey = {0}, lostkeytimer = {1} where id = {2}", $hashedResetKey, time(), $user['id']); } Kill(__("Check your email in a moment and follow the link found therein."), __("Reset email sent")); } else { write("\n\t<form action=\"" . actionLink("lostpass") . "\" method=\"post\">\n\t\t<table class=\"outline margin width50\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Lost password") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell2\">\n\t\t\t\t\t<label for=\"un\">" . __("User name") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"cell0\">\n\t\t\t\t\t<input type=\"text\" id=\"un\" name=\"name\" style=\"width: 98%;\" maxlength=\"25\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell2\">\n\t\t\t\t\t<label for=\"em\">" . __("Email address") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"cell1\">\n\t\t\t\t\t<input type=\"email\" id=\"em\" name=\"mail\" style=\"width: 98%;\" maxlength=\"60\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell2\">\n\t\t\t\t\t<label for=\"em\">" . __("Retype email address") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"cell1\">\n\t\t\t\t\t<input type=\"email\" id=\"em\" name=\"mail2\" style=\"width: 98%;\" maxlength=\"60\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell2\">\n\t\t\t\t<td></td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Send reset email") . "\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell1 smallFonts\" colspan=\"2\">\n\t\t\t\t\t" . __("If you did not specify an email address in your profile, you are <em>not</em> out of luck. The old method of contacting an administrator from outside the board is still an option.") . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t</form>\n"); } }
$c = FetchResult("SELECT COUNT(*) FROM {uploader} WHERE filename={0} AND deldate=0", $_FILES['newfile']['name']); if ($c > 0) { Kill("The file '{$_FILES['newfile']['name']}' already exists. Please delete the old copy before uploading a new one."); } if ($_FILES['newfile']['size'] == 0) { if ($_FILES['newfile']['tmp_name'] == "") { Alert(__("No file given.")); } else { Alert(__("File is empty.")); } } else { if ($_FILES['newfile']['size'] > Settings::pluginGet('uploaderMaxFileSize') * 1024 * 1024) { Alert(format(__("File is too large. Maximum size is {0}."), BytesToSize(Settings::pluginGet('uploaderMaxFileSize') * 1024 * 1024))); } else { $randomid = Shake(); $pname = $randomid . '_' . Shake(); $fname = $_FILES['newfile']['name']; $temp = $_FILES['newfile']['tmp_name']; $size = $_FILES['size']['size']; $parts = explode(".", $fname); $extension = end($parts); if ($totalsize + $size > $quot) { Alert(format(__("Uploading \"{0}\" would break the quota."), $fname)); } else { if (in_array(strtolower($extension), $badfiles) || is_array($goodfiles) && !in_array(strtolower($extension), $goodfiles)) { Alert(__("Forbidden file type.")); } else { $description = $_POST['description']; $big_descr = $cat['showindownloads'] ? $_POST['big_description'] : ''; Query("insert into {uploader} (id, filename, description, big_description, date, user, private, category, deldate, physicalname) values ({7}, {0}, {1}, {6}, {2}, {3}, {4}, {5}, 0, {8})", $fname, $description, time(), $loguserid, $privateFlag, $_POST['cat'], $big_descr, $randomid, $pname); copy($temp, $targetdir . "/" . $pname);
function HandlePassword($field, $item) { global $sets, $user, $loguser, $loguserid; if ($_POST[$field] != "" && $_POST['repeat' . $field] != "" && $_POST['repeat' . $field] !== $_POST[$field]) { return __("To change your password, you must type it twice without error."); } if ($_POST[$field] != "" && $_POST['repeat' . $field] == "") { $_POST[$field] = ""; } if ($_POST[$field]) { $newsalt = Shake(); $sha = doHash($_POST[$field] . SALT . $newsalt); $_POST[$field] = $sha; $sets[] = "pss = '" . $newsalt . "'"; //Now logout all the sessions that aren't this one, for security. Query("DELETE FROM {sessions} WHERE id != {0} and user = {1}", doHash($_COOKIE['logsession'] . SALT), $user['id']); } return false; }
function HandlePassword($field, $item) { global $fallToEditor, $sets, $salt, $user, $loguser, $loguserid; if ($_POST[$field] != "" && $_POST['repeat' . $field] != "" && $_POST['repeat' . $field] != $_POST[$field]) { $fallToEditor = true; return __("To change your password, you must type it twice without error."); } else { if ($_POST[$field] != "" && $_POST['repeat' . $field] == "") { $_POST[$field] = ""; } } if ($_POST[$field]) { $newsalt = Shake(); $sha = hash("sha256", $_POST[$field] . $salt . $newsalt, FALSE); if ($user['id'] == $loguser['id']) { $logdata['loguserid'] = $user['id']; $logdata['bull'] = hash('sha256', $user['id'] . $sha . $salt . $newsalt, FALSE); $logdata_s = base64_encode(serialize($logdata)); setcookie("logdata", $logdata_s, 2147483647, "", "", false, true); } $_POST[$field] = $sha; $sets[] = "pss = '" . $newsalt . "'"; } }