Exemple #1
0
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false)
{
    global $lang, $config, $usrcp, $userinfo;
    global $script_path, $script_encoding, $script_srv, $script_db, $script_user, $script_pass, $script_prefix;
    //check for last slash /
    if (isset($script_path)) {
        if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') {
            $script_path = substr($script_path, 0, strlen($script_path));
        }
        //get some useful data from phbb config file
        if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) {
            include PATH . $script_path . SCRIPT_CONFIG_PATH;
            $forum_srv = $dbhost;
            $forum_db = $dbname;
            $forum_user = $dbuser;
            $forum_pass = $dbpasswd;
            $forum_prefix = $table_prefix;
            if (empty($dbhost)) {
                $forum_srv = 'localhost';
            }
            if (!empty($dbport)) {
                $forum_srv .= ':' . $dbport;
            }
        } else {
            big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'phpBB3'));
        }
    } else {
        $forum_srv = $script_srv;
        $forum_db = $script_db;
        $forum_user = $script_user;
        $forum_pass = $script_pass;
        $forum_prefix = $script_prefix;
    }
    //if no variables of db
    if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) {
        return;
    }
    //conecting ...
    $SQLBB = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true);
    $SQLBB->set_names('utf8');
    unset($forum_pass);
    // We do not need this any longer
    //get utf tools
    global $phpbb_root_path, $phpEx;
    $phpbb_root_path = PATH . $script_path . '/';
    $phpEx = 'php';
    define('IN_PHPBB', true);
    include_once PATH . $script_path . '/includes/utf/utf_tools.' . $phpEx;
    $row_leve = 'user_type';
    $admin_level = 3;
    $query2 = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}users`");
    $query2['WHERE'] = $hashed ? "user_id=" . intval($name) . "  AND user_password='******' " : "username_clean='" . $SQLBB->escape(utf8_clean_string($name)) . "'";
    if ($return_name) {
        $query2['SELECT'] = "username";
        $query2['WHERE'] = "user_id=" . intval($name);
    }
    $query = '';
    if (!$hashed) {
        $result2 = $SQLBB->build($query2);
        while ($row = $SQLBB->fetch($result2)) {
            $SQLBB->free($result2);
            if ($return_name) {
                return $row['username'];
            } else {
                if (phpbb_check_hash($pass, $row['user_password'])) {
                    $query = $query2;
                }
            }
        }
    } else {
        $query = $query2;
    }
    if (empty($query)) {
        $SQLBB->close();
        return false;
    }
    ($hook = $plugin->run_hook('qr_select_usrdata_phpbb_usr_class')) ? eval($hook) : null;
    //run hook
    $result = $SQLBB->build($query);
    if ($SQLBB->num($result) != 0) {
        while ($row = $SQLBB->fetch($result)) {
            if ($SQLBB->num($SQLBB->query("SELECT ban_userid FROM `{$forum_prefix}banlist` WHERE ban_userid=" . intval($row['user_id']))) == 0) {
                if (!$loginadm) {
                    define('USER_ID', $row['user_id']);
                    define('GROUP_ID', $row[$row_leve] == $admin_level ? '1' : '3');
                    define('USER_NAME', $row['username']);
                    define('USER_MAIL', $row['user_email']);
                    if ($row[$row_leve] == $admin_level) {
                        define('USER_ADMIN', true);
                    }
                }
                $userinfo = $row;
                $userinfo['group_id'] = $row[$row_leve] == $admin_level ? '1' : '3';
                $user_y = kleeja_base64_encode(serialize(array('id' => $row['user_id'], 'name' => $row['username'], 'mail' => $row['user_email'], 'last_visit' => time())));
                if (!$hashed && !$loginadm) {
                    $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['user_id'] . '|' . $row['user_password'] . '|' . $expire . '|' . sha1(md5($config['h_key'] . $row['user_password']) . $expire) . '|' . ($row[$row_leve] == $admin_level ? '1' : '3') . '|' . $user_y), $expire);
                }
                ($hook = $plugin->run_hook('qr_while_usrdata_phpbb_usr_class')) ? eval($hook) : null;
                //run hook
            } else {
                //he is banned from phpBB
                $SQLBB->free($result);
                unset($pass);
                $SQLBB->close();
                return false;
            }
        }
        $SQLBB->free($result);
        unset($pass);
        $SQLBB->close();
        return true;
    } else {
        $SQLBB->free($result);
        $SQLBB->close();
        return false;
    }
    //dont know why they come here !
    return false;
}
Exemple #2
0
//select language from user-agent
$lg = addslashes(substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2));
if (isset($lg)) {
    if (file_exists($root_path . 'includes/langs/' . $lg . '.php')) {
        require $root_path . 'includes/langs/' . $lg . '.php';
    } else {
        require $root_path . 'includes/langs/ar.php';
    }
} else {
    require $root_path . 'includes/langs/ar.php';
}
if (defined('DEV_STAGE')) {
    $tpl->caching = false;
}
//phpquran session id
$session = $SQL->escape(session_id());
// ...header ..  i like it ;)
header('Content-type: text/html; charset=UTF-8');
header('Cache-Control: private, no-cache="set-cookie"');
header('Expires: 0');
header('Pragma: no-cache');
//check style
if (!isset($config['style']) || empty($config['style'])) {
    $config['style'] = 'default';
}
$STYLE_PATH = PATH . 'styles/' . $config['style'] . '/';
$STYLE_PATH_ADMIN = PATH . 'admin/admin_style/';
//site close ..
$login_page = '';
if ($config['siteclose'] == '1' && !is_admin()) {
    // Send a 503 HTTP response code to prevent search bots from indexing the maintenace message
Exemple #3
0
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false)
{
    global $lang, $config, $usrcp, $userinfo;
    global $script_path, $script_cp1256, $script_srv, $script_db, $script_user, $script_pass, $script_prefix, $script_db_charset;
    if (isset($script_path)) {
        //check for last slash
        if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') {
            $script_path = substr($script_path, 0, strlen($script_path));
        }
        //get some useful data from vb config file
        if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) {
            require_once PATH . $script_path . SCRIPT_CONFIG_PATH;
            //
            //get config from config file
            //
            $forum_srv = $config['MasterServer']['servername'];
            $forum_db = $config['Database']['dbname'];
            $forum_user = $config['MasterServer']['username'];
            $forum_pass = $config['MasterServer']['password'];
            $forum_prefix = $config['Database']['tableprefix'];
            if ($config['MasterServer']['port'] != 3306) {
                $forum_srv .= ':' . $config['MasterServer']['port'];
            }
            //some people change their db charset
            if (isset($config['Mysqli']['charset'])) {
                $forum_db_charset = $config['Mysqli']['charset'];
            }
        } else {
            big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'Vbulletin'));
        }
    } else {
        //
        //custom config data
        //
        $forum_srv = $script_srv;
        $forum_db = $script_db;
        $forum_user = $script_user;
        $forum_pass = $script_pass;
        $forum_prefix = $script_prefix;
        //some people change their db charset
        if (isset($script_db_charset)) {
            $forum_db_charset = $script_db_charset;
        }
    }
    if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) {
        return;
    }
    $SQLVB = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true);
    if (isset($forum_db_charset)) {
        //config
        $SQLVB->set_names($forum_db_charset);
    } else {
        $SQLVB->set_names('latin1');
    }
    unset($forum_pass);
    // We do not need this any longer
    $pass = empty($script_cp1256) || !$script_cp1256 ? $pass : $usrcp->kleeja_utf8($pass, false);
    $name = empty($script_cp1256) || !$script_cp1256 || $hashed ? $name : $usrcp->kleeja_utf8($name, false);
    $query_salt = array('SELECT' => $hashed ? '*' : 'salt', 'FROM' => "`{$forum_prefix}user`");
    $query_salt['WHERE'] = $hashed ? "userid=" . intval($name) . " AND password='******' AND usergroupid != '8'" : "username='******' AND usergroupid != '8'";
    //if return only name let's ignore the obove
    if ($return_name) {
        $query_salt['SELECT'] = "username";
        $query_salt['WHERE'] = "userid=" . intval($name);
    }
    ($hook = $plugin->run_hook('qr_select_usrdata_vb_usr_class')) ? eval($hook) : null;
    //run hook
    $result_salt = $SQLVB->build($query_salt);
    if ($SQLVB->num($result_salt) > 0) {
        while ($row1 = $SQLVB->fetch($result_salt)) {
            if ($return_name) {
                return empty($script_cp1256) || !$script_cp1256 ? $row1['username'] : $usrcp->kleeja_utf8($row1['username']);
            }
            if (!$hashed) {
                $pass = md5(md5($pass) . $row1['salt']);
                // without normal md5
                $query = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}user`", 'WHERE' => "username='******' AND password='******' AND usergroupid != '8'");
                $result = $SQLVB->build($query);
                if ($SQLVB->num($result) != 0) {
                    while ($row = $SQLVB->fetch($result)) {
                        if (!$loginadm) {
                            define('USER_ID', $row['userid']);
                            define('GROUP_ID', $row['usergroupid'] == 6 ? 1 : 3);
                            define('USER_NAME', empty($script_cp1256) || !$script_cp1256 ? $row['username'] : $usrcp->kleeja_utf8($row['username']));
                            define('USER_MAIL', $row['email']);
                            define('USER_ADMIN', $row['usergroupid'] == 6 ? 1 : 0);
                        }
                        //define('LAST_VISIT',$row['last_visit']);
                        $userinfo = $row;
                        $userinfo['group_id'] = $row['usergroupid'] == 6 ? 1 : 3;
                        $user_y = kleeja_base64_encode(serialize(array('id' => $row['userid'], 'name' => USER_NAME, 'mail' => $row['email'], 'last_visit' => time())));
                        $hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire);
                        if (!$loginadm) {
                            $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['userid'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . ($row['usergroupid'] == 6 ? 1 : 3) . '|' . $user_y), $expire);
                        }
                        ($hook = $plugin->run_hook('qr_while_usrdata_vb_usr_class')) ? eval($hook) : null;
                        //run hook
                    }
                    $SQLVB->free($result);
                } else {
                    $SQLVB->close();
                    return false;
                }
            } else {
                if (!$loginadm) {
                    define('USER_ID', $row1['userid']);
                    define('USER_NAME', empty($script_cp1256) || !$script_cp1256 ? $row1['username'] : $usrcp->kleeja_utf8($row1['username']));
                    define('USER_MAIL', $row1['email']);
                    define('USER_ADMIN', $row1['usergroupid'] == 6 ? 1 : 0);
                    define('GROUP_ID', $row1['usergroupid'] == 6 ? 1 : 3);
                    $userinfo = $row1;
                    $userinfo['group_id'] = $row1['usergroupid'] == 6 ? 1 : 3;
                }
            }
        }
        #whil1
        $SQLVB->free($result_salt);
        unset($pass);
        $SQLVB->close();
        return true;
    } else {
        $SQLVB->close();
        return false;
    }
}
     echo $footer_inst;
     exit;
 }
 if (strpos($_POST['email'], '@') === false) {
     echo $lang['WRONG_EMAIL'];
     echo $footer_inst;
     exit;
 }
 //connect .. for check
 $SQL = new SSQL($dbserver, $dbuser, $dbpass, $dbname);
 include_once '../includes/usr.php';
 include_once '../includes/functions_alternative.php';
 $usrcp = new usrcp();
 $user_salt = substr(kleeja_base64_encode(pack("H*", sha1(mt_rand()))), 0, 7);
 $user_pass = $usrcp->kleeja_hash_password($_POST['password'] . $user_salt);
 $user_name = $SQL->escape($_POST['username']);
 $user_mail = $SQL->escape($_POST['email']);
 $config_sitename = $SQL->escape($_POST['sitename']);
 $config_siteurl = $SQL->escape($_POST['siteurl']);
 $config_sitemail = $SQL->escape($_POST['sitemail']);
 $config_style = $SQL->escape($_POST['style']);
 $config_urls_type = in_array($_POST['urls_type'], array('id', 'filename', 'direct')) ? $_POST['urls_type'] : 'id';
 $clean_name = $usrcp->cleanusername($SQL->escape($user_name));
 /// ok .. we will get sqls now ..
 include 'includes/install_sqls.php';
 include 'includes/default_values.php';
 $err = $dots = 0;
 $errors = '';
 //do important alter before
 $SQL->query($install_sqls['ALTER_DATABASE_UTF']);
 $sqls_done = $sql_err = array();
Exemple #5
0
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false)
{
    global $lang, $config, $usrcp, $userinfo;
    global $script_path, $script_encoding, $script_srv, $script_db, $script_user, $script_pass, $script_prefix;
    if (isset($script_path)) {
        //check for last slash /
        if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') {
            $script_path = substr($script_path, 0, strlen($script_path));
        }
        //get database data from mysmartbb config file
        if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) {
            require_once PATH . $script_path . SCRIPT_CONFIG_PATH;
            $forum_srv = $config['db']['server'];
            $forum_db = $config['db']['name'];
            $forum_user = $config['db']['username'];
            $forum_pass = $config['db']['password'];
            $forum_prefix = $config['db']['prefix'];
        } else {
            big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'MySmartBB'));
        }
    } else {
        $forum_srv = $script_srv;
        $forum_db = $script_db;
        $forum_user = $script_user;
        $forum_pass = $script_pass;
        $forum_prefix = $script_prefix;
    }
    if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) {
        return;
    }
    $SQLMS = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true);
    $SQLVB->set_names('latin1');
    $pass = $usrcp->kleeja_utf8($pass, false);
    $name = $usrcp->kleeja_utf8($name, false);
    $query = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}member`");
    $query['WHERE'] = $hashed ? "id=" . intval($name) . " AND password='******'" : "username='******' AND password='******'";
    //if return only name let's ignore the obove
    if ($return_name) {
        $query_salt['SELECT'] = "username";
        $query_salt['WHERE'] = "id=" . intval($name);
    }
    ($hook = $plugin->run_hook('qr_select_usrdata_mysbb_usr_class')) ? eval($hook) : null;
    //run hook
    $result = $SQLMS->build($query);
    if ($SQLMS->num($result) != 0) {
        while ($row = $SQLMS->fetch($result)) {
            if ($return_name) {
                return $row['username'];
            }
            if (!$loginadm) {
                define('USER_ID', $row['id']);
                define('GROUP_ID', $row['usergroup'] == 1 ? 1 : 3);
                define('USER_NAME', $usrcp->kleeja_utf8($row['username']));
                define('USER_MAIL', $row['email']);
                define('USER_ADMIN', $row['usergroup'] == 1 ? 1 : 0);
            }
            $userinfo = $row;
            $userinfo['group_id'] = GROUP_ID;
            $user_y = kleeja_base64_encode(serialize(array('id' => $row['id'], 'name' => $usrcp->kleeja_utf8($row['username']), 'mail' => $row['email'], 'last_visit' => time())));
            $hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire);
            if (!$hashed && !$loginadm) {
                $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['id'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . GROUP_ID . '|' . $user_y), $expire);
            }
            ($hook = $plugin->run_hook('qr_while_usrdata_mysbb_usr_class')) ? eval($hook) : null;
            //run hook
        }
        $SQLMS->free($result);
        unset($pass);
        $SQLMS->close();
        return true;
    } else {
        $SQLMS->close();
        return false;
    }
}