function SSO_DisplayError($msg, $htmlmsg = "") { global $sso_header, $sso_footer; if (isset($_REQUEST["sso_ajax"])) { echo htmlspecialchars(BB_Translate($msg)) . $htmlmsg; } else { echo $sso_header; echo "<div class=\"sso_server_message_wrap" . ($htmlmsg == "" ? " sso_server_message_wrap_nosplit" : "") . "\"><div class=\"sso_server_error\">" . htmlspecialchars(BB_Translate($msg)) . "</div></div>"; echo $htmlmsg; if (isset($_COOKIE["sso_server_lastapp"]) && $_COOKIE["sso_server_lastapp"] !== "") { $url = @base64_decode($_COOKIE["sso_server_lastapp"]); if ($url !== false) { echo "<div class=\"sso_main_info\"><a href=\"" . htmlspecialchars($url) . "\">" . htmlspecialchars(BB_Translate("Return to the application")) . "</a></div>"; } } echo $sso_footer; } exit; }
protected function Finalize(&$formvars) { if (!$this->output["date"]) { $this->OutputJQueryUI(); ?> <script type="text/javascript"> jQuery(function() { if (jQuery.fn.datepicker) jQuery('div.formfields div.formitem input.date').datepicker({ dateFormat: 'yy-mm-dd' }); else alert('<?php echo BB_JSSafe(BB_Translate("Warning: Missing jQuery UI for date field.")); ?> '); }); </script> <?php $this->output["date"] = true; } if (!$this->output["accordion"]) { $this->OutputJQueryUI(); ?> <script type="text/javascript"> jQuery(function() { if (jQuery.fn.accordion) jQuery('div.formaccordionwrap').accordion({ collapsible : true, active : false, heightStyle : 'content' }); else alert('<?php echo BB_JSSafe(BB_Translate("Warning: Missing jQuery UI for accordion.")); ?> '); }); </script> <?php $this->output["accordion"] = true; } }
public function ProcessFrontend() { global $sso_settings, $sso_rng, $sso_provider, $sso_target_url, $sso_session_info, $sso_session_id, $sso_db; if (isset($sso_session_info["setlogin_result"]) && !isset($_REQUEST["tryagain"])) { // Check the secret. if (!isset($_REQUEST["sso_setlogin_secret"]) || !isset($sso_session_info["setlogin_info"]) || $_REQUEST["sso_setlogin_secret"] !== $sso_session_info["setlogin_info"]["secret"]) { $this->DisplayError(BB_Translate("Unable to authenticate the request.")); return; } // Should be nearly impossible to get here since browser redirects are executed almost immediately. if (CSDB::ConvertFromDBTime($sso_session_info["setlogin_info"]["expires"]) < time()) { $this->DisplayError(BB_Translate("Verification token has expired.")); return; } // The user is signed in. Activate the account. $sso_db_sso_remote_users = SSO_DB_PREFIX . "p_sso_remote_users"; try { $id = $sso_db->GetOne("SELECT", array("id", "FROM" => "?", "WHERE" => "remote_id = ? AND user_id = ?"), $sso_db_sso_remote_users, $this->info["row"]->id, $sso_session_info["setlogin_result"]["user_id"]); if ($id === false) { $sso_db->Query("INSERT", array($sso_db_sso_remote_users, array("remote_id" => $this->info["row"]->id, "user_id" => $sso_session_info["setlogin_result"]["user_id"], "created" => CSDB::ConvertToDBTime(time())), "AUTO INCREMENT" => "id")); $id = $sso_db->GetInsertID(); } $mapinfo = $sso_session_info["setlogin_result"]["protected_fields"]; $mapinfo[$sso_settings["sso_remote"]["map_remote_id"]] = $this->info["row"]->id; SSO_ActivateUser($id, serialize($sso_session_info["setlogin_info"]), $mapinfo, false, $this->info["row_info"]["automate"]); // Only falls through on account lockout or a fatal error. $this->DisplayError(BB_Translate("User activation failed.")); } catch (Exception $e) { $this->DisplayError("A database error has occurred. Most likely cause: Bad SQL query."); } } else { // Check the API key information. $info = unserialize($this->info["apirow"]->info); if ($info["type"] != "remote") { $this->DisplayError(BB_Translate("The target client API key is not a remote API key.")); return; } if ($info["url"] == "") { $this->DisplayError(BB_Translate("The target client API key URL is missing.")); return; } // Set up the session so that the endpoint works. unset($sso_session_info["setlogin_result"]); $token = $sso_rng->GenerateString(); $sso_session_info["setlogin_info"] = array("provider" => $sso_provider, "apikey_id" => $this->info["apirow"]->id, "redirect_url" => BB_GetRequestHost() . $sso_target_url, "token" => $token, "secret" => $sso_rng->GenerateString(), "expires" => CSDB::ConvertToDBTime(time() + 30 * 60)); if (!SSO_SaveSessionInfo()) { $this->DisplayError(BB_Translate("Unable to save session information.")); return; } // Redirect to the remote host. $url = $info["url"] . (strpos($info["url"], "?") === false ? "?" : "&") . "from_sso_server=1&sso_setlogin_id=" . urlencode($sso_session_id[1]) . "&sso_setlogin_token=" . urlencode($token) . (isset($_REQUEST["lang"]) ? "&sso_lang=" . urlencode($_REQUEST["lang"]) : ""); SSO_ExternalRedirect($url); } }
public function ProcessBBAction() { global $bb_widget, $bb_account, $bb_revision_num; $basepath = BB_GetRealPath(Str::ExtractPathname($bb_widget->_file) . "/base"); if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_new_layout_submit") { BB_RunPluginAction("pre_bb_layout_configure_widget_new_layout_submit"); $found = false; $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html" && substr($name, 0, $pos) == $_REQUEST["pattern"]) { $found = true; break; } } if (!$found) { BB_PropertyFormError("Invalid pattern specified."); } $name = $_REQUEST["name"]; if ($name == "") { BB_PropertyFormError("Name field not filled out."); } $dirfile = preg_replace('/[^A-Za-z0-9_\\-]/', "_", $name); if (file_exists(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $dirfile . ".html")) { BB_PropertyFormError("A layout with that name already exists."); } if (file_exists(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $dirfile . ".css")) { BB_PropertyFormError("A layout with that name already exists."); } $data = file_get_contents(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath . "/" . $_REQUEST["pattern"] . ".html"); $data = str_replace(htmlspecialchars($_REQUEST["pattern"]), htmlspecialchars($dirfile), $data); if (BB_WriteFile(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $dirfile . ".html", $data) === false) { BB_PropertyFormError("Unable to create layout HTML."); } if (!copy(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath . "/" . $_REQUEST["pattern"] . ".css", ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $dirfile . ".css")) { BB_PropertyFormError("Unable to create layout CSS."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Layout created.")); ?> </div> <script type="text/javascript"> window.parent.LoadProperties(<?php echo BB_CreateWidgetPropertiesJS("bb_layout_configure_widget"); ?> ); </script> <?php BB_RunPluginAction("post_bb_layout_configure_widget_new_layout_submit"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_new_layout") { BB_RunPluginAction("pre_bb_layout_configure_widget_new_layout"); $desc = "<br />"; $desc .= BB_CreateWidgetPropertiesLink(BB_Translate("Back"), "bb_layout_configure_widget"); $patterns = array(); $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html") { $info = $this->ExtractFileInfo(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath . "/" . $name); if ($info !== false) { $patterns[substr($name, 0, $pos)] = $info[""]["info"][0]; } } } $options = array("title" => BB_Translate("Configure %s - New Layout", $bb_widget->_f), "desc" => "Create a new layout.", "htmldesc" => $desc, "fields" => array(array("title" => "Pattern", "type" => "select", "name" => "pattern", "options" => $patterns, "desc" => "The pattern to use for the new layout."), array("title" => "Name", "type" => "text", "name" => "name", "value" => "", "desc" => "The name of the new layout.")), "submit" => "Create", "focus" => true); BB_RunPluginActionInfo("bb_layout_configure_widget_new_layout_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_layout_configure_widget_new_layout"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_activate_layout" && BB_IsSecExtraOpt("file")) { BB_RunPluginAction("pre_bb_layout_configure_widget_activate_layout"); $found = false; $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html" && $name == $_REQUEST["file"]) { $info = $this->ExtractFileInfo(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name); if ($info !== false) { $bb_widget->layout = $name; $found = true; break; } } } if (!$found) { BB_PropertyFormLoadError("Invalid layout specified."); } if (!BB_SaveLangPage($bb_revision_num)) { BB_PropertyFormError("Unable to save the layout activation."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Layout activated.")); ?> </div> <script type="text/javascript"> window.parent.LoadProperties(<?php echo BB_CreateWidgetPropertiesJS("bb_layout_configure_widget"); ?> ); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_layout_configure_widget_activate_layout"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_deactivate_layout") { BB_RunPluginAction("pre_bb_layout_configure_widget_deactivate_layout"); $bb_widget->layout = ""; if (!BB_SaveLangPage($bb_revision_num)) { BB_PropertyFormError("Unable to save the layout deactivation."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Layout deactivated.")); ?> </div> <script type="text/javascript"> window.parent.LoadProperties(<?php echo BB_CreateWidgetPropertiesJS("bb_layout_configure_widget"); ?> ); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_layout_configure_widget_deactivate_layout"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_delete_layout" && BB_IsSecExtraOpt("file")) { BB_RunPluginAction("pre_bb_layout_configure_widget_delete_layout"); $found = false; $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html" && $name == $_REQUEST["file"]) { $info = $this->ExtractFileInfo(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name); if ($info !== false) { if (!unlink(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name)) { BB_PropertyFormLoadError("Unable to delete the layout HTML."); } foreach ($info as $profile => $data) { $filename = ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . substr($name, 0, $pos) . ($profile != "" ? "." . $profile : "") . ".css"; if (file_exists($filename)) { @unlink($filename); } } if (file_exists(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name . ".dat")) { @unlink(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name . ".dat"); } if (isset($bb_widget->layout) && $bb_widget->layout == $name) { unset($bb_widget->layout); } $found = true; break; } } } if (!$found) { BB_PropertyFormLoadError("Invalid layout specified."); } if (!BB_SaveLangPage($bb_revision_num)) { BB_PropertyFormLoadError("Unable to save the layout activation status."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Layout deleted.")); ?> </div> <script type="text/javascript"> window.parent.LoadProperties(<?php echo BB_CreateWidgetPropertiesJS("bb_layout_configure_widget"); ?> ); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_layout_configure_widget_delete_layout"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget") { global $editmap, $extmap; BB_RunPluginAction("pre_bb_layout_configure_widget"); $editmap = array("ea_html" => array("<a href=\"#\" onclick=\"return EditFile('%%HTML_JS_DIR%%', '%%HTML_JS_FILE%%', '%%HTML_JS_syntax%%', '%%HTML_JS_LOADTOKEN%%', '%%HTML_JS_SAVETOKEN%%');\">" . htmlspecialchars(BB_Translate("Edit HTML")) . "</a>", "syntax"), "ea_css" => array("<a href=\"#\" onclick=\"return EditFile('%%HTML_JS_DIR%%', '%%HTML_JS_FILE%%', '%%HTML_JS_syntax%%', '%%HTML_JS_LOADTOKEN%%', '%%HTML_JS_SAVETOKEN%%');\">" . htmlspecialchars(BB_Translate("Edit CSS")) . "</a>", "syntax")); $extmap = array(".html" => array("edit" => "ea_html", "syntax" => "html"), ".css" => array("edit" => "ea_css", "syntax" => "css")); BB_RunPluginAction("bb_layout_configure_widget_exteditmaps"); $desc = "<br />"; $desc .= BB_CreateWidgetPropertiesLink(BB_Translate("New Layout"), "bb_layout_configure_widget_new_layout"); if ($bb_widget->layout != "") { $desc .= " | " . BB_CreateWidgetPropertiesLink(BB_Translate("Deactivate Current Layout"), "bb_layout_configure_widget_deactivate_layout"); } $rows = array(); $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html") { $info = $this->ExtractFileInfo(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name); if ($info !== false) { $rows[] = array("<a href=\"" . htmlspecialchars(ROOT_URL . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name) . "\" target=\"_blank\">" . htmlspecialchars($name) . "</a>", BB_FileExplorer_GetActionStr(WIDGET_PATH . "/" . $this->layoutpath, $name) . " | " . BB_FileExplorer_GetActionStr(WIDGET_PATH . "/" . $this->layoutpath, substr($name, 0, $pos) . ".css") . " | " . ($bb_widget->layout != $name ? BB_CreateWidgetPropertiesLink(BB_Translate("Activate"), "bb_layout_configure_widget_activate_layout", array("file" => $name)) : BB_CreateWidgetPropertiesLink(BB_Translate("Deactivate"), "bb_layout_configure_widget_deactivate_layout")) . " | " . BB_CreateWidgetPropertiesLink(BB_Translate("Delete"), "bb_layout_configure_widget_delete_layout", array("file" => $name), BB_Translate("Deleting the '%s' layout will immediately affect any pages that utilize the layout. Continue?", $name))); } else { if (file_exists(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name)) { $rows[] = array(BB_Translate("%s (Broken layout)", "<a href=\"" . htmlspecialchars(ROOT_URL . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name) . "\" target=\"_blank\">" . htmlspecialchars($name) . "</a>"), BB_FileExplorer_GetActionStr(WIDGET_PATH . "/" . $this->layoutpath, $name)); } } } } $options = array("title" => BB_Translate("Configure %s", $bb_widget->_f), "desc" => "Select an existing layout or create a new layout.", "htmldesc" => $desc); if (count($rows)) { $options["fields"] = array(array("type" => "table", "cols" => array("Layout", "Options"), "rows" => $rows)); } BB_RunPluginActionInfo("bb_layout_configure_widget_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_layout_configure_widget"); } } } } } } }
public function ProcessFrontend() { global $sso_rng, $sso_provider, $sso_settings, $sso_session_info; $redirect_uri = BB_GetRequestHost() . SSO_ROOT_URL . "/index.php?sso_provider=" . urlencode($sso_provider) . "&sso_google_action=signin"; if (isset($_REQUEST["sso_google_action"]) && $_REQUEST["sso_google_action"] == "signin") { // Recover the language settings. if (!isset($sso_session_info["sso_google_info"])) { $this->DisplayError(BB_Translate("Unable to authenticate the request.")); return; } $url = BB_GetRequestHost() . SSO_ROOT_URL . "/index.php?sso_provider=" . urlencode($sso_provider) . "&sso_google_action=signin2"; if (isset($_REQUEST["state"])) { $url .= "&state=" . urlencode($_REQUEST["state"]); } if (isset($_REQUEST["code"])) { $url .= "&code=" . urlencode($_REQUEST["code"]); } if (isset($_REQUEST["error"])) { $url .= "&error=" . urlencode($_REQUEST["error"]); } $url .= "&lang=" . urlencode($sso_session_info["sso_google_info"]["lang"]); header("Location: " . $url); } else { if (isset($_REQUEST["sso_google_action"]) && $_REQUEST["sso_google_action"] == "signin2") { // Validate the token. if (!isset($_REQUEST["state"]) || !isset($sso_session_info["sso_google_info"]) || $_REQUEST["state"] !== $sso_session_info["sso_google_info"]["token"]) { $this->DisplayError(BB_Translate("Unable to authenticate the request.")); return; } // Check for token expiration. if (CSDB::ConvertFromDBTime($sso_session_info["sso_google_info"]["expires"]) < time()) { $this->DisplayError(BB_Translate("Verification token has expired.")); return; } if (isset($_REQUEST["error"])) { if ($_REQUEST["error"] == "access_denied") { $message = BB_Translate("The request to sign in with Google was denied."); } else { $message = BB_Translate("The error message returned was '%s'.", $_REQUEST["error"]); } $this->DisplayError(BB_Translate("Sign in failed. %s", $message)); return; } if (!isset($_REQUEST["code"])) { $this->DisplayError(BB_Translate("Sign in failed. Authorization code missing.")); return; } // Get an access token from the authorization code. require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/http.php"; require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/web_browser.php"; $url = "https://accounts.google.com/o/oauth2/token"; $options = array("postvars" => array("code" => $_REQUEST["code"], "client_id" => $sso_settings["sso_google"]["client_id"], "client_secret" => $sso_settings["sso_google"]["client_secret"], "redirect_uri" => $redirect_uri, "grant_type" => "authorization_code")); $web = new WebBrowser(); $result = $web->Process($url, "auto", $options); if (!$result["success"]) { $this->DisplayError(BB_Translate("Sign in failed. Error retrieving URL for Google access token. %s", $result["error"])); } else { if ($result["response"]["code"] != 200) { $this->DisplayError(BB_Translate("Sign in failed. The Google access token server returned: %s", $result["response"]["code"] . " " . $result["response"]["meaning"])); } else { // Get the access token. $data = @json_decode($result["body"], true); if ($data === false || !isset($data["access_token"])) { $this->DisplayError(BB_Translate("Sign in failed. Error retrieving access token from Google.")); } else { // Get the user's profile information. $url = "https://www.googleapis.com/oauth2/v1/userinfo?access_token=" . urlencode($data["access_token"]); $result = $web->Process($url); if (!$result["success"]) { $this->DisplayError(BB_Translate("Sign in failed. Error retrieving URL for Google profile information. %s", $result["error"])); } else { if ($result["response"]["code"] != 200) { $this->DisplayError(BB_Translate("Sign in failed. The Google profile information server returned: %s", $result["response"]["code"] . " " . $result["response"]["meaning"])); } else { $profile = @json_decode($result["body"], true); if ($profile === false) { $this->DisplayError(BB_Translate("Sign in failed. Error retrieving profile information from Google.")); } $origprofile = $profile; // Remove unverified e-mail addresses. if (!isset($profile["verified_email"]) || !$profile["verified_email"]) { unset($profile["verified_email"]); unset($profile["email"]); } // Convert most profile fields into strings. foreach ($profile as $key => $val) { if (is_string($val)) { continue; } if (is_bool($val)) { $val = (string) (int) $val; } else { if (is_numeric($val)) { $val = (string) $val; } else { if (is_object($val) && isset($val->id) && isset($val->name)) { $val = $val->name; } } } $profile[$key] = $val; } $mapinfo = array(); foreach (self::$fieldmap as $key => $info) { $key2 = $sso_settings["sso_google"]["map_" . $key]; if ($key2 != "" && isset($profile[$key])) { $mapinfo[$key2] = $profile[$key]; } } SSO_ActivateUser($profile["id"], serialize($origprofile), $mapinfo); // Only falls through on account lockout or a fatal error. $this->DisplayError(BB_Translate("User activation failed.")); } } } } } } else { // Create internal data packet. $token = $sso_rng->GenerateString(); $sso_session_info["sso_google_info"] = array("lang" => isset($_REQUEST["lang"]) ? $_REQUEST["lang"] : "", "token" => $token, "expires" => CSDB::ConvertToDBTime(time() + 30 * 60)); if (!SSO_SaveSessionInfo()) { $this->DisplayError(BB_Translate("Unable to save session information.")); return; } // Calculate the required scope. $scope = array("https://www.googleapis.com/auth/userinfo.profile" => true); foreach (self::$fieldmap as $key => $info) { if ($info["extra"] != "" && $sso_settings["sso_google"]["map_" . $key] != "") { $scope[$info["extra"]] = true; } } // Get the login redirection URL. $options = array("response_type" => "code", "client_id" => $sso_settings["sso_google"]["client_id"], "redirect_uri" => $redirect_uri, "scope" => implode(" ", array_keys($scope)), "state" => $token); $options2 = array(); foreach ($options as $key => $val) { $options2[] = urlencode($key) . "=" . urlencode($val); } $url = "https://accounts.google.com/o/oauth2/auth?" . implode("&", $options2); SSO_ExternalRedirect($url); } } }
public function ProcessFrontend() { global $sso_provider, $sso_settings, $sso_target_url, $sso_header, $sso_footer, $sso_providers, $sso_selectors_url; require_once SSO_ROOT_PATH . "/" . SSO_PROVIDER_PATH . "/" . $sso_provider . "/facebook.php"; $facebook = new SSO_FacebookSDK(array("appId" => $sso_settings["sso_facebook"]["app_id"], "secret" => $sso_settings["sso_facebook"]["app_secret"])); $id = $facebook->getUser(); if ($id) { try { // Calculate the required fields. $fields = array("id" => true, "first_name" => true, "last_name" => true); foreach (self::$fieldmap as $key => $info) { if ($sso_settings["sso_facebook"]["map_" . $key] != "" && !isset($info["pseudo"])) { $fields[isset($info["parent"]) ? $info["parent"] : $key] = true; } } $profile = $facebook->api("/me", "GET", array("fields" => implode(",", array_keys($fields)))); } catch (FacebookApiException $e) { // Fall through here to go to the next step. $id = 0; $exceptionmessage = $e->getMessage(); } } if (isset($_REQUEST["sso_facebook_action"]) && $_REQUEST["sso_facebook_action"] == "signin") { if ($id) { // Create a fake username based on available information. if ($sso_settings["sso_facebook"]["map_username"] != "") { if (isset($profile["email"])) { $profile["username"] = (string) @substr($profile["email"], 0, strpos($profile["email"], "@")); } else { if (isset($profile["first_name"]) && isset($profile["last_name"])) { $profile["username"] = $profile["first_name"] . @substr($profile["last_name"], 0, 1); } else { if (isset($profile["name"])) { $name = explode(" ", $name); $profile["username"] = $name[0] . @substr($name[count($name) - 1], 0, 1); } else { $profile["username"] = (string) $id; } } } $profile["username"] = preg_replace('/\\s+/', "_", trim(preg_replace('/[^a-z0-9]/', " ", strtolower((string) $profile["username"])))); } // Check username blacklist. $message = ""; if (isset($profile["username"])) { $blacklist = explode("\n", str_replace("\r", "\n", $sso_settings["sso_facebook"]["username_blacklist"])); foreach ($blacklist as $word) { $word = trim($word); if ($word != "" && stripos($profile["username"], $word) !== false) { $message = BB_Translate("Username contains a blocked word."); break; } } } // Check e-mail domain blacklist. if (isset($profile["email"])) { define("CS_TRANSLATE_FUNC", "BB_Translate"); require_once SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/smtp.php"; $email = SMTP::MakeValidEmailAddress($profile["email"]); if (!$email["success"]) { $message = BB_Translate("Invalid e-mail address. %s", $email["error"]); } else { $domain = strtolower(substr($email["email"], strrpos($email["email"], "@") + 1)); $y = strlen($domain); $baddomains = explode("\n", strtolower($sso_settings["sso_facebook"]["email_bad_domains"])); foreach ($baddomains as $baddomain) { $baddomain = trim($baddomain); if ($baddomain != "") { $y2 = strlen($baddomain); if ($domain == $baddomain || $y < $y2 && substr($domain, $y - $y2 - 1, 1) == "." && substr($domain, $y - $y2) == $baddomain) { $message = BB_Translate("E-mail address is in a blacklisted domain."); break; } } } } } if ($message == "") { // Fix birthday to be in international format YYYY-MM-DD. if (isset($profile["birthday"])) { $birthday = explode("/", $profile["birthday"]); $year = array_pop($birthday); array_unshift($birthday, $year); $profile["birthday"] = implode("-", $birthday); } // Convert most profile fields into strings. foreach ($profile as $key => $val) { if (is_string($val)) { continue; } if (is_bool($val)) { $val = (string) (int) $val; } else { if (is_numeric($val)) { $val = (string) $val; } else { if (is_object($val) && isset($val->id) && isset($val->name)) { $val = $val->name; } } } $profile[$key] = $val; } // Convert specialized fields into strings. if (isset($profile["age_range"])) { $profile["age_range"] = trim($item->min . "-" . $item->max); } if (isset($profile["education"])) { $items = array(); foreach ($profile["education"] as $item) { $items[] = trim($item->year . " " . $item->type . " " . $item->school->name); } $profile["education"] = implode("\n", $items); } if (isset($profile["work"])) { $items = array(); foreach ($profile["work"] as $item) { $items[] = trim($item->employer . ", " . $item->location . ", " . $item->position); } $profile["work"] = implode("\n", $items); } $mapinfo = array(); foreach (self::$fieldmap as $key => $info) { $key2 = $sso_settings["sso_facebook"]["map_" . $key]; if ($key2 != "" && isset($profile[$key])) { $mapinfo[$key2] = $profile[$key]; } } // Process specialized fields. if (isset($profile["birthday"])) { $birthday = explode("-", $profile["birthday"]); $key = "birthday_year"; $key2 = $sso_settings["sso_facebook"]["map_" . $key]; if ($key2 != "") { $mapinfo[$key2] = $birthday[0]; } $key = "birthday_month"; $key2 = $sso_settings["sso_facebook"]["map_" . $key]; if ($key2 != "") { $mapinfo[$key2] = $birthday[1]; } $key = "birthday_day"; $key2 = $sso_settings["sso_facebook"]["map_" . $key]; if ($key2 != "") { $mapinfo[$key2] = $birthday[2]; } } SSO_ActivateUser($profile["id"], serialize($profile), $mapinfo); // Only falls through on account lockout or a fatal error. $message = BB_Translate("User activation failed."); } } else { if (isset($_REQUEST["error"]) && $_REQUEST["error"] == "access_denied") { $message = BB_Translate("The request to sign in with Facebook was denied."); } else { if (isset($_REQUEST["error_description"])) { $message = BB_Translate($_REQUEST["error_description"]); } else { $message = BB_Translate("An unknown error occurred. %s", $exceptionmessage); } } } $message = BB_Translate("Sign in failed. %s", $message); echo $sso_header; SSO_OutputHeartbeat(); ?> <div class="sso_main_wrap"> <div class="sso_main_wrap_inner"> <div class="sso_main_messages_wrap"> <div class="sso_main_messages"> <div class="sso_main_messageerror"><?php echo htmlspecialchars($message); ?> </div> </div> </div> <div class="sso_main_info"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Try again")); ?> </a><?php if (count($sso_providers) > 1) { ?> | <a href="<?php echo htmlspecialchars($sso_selectors_url); ?> "><?php echo htmlspecialchars(BB_Translate("Select another sign in method")); ?> </a><?php } ?> </div> </div> </div> <?php echo $sso_footer; } else { // Calculate the required scope. $scope = array(); foreach (self::$fieldmap as $key => $info) { if ($info["extra"] != "" && $sso_settings["sso_facebook"]["map_" . $key] != "") { $scope[$info["extra"]] = true; } } // Get the login redirection URL. $options = array("scope" => implode(",", array_keys($scope)), "redirect_uri" => BB_GetRequestHost() . $sso_target_url . "&sso_facebook_action=signin"); $url = $facebook->getLoginUrl($options); SSO_ExternalRedirect($url); } }
function BB_GeneratePage($title, $menuopts, $contentopts) { global $bb_rootname, $bb_page_layout, $bb_menu_layout, $bb_menu_item_layout, $bb_message_layout; if (!isset($contentopts["title"])) { $contentopts["title"] = $title; } if (isset($contentopts["hidden"]) && !isset($contentopts["hidden"]["bb_back"])) { $contentopts["hidden"]["bb_back"] = isset($_POST["bb_back"]) ? $_POST["bb_back"] : BB_GetBackQueryString(); } header("Content-Type: text/html; charset=UTF-8"); BB_InitLayouts(); // Process the header. if (defined("BB_ROOT_URL")) { $rooturl = BB_ROOT_URL; } else { if (defined("ROOT_URL")) { $rooturl = ROOT_URL; } else { $rooturl = BB_GetRequestURLBase(); if (substr($rooturl, -1) != "/") { $rooturl = dirname($rooturl); } if (substr($rooturl, -1) == "/") { $rooturl = substr($rooturl, 0, -1); } } } if (defined("BB_SUPPORT_PATH")) { $supportpath = BB_SUPPORT_PATH; } else { if (defined("SUPPORT_PATH")) { $supportpath = SUPPORT_PATH; } else { $supportpath = "support"; } } $data = str_replace("@ROOTURL@", htmlspecialchars($rooturl), $bb_page_layout); $data = str_replace("@SUPPORTPATH@", htmlspecialchars($supportpath), $data); // Process the title and message. $data = str_replace("@TITLE@", htmlspecialchars(BB_Translate(($bb_rootname != "" ? $bb_rootname . " | " : "") . $title)), $data); $data = str_replace("@ROOTNAME@", htmlspecialchars(BB_Translate($bb_rootname)), $data); if (!isset($_REQUEST["bb_msg"])) { $data = str_replace("@MESSAGE@", "", $data); } else { if (!isset($_REQUEST["bb_msgtype"]) || $_REQUEST["bb_msgtype"] != "error" && $_REQUEST["bb_msgtype"] != "success") { $_REQUEST["bb_msgtype"] = "info"; } $data2 = str_replace("@MSGTYPE@", htmlspecialchars($_REQUEST["bb_msgtype"]), $bb_message_layout); $data2 = str_replace("@MESSAGE@", htmlspecialchars(BB_Translate($_REQUEST["bb_msg"])), $data2); $data = str_replace("@MESSAGE@", $data2, $data); } // Process the menu. $data2 = ""; foreach ($menuopts as $title => $items) { $data3 = ""; foreach ($items as $name => $opts) { if (!is_array($opts)) { $opts = array("href" => $opts); } $data5 = array(); foreach ($opts as $name2 => $val) { $data5[] = htmlspecialchars($name2) . "=\"" . htmlspecialchars($val) . "\""; } $data4 = str_replace("@OPTS@", implode(" ", $data5), $bb_menu_item_layout); $data3 .= str_replace("@NAME@", htmlspecialchars(BB_Translate($name)), $data4); } $data3 = str_replace("@ITEMS@", $data3, $bb_menu_layout); $data2 .= str_replace("@TITLE@", htmlspecialchars(BB_Translate($title)), $data3); } $data = str_replace("@MENU@", $data2, $data); // Process and display the content. $pos = strpos($data, "@CONTENT@"); echo substr($data, 0, $pos); BB_PropertyForm($contentopts); echo substr($data, $pos + 9); }
public function SendTwoFactorCode(&$result, $userrow, $userinfo) { // Send the two-factor authentication e-mail. $info = $this->GetInfo(); $fromaddr = BB_PostTranslate($info["email_from"] != "" ? $info["email_from"] : SSO_SMTP_FROM); $subject = BB_Translate($info["email_subject"]); $twofactor = sso_login::GetTimeBasedOTP($userinfo["two_factor_key"], time() / $info["window"]); $htmlmsg = str_ireplace(array("@USERNAME@", "@EMAIL@", "@TWOFACTOR@"), array(htmlspecialchars($userrow->username), htmlspecialchars($userrow->email), htmlspecialchars($twofactor)), BB_PostTranslate($info["email_msg"])); $textmsg = str_ireplace(array("@USERNAME@", "@EMAIL@", "@TWOFACTOR@"), array($userrow->username, $userrow->email, $twofactor), BB_PostTranslate($info["email_msg_text"])); $result2 = SSO_SendEmail($fromaddr, $userrow->email, $subject, $htmlmsg, $textmsg); if (!$result2["success"]) { $result["errors"][] = BB_Translate("Login exists but a fatal error occurred. Fatal error: Unable to send two-factor authentication e-mail. %s", $result["error"]); } }
function SSO_CreateConfigLink($title, $action2, $extra = array(), $confirm = "") { return "<a href=\"" . htmlspecialchars(SSO_CreateConfigURL($action2, $extra)) . "\"" . ($confirm != "" ? " onclick=\"return confirm('" . htmlspecialchars(BB_JSSafe(BB_Translate($confirm))) . "');\"" : "") . ">" . htmlspecialchars(BB_Translate($title)) . "</a>"; }
public function LoginCheck(&$result, $userinfo, $recoveryallowed) { global $sso_ipaddr_info; if ($userinfo === false) { $this->UpdateIPAddrInfo(true, false, false); $info = $this->GetInfo(); if ($sso_ipaddr_info["sso_login_modules"]["sso_ratelimit"]["sysreq"] >= $info["system_requests"]) { $result["errors"][] = BB_Translate("Request rate limit exceeded."); } else { if ($sso_ipaddr_info["sso_login_modules"]["sso_ratelimit"]["logins"] >= $info["login_attempts"]) { $result["errors"][] = BB_Translate("Request rate limit exceeded."); } } } }
function BB_UpdateExtensionsCache($force = false) { global $bb_extensions_info, $bb_paths; if ($force || $bb_extensions_info["nextcheck"] < time()) { $data = array(); foreach ($bb_extensions_info["exts"] as $extinfo) { $data[] = (int) $extinfo["id"]; $data[] = urlencode($extinfo["ver"]); } $url = "https://barebonescms.com/extend/api/?action=update_check&id_vers=" . implode(",", $data); BB_RunPluginActionInfo("pre_bb_updateextensionscache_url", $url); $info = BB_IsValidURL($url); if ($info["success"]) { $data = @json_decode(trim($info["data"]), true); if ($data["success"]) { if (defined("BB_CORE_VER") && $data["corever"] !== BB_CORE_VER) { array_unshift($data["updates"], BB_Translate("<strong>New version of Barebones CMS available!</strong><br />Currently installed: %s<br />New: %s", BB_CORE_VER, htmlspecialchars($data["corever"]))); } $bb_extensions_info["updates"] = $data["updates"]; $bb_extensions_info["vulnerabilities"] = $data["vulnerabilities"]; } } $bb_extensions_info["nextcheck"] = time() + 24 * 60 * 60; $data = "<" . "?php\n\t\$bb_extensions_info = " . BB_CreatePHPStorageData($bb_extensions_info) . ";\n?" . ">"; BB_WriteFile((isset($bb_paths) ? $bb_paths["ROOT_PATH"] : ROOT_PATH) . "/extensions_cache.php", $data); } }
public function CustomFrontend() { global $g_sso_login_modules, $sso_settings, $sso_header, $sso_footer, $sso_target_url, $sso_db, $sso_session_info, $sso_rng; $messages = array("errors" => array(), "warnings" => array(), "success" => ""); $info = $this->GetInfo(); if ($info["cookiekey"] != "" && $info["cookieiv"] != "" && $info["cookiekey2"] != "" && $info["cookieiv2"] != "") { // Initialize active modules. $this->activemodules = array(); foreach ($g_sso_login_modules as $key => $info2) { if ($sso_settings["sso_login"]["modules"][$key]["_a"]) { $module = "sso_login_module_" . $key; $this->activemodules[$key] = new $module(); } } $sso_db_sso_login_users = SSO_DB_PREFIX . "p_sso_login_users"; if (isset($_REQUEST["id"]) && isset($_COOKIE["sso_l_rme"])) { // Decrypt data. $info2 = @base64_decode($_COOKIE["sso_l_rme"]); if ($info2 !== false) { $info2 = Blowfish::ExtractDataPacket($info2, pack("H*", $info["cookiekey"]), array("mode" => "CBC", "iv" => pack("H*", $info["cookieiv"]), "key2" => pack("H*", $info["cookiekey2"]), "iv2" => pack("H*", $info["cookieiv2"]), "lightweight" => true)); } if ($info2 !== false) { $info2 = @unserialize($info2); } if ($info2 !== false) { $id = (int) $_REQUEST["id"]; if (isset($info2[$id]) && is_array($info2[$id]) && count($info2[$id]) == 2) { // Load database information and verify the sign in. $userrow = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "id = ?"), $sso_db_sso_login_users, $id); if ($userrow && (!isset($userrow->verified) || $userrow->verified)) { $userinfo = SSO_DecryptDBData($userrow->info); if ($userinfo !== false && isset($userinfo["sso_remember_me"]) && isset($userinfo["sso_remember_me"][$info2[$userrow->id][0]])) { $info3 = $userinfo["sso_remember_me"][$info2[$userrow->id][0]]; $ts = CSDB::ConvertFromDBTime($info3["expires"]); if ($ts > time()) { $data = $info3["salt"] . ":" . $info2[$userrow->id][1]; if (sso_login::VerifyPasswordInfo($data, $info3["hash"], $info3["rounds"])) { // Sign in is now verified to be valid. if (!$info3["bypass"] && ($sso_settings["sso_login"]["require_two_factor"] || isset($userinfo["two_factor_method"]) && $userinfo["two_factor_method"] != "")) { // Go to two-factor authentication page. $methods = array(); foreach ($this->activemodules as $key => &$instance) { $name = $instance->GetTwoFactorName(false); if ($name !== false) { $methods[$key] = true; } } if ($sso_settings["sso_login"]["require_two_factor"] && (!isset($userinfo["two_factor_method"]) || !isset($methods[$userinfo["two_factor_method"]]))) { $messages["errors"][] = BB_Translate("A valid two-factor authentication method for this account is not available. Use account recovery to restore access to the account."); } else { $sso_session_info["sso_login_two_factor"] = array("id" => $userrow->id, "v" => $sso_rng->GenerateString(), "expires" => CSDB::ConvertToDBTime(time() + 5 * 60)); if (!SSO_SaveSessionInfo()) { $messages["errors"][] = BB_Translate("Login exists but a fatal error occurred. Fatal error: Unable to save session information."); } else { $this->activemodules[$userinfo["two_factor_method"]]->SendTwoFactorCode($messages, $userrow, $userinfo); if (!count($messages["errors"])) { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_login_action=two_factor&sso_v=" . urlencode($sso_session_info["sso_login_two_factor"]["v"])); exit; } } } } else { // Login succeeded. Activate the user. $mapinfo = array(); if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email") { $mapinfo[$sso_settings["sso_login"]["map_email"]] = $userrow->email; } if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "username") { $mapinfo[$sso_settings["sso_login"]["map_username"]] = $userrow->username; } $origuserinfo = $userinfo; foreach ($this->activemodules as &$instance) { $instance->LoginAddMap($mapinfo, $userrow, $userinfo, false); } // If a module updated $userinfo, then update the database. if (serialize($userinfo) !== serialize($origuserinfo)) { $userinfo2 = SSO_EncryptDBData($userinfo); try { $sso_db->Query("UPDATE", array($sso_db_sso_login_users, array("info" => $userinfo2), "WHERE" => "id = ?"), $userrow->id); } catch (Exception $e) { $messages["errors"][] = BB_Translate("Database query error."); } } if (!count($messages["errors"])) { SSO_ActivateUser($userrow->id, $userinfo["extra"], $mapinfo, CSDB::ConvertFromDBTime($userrow->created)); // Only falls through on account lockout or a fatal error. $messages["errors"][] = BB_Translate("User activation failed."); } } } } } } } } } echo $sso_header; SSO_OutputHeartbeat(); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <div class="sso_main_messages_wrap"> <div class="sso_main_messages"> <?php if (count($messages["errors"])) { ?> <div class="sso_main_messageerror"><?php echo htmlspecialchars($messages["errors"][0]); ?> </div> <?php } ?> <div class="sso_main_messageerror"><?php echo htmlspecialchars(BB_Translate("An error occurred while processing the remembered sign in. You will have to sign in normally.")); ?> </div> </div> </div> <div class="sso_login_signin"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </a></div> </div> </div> <?php echo $sso_footer; } }
public function LoginCheck(&$result, $userinfo, $recoveryallowed) { global $sso_target_url; if ($userinfo !== false) { $info = $this->GetInfo(); if ($info["expire"] > 0 && (!isset($userinfo["sso_password"]) || !isset($userinfo["sso_password"]["expires"]) || CSDB::ConvertFromDBTime($userinfo["sso_password"]["expires"]) <= time())) { if (!$recoveryallowed) { if (SSO_FrontendFieldValue("update_info", "") != "yes") { $result["errors"][] = BB_Translate("Password has expired. Check the checkbox under 'Update Information' and sign in again to change your password."); } } else { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_login_action=recover&sso_msg=sso_login_password_expired"); exit; } } } }
function UpgradeError($str) { echo BB_Translate($str) . "<br />\n"; exit; }
public function GenerateLogin($messages) { $info = $this->GetInfo(); if ($info["cookiekey"] != "" && $info["cookieiv"] != "" && $info["cookiekey2"] != "" && $info["cookieiv2"] != "") { $phrase = ""; if (isset($_COOKIE["sso_l_ap"])) { // Decrypt data. $phrase = @base64_decode($_COOKIE["sso_l_ap"]); if ($phrase !== false) { $phrase = Blowfish::ExtractDataPacket($phrase, pack("H*", $info["cookiekey"]), array("mode" => "CBC", "iv" => pack("H*", $info["cookieiv"]), "key2" => pack("H*", $info["cookiekey2"]), "iv2" => pack("H*", $info["cookieiv2"]), "lightweight" => true)); } if ($phrase === false) { $phrase = ""; } } ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Anti-Phishing Phrase")); ?> </div> <?php if ($phrase != "") { ?> <div class="sso_main_formdesc"><?php echo htmlspecialchars($phrase); ?> </div> <?php } else { ?> <div class="sso_main_formresult"><div class="sso_main_formwarning"><?php echo htmlspecialchars(BB_Translate("No anti-phishing phrase found.")); ?> </div></div> <?php } ?> </div> <?php } }
function SSO_ExternalRedirect($url, $final = false) { SetCookieFixDomain("sso_server_er", base64_encode($url), 0, "", "", SSO_IsSSLRequest(), true); SetCookieFixDomain("sso_server_ern", md5(SSO_FrontendField("external_redirect") . ":" . $url), 0, "", "", SSO_IsSSLRequest(), true); $url = BB_GetRequestHost() . SSO_ROOT_URL . "/index.php?sso_action=sso_redirect" . ($final ? "&sso_final=1" : "") . (isset($_REQUEST["lang"]) ? "&lang=" . urlencode($_REQUEST["lang"]) : ""); ?> <!DOCTYPE html> <html> <head> <script type="text/javascript"> document.location.replace('<?php echo BB_JSSafe($url); ?> '); </script> <title><?php echo BB_Translate("Redirecting..."); ?> </title> <meta http-equiv="refresh" content="3; URL=<?php echo htmlspecialchars($url); ?> " /> </head> <body> <div style="text-align: center;"><?php echo BB_Translate("Redirecting..."); ?> </div> </body> </html> <?php exit; }
public function ProcessFrontend() { global $g_sso_login_modules, $sso_settings, $sso_rng, $sso_header, $sso_footer, $sso_target_url, $sso_db, $sso_ipaddr_info, $sso_session_info, $sso_providers; if (!isset($sso_ipaddr_info["sso_login_modules"])) { $sso_ipaddr_info["sso_login_modules"] = array(); } // Initialize active modules. $this->activemodules = array(); foreach ($g_sso_login_modules as $key => $info) { if ($sso_settings["sso_login"]["modules"][$key]["_a"]) { $module = "sso_login_module_" . $key; $this->activemodules[$key] = new $module(); } } $sso_db_sso_login_users = SSO_DB_PREFIX . "p_sso_login_users"; if (isset($_REQUEST["sso_login_action"]) && $_REQUEST["sso_login_action"] == "module" && isset($_REQUEST["sso_login_module"]) && isset($this->activemodules[$_REQUEST["sso_login_module"]])) { $this->activemodules[$_REQUEST["sso_login_module"]]->CustomFrontend(); } else { if (isset($_REQUEST["sso_login_action"]) && $_REQUEST["sso_login_action"] == "verify" && $sso_settings["sso_login"]["open_reg"]) { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); foreach ($this->activemodules as &$instance) { $instance->VerifyCheck($messages); } if (!count($messages["errors"])) { if (!isset($_REQUEST["sso_v"]) || !isset($sso_session_info["sso_login_verify"])) { $messages["errors"][] = BB_Translate("Invalid URL. Verification missing."); } else { if (trim($_REQUEST["sso_v"]) !== $sso_session_info["sso_login_verify"]["v"]) { $messages["errors"][] = BB_Translate("Invalid verification string specified."); } else { try { $sso_db->Query("UPDATE", array($sso_db_sso_login_users, array("verified" => 1), "WHERE" => "id = ?"), $sso_session_info["sso_login_verify"]["id"]); } catch (Exception $e) { $messages["errors"][] = BB_Translate("Verification failed. Database query error."); } if (!count($messages["errors"])) { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_msg=verified"); exit; } } } } echo $sso_header; SSO_OutputHeartbeat(); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <?php $this->DisplayMessages($messages, false); ?> <div class="sso_login_signin"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </a></div> </div> </div> <?php echo $sso_footer; } else { if (isset($_REQUEST["sso_login_action"]) && $_REQUEST["sso_login_action"] == "signup_check" && $sso_settings["sso_login"]["open_reg"]) { $result = $this->SignupUpdateCheck(true, false, false, false); foreach ($result["errors"] as $error) { echo "<div class=\"sso_main_formerror\">" . htmlspecialchars($error) . "</div>"; } foreach ($result["warnings"] as $warning) { echo "<div class=\"sso_main_formwarning\">" . htmlspecialchars($warning) . "</div>"; } if (!count($result["errors"]) && !count($result["warnings"])) { if ($result["success"] != "") { echo "<div class=\"sso_main_formokay\">" . htmlspecialchars($result["success"]) . "</div>"; } else { if (isset($result["htmlsuccess"]) && $result["htmlsuccess"] != "") { echo "<div class=\"sso_main_formokay\">" . $result["htmlsuccess"] . "</div>"; } } } } else { if (isset($_REQUEST["sso_login_action"]) && $_REQUEST["sso_login_action"] == "signup" && $sso_settings["sso_login"]["open_reg"]) { if (SSO_FrontendFieldValue("submit") === false) { $messages = false; } else { $messages = $this->SignupUpdateCheck(false, false, false, false); if (!count($messages["errors"])) { // Create the account. $username = SSO_FrontendFieldValue("username", ""); $email = SSO_FrontendFieldValue("email", ""); $verified = true; if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email") { $result = SMTP::MakeValidEmailAddress($email); $email = $result["email"]; $verified = $sso_settings["sso_login"]["email_verify_subject"] == "" || $sso_settings["sso_login"]["email_verify_msg"] == ""; } $salt = $sso_rng->GenerateString(); $data = $username . ":" . $email . ":" . $salt . ":" . SSO_FrontendFieldValue("createpass"); $passwordinfo = self::HashPasswordInfo($data, $sso_settings["sso_login"]["password_mode"], $sso_settings["sso_login"]["password_minrounds"]); if (!$passwordinfo["success"]) { $messages["errors"][] = BB_Translate("Unexpected cryptography error."); } else { $userinfo = array(); $userinfo["extra"] = $sso_rng->GenerateString(); $userinfo["two_factor_key"] = $sso_session_info["sso_login_two_factor_key"]; $userinfo["two_factor_method"] = SSO_FrontendFieldValue("two_factor_method", ""); foreach ($this->activemodules as &$instance) { $instance->SignupAddInfo($userinfo, false); } $userinfo["salt"] = $salt; $userinfo["rounds"] = (int) $passwordinfo["rounds"]; $userinfo["password"] = bin2hex($passwordinfo["hash"]); $userinfo2 = SSO_EncryptDBData($userinfo); try { if ($sso_settings["sso_login"]["install_type"] == "email_username") { $sso_db->Query("INSERT", array($sso_db_sso_login_users, array("username" => $username, "email" => $email, "verified" => (int) $verified, "created" => CSDB::ConvertToDBTime(time()), "info" => $userinfo2), "AUTO INCREMENT" => "id")); } else { if ($sso_settings["sso_login"]["install_type"] == "email") { $sso_db->Query("INSERT", array($sso_db_sso_login_users, array("email" => $email, "verified" => (int) $verified, "created" => CSDB::ConvertToDBTime(time()), "info" => $userinfo2), "AUTO INCREMENT" => "id")); } else { if ($sso_settings["sso_login"]["install_type"] == "username") { $sso_db->Query("INSERT", array($sso_db_sso_login_users, array("username" => $username, "created" => CSDB::ConvertToDBTime(time()), "info" => $userinfo2), "AUTO INCREMENT" => "id")); } else { $messages["errors"][] = BB_Translate("Fatal error: Login system is broken."); } } } // Send verification e-mail. if (!count($messages["errors"])) { $userid = $sso_db->GetInsertID(); } if (!count($messages["errors"]) && !$verified) { $this->SendVerificationEmail($userid, $userinfo, $messages, $username, $email); } } catch (Exception $e) { $messages["errors"][] = BB_Translate("Database query error."); } if (!count($messages["errors"])) { foreach ($this->activemodules as &$instance) { $instance->SignupDone($userid, false); } header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_msg=" . ($verified ? "verified" : "verify")); exit; } } } } echo $sso_header; SSO_OutputHeartbeat(); $this->OutputJS($sso_target_url . "&sso_login_action=signup_check&sso_ajax=1"); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <?php $this->DisplayMessages($messages); ?> <div class="sso_login_signin"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </a></div> <div class="sso_main_form_wrap sso_login_signup_form"> <div class="sso_main_form_header"><?php echo htmlspecialchars(BB_Translate("Sign up")); ?> </div> <form class="sso_main_form" name="sso_login_form" method="post" accept-charset="UTF-8" enctype="multipart/form-data" action="<?php echo htmlspecialchars($sso_target_url . "&sso_login_action=signup"); ?> " autocomplete="off"> <?php if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email") { ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Your E-mail Address")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text sso_login_changehook" type="text" name="<?php echo SSO_FrontendField("email"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue("email", "")); ?> " /></div> </div> <?php } if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "username") { ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Choose Username")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text sso_login_changehook" type="text" name="<?php echo SSO_FrontendField("username"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue("username", "")); ?> " /></div> </div> <?php } ?> <script type="text/javascript"> jQuery('input.sso_main_text:first').focus(); </script> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Choose Password")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text sso_login_changehook" type="password" name="<?php echo SSO_FrontendField("createpass"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue("createpass", "")); ?> " /></div> </div> <?php $outputmap = array(); // Two-factor authentication dropdown. $outputmap2 = array(); $method = SSO_FrontendFieldValue("two_factor_method", ""); foreach ($this->activemodules as $key => &$instance) { $name = $instance->GetTwoFactorName(); if ($name !== false) { $order = isset($sso_settings["sso_login"]["modules"][$key]["_s"]) ? $sso_settings["sso_login"]["modules"][$key]["_s"] : $instance->DefaultOrder(); SSO_AddSortedOutput($outputmap2, $order, $key, "<option value=\"" . htmlspecialchars($key) . "\"" . ($method == $key ? " selected" : "") . ">" . htmlspecialchars($name) . "</option>"); } } if (!$sso_settings["sso_login"]["require_two_factor"] && count($outputmap2)) { SSO_AddSortedOutput($outputmap2, 0, "", "<option value=\"\"" . ($method == "" ? " selected" : "") . ">" . htmlspecialchars(BB_Translate("None")) . "</option>"); } if (count($outputmap2)) { if (!isset($sso_session_info["sso_login_two_factor_key"])) { $sso_session_info["sso_login_two_factor_key"] = self::GenerateOTPKey(10); SSO_SaveSessionInfo(); } ob_start(); ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Choose Two-Factor Authentication Method")); ?> </div> <div class="sso_main_formdata"><select class="sso_main_dropdown sso_login_changehook_two_factor" name="<?php echo SSO_FrontendField("two_factor_method"); ?> "> <?php SSO_DisplaySortedOutput($outputmap2); ?> </select></div> <div class="sso_main_formdesc"><?php echo htmlspecialchars(BB_Translate($sso_settings["sso_login"]["require_two_factor"] ? "Required. Two-factor authentication vastly improves the security of your account." : "Optional. Two-factor authentication vastly improves the security of your account.")); ?> </div> </div> <?php $order = $sso_settings["sso_login"]["two_factor_order"]; SSO_AddSortedOutput($outputmap, $order, "two_factor", ob_get_contents()); ob_end_clean(); } // Add active module output. foreach ($this->activemodules as $key => &$instance) { ob_start(); $instance->GenerateSignup(false); $order = isset($sso_settings["sso_login"]["modules"][$key]["_s"]) ? $sso_settings["sso_login"]["modules"][$key]["_s"] : $instance->DefaultOrder(); SSO_AddSortedOutput($outputmap, $order, $key, ob_get_contents()); ob_end_clean(); } SSO_DisplaySortedOutput($outputmap); ?> <div class="sso_main_formsubmit"> <input type="submit" name="<?php echo SSO_FrontendField("submit"); ?> " value="<?php echo htmlspecialchars(BB_Translate("Sign up")); ?> " /> </div> </form> </div> </div> </div> <?php echo $sso_footer; } else { if (isset($_REQUEST["sso_login_action"]) && $_REQUEST["sso_login_action"] == "update_info") { // Check the session and load the user account. $messages = array("errors" => array(), "warnings" => array(), "success" => ""); foreach ($this->activemodules as &$instance) { $instance->UpdateInfoCheck($messages, false, false); } $userrow = false; if (!count($messages["errors"])) { if (!isset($_REQUEST["sso_v"]) || !isset($sso_session_info["sso_login_update"])) { $messages["errors"][] = BB_Translate("Invalid URL. Verification missing."); } else { if (trim($_REQUEST["sso_v"]) !== $sso_session_info["sso_login_update"]["v"]) { $messages["errors"][] = BB_Translate("Invalid verification string specified."); } else { if (!isset($sso_session_info["sso_login_update"]["expires"]) || CSDB::ConvertFromDBTime($sso_session_info["sso_login_update"]["expires"]) < time()) { $messages["errors"][] = BB_Translate("Update information is expired or invalid."); } else { try { $userrow = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "id = ?"), $sso_db_sso_login_users, $sso_session_info["sso_login_update"]["id"]); if ($userrow === false) { $messages["errors"][] = BB_Translate("Update information is expired or invalid."); } else { if (!isset($userrow->username)) { $userrow->username = ""; } if (!isset($userrow->email)) { $userrow->email = ""; } if (!isset($userrow->verified)) { $userrow->verified = 1; } } } catch (Exception $e) { $messages["errors"][] = BB_Translate("User check failed. Database query error."); } } } } } if (!count($messages["errors"])) { $userinfo = SSO_DecryptDBData($userrow->info); if ($userinfo === false) { $messages["errors"][] = BB_Translate("Error loading user information."); } } if (isset($_REQUEST["sso_ajax"])) { if (!count($messages["errors"])) { $messages = $this->SignupUpdateCheck(true, $userrow, $userinfo, false); } foreach ($messages["errors"] as $error) { echo "<div class=\"sso_main_formerror\">" . htmlspecialchars($error) . "</div>"; } foreach ($messages["warnings"] as $warning) { echo "<div class=\"sso_main_formwarning\">" . htmlspecialchars($warning) . "</div>"; } if (!count($messages["errors"]) && !count($messages["warnings"])) { if ($messages["success"] != "") { echo "<div class=\"sso_main_formokay\">" . htmlspecialchars($messages["success"]) . "</div>"; } else { if ($messages["htmlsuccess"] != "") { echo "<div class=\"sso_main_formokay\">" . $messages["htmlsuccess"] . "</div>"; } } } } else { if (count($messages["errors"])) { echo $sso_header; SSO_OutputHeartbeat(); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <?php $this->DisplayMessages($messages, false); ?> <div class="sso_login_signin"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </a></div> </div> </div> <?php echo $sso_footer; } else { $messagesheader = false; $messages = false; if (SSO_FrontendFieldValue("submit") === false) { if (isset($_REQUEST["sso_msg"])) { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); foreach ($this->activemodules as &$instance) { $instance->InitMessages($messages); } } } else { $messages = $this->SignupUpdateCheck(false, $userrow, $userinfo, false); if (!count($messages["errors"])) { // Update the account. if ($sso_settings["sso_login"]["change_username"] && ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "username")) { $username = SSO_FrontendFieldValue("update_username", ""); } else { $username = $userrow->username; } if ($sso_settings["sso_login"]["change_email"] && ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email")) { $email = SSO_FrontendFieldValue("update_email", ""); $result = SMTP::MakeValidEmailAddress($email); $email = $result["email"]; $verified = $sso_settings["sso_login"]["email_verify_subject"] == "" || $sso_settings["sso_login"]["email_verify_msg"] == "" || $userrow->email == $email; } else { $email = $userrow->email; $verified = $userrow->verified; } if (SSO_FrontendFieldValue("update_pass", "") != "") { $salt = $sso_rng->GenerateString(); $data = $username . ":" . $email . ":" . $salt . ":" . SSO_FrontendFieldValue("update_pass"); $passwordinfo = self::HashPasswordInfo($data, $sso_settings["sso_login"]["password_mode"], $sso_settings["sso_login"]["password_minrounds"]); if (!$passwordinfo["success"]) { $messages["errors"][] = BB_Translate("Unexpected cryptography error."); } else { $numrounds = (int) $passwordinfo["rounds"]; $password = bin2hex($passwordinfo["hash"]); } } else { if ($username != $userrow->username || $email != $userrow->email) { $messages["errors"][] = BB_Translate("Please enter a new password."); } else { $salt = $userinfo["salt"]; $numrounds = $userinfo["rounds"]; $password = $userinfo["password"]; } } if (SSO_FrontendFieldValue("reset_two_factor_key", "") == "yes") { $sso_session_info["sso_login_two_factor_key"] = self::GenerateOTPKey(10); SSO_SaveSessionInfo(); $messages["errors"][] = BB_Translate("Two-factor authentication security key has been reset."); } if (!count($messages["errors"])) { $userinfo["two_factor_key"] = $sso_session_info["sso_login_two_factor_key"]; $userinfo["two_factor_method"] = SSO_FrontendFieldValue("update_two_factor_method", ""); foreach ($this->activemodules as &$instance) { $instance->UpdateAddInfo($userinfo); } $userinfo["salt"] = $salt; $userinfo["rounds"] = $numrounds; $userinfo["password"] = $password; $userinfo2 = SSO_EncryptDBData($userinfo); try { if ($sso_settings["sso_login"]["install_type"] == "email_username") { $sso_db->Query("UPDATE", array($sso_db_sso_login_users, array("username" => $username, "email" => $email, "verified" => (int) $verified, "info" => $userinfo2), "WHERE" => "id = ?"), $userrow->id); } else { if ($sso_settings["sso_login"]["install_type"] == "email") { $sso_db->Query("UPDATE", array($sso_db_sso_login_users, array("email" => $email, "verified" => (int) $verified, "info" => $userinfo2), "WHERE" => "id = ?"), $userrow->id); } else { if ($sso_settings["sso_login"]["install_type"] == "username") { $sso_db->Query("UPDATE", array($sso_db_sso_login_users, array("username" => $username, "info" => $userinfo2), "WHERE" => "id = ?"), $userrow->id); } else { $messages["errors"][] = BB_Translate("Fatal error: Login system is broken."); } } } // Send verification e-mail. $userid = $userrow->id; if (!count($messages["errors"]) && !$verified) { $this->SendVerificationEmail($userid, $userinfo, $messages, $username, $email); } } catch (Exception $e) { $messages["errors"][] = BB_Translate("Database query error."); } if (!count($messages["errors"])) { foreach ($this->activemodules as &$instance) { $instance->UpdateInfoDone($userid); } header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_msg=" . ($verified ? "updated" : "verify")); exit; } } } } echo $sso_header; SSO_OutputHeartbeat(); $this->OutputJS($sso_target_url . "&sso_login_action=update_info&sso_v=" . urlencode($_REQUEST["sso_v"]) . "&sso_ajax=1"); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <?php $this->DisplayMessages($messages); ?> <div class="sso_login_signin"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </a></div> <div class="sso_main_form_wrap sso_login_updateinfo_form"> <div class="sso_main_form_header"><?php echo htmlspecialchars(BB_Translate("Update Information")); ?> </div> <form class="sso_main_form" name="sso_login_form" method="post" accept-charset="UTF-8" enctype="multipart/form-data" action="<?php echo htmlspecialchars($sso_target_url . "&sso_login_action=update_info&sso_v=" . urlencode($_REQUEST["sso_v"])); ?> " autocomplete="off"> <?php if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email") { ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Your E-mail Address")); ?> </div> <div class="sso_main_formdata"><?php if ($sso_settings["sso_login"]["change_email"]) { ?> <input class="sso_main_text sso_login_changehook" type="text" name="<?php echo SSO_FrontendField("update_email"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue("update_email", $userrow->email)); ?> " /><?php } else { ?> <input type="hidden" name="<?php echo SSO_FrontendField("update_email"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue("update_email", $userrow->email)); ?> " /><div class="sso_main_static"><?php echo htmlspecialchars($userrow->email); ?> </div><?php } ?> </div> </div> <?php } if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "username") { ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Your Username")); ?> </div> <div class="sso_main_formdata"><?php if ($sso_settings["sso_login"]["change_username"]) { ?> <input class="sso_main_text sso_login_changehook" type="text" name="<?php echo SSO_FrontendField("update_username"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue("update_username", $userrow->username)); ?> " /><?php } else { ?> <input type="hidden" name="<?php echo SSO_FrontendField("update_username"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue("update_username", $userrow->username)); ?> " /><div class="sso_main_static"><?php echo htmlspecialchars($userrow->username); ?> </div><?php } ?> </div> </div> <?php } ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("New Password")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text sso_login_changehook" type="password" name="<?php echo SSO_FrontendField("update_pass"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue("update_pass", "")); ?> " /></div> <div class="sso_main_formdesc"><?php echo htmlspecialchars(BB_Translate("Optional. Will change the password for the account.")); ?> </div> </div> <script type="text/javascript"> jQuery('input.sso_main_text:first').focus(); </script> <?php $outputmap = array(); // Two-factor authentication dropdown. $outputmap2 = array(); $method = SSO_FrontendFieldValue("update_two_factor_method", isset($updateinfo["two_factor_method"]) ? $updateinfo["two_factor_method"] : ""); foreach ($this->activemodules as $key => &$instance) { $name = $instance->GetTwoFactorName(); if ($name !== false) { $order = isset($sso_settings["sso_login"]["modules"][$key]["_s"]) ? $sso_settings["sso_login"]["modules"][$key]["_s"] : $instance->DefaultOrder(); SSO_AddSortedOutput($outputmap2, $order, $key, "<option value=\"" . htmlspecialchars($key) . "\"" . ($method == $key ? " selected" : "") . ">" . htmlspecialchars($name) . "</option>"); } } if (!$sso_settings["sso_login"]["require_two_factor"] && count($outputmap2)) { SSO_AddSortedOutput($outputmap2, 0, "", "<option value=\"\"" . ($method == "" ? " selected" : "") . ">" . htmlspecialchars(BB_Translate("None")) . "</option>"); } if (count($outputmap2)) { if (!isset($sso_session_info["sso_login_two_factor_key"])) { $sso_session_info["sso_login_two_factor_key"] = self::GenerateOTPKey(10); SSO_SaveSessionInfo(); } ob_start(); ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Choose Two-Factor Authentication Method")); ?> </div> <div class="sso_main_formdata"><select class="sso_main_dropdown sso_login_changehook_two_factor" name="<?php echo SSO_FrontendField("update_two_factor_method"); ?> "> <?php SSO_DisplaySortedOutput($outputmap2); ?> </select></div> <div class="sso_main_formdesc"><?php echo htmlspecialchars(BB_Translate($sso_settings["sso_login"]["require_two_factor"] ? "Required. Two-factor authentication vastly improves the security of your account." : "Optional. Two-factor authentication vastly improves the security of your account.")); ?> </div> <div class="sso_main_formtwofactorreset"><input id="sso_two_factor_reset" type="checkbox" name="<?php echo SSO_FrontendField("reset_two_factor_key"); ?> " value="yes"> <label for="sso_two_factor_reset"><?php echo htmlspecialchars(BB_Translate("Reset two-factor authentication security key")); ?> </label></div> </div> <?php $order = $sso_settings["sso_login"]["two_factor_order"]; SSO_AddSortedOutput($outputmap, $order, "two_factor", ob_get_contents()); ob_end_clean(); } // Add active module output. foreach ($this->activemodules as $key => &$instance) { ob_start(); $instance->GenerateUpdateInfo($userrow, $userinfo); $order = isset($sso_settings["sso_login"]["modules"][$key]["_s"]) ? $sso_settings["sso_login"]["modules"][$key]["_s"] : $instance->DefaultOrder(); SSO_AddSortedOutput($outputmap, $order, $key, ob_get_contents()); ob_end_clean(); } SSO_DisplaySortedOutput($outputmap); ?> <div class="sso_main_formsubmit"> <input type="submit" name="<?php echo SSO_FrontendField("submit"); ?> " value="<?php echo htmlspecialchars(BB_Translate("Update")); ?> " /> </div> </form> </div> </div> </div> <?php } } } else { if (isset($_REQUEST["sso_login_action"]) && $_REQUEST["sso_login_action"] == "recover2" && isset($_REQUEST["sso_method"]) && $this->IsRecoveryAllowed()) { // Load and validate the recovery options. $userrow = false; if (isset($sso_session_info["sso_login_recover"]) && isset($sso_session_info["sso_login_recover"]["id"]) && isset($sso_session_info["sso_login_recover"]["method"]) && $sso_session_info["sso_login_recover"]["method"] == $_REQUEST["sso_method"]) { try { $userrow = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "id = ?"), $sso_db_sso_login_users, $sso_session_info["sso_login_recover"]["id"]); if ($userrow) { if (!isset($userrow->username)) { $userrow->username = ""; } if (!isset($userrow->email)) { $userrow->email = ""; } if (!isset($userrow->verified)) { $userrow->verified = 1; } } } catch (Exception $e) { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_login_action=recover&sso_msg=recovery_db_error"); exit; } } if ($userrow === false) { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_login_action=recover&sso_msg=recovery_expired_invalid"); exit; } $userinfo = SSO_DecryptDBData($userrow->info); if ($userinfo === false) { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_login_action=recover&sso_msg=recovery_db_user_error"); exit; } $messagesheader = false; $messages = false; if (SSO_FrontendFieldValue("submit") === false) { if (isset($_REQUEST["sso_msg"])) { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); foreach ($this->activemodules as &$instance) { $instance->InitMessages($messages); } } } else { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); foreach ($this->activemodules as &$instance) { $instance->RecoveryCheck2($messages, false); } if (!count($messages["errors"])) { foreach ($this->activemodules as &$instance) { $instance->RecoveryCheck2($messages, $userinfo); } if (!count($messages["errors"])) { $sso_session_info["sso_login_update"] = array("id" => $userrow->id, "v" => $sso_rng->GenerateString(), "expires" => CSDB::ConvertToDBTime(time() + 30 * 60)); $sso_session_info["sso_login_two_factor_key"] = isset($userinfo["two_factor_key"]) && $userinfo["two_factor_key"] != "" ? $userinfo["two_factor_key"] : self::GenerateOTPKey(10); if (!SSO_SaveSessionInfo()) { $result["errors"][] = BB_Translate("Recovery was successful but a fatal error occurred. Fatal error: Unable to save session information."); } else { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_login_action=update_info&sso_v=" . urlencode($sso_session_info["sso_login_update"]["v"])); exit; } } } } echo $sso_header; SSO_OutputHeartbeat(); $this->OutputJS(); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <?php $this->DisplayMessages($messages, $messagesheader); ?> <div class="sso_login_signin"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </a></div> <div class="sso_main_form_wrap sso_login_recover_form"> <div class="sso_main_form_header"><?php echo htmlspecialchars(BB_Translate("Restore Access")); ?> </div> <form class="sso_main_form" name="sso_login_form" method="post" accept-charset="UTF-8" enctype="multipart/form-data" action="<?php echo htmlspecialchars($sso_target_url . "&sso_login_action=recover2&sso_method=" . urlencode($_REQUEST["sso_method"])); ?> " autocomplete="off"> <?php $outputmap = array(); foreach ($this->activemodules as $key => &$instance) { ob_start(); $instance->GenerateRecovery2($messages); $order = isset($sso_settings["sso_login"]["modules"][$key]["_s"]) ? $sso_settings["sso_login"]["modules"][$key]["_s"] : $instance->DefaultOrder(); SSO_AddSortedOutput($outputmap, $order, $key, ob_get_contents()); ob_end_clean(); } SSO_DisplaySortedOutput($outputmap); ?> <script type="text/javascript"> jQuery('input.sso_main_text:first').focus(); </script> <div class="sso_main_formsubmit"> <input type="submit" name="<?php echo SSO_FrontendField("submit"); ?> " value="<?php echo htmlspecialchars(BB_Translate("Next")); ?> " /> </div> </form> </div> </div> </div> <?php echo $sso_footer; } else { if (isset($_REQUEST["sso_login_action"]) && $_REQUEST["sso_login_action"] == "recover" && $this->IsRecoveryAllowed()) { $messagesheader = false; $messages = false; if (SSO_FrontendFieldValue("submit") === false) { if (isset($_REQUEST["sso_msg"])) { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); if ($_REQUEST["sso_msg"] == "recovery_db_error") { $messages["warnings"][] = BB_Translate("A database error occurred while attempting to load recovery information."); } else { if ($_REQUEST["sso_msg"] == "recovery_expired_invalid") { $messages["errors"][] = BB_Translate("Recovery information is expired or invalid."); } else { if ($_REQUEST["sso_msg"] == "recovery_db_user_error") { $messages["errors"][] = BB_Translate("User information in the database is corrupted."); } else { foreach ($this->activemodules as &$instance) { $instance->InitMessages($messages); } } } } } } else { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); $user = SSO_FrontendFieldValue("user_recover"); $method = SSO_FrontendFieldValue("recover_method"); if ($user === false || $user == "" || $method === false || $method == "") { $messages["errors"][] = BB_Translate("Please fill in the fields."); } else { foreach ($this->activemodules as &$instance) { $instance->RecoveryCheck($messages, false); } if (!count($messages["errors"])) { $userrow = false; if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email") { try { $userrow = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "email = ?"), $sso_db_sso_login_users, $user); if ($userrow) { if (!isset($userrow->username)) { $userrow->username = ""; } } } catch (Exception $e) { $messages["errors"][] = BB_Translate("User check failed. Database query error."); } } else { if ($sso_settings["sso_login"]["install_type"] == "username") { try { $userrow = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "username = ?"), $sso_db_sso_login_users, $user); if ($userrow) { if (!isset($userrow->email)) { $userrow->email = ""; } if (!isset($userrow->verified)) { $userrow->verified = 1; } } } catch (Exception $e) { $messages["errors"][] = BB_Translate("User check failed. Database query error."); } } else { $messages["errors"][] = BB_Translate("Login system is broken."); } } if ($userrow === false) { $messages["errors"][] = BB_Translate("Invalid login."); } else { $userinfo = SSO_DecryptDBData($userrow->info); if ($userinfo === false) { $messages["errors"][] = BB_Translate("Error loading user information."); } else { foreach ($this->activemodules as &$instance) { $instance->RecoveryCheck($messages, $userinfo); } } } if (!count($messages["errors"])) { if ($method == "email" && $userrow->email != "") { $sso_session_info["sso_login_update"] = array("id" => $userrow->id, "v" => $sso_rng->GenerateString(), "expires" => CSDB::ConvertToDBTime(time() + 30 * 60)); $sso_session_info["sso_login_two_factor_key"] = isset($userinfo["two_factor_key"]) && $userinfo["two_factor_key"] != "" ? $userinfo["two_factor_key"] : self::GenerateOTPKey(10); if (!SSO_SaveSessionInfo()) { $messages["errors"][] = BB_Translate("Login exists but a fatal error occurred. Fatal error: Unable to save session information."); } else { $fromaddr = BB_PostTranslate($sso_settings["sso_login"]["email_recover_from"] != "" ? $sso_settings["sso_login"]["email_recover_from"] : SSO_SMTP_FROM); $subject = BB_Translate($sso_settings["sso_login"]["email_recover_subject"]); $verifyurl = BB_GetRequestHost() . $sso_target_url . ($sso_settings["sso_login"]["email_session"] == "all" ? "&sso_id=" . urlencode($_REQUEST["sso_id"]) : "") . "&sso_login_action=update_info&sso_v=" . urlencode($sso_session_info["sso_login_update"]["v"]); $htmlmsg = str_ireplace(array("@USERNAME@", "@EMAIL@", "@VERIFY@"), array(htmlspecialchars($userrow->username), htmlspecialchars($userrow->email), htmlspecialchars($verifyurl)), BB_PostTranslate($sso_settings["sso_login"]["email_recover_msg"])); $textmsg = str_ireplace(array("@USERNAME@", "@EMAIL@", "@VERIFY@"), array($userrow->username, $userrow->email, $verifyurl), BB_PostTranslate($sso_settings["sso_login"]["email_recover_msg_text"])); foreach ($this->activemodules as &$instance) { $instance->ModifyEmail($userinfo, $htmlmsg, $textmsg); } $result = SSO_SendEmail($fromaddr, $userrow->email, $subject, $htmlmsg, $textmsg); if (!$result["success"]) { $messages["errors"][] = BB_Translate("Login exists but a fatal error occurred. Fatal error: Unable to send verification e-mail. %s", $result["error"]); } else { foreach ($this->activemodules as &$instance) { $instance->RecoveryDone($messages, $method, $userrow, $userinfo); } if (!count($messages["errors"])) { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_msg=recovery_email_sent"); exit; } } } } else { foreach ($this->activemodules as &$instance) { $instance->RecoveryDone($messages, $method, $userrow, $userinfo); } } } } } } echo $sso_header; SSO_OutputHeartbeat(); $this->OutputJS(); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <?php $this->DisplayMessages($messages, $messagesheader); ?> <div class="sso_login_signin"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </a></div> <div class="sso_main_form_wrap sso_login_recover_form"> <div class="sso_main_form_header"><?php echo htmlspecialchars(BB_Translate("Restore Access")); ?> </div> <form class="sso_main_form" name="sso_login_form" method="post" accept-charset="UTF-8" enctype="multipart/form-data" action="<?php echo htmlspecialchars($sso_target_url . "&sso_login_action=recover"); ?> " autocomplete="off"> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email") { echo htmlspecialchars(BB_Translate("E-mail Address")); } else { if ($sso_settings["sso_login"]["install_type"] == "username") { echo htmlspecialchars(BB_Translate("Username")); } else { echo htmlspecialchars(BB_Translate("Login system is broken.")); } } ?> </div> <div class="sso_main_formdata"><input class="sso_main_text" type="text" name="<?php echo SSO_FrontendField("user_recover"); ?> " /></div> </div> <script type="text/javascript"> jQuery('input.sso_main_text:first').focus(); </script> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Recovery Method")); ?> </div> <div class="sso_main_formdata"><select class="sso_main_dropdown" name="<?php echo SSO_FrontendField("recover_method"); ?> "> <?php $method = SSO_FrontendFieldValue("recover_method", ""); if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email") { echo "<option value=\"email\"" . ($method == "email" ? " selected" : "") . ">" . htmlspecialchars(BB_Translate("E-mail")) . "</option>"; } foreach ($this->activemodules as &$instance) { $instance->AddRecoveryMethod($method); } ?> </select></div> </div> <?php $outputmap = array(); foreach ($this->activemodules as $key => &$instance) { ob_start(); $instance->GenerateRecovery($messages); $order = isset($sso_settings["sso_login"]["modules"][$key]["_s"]) ? $sso_settings["sso_login"]["modules"][$key]["_s"] : $instance->DefaultOrder(); SSO_AddSortedOutput($outputmap, $order, $key, ob_get_contents()); ob_end_clean(); } SSO_DisplaySortedOutput($outputmap); ?> <div class="sso_main_formsubmit"> <input type="submit" name="<?php echo SSO_FrontendField("submit"); ?> " value="<?php echo htmlspecialchars(BB_Translate("Next")); ?> " /> </div> </form> </div> </div> </div> <?php echo $sso_footer; } else { if (isset($_REQUEST["sso_login_action"]) && $_REQUEST["sso_login_action"] == "two_factor") { // Check the session and load the user account. $messages = array("errors" => array(), "warnings" => array(), "success" => ""); foreach ($this->activemodules as &$instance) { $instance->TwoFactorCheck($messages, false); } $userrow = false; if (!count($messages["errors"])) { if (!isset($_REQUEST["sso_v"]) || !isset($sso_session_info["sso_login_two_factor"])) { $messages["errors"][] = BB_Translate("Invalid URL. Verification missing."); } else { if (trim($_REQUEST["sso_v"]) !== $sso_session_info["sso_login_two_factor"]["v"]) { $messages["errors"][] = BB_Translate("Invalid verification string specified."); } else { if (!isset($sso_session_info["sso_login_two_factor"]["expires"]) || CSDB::ConvertFromDBTime($sso_session_info["sso_login_two_factor"]["expires"]) < time()) { $messages["errors"][] = BB_Translate("Two-factor information is expired or invalid."); } else { try { $userrow = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "id = ?"), $sso_db_sso_login_users, $sso_session_info["sso_login_two_factor"]["id"]); if ($userrow === false) { $messages["errors"][] = BB_Translate("Two-factor information is expired or invalid."); } else { if (!isset($userrow->username)) { $userrow->username = ""; } if (!isset($userrow->email)) { $userrow->email = ""; } if (!isset($userrow->verified)) { $userrow->verified = 1; } } } catch (Exception $e) { $messages["errors"][] = BB_Translate("User check failed. Database query error."); } } } } } $method = BB_Translate("Unknown/Invalid."); if (!count($messages["errors"])) { $userinfo = SSO_DecryptDBData($userrow->info); if ($userinfo === false) { $messages["errors"][] = BB_Translate("Error loading user information."); } else { // Check the two-factor authentication method. $methods = array(); foreach ($this->activemodules as $key => &$instance) { $name = $instance->GetTwoFactorName(false); if ($name !== false) { $methods[$key] = $name; } } if (isset($userinfo["two_factor_method"]) && isset($methods[$userinfo["two_factor_method"]])) { $method = $methods[$userinfo["two_factor_method"]]; } else { $messages["errors"][] = BB_Translate("A valid two-factor authentication method for this account is not available. Use account recovery to restore access to the account."); } } } if (count($messages["errors"])) { echo $sso_header; SSO_OutputHeartbeat(); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <?php $this->DisplayMessages($messages, false); ?> <div class="sso_login_signin"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </a></div> </div> </div> <?php echo $sso_footer; } else { $messagesheader = false; $messages = false; if (SSO_FrontendFieldValue("submit") === false) { if (isset($_REQUEST["sso_msg"])) { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); foreach ($this->activemodules as &$instance) { $instance->InitMessages($messages); } } } else { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); foreach ($this->activemodules as &$instance) { $instance->TwoFactorCheck($messages, $userinfo); } if (count($messages["errors"])) { foreach ($this->activemodules as &$instance) { $instance->TwoFactorFailed($messages, $userinfo); } } else { // Login with two-factor authentication succeeded. Activate the user. $mapinfo = array(); if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email") { $mapinfo[$sso_settings["sso_login"]["map_email"]] = $userrow->email; } if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "username") { $mapinfo[$sso_settings["sso_login"]["map_username"]] = $userrow->username; } $origuserinfo = $userinfo; foreach ($this->activemodules as &$instance) { $instance->LoginAddMap($mapinfo, $userrow, $userinfo, false); } // If a module updated $userinfo, then update the database. if (serialize($userinfo) !== serialize($origuserinfo)) { $userinfo2 = SSO_EncryptDBData($userinfo); try { $sso_db->Query("UPDATE", array($sso_db_sso_login_users, array("info" => $userinfo2), "WHERE" => "id = ?"), $userrow->id); } catch (Exception $e) { $messages["errors"][] = BB_Translate("Database query error."); } } if (!count($messages["errors"])) { SSO_ActivateUser($userrow->id, $userinfo["extra"], $mapinfo, CSDB::ConvertFromDBTime($userrow->created)); // Only falls through on account lockout or a fatal error. $messages["errors"][] = BB_Translate("User activation failed."); } } } echo $sso_header; SSO_OutputHeartbeat(); $this->OutputJS(); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <?php $this->DisplayMessages($messages, $messagesheader); ?> <div class="sso_login_signin"><a href="<?php echo htmlspecialchars($sso_target_url); ?> "><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </a></div> <div class="sso_main_form_wrap sso_login_recover_form"> <div class="sso_main_form_header"><?php echo htmlspecialchars(BB_Translate("Two-Factor Authentication")); ?> </div> <form class="sso_main_form" name="sso_login_form" method="post" accept-charset="UTF-8" enctype="multipart/form-data" action="<?php echo htmlspecialchars($sso_target_url . "&sso_login_action=two_factor&sso_v=" . urlencode($_REQUEST["sso_v"])); ?> " autocomplete="off"> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Enter Two-Factor Authentication Code")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text" type="text" name="<?php echo SSO_FrontendField("two_factor_code"); ?> " /></div> <div class="sso_main_formdesc"><?php echo htmlspecialchars(BB_Translate("From %s.", $method)); ?> </div> </div> <script type="text/javascript"> jQuery('input.sso_main_text:first').focus(); </script> <div class="sso_main_formsubmit"> <input type="submit" name="<?php echo SSO_FrontendField("submit"); ?> " value="<?php echo htmlspecialchars(BB_Translate("Sign in")); ?> " /> </div> </form> </div> </div> </div> <?php echo $sso_footer; } } else { $messagesheader = false; $messages = false; if (SSO_FrontendFieldValue("submit") === false) { if (isset($_REQUEST["sso_msg"])) { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); if ($_REQUEST["sso_msg"] == "verified") { $messages["success"] = BB_Translate("Your account is ready to use."); } else { if ($_REQUEST["sso_msg"] == "verify") { $messages["warnings"][] = BB_Translate("Account must be verified before it can be used. Check your e-mail."); } else { if ($_REQUEST["sso_msg"] == "recovery_email_sent") { $messages["warnings"][] = BB_Translate("Account recovery URL sent. Check your e-mail."); } else { if ($_REQUEST["sso_msg"] == "updated") { $messages["success"] = BB_Translate("Your account information has been updated and is ready to use."); } else { if ($_REQUEST["sso_msg"] == "two_factor_auth_expired") { $messages["errors"][] = BB_Translate("Two-factor authentication expired. Sign in again."); } else { foreach ($this->activemodules as &$instance) { $instance->InitMessages($messages); } } } } } } } } else { $messages = array("errors" => array(), "warnings" => array(), "success" => ""); $user = SSO_FrontendFieldValue("user"); $password = SSO_FrontendFieldValue("password"); if ($user === false || $user == "" || $password === false || $password == "") { $messages["errors"][] = BB_Translate("Please fill in the fields."); } else { $recoveryallowed = $this->IsRecoveryAllowed(false); foreach ($this->activemodules as &$instance) { $instance->LoginCheck($messages, false, $recoveryallowed); } if (!count($messages["errors"])) { $userrow = false; if (strpos($user, "@") !== false && ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email")) { try { $userrow = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "email = ?"), $sso_db_sso_login_users, $user); if ($userrow) { $userinfo = SSO_DecryptDBData($userrow->info); if ($userinfo === false) { $userrow = false; } else { if (!isset($userrow->username)) { $userrow->username = ""; } $data = $userrow->username . ":" . $userrow->email . ":" . $userinfo["salt"] . ":" . $password; if (!self::VerifyPasswordInfo($data, $userinfo["password"], $userinfo["rounds"])) { $userrow = false; } } } } catch (Exception $e) { $messages["errors"][] = BB_Translate("Login failed. Database query error."); } } if ($userrow === false && ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "username")) { try { $userrow = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "username = ?"), $sso_db_sso_login_users, $user); if ($userrow) { $userinfo = SSO_DecryptDBData($userrow->info); if ($userinfo === false) { $userrow = false; } else { if (!isset($userrow->email)) { $userrow->email = ""; } if (!isset($userrow->verified)) { $userrow->verified = 1; } $data = $userrow->username . ":" . $userrow->email . ":" . $userinfo["salt"] . ":" . $password; if (!self::VerifyPasswordInfo($data, $userinfo["password"], $userinfo["rounds"])) { $userrow = false; } } } } catch (Exception $e) { $messages["errors"][] = BB_Translate("Login failed. Database query error."); } } if ($userrow === false) { $messages["errors"][] = BB_Translate("Invalid login."); } else { // Make sure the password is stored securely. If not, transparently update the hash information in the database. if ($userinfo["rounds"] < $sso_settings["sso_login"]["password_minrounds"]) { $userinfo["salt"] = $sso_rng->GenerateString(); $data = $userrow->username . ":" . $userrow->email . ":" . $userinfo["salt"] . ":" . $password; $passwordinfo = self::HashPasswordInfo($data, $sso_settings["sso_login"]["password_mode"], $sso_settings["sso_login"]["password_minrounds"]); if ($passwordinfo["success"]) { $userinfo["rounds"] = (int) $passwordinfo["rounds"]; $userinfo["password"] = bin2hex($passwordinfo["hash"]); $userinfo2 = SSO_EncryptDBData($userinfo); try { $sso_db->Query("UPDATE", array($sso_db_sso_login_users, array("info" => $userinfo2), "WHERE" => "id = ?"), $userrow->id); } catch (Exception $e) { $messages["errors"][] = BB_Translate("Database query error."); } } } foreach ($this->activemodules as &$instance) { $instance->LoginCheck($messages, $userinfo, $recoveryallowed); } } if (!count($messages["errors"])) { // Go to two-factor authentication page. $methods = array(); foreach ($this->activemodules as $key => &$instance) { $name = $instance->GetTwoFactorName(false); if ($name !== false) { $methods[$key] = true; } } // Resend the verification e-mail. if (!$userrow->verified) { $this->SendVerificationEmail($userrow->id, $userinfo, $messages, $userrow->username, $userrow->email); } else { if (!$recoveryallowed && SSO_FrontendFieldValue("update_info", "") == "yes") { $sso_session_info["sso_login_update"] = array("id" => $userrow->id, "v" => $sso_rng->GenerateString(), "expires" => CSDB::ConvertToDBTime(time() + 30 * 60)); $sso_session_info["sso_login_two_factor_key"] = isset($userinfo["two_factor_key"]) && $userinfo["two_factor_key"] != "" ? $userinfo["two_factor_key"] : self::GenerateOTPKey(10); if (!SSO_SaveSessionInfo()) { $messages["errors"][] = BB_Translate("Login exists but a fatal error occurred. Fatal error: Unable to save session information."); } else { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_login_action=update_info&sso_v=" . urlencode($sso_session_info["sso_login_update"]["v"])); exit; } } else { if ($sso_settings["sso_login"]["require_two_factor"] || isset($userinfo["two_factor_method"]) && $userinfo["two_factor_method"] != "" && (count($methods) || ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email"))) { if ($sso_settings["sso_login"]["require_two_factor"] && (!isset($userinfo["two_factor_method"]) || !isset($methods[$userinfo["two_factor_method"]]))) { $messages["errors"][] = BB_Translate("A valid two-factor authentication method for this account is not available. Use account recovery to restore access to the account."); } else { $sso_session_info["sso_login_two_factor"] = array("id" => $userrow->id, "v" => $sso_rng->GenerateString(), "expires" => CSDB::ConvertToDBTime(time() + 5 * 60)); if (!SSO_SaveSessionInfo()) { $messages["errors"][] = BB_Translate("Login exists but a fatal error occurred. Fatal error: Unable to save session information."); } else { $this->activemodules[$userinfo["two_factor_method"]]->SendTwoFactorCode($messages, $userrow, $userinfo); if (!count($messages["errors"])) { header("Location: " . BB_GetRequestHost() . $sso_target_url . "&sso_login_action=two_factor&sso_v=" . urlencode($sso_session_info["sso_login_two_factor"]["v"])); exit; } } } } else { // Login succeeded. Activate the user. $mapinfo = array(); if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "email") { $mapinfo[$sso_settings["sso_login"]["map_email"]] = $userrow->email; } if ($sso_settings["sso_login"]["install_type"] == "email_username" || $sso_settings["sso_login"]["install_type"] == "username") { $mapinfo[$sso_settings["sso_login"]["map_username"]] = $userrow->username; } $origuserinfo = $userinfo; foreach ($this->activemodules as &$instance) { $instance->LoginAddMap($mapinfo, $userrow, $userinfo, false); } // If a module updated $userinfo, then update the database. if (serialize($userinfo) !== serialize($origuserinfo)) { $userinfo2 = SSO_EncryptDBData($userinfo); try { $sso_db->Query("UPDATE", array($sso_db_sso_login_users, array("info" => $userinfo2), "WHERE" => "id = ?"), $userrow->id); } catch (Exception $e) { $messages["errors"][] = BB_Translate("Database query error."); } } if (!count($messages["errors"])) { SSO_ActivateUser($userrow->id, $userinfo["extra"], $mapinfo, CSDB::ConvertFromDBTime($userrow->created)); // Only falls through on account lockout or a fatal error. $messages["errors"][] = BB_Translate("User activation failed."); } } } } } } } } echo $sso_header; SSO_OutputHeartbeat(); $this->OutputJS(); ?> <div class="sso_main_wrap sso_login"> <div class="sso_main_wrap_inner"> <?php $this->DisplayMessages($messages, $messagesheader); if ($sso_settings["sso_login"]["open_reg"]) { ?> <div class="sso_login_signup"><a href="<?php echo htmlspecialchars($sso_target_url . "&sso_login_action=signup"); ?> "><?php echo htmlspecialchars(BB_Translate("Sign up")); ?> </a></div> <?php } ?> <div class="sso_main_form_wrap sso_login_signin_form"> <div class="sso_main_form_header"><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </div> <form class="sso_main_form" name="sso_login_form" method="post" accept-charset="UTF-8" enctype="multipart/form-data" action="<?php echo htmlspecialchars($sso_target_url); ?> " autocomplete="off"> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php if ($sso_settings["sso_login"]["install_type"] == "email_username") { echo htmlspecialchars(BB_Translate("Username or E-mail Address")); } else { if ($sso_settings["sso_login"]["install_type"] == "username") { echo htmlspecialchars(BB_Translate("Username")); } else { if ($sso_settings["sso_login"]["install_type"] == "email") { echo htmlspecialchars(BB_Translate("E-mail Address")); } else { echo htmlspecialchars(BB_Translate("Login system is broken.")); } } } ?> </div> <div class="sso_main_formdata"><input class="sso_main_text" type="text" name="<?php echo SSO_FrontendField("user"); ?> " /></div> </div> <script type="text/javascript"> jQuery('input.sso_main_text:first').focus(); </script> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Password")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text" type="password" name="<?php echo SSO_FrontendField("password"); ?> " /></div> </div> <?php $outputmap = array(); foreach ($this->activemodules as $key => &$instance) { ob_start(); $instance->GenerateLogin($messages); $order = isset($sso_settings["sso_login"]["modules"][$key]["_s"]) ? $sso_settings["sso_login"]["modules"][$key]["_s"] : $instance->DefaultOrder(); SSO_AddSortedOutput($outputmap, $order, $key, ob_get_contents()); ob_end_clean(); } SSO_DisplaySortedOutput($outputmap); if (!$this->IsRecoveryAllowed(false)) { ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Update Information")); ?> </div> <div class="sso_main_formdata"><input id="sso_norecovery_updateinfo" type="checkbox" name="<?php echo SSO_FrontendField("update_info"); ?> " value="yes"<?php if (SSO_FrontendFieldValue("update_info", "") == "yes") { echo " checked"; } ?> /> <label for="sso_norecovery_updateinfo">Change account information upon successful sign in</label></div> </div> <?php } ?> <div class="sso_main_formsubmit"> <input type="submit" name="<?php echo SSO_FrontendField("submit"); ?> " value="<?php echo htmlspecialchars(BB_Translate("Sign in")); ?> " /> </div> </form> </div> <?php if ($this->IsRecoveryAllowed()) { ?> <div class="sso_login_recover_changeinfo"><a href="<?php echo htmlspecialchars($sso_target_url . "&sso_login_action=recover"); ?> "><?php echo htmlspecialchars(BB_Translate("Can't access your account?")); ?> </a></div> <?php } ?> </div> </div> <?php echo $sso_footer; } } } } } } } } }
public function ProcessBBAction() { global $bb_widget, $bb_widget_id, $bb_account, $bb_revision_num; if (!BB_IsMemberOfPageGroup("_p")) { exit; } if ($_REQUEST["bb_action"] == "bb_code_edit_langmap_submit") { BB_RunPluginAction("pre_bb_code_edit_langmap_submit"); $bb_widget->langmap = $_REQUEST["langmap"]; if (!BB_SaveLangPage($bb_revision_num)) { BB_PropertyFormError("Unable to save the language mapping."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Language mapping saved.")); ?> </div> <script type="text/javascript"> window.parent.CloseProperties(); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_code_edit_langmap_submit"); } else { if ($_REQUEST["bb_action"] == "bb_code_edit_langmap") { BB_RunPluginAction("pre_bb_code_edit_langmap"); $options = array("title" => BB_Translate("Edit %s Language Map", $bb_widget->_f), "desc" => "Edit the language map. One mapping entry per line. First character indicates the termination character of the key. Empty keys are ignored.", "fields" => array(array("title" => "", "type" => "textarea", "name" => "langmap", "value" => $bb_widget->langmap, "desc" => "Example: |key|value")), "submit" => "Save", "focus" => true); BB_RunPluginActionInfo("bb_code_edit_langmap_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_code_edit_langmap"); return; } } if ($bb_account["type"] == "dev") { $types = array("init" => array("ltitle" => "init", "utitle" => "Init"), "action" => array("ltitle" => "action", "utitle" => "Action"), "prehtml" => array("ltitle" => "pre-HTML", "utitle" => "Pre-HTML"), "head" => array("ltitle" => "head", "utitle" => "Head"), "body" => array("ltitle" => "body", "utitle" => "Body")); foreach ($types as $key => $typeinfo) { if ($_REQUEST["bb_action"] == "bb_code_edit_" . $key . "_load") { BB_RunPluginAction("pre_bb_code_edit_" . $key . "_load"); if (isset($bb_widget->{$key})) { echo rawurlencode($bb_widget->{$key}); } BB_RunPluginAction("post_bb_code_edit_" . $key . "_load"); return; } else { if ($_REQUEST["bb_action"] == "bb_code_edit_" . $key . "_save") { BB_RunPluginAction("pre_bb_code_edit_" . $key . "_save"); $bb_widget->{$key} = $_REQUEST["content"]; if (!BB_SaveLangPage($bb_revision_num)) { echo htmlspecialchars(BB_Translate("Unable to save " . $typeinfo["ltitle"] . " content. Try again.")); } else { echo "OK\n"; echo "<script type=\"text/javascript\">ReloadIFrame();</script>"; } BB_RunPluginAction("post_bb_code_edit_" . $key . "_save"); return; } else { if ($_REQUEST["bb_action"] == "bb_code_edit_" . $key) { BB_RunPluginAction("pre_bb_code_edit_" . $key); ?> <script type="text/javascript"> window.parent.LoadConditionalScript(Gx__RootURL + '/' + Gx__SupportPath + '/editfile.js?_=20140418', true, function(loaded) { return ((!loaded && typeof(window.CreateEditAreaInstance) == 'function') || (loaded && !IsConditionalScriptLoading())); }, function(params) { $('#fileeditor').show(); var fileopts = { loadurl : Gx__URLBase, loadparams : <?php echo BB_CreateWidgetPropertiesJS("bb_code_edit_" . $key . "_load", array(), true); ?> , id : 'wid_<?php echo BB_JSSafe($bb_widget_id); ?> _<?php echo BB_JSSafe($key); ?> ', display : '<?php echo BB_JSSafe($bb_widget->_f . " - " . $typeinfo["utitle"]); ?> ', saveurl : Gx__URLBase, saveparams : <?php echo BB_CreateWidgetPropertiesJS("bb_code_edit_" . $key . "_save", array(), true); ?> , syntax : 'php', aceopts : { 'focus' : true, 'theme' : 'crimson_editor' } }; var editopts = { ismulti : true, closelast : ClosedAllFiles, width : '100%', height : '500px' }; CreateEditAreaInstance('fileeditor', fileopts, editopts); }); window.parent.CloseProperties(false); </script> <?php BB_RunPluginAction("post_bb_code_edit_" . $key); return; } } } } } // Pass other requests onto the action handler. if (isset($_REQUEST["action"])) { foreach ($GLOBALS as $key => $val) { if (substr($key, 0, 3) == "bb_" || substr($key, 0, 2) == "g_") { global ${$key}; } } if (isset($bb_widget->action)) { eval("?" . ">" . $bb_widget->action); } } }
public function ProcessShortcodeBBAction($parent) { global $bb_dir, $bb_pref_lang, $bb_revision_num, $bb_writeperms; $info = $this->GetInfo($parent->GetSID()); if ($_REQUEST["sc_action"] == "bb_image_upload_ajaxupload") { BB_RunPluginAction("pre_bb_content_shortcode_bb_image_upload_ajaxupload"); $msg = BB_ValidateAJAXUpload(); if ($msg != "") { echo htmlspecialchars(BB_Translate($msg)); exit; } // Use official magic numbers for each format to determine the real content type. $data = file_get_contents($_FILES["Filedata"]["tmp_name"]); $type = BB_GetImageType($data); if ($type != "gif" && $type != "jpg" && $type != "png") { echo htmlspecialchars(BB_Translate("Uploaded file is not a valid web image. Must be PNG, JPG, or GIF.")); exit; } if (!is_dir($bb_dir . "/images")) { mkdir($bb_dir . "/images", 0777, true); } $dirfile = preg_replace('/\\.+/', ".", preg_replace('/[^A-Za-z0-9_.\\-]/', "_", $bb_pref_lang . "_" . ($bb_revision_num > -1 ? $bb_revision_num . "_" : "") . trim($_FILES["Filedata"]["name"]))); if ($dirfile == ".") { $dirfile = ""; } if ($dirfile == "") { echo htmlspecialchars(BB_Translate("A filename was not specified.")); exit; } $pos = strrpos($dirfile, "."); if ($pos === false || substr($dirfile, $pos + 1) != $type) { $dirfile .= "." . $type; } if (!@move_uploaded_file($_FILES["Filedata"]["tmp_name"], $bb_dir . "/images/" . $dirfile)) { echo htmlspecialchars(BB_Translate("Unable to move temporary file to final location. Check the permissions of the target directory and destination file.")); exit; } @chmod($bb_dir . "/images/" . $dirfile, 0444 | $bb_writeperms); $info["src"] = "images/" . $dirfile; if (!$parent->SaveShortcode($info)) { echo htmlspecialchars(BB_Translate("Unable to save the shortcode.")); exit; } echo "OK"; BB_RunPluginAction("post_bb_content_shortcode_bb_image_upload_ajaxupload"); } else { if ($_REQUEST["sc_action"] == "bb_image_upload_submit") { BB_RunPluginAction("pre_bb_content_shortcode_bb_image_upload_submit"); $imginfo = BB_IsValidHTMLImage($_REQUEST["url"], array("protocol" => "http")); if (!$imginfo["success"]) { BB_PropertyFormError($imginfo["error"]); } $dirfile = preg_replace('/\\.+/', ".", preg_replace('/[^A-Za-z0-9_.\\-]/', "_", $_REQUEST["destfile"])); if ($dirfile == ".") { $dirfile = ""; } // Automatically calculate the new filename based on the URL. if ($dirfile == "") { $dirfile = $bb_pref_lang . "_" . ($bb_revision_num > -1 ? $bb_revision_num . "_" : "") . BB_MakeFilenameFromURL($imginfo["url"], $imginfo["type"]); } if (!is_dir($bb_dir . "/images")) { mkdir($bb_dir . "/images", 0777, true); } if (BB_WriteFile($bb_dir . "/images/" . $dirfile, $imginfo["data"]) === false) { BB_PropertyFormError("Unable to save the image."); } $info["src"] = "images/" . $dirfile; if (!$parent->SaveShortcode($info)) { BB_PropertyFormError("Unable to save the shortcode."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Image transferred.")); ?> </div> <script type="text/javascript"> LoadProperties(<?php echo $parent->CreateShortcodePropertiesJS(""); ?> ); ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_content_shortcode_bb_image_upload_submit"); } else { if ($_REQUEST["sc_action"] == "bb_image_upload") { $parent->CreateShortcodeUploader("", array(), "Configure Image", "Image", "image", "*.png;*.jpg;*.gif", "Web Image Files"); } else { if ($_REQUEST["sc_action"] == "bb_image_configure_submit") { BB_RunPluginAction("pre_bb_content_shortcode_bb_image_configure_submit"); $src = trim($_REQUEST["src"]); if ($info["src"] != $src) { if ($src != "") { $imginfo = BB_IsValidHTMLImage($src, array("protocol" => "http")); if (!$imginfo["success"] && function_exists("fsockopen")) { BB_PropertyFormError("'Image URL' field does not point to a valid image file."); } } $info["src"] = $src; } $info["alt"] = $_REQUEST["alt"]; $info["opt-caption"] = $_REQUEST["opt-caption"] == "enable"; $info["opt-caption-width"] = (int) $_REQUEST["opt-caption-width"]; if ($info["opt-caption-width"] < 0) { $info["opt-caption-width"] = 0; } if (!$parent->SaveShortcode($info)) { BB_PropertyFormError("Unable to save the shortcode."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Options saved.")); ?> </div> <script type="text/javascript"> CloseProperties(); ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_content_shortcode_bb_image_configure_submit"); } else { if ($_REQUEST["sc_action"] == "bb_image_configure") { BB_RunPluginAction("pre_bb_content_shortcode_bb_image_configure"); $desc = "<br />"; $desc .= $parent->CreateShortcodePropertiesLink(BB_Translate("Upload/Transfer Image"), "bb_image_upload"); $options = array("title" => "Configure Image", "desc" => "Configure the image or upload/transfer a new image.", "htmldesc" => $desc, "bb_action" => $_REQUEST["bb_action"], "hidden" => array("sid" => $parent->GetSID(), "sc_action" => "bb_image_configure_submit"), "fields" => array(array("title" => "Image URL", "type" => "text", "name" => "src", "value" => $info["src"], "desc" => "The URL of this image."), array("title" => "Alternate Text", "type" => "text", "name" => "alt", "value" => $info["alt"], "desc" => "The alternate text to display if images are not able to be seen (e.g. visually impaired visitors)."), array("title" => "Display Caption", "type" => "select", "name" => "opt-caption", "options" => array("enable" => "Enable", "disable" => "Disable"), "select" => $info["opt-caption"] ? "enable" : "disable", "desc" => "Display the alternate text as a caption below the image."), array("title" => "Caption Width", "type" => "text", "name" => "opt-caption-width", "value" => $info["opt-caption-width"], "desc" => "The width in pixels to constrain the caption to. Typically the width of the image.")), "submit" => "Save", "focus" => true); BB_RunPluginActionInfo("bb_content_shortcode_bb_image_configure_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_content_shortcode_bb_image_configure"); } } } } } }
public function ProcessFrontend() { global $sso_provider, $sso_settings, $sso_target_url, $sso_header, $sso_footer, $sso_providers; $message = ""; if (SSO_FrontendFieldValue("submit") !== false) { $username = SSO_FrontendFieldValue("username"); $password = SSO_FrontendFieldValue("password"); if ($username === false || $username == "" || $password === false || $sso_settings["sso_ldap"]["password"] && $password == "") { $message = BB_Translate("Please fill in the fields."); } else { $ldap = @ldap_connect($sso_settings["sso_ldap"]["server"]); if ($ldap === false) { $message = BB_Translate("Unable to connect to the LDAP server. Error: %s", ldap_error($ldap)); } else { $replacemap = array("," => "\\,", "\\" => "\\\\", "/" => "\\/", "#" => "\\#", "+" => "\\+", "<" => "\\<", ">" => "\\>", ";" => "\\;", "\"" => "\\\"", "=" => "\\="); $dnusername = str_replace(array_keys($replacemap), array_values($replacemap), $username); if (substr($dnusername, 0, 1) === " ") { $dnusername = "******" . $dnusername; } if (strlen($dnusername) > 2 && substr($dnusername, -1) === " ") { $dnusername = substr($dnusername, 0, -1) . "\\ "; } $dn = str_replace("@USERNAME@", $dnusername, $sso_settings["sso_ldap"]["dn"]); $userinfo = array(); @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); $result = @ldap_bind($ldap, $dn, $password); if ($result === false && ldap_errno($ldap)) { $extra = ldap_error($ldap); } else { $extra = ""; $result = @ldap_read($ldap, $dn, "objectClass=*"); if (!is_resource($result)) { $extra = ldap_error($ldap); $result = false; } else { $items = @ldap_get_entries($ldap, $result); @ldap_free_result($result); $result = $items["count"] > 0; // Boil down the results to just key-value pairs. if ($result === false) { $extra = "Unable to retrieve entries"; } else { foreach ($items[0] as $key => $val) { if (is_string($key) && $key != "count") { if (is_string($val)) { $userinfo[$key] = $val; } else { if (is_array($val) && $val["count"] > 0) { $userinfo[$key] = $val[0]; } } } } if ($sso_settings["sso_ldap"]["debug"]) { echo "LDAP fields:<br />"; echo "<table>"; foreach ($userinfo as $key => $val) { echo "<tr><td style=\"padding-right: 15px;\"><b>" . htmlspecialchars($key) . "</b></td><td>" . htmlspecialchars($val) . "</td></tr>"; } echo "</table>"; } } } } @ldap_close($ldap); if ($result === false) { $message = BB_Translate("Invalid username or password. %s.", $extra); } else { $origusername = $username; if ($sso_settings["sso_ldap"]["remove_domain"]) { $username = str_replace("\\", "/", $username); $pos = strrpos("/", $username); if ($pos !== false) { $username = substr($username, $pos + 1); } } $mapinfo = array(); $lines = explode("\n", str_replace("\r", "\n", $sso_settings["sso_ldap"]["map_custom"])); foreach ($lines as $line) { $line = trim($line); $pos = strpos($line, "="); if ($pos !== false) { $srcfield = substr($line, 0, $pos); $destfield = substr($line, $pos + 1); if (isset($userinfo[$srcfield]) && SSO_IsField($destfield)) { $mapinfo[$destfield] = $userinfo[$srcfield]; } } } $mapinfo[$sso_settings["sso_ldap"]["map_username"]] = $username; if ($sso_settings["sso_ldap"]["debug"]) { echo "Mapped fields:<br />"; echo "<table>"; foreach ($mapinfo as $key => $val) { echo "<tr><td style=\"padding-right: 15px;\"><b>" . htmlspecialchars($key) . "</b></td><td>" . htmlspecialchars($val) . "</td></tr>"; } echo "</table>"; exit; } SSO_ActivateUser($dn, serialize($sso_settings["sso_ldap"]), $mapinfo); // Only falls through on account lockout or a fatal error. $message = BB_Translate("User activation failed."); } } } } echo $sso_header; SSO_OutputHeartbeat(); ?> <script type="text/javascript"> SSO_Vars = { 'showpassword' : '<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Show password"))); ?> ' }; </script> <script type="text/javascript" src="<?php echo htmlspecialchars(SSO_ROOT_URL . "/" . SSO_PROVIDER_PATH . "/sso_ldap/sso_ldap.js"); ?> "></script> <div class="sso_main_wrap sso_ldap"> <div class="sso_main_wrap_inner"> <?php if ($message != "") { ?> <div class="sso_main_messages_wrap"> <div class="sso_main_messages"> <div class="sso_main_messageerror"><?php echo htmlspecialchars($message); ?> </div> </div> </div> <?php } ?> <div class="sso_main_form_wrap sso_ldap_signin_form"> <div class="sso_main_form_header"><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </div> <form class="sso_main_form" name="sso_ldap_form" method="post" accept-charset="UTF-8" enctype="multipart/form-data" action="<?php echo htmlspecialchars($sso_target_url); ?> "> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Username")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text" type="text" name="<?php echo SSO_FrontendField("username"); ?> " /></div> </div> <script type="text/javascript"> jQuery('input.sso_main_text:first').focus(); </script> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Password")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text" type="password" name="<?php echo SSO_FrontendField("password"); ?> " /></div> </div> <div class="sso_main_formsubmit"> <input type="submit" name="<?php echo SSO_FrontendField("submit"); ?> " value="<?php echo htmlspecialchars(BB_Translate("Sign in")); ?> " /> </div> </form> </div> <?php ?> </div> </div> <?php echo $sso_footer; }
public function ProcessBBAction() { global $bb_widget, $bb_widget_id, $bb_account, $bb_revision_num, $g_bb_content_shortcodes, $g_bb_content_security, $g_bb_content_security_path; if (!BB_IsMemberOfPageGroup("_p")) { exit; } if ($bb_account["type"] == "dev" && $_REQUEST["bb_action"] == "bb_content_configure_security_submit") { BB_RunPluginAction("pre_bb_content_configure_security_submit"); // Rebuild the security context array. $g_bb_content_security = array(); foreach ($g_bb_content_shortcodes as $sname => $info) { if (isset($info["security"])) { foreach ($info["security"] as $key => $desc) { $key2 = $sname . "|" . $key; if (isset($_REQUEST[$key2]) && $_REQUEST[$key2] != "" && ($_REQUEST[$key2] == "content" || $_REQUEST[$key2] == "design" || $_REQUEST[$key2] == "dev")) { if (!isset($g_bb_content_security[$sname])) { $g_bb_content_security[$sname] = array(); } $g_bb_content_security[$sname][$key] = $_REQUEST[$key2]; } } } } // Save security contexts. $data = "<" . "?php\n\t\$g_bb_content_security = " . BB_CreatePHPStorageData($g_bb_content_security) . ";\n?" . ">"; if (BB_WriteFile($g_bb_content_security_path, $data) === false) { BB_PropertyFormError("Unable to save the shortcode security options."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Global shortcode security options updated.")); ?> </div> <script type="text/javascript"> window.parent.CloseProperties(); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_content_configure_security_submit"); } else { if ($bb_account["type"] == "dev" && $_REQUEST["bb_action"] == "bb_content_configure_security") { BB_RunPluginAction("pre_bb_content_configure_security"); $options = array("title" => "Configure Global Shortcode Security", "desc" => "Configure the global shortcode display options based on login account type.", "fields" => array(), "submit" => "Save", "focus" => true); foreach ($g_bb_content_shortcodes as $sname => $info) { if (isset($info["security"])) { foreach ($info["security"] as $key => $desc) { if ($key == "") { $options["fields"][] = array("title" => $desc[0], "type" => "select", "name" => $sname . "|" . $key, "options" => array("dev" => "Developers only", "design" => "Developers and Web Designers", "content" => "Everyone"), "select" => isset($g_bb_content_security[$sname]) && isset($g_bb_content_security[$sname][$key]) ? $g_bb_content_security[$sname][$key] : "", "desc" => $desc[1]); } else { $options["fields"][] = array("title" => $desc[0], "type" => "select", "name" => $sname . "|" . $key, "options" => array("" => "None", "content" => "Content Editors only", "design" => "Web Designers and Content Editors", "dev" => "Everyone"), "select" => isset($g_bb_content_security[$sname]) && isset($g_bb_content_security[$sname][$key]) ? $g_bb_content_security[$sname][$key] : "", "desc" => $desc[1]); } } } } BB_RunPluginActionInfo("bb_content_configure_security_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_content_configure_security"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_load") { BB_RunPluginAction("pre_bb_content_edit_load"); if (isset($bb_widget->body)) { echo rawurlencode(UTF8::ConvertToHTML($bb_widget->body)); } else { echo rawurlencode("<p></p>"); } BB_RunPluginAction("post_bb_content_edit_load"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_save") { BB_RunPluginAction("pre_bb_content_edit_save"); $options = array("shortcodes" => true, "shortcode_placeholder" => "bb_content_shortcode_placeholder", "shortcode_ids" => array()); $shortcodes = $bb_widget->shortcodes; $base = "wid_" . htmlspecialchars($bb_widget_id) . "_"; foreach ($shortcodes as $num => $shortcode) { $options["shortcode_ids"][$base . $num] = isset($shortcode["_sn"]) && isset($g_bb_content_shortcodes[$shortcode["_sn"]]) ? htmlspecialchars($g_bb_content_shortcodes[$shortcode["_sn"]]["mainicon"]) : ""; } $bb_widget->body = BB_HTMLPurifyForWYMEditor($_REQUEST["content"], $options); if (!$this->RegenerateContent(true)) { echo htmlspecialchars(BB_Translate("Unable to save content. Try again.")); } else { echo "OK\n"; echo "<script type=\"text/javascript\">ReloadIFrame();</script>"; } BB_RunPluginAction("post_bb_content_edit_save"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_add_shortcode" && BB_IsSecExtraOpt("sname")) { BB_RunPluginAction("pre_bb_content_edit_add_shortcode"); if (!isset($_REQUEST["sname"]) || !isset($g_bb_content_shortcodes[$_REQUEST["sname"]])) { ?> <script type="text/javascript"> alert('<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Shortcode handler not found."))); ?> '); </script> <?php } else { if (!$this->IsShortcodeAllowed($_REQUEST["sname"], "")) { ?> <script type="text/javascript"> alert('<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Shortcode access denied."))); ?> '); </script> <?php } else { $sname = $_REQUEST["sname"]; $sid = count($bb_widget->shortcodes); $bb_widget->shortcodes[] = array("_sn" => $sname, "_id" => $sid); if (!BB_SaveLangPage($bb_revision_num)) { ?> <script type="text/javascript"> alert('<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Unable to add a new %s.", $g_bb_content_shortcodes[$sname]["name"]))); ?> '); </script> <?php } else { ?> <script type="text/javascript"> InsertWYMEditorContent('contenteditor', 'wid_<?php echo BB_JSSafe($bb_widget_id); ?> ', '<img id="wid_<?php echo BB_JSSafe($bb_widget_id); ?> _<?php echo $sid; ?> " class="bb_content_shortcode_placeholder" src="<?php echo htmlspecialchars(BB_JSSafe($g_bb_content_shortcodes[$sname]["mainicon"])); ?> " />'); </script> <?php } } } BB_RunPluginAction("post_bb_content_edit_add_shortcode"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_edit_shortcode" && (!isset($_REQUEST["sc_action"]) || BB_IsSecExtraOpt("sid") && BB_IsSecExtraOpt("sc_action"))) { BB_RunPluginAction("pre_bb_content_edit_edit_shortcode"); if (!isset($_REQUEST["sid"])) { BB_PropertyFormLoadError("Shortcode ID not specified."); } $sid = $_REQUEST["sid"]; $pos = strrpos($sid, "_"); if ($pos !== false) { $sid = substr($sid, $pos + 1); } $sid = (int) $sid; if (!isset($bb_widget->shortcodes[$sid]) || !isset($bb_widget->shortcodes[$sid]["_sn"])) { BB_PropertyFormLoadError("Invalid shortcode ID."); } $sname = $bb_widget->shortcodes[$sid]["_sn"]; if (!isset($g_bb_content_shortcodes[$sname])) { BB_PropertyFormLoadError("Shortcode handler not found."); } if (!$this->IsShortcodeAllowed($sname, "")) { BB_PropertyFormLoadError("Shortcode access denied."); } if (!isset($_REQUEST["sc_action"])) { $_REQUEST["sc_action"] = $sname . "_configure"; } $shortcode = "bb_content_shortcode_" . $sname; $shortcode = new $shortcode(); $this->currsid = $sid; $shortcode->ProcessShortcodeBBAction($this); BB_RunPluginAction("post_bb_content_edit_edit_shortcode"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit") { BB_RunPluginAction("pre_bb_content_edit"); ?> <script type="text/javascript"> html = '<style type="text/css">\n'; <?php foreach ($g_bb_content_shortcodes as $sname => $info) { $sname2 = preg_replace('/[^A-Za-z0-9_]/', "_", trim($sname)); ?> html += '.wym_skin_barebones .wym_buttons li.wym_tools_custom_<?php echo htmlspecialchars(BB_JSSafe($sname2)); ?> a { background-image: url(<?php echo htmlspecialchars(BB_JSSafe($info["toolbaricon"])); ?> ); background-repeat: no-repeat; }\n'; <?php } ?> html += '</style>\n'; $("head").append(html); window.bb_content_WYMEditorPostInit = function(eid, id, wym) { <?php foreach ($g_bb_content_shortcodes as $sname => $info) { if ($this->IsShortcodeAllowed($sname, "")) { $sname2 = preg_replace('/[^A-Za-z0-9_]/', "_", trim($sname)); ?> var html = '<li class="wym_tools_custom_<?php echo htmlspecialchars(BB_JSSafe($sname2)); ?> "><a name="<?php echo htmlspecialchars(BB_JSSafe($info["name"])); ?> " href="#"><?php echo htmlspecialchars(BB_JSSafe($info["name"])); ?> </a></li>'; $(wym._box).find(wym._options.toolsSelector + wym._options.toolsListSelector).append(html); $(wym._box).find('li.wym_tools_custom_<?php echo BB_JSSafe($sname2); ?> a').click(function() { $('#' + eid + '_loader').load(Gx__URLBase, <?php echo BB_CreateWidgetPropertiesJS("bb_content_edit_add_shortcode", array("sname" => $sname), true); ?> ); return false; }); <?php } } ?> $(wym._doc).bind('dblclick', function(e) { if (e.target.tagName == 'IMG' && $(e.target).hasClass('bb_content_shortcode_placeholder') && typeof(e.target.id) == 'string' && e.target.id != '') { window.parent.LoadProperties({ 'bb_action' : 'bb_content_edit_edit_shortcode', 'wid' : '<?php echo BB_JSSafe($bb_widget_id); ?> ', 'sid' : e.target.id, 'bbt' : '<?php echo BB_JSSafe(BB_CreateSecurityToken("bb_content_edit_edit_shortcode", $bb_widget_id)); ?> ' }); } }); } if (typeof(window.parent.CreateWYMEditorInstance) != 'function') { window.bb_content_ClosedAllContent = function(eid) { setTimeout(function() { DestroyWYMEditorInstance(eid); $('#' + eid).hide(); }, 250); } } window.parent.LoadConditionalScript(Gx__RootURL + '/' + Gx__SupportPath + '/editcontent.js?_=20090725', true, function(loaded) { return ((!loaded && typeof(window.CreateWYMEditorInstance) == 'function') || (loaded && !IsConditionalScriptLoading())); }, function(params) { $('#contenteditor').show(); var fileopts = { loadurl : Gx__URLBase, loadparams : <?php echo BB_CreateWidgetPropertiesJS("bb_content_edit_load", array(), true); ?> , id : 'wid_<?php echo BB_JSSafe($bb_widget_id); ?> ', display : '<?php echo BB_JSSafe($bb_widget->_f); ?> ', saveurl : Gx__URLBase, saveparams : <?php echo BB_CreateWidgetPropertiesJS("bb_content_edit_save", array(), true); ?> , wymtoolbar : 'bold,italic,superscript,subscript,pasteword,undo,redo,createlink,unlink,insertorderedlist,insertunorderedlist,indent,outdent', wymeditorpostinit : bb_content_WYMEditorPostInit }; var editopts = { ismulti : true, closelast : bb_content_ClosedAllContent, width : '100%', height : '300px' }; CreateWYMEditorInstance('contenteditor', fileopts, editopts); }); window.parent.CloseProperties2(false); </script> <?php BB_RunPluginAction("post_bb_content_edit"); } else { if (isset($_REQUEST["action"])) { // Pass other requests onto the shortcode action handler. if (isset($_REQUEST["sid"])) { $sid = (int) $_REQUEST["sid"]; if (isset($bb_widget->shortcodes[$sid]) && isset($bb_widget->shortcodes[$sid]["_sn"])) { $sname = $bb_widget->shortcodes[$sid]["_sn"]; if (isset($g_bb_content_shortcodes[$sname])) { $shortcode = "bb_content_shortcode_" . $sname; $shortcode = new $shortcode(); $this->currsid = $sid; $shortcode->ProcessShortcodeAction($this); } } } } } } } } } } } }
public function GenerateSignup($admin) { if ($admin) { return false; } $info = $this->GetInfo(); if ($info["terms"] != "" || $info["privacy"] != "") { $terms = Str::ReplaceNewlines("\n", trim($info["terms"])); if ($terms != "") { if (strpos($terms, "\n") === false && (strtolower(substr($terms, 0, 7)) == "http://" || strtolower(substr($terms, 0, 8)) == "https://")) { $termsurl = "<a href=\"" . htmlspecialchars($terms) . "\" target=\"_blank\">" . htmlspecialchars(BB_Translate("Terms of Service")) . "</a>"; } else { $termsurl = htmlspecialchars(BB_Translate("Terms of Service")); ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Terms of Service")); ?> </div> <div class="sso_main_formdata"><textarea class="sso_main_textarea"><?php echo htmlspecialchars($terms); ?> </textarea></div> </div> <?php } } $privacy = Str::ReplaceNewlines("\n", trim($info["privacy"])); if ($privacy != "") { if (strpos($privacy, "\n") === false && (strtolower(substr($privacy, 0, 7)) == "http://" || strtolower(substr($privacy, 0, 8)) == "https://")) { $privacyurl = "<a href=\"" . htmlspecialchars($privacy) . "\" target=\"_blank\">" . htmlspecialchars(BB_Translate("Privacy Policy")) . "</a>"; } else { $privacyurl = htmlspecialchars(BB_Translate("Privacy Policy")); ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Privacy Policy")); ?> </div> <div class="sso_main_formdata"><textarea class="sso_main_textarea"><?php echo htmlspecialchars($privacy); ?> </textarea></div> </div> <?php } } if ($terms != "" && $privacy != "") { $display = BB_Translate("I agree to the %s and %s.", $termsurl, $privacyurl); } else { if ($terms != "") { $display = BB_Translate("I agree to the %s.", $termsurl); } else { $display = BB_Translate("I agree to the %s.", $privacyurl); } } ?> <div class="sso_main_formitem"> <div class="sso_main_formdata"><input class="sso_main_checkbox" type="checkbox" id="<?php echo SSO_FrontendField("sso_login_tos"); ?> " name="<?php echo SSO_FrontendField("sso_login_tos"); ?> " value="yes"<?php echo SSO_FrontendFieldValue("sso_login_tos") == "yes" ? " checked" : ""; ?> /> <label for="<?php echo SSO_FrontendField("sso_login_tos"); ?> "><?php echo $display; ?> </label></div> </div> <script type="text/javascript"> jQuery('#<?php echo SSO_FrontendField("sso_login_tos"); ?> ').parent().find('label a').click(function(e) { e.preventDefault(); window.open(jQuery(this).attr('href')); }); </script> <?php } }
public function GenerateRecovery2($messages) { if ($_REQUEST["sso_method"] == "sso_sms_recovery") { ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Recovery Phrase")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text" type="text" name="<?php echo SSO_FrontendField("sso_login_sms_recovery_phrase"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue("sso_login_sms_recovery_phrase", "")); ?> " /></div> <div class="sso_main_formdesc"><?php echo htmlspecialchars(BB_Translate("Enter the recovery phrase that was sent via text message (SMS).")); ?> </div> </div> <?php } }
function BB_PropertyFormLoadError($message, $alt = false) { BB_RunPluginActionInfo("pre_bb_propertyformloaderror", $message); ?> <div class="error"><?php echo htmlspecialchars(BB_Translate($message)); ?> </div> <script type="text/javascript"> CloseProperties<?php if ($alt) { echo "2"; } ?> (); </script> <?php exit; }
private function DisplayreCAPTCHA($info) { global $sso_session_info; if ($info["publickey"] != "" && $info["privatekey"] != "" && (!$info["remember"] || !isset($sso_session_info["sso_recaptcha_passed"]) || !$sso_session_info["sso_recaptcha_passed"])) { ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Human Verification")); ?> </div> <script src="https://www.google.com/recaptcha/api.js"></script> <div class="g-recaptcha" data-sitekey="<?php echo htmlspecialchars($info["publickey"]); ?> " data-theme="<?php echo htmlspecialchars($info["theme2"]); ?> "></div> <noscript><div class="sso_main_formdesc"><?php echo htmlspecialchars(BB_Translate("You must enable Javascript to use this page.")); ?> </div></noscript> </div> <?php } }
public function GetTwoFactorName() { return BB_Translate("Google Authenticator"); }