/** * Get an existing story * * @param array args Contains all the data provided by the client * @param string &output OUTPUT parameter containing the returned text * @return int Response code as defined in lib-plugins.php */ function service_get_story($args, &$output, &$svc_msg) { global $_CONF, $_TABLES, $_USER; $output = array(); $retval = ''; if (!isset($_CONF['atom_max_stories'])) { $_CONF['atom_max_stories'] = 10; // set a resonable default } $svc_msg['output_fields'] = array('draft_flag', 'hits', 'numemails', 'comments', 'trackbacks', 'featured', 'commentcode', 'statuscode', 'expire_date', 'postmode', 'advanced_editor_mode', 'frontpage', 'owner_id', 'group_id', 'perm_owner', 'perm_group', 'perm_members', 'perm_anon'); if (empty($args['sid']) && !empty($args['id'])) { $args['sid'] = $args['id']; } if ($args['gl_svc']) { if (isset($args['mode'])) { $args['mode'] = COM_applyBasicFilter($args['mode']); } if (isset($args['sid'])) { $args['sid'] = COM_applyBasicFilter($args['sid']); } if (empty($args['sid'])) { $svc_msg['gl_feed'] = true; } else { $svc_msg['gl_feed'] = false; } } else { $svc_msg['gl_feed'] = false; } if (empty($args['mode'])) { $args['mode'] = 'view'; } if (!$svc_msg['gl_feed']) { $sid = $args['sid']; $mode = $args['mode']; $story = new Story(); $retval = $story->loadFromDatabase($sid, $mode); if ($retval != STORY_LOADED_OK) { $output = $retval; return PLG_RET_ERROR; } reset($story->_dbFields); while (list($fieldname, $save) = each($story->_dbFields)) { $varname = '_' . $fieldname; $output[$fieldname] = $story->{$varname}; } $output['username'] = $story->_username; $output['fullname'] = $story->_fullname; if ($args['gl_svc']) { if ($output['statuscode'] == STORY_ARCHIVE_ON_EXPIRE || $output['statuscode'] == STORY_DELETE_ON_EXPIRE) { // This date format is PHP 5 only, // but only the web-service uses the value $output['expire_date'] = date('c', $output['expire']); } $output['id'] = $output['sid']; $output['category'] = array($output['tid']); $output['published'] = date('c', $output['date']); $output['updated'] = date('c', $output['date']); if (empty($output['bodytext'])) { $output['content'] = $output['introtext']; } else { $output['content'] = $output['introtext'] . LB . '[page_break]' . LB . $output['bodytext']; } $output['content_type'] = $output['postmode'] == 'html' ? 'html' : 'text'; $owner_data = SESS_getUserDataFromId($output['owner_id']); $output['author_name'] = $owner_data['username']; $output['link_edit'] = $sid; } } else { $output = array(); $mode = $args['mode']; $sql = array(); if (isset($args['offset'])) { $offset = COM_applyBasicFilter($args['offset'], true); } else { $offset = 0; } $max_items = $_CONF['atom_max_stories'] + 1; $limit = " LIMIT {$offset}, {$max_items}"; $limit_pgsql = " LIMIT {$max_items} OFFSET {$offset}"; $order = " ORDER BY unixdate DESC"; $sql['mysql'] = "SELECT s.*, UNIX_TIMESTAMP(s.date) AS unixdate, UNIX_TIMESTAMP(s.expire) as expireunix, " . "u.username, u.fullname, u.photo, u.email, t.topic, t.imageurl " . "FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, {$_TABLES['topics']} AS t " . "WHERE (s.uid = u.uid) AND (s.tid = t.tid)" . COM_getPermSQL('AND', $_USER['uid'], 2, 's') . $order . $limit; $sql['pgsql'] = "SELECT s.*, UNIX_TIMESTAMP(s.date) AS unixdate, UNIX_TIMESTAMP(s.expire) as expireunix, u.username, u.fullname, u.photo, u.email, t.topic, t.imageurl FROM stories s, users u, topics t WHERE (s.uid = u.uid) AND (s.tid = t.tid) FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, {$_TABLES['topics']} AS t WHERE (s.uid = u.uid) AND (s.tid = t.tid)" . COM_getPermSQL('AND', $_USER['uid'], 2, 's') . $order . $limit_pgsql; $result = DB_query($sql); $count = 0; while (($story_array = DB_fetchArray($result, false)) !== false) { $count += 1; if ($count == $max_items) { $svc_msg['offset'] = $offset + $_CONF['atom_max_stories']; break; } $story = new Story(); $story->loadFromArray($story_array); // This access check is not strictly necessary $access = SEC_hasAccess($story_array['owner_id'], $story_array['group_id'], $story_array['perm_owner'], $story_array['perm_group'], $story_array['perm_members'], $story_array['perm_anon']); $story->_access = min($access, SEC_hasTopicAccess($story->_tid)); if ($story->_access == 0) { continue; } $story->sanitizeData(); reset($story->_dbFields); $output_item = array(); while (list($fieldname, $save) = each($story->_dbFields)) { $varname = '_' . $fieldname; $output_item[$fieldname] = $story->{$varname}; } if ($args['gl_svc']) { if ($output_item['statuscode'] == STORY_ARCHIVE_ON_EXPIRE || $output_item['statuscode'] == STORY_DELETE_ON_EXPIRE) { // This date format is PHP 5 only, // but only the web-service uses the value $output_item['expire_date'] = date('c', $output_item['expire']); } $output_item['id'] = $output_item['sid']; $output_item['category'] = array($output_item['tid']); $output_item['published'] = date('c', $output_item['date']); $output_item['updated'] = date('c', $output_item['date']); if (empty($output_item['bodytext'])) { $output_item['content'] = $output_item['introtext']; } else { $output_item['content'] = $output_item['introtext'] . LB . '[page_break]' . LB . $output_item['bodytext']; } $output_item['content_type'] = $output_item['postmode'] == 'html' ? 'html' : 'text'; $owner_data = SESS_getUserDataFromId($output_item['owner_id']); $output_item['author_name'] = $owner_data['username']; } $output[] = $output_item; } } return PLG_RET_OK; }
/** * Get an existing static page * * @param array args Contains all the data provided by the client * @param string &output OUTPUT parameter containing the returned text * @param string &svc_msg OUTPUT parameter containing any service messages * @return int Response code as defined in lib-plugins.php */ function service_get_staticpages($args, &$output, &$svc_msg) { global $_CONF, $_TABLES, $LANG_ACCESS, $LANG12, $LANG_STATIC, $_SP_CONF; $output = ''; $svc_msg['output_fields'] = array('sp_hits', 'sp_format', 'draft_flag', 'owner_id', 'group_id', 'perm_owner', 'perm_group', 'perm_members', 'perm_anon', 'sp_help', 'sp_php', 'sp_inblock', 'commentcode'); if (empty($args['sp_id']) && !empty($args['id'])) { $args['sp_id'] = $args['id']; } if ($args['gl_svc']) { if (isset($args['sp_id'])) { $args['sp_id'] = COM_applyBasicFilter($args['sp_id']); } if (isset($args['mode'])) { $args['mode'] = COM_applyBasicFilter($args['mode']); } if (empty($args['sp_id'])) { $svc_msg['gl_feed'] = true; } else { $svc_msg['gl_feed'] = false; } } else { $svc_msg['gl_feed'] = false; } if (!$svc_msg['gl_feed']) { $page = ''; if (isset($args['sp_id'])) { $page = $args['sp_id']; } $mode = ''; if (isset($args['mode'])) { $mode = $args['mode']; } $error = 0; if ($page == '') { $error = 1; } $perms = SP_getPerms(); if (!SEC_hasRights('staticpages.edit')) { if (!empty($perms)) { $perms .= ' AND'; } $perms .= '(draft_flag = 0)'; } if (!empty($perms)) { $perms = ' AND ' . $perms; } $sql = array(); $sql['mysql'] = "SELECT sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format," . "commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '{$page}')" . $perms; $sql['mssql'] = "SELECT sp_title,sp_page_title," . "CAST(sp_content AS text) AS sp_content,sp_hits," . "created,modified,sp_format,commentcode," . "CAST(meta_description AS text) AS meta_description," . "CAST(meta_keywords AS text) AS meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group,perm_members," . "perm_anon,sp_tid,sp_help,sp_php,sp_inblock " . "FROM {$_TABLES['staticpage']} WHERE (sp_id = '{$page}')" . $perms; $sql['pgsql'] = "SELECT sp_title,sp_page_title,sp_content,sp_hits," . "created,modified,sp_format," . "commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '{$page}')" . $perms; $result = DB_query($sql); $count = DB_numRows($result); if ($count == 0 || $count > 1) { $error = 1; } if (!$error) { $output = DB_fetchArray($result, false); // WE ASSUME $output doesn't have any confidential fields if ($output['template_id'] != '') { $retval = ''; $mode = ''; $xmlObject = simplexml_load_string($output['sp_content']); // create array of XML data $tag = array(); foreach ($xmlObject->variable as $variable) { $key = $variable["name"] . ''; $value = $variable->data; $tag[$key] = $value; } // Loop through variables to replace any autotags first foreach ($tag as &$value) { $value = PLG_replaceTags($value); } $args = array('sp_id' => $output['template_id'], 'mode' => $mode, 'gl_svc' => ''); $svc_msg = array(); if (PLG_invokeService('staticpages', 'get', $args, $retval, $svc_msg) == PLG_RET_OK) { $retval['sp_content'] = str_replace(array_keys($tag), array_values($tag), $retval['sp_content']); $output['sp_content'] = $retval['sp_content']; } } } else { // an error occured (page not found, access denied, ...) /** * if the user has edit permissions and the page does not exist, * send them to the editor so they can create it "wiki style" */ $create_page = false; if ($mode !== 'autotag' && $count == 0 && SEC_hasRights('staticpages.edit')) { // check again without permissions if (DB_count($_TABLES['staticpage'], 'sp_id', $page) == 0) { $url = $_CONF['site_admin_url'] . '/plugins/staticpages/index.php?mode=edit&sp_new_id=' . $page . '&msg=21'; $output = COM_refresh($url); $create_page = true; } } if (!$create_page) { if (empty($page)) { $failflg = 0; } else { $failflg = DB_getItem($_TABLES['staticpage'], 'sp_nf', "sp_id = '{$page}'"); } if ($failflg) { if ($mode !== 'autotag') { $output = COM_siteHeader('menu'); } $output .= SEC_loginRequiredForm(); if ($mode !== 'autotag') { $output .= COM_siteFooter(true); } } else { if ($mode !== 'autotag') { $output = COM_siteHeader('menu'); } $output .= COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')); $output .= $LANG_STATIC['deny_msg']; $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); if ($mode !== 'autotag') { $output .= COM_siteFooter(true); } } } return PLG_RET_ERROR; } if ($args['gl_svc']) { // This date format is PHP 5 only, // but only the web-service uses the value $output['published'] = date('c', strtotime($output['created'])); $output['updated'] = date('c', strtotime($output['modified'])); $output['id'] = $page; $output['title'] = $output['sp_title']; $output['page_title'] = $output['sp_page_title']; $output['category'] = array($output['sp_tid']); $output['content'] = $output['sp_content']; $output['content_type'] = 'html'; $owner_data = SESS_getUserDataFromId($output['owner_id']); $output['author_name'] = $owner_data['username']; $output['link_edit'] = $page; } } else { $output = array(); $mode = ''; if (isset($args['mode'])) { $mode = $args['mode']; } $perms = SP_getPerms(); if (!empty($perms)) { $perms = ' WHERE ' . $perms; } $offset = 0; if (isset($args['offset'])) { $offset = COM_applyBasicFilter($args['offset'], true); } $max_items = $_SP_CONF['atom_max_items'] + 1; $limit = " LIMIT {$offset}, {$max_items}"; $order = " ORDER BY modified DESC"; $sql = array(); $sql['mysql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit; $sql['mssql'] = "SELECT sp_id,sp_title,sp_page_title,CAST(sp_content AS text) AS sp_content,sp_hits," . "created,modified,sp_format,CAST(meta_description AS text) AS meta_description,CAST(meta_keywords AS text) AS meta_keywords,template_flag,template_id,draft_flag,owner_id,group_id,perm_owner,perm_group,perm_members," . "perm_anon,sp_tid,sp_help,sp_php,sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit; $sql['pgsql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit; $result = DB_query($sql); $count = 0; while (($output_item = DB_fetchArray($result, false)) !== false) { // WE ASSUME $output doesn't have any confidential fields $count += 1; if ($count == $max_items) { $svc_msg['offset'] = $offset + $_SP_CONF['atom_max_items']; break; } if ($args['gl_svc']) { // This date format is PHP 5 only, but only the web-service uses the value $output_item['published'] = date('c', strtotime($output_item['created'])); $output_item['updated'] = date('c', strtotime($output_item['modified'])); $output_item['id'] = $output_item['sp_id']; $output_item['title'] = $output_item['sp_title']; $output_item['page_title'] = $output_item['sp_page_title']; $output_item['category'] = array($output_item['sp_tid']); $output_item['content'] = $output_item['sp_content']; $output_item['content_type'] = 'html'; $owner_data = SESS_getUserDataFromId($output_item['owner_id']); $output_item['author_name'] = $owner_data['username']; } $output[] = $output_item; } } return PLG_RET_OK; }
/** * This gets the state for the user * * Much of this code if from phpBB (www.phpbb.org). This checks the session * cookie and long term cookie to get the users state. * * @return array returns $_USER array * */ function SESS_sessionCheck() { global $_CONF, $_TABLES, $_USER, $_SESS_VERBOSE; if ($_SESS_VERBOSE) { COM_errorLog("***Inside SESS_sessionCheck***", 1); } unset($_USER); // We MUST do this up here, so it's set even if the cookie's not present. $user_logged_in = 0; $logged_in = 0; $userdata = array(); // Check for a cookie on the users's machine. If the cookie exists, build // an array of the users info and setup the theme. if (isset($_COOKIE[$_CONF['cookie_session']])) { $sessid = COM_applyFilter($_COOKIE[$_CONF['cookie_session']]); if ($_SESS_VERBOSE) { COM_errorLog("got {$sessid} as the session id from lib-sessions.php", 1); } $userid = SESS_getUserIdFromSession($sessid, $_CONF['session_cookie_timeout'], $_SERVER['REMOTE_ADDR'], $_CONF['cookie_ip']); if ($_SESS_VERBOSE) { COM_errorLog("Got {$userid} as User ID from the session ID", 1); } if ($userid > 1) { // Check user status $status = SEC_checkUserStatus($userid); if ($status == USER_ACCOUNT_ACTIVE || $status == USER_ACCOUNT_AWAITING_ACTIVATION) { $user_logged_in = 1; SESS_updateSessionTime($sessid, $_CONF['cookie_ip']); $userdata = SESS_getUserDataFromId($userid); if ($_SESS_VERBOSE) { COM_errorLog("Got " . count($userdata) . " pieces of data from userdata", 1); COM_errorLog(COM_debug($userdata), 1); } $_USER = $userdata; $_USER['auto_login'] = false; } } else { // Session probably expired, now check permanent cookie if (isset($_COOKIE[$_CONF['cookie_name']])) { $userid = $_COOKIE[$_CONF['cookie_name']]; if (empty($userid) || $userid == 'deleted') { unset($userid); } else { $userid = COM_applyFilter($userid, true); $cookie_password = ''; $userpass = ''; if ($userid > 1 && isset($_COOKIE[$_CONF['cookie_password']])) { $cookie_password = $_COOKIE[$_CONF['cookie_password']]; $userpass = DB_getItem($_TABLES['users'], 'passwd', "uid = {$userid}"); } if (empty($cookie_password) || $cookie_password != $userpass) { // User may have modified their UID in cookie, ignore them } else { if ($userid > 1) { // Check user status $status = SEC_checkUserStatus($userid); if ($status == USER_ACCOUNT_ACTIVE || $status == USER_ACCOUNT_AWAITING_ACTIVATION) { $user_logged_in = 1; $sessid = SESS_newSession($userid, $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']); SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']); $userdata = SESS_getUserDataFromId($userid); $_USER = $userdata; $_USER['auto_login'] = true; } } } } } } } else { if ($_SESS_VERBOSE) { COM_errorLog('session cookie not found from lib-sessions.php', 1); } // Check if the persistent cookie exists if (isset($_COOKIE[$_CONF['cookie_name']])) { // Session cookie doesn't exist but a permanent cookie does. // Start a new session cookie; if ($_SESS_VERBOSE) { COM_errorLog('perm cookie found from lib-sessions.php', 1); } $userid = $_COOKIE[$_CONF['cookie_name']]; if (empty($userid) || $userid == 'deleted') { unset($userid); } else { $userid = COM_applyFilter($userid, true); $cookie_password = ''; $userpass = ''; if ($userid > 1 && isset($_COOKIE[$_CONF['cookie_password']])) { $userpass = DB_getItem($_TABLES['users'], 'passwd', "uid = {$userid}"); $cookie_password = $_COOKIE[$_CONF['cookie_password']]; } if (empty($cookie_password) || $cookie_password != $userpass) { // User could have modified UID in cookie, don't do shit } else { if ($userid > 1) { // Check user status $status = SEC_checkUserStatus($userid); if ($status == USER_ACCOUNT_ACTIVE || $status == USER_ACCOUNT_AWAITING_ACTIVATION) { $user_logged_in = 1; // Create new session and write cookie $sessid = SESS_newSession($userid, $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']); SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']); $userdata = SESS_getUserDataFromId($userid); $_USER = $userdata; $_USER['auto_login'] = true; } } } } } } if ($_SESS_VERBOSE) { COM_errorLog("***Leaving SESS_sessionCheck***", 1); } // Ensure $_USER is set to avoid warnings (path exposure...) if (isset($_USER)) { return $_USER; } else { return NULL; } }
/** * Authenticates the user if authentication headers are present * * Our handling of the speedlimit here requires some explanation ... * Atompub clients will usually try to do everything without logging in first. * Since that would mean that we can't provide feeds for drafts, items with * special permissions, etc. we ask them to log in (PLG_RET_AUTH_FAILED). * That, however, means that every request from an Atompub client will count * as one failed login attempt. So doing a couple of requests in quick * succession will surely get the client blocked. Therefore * - a request without any login credentials counts as one failed login attempt * - a request with wrong login credentials counts as two failed login attempts * - if, after a successful login, we have only one failed attempt on record, * we reset the speedlimit * This still ensures that * - repeated failed logins (without or with invalid credentials) will cause the * client to be blocked eventually * - this can not be used for dictionary attacks * */ function WS_authenticate() { global $_CONF, $_TABLES, $_USER, $_GROUPS, $_RIGHTS, $WS_VERBOSE; $uid = ''; $username = ''; $password = ''; $status = -1; if (isset($_SERVER['PHP_AUTH_USER'])) { $username = COM_applyBasicFilter($_SERVER['PHP_AUTH_USER']); $password = $_SERVER['PHP_AUTH_PW']; if ($WS_VERBOSE) { COM_errorLog("WS: Attempting to log in user '{$username}'"); } /** this does not work! ******************************************************* } elseif (!empty($_SERVER['HTTP_X_WSSE']) && (strpos($_SERVER['HTTP_X_WSSE'], 'UsernameToken') !== false)) { // this is loosely based on a code snippet taken from Elgg (elgg.org) $wsse = str_replace('UsernameToken', '', $_SERVER['HTTP_X_WSSE']); $wsse = explode(',', $wsse); $username = ''; $pwdigest = ''; $created = ''; $nonce = ''; foreach ($wsse as $element) { $element = explode('=', $element); $key = array_shift($element); if (count($element) == 1) { $val = $element[0]; } else { $val = implode('=', $element); } $key = trim($key); $val = trim($val, "\x22\x27"); if ($key == 'Username') { $username = COM_applyBasicFilter($val); } elseif ($key == 'PasswordDigest') { $pwdigest = $val; } elseif ($key == 'Created') { $created = $val; } elseif ($key == 'Nonce') { $nonce = $val; } } if (!empty($username) && !empty($pwdigest) && !empty($created) && !empty($nonce)) { $uname = DB_escapeString($username); $pwd = DB_getItem($_TABLES['users'], 'passwd', "username = '******'"); // ... and here we would need the _unencrypted_ password if (!empty($pwd)) { $mydigest = pack('H*', sha1($nonce . $created . $pwd)); $mydigest = base64_encode($mydigest); if ($pwdigest == $mydigest) { $password = $pwd; } } } if ($WS_VERBOSE) { COM_errorLog("WS: Attempting to log in user '$username' (via WSSE)"); } ******************************************************************************/ } elseif (!empty($_SERVER['REMOTE_USER'])) { /* PHP installed as CGI may not have access to authorization headers of * Apache. In that case, use .htaccess to store the auth header as * explained at * http://wiki.geeklog.net/wiki/index.php/Webservices_API#Authentication */ list($auth_type, $auth_data) = explode(' ', $_SERVER['REMOTE_USER']); list($username, $password) = explode(':', base64_decode($auth_data)); $username = COM_applyBasicFilter($username); if ($WS_VERBOSE) { COM_errorLog("WS: Attempting to log in user '{$username}' (via \$_SERVER['REMOTE_USER'])"); } } else { if ($WS_VERBOSE) { COM_errorLog("WS: No login given"); } // fallthrough (see below) } COM_clearSpeedlimit($_CONF['login_speedlimit'], 'wsauth'); if (COM_checkSpeedlimit('wsauth', $_CONF['login_attempts']) > 0) { WS_error(PLG_RET_PERMISSION_DENIED, 'Speed Limit exceeded'); } if (!empty($username) && !empty($password)) { if ($_CONF['user_login_method']['3rdparty']) { // remote users will have to use username@servicename $u = explode('@', $username); if (count($u) > 1) { $sv = $u[count($u) - 1]; if (!empty($sv)) { $modules = SEC_collectRemoteAuthenticationModules(); foreach ($modules as $smod) { if (strcasecmp($sv, $smod) == 0) { array_pop($u); // drop the service name $uname = implode('@', $u); $status = SEC_remoteAuthentication($uname, $password, $smod, $uid); break; } } } } } if ($status == -1 && $_CONF['user_login_method']['standard']) { $status = SEC_authenticate($username, $password, $uid); } } if ($status == USER_ACCOUNT_ACTIVE) { $_USER = SESS_getUserDataFromId($uid); PLG_loginUser($_USER['uid']); // Global array of groups current user belongs to $_GROUPS = SEC_getUserGroups($_USER['uid']); // Global array of current user permissions [read,edit] $_RIGHTS = explode(',', SEC_getUserPermissions()); if ($_CONF['restrict_webservices']) { if (!SEC_hasRights('webservices.atompub')) { COM_updateSpeedlimit('wsauth'); if ($WS_VERBOSE) { COM_errorLog("WS: User '{$_USER['username']}' ({$_USER['uid']}) does not have permission to use the webservices"); } // reset user, groups, and rights, just in case ... $_USER = array(); $_GROUPS = array(); $_RIGHTS = array(); WS_error(PLG_RET_AUTH_FAILED); } } if ($WS_VERBOSE) { COM_errorLog("WS: User '{$_USER['username']}' ({$_USER['uid']}) successfully logged in"); } // if there were less than 2 failed login attempts, reset speedlimit if (COM_checkSpeedlimit('wsauth', 2) == 0) { if ($WS_VERBOSE) { COM_errorLog("WS: Successful login - resetting speedlimit"); } COM_resetSpeedlimit('wsauth'); } } else { COM_updateSpeedlimit('wsauth'); if (!empty($username) && !empty($password)) { COM_updateSpeedlimit('wsauth'); if ($WS_VERBOSE) { COM_errorLog("WS: Wrong login credentials - counting as 2 failed attempts"); } } elseif ($WS_VERBOSE) { COM_errorLog("WS: Empty login credentials - counting as 1 failed attempt"); } WS_error(PLG_RET_AUTH_FAILED); } }
/** * Get an existing static page * * @param array args Contains all the data provided by the client * @param string &output OUTPUT parameter containing the returned text * @param string &svc_msg OUTPUT parameter containing any service messages * @return int Response code as defined in lib-plugins.php */ function service_get_staticpages($args, &$output, &$svc_msg) { global $_CONF, $_TABLES, $LANG_ACCESS, $LANG12, $LANG_STATIC, $_SP_CONF, $topic; $output = ''; $svc_msg['output_fields'] = array('sp_hits', 'sp_format', 'draft_flag', 'cache_time', 'owner_id', 'group_id', 'perm_owner', 'perm_group', 'perm_members', 'perm_anon', 'sp_help', 'sp_php', 'sp_inblock', 'commentcode'); if (empty($args['sp_id']) && !empty($args['id'])) { $args['sp_id'] = $args['id']; } if ($args['gl_svc']) { if (isset($args['sp_id'])) { $args['sp_id'] = COM_applyBasicFilter($args['sp_id']); } if (isset($args['mode'])) { $args['mode'] = COM_applyBasicFilter($args['mode']); } if (empty($args['sp_id'])) { $svc_msg['gl_feed'] = true; } else { $svc_msg['gl_feed'] = false; } } else { $svc_msg['gl_feed'] = false; } if (!$svc_msg['gl_feed']) { $page = ''; if (isset($args['sp_id'])) { $page = $args['sp_id']; } $mode = ''; if (isset($args['mode'])) { $mode = $args['mode']; } $error = 0; if ($page == '') { $error = 1; } $perms = SP_getPerms(); if (!SEC_hasRights('staticpages.edit')) { if (!empty($perms)) { $perms .= ' AND'; } $perms .= '(draft_flag = 0)'; } if (!empty($perms)) { $perms = ' AND ' . $perms; } // Topic Permissions $topic_perms = COM_getTopicSQL('', 0, 'ta'); if ($topic_perms != "") { $topic_perms = " AND (" . $topic_perms . ""; if (COM_onFrontpage()) { $topic_perms .= " OR (ta.tid = '" . TOPIC_HOMEONLY_OPTION . "' OR ta.tid = '" . TOPIC_ALL_OPTION . "'))"; } else { // $topic_perms .= " OR ta.tid = '" . TOPIC_ALL_OPTION . "')"; $topic_perms .= " OR (ta.tid = '" . TOPIC_HOMEONLY_OPTION . "' OR ta.tid = '" . TOPIC_ALL_OPTION . "'))"; } } $topic_perms .= " GROUP BY sp_id"; $sql = array(); $sql['mysql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format," . "commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_help,sp_php,sp_inblock,cache_time " . "FROM {$_TABLES['staticpage']}, {$_TABLES['topic_assignments']} ta " . "WHERE (sp_id = '{$page}')" . $perms . " AND ta.type = 'staticpages' AND ta.id = sp_id " . $topic_perms; $sql['pgsql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits," . "created,modified,sp_format," . "commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_help,sp_php,sp_inblock,cache_time " . "sp_inblock FROM {$_TABLES['staticpage']}, {$_TABLES['topic_assignments']} ta " . "WHERE (sp_id = '{$page}')" . $perms . " AND ta.type = 'staticpages' AND ta.id = sp_id " . $topic_perms; $result = DB_query($sql); $count = DB_numRows($result); if ($count == 0 || $count > 1) { $error = 1; } if (!$error) { $output = DB_fetchArray($result, false); $page = $output['sp_id']; // reset page id so case mimics id perfectly since this affects the cache file and canonical link // WE ASSUME $output doesn't have any confidential fields // Generate output now (omly if not grabing a template since template is combined with variables first and then generated) if (!isset($args['template'])) { $output['sp_content'] = SP_render_content($page, $output['sp_content'], $output['sp_php'], $output['cache_time'], $output['template_id']); } } else { // an error occured (page not found, access denied, ...) /** * if the user has edit permissions and the page does not exist, * send them to the editor so they can create it "wiki style" */ $create_page = false; if ($mode !== 'autotag' && $count == 0 && SEC_hasRights('staticpages.edit')) { // check again without permissions if (DB_count($_TABLES['staticpage'], 'sp_id', $page) == 0) { $url = $_CONF['site_admin_url'] . '/plugins/staticpages/index.php?mode=edit&sp_new_id=' . $page . '&msg=21'; $output = COM_refresh($url); $create_page = true; } } if (!$create_page) { if (empty($page)) { $failflg = 0; } else { $failflg = DB_getItem($_TABLES['staticpage'], 'sp_nf', "sp_id = '{$page}'"); } if ($failflg) { $output .= SEC_loginRequiredForm(); if ($mode !== 'autotag') { $output = COM_createHTMLDocument($output, array('rightblock' => true)); } } else { if ($mode !== 'autotag') { COM_handle404(); } } } return PLG_RET_ERROR; } if ($args['gl_svc']) { // This date format is PHP 5 only, // but only the web-service uses the value $output['published'] = date('c', strtotime($output['created'])); $output['updated'] = date('c', strtotime($output['modified'])); $output['id'] = $page; $output['title'] = $output['sp_title']; $output['page_title'] = $output['sp_page_title']; $output['category'] = TOPIC_getTopicIdsForObject('staticpages', $page); $output['content'] = $output['sp_content']; $output['content_type'] = 'html'; $owner_data = SESS_getUserDataFromId($output['owner_id']); $output['author_name'] = $owner_data['username']; $output['link_edit'] = $page; } } else { $output = array(); $mode = ''; if (isset($args['mode'])) { $mode = $args['mode']; } $perms = SP_getPerms(); if (!empty($perms)) { $perms = ' WHERE ' . $perms; } $offset = 0; if (isset($args['offset'])) { $offset = COM_applyBasicFilter($args['offset'], true); } $max_items = $_SP_CONF['atom_max_items'] + 1; $limit = " LIMIT {$offset}, {$max_items}"; $order = " ORDER BY modified DESC"; $sql = array(); $sql['mysql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_help,sp_php,sp_inblock,cache_time " . " FROM {$_TABLES['staticpage']}" . $perms . $order . $limit; $sql['pgsql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_help,sp_php,sp_inblock,cache_time " . "FROM {$_TABLES['staticpage']}" . $perms . $order . $limit; $result = DB_query($sql); $count = 0; while (($output_item = DB_fetchArray($result, false)) !== false) { // WE ASSUME $output doesn't have any confidential fields $count++; if ($count == $max_items) { $svc_msg['offset'] = $offset + $_SP_CONF['atom_max_items']; break; } if ($args['gl_svc']) { // This date format is PHP 5 only, but only the web-service uses the value $output_item['published'] = date('c', strtotime($output_item['created'])); $output_item['updated'] = date('c', strtotime($output_item['modified'])); $output_item['id'] = $output_item['sp_id']; $output_item['title'] = $output_item['sp_title']; $output_item['page_title'] = $output_item['sp_page_title']; //$output_item['category'] = array($output_item['sp_tid']); $output_item['category'] = TOPIC_getTopicIdsForObject('staticpages', $page); //$output_item['content'] = $output_item['sp_content']; $output['content'] = SP_render_content($output['sp_id'], $output['sp_content'], $output['sp_php'], $output['cache_time'], $output['template_id']); $output_item['content_type'] = 'html'; $owner_data = SESS_getUserDataFromId($output_item['owner_id']); $output_item['author_name'] = $owner_data['username']; } $output[] = $output_item; } } return PLG_RET_OK; }
COM_errorLog('HTML5Upload: MediaGallery not found in $_PLUGINS', 1); COM_404(); exit; } require_once $_CONF['path'] . 'plugins/mediagallery/include/init.php'; $uid = isset($_GET['uid']) ? COM_applyFilter($_GET['uid'], true) : ''; $sid = isset($_GET['sid']) ? COM_applyFilter($_GET['sid'], false) : ''; $aid = isset($_GET['aid']) ? COM_applyFilter($_GET['aid'], true) : ''; if ($_MG_CONF['verbose']) { COM_errorLog('***Inside HTML5Upload main()***', 1); COM_errorLog('received uid=' . $uid, 1); COM_errorLog('received sid=' . $sid, 1); COM_errorLog('received aid=' . $aid, 1); } // let's try to set the $_USER array $_USER = SESS_getUserDataFromId($uid); if (isset($_USER['error']) && $_USER['error'] == '1') { COM_errorLog('HTML5Upload: User identified by uid=' . $uid . ' not found.', 1); echo $LANG_MG01['swfupload_err_session']; exit(0); } elseif (!isset($_USER['uid']) || $_USER['uid'] < 2) { COM_errorLog('HTML5Upload: Anonymous upload rejection.', 1); echo 'Anonymous upload rejected'; exit(0); } // ok, we have a valid uid, but now check the token. if it is invalid, then // return the user to the swfupload page. if (!SEC_checkTokenGeneral($sid, 'html5upload')) { COM_errorLog('HTML5Upload: Invalid token=' . $sid . ' for uid=' . $uid, 1); echo "Session has expired, please reload the page"; exit(0);
/** * Authenticates the user if authentication headers are present * * Our handling of the speedlimit here requires some explanation ... * Atompub clients will usually try to do everything without logging in first. * Since that would mean that we can't provide feeds for drafts, items with * special permissions, etc. we ask them to log in (PLG_RET_AUTH_FAILED). * That, however, means that every request from an Atompub client will count * as one failed login attempt. So doing a couple of requests in quick * succession will surely get the client blocked. Therefore * - a request without any login credentials counts as one failed login attempt * - a request with wrong login credentials counts as two failed login attempts * - if, after a successful login, we have only one failed attempt on record, * we reset the speedlimit * This still ensures that * - repeated failed logins (without or with invalid credentials) will cause the * client to be blocked eventually * - this can not be used for dictionary attacks * */ function WS_authenticate() { global $_CONF, $_TABLES, $_USER, $_GROUPS, $_RIGHTS, $WS_VERBOSE; $uid = ''; $username = ''; $password = ''; $status = -1; if (isset($_SERVER['PHP_AUTH_USER'])) { $username = $_SERVER['PHP_AUTH_USER']; $password = $_SERVER['PHP_AUTH_PW']; $username = COM_applyFilter($username); $password = COM_applyFilter($password); if ($WS_VERBOSE) { COM_errorLog("WS: Attempting to log in user '{$username}'"); } } elseif (!empty($_SERVER['REMOTE_USER'])) { /* PHP installed as CGI may not have access to authorization headers of * Apache. In that case, use .htaccess to store the auth header */ list($auth_type, $auth_data) = explode(' ', $_SERVER['REMOTE_USER']); list($username, $password) = explode(':', base64_decode($auth_data)); $username = COM_applyFilter($username); $password = COM_applyFilter($password); if ($WS_VERBOSE) { COM_errorLog("WS: Attempting to log in user '{$username}' (via \$_SERVER['REMOTE_USER'])"); } } else { if ($WS_VERBOSE) { COM_errorLog("WS: No login given"); } // fallthrough (see below) } COM_clearSpeedlimit($_CONF['login_speedlimit'], 'wsauth'); if (COM_checkSpeedlimit('wsauth', $_CONF['login_attempts']) > 0) { WS_error(PLG_RET_PERMISSION_DENIED, 'Speed Limit exceeded'); } if (!empty($username) && !empty($password)) { if ($_CONF['user_login_method']['3rdparty']) { // remote users will have to use username@servicename $u = explode('@', $username); if (count($u) > 1) { $sv = $u[count($u) - 1]; if (!empty($sv)) { $modules = SEC_collectRemoteAuthenticationModules(); foreach ($modules as $smod) { if (strcasecmp($sv, $smod) == 0) { array_pop($u); // drop the service name $uname = implode('@', $u); $status = SEC_remoteAuthentication($uname, $password, $smod, $uid); break; } } } } } if ($status == -1 && $_CONF['user_login_method']['standard']) { $status = SEC_authenticate($username, $password, $uid); } } if ($status == USER_ACCOUNT_ACTIVE) { $_USER = SESS_getUserDataFromId($uid); PLG_loginUser($_USER['uid']); // Global array of groups current user belongs to $_GROUPS = SEC_getUserGroups($_USER['uid']); // Global array of current user permissions [read,edit] $_RIGHTS = explode(',', SEC_getUserPermissions()); if ($_CONF['restrict_webservices']) { if (!SEC_hasRights('webservices.atompub')) { COM_updateSpeedlimit('wsauth'); if ($WS_VERBOSE) { COM_errorLog("WS: User '{$_USER['username']}' ({$_USER['uid']}) does not have permission to use the webservices"); } // reset user, groups, and rights, just in case ... $_USER = array(); $_GROUPS = array(); $_RIGHTS = array(); WS_error(PLG_RET_AUTH_FAILED); } } if ($WS_VERBOSE) { COM_errorLog("WS: User '{$_USER['username']}' ({$_USER['uid']}) successfully logged in"); } // if there were less than 2 failed login attempts, reset speedlimit if (COM_checkSpeedlimit('wsauth', 2) == 0) { if ($WS_VERBOSE) { COM_errorLog("WS: Successful login - resetting speedlimit"); } COM_resetSpeedlimit('wsauth'); } } else { COM_updateSpeedlimit('wsauth'); if (!empty($username) && !empty($password)) { COM_updateSpeedlimit('wsauth'); if ($WS_VERBOSE) { COM_errorLog("WS: Wrong login credentials - counting as 2 failed attempts"); } } elseif ($WS_VERBOSE) { COM_errorLog("WS: Empty login credentials - counting as 1 failed attempt"); } WS_error(PLG_RET_AUTH_FAILED); } }
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $cooktime); SEC_setCookie($_CONF['cookie_password'], $_USER['passwd'], time() + $cooktime); } } else { $userid = $_COOKIE[$_CONF['cookie_name']]; if (empty($userid) || $userid === 'deleted') { unset($userid); } else { $userid = COM_applyFilter($userid, true); if ($userid > 1) { if ($VERBOSE) { COM_errorLog('NOW trying to set permanent cookie', 1); COM_errorLog('Got ' . $userid . ' from perm cookie in users.php', 1); } // Create new session $userdata = SESS_getUserDataFromId($userid); $_USER = $userdata; if ($VERBOSE) { COM_errorLog('Got ' . $_USER['username'] . ' for the username in user.php', 1); } } } } // Now that we have users data see if their theme cookie is set. // If not set it if (!empty($_USER['theme'])) { setcookie($_CONF['cookie_theme'], $_USER['theme'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']); } if (!empty($_SERVER['HTTP_REFERER']) && strstr($_SERVER['HTTP_REFERER'], '/users.php') === false && substr($_SERVER['HTTP_REFERER'], 0, strlen($_CONF['site_url'])) == $_CONF['site_url']) { $indexMsg = $_CONF['site_url'] . '/index.php?msg='; if (substr($_SERVER['HTTP_REFERER'], 0, strlen($indexMsg)) == $indexMsg) {
/** * Complete the login process - setup new session * * Complete the login process - create new session for user * * @param int $uid User ID of logged in user * @return none * */ function SESS_completeLogin($uid) { global $_TABLES, $_CONF, $_SYSTEM, $_USER; $request_ip = !empty($_SERVER['REMOTE_ADDR']) ? htmlspecialchars($_SERVER['REMOTE_ADDR']) : ''; // build the $_USER array $userdata = SESS_getUserDataFromId($uid); $_USER = $userdata; // save old session data $savedSessionData = json_encode($_SESSION); // create the session $sessid = SESS_newSession($_USER['uid'], $request_ip, $_CONF['session_cookie_timeout']); if (isset($_COOKIE[$_CONF['cookie_session']])) { $cookie_domain = $_CONF['cookiedomain']; $cookie_path = $_CONF['cookie_path']; setcookie($_COOKIE[$_CONF['cookie_session']], '', time() - 42000, $cookie_path, $cookie_domain, $_CONF['cookiesecure'], true); } session_id($sessid); session_start(); $_SESSION = json_decode($savedSessionData, true); // initialize session counter SESS_setVar('session.counter', 1); if (!isset($_USER['tzid']) || empty($_USER['tzid'])) { $_USER['tzid'] = $_CONF['timezone']; } // Let plugins act on login event PLG_loginUser($_USER['uid']); // check and see if they have remember me set $cooktime = (int) $_USER['cookietimeout']; if ($cooktime > 0) { $cookieTimeout = time() + $cooktime; $token_ttl = $cooktime; // set userid cookie SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], $cookieTimeout, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); $ltToken = SEC_createTokenGeneral('ltc', $token_ttl); // set long term cookie SEC_setCookie($_CONF['cookie_password'], $ltToken, $cookieTimeout, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); } DB_query("UPDATE {$_TABLES['users']} set remote_ip='" . DB_escapeString($request_ip) . "' WHERE uid=" . (int) $_USER['uid'], 1); if ($_CONF['allow_user_themes']) { // set theme cookie (or update it ) SEC_setcookie($_CONF['cookie_theme'], $_USER['theme'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); } }
/** * This gets the state for the user * * Much of this code if from phpBB (www.phpbb.org). This checks the session * cookie and long term cookie to get the users state. * * @return void * */ function SESS_sessionCheck() { global $_CONF, $_TABLES, $_USER, $_SESS_VERBOSE; if ($_SESS_VERBOSE) { COM_errorLog("*** Inside SESS_sessionCheck ***", 1); } $_USER = array(); // Check for a cookie on the users's machine. If the cookie exists, build // an array of the users info and setup the theme. // Flag indicates if session cookie and session data exist $session_exists = true; if (isset($_COOKIE[$_CONF['cookie_session']])) { $sessid = COM_applyFilter($_COOKIE[$_CONF['cookie_session']]); if ($_SESS_VERBOSE) { COM_errorLog("Got {$sessid} as the session ID", 1); } $userid = SESS_getUserIdFromSession($sessid, $_CONF['session_cookie_timeout'], $_SERVER['REMOTE_ADDR'], $_CONF['cookie_ip']); if ($_SESS_VERBOSE) { COM_errorLog("Got {$userid} as User ID from the session ID", 1); } if ($userid > 1) { // Check user status $status = SEC_checkUserStatus($userid); if ($status == USER_ACCOUNT_ACTIVE || $status == USER_ACCOUNT_AWAITING_ACTIVATION) { SESS_updateSessionTime($sessid, $_CONF['cookie_ip']); $_USER = SESS_getUserDataFromId($userid); if ($_SESS_VERBOSE) { $str = "Got " . count($_USER) . " pieces of data from userdata \n"; foreach ($_USER as $k => $v) { $str .= sprintf("%15s [%s] \n", $k, $v); } COM_errorLog($str, 1); } $_USER['auto_login'] = false; } } elseif ($userid == 1) { // Anonymous User has session so update any information SESS_updateSessionTime($sessid, $_CONF['cookie_ip']); } else { // Session probably expired $session_exists = false; } } else { if ($_SESS_VERBOSE) { COM_errorLog("Session cookie not found", 1); } $session_exists = false; } if ($session_exists === false) { // Check if the permanent cookie exists $userid = ''; if (isset($_COOKIE[$_CONF['cookie_name']])) { $userid = COM_applyFilter($_COOKIE[$_CONF['cookie_name']], true); } if (!empty($userid)) { // Session cookie or session data don't exist, but a permanent cookie does. // Start a new session cookie and session data; if ($_SESS_VERBOSE) { COM_errorLog("Got {$userid} as User ID from the permanent cookie", 1); } $cookie_password = ''; $userpass = ''; if ($userid > 1 && isset($_COOKIE[$_CONF['cookie_password']])) { $cookie_password = $_COOKIE[$_CONF['cookie_password']]; $userpass = DB_getItem($_TABLES['users'], 'passwd', "uid = {$userid}"); } if (empty($cookie_password) || $cookie_password != $userpass) { if ($_SESS_VERBOSE) { COM_errorLog("Password comparison failed or cookie password missing", 1); } // Invalid or manipulated cookie data $ctime = time() - 10000; SEC_setCookie($_CONF['cookie_session'], '', $ctime); SEC_setCookie($_CONF['cookie_password'], '', $ctime); SEC_setCookie($_CONF['cookie_name'], '', $ctime); COM_clearSpeedlimit($_CONF['login_speedlimit'], 'login'); if (COM_checkSpeedlimit('login', $_CONF['login_attempts']) > 0) { if (!defined('XHTML')) { define('XHTML', ''); } COM_displayMessageAndAbort(82, '', 403, 'Access denied'); } COM_updateSpeedlimit('login'); } elseif ($userid > 1) { if ($_SESS_VERBOSE) { COM_errorLog("Password comparison passed", 1); } // Check user status $status = SEC_checkUserStatus($userid); if ($status == USER_ACCOUNT_ACTIVE || $status == USER_ACCOUNT_AWAITING_ACTIVATION) { if ($_SESS_VERBOSE) { COM_errorLog("Create new session and write cookie", 1); } // Create new session and write cookie $sessid = SESS_newSession($userid, $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']); SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']); $_USER = SESS_getUserDataFromId($userid); $_USER['auto_login'] = true; } } } else { if ($_SESS_VERBOSE) { COM_errorLog("Permanent cookie not found", 1); } // Anonymous user has session id but it has been expired and wiped from the db so reset. // Or new anonymous user so create new session and write cookie. $userid = 1; $sessid = SESS_newSession($userid, $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']); SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']); } } if ($_SESS_VERBOSE) { COM_errorLog("*** Leaving SESS_sessionCheck ***", 1); } $_USER['session_id'] = $sessid; }
/** * Get an existing static page * * @param array args Contains all the data provided by the client * @param string &output OUTPUT parameter containing the returned text * @param string &svc_msg OUTPUT parameter containing any service messages * @return int Response code as defined in lib-plugins.php */ function service_get_staticpages($args, &$output, &$svc_msg) { global $_CONF, $_TABLES, $LANG_ACCESS, $LANG12, $LANG_STATIC, $LANG_LOGIN, $_SP_CONF; $output = ''; $svc_msg['output_fields'] = array('sp_hits', 'sp_format', 'owner_id', 'group_id', 'perm_owner', 'perm_group', 'perm_members', 'perm_anon', 'sp_help', 'sp_php', 'sp_inblock', 'commentcode'); if (empty($args['sp_id']) && !empty($args['id'])) { $args['sp_id'] = $args['id']; } if ($args['gl_svc']) { if (isset($args['sp_id'])) { $args['sp_id'] = COM_applyBasicFilter($args['sp_id']); } if (isset($args['mode'])) { $args['mode'] = COM_applyBasicFilter($args['mode']); } if (empty($args['sp_id'])) { $svc_msg['gl_feed'] = true; } else { $svc_msg['gl_feed'] = false; } } else { $svc_msg['gl_feed'] = false; } if (!$svc_msg['gl_feed']) { $page = ''; if (isset($args['sp_id'])) { $page = $args['sp_id']; } $mode = ''; if (isset($args['mode'])) { $mode = $args['mode']; } $error = 0; if ($page == '') { $error = 1; } $perms = SP_getPerms(); if (!empty($perms)) { $perms = ' AND ' . $perms; } $sql = array(); $sql['mysql'] = "SELECT sp_title,sp_content,sp_hits,sp_date,sp_format," . "commentcode,owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '{$page}')" . $perms; $sql['mssql'] = "SELECT sp_title," . "CAST(sp_content AS text) AS sp_content,sp_hits," . "sp_date,sp_format,commentcode,owner_id,group_id," . "perm_owner,perm_group,perm_members,perm_anon,sp_tid," . "sp_help,sp_php,sp_inblock " . "FROM {$_TABLES['staticpage']} WHERE (sp_id = '{$page}')" . $perms; $result = DB_query($sql); $count = DB_numRows($result); if ($count == 0 || $count > 1) { $error = 1; } if (!$error) { $output = DB_fetchArray($result, false); // WE ASSUME $output doesn't have any confidential fields } else { // an error occured (page not found, access denied, ...) if (empty($page)) { $failflg = 0; } else { $failflg = DB_getItem($_TABLES['staticpage'], 'sp_nf', "sp_id='{$page}'"); } if ($failflg) { if ($mode !== 'autotag') { $output = COM_siteHeader('menu'); } $output .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header')); $login = new Template($_CONF['path_layout'] . 'submit'); $login->set_file(array('login' => 'submitloginrequired.thtml')); $login->set_var('login_message', $LANG_LOGIN[2]); $login->set_var('site_url', $_CONF['site_url']); $login->set_var('lang_login', $LANG_LOGIN[3]); $login->set_var('lang_newuser', $LANG_LOGIN[4]); $login->parse('output', 'login'); $output .= $login->finish($login->get_var('output')); $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); if ($mode !== 'autotag') { $output .= COM_siteFooter(true); } } else { if ($mode !== 'autotag') { $output = COM_siteHeader('menu'); } $output .= COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')); $output .= $LANG_STATIC['deny_msg']; $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); if ($mode !== 'autotag') { $output .= COM_siteFooter(true); } } return PLG_RET_ERROR; } if ($args['gl_svc']) { // This date format is PHP 5 only, // but only the web-service uses the value $output['published'] = date('c', strtotime($output['sp_date'])); $output['updated'] = date('c', strtotime($output['sp_date'])); $output['id'] = $page; $output['title'] = $output['sp_title']; $output['category'] = array($output['sp_tid']); $output['content'] = $output['sp_content']; $output['content_type'] = 'html'; $owner_data = SESS_getUserDataFromId($output['owner_id']); $output['author_name'] = $owner_data['username']; $output['link_edit'] = $page; } } else { $output = array(); $mode = ''; if (isset($args['mode'])) { $mode = $args['mode']; } $perms = SP_getPerms(); if (!empty($perms)) { $perms = ' WHERE ' . $perms; } $offset = 0; if (isset($args['offset'])) { $offset = COM_applyBasicFilter($args['offset'], true); } $max_items = $_SP_CONF['atom_max_items'] + 1; $limit = " LIMIT {$offset}, {$max_items}"; $order = " ORDER BY sp_date DESC"; $sql = array(); $sql['mysql'] = "SELECT sp_id,sp_title,sp_content,sp_hits,sp_date,sp_format,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit; $sql['mssql'] = "SELECT sp_id,sp_title,CAST(sp_content AS text) AS sp_content,sp_hits," . "sp_date,sp_format,owner_id,group_id,perm_owner,perm_group,perm_members," . "perm_anon,sp_tid,sp_help,sp_php,sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit; $result = DB_query($sql); $count = 0; while (($output_item = DB_fetchArray($result, false)) !== false) { // WE ASSUME $output doesn't have any confidential fields $count += 1; if ($count == $max_items) { $svc_msg['offset'] = $offset + $_SP_CONF['atom_max_items']; break; } if ($args['gl_svc']) { // This date format is PHP 5 only, but only the web-service uses the value $output_item['published'] = date('c', strtotime($output_item['sp_date'])); $output_item['updated'] = date('c', strtotime($output_item['sp_date'])); $output_item['id'] = $output_item['sp_id']; $output_item['title'] = $output_item['sp_title']; $output_item['category'] = array($output_item['sp_tid']); $output_item['content'] = $output_item['sp_content']; $output_item['content_type'] = 'html'; $owner_data = SESS_getUserDataFromId($output_item['owner_id']); $output_item['author_name'] = $owner_data['username']; } $output[] = $output_item; } } return PLG_RET_OK; }