public function actionSetPushToken()
{
$token = $this->_input->filterSingle('token', XenForo_Input::STRING);
$visitor = XenForo_Visitor::getInstance();
if (!$visitor->getUserId()) {
fr_no_permission();
}
fr_update_push_user('', 1, $token);
return array('success' => true);
}
function do_get_new_updates()
{
global $vbulletin;
require_once DIR . '/includes/functions_login.php';
$vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'password' => TYPE_STR, 'md5_password' => TYPE_STR, 'fr_username' => TYPE_STR, 'fr_b' => TYPE_BOOL));
if (!$vbulletin->GPC['username'] || !$vbulletin->GPC['password'] && !$vbulletin->GPC['md5_password']) {
json_error(ERR_NO_PERMISSION);
}
$vbulletin->GPC['username'] = prepare_remote_utf8_string($vbulletin->GPC['username']);
$vbulletin->GPC['password'] = prepare_remote_utf8_string($vbulletin->GPC['password']);
if (!verify_authentication($vbulletin->GPC['username'], $vbulletin->GPC['password'], $vbulletin->GPC['md5_password'], $vbulletin->GPC['md5_password'], $vbulletin->GPC['cookieuser'], true)) {
json_error(ERR_NO_PERMISSION);
}
// Don't save the session, we just want pm & marked thread info
process_new_login('', false, '');
// Since we are not saving the session, fetch our userinfo
$vbulletin->userinfo =& fetch_userinfo($vbulletin->userinfo['userid']);
cache_permissions($vbulletin->userinfo, true);
$sub_notices = get_sub_thread_updates();
fr_update_push_user($vbulletin->GPC['fr_username'], $vbulletin->GPC['fr_b']);
return array('pm_notices' => $vbulletin->userinfo['pmunread'], 'sub_notices' => $sub_notices);
}
function do_login()
{
global $fr_version, $fr_platform;
$options = vB::get_datastore()->get_value('options');
$cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('username' => vB_Cleaner::TYPE_STR, 'password' => vB_Cleaner::TYPE_STR, 'md5_password' => vB_Cleaner::TYPE_STR, 'fr_username' => vB_Cleaner::TYPE_STR, 'fr_b' => vB_Cleaner::TYPE_BOOL, 'token' => vB_Cleaner::TYPE_STR));
$navbg = null;
if (strlen($options['forumrunner_branding_navbar_bg'])) {
$navbg = $options['forumrunner_branding_navbar_bg'];
if (is_iphone() && strlen($navbg) == 7) {
$r = hexdec(substr($navbg, 1, 2));
$g = hexdec(substr($navbg, 3, 2));
$b = hexdec(substr($navbg, 5, 2));
$navbg = "{$r},{$g},{$b}";
}
}
$out = array('v' => $fr_version, 'p' => $fr_platform);
if ($navbg) {
$out['navbg'] = $navbg;
}
if (is_iphone() && $options['forumrunner_admob_publisherid_iphone']) {
$out['admob'] = $options['forumrunner_admob_publisherid_iphone'];
} else {
if (is_android() && $options['forumrunner_admob_publisherid_android']) {
$out['admob'] = $options['forumrunner_admob_publisherid_android'];
}
}
if ($options['forumrunner_google_analytics_id']) {
$out['gan'] = $options['forumrunner_google_analytics_id'];
}
if ($options['forumrunner_enable_registration']) {
$out['reg'] = true;
}
if (!$cleaned['username'] || !$cleaned['password'] && !$cleaned['md5_password']) {
// This could be an attempt to see if forums require login. Check.
$out += array('authenticated' => false, 'requires_authentication' => requires_authentication());
} else {
$login = vB_Api::instance('user')->login($cleaned['username'], $cleaned['password'], '', '', 'cplogin');
if (isset($login['errors']) and !empty($login['errors'])) {
$login = vB_Api::instance('user')->login($cleaned['username'], $cleaned['password'], '', '', '');
if (isset($login['errors']) and !empty($login['errors'])) {
return json_error('Incorrect login.', RV_BAD_PASSWORD);
}
}
if (!$options['bbactive'] && !vB::getUserContext()->hasAdminPermission('cancontrolpanel')) {
vB_Api::instance('user')->processLogout();
return json_error(strip_tags($options['bbclosedreason']), RV_BAD_PASSWORD);
}
if (isset($login['cpsession'])) {
vB5_Cookie::set('cpsession', $login['cpsession'], 30);
}
vB5_Cookie::set('sessionhash', $login['sessionhash'], 30);
vB5_Cookie::set('password', $login['password'], 30);
vB5_Cookie::set('userid', $login['userid'], 30);
if (isset($cleaned['fr_username'])) {
fr_update_push_user($cleaned['fr_username'], $cleaned['fr_b']);
}
$userinfo = vB_Api::instance('user')->fetchUserInfo();
$out += array('authenticated' => true, 'username' => $userinfo['username'], 'cookiepath' => $options['cookiepath']);
}
return $out;
}
public function actionLogin()
{
global $fr_version, $fr_platform;
$vals = $this->_input->filter(array('username' => XenForo_Input::STRING, 'password' => XenForo_Input::STRING, 'md5_password' => XenForo_Input::STRING, 'fr_username' => XenForo_Input::STRING, 'fr_b' => XenForo_Input::UINT, 'token' => XenForo_Input::STRING));
$login_model = $this->_getLoginModel();
$user_model = $this->_getUserModel();
$options = XenForo_Application::get('options');
$navbg = '';
$style = $options->forumrunnerColor;
if ($style) {
// Convert to right style. iPhone needs r,g,b. Android needs #rrggbb.
$color = convert_color($style);
if (is_iphone() && strlen($color) == 7) {
$r = hexdec(substr($color, 1, 2));
$g = hexdec(substr($color, 3, 2));
$b = hexdec(substr($color, 5, 2));
$color = "{$r},{$g},{$b}";
}
$navbg = $color;
}
$authenticated = false;
$requires_authentication = false;
$out = array();
if (!$vals['username'] || !$vals['password'] && !$vals['md5_password']) {
if (!XenForo_Visitor::getInstance()->hasPermission('general', 'view')) {
$requires_authentication = true;
}
$options = XenForo_Application::get('options');
if (!$options->boardActive && !XenForo_Visitor::getInstance()->get('is_admin')) {
$requires_authentication = true;
}
} else {
$user_id = $user_model->validateAuthentication($vals['username'], $vals['password'], $error);
if (!$user_id) {
$login_model->logLoginAttempt($vals['username']);
json_error($error->render(), RV_BAD_PASSWORD);
}
$login_model->clearLoginAttempts($vals['username']);
$user_model->setUserRememberCookie($user_id);
XenForo_Model_Ip::log($user_id, 'user', $user_id, 'login');
XenForo_Application::get('session')->changeUserId($user_id);
XenForo_Visitor::setup($user_id);
$out['username'] = prepare_utf8_string(XenForo_Visitor::getInstance()->get('username'));
$authenticated = true;
}
$out += array('authenticated' => $authenticated, 'v' => $fr_version, 'p' => $fr_platform, 'requires_authentication' => $requires_authentication);
if ($navbg != '') {
$out['navbg'] = $navbg;
}
if (is_iphone() && $options->forumrunnerAdsAdMobPublisherIDiPhone) {
$out['admob'] = $options->forumrunnerAdsAdMobPublisherIDiPhone;
} else {
if (is_android() && $options->forumrunnerAdsAdMobPublisherIDAndroid) {
$out['admob'] = $options->forumrunnerAdsAdMobPublisherIDAndroid;
}
}
if ($options->forumrunnerGoogleAnalyticsID && $options->forumrunnerGoogleAnalyticsID != '') {
$out['gan'] = $options->forumrunnerGoogleAnalyticsID;
}
if ($options->forumrunnerFacebookApplicationID && $options->forumrunnerFacebookApplicationID != '') {
$out['fb'] = $options->forumrunnerFacebookApplicationID;
}
if ($options->forumrunnerRegistration) {
$out['reg'] = true;
}
fr_update_push_user($vals['fr_username'], $vals['fr_b'], $vals['token']);
return $out;
}
function do_login()
{
global $vbulletin, $fr_version, $fr_platform;
$vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'password' => TYPE_STR, 'md5_password' => TYPE_STR, 'fr_username' => TYPE_STR, 'fr_b' => TYPE_BOOL));
$navbg = null;
if (strlen($vbulletin->options['forumrunner_branding_navbar_bg'])) {
$navbg = $vbulletin->options['forumrunner_branding_navbar_bg'];
if (is_iphone() && strlen($navbg) == 7) {
$r = hexdec(substr($navbg, 1, 2));
$g = hexdec(substr($navbg, 3, 2));
$b = hexdec(substr($navbg, 5, 2));
$navbg = "{$r},{$g},{$b}";
}
}
$vbulletin->GPC['username'] = prepare_remote_utf8_string($vbulletin->GPC['username']);
$vbulletin->GPC['password'] = prepare_remote_utf8_string($vbulletin->GPC['password']);
$out = array('v' => $fr_version, 'p' => $fr_platform);
if ($navbg) {
$out['navbg'] = $navbg;
}
if (is_iphone() && $vbulletin->options['forumrunner_admob_publisherid_iphone']) {
$out['admob'] = $vbulletin->options['forumrunner_admob_publisherid_iphone'];
} else {
if (is_android() && $vbulletin->options['forumrunner_admob_publisherid_android']) {
$out['admob'] = $vbulletin->options['forumrunner_admob_publisherid_android'];
}
}
if ($vbulletin->options['forumrunner_google_analytics_id']) {
$out['gan'] = $vbulletin->options['forumrunner_google_analytics_id'];
}
if ($vbulletin->options['forumrunner_facebook_application_id']) {
$out['fb'] = $vbulletin->options['forumrunner_facebook_application_id'];
}
if ($vbulletin->options['forumrunner_cms_onoff']) {
$out['cms'] = true;
$out['cms_section'] = $vbulletin->options['forumrunner_cms_section'];
}
if ($vbulletin->options['forumrunner_enable_registration']) {
$out['reg'] = true;
}
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_albums']) {
$out['albums'] = true;
}
if (!$vbulletin->GPC['username'] || !$vbulletin->GPC['password'] && !$vbulletin->GPC['md5_password']) {
// This could be an attempt to see if forums require login. Check.
$requires_authentication = false;
if (!($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview'])) {
$requires_authentication = true;
}
// If the forum is closed, require login!
if (!$vbulletin->options['bbactive']) {
$requires_authentication = true;
}
$out += array('authenticated' => false, 'requires_authentication' => $requires_authentication);
} else {
// can the user login?
$strikes = verify_strike_status($vbulletin->GPC['username'], true);
// make sure our user info stays as whoever we were (for example, we might be logged in via cookies already)
$original_userinfo = $vbulletin->userinfo;
if (!verify_authentication($vbulletin->GPC['username'], $vbulletin->GPC['password'], $vbulletin->GPC['md5_password'], $vbulletin->GPC['md5_password'], true, true)) {
exec_strike_user($vbulletin->GPC['username']);
if ($vbulletin->options['usestrikesystem']) {
if ($strikes === false) {
$message = 'Incorrect login. You have used up your login allowance. Please wait 15 minutes before trying again.';
} else {
$message = 'Incorrect login (' . ($strikes + 1) . ' of 5 tries allowed)';
}
} else {
$message = 'Incorrect login.';
}
json_error($message, RV_BAD_PASSWORD);
}
exec_unstrike_user($vbulletin->GPC['username']);
// create new session
process_new_login('', true, '');
cache_permissions($vbulletin->userinfo, true);
$vbulletin->session->save();
// If the forum is closed, boot em
if (!$vbulletin->options['bbactive'] && !($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
process_logout();
json_error(strip_tags($vbulletin->options['bbclosedreason']), RV_BAD_PASSWORD);
}
fr_update_push_user($vbulletin->GPC['fr_username'], $vbulletin->GPC['fr_b']);
$out += array('authenticated' => true, 'username' => prepare_utf8_string($vbulletin->userinfo['username']), 'cookiepath' => $vbulletin->options['cookiepath']);
}
return $out;
}
function do_set_push_token()
{
$userinfo = vB_Api::instance('user')->fetchUserInfo();
if ($userinfo['userid'] < 1) {
return json_error(ERR_INVALID_LOGGEDIN);
}
$cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('token' => vB_Cleaner::TYPE_STR));
fr_update_push_user('', 1, $cleaned['token']);
return true;
}
