function mystery_log_violation($code, $message = '') { // This function process a serious error/violation global $_MYSTERY; $types['Red'] = 'Spoofed User'; $types['Orange'] = 'Spoofed File'; $types['Yellow'] = 'Spoofed Action'; $types['Green'] = 'Illegal Query'; $types['Blue'] = 'Virus Upload'; $types['Purple'] = 'Spoofed Table'; $types['Brown'] = 'Illegal Many To Many Addition'; ob_start(); echo "SERVER: "; print_r($_SERVER); echo "SESSION: "; print_r($_SESSION); echo "REQUEST: "; print_r($_REQUEST); $context = ob_get_contents(); ob_end_clean(); $table = $_MYSTERY['table_prefix'] . 'security_log'; $data['exception_type'] = $types[$code] . ' - ' . $message; $data['exception_code'] = $code; $data['user_id'] = $_SESSION['user_id']; $data['user_ip_address'] = $_SERVER['REMOTE_ADDR']; $data['user_action'] = $_REQUEST['action']; $data['user_time'] = date('Y-m-d h:i:s'); $data['user_request'] = $_SERVER['REQUEST_URI']; $data['user_variables'] = $context; $log_id = mystery_insert_query($table, $data, 'record_id'); // Prepare error string $error_parts = array(); while (list($key, $value) = each($data)) { $error_parts[] .= ucwords(str_replace('_', ' ', $key)) . ': ' . $value; } $error_string = implode("\n", $error_parts) . "\n\n"; mystery_log_error_to_file('security_log', $error_string); // make them wait a couple seconds so they won't automate the attack sleep(2); mystery_header(); echo ' <h1>Access Denied</h1> <p>Sorry, but the account you arelogged in as cannot perform the requested action. (<em>Code: ', $code, '</em>)</p> '; mystery_display_admin_contact_info(); if ($code == 'Blue') { echo '<p>The file you tried to upload is infected with a <strong>virus</strong>. Please <strong>disinfect the file</strong> and try again.</p> <p><code>', $_MYSTERY['virus_feedback'], '</code></p>'; } mystery_footer(); }
function mystery_session_write($id, $mystery_session_data) { global $_MYSTERY; $table = $_MYSTERY['table_prefix'] . 'sessions'; $query = 'DELETE FROM ' . $table . ' WHERE session_key = ?'; $params = array($id); mystery_delete_query($query, $params); $pk = 'session_id'; $data['session_key'] = $id; $data['session_timestamp'] = date('YmdHis'); $data['session_data'] = $mystery_session_data; mystery_insert_query($table, $data, $pk); return true; }
if ($diy_id == '') { mystery_redirect('/course/'); } if (isset($_PORTAL['params']['process'])) { $query = 'DELETE FROM portal_comments_ratings WHERE comment_diy_identifier = ? AND comment_author = ?'; $params = array($diy_id, $_SESSION['portal']['member_id']); $status = mystery_delete_query($query, $params, 'portal_dbh'); if (!isset($_REQUEST['comment_delete'])) { $data = array(); $data['comment_author'] = $_SESSION['portal']['member_id']; $data['comment_diy_identifier'] = $diy_id; $data['comment_title'] = $_REQUEST['comment_title']; $data['comment_body'] = $_REQUEST['comment_body']; //$data['comment_rating'] = $_REQUEST['comment_rating']; $data['creation_date'] = date('Y-m-d H:i:s'); $comment_id = mystery_insert_query('portal_comments_ratings', $data, 'comment_id', 'portal_dbh'); echo '<p style="color: #009900;"><em>Comment saved!</em></p>'; } else { echo '<p style="color: #009900;"><em>Comment deleted!</em></p>'; } } $activity_info = portal_get_activity_info_from_diy_id($diy_id); $page_title = $activity_info['activity_name'] . ' by ' . $activity_info['activity_author']; $comments = portal_get_activity_comments($diy_id); $average_rating = portal_lookup_activity_rating($diy_id); $my_comments = portal_get_member_activity_comments($diy_id, $_SESSION['portal']['member_id']); if (count($my_comments) > 0) { $add_edit_word = 'Edit'; $delete_checkbox = '<input type="checkbox" name="comment_delete" id="comment-delete" value="yes"> Delete this comment?'; } else { $add_edit_word = 'Add';
if (isset($_PORTAL['params']['process'])) { $data = array(); $data['class_name'] = $_REQUEST['class_name']; $data['class_teacher'] = $_SESSION['portal']['member_id']; //mystery_print_r($_REQUEST, $_PORTAL, $data); exit; // check the class word $class_word_in_use = 'no'; $class_using_word = portal_check_class_word($_REQUEST['class_word']); if ($class_using_word != $id_param && $class_using_word != false) { $class_word_in_use = 'yes'; } if ($_REQUEST['class_word'] != '' && $class_word_in_use == 'no') { if ($_PORTAL['activity'] == 'add' || $_PORTAL['activity'] == 'copy') { $data['creation_date'] = date('Y-m-d H:i:s'); $data['class_uuid'] = portal_generate_uuid(); $class_id = mystery_insert_query('portal_classes', $data, 'class_id', 'portal_dbh'); $class_info['activities'] = array(); $class_info['diy_activities'] = array(); } else { $class_id = $id_param; $status = mystery_update_query('portal_classes', $data, 'class_id', $class_id, 'portal_dbh'); } // update class word with the actual class word portal_set_class_word($class_id, $_REQUEST['class_word']); // add the standard activities here $new_activities = @$_REQUEST['activities']; if ($new_activities == '') { $new_activities = array(); } $old_activities = @$class_info['activities']; if ($old_activities == '') {
function mystery_error_handler($type, $message, $file, $line, $context) { // This function replaces the built in PHP error handler global $_MYSTERY; // Check to see if this error was prepended with @ if (error_reporting() == 0) { return; } $nice_types[E_NOTICE] = 'PHP Notice'; $nice_types[E_USER_NOTICE] = 'Application Notice'; $nice_types[E_WARNING] = 'PHP Warning'; $nice_types[E_USER_WARNING] = 'Application Warning'; $nice_types[E_USER_ERROR] = 'Application Fatal Error'; if (defined('E_STRICT')) { $nice_types[E_STRICT] = 'PHP Code Needs Update'; } if (defined('E_RECOVERABLE_ERROR')) { $nice_types[E_RECOVERABLE_ERROR] = 'Recoverable Application Error'; } $now = date('Y-m-d h:i:s'); $error_parts = array(); $error_parts[] = 'Date: ' . $now; $error_parts[] = 'Type: ' . $nice_types[$type]; $error_parts[] = 'Message: ' . $message; $error_parts[] = 'File: ' . $file; $error_parts[] = 'Line: ' . $line; $error_string = implode("\n", $error_parts) . "\n\n"; if (!defined('E_STRICT') || $type != E_STRICT) { mystery_log_error_to_file('error_log', $error_string); } $table = $_MYSTERY['table_prefix'] . 'error_log'; $data = array(); $data['error_type'] = $nice_types[$type]; $data['error_message'] = $message; $data['error_file'] = $file; $data['error_line'] = $line; $data['error_date'] = $now; if (!defined('E_STRICT') || $type != E_STRICT) { $this_error = mystery_insert_query($table, $data, 'error_id'); } switch ($type) { case E_NOTICE: case E_USER_NOTICE: if (@$_SESSION['is_administrator'] == 'yes') { echo '<p style="background-color: #CEFFB5;">Notice: ', nl2br($error_string), '</p>'; } break; case E_WARNING: case E_USER_WARNING: if (@$_SESSION['is_administrator'] == 'yes') { echo '<p style="background-color: #FCFFB5;">Warning: ', nl2br($error_string), '</p>'; } break; case E_USER_ERROR: //mystery_header(); if (@$_SESSION['is_administrator'] == 'yes') { echo '<p style="background-color: #FFB5B5;">Fatal Error: ', nl2br($error_string), '</p>'; // The following outputs way too much data. Uncomment if you must. // echo '<pre style="background-color: #FFB5B5;">' . print_r($context) . '</pre>'; } else { echo ' <h1>An Unexpected Error Occurred</h1> <p>We regret than an unexpected error has occurred. The error has been logged and the administrator of the system will look into it as soon as possible.</p> '; mystery_display_admin_contact_info(); } //mystery_footer(); exit; break; } }
function portal_subscribe_class_to_diy_activities($class_id, $old_activities, $new_activities) { global $_PORTAL; //mystery_print_r($old_activities); mystery_print_r($new_activities); exit; $to_add = array_values(array_diff($new_activities, $old_activities)); $to_delete = array_values(array_diff($old_activities, $new_activities)); //mystery_print_r($to_add); mystery_print_r($to_delete); exit; // first delete the old ones if (count($to_delete) > 0) { $query = 'DELETE FROM portal_class_diy_activities WHERE class_id = ? AND project_id = ? AND diy_activity_id IN (' . implode(',', $to_delete) . ')'; $params = array($class_id, $_PORTAL['project_info']['project_id']); $status = mystery_delete_query($query, $params, 'portal_dbh'); } // now add the new ones for ($i = 0; $i < count($to_add); $i++) { $data = array(); $data['class_id'] = $class_id; $data['diy_activity_id'] = $to_add[$i]; $data['project_id'] = $_PORTAL['project_info']['project_id']; $id = mystery_insert_query('portal_class_diy_activities', $data, 'class_diy_activity_id', 'portal_dbh'); } }
break; // STEP 4 - Ad a member for the teacher // STEP 4 - Ad a member for the teacher case 'info': if (!isset($_REQUEST['school_id'])) { $data = array(); $data['school_name'] = $_REQUEST['school_name']; $data['school_district'] = $_REQUEST['district_id']; $data['school_department'] = $_REQUEST['school_department']; $data['school_address_1'] = $_REQUEST['school_address_1']; $data['school_address_2'] = $_REQUEST['school_address_2']; $data['school_city'] = $_REQUEST['school_city']; $data['school_state'] = $_REQUEST['school_state']; $data['school_zip'] = $_REQUEST['school_zip']; $data['school_country'] = $_REQUEST['school_country']; $_REQUEST['school_id'] = mystery_insert_query('portal_schools', $data, 'school_id', 'portal_dbh'); $_SESSION['school_created'] = 'yes'; } // show the teacher info form echo ' <form action="/signup/teacher/process/" method="post"> <h1>Teacher Registration — Step 4 — Your Info</h1> <p><strong>First Name</strong> <br><input type="text" name="first_name" id="first-name" value="" size="35"></p> <p><strong>Last Name</strong> <br><input type="text" name="last_name" id="last-name" value="" size="35"></p> <p><strong>Email</strong> <br><input type="text" name="email" id="email" value="" size="35"></p> <p><strong>Password</strong> <br><input type="text" name="password" id="password" value="" size="35"> <span class="form-field-info"><strong>Warning:</strong> this field will display your password<br><strong>Note:</strong> your password must be between 4 and 40 characters long</span></p>
function mystery_auth($username, $password) { // This is the general wrapper function for mystery authentication // It takes a username and password and attempts to authenticate // to the mystery_users table. // // If successful, it sets $_SESSION // variables for username, full name, and last name // and returns true; // // If it fails, it tries any of the configured external // authentication sources. If those are successful, it // checks for extant mystery records for that user, creating // them if they don't exist. If they fail it continues to the // next source until exhausted. // // After all else fails, if the user still can't be authenticated // the function takes a brief pause then returns false global $_MYSTERY; // Don't authenticate if user is logged in if (@$_SESSION['is_logged_in'] == 'yes') { return true; } // Try internal Mystery authentication first $user_info = mystery_internal_auth($username, $password); if (count($user_info) == 0) { if (isset($_MYSTERY['external_auth_functions'])) { // some external authentication functions are set, so include the custom auth file include 'custom/authentication.php'; // loop through the custom function until one hopefully works for ($i = 0; $i < count($_MYSTERY['external_auth_functions']); $i++) { // call each function with the username and password parameters // if we get back a non-zero array, stop checking $user_info = call_user_func($_MYSTERY['external_auth_functions'][$i], $username, $password); if (count($user_info) > 0) { break; } } } } if (count($user_info) == 0) { // the authentication was not successful //sleep(2); return false; } else { // set the user's session information $_SESSION['user_username'] = $username; $_SESSION['user_first_name'] = $user_info['user_first_name']; $_SESSION['user_last_name'] = $user_info['user_last_name']; $_SESSION['user_email'] = $user_info['user_email']; // check that the user is in Mystery. If not, add them. If so, get their id. $query = 'SELECT * FROM ' . $_MYSTERY['table_prefix'] . 'users WHERE user_username = ? OR user_email = ?'; $params = array($_SESSION['user_username'], $_SESSION['user_username']); $results = mystery_select_query($query, $params); if (count($results) > 0) { // user exists, set the session user_id variable $_SESSION['user_id'] = $results[0]['user_id']; } else { // user doesn't exist. Add them $table = $_MYSTERY['table_prefix'] . 'users'; $now = date('Y-m-d h:i:s'); $data['user_username'] = $user_info['user_username']; $data['user_first_name'] = $user_info['user_first_name']; $data['user_last_name'] = $user_info['user_last_name']; $data['user_email'] = $user_info['user_email']; $data['user_record_updated'] = $now; $data['user_creation_date'] = $now; $_SESSION['user_id'] = mystery_insert_query($table, $data, 'user_id'); // add the user to the default groups if ($_MYSTERY['default_user_groups'] != '') { // remove whitespace and split on the commas $groups = explode(',', preg_replace('~\\s~', '', $_MYSTERY['default_user_groups'])); $table = $_MYSTERY['table_prefix'] . 'users_groups'; for ($i = 0; $i < count($groups); $i++) { // for each group, add a record for the user // NOTE: there should be a mystery function that better uses the prepared // statements to insert multiple values, but I'm not sure how that works // with sequences $data = array(); $data['user_id'] = $_SESSION['user_id']; $data['group_id'] = $groups[$i]; $ugid = mystery_insert_query($table, $data, 'ug_id'); } } } // get the users groups and permissions $query = 'SELECT group_id FROM ' . $_MYSTERY['table_prefix'] . 'users_groups WHERE user_id = ?'; $params = array($_SESSION['user_id']); $user_groups = mystery_select_query($query, $params); for ($i = 0; $i < count($user_groups); $i++) { $_SESSION['user_groups'][] = $user_groups[$i]['group_id']; if ($user_groups[$i]['group_id'] == '1') { // user is in the admin group $_SESSION['is_administrator'] = 'yes'; } } // set final session varialbes $_SESSION['is_logged_in'] = 'yes'; return true; } }