public function update_bing_bot() { $bot_name = 'Bing [Bot]'; $bot_name_clean = utf8_clean_string($bot_name); $sql = 'SELECT user_id FROM ' . USERS_TABLE . "\n\t\t\tWHERE username_clean = '" . $this->db->sql_escape($bot_name_clean) . "'"; $result = $this->db->sql_query($sql); $bing_already_added = (bool) $this->db->sql_fetchfield('user_id'); $this->db->sql_freeresult($result); if (!$bing_already_added) { $bot_agent = 'bingbot/'; $bot_ip = ''; $sql = 'SELECT group_id, group_colour FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_name = 'BOTS'"; $result = $this->db->sql_query($sql); $group_row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); if (!$group_row) { // default fallback, should never get here $group_row['group_id'] = 6; $group_row['group_colour'] = '9E8DA7'; } if (!function_exists('user_add')) { include $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext; } $user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_row['group_id'], 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => $group_row['group_colour'], 'user_email' => '', 'user_lang' => $this->config['default_lang'], 'user_style' => $this->config['default_style'], 'user_timezone' => 0, 'user_dateformat' => $this->config['default_dateformat'], 'user_allow_massemail' => 0); $user_id = user_add($user_row); $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $this->db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => (string) $bot_name, 'user_id' => (int) $user_id, 'bot_agent' => (string) $bot_agent, 'bot_ip' => (string) $bot_ip)); $this->sql_query($sql); } }
public function main($id, $mode) { global $data, $config, $error, $submit; $timezone = $config['board_timezone']; $data = array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'password' => request_var('password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => request_var('email', ''), 'email_confirm' => request_var('email_confirm', ''), 'tz' => request_var('tz', (double) $timezone)); if ($submit) { $error = validate_data($data, array('username' => array(array('string', false, $config['min_username_chars'], $config['max_username_chars']), array('username', '')), 'password' => array(array('string', false, $config['min_password_chars'], $config['max_password_chars'])), 'password_confirm' => array('string', false, $config['min_password_chars'], $config['max_password_chars']), 'email' => array(array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60), 'tz' => array('num', -14, 14))); if (!sizeof($error)) { if ($data['password'] != $data['password_confirm']) { $error[] = 'PASSWORD_MATCH_ERROR'; } if ($data['email'] != $data['email_confirm']) { $error[] = 'EMAIL_MATCH_ERROR'; } } if (!sizeof($error)) { if ($config['activation_required'] == USER_ACTIVATION_SELF || $config['activation_required'] == USER_ACTIVATION_ADMIN) { $data['group_id'] = INACTIVE_USERS; } else { $data['group_id'] = REGISTERED_USERS; } if (user_add($data) !== false) { /** * @todo registration ok */ } else { /** * @todo registration failed */ } } } }
private function phpBBRegister($userObj) { $save_sytem_config = $GLOBALS['config']; global $phpbb_root_path; global $phpEx; $messages = array(); $phpbb_root_path = $this->_phpbb_src; $phpEx = 'php'; ob_start(); if (is_readable($this->_phpbb_src . 'config.php') and is_executable($this->_phpbb_src . 'config.php') and is_readable($this->_phpbb_src . 'common.php') and is_executable($this->_phpbb_src . 'common.php') and is_readable($this->_phpbb_src . 'includes/functions_user.php') and is_executable($this->_phpbb_src . 'includes/functions_user.php')) { require_once $this->_phpbb_src . 'config.php'; require_once $this->_phpbb_src . 'common.php'; require_once $this->_phpbb_src . 'includes/functions_user.php'; } else { $messages[] = $this->lang('noaccessphpbbfiles.session.error'); $messages[] = $this->_phpbb_src . 'config.php<br/>' . $this->_phpbb_src . 'common.php<br/>' . $this->_phpbb_src . 'includes/functions_user.php<br/>'; return $messages; } if (!validate_username($userObj->u_login)) { $user_row = array('username' => $userObj->u_login, 'user_password' => phpbb_hash($userObj->u_pass), 'user_email' => $userObj->u_email, 'group_id' => 7, 'user_timezone' => 0.0, 'user_dst' => 0, 'user_lang' => 'ru', 'user_type' => 0, 'user_actkey' => '', 'user_dateformat' => '|d M Y|, H:i', 'user_style' => 1, 'user_regdate' => time()); $lid = user_add($user_row); if (!$lid) { $messages[] = $this->lang('cannotadduser.session.error'); } } else { $messages[] = $this->lang('loginallreadyexists.session.error'); } ob_end_clean(); $GLOBALS['config'] = $save_sytem_config; if (count($messages)) { return $messages; } else { return false; } }
/** * Reset all bots */ function bots($error) { global $config, $db; if (isset($_POST['yes'])) { $sql = 'SELECT group_id, group_colour FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_name = 'BOTS'"; $result = $db->sql_query($sql); $group_id = (int) $db->sql_fetchfield('group_id', false, $result); $group_colour = $db->sql_fetchfield('group_colour', 0, $result); $db->sql_freeresult($result); if (!$group_id) { // If we reach this point then something has gone very wrong $error[] = 'NO_BOT_GROUP'; return $error; } else { if (!function_exists('user_add')) { include PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT; } // Remove existing bots $uids = array(); $sql = 'SELECT user_id FROM ' . BOTS_TABLE; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $uids[] = $row['user_id']; } $db->sql_freeresult($result); if (!empty($uids)) { // Remove all the bots foreach ($uids as $uid) { user_delete('remove', $uid); } // Clear out the bots table $db->sql_query('DELETE FROM ' . BOTS_TABLE); } // Add the bots foreach ($this->db_cleaner->data->bots as $bot_name => $bot_ary) { /* Clean the users table of any bots matching this... * this is an issue if a default bot was removed from the bots group. */ $username_clean = utf8_clean_string($bot_name); if (empty($username_clean)) { // This shouldn't happen but we should handle it anyway... continue; } $sql = 'DELETE FROM ' . USERS_TABLE . ' WHERE username_clean = \'' . $db->sql_escape($username_clean) . '\''; $db->sql_query($sql); // `$bot_ary` can be false, if a bot was removed in a certain phpBB version if ($bot_ary === false) { continue; } $user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_id, 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => $group_colour, 'user_email' => '', 'user_lang' => $config['default_lang'], 'user_style' => 1, 'user_timezone' => 0, 'user_dateformat' => $config['default_dateformat'], 'user_allow_massemail' => 0); $user_id = user_add($user_row); if ($user_id) { $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => (string) $bot_name, 'user_id' => (int) $user_id, 'bot_agent' => (string) $bot_ary[0], 'bot_ip' => (string) $bot_ary[1])); $result = $db->sql_query($sql); } } } } }
function addphpBBuser($login, $pwd, $mail, $lang) { $cryptpass = phpbb_hash($pwd); $sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`forum_users` WHERE `username` = '" . $login . "'"; $dataset_exists = getDataFromSQL($sql, __FILE__, "function", __FUNCTION__); if ($dataset_exists['Count'] == 0) { $new_user_array = array('username' => stripslashes($login), 'user_password' => $cryptpass, 'user_email' => $mail, 'group_id' => 7, 'user_type' => 0, 'user_lang' => strtolower($lang)); $phpBBid = user_add($new_user_array); } }
/** * Run Tool * * Does the actual stuff we want the tool to do after submission */ function run_tool(&$error) { global $config, $user; $user->add_lang(array('acp/groups', 'ucp')); if (!check_form_key('add_user')) { $error[] = 'FORM_INVALID'; return; } // Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1 $timezone = date('Z') / 3600; $is_dst = date('I'); if ($config['board_timezone'] == $timezone || $config['board_timezone'] == $timezone - 1) { $timezone = $is_dst ? $timezone - 1 : $timezone; if (!isset($user->lang['tz_zones'][(string) $timezone])) { $timezone = $config['board_timezone']; } } else { $is_dst = $config['board_dst']; $timezone = $config['board_timezone']; } // Collect the user data $data = array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'new_password' => request_var('new_password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (double) $timezone)); // Check vars $this->validate_data($data, $error); // Something went wrong if (!empty($error)) { return false; } // Collect the groups data $groups = array('default' => request_var('defaultgroup', 0), 'groups' => request_var('usergroups', array(0)), 'leaders' => request_var('groupleader', array(0))); // Register the user $user_row = array('username' => $data['username'], 'user_password' => phpbb_hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $groups['default'], 'user_timezone' => (double) $data['tz'], 'user_dst' => $is_dst, 'user_lang' => $data['lang'], 'user_type' => USER_NORMAL, 'user_actkey' => '', 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => 0, 'user_inactive_time' => 0); $user_id = user_add($user_row, false); // Remove the default group from the groups array. Keeping it here causes an error if (in_array($groups['default'], $groups['groups'])) { foreach ($groups['groups'] as $group_key => $group_id) { if ($group_id == $groups['default']) { unset($groups['groups'][$group_key]); break; } } } // This should not happen, because the required variables are listed above... if ($user_id === false) { trigger_error('NO_USER', E_USER_ERROR); } // Add the user to the selected groups $this->add_groups($user_id, $groups, $error); // Last check for errors if (!empty($error)) { return false; } // And done trigger_error('USER_ADDED'); }
function process_form() { $page = isset($_POST["page"]) ? $_POST["page"] : ""; $processed = true; switch ($page) { case FORM_LOGIN: require 'inc/process/login.php'; sign_in(); break; case FORM_CUSTOMER_NEW: require 'inc/process/customer.php'; customer_add(); break; case FORM_CUSTOMER_EDIT: require 'inc/process/customer.php'; customer_edit(); break; case FORM_PURCHASE_NEW: require 'inc/process/purchase.php'; purchase_add(); break; case FORM_PURCHASE_EDIT: require 'inc/process/purchase.php'; purchase_edit(); break; case "sell_new": require 'inc/process/sell.php'; sell_add(); break; case "sell_edit": require 'inc/process/sell.php'; sell_edit(); break; case "store_edit": require 'inc/process/store.php'; store_edit(); break; case "user_new": require 'inc/process/user.php'; user_add(); break; case "user_edit": require 'inc/process/user.php'; user_edit(); break; case FORM_LOT_NEW: require 'inc/process/lot.php'; lot_add(); break; default: $processed = false; } return $processed; }
function telek_hook_recvsms_intercept($sms_datetime, $sms_sender, $message, $sms_receiver) { //$ret = array(); $ps = explode(" ", $message, 2); $ikut = strtoupper($ps[0]); //$pesan = ''; $hooked = false; if ($ikut == 'DAFTAR') { $pecah = preg_split("/#/", $ps[1], null, PREG_SPLIT_NO_EMPTY); $c_uid = user_mobile2uid($sms_sender); $data = array(); $data['name'] = trim($pecah[0]); $data['username'] = trim($pecah[1]); $data['mobile'] = $sms_sender; $data['email'] = $data['name'] . "@noreply.org"; $data['parent_uid'] = 0; $data['status'] = 4; } if ($nama && $nohp && $pengguna) { logger_print("*******", 3, "telek"); logger_print("sms_sender " . $sms_sender, 3, "telek"); logger_print("message " . $message, 3, "telek"); logger_print("new message " . $nama, 3, "telek"); logger_print("sms target user" . $sms_receiver, 3, "telek"); logger_print("*******", 3, "telek"); if (($uid = user_mobile2uid($sms_sender)) && $nama) { _log("save in inbox u:" . $username . " uid:" . $uid . " dt:" . $sms_datetime . " s:" . $sms_sender . " r:" . $sms_receiver . " m:[" . $nohp . "]", 3, 'telek'); //recvsms_inbox_add($sms_datetime, $sms_sender, $username, $nama, $sms_receiver); //$hooked = true; //$status = ($ok ? 'handled' : 'unhandled'); } } //// $ret['uid'] = user_mobile2uid($sms_sender); //// $ret['status'] = TRUE; // $ret['param']['message'] = $ikut . ' ' . $nama .' '. $nohp . ' ' . $pengguna; // $ret['modified'] = TRUE; // $ret['hooked'] = TRUE; $ret = user_add($data); $ok = $ret['status'] ? TRUE : FALSE; if ($ok) { echo "okee"; $items = array('uid' => 1, 'name' => $data['name'], 'mobile' => $data['mobile'], 'email' => $data['email'], 'tags' => $tags); if ($c_pid = dba_add(_DB_PREF_ . '_featurePhonebook', $items)) { $save_to_group = TRUE; } else { logger_print('fail to add contact pid:' . $c_pid . ' m:' . $mobile . ' n:' . $name . ' e:' . $email . ' tags:[' . $tags . ']', 3, 'phonebook_add'); } } else { echo "gagal"; } return $ret; }
function deprecated_check() { // In 1.5.0b has exists temporary db.users if (file_exists(SERVDIR . '/cdata/db.users.php')) { $users = file(SERVDIR . '/cdata/db.users.php'); unset($users[0]); foreach ($users as $v) { list(, $b) = explode('|', $v, 2); $b = unserialize($b); if (user_search($b[UDB_NAME]) == false) { user_add($b); } } } }
function add_contact() { /*Проверка прав на выполнение действия*/ if (!check_rights('add_contact')) { //Возвращаем значение функции return "У вас нет соответствующих прав"; } //IF if (!isset($_POST['name'])) { //Возвращаем значение функции return show_form_add_contact(); //ELSE } else { //Проверка 'name' if (preg_match(REGEXP_USERNAME, $_POST['name'])) { if (db_easy_count("SELECT `user_id` FROM `phpbb_users` WHERE `username`='" . $_POST['name'] . "'") > 0) { $errors[] = ERROR_USERNAME_EXISTS; } else { $name = $_POST['name']; } } else { $errors[] = ERROR_USERNAME_REQUIREMENT; } //IF if (count($errors) == 0) { //Определяем переменную /*$user_data=array( 'username'=>$name., 'group_id'=>'1774', 'user_lang'=>'ru', 'user_type'=>0, 'user_regdate'=>time() );*/ $user_data = array('username' => $name, 'user_password' => phpbb_hash('вава'), 'user_email' => '', 'group_id' => '1774', 'user_lang' => 'ru', 'user_type' => 0, 'user_regdate' => time(), 'point_id' => 1); /*Добавляем пользователя, использую функцию PHPBB*/ $user_id = user_add($user_data); //Отправляем HTTP запрос header("location: /manager.php?action=edit_contact&contact={$user_id}"); //ELSE } else { //Возвращаем значение функции return show_form_add_contact($_POST, $errors); } } }
function reg_save() { global $smarty; $email = @$_POST['email']; $pass = @$_POST['loginpass']; $pass2 = @$_POST['loginpass2']; if ($pass == '' || $email == '') { reg_main(_('Please enter email and password')); return false; } if (strpos($email, '@') == false || strpos($email, '.') == false) { reg_main(_('Invalid email address')); return false; } if ($pass != $pass2) { reg_main(_('Password does not match')); return false; } if (recaptcha_verify() !== true) { reg_main(_('The CAPTCHA you enter is not correct')); return false; } if (INVITECODE_ENABLED == 1 && reg_checkinvite(@$_POST['invitecode']) == false) { reg_main(_('The invite code is invalid or have been used')); return false; } $ret = user_add($email, $pass); if ($ret !== true) { reg_main("<p>{$ret}</p>" . _('<p>Register fail, please contact us for help if you need.</p>')); return false; } $user = user_get($email); if (INVITECODE_ENABLED == 1) { invite_use($_POST['invitecode'], $user['id']); } user_online($email); $smarty->assign('tip_title', _('Register successed')); $smarty->assign('tip_msg', _('You have registerd successfully')); $smarty->assign('redirect_url', 'account.php'); $smarty->display('tip.html'); }
function insertUserRow($username, $email = "") { global $db, $openid; $group_id = 2; $sql = "SELECT *\n FROM " . GROUPS_TABLE . "\n WHERE group_name = 'REGISTERED' "; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { $group_id = $row['group_id']; } // add user $user_row = array('username' => $username, 'user_password' => '', 'user_email' => empty($email) ? '*****@*****.**' : $email, 'group_id' => $group_id, 'user_timezone' => '0', 'user_dst' => '0', 'user_lang' => 'en', 'user_type' => '0', 'user_actkey' => '', 'user_ip' => $_SERVER['REMOTE_ADDR'], 'user_inactive_reason' => '0', 'user_website' => $openid, 'user_inactive_time' => '0'); $user_id = user_add($user_row); $sql = "UPDATE " . USERS_TABLE . " SET user_openid ='" . $openid . "'\n WHERE user_id = {$user_id}"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql); } else { return $user_id; } }
/** * Add the search bots into the database * This code should be used in execute_last if the source database did not have bots * If you are converting bots this function should not be called * @todo We might want to look at sharing the bot list between the install code and this code for consistency */ function add_bots($bots) { global $db, $config; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'"; $result = $db->sql_query($sql); $group_id = (int) $db->sql_fetchfield('group_id', false, $result); $db->sql_freeresult($result); $db->sql_query('TRUNCATE TABLE ' . BOTS_TABLE); if (!$group_id) { add_default_groups(); $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'"; $result = $db->sql_query($sql); $group_id = (int) $db->sql_fetchfield('group_id', false, $result); $db->sql_freeresult($result); } foreach ($bots as $bot_name => $bot_ary) { $user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_id, 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => '9E8DA7', 'user_email' => '', 'user_lang' => $config['default_lang'], 'user_style' => 1, 'user_timezone' => 'UTC', 'user_allow_massemail' => 0); $user_id = user_add($user_row); if ($user_id) { $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => $bot_name, 'user_id' => $user_id, 'bot_agent' => $bot_ary[0], 'bot_ip' => $bot_ary[1])); $db->sql_query($sql); } } }
if (!$email) { $error[] = $_CLASS['core_user']->get_lang('EMAIL_ERROR'); } elseif (!check_email($email)) { $error[] = $_CLASS['core_user']->get_lang('EMAIL_INVALID'); } if (!$tz || !in_array($tz, tz_array())) { $tz = null; } if (empty($error)) { $password = encode_password($password, $_CORE_CONFIG['user']['password_encoding']); if (!$password) { //do some admin contact thing here die('Try again later'); } $data = array('username' => (string) $username, 'user_email' => (string) $email, 'user_group' => (int) $coppa ? 3 : 2, 'user_reg_date' => (int) $_CLASS['core_user']->time, 'user_timezone' => $tz, 'user_password' => (string) $password, 'user_password_encoding' => (string) $_CORE_CONFIG['user']['password_encoding'], 'user_lang' => $lang == $_CORE_CONFIG['global']['default_lang'] ? null : $lang, 'user_type' => USER_NORMAL, 'user_status' => STATUS_ACTIVE, 'user_act_key' => null, 'user_ip' => ''); user_add($data); set_core_config('user', 'newest_user_id', $data['user_id'], false); set_core_config('user', 'newest_username', $data['username'], false); set_core_config('user', 'total_users', $_CORE_CONFIG['user']['total_users'] + 1); trigger_error('USER_ADDED'); } } $_CLASS['core_template']->assign_array(array('COPPA' => isset($coppa) ? $coppa : false, 'EMAIL' => isset($email) ? $email : '', 'ERROR' => empty($error) ? false : implode('<br />', $error), 'PASSWORD' => isset($password) ? $password : '', 'USERNAME' => isset($username) ? $username : '', 'SELECT_TZ' => select_tz(isset($tz) ? $tz : $_CORE_CONFIG['global']['default_timezone']), 'S_ACTION' => generate_link('users&mode=add_user', array('admin' => true)))); $_CLASS['core_display']->display(false, 'admin/users/add.html'); break; case 'bots': if ($id && isset($_REQUEST['option'])) { require_once $site_file_root . 'includes/functions_user.php'; $sql = 'SELECT user_id, user_type, user_status FROM ' . USERS_TABLE . ' WHERE user_id = ' . $id;
/** * {@inheritdoc} */ public function login($username, $password) { ini_set('display_errors', 'On'); error_reporting(E_ALL | E_STRICT); $sqlByUsername = '******' . USERS_TABLE . ' WHERE username = \'%s\''; $sqlByID = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts FROM ' . USERS_TABLE . ' WHERE user_id = %d'; $password = trim($password); // Do not allow empty passwords. if (!$password) { return ['status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'NO_PASSWORD_SUPPLIED', 'user_row' => ['user_id' => ANONYMOUS]]; } // Do not allow empty usernames. if (!$username) { return ['status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => ['user_id' => ANONYMOUS]]; } // Do not allow the default admin to log in. if ($username == 'admin') { return ['status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_ADMIN_USERNAME', 'user_row' => ['user_id' => ANONYMOUS]]; } // Find a phpbb user incase someone is trying to login with their // character name. Use the user's email address instead to login. // This is needed in order to use the administration panel. $sth = $this->db->sql_query(sprintf($sqlByUsername, $this->db->sql_escape($username))); $phpbb_user = $this->db->sql_fetchrow($sth); $this->db->sql_freeresult($sth); if ($phpbb_user) { $username = $phpbb_user['user_email']; } // Get the user details from seat. $user = $this->authenticateUser($username, $password); if (is_integer($user)) { switch ($user) { case 1001: $error = 'LOGIN_ERROR_INVALID_CONNECTION'; break; case 1002: $error = 'LOGIN_ERROR_INVALID_CREDENTIALS'; break; case 1003: $error = 'LOGIN_ERROR_NO_MAIN_CHARACTER_SET'; break; case 1004: $error = 'LOGIN_ERROR_MAIN_CHARACTER_UNAUTHORIZED'; break; default: $error = 'LOGIN_ERROR_UNKNOWN'; break; } return ['status' => LOGIN_ERROR_EXTERNAL_AUTH, 'error_msg' => $error, 'user_row' => ['user_id' => ANONYMOUS]]; } // Return the phpbb user if it was already found earlier. if ($phpbb_user) { return ['status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $phpbb_user]; } // Find a phpbb user using the seat user's character name. $sth = $this->db->sql_query(sprintf($sqlByUsername, $this->db->sql_escape($user['characterName']))); $phpbb_user = $this->db->sql_fetchrow($sth); $this->db->sql_freeresult($sth); if ($phpbb_user) { return ['status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $phpbb_user]; } // Create a new phpbb user if one wasn't found. $result = user_add(['username' => $user['characterName'], 'user_password' => phpbb_hash(openssl_random_pseudo_bytes(256)), 'user_email' => $user['userEmail'], 'group_id' => in_array('Superuser', $user['userRoles']) ? 5 : 2, 'user_type' => in_array('Superuser', $user['userRoles']) ? 3 : USER_NORMAL]); // Return the newly created user. $sth = $this->db->sql_query(sprintf($sqlByID, $this->db->sql_escape($result))); $phpbb_user = $this->db->sql_fetchrow($sth); $this->db->sql_freeresult($sth); return ['status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $phpbb_user]; }
$missed_call_data = str_replace(' ', '', $missed_call_data); if (!is_numeric($missed_call_data)) { unset($missed_call_app, $missed_call_data); } break; } //add the extension to the database if ($action == "add" && permission_exists('extension_add')) { $user_email = ''; if ($_SESSION["user"]["unique"]["text"] != "global") { if ($autogen_users == "true") { $auto_user = $extension; for ($i = 1; $i <= $range; $i++) { $user_last_name = $auto_user; $user_password = generate_password(); user_add($auto_user, $user_password, $user_email); $generated_users[$i]['username'] = $auto_user; $generated_users[$i]['password'] = $user_password; $auto_user++; } unset($auto_user); } } $j = 0; for ($i = 1; $i <= $range; $i++) { if (extension_exists($extension)) { //extension exists } else { //extension does not exist add it $extension_uuid = uuid(); $password = generate_password();
public function main($id, $mode) { global $config, $db, $request, $template, $user, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_admin_path; $this->config = $config; $this->db = $db; $this->request = $request; $this->template = $template; $this->user = $user; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $phpEx; $this->log = $phpbb_container->get('log'); $this->phpbb_admin_path = $phpbb_admin_path; $admin_activate = $this->request->variable('activate', 0) ? $this->config['require_activation'] == USER_ACTIVATION_ADMIN ? true : false : false; $group_default = $this->request->variable('group_default', 0); $group_selected = $this->request->variable('group', 0); $this->page_title = $user->lang['ACP_ADD_USER']; $this->tpl_name = 'acp_adduser'; //include files we need to add a user if (!function_exists('user_add')) { include $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext; } // include lang files we need $user->add_lang(array('posting', 'ucp', 'acp/users', 'acp/groups')); // add custom profile fields $cp = $phpbb_container->get('profilefields.manager'); //set empty error strings $error = $cp_data = $cp_error = array(); // Load a template from adm/style for our ACP page $this->tpl_name = 'acp_adduser'; // Define the name of the form for use as a form key add_form_key('acp_adduser'); // Try to automatically determine the timezone and daylight savings time settings $timezone = $this->config['board_timezone']; $data = array('username' => $this->request->variable('username', '', true), 'new_password' => $this->request->variable('new_password', '', true), 'password_confirm' => $this->request->variable('password_confirm', '', true), 'email' => strtolower($this->request->variable('email', '')), 'lang' => basename($this->request->variable('lang', $this->user->lang_name)), 'tz' => $this->request->variable('tz', $timezone), 'group' => $this->request->variable('group', 0)); // build an array of all lang directories for the extension and check to make sure we have the lang available that is being chosen // if the lang isn't present then errors will present themselves due to no email template found $dir_array = $this->dir_to_array($this->phpbb_root_path . 'ext/phpbbmodders/adduser/language'); if (!in_array($data['lang'], $dir_array)) { trigger_error(sprintf($this->user->lang['DIR_NOT_EXIST'], $data['lang'], $data['lang']), E_USER_WARNING); } if ($this->config['allow_birthdays']) { $data['bday_day'] = $data['bday_month'] = $data['bday_year'] = 0; $data['bday_day'] = $this->request->variable('bday_day', $data['bday_day']); $data['bday_month'] = $this->request->variable('bday_month', $data['bday_month']); $data['bday_year'] = $this->request->variable('bday_year', $data['bday_year']); $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); } // if form is submitted if ($this->request->is_set_post('submit')) { // Test if form key is valid if (!check_form_key('acp_adduser')) { trigger_error('FORM_INVALID'); } // lets create a wacky new password for our user...but only if there is nothing for a password already if (empty($data['new_password']) && empty($data['password_confirm'])) { if ($this->config['pass_complex'] == 'PASS_TYPE_ANY' || $this->config['pass_complex'] == 'PASS_TYPE_CASE') { $new_password = str_split(base64_encode(md5(time() . $data['username'])), $this->config['min_pass_chars'] + rand(3, 5)); $data['new_password'] = $data['password_confirm'] = $new_password[0]; } else { if ($this->config['pass_complex'] == 'PASS_TYPE_ALPHA') { $new_password = $this->generate_password($this->config['min_pass_chars'] + rand(3, 5), 'PASS_TYPE_ALPHA'); $data['new_password'] = $data['password_confirm'] = $new_password; } else { $new_password = $this->generate_password($this->config['min_pass_chars'] + rand(3, 5), 'PASS_TYPE_SYMBOL'); $data['new_password'] = $data['password_confirm'] = $new_password; } } } // validate entries $validate_array = array('username' => array(array('string', false, $this->config['min_name_chars'], $this->config['max_name_chars']), array('username', '')), 'email' => array(array('string', false, 6, 60), array('user_email')), 'new_password' => array(array('string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']), 'tz' => array('timezone'), 'lang' => array('language_iso_name')); if ($this->config['allow_birthdays']) { $validate_array = array_merge($validate_array, array('bday_day' => array('num', true, 1, 31), 'bday_month' => array('num', true, 1, 12), 'bday_year' => array('num', true, 1901, gmdate('Y', time()) + 50), 'user_birthday' => array('date', true))); } $error = validate_data($data, $validate_array); // validate custom profile fields $cp->submit_cp_field('register', $this->user->get_iso_lang_id(), $cp_data, $error); if (sizeof($cp_error)) { $error = array_merge($error, $cp_error); } if ($data['new_password'] != $data['password_confirm']) { $error[] = $user->lang['NEW_PASSWORD_ERROR']; } // Replace "error" strings with their real, localised form $error = array_map(array($user, 'lang'), $error); if (!sizeof($error)) { $server_url = generate_board_url(); $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_name = 'REGISTERED'\n\t\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL; $result = $db->sql_query($sql); $group_id = $db->sql_fetchfield('group_id'); $db->sql_freeresult($result); // use group_id here if (!$group_id) { trigger_error('NO_GROUP'); } if (($this->config['require_activation'] == USER_ACTIVATION_SELF || $this->config['require_activation'] == USER_ACTIVATION_ADMIN) && $this->config['email_enable'] && !$admin_activate) { $user_actkey = gen_rand_string(mt_rand(6, 10)); $user_type = USER_INACTIVE; $user_inactive_reason = INACTIVE_REGISTER; $user_inactive_time = time(); } else { $user_type = USER_NORMAL; $user_actkey = ''; $user_inactive_reason = 0; $user_inactive_time = 0; } // Instantiate passwords manager $passwords_manager = $phpbb_container->get('passwords.manager'); $user_row = array('username' => $data['username'], 'user_password' => $passwords_manager->hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => $data['tz'], 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $this->user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time); if ($this->config['allow_birthdays']) { $user_row['user_birthday'] = $data['user_birthday']; } // Register user... $user_id = user_add($user_row, $cp_data); if (!empty($data['group'])) { if (!empty($group_default)) { group_user_add($data['group'], array($user_id), false, false, true); } else { group_user_add($data['group'], array($user_id)); } } $this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_USER_ADDED', time(), array($data['username'])); // This should not happen, because the required variables are listed above... if ($user_id === false) { trigger_error($this->user->lang['NO_USER'], E_USER_ERROR); } // send a message to the user...if needed $message = array(); if ($this->config['require_activation'] == USER_ACTIVATION_SELF && $this->config['email_enable']) { $message[] = $this->user->lang['ACP_ACCOUNT_INACTIVE']; $email_template = '@phpbbmodders_adduser/user_added_inactive'; } else { if ($this->config['require_activation'] == USER_ACTIVATION_ADMIN && $this->config['email_enable'] && !$admin_activate) { $message[] = $this->user->lang['ACP_ACCOUNT_INACTIVE_ADMIN']; $email_template = '@phpbbmodders_adduser/user_added_admin_welcome_inactive'; } else { $message[] = $this->user->lang['ACP_ACCOUNT_ADDED']; $email_template = '@phpbbmodders_adduser/user_added_welcome'; } } if ($config['email_enable']) { if (!class_exists('messenger')) { include $this->phpbb_root_path . 'includes/functions_messenger.' . $this->php_ext; } $messenger = new \messenger(false); $messenger->template($email_template, $data['lang']); $messenger->to($data['email'], $data['username']); $messenger->headers('X-AntiAbuse: Board servername - ' . $this->config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $this->user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $this->user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $this->user->ip); $messenger->assign_vars(array('WELCOME_MSG' => htmlspecialchars_decode(sprintf($this->user->lang['WELCOME_SUBJECT'], $this->config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}")); $messenger->send(NOTIFY_EMAIL); } if ($this->config['require_activation'] == USER_ACTIVATION_ADMIN && !$admin_activate) { $phpbb_notifications = $phpbb_container->get('notification_manager'); $phpbb_notifications->add_notifications('notification.type.admin_activate_user', array('user_id' => $user_id, 'user_actkey' => $user_row['user_actkey'], 'user_regdate' => $user_row['user_regdate'])); } $message[] = sprintf($user->lang['CONTINUE_EDIT_USER'], '<a href="' . append_sid("{$this->phpbb_admin_path}index.{$phpEx}", 'i=users&mode=overview&u=' . $user_id) . '">', $data['username'], '</a>'); $message[] = sprintf($user->lang['EDIT_USER_GROUPS'], '<a href="' . append_sid("{$this->phpbb_admin_path}index.{$phpEx}", 'i=users&mode=groups&u=' . $user_id) . '">', '</a>'); $message[] = adm_back_link($this->u_action); trigger_error(implode('<br />', $message)); } } $l_reg_cond = ''; switch ($this->config['require_activation']) { case USER_ACTIVATION_SELF: $l_reg_cond = $this->user->lang['ACP_EMAIL_ACTIVATE']; break; case USER_ACTIVATION_ADMIN: $l_reg_cond = $this->user->lang['ACP_ADMIN_ACTIVATE']; break; default: $l_reg_cond = $this->user->lang['ACP_INSTANT_ACTIVATE']; break; } if ($this->config['allow_birthdays']) { $s_birthday_day_options = '<option value="0"' . (!$data['bday_day'] ? ' selected="selected"' : '') . '>--</option>'; for ($i = 1; $i < 32; $i++) { $selected = $i == $data['bday_day'] ? ' selected="selected"' : ''; $s_birthday_day_options .= "<option value=\"{$i}\"{$selected}>{$i}</option>"; } $s_birthday_month_options = '<option value="0"' . (!$data['bday_month'] ? ' selected="selected"' : '') . '>--</option>'; for ($i = 1; $i < 13; $i++) { $selected = $i == $data['bday_month'] ? ' selected="selected"' : ''; $s_birthday_month_options .= "<option value=\"{$i}\"{$selected}>{$i}</option>"; } $s_birthday_year_options = ''; $now = getdate(); $s_birthday_year_options = '<option value="0"' . (!$data['bday_year'] ? ' selected="selected"' : '') . '>--</option>'; for ($i = $now['year'] - 100; $i <= $now['year']; $i++) { $selected = $i == $data['bday_year'] ? ' selected="selected"' : ''; $s_birthday_year_options .= "<option value=\"{$i}\"{$selected}>{$i}</option>"; } unset($now); $this->template->assign_vars(array('S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options, 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options, 'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options, 'S_BIRTHDAYS_ENABLED' => true)); } // Get the groups, so that the user can be added to them $s_group_options = $this->get_groups($group_selected); $timezone_selects = phpbb_timezone_select($template, $user, $data['tz'], true); $this->template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'NEW_USERNAME' => $data['username'], 'EMAIL' => $data['email'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'L_PASSWORD_EXPLAIN' => $this->user->lang($config['pass_complex'] . '_EXPLAIN', $this->user->lang('CHARACTERS', (int) $this->config['min_pass_chars']), $this->user->lang('CHARACTERS', (int) $this->config['max_pass_chars'])) . ' ' . $this->user->lang['PASSWORD_EXPLAIN'], 'L_USERNAME_EXPLAIN' => $this->user->lang($config['allow_name_chars'] . '_EXPLAIN', $this->user->lang('CHARACTERS', (int) $this->config['min_name_chars']), $this->user->lang('CHARACTERS', (int) $this->config['max_name_chars'])), 'L_ADD_USER_EXPLAIN' => sprintf($this->user->lang['ADD_USER_EXPLAIN'], '<a href="' . append_sid("{$this->phpbb_admin_path}index.{$phpEx}", 'i=acp_board&mode=registration') . '">', '</a>'), 'L_REG_COND' => $l_reg_cond, 'L_MOD_VERSION' => sprintf($this->user->lang['MOD_VERSION'], $this->config['adduser_version']), 'S_USER_ADD' => true, 'S_GROUP_OPTIONS' => $s_group_options, 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_ADMIN_ACTIVATE' => $this->config['require_activation'] == USER_ACTIVATION_ADMIN ? true : false, 'U_ADMIN_ACTIVATE' => $admin_activate ? 'checked="checked"' : '', 'U_GROUP_DEFAULT' => $group_default ? 'checked="checked"' : '')); $this->user->profile_fields = array(); // Generate profile fields -> Template Block Variable profile_fields $cp->generate_profile_fields('register', $user->get_iso_lang_id()); }
/** * Add a user with the name $user to phpBB and update all entries in the database to reflect this * @param string $oldname The name that was used when making the guest posts * @param string $newname The name that will be used for the new user * @return void * @access private */ function _add_user_and_update_data($oldname, $newname) { global $db, $config, $user; if (!function_exists('user_add')) { include PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT; } // Registered users group? $sql = 'SELECT group_id, group_colour FROM ' . GROUPS_TABLE . "\n\t\t\tWHERE group_name = 'REGISTERED'"; $result = $db->sql_query_limit($sql, 1); $gid = $db->sql_fetchfield('group_id', false, $result); $gcl = $db->sql_fetchfield('group_colour', 0, $result); $db->sql_freeresult($result); // Setup the user $user_ary = array('username' => $newname, 'group_id' => $gid, 'user_email' => $config['board_email'], 'user_type' => USER_NORMAL, 'user_password' => gen_rand_string(12)); // Add the user $user_id = user_add($user_ary); // Update forums table $sql = 'UPDATE ' . FORUMS_TABLE . ' SET forum_last_poster_id = ' . (int) $user_id . " , forum_last_poster_name = '" . $db->sql_escape($newname) . "', forum_last_poster_colour = '" . $db->sql_escape($gcl) . "'\n\t\t\tWHERE forum_last_poster_name = '" . $db->sql_escape($oldname) . "'"; $db->sql_query($sql); // Update posts table $sql = 'UPDATE ' . POSTS_TABLE . ' SET poster_id = ' . (int) $user_id . ", post_username = ''\n\t\t\tWHERE post_username = '******'"; $db->sql_query($sql); // Update topics table (first post) $sql = 'UPDATE ' . TOPICS_TABLE . ' SET topic_poster = ' . (int) $user_id . ", topic_first_poster_name = '" . $db->sql_escape($newname) . "', topic_first_poster_colour = '" . $db->sql_escape($gcl) . "'\n\t\t\tWHERE topic_first_poster_name = '" . $db->sql_escape($oldname) . "'"; $db->sql_query($sql); // Update topics table (last post) $sql = 'UPDATE ' . TOPICS_TABLE . ' SET topic_last_poster_id = ' . (int) $user_id . ", topic_last_poster_name = '" . $db->sql_escape($newname) . "', topic_last_poster_colour = '" . $db->sql_escape($gcl) . "'\n\t\t\tWHERE topic_last_poster_name = '" . $db->sql_escape($oldname) . "'"; $db->sql_query($sql); // Update user post count $sql = 'SELECT COUNT(post_id) as post_cnt FROM ' . POSTS_TABLE . ' WHERE poster_id = ' . (int) $user_id; $result = $db->sql_query($sql); $post_cnt = $db->sql_fetchfield('post_cnt', false, $result); $db->sql_freeresult($result); $sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = ' . $post_cnt . ' WHERE user_id = ' . (int) $user_id; $db->sql_query($sql); }
if ($_REQUEST['captcha'] == $_SESSION['tmp']['captcha']) { $data = array(); $data['name'] = $_REQUEST['name']; $data['username'] = $_REQUEST['username']; $data['mobile'] = $_REQUEST['mobile']; $data['email'] = $_REQUEST['email']; // force non-admin, status=3 is user and status=4 is subuser $data['status'] = $core_config['main']['default_user_status'] == 3 ? $core_config['main']['default_user_status'] : 4; // if subuser and no site config then parent uid is 0 $parent_uid = (int) $site_config['uid'] ? (int) $site_config['uid'] : 0; $data['parent_uid'] = $data['status'] == 4 ? $parent_uid : 0; // empty this and playSMS will generate random password $data['password'] = ''; // set credit to 0 by default $data['credit'] = 0; $ret = user_add($data); $ok = $ret['status'] ? TRUE : FALSE; $_SESSION['error_string'] = $ret['error_string']; } else { $_SESSION['error_string'] = _('Please type the displayed captcha phrase correctly'); } } if ($ok) { header("Location: " . _u($core_config['http_path']['base'])); } else { header("Location: " . _u('index.php?app=main&inc=core_auth&route=register')); } exit; } else { // error string if ($_SESSION['error_string']) {
/** * Creates a new user with limited permissions * * @param string $username Also doubles up as the user's password * @return int ID of created user */ protected function create_user($username) { // Required by unique_id global $config; $config = new \phpbb\config\config(array()); /* * Add required config entries to the config array to prevent * set_config() sending an INSERT query for already existing entries, * resulting in a SQL error. * This is because set_config() first sends an UPDATE query, then checks * sql_affectedrows() which can be 0 (e.g. on MySQL) when the new * data is already there. */ $config['newest_user_colour'] = ''; $config['rand_seed'] = ''; $config['rand_seed_last_update'] = time() + 600; // Required by user_add global $db, $cache, $phpbb_dispatcher, $phpbb_container; $db = $this->get_db(); if (!function_exists('phpbb_mock_null_cache')) { require_once __DIR__ . '/../mock/null_cache.php'; } $cache = new phpbb_mock_null_cache(); $cache_driver = new \phpbb\cache\driver\dummy(); $phpbb_container = new phpbb_mock_container_builder(); $phpbb_container->set('cache.driver', $cache_driver); $phpbb_notifications = new phpbb_mock_notification_manager(); $phpbb_container->set('notification_manager', $phpbb_notifications); if (!function_exists('utf_clean_string')) { require_once __DIR__ . '/../../phpBB/includes/utf/utf_tools.php'; } if (!function_exists('user_add')) { require_once __DIR__ . '/../../phpBB/includes/functions_user.php'; } $phpbb_dispatcher = new phpbb_mock_event_dispatcher(); $passwords_manager = $this->get_passwords_manager(); $user_row = array('username' => $username, 'group_id' => 2, 'user_email' => '*****@*****.**', 'user_type' => 0, 'user_lang' => 'en', 'user_timezone' => 'UTC', 'user_dateformat' => 'r', 'user_password' => $passwords_manager->hash($username . $username)); return user_add($user_row); }
/** * Add search robots to the database */ function add_bots($mode, $sub) { global $db, $lang, $phpbb_root_path, $phpEx, $config; // Obtain any submitted data $data = $this->get_submitted_data(); // Fill the config array - it is needed by those functions we call $sql = 'SELECT * FROM ' . CONFIG_TABLE; $result = $db->sql_query($sql); $config = array(); while ($row = $db->sql_fetchrow($result)) { $config[$row['config_name']] = $row['config_value']; } $db->sql_freeresult($result); $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'"; $result = $db->sql_query($sql); $group_id = (int) $db->sql_fetchfield('group_id'); $db->sql_freeresult($result); if (!$group_id) { // If we reach this point then something has gone very wrong $this->p_master->error($lang['NO_GROUP'], __LINE__, __FILE__); } if (!function_exists('user_add')) { include($phpbb_root_path . 'includes/functions_user.' . $phpEx); } foreach ($this->bot_list as $bot_name => $bot_ary) { $user_row = array( 'user_type' => USER_IGNORE, 'group_id' => $group_id, 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => '9E8DA7', 'user_email' => '', 'user_lang' => $data['default_lang'], 'user_style' => 1, 'user_timezone' => 0, 'user_dateformat' => $lang['default_dateformat'], 'user_allow_massemail' => 0, ); $user_id = user_add($user_row); if (!$user_id) { // If we can't insert this user then continue to the next one to avoid inconsistant data $this->p_master->db_error('Unable to insert bot into users table', $db->sql_error_sql, __LINE__, __FILE__, true); continue; } $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'bot_active' => 1, 'bot_name' => (string) $bot_name, 'user_id' => (int) $user_id, 'bot_agent' => (string) $bot_ary[0], 'bot_ip' => (string) $bot_ary[1], )); $result = $db->sql_query($sql); } }
function change_database_data(&$no_updates, $version) { global $db, $db_tools, $errored, $error_ary, $config, $table_prefix, $phpbb_root_path, $phpEx; switch ($version) { case '3.0.0': $sql = 'UPDATE ' . TOPICS_TABLE . "\n\t\t\t\tSET topic_last_view_time = topic_last_post_time\n\t\t\t\tWHERE topic_last_view_time = 0"; _sql($sql, $errored, $error_ary); // Update smiley sizes $smileys = array('icon_e_surprised.gif', 'icon_eek.gif', 'icon_cool.gif', 'icon_lol.gif', 'icon_mad.gif', 'icon_razz.gif', 'icon_redface.gif', 'icon_cry.gif', 'icon_evil.gif', 'icon_twisted.gif', 'icon_rolleyes.gif', 'icon_exclaim.gif', 'icon_question.gif', 'icon_idea.gif', 'icon_arrow.gif', 'icon_neutral.gif', 'icon_mrgreen.gif', 'icon_e_ugeek.gif'); foreach ($smileys as $smiley) { if (file_exists($phpbb_root_path . 'images/smilies/' . $smiley)) { list($width, $height) = getimagesize($phpbb_root_path . 'images/smilies/' . $smiley); $sql = 'UPDATE ' . SMILIES_TABLE . ' SET smiley_width = ' . $width . ', smiley_height = ' . $height . "\n\t\t\t\t\t\tWHERE smiley_url = '" . $db->sql_escape($smiley) . "'"; _sql($sql, $errored, $error_ary); } } $no_updates = false; break; // No changes from 3.0.1-RC1 to 3.0.1 // No changes from 3.0.1-RC1 to 3.0.1 case '3.0.1-RC1': break; // changes from 3.0.1 to 3.0.2-RC1 // changes from 3.0.1 to 3.0.2-RC1 case '3.0.1': set_config('referer_validation', '1'); set_config('check_attachment_content', '1'); set_config('mime_triggers', 'body|head|html|img|plaintext|a href|pre|script|table|title'); $no_updates = false; break; // No changes from 3.0.2-RC1 to 3.0.2-RC2 // No changes from 3.0.2-RC1 to 3.0.2-RC2 case '3.0.2-RC1': break; // No changes from 3.0.2-RC2 to 3.0.2 // No changes from 3.0.2-RC2 to 3.0.2 case '3.0.2-RC2': break; // Changes from 3.0.2 to 3.0.3-RC1 // Changes from 3.0.2 to 3.0.3-RC1 case '3.0.2': set_config('enable_queue_trigger', '0'); set_config('queue_trigger_posts', '3'); set_config('pm_max_recipients', '0'); // Set maximum number of recipients for the registered users, bots, guests group $sql = 'UPDATE ' . GROUPS_TABLE . ' SET group_max_recipients = 5 WHERE ' . $db->sql_in_set('group_name', array('GUESTS', 'REGISTERED', 'REGISTERED_COPPA', 'BOTS')); _sql($sql, $errored, $error_ary); // Not prefilling yet set_config('dbms_version', ''); // Add new permission u_masspm_group and duplicate settings from u_masspm include_once $phpbb_root_path . 'includes/acp/auth.' . $phpEx; $auth_admin = new auth_admin(); // Only add the new permission if it does not already exist if (empty($auth_admin->acl_options['id']['u_masspm_group'])) { $auth_admin->acl_add_option(array('global' => array('u_masspm_group'))); // Now the tricky part, filling the permission $old_id = $auth_admin->acl_options['id']['u_masspm']; $new_id = $auth_admin->acl_options['id']['u_masspm_group']; $tables = array(ACL_GROUPS_TABLE, ACL_ROLES_DATA_TABLE, ACL_USERS_TABLE); foreach ($tables as $table) { $sql = 'SELECT * FROM ' . $table . ' WHERE auth_option_id = ' . $old_id; $result = _sql($sql, $errored, $error_ary); $sql_ary = array(); while ($row = $db->sql_fetchrow($result)) { $row['auth_option_id'] = $new_id; $sql_ary[] = $row; } $db->sql_freeresult($result); if (sizeof($sql_ary)) { $db->sql_multi_insert($table, $sql_ary); } } // Remove any old permission entries $auth_admin->acl_clear_prefetch(); } /** * Do not resync post counts here. An admin may do this later from the ACP $start = 0; $step = ($config['num_posts']) ? (max((int) ($config['num_posts'] / 5), 20000)) : 20000; $sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = 0'; _sql($sql, $errored, $error_ary); do { $sql = 'SELECT COUNT(post_id) AS num_posts, poster_id FROM ' . POSTS_TABLE . ' WHERE post_id BETWEEN ' . ($start + 1) . ' AND ' . ($start + $step) . ' AND post_postcount = 1 AND post_approved = 1 GROUP BY poster_id'; $result = _sql($sql, $errored, $error_ary); if ($row = $db->sql_fetchrow($result)) { do { $sql = 'UPDATE ' . USERS_TABLE . " SET user_posts = user_posts + {$row['num_posts']} WHERE user_id = {$row['poster_id']}"; _sql($sql, $errored, $error_ary); } while ($row = $db->sql_fetchrow($result)); $start += $step; } else { $start = 0; } $db->sql_freeresult($result); } while ($start); */ $sql = 'UPDATE ' . MODULES_TABLE . ' SET module_auth = \'acl_a_email && cfg_email_enable\' WHERE module_class = \'acp\' AND module_basename = \'email\''; _sql($sql, $errored, $error_ary); $no_updates = false; break; // Changes from 3.0.3-RC1 to 3.0.3 // Changes from 3.0.3-RC1 to 3.0.3 case '3.0.3-RC1': if ($db->sql_layer == 'oracle') { // log_operation is CLOB - but we can change this later $sql = 'UPDATE ' . LOG_TABLE . "\n\t\t\t\t\tSET log_operation = 'LOG_DELETE_TOPIC'\n\t\t\t\t\tWHERE log_operation LIKE 'LOG_TOPIC_DELETED'"; _sql($sql, $errored, $error_ary); } else { $sql = 'UPDATE ' . LOG_TABLE . "\n\t\t\t\t\tSET log_operation = 'LOG_DELETE_TOPIC'\n\t\t\t\t\tWHERE log_operation = 'LOG_TOPIC_DELETED'"; _sql($sql, $errored, $error_ary); } $no_updates = false; break; // Changes from 3.0.3 to 3.0.4-RC1 // Changes from 3.0.3 to 3.0.4-RC1 case '3.0.3': // Update the Custom Profile Fields based on previous settings to the new format $sql = 'SELECT field_id, field_required, field_show_on_reg, field_hide FROM ' . PROFILE_FIELDS_TABLE; $result = _sql($sql, $errored, $error_ary); while ($row = $db->sql_fetchrow($result)) { $sql_ary = array('field_required' => 0, 'field_show_on_reg' => 0, 'field_hide' => 0, 'field_show_profile' => 0); if ($row['field_required']) { $sql_ary['field_required'] = $sql_ary['field_show_on_reg'] = $sql_ary['field_show_profile'] = 1; } else { if ($row['field_show_on_reg']) { $sql_ary['field_show_on_reg'] = $sql_ary['field_show_profile'] = 1; } else { if ($row['field_hide']) { // Only administrators and moderators can see this CPF, if the view is enabled, they can see it, otherwise just admins in the acp_users module $sql_ary['field_hide'] = 1; } else { // equivelant to "none", which is the "Display in user control panel" option $sql_ary['field_show_profile'] = 1; } } } _sql('UPDATE ' . PROFILE_FIELDS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE field_id = ' . $row['field_id'], $errored, $error_ary); } $no_updates = false; break; // Changes from 3.0.4-RC1 to 3.0.4 // Changes from 3.0.4-RC1 to 3.0.4 case '3.0.4-RC1': break; // Changes from 3.0.4 to 3.0.5-RC1 // Changes from 3.0.4 to 3.0.5-RC1 case '3.0.4': // Captcha config variables set_config('captcha_gd_wave', 0); set_config('captcha_gd_3d_noise', 1); set_config('captcha_gd_fonts', 1); set_config('confirm_refresh', 1); // Maximum number of keywords set_config('max_num_search_keywords', 10); // Remove static config var and put it back as dynamic variable $sql = 'UPDATE ' . CONFIG_TABLE . "\n\t\t\t\tSET is_dynamic = 1\n\t\t\t\tWHERE config_name = 'search_indexing_state'"; _sql($sql, $errored, $error_ary); // Hash old MD5 passwords $sql = 'SELECT user_id, user_password FROM ' . USERS_TABLE . ' WHERE user_pass_convert = 1'; $result = _sql($sql, $errored, $error_ary); while ($row = $db->sql_fetchrow($result)) { if (strlen($row['user_password']) == 32) { $sql_ary = array('user_password' => phpbb_hash($row['user_password'])); _sql('UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $row['user_id'], $errored, $error_ary); } } $db->sql_freeresult($result); // Adjust bot entry $sql = 'UPDATE ' . BOTS_TABLE . "\n\t\t\t\tSET bot_agent = 'ichiro/'\n\t\t\t\tWHERE bot_agent = 'ichiro/2'"; _sql($sql, $errored, $error_ary); // Before we are able to add a unique key to auth_option, we need to remove duplicate entries // We get duplicate entries first $sql = 'SELECT auth_option FROM ' . ACL_OPTIONS_TABLE . ' GROUP BY auth_option HAVING COUNT(*) >= 2'; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[] = $row['auth_option']; } $db->sql_freeresult($result); // Remove specific auth options if (!empty($auth_options)) { foreach ($auth_options as $option) { // Select auth_option_ids... the largest id will be preserved $sql = 'SELECT auth_option_id FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\t\tWHERE auth_option = '" . $db->sql_escape($option) . "'\n\t\t\t\t\t\tORDER BY auth_option_id DESC"; // sql_query_limit not possible here, due to bug in postgresql layer $result = $db->sql_query($sql); // Skip first row, this is our original auth option we want to preserve $row = $db->sql_fetchrow($result); while ($row = $db->sql_fetchrow($result)) { // Ok, remove this auth option... _sql('DELETE FROM ' . ACL_OPTIONS_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary); _sql('DELETE FROM ' . ACL_ROLES_DATA_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary); _sql('DELETE FROM ' . ACL_GROUPS_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary); _sql('DELETE FROM ' . ACL_USERS_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary); } $db->sql_freeresult($result); } } // Now make auth_option UNIQUE, by dropping the old index and adding a UNIQUE one. $changes = array('drop_keys' => array(ACL_OPTIONS_TABLE => array('auth_option'))); $statements = $db_tools->perform_schema_changes($changes); foreach ($statements as $sql) { _sql($sql, $errored, $error_ary); } $changes = array('add_unique_index' => array(ACL_OPTIONS_TABLE => array('auth_option' => array('auth_option')))); $statements = $db_tools->perform_schema_changes($changes); foreach ($statements as $sql) { _sql($sql, $errored, $error_ary); } $no_updates = false; break; // No changes from 3.0.5-RC1 to 3.0.5 // No changes from 3.0.5-RC1 to 3.0.5 case '3.0.5-RC1': break; // Changes from 3.0.5 to 3.0.6-RC1 // Changes from 3.0.5 to 3.0.6-RC1 case '3.0.5': // Let's see if the GD Captcha can be enabled... we simply look for what *is* enabled... if (!empty($config['captcha_gd']) && !isset($config['captcha_plugin'])) { set_config('captcha_plugin', 'phpbb_captcha_gd'); } else { if (!isset($config['captcha_plugin'])) { set_config('captcha_plugin', 'phpbb_captcha_nogd'); } } // Entries for the Feed Feature set_config('feed_enable', '0'); set_config('feed_limit', '10'); set_config('feed_overall_forums', '1'); set_config('feed_overall_forums_limit', '15'); set_config('feed_overall_topics', '0'); set_config('feed_overall_topics_limit', '15'); set_config('feed_forum', '1'); set_config('feed_topic', '1'); set_config('feed_item_statistics', '1'); // Entries for smiley pagination set_config('smilies_per_page', '50'); // Entry for reporting PMs set_config('allow_pm_report', '1'); // Install modules $modules_to_install = array('feed' => array('base' => 'board', 'class' => 'acp', 'title' => 'ACP_FEED_SETTINGS', 'auth' => 'acl_a_board', 'cat' => 'ACP_BOARD_CONFIGURATION', 'after' => array('signature', 'ACP_SIGNATURE_SETTINGS')), 'warnings' => array('base' => 'users', 'class' => 'acp', 'title' => 'ACP_USER_WARNINGS', 'auth' => 'acl_a_user', 'display' => 0, 'cat' => 'ACP_CAT_USERS', 'after' => array('feedback', 'ACP_USER_FEEDBACK')), 'send_statistics' => array('base' => 'send_statistics', 'class' => 'acp', 'title' => 'ACP_SEND_STATISTICS', 'auth' => 'acl_a_server', 'cat' => 'ACP_SERVER_CONFIGURATION'), 'setting_forum_copy' => array('base' => 'permissions', 'class' => 'acp', 'title' => 'ACP_FORUM_PERMISSIONS_COPY', 'auth' => 'acl_a_fauth && acl_a_authusers && acl_a_authgroups && acl_a_mauth', 'cat' => 'ACP_FORUM_BASED_PERMISSIONS', 'after' => array('setting_forum_local', 'ACP_FORUM_PERMISSIONS')), 'pm_reports' => array('base' => 'pm_reports', 'class' => 'mcp', 'title' => 'MCP_PM_REPORTS_OPEN', 'auth' => 'aclf_m_report', 'cat' => 'MCP_REPORTS'), 'pm_reports_closed' => array('base' => 'pm_reports', 'class' => 'mcp', 'title' => 'MCP_PM_REPORTS_CLOSED', 'auth' => 'aclf_m_report', 'cat' => 'MCP_REPORTS'), 'pm_report_details' => array('base' => 'pm_reports', 'class' => 'mcp', 'title' => 'MCP_PM_REPORT_DETAILS', 'auth' => 'aclf_m_report', 'cat' => 'MCP_REPORTS')); _add_modules($modules_to_install); // Add newly_registered group... but check if it already exists (we always supported running the updater on any schema) $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_name = 'NEWLY_REGISTERED'"; $result = $db->sql_query($sql); $group_id = (int) $db->sql_fetchfield('group_id'); $db->sql_freeresult($result); if (!$group_id) { $sql = 'INSERT INTO ' . GROUPS_TABLE . " (group_name, group_type, group_founder_manage, group_colour, group_legend, group_avatar, group_desc, group_desc_uid, group_max_recipients) VALUES ('NEWLY_REGISTERED', 3, 0, '', 0, '', '', '', 5)"; _sql($sql, $errored, $error_ary); $group_id = $db->sql_nextid(); } // Insert new user role... at the end of the chain $sql = 'SELECT role_id FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\tWHERE role_name = 'ROLE_USER_NEW_MEMBER'\n\t\t\t\t\tAND role_type = 'u_'"; $result = $db->sql_query($sql); $u_role = (int) $db->sql_fetchfield('role_id'); $db->sql_freeresult($result); if (!$u_role) { $sql = 'SELECT MAX(role_order) as max_order_id FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\tWHERE role_type = 'u_'"; $result = $db->sql_query($sql); $next_order_id = (int) $db->sql_fetchfield('max_order_id'); $db->sql_freeresult($result); $next_order_id++; $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . " (role_name, role_description, role_type, role_order) VALUES ('ROLE_USER_NEW_MEMBER', 'ROLE_DESCRIPTION_USER_NEW_MEMBER', 'u_', {$next_order_id})"; _sql($sql, $errored, $error_ary); $u_role = $db->sql_nextid(); if (!$errored) { // Now add the correct data to the roles... // The standard role says that new users are not able to send a PM, Mass PM, are not able to PM groups $sql = 'INSERT INTO ' . ACL_ROLES_DATA_TABLE . " (role_id, auth_option_id, auth_setting) SELECT {$u_role}, auth_option_id, 0 FROM " . ACL_OPTIONS_TABLE . " WHERE auth_option LIKE 'u_%' AND auth_option IN ('u_sendpm', 'u_masspm', 'u_masspm_group')"; _sql($sql, $errored, $error_ary); // Add user role to group $sql = 'INSERT INTO ' . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES ({$group_id}, 0, 0, {$u_role}, 0)"; _sql($sql, $errored, $error_ary); } } // Insert new forum role $sql = 'SELECT role_id FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\tWHERE role_name = 'ROLE_FORUM_NEW_MEMBER'\n\t\t\t\t\tAND role_type = 'f_'"; $result = $db->sql_query($sql); $f_role = (int) $db->sql_fetchfield('role_id'); $db->sql_freeresult($result); if (!$f_role) { $sql = 'SELECT MAX(role_order) as max_order_id FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\tWHERE role_type = 'f_'"; $result = $db->sql_query($sql); $next_order_id = (int) $db->sql_fetchfield('max_order_id'); $db->sql_freeresult($result); $next_order_id++; $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . " (role_name, role_description, role_type, role_order) VALUES ('ROLE_FORUM_NEW_MEMBER', 'ROLE_DESCRIPTION_FORUM_NEW_MEMBER', 'f_', {$next_order_id})"; _sql($sql, $errored, $error_ary); $f_role = $db->sql_nextid(); if (!$errored) { $sql = 'INSERT INTO ' . ACL_ROLES_DATA_TABLE . " (role_id, auth_option_id, auth_setting) SELECT {$f_role}, auth_option_id, 0 FROM " . ACL_OPTIONS_TABLE . " WHERE auth_option LIKE 'f_%' AND auth_option IN ('f_noapprove')"; _sql($sql, $errored, $error_ary); } } // Set every members user_new column to 0 (old users) only if there is no one yet (this makes sure we do not execute this more than once) $sql = 'SELECT 1 FROM ' . USERS_TABLE . ' WHERE user_new = 0'; $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { $sql = 'UPDATE ' . USERS_TABLE . ' SET user_new = 0'; _sql($sql, $errored, $error_ary); } // Newly registered users limit if (!isset($config['new_member_post_limit'])) { set_config('new_member_post_limit', !empty($config['enable_queue_trigger']) ? $config['queue_trigger_posts'] : 0); } if (!isset($config['new_member_group_default'])) { set_config('new_member_group_default', 0); } // To mimick the old "feature" we will assign the forum role to every forum, regardless of the setting (this makes sure there are no "this does not work!!!! YUO!!!" posts... // Check if the role is already assigned... $sql = 'SELECT forum_id FROM ' . ACL_GROUPS_TABLE . ' WHERE group_id = ' . $group_id . ' AND auth_role_id = ' . $f_role; $result = $db->sql_query($sql); $is_options = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result); // Not assigned at all... :/ if (!$is_options) { // Get postable forums $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_type != ' . FORUM_LINK; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { _sql('INSERT INTO ' . ACL_GROUPS_TABLE . ' (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (' . $group_id . ', ' . (int) $row['forum_id'] . ', 0, ' . $f_role . ', 0)', $errored, $error_ary); } $db->sql_freeresult($result); } // Clear permissions... include_once $phpbb_root_path . 'includes/acp/auth.' . $phpEx; $auth_admin = new auth_admin(); $auth_admin->acl_clear_prefetch(); if (!isset($config['allow_avatar'])) { if ($config['allow_avatar_upload'] || $config['allow_avatar_local'] || $config['allow_avatar_remote']) { set_config('allow_avatar', '1'); } else { set_config('allow_avatar', '0'); } } if (!isset($config['allow_avatar_remote_upload'])) { if ($config['allow_avatar_remote'] && $config['allow_avatar_upload']) { set_config('allow_avatar_remote_upload', '1'); } else { set_config('allow_avatar_remote_upload', '0'); } } // Minimum number of characters if (!isset($config['min_post_chars'])) { set_config('min_post_chars', '1'); } if (!isset($config['allow_quick_reply'])) { set_config('allow_quick_reply', '1'); } // Set every members user_options column to enable // bbcode, smilies and URLs for signatures by default $sql = 'SELECT user_options FROM ' . USERS_TABLE . ' WHERE user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')'; $result = $db->sql_query_limit($sql, 1); $user_option = (int) $db->sql_fetchfield('user_options'); $db->sql_freeresult($result); // Check if we already updated the database by checking bit 15 which we used to store the sig_bbcode option if (!($user_option & 1 << 15)) { // 229376 is the added value to enable all three signature options $sql = 'UPDATE ' . USERS_TABLE . ' SET user_options = user_options + 229376'; _sql($sql, $errored, $error_ary); } if (!isset($config['delete_time'])) { set_config('delete_time', $config['edit_time']); } $no_updates = false; break; // No changes from 3.0.6-RC1 to 3.0.6-RC2 // No changes from 3.0.6-RC1 to 3.0.6-RC2 case '3.0.6-RC1': break; // Changes from 3.0.6-RC2 to 3.0.6-RC3 // Changes from 3.0.6-RC2 to 3.0.6-RC3 case '3.0.6-RC2': // Update the Custom Profile Fields based on previous settings to the new format $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . ' SET field_show_on_vt = 1 WHERE field_hide = 0 AND (field_required = 1 OR field_show_on_reg = 1 OR field_show_profile = 1)'; _sql($sql, $errored, $error_ary); $no_updates = false; break; // No changes from 3.0.6-RC3 to 3.0.6-RC4 // No changes from 3.0.6-RC3 to 3.0.6-RC4 case '3.0.6-RC3': break; // No changes from 3.0.6-RC4 to 3.0.6 // No changes from 3.0.6-RC4 to 3.0.6 case '3.0.6-RC4': break; // Changes from 3.0.6 to 3.0.7-RC1 // Changes from 3.0.6 to 3.0.7-RC1 case '3.0.6': // ATOM Feeds set_config('feed_overall', '1'); set_config('feed_http_auth', '0'); set_config('feed_limit_post', (string) (isset($config['feed_limit']) ? (int) $config['feed_limit'] : 15)); set_config('feed_limit_topic', (string) (isset($config['feed_overall_topics_limit']) ? (int) $config['feed_overall_topics_limit'] : 10)); set_config('feed_topics_new', !empty($config['feed_overall_topics']) ? '1' : '0'); set_config('feed_topics_active', !empty($config['feed_overall_topics']) ? '1' : '0'); // Delete all text-templates from the template_data $sql = 'DELETE FROM ' . STYLES_TEMPLATE_DATA_TABLE . ' WHERE template_filename ' . $db->sql_like_expression($db->any_char . '.txt'); _sql($sql, $errored, $error_ary); $no_updates = false; break; // Changes from 3.0.7-RC1 to 3.0.7-RC2 // Changes from 3.0.7-RC1 to 3.0.7-RC2 case '3.0.7-RC1': $sql = 'SELECT user_id, user_email, user_email_hash FROM ' . USERS_TABLE . ' WHERE user_type <> ' . USER_IGNORE . "\n\t\t\t\t\tAND user_email <> ''"; $result = $db->sql_query($sql); $i = 0; while ($row = $db->sql_fetchrow($result)) { // Snapshot of the phpbb_email_hash() function // We cannot call it directly because the auto updater updates the DB first. :/ $user_email_hash = sprintf('%u', crc32(strtolower($row['user_email']))) . strlen($row['user_email']); if ($user_email_hash != $row['user_email_hash']) { $sql_ary = array('user_email_hash' => $user_email_hash); $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . (int) $row['user_id']; _sql($sql, $errored, $error_ary, $i % 100 == 0); ++$i; } } $db->sql_freeresult($result); $no_updates = false; break; // No changes from 3.0.7-RC2 to 3.0.7 // No changes from 3.0.7-RC2 to 3.0.7 case '3.0.7-RC2': break; // No changes from 3.0.7 to 3.0.7-PL1 // No changes from 3.0.7 to 3.0.7-PL1 case '3.0.7': break; // Changes from 3.0.7-PL1 to 3.0.8-RC1 // Changes from 3.0.7-PL1 to 3.0.8-RC1 case '3.0.7-PL1': // Update file extension group names to use language strings. $sql = 'SELECT lang_dir FROM ' . LANG_TABLE; $result = $db->sql_query($sql); $extension_groups_updated = array(); while ($lang_dir = $db->sql_fetchfield('lang_dir')) { $lang_dir = basename($lang_dir); // The language strings we need are either in language/.../acp/attachments.php // in the update package if we're updating to 3.0.8-RC1 or later, // or they are in language/.../install.php when we're updating from 3.0.7-PL1 or earlier. // On an already updated board, they can also already be in language/.../acp/attachments.php // in the board root. $lang_files = array("{$phpbb_root_path}install/update/new/language/{$lang_dir}/acp/attachments.{$phpEx}", "{$phpbb_root_path}language/{$lang_dir}/install.{$phpEx}", "{$phpbb_root_path}language/{$lang_dir}/acp/attachments.{$phpEx}"); foreach ($lang_files as $lang_file) { if (!file_exists($lang_file)) { continue; } $lang = array(); include $lang_file; foreach ($lang as $lang_key => $lang_val) { if (isset($extension_groups_updated[$lang_key]) || strpos($lang_key, 'EXT_GROUP_') !== 0) { continue; } $sql_ary = array('group_name' => substr($lang_key, 10)); $sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "\n\t\t\t\t\t\t\tWHERE group_name = '" . $db->sql_escape($lang_val) . "'"; _sql($sql, $errored, $error_ary); $extension_groups_updated[$lang_key] = true; } } } $db->sql_freeresult($result); // Install modules $modules_to_install = array('post' => array('base' => 'board', 'class' => 'acp', 'title' => 'ACP_POST_SETTINGS', 'auth' => 'acl_a_board', 'cat' => 'ACP_MESSAGES', 'after' => array('message', 'ACP_MESSAGE_SETTINGS'))); _add_modules($modules_to_install); // update $sql = 'UPDATE ' . MODULES_TABLE . ' SET module_auth = \'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)\' WHERE module_class = \'ucp\' AND module_basename = \'profile\' AND module_mode = \'avatar\''; _sql($sql, $errored, $error_ary); // add Bing Bot $bot_name = 'Bing [Bot]'; $bot_name_clean = utf8_clean_string($bot_name); $sql = 'SELECT user_id FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE username_clean = '" . $db->sql_escape($bot_name_clean) . "'"; $result = $db->sql_query($sql); $bing_already_added = (bool) $db->sql_fetchfield('user_id'); $db->sql_freeresult($result); if (!$bing_already_added) { $bot_agent = 'bingbot/'; $bot_ip = ''; $sql = 'SELECT group_id, group_colour FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = 'BOTS'"; $result = $db->sql_query($sql); $group_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$group_row) { // default fallback, should never get here $group_row['group_id'] = 6; $group_row['group_colour'] = '9E8DA7'; } if (!function_exists('user_add')) { include $phpbb_root_path . 'includes/functions_user.' . $phpEx; } $user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_row['group_id'], 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => $group_row['group_colour'], 'user_email' => '', 'user_lang' => $config['default_lang'], 'user_style' => $config['default_style'], 'user_timezone' => 0, 'user_dateformat' => $config['default_dateformat'], 'user_allow_massemail' => 0); $user_id = user_add($user_row); $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => (string) $bot_name, 'user_id' => (int) $user_id, 'bot_agent' => (string) $bot_agent, 'bot_ip' => (string) $bot_ip)); _sql($sql, $errored, $error_ary); } // end Bing Bot addition // Delete shadow topics pointing to not existing topics $batch_size = 500; // Set of affected forums we have to resync $sync_forum_ids = array(); do { $sql_array = array('SELECT' => 't1.topic_id, t1.forum_id', 'FROM' => array(TOPICS_TABLE => 't1'), 'LEFT_JOIN' => array(array('FROM' => array(TOPICS_TABLE => 't2'), 'ON' => 't1.topic_moved_id = t2.topic_id')), 'WHERE' => 't1.topic_moved_id <> 0 AND t2.topic_id IS NULL'); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query_limit($sql, $batch_size); $topic_ids = array(); while ($row = $db->sql_fetchrow($result)) { $topic_ids[] = (int) $row['topic_id']; $sync_forum_ids[(int) $row['forum_id']] = (int) $row['forum_id']; } $db->sql_freeresult($result); if (!empty($topic_ids)) { $sql = 'DELETE FROM ' . TOPICS_TABLE . ' WHERE ' . $db->sql_in_set('topic_id', $topic_ids); $db->sql_query($sql); } } while (sizeof($topic_ids) == $batch_size); // Sync the forums we have deleted shadow topics from. sync('forum', 'forum_id', $sync_forum_ids, true, true); // Unread posts search load switch set_config('load_unreads_search', '1'); // Reduce queue interval to 60 seconds, email package size to 20 if ($config['queue_interval'] == 600) { set_config('queue_interval', '60'); } if ($config['email_package_size'] == 50) { set_config('email_package_size', '20'); } $no_updates = false; break; // No changes from 3.0.8-RC1 to 3.0.8 // No changes from 3.0.8-RC1 to 3.0.8 case '3.0.8-RC1': break; // Changes from 3.0.8 to 3.0.9-RC1 // Changes from 3.0.8 to 3.0.9-RC1 case '3.0.8': set_config('ip_login_limit_max', '50'); set_config('ip_login_limit_time', '21600'); set_config('ip_login_limit_use_forwarded', '0'); // Update file extension group names to use language strings, again. $sql = 'SELECT group_id, group_name FROM ' . EXTENSION_GROUPS_TABLE . ' WHERE group_name ' . $db->sql_like_expression('EXT_GROUP_' . $db->any_char); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $sql_ary = array('group_name' => substr($row['group_name'], 10)); $sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE group_id = ' . $row['group_id']; _sql($sql, $errored, $error_ary); } $db->sql_freeresult($result); /* * Due to a bug, vanilla phpbb could not create captcha tables * in 3.0.8 on firebird. It was possible for board administrators * to adjust the code to work. If code was manually adjusted by * board administrators, index names would not be the same as * what 3.0.9 and newer expect. This code fragment drops captcha * tables, destroying all entered Q&A captcha configuration, such * that when Q&A is configured next the respective tables will be * created with correct index names. * * If you wish to preserve your Q&A captcha configuration, you can * manually rename indexes to the currently expected name: * phpbb_captcha_questions_lang_iso => phpbb_captcha_questions_lang * phpbb_captcha_answers_question_id => phpbb_captcha_answers_qid * * Again, this needs to be done only if a board was manually modified * to fix broken captcha code. * if ($db_tools->sql_layer == 'firebird') { $changes = array( 'drop_tables' => array( $table_prefix . 'captcha_questions', $table_prefix . 'captcha_answers', $table_prefix . 'qa_confirm', ), ); $statements = $db_tools->perform_schema_changes($changes); foreach ($statements as $sql) { _sql($sql, $errored, $error_ary); } } */ $no_updates = false; break; // No changes from 3.0.9-RC1 to 3.0.9-RC2 // No changes from 3.0.9-RC1 to 3.0.9-RC2 case '3.0.9-RC1': break; // No changes from 3.0.9-RC2 to 3.0.9-RC3 // No changes from 3.0.9-RC2 to 3.0.9-RC3 case '3.0.9-RC2': break; // No changes from 3.0.9-RC3 to 3.0.9-RC4 // No changes from 3.0.9-RC3 to 3.0.9-RC4 case '3.0.9-RC3': break; // No changes from 3.0.9-RC4 to 3.0.9 // No changes from 3.0.9-RC4 to 3.0.9 case '3.0.9-RC4': break; // Changes from 3.0.9 to 3.0.10-RC1 // Changes from 3.0.9 to 3.0.10-RC1 case '3.0.9': if (!isset($config['email_max_chunk_size'])) { set_config('email_max_chunk_size', '50'); } $no_updates = false; break; // No changes from 3.0.10-RC1 to 3.0.10-RC2 // No changes from 3.0.10-RC1 to 3.0.10-RC2 case '3.0.10-RC1': break; // No changes from 3.0.10-RC2 to 3.0.10-RC3 // No changes from 3.0.10-RC2 to 3.0.10-RC3 case '3.0.10-RC2': break; // No changes from 3.0.10-RC3 to 3.0.10 // No changes from 3.0.10-RC3 to 3.0.10 case '3.0.10-RC3': break; // Changes from 3.0.10 to 3.0.11-RC1 // Changes from 3.0.10 to 3.0.11-RC1 case '3.0.10': // Updates users having current style a deactivated one $sql = 'SELECT style_id FROM ' . STYLES_TABLE . ' WHERE style_active = 0'; $result = $db->sql_query($sql); $deactivated_style_ids = array(); while ($style_id = $db->sql_fetchfield('style_id', false, $result)) { $deactivated_style_ids[] = (int) $style_id; } $db->sql_freeresult($result); if (!empty($deactivated_style_ids)) { $sql = 'UPDATE ' . USERS_TABLE . ' SET user_style = ' . (int) $config['default_style'] . ' WHERE ' . $db->sql_in_set('user_style', $deactivated_style_ids); _sql($sql, $errored, $error_ary); } // Delete orphan private messages $batch_size = 500; $sql_array = array('SELECT' => 'p.msg_id', 'FROM' => array(PRIVMSGS_TABLE => 'p'), 'LEFT_JOIN' => array(array('FROM' => array(PRIVMSGS_TO_TABLE => 't'), 'ON' => 'p.msg_id = t.msg_id')), 'WHERE' => 't.user_id IS NULL'); $sql = $db->sql_build_query('SELECT', $sql_array); do { $result = $db->sql_query_limit($sql, $batch_size); $delete_pms = array(); while ($row = $db->sql_fetchrow($result)) { $delete_pms[] = (int) $row['msg_id']; } $db->sql_freeresult($result); if (!empty($delete_pms)) { $sql = 'DELETE FROM ' . PRIVMSGS_TABLE . ' WHERE ' . $db->sql_in_set('msg_id', $delete_pms); _sql($sql, $errored, $error_ary); } } while (sizeof($delete_pms) == $batch_size); $no_updates = false; break; // No changes from 3.0.11-RC1 to 3.0.11-RC2 // No changes from 3.0.11-RC1 to 3.0.11-RC2 case '3.0.11-RC1': break; // No changes from 3.0.11-RC2 to 3.0.11 // No changes from 3.0.11-RC2 to 3.0.11 case '3.0.11-RC2': break; // Changes from 3.0.11 to 3.0.12-RC1 // Changes from 3.0.11 to 3.0.12-RC1 case '3.0.11': $sql = 'UPDATE ' . MODULES_TABLE . ' SET module_auth = \'acl_u_sig\' WHERE module_class = \'ucp\' AND module_basename = \'profile\' AND module_mode = \'signature\''; _sql($sql, $errored, $error_ary); // Update bots if (!function_exists('user_delete')) { include $phpbb_root_path . 'includes/functions_user.' . $phpEx; } $bots_updates = array('NG-Search [Bot]' => false, 'Nutch/CVS [Bot]' => false, 'OmniExplorer [Bot]' => false, 'Seekport [Bot]' => false, 'Synoo [Bot]' => false, 'WiseNut [Bot]' => false, 'Baidu [Spider]' => 'Baiduspider', 'Exabot [Bot]' => 'Exabot', 'Voyager [Bot]' => 'voyager/', 'W3C [Validator]' => 'W3C_Validator'); foreach ($bots_updates as $bot_name => $bot_agent) { $sql = 'SELECT user_id FROM ' . USERS_TABLE . ' WHERE user_type = ' . USER_IGNORE . "\n\t\t\t\t\t\tAND username_clean = '" . $db->sql_escape(utf8_clean_string($bot_name)) . "'"; $result = $db->sql_query($sql); $bot_user_id = (int) $db->sql_fetchfield('user_id'); $db->sql_freeresult($result); if ($bot_user_id) { if ($bot_agent === false) { $sql = 'DELETE FROM ' . BOTS_TABLE . "\n\t\t\t\t\t\t\tWHERE user_id = {$bot_user_id}"; _sql($sql, $errored, $error_ary); user_delete('remove', $bot_user_id); } else { $sql = 'UPDATE ' . BOTS_TABLE . "\n\t\t\t\t\t\t\tSET bot_agent = '" . $db->sql_escape($bot_agent) . "'\n\t\t\t\t\t\t\tWHERE user_id = {$bot_user_id}"; _sql($sql, $errored, $error_ary); } } } // Disable receiving pms for bots $sql = 'SELECT user_id FROM ' . BOTS_TABLE; $result = $db->sql_query($sql); $bot_user_ids = array(); while ($row = $db->sql_fetchrow($result)) { $bot_user_ids[] = (int) $row['user_id']; } $db->sql_freeresult($result); if (!empty($bot_user_ids)) { $sql = 'UPDATE ' . USERS_TABLE . ' SET user_allow_pm = 0 WHERE ' . $db->sql_in_set('user_id', $bot_user_ids); _sql($sql, $errored, $error_ary); } /** * Update BBCodes that currently use the LOCAL_URL tag * * To fix http://tracker.phpbb.com/browse/PHPBB3-8319 we changed * the second_pass_replace value, so that needs updating for existing ones */ $sql = 'SELECT * FROM ' . BBCODES_TABLE . ' WHERE bbcode_match ' . $db->sql_like_expression($db->any_char . 'LOCAL_URL' . $db->any_char); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (!class_exists('acp_bbcodes')) { phpbb_require_updated('includes/acp/acp_bbcodes.' . $phpEx); } $bbcode_match = $row['bbcode_match']; $bbcode_tpl = $row['bbcode_tpl']; $acp_bbcodes = new acp_bbcodes(); $sql_ary = $acp_bbcodes->build_regexp($bbcode_match, $bbcode_tpl); $sql = 'UPDATE ' . BBCODES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE bbcode_id = ' . (int) $row['bbcode_id']; $db->sql_query($sql); } $db->sql_freeresult($result); $no_updates = false; break; // No changes from 3.0.12-RC1 to 3.0.12-RC2 // No changes from 3.0.12-RC1 to 3.0.12-RC2 case '3.0.12-RC1': break; // No changes from 3.0.12-RC2 to 3.0.12-RC3 // No changes from 3.0.12-RC2 to 3.0.12-RC3 case '3.0.12-RC2': break; // No changes from 3.0.12-RC3 to 3.0.12 // No changes from 3.0.12-RC3 to 3.0.12 case '3.0.12-RC3': break; // No changes from 3.0.12 to 3.0.13-RC1 // No changes from 3.0.12 to 3.0.13-RC1 case '3.0.12': break; // No changes from 3.0.13-RC1 to 3.0.13 // No changes from 3.0.13-RC1 to 3.0.13 case '3.0.13-RC1': break; // No changes from 3.0.13 to 3.0.13-PL1 // No changes from 3.0.13 to 3.0.13-PL1 case '3.0.13': break; // No changes from 3.0.13-PL1 to 3.0.14-RC1 // No changes from 3.0.13-PL1 to 3.0.14-RC1 case '3.0.13-PL1': break; // No changes from 3.0.14-RC1 to 3.0.14 // No changes from 3.0.14-RC1 to 3.0.14 case '3.0.14-RC1': break; } }
/** * Add User */ function adduser($dir) { if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") { $user = stripslashes($GLOBALS['__POST']["user"]); if ($user == "" || $GLOBALS['__POST']["home_dir"] == "") { show_error($GLOBALS["error_msg"]["miscfieldmissed"]); } if ($GLOBALS['__POST']["pass1"] != $GLOBALS['__POST']["pass2"]) { show_error($GLOBALS["error_msg"]["miscnopassmatch"]); } $data = user_find($user, NULL); if ($data != NULL) { show_error($user . ": " . $GLOBALS["error_msg"]["miscuserexist"]); } // determine the user permissions $permissions = _eval_permissions(); $data = array($user, md5(stripslashes($GLOBALS['__POST']["pass1"])), stripslashes($GLOBALS['__POST']["home_dir"]), stripslashes($GLOBALS['__POST']["home_url"]), $GLOBALS['__POST']["show_hidden"], stripslashes($GLOBALS['__POST']["no_access"]), $permissions, $GLOBALS['__POST']["active"]); if (!user_add($data)) { show_error($user . ": " . $GLOBALS["error_msg"]["adduser"]); } header("location: " . make_link("admin", $dir, NULL)); return; } show_header($GLOBALS["messages"]["actadmin"] . ": " . $GLOBALS["messages"]["miscadduser"]); // Javascript functions: include "./_include/js_admin2.php"; echo "<CENTER><FORM name=\"adduser\" action=\"" . make_link("admin", $dir, NULL) . "&action2=adduser\" method=\"post\">\n"; echo "<INPUT type=\"hidden\" name=\"confirm\" value=\"true\"><BR><TABLE width=\"450\">\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscusername"] . ":</TD>\n"; echo "<TD align=\"right\"><INPUT type=\"text\" name=\"user\" size=\"30\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscpassword"] . ":</TD>\n"; echo "<TD align=\"right\"><INPUT type=\"password\" name=\"pass1\" size=\"30\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscconfpass"] . ":</TD>\n"; echo "<TD align=\"right\"><INPUT type=\"password\" name=\"pass2\" size=\"30\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["mischomedir"] . ":</TD>\n"; echo "<TD align=\"right\"><INPUT type=\"text\" name=\"home_dir\" size=\"30\" value=\""; echo $GLOBALS["home_dir"] . "\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["mischomeurl"] . ":</TD>\n"; echo "<TD align=\"right\"><INPUT type=\"text\" name=\"home_url\" size=\"30\" value=\""; echo $GLOBALS["home_url"] . "\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscshowhidden"] . ":</TD>"; echo "<TD align=\"right\"><SELECT name=\"show_hidden\">\n"; echo "<OPTION value=\"0\">" . $GLOBALS["messages"]["miscyesno"][1] . "</OPTION>"; echo "<OPTION value=\"1\">" . $GLOBALS["messages"]["miscyesno"][0] . "</OPTION>\n"; echo "</SELECT></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["mischidepattern"] . ":</TD>\n"; echo "<TD align=\"right\"><INPUT type=\"text\" name=\"no_access\" size=\"30\" value=\"^\\.ht\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscperms"] . ":</TD>"; // Permission settings echo "<TD align=\"right\">\n"; admin_print_permissions(NULL); echo "</TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscactive"] . ":</TD>"; echo "<TD align=\"right\"><SELECT name=\"active\">\n"; echo "<OPTION value=\"1\">" . $GLOBALS["messages"]["miscyesno"][0] . "</OPTION>"; echo "<OPTION value=\"0\">" . $GLOBALS["messages"]["miscyesno"][1] . "</OPTION>\n"; echo "</SELECT></TD></TR>\n"; echo "<TR><TD colspan=\"2\" align=\"right\"><input type=\"submit\" value=\"" . $GLOBALS["messages"]["btnadd"]; echo "\" onClick=\"return check_pwd();\">\n<input type=\"button\" value=\""; echo $GLOBALS["messages"]["btncancel"] . "\" onClick=\"javascript:location='"; echo make_link("admin", $dir, NULL) . "';\"></TD></TR></FORM></TABLE><BR></BR>\n"; ?> <script language="JavaScript1.2" type="text/javascript"> <!-- if(document.adduser) document.adduser.user.focus(); // --> </script><?php }
$password_msg = ''; if (array_key_exists('password', $_POST)) { $password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING); // Validation du mot de passe: alpha, chiffres,caracteres speciaux, min de 4 caracteres $password_ok = 1 === preg_match('/^[a-zA-Z0-9%&$!*?]{4,}$/', $password); if (!$password_ok) { // Si le prénom n'est pas valide $password_msg = 'Le password ne doit contenir que des lettres et des caractères spéciaux (min 4).'; } // var_dump($password); // var_dump($password_ok); } if ($firstname_ok && $lastname_ok && $gender_ok && $email_ok && $username_ok && $password_ok) { // On enregistre les données et s'en va sur une autre page require_once 'db/_user.php'; $user_info = user_add($username, $password, $firstname, $lastname, $email); header("Location:index.php"); exit; } ?> <form id="inscription" name="inscription" xmlns="http://www.w3.org/1999/html" method="post" novalidate="novalidate"> <!-- Champ prenom--> <label for="firstname">Prénom : </label> <input type="text" name="firstname" id="firstname" class="<?php echo $in_post && !$firstname_ok ? 'error' : ''; ?> " value="<?php echo array_key_exists('firstname', $_POST) ? $_POST['firstname'] : ''; ?>
public static function forumRegister($username, $password, $email) { date_default_timezone_set($GLOBALS['timezone']); global $phpbb_root_path, $phpEx, $user, $db, $config, $cache, $template; if ($GLOBALS['forum']['type'] == 'phpbb' && $GLOBALS['forum']['autoAccountCreate'] == TRUE) { ////////PHPBB INTEGRATION////////////// define('IN_PHPBB', true); define('ROOT_PATH', '../..' . $GLOBALS['forum']['forum_path']); $phpEx = "php"; $phpbb_root_path = defined('PHPBB_ROOT_PATH') ? PHPBB_ROOT_PATH : ROOT_PATH; if (file_exists($phpbb_root_path . 'common.' . $phpEx) && file_exists($phpbb_root_path . 'includes/functions_user.' . $phpEx)) { include $phpbb_root_path . 'common.' . $phpEx; include $phpbb_root_path . 'includes/functions_user.' . $phpEx; $arrTime = getdate(); $unixTime = strtotime($arrTime['year'] . "-" . $arrTime['mon'] . '-' . $arrTime['mday'] . " " . $arrTime['hours'] . ":" . $arrTime['minutes'] . ":" . $arrTime['seconds']); $user_row = array('username' => $username, 'user_password' => phpbb_hash($password), 'user_email' => $email, 'group_id' => (int) 2, 'user_timezone' => (double) 0, 'user_dst' => "0", 'user_lang' => "en", 'user_type' => 0, 'user_actkey' => "", 'user_ip' => $_SERVER['REMOTE_HOST'], 'user_regdate' => $unixTime, 'user_inactive_reason' => 0, 'user_inactive_time' => 0); // All the information has been compiled, add the user // tables affected: users table, profile_fields_data table, groups table, and config table. $user_id = user_add($user_row); } } }
function autologin_groupoffice() { $user_id = false; if (isset($_REQUEST['goauth'])) { $file = base64_decode($_REQUEST['goauth']); //$_SESSION['groupoffice_to_phpbb_session_file']=$file; $user_id = intval(file_get_contents($file)); } elseif (isset($_COOKIE['groupoffice'])) { $fname = session_save_path() . "/sess_" . $_COOKIE['groupoffice']; if (file_exists($fname)) { $data = file_get_contents($fname); $data = groupoffice_unserializesession($data); if (isset($data['GO_SESSION']['user_id'])) { $user_id = $data['GO_SESSION']['user_id']; } } } //unlink($file); if ($user_id) { $gorow = user_row_groupoffice('', '', $user_id); if ($gorow) { global $db; $sql = 'SELECT * FROM ' . USERS_TABLE . "\n\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($gorow['username'])) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { return $row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE ? array() : $row; } if (!function_exists('user_add')) { global $phpbb_root_path, $phpEx; include $phpbb_root_path . 'includes/functions_user.' . $phpEx; } // create the user if he does not exist yet user_add($gorow); $sql = 'SELECT * FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($gorow['username'])) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { return $row; } } } return array(); }
/** * Add the search bots into the database * This code should be used in execute_last if the source database did not have bots * If you are converting bots this function should not be called * @todo We might want to look at sharing the bot list between the install code and this code for consistancy */ function add_bots() { global $db, $convert, $user, $config, $phpbb_root_path, $phpEx; $db->sql_query($convert->truncate_statement . BOTS_TABLE); $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'"; $result = $db->sql_query($sql); $group_id = (int) $db->sql_fetchfield('group_id', false, $result); $db->sql_freeresult($result); if (!$group_id) { add_default_groups(); $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'"; $result = $db->sql_query($sql); $group_id = (int) $db->sql_fetchfield('group_id', false, $result); $db->sql_freeresult($result); if (!$group_id) { global $install; $install->error($user->lang['CONV_ERROR_INCONSISTENT_GROUPS'], __LINE__, __FILE__); } } $bots = array('AdsBot [Google]' => array('AdsBot-Google', ''), 'Alexa [Bot]' => array('ia_archiver', ''), 'Alta Vista [Bot]' => array('Scooter/', ''), 'Ask Jeeves [Bot]' => array('Ask Jeeves', ''), 'Baidu [Spider]' => array('Baiduspider+(', ''), 'Bing [Bot]' => array('bingbot/', ''), 'Exabot [Bot]' => array('Exabot/', ''), 'FAST Enterprise [Crawler]' => array('FAST Enterprise Crawler', ''), 'FAST WebCrawler [Crawler]' => array('FAST-WebCrawler/', ''), 'Francis [Bot]' => array('http://www.neomo.de/', ''), 'Gigabot [Bot]' => array('Gigabot/', ''), 'Google Adsense [Bot]' => array('Mediapartners-Google', ''), 'Google Desktop' => array('Google Desktop', ''), 'Google Feedfetcher' => array('Feedfetcher-Google', ''), 'Google [Bot]' => array('Googlebot', ''), 'Heise IT-Markt [Crawler]' => array('heise-IT-Markt-Crawler', ''), 'Heritrix [Crawler]' => array('heritrix/1.', ''), 'IBM Research [Bot]' => array('ibm.com/cs/crawler', ''), 'ICCrawler - ICjobs' => array('ICCrawler - ICjobs', ''), 'ichiro [Crawler]' => array('ichiro/2', ''), 'Majestic-12 [Bot]' => array('MJ12bot/', ''), 'Metager [Bot]' => array('MetagerBot/', ''), 'MSN NewsBlogs' => array('msnbot-NewsBlogs/', ''), 'MSN [Bot]' => array('msnbot/', ''), 'MSNbot Media' => array('msnbot-media/', ''), 'NG-Search [Bot]' => array('NG-Search/', ''), 'Nutch [Bot]' => array('http://lucene.apache.org/nutch/', ''), 'Nutch/CVS [Bot]' => array('NutchCVS/', ''), 'OmniExplorer [Bot]' => array('OmniExplorer_Bot/', ''), 'Online link [Validator]' => array('online link validator', ''), 'psbot [Picsearch]' => array('psbot/0', ''), 'Seekport [Bot]' => array('Seekbot/', ''), 'Sensis [Crawler]' => array('Sensis Web Crawler', ''), 'SEO Crawler' => array('SEO search Crawler/', ''), 'Seoma [Crawler]' => array('Seoma [SEO Crawler]', ''), 'SEOSearch [Crawler]' => array('SEOsearch/', ''), 'Snappy [Bot]' => array('Snappy/1.1 ( http://www.urltrends.com/ )', ''), 'Steeler [Crawler]' => array('http://www.tkl.iis.u-tokyo.ac.jp/~crawler/', ''), 'Synoo [Bot]' => array('SynooBot/', ''), 'Telekom [Bot]' => array('*****@*****.**', ''), 'TurnitinBot [Bot]' => array('TurnitinBot/', ''), 'Voyager [Bot]' => array('voyager/1.0', ''), 'W3 [Sitesearch]' => array('W3 SiteSearch Crawler', ''), 'W3C [Linkcheck]' => array('W3C-checklink/', ''), 'W3C [Validator]' => array('W3C_*Validator', ''), 'WiseNut [Bot]' => array('http://www.WISEnutbot.com', ''), 'YaCy [Bot]' => array('yacybot', ''), 'Yahoo MMCrawler [Bot]' => array('Yahoo-MMCrawler/', ''), 'Yahoo Slurp [Bot]' => array('Yahoo! DE Slurp', ''), 'Yahoo [Bot]' => array('Yahoo! Slurp', ''), 'YahooSeeker [Bot]' => array('YahooSeeker/', '')); if (!function_exists('user_add')) { include $phpbb_root_path . 'includes/functions_user.' . $phpEx; } foreach ($bots as $bot_name => $bot_ary) { $user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_id, 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => '9E8DA7', 'user_email' => '', 'user_lang' => $config['default_lang'], 'user_style' => 1, 'user_timezone' => 'UTC', 'user_allow_massemail' => 0); $user_id = user_add($user_row); if ($user_id) { $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => $bot_name, 'user_id' => $user_id, 'bot_agent' => $bot_ary[0], 'bot_ip' => $bot_ary[1])); $db->sql_query($sql); } } }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; // if ($config['require_activation'] == USER_ACTIVATION_DISABLE) { trigger_error('UCP_REGISTER_DISABLE'); } include $phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx; $coppa = isset($_REQUEST['coppa']) ? !empty($_REQUEST['coppa']) ? 1 : 0 : false; $agreed = !empty($_POST['agreed']) ? 1 : 0; $submit = isset($_POST['submit']) ? true : false; $change_lang = request_var('change_lang', ''); $user_lang = request_var('lang', $user->lang_name); if ($agreed) { add_form_key('ucp_register'); } else { add_form_key('ucp_register_terms'); } if ($change_lang || $user_lang != $config['default_lang']) { $use_lang = $change_lang ? basename($change_lang) : basename($user_lang); if (!validate_language_iso_name($use_lang)) { if ($change_lang) { $submit = false; // Setting back agreed to let the user view the agreement in his/her language $agreed = empty($_GET['change_lang']) ? 0 : $agreed; } $user->lang_name = $user_lang = $use_lang; $user->lang = array(); $user->data['user_lang'] = $user->lang_name; $user->add_lang(array('common', 'ucp')); } else { $change_lang = ''; $user_lang = $user->lang_name; } } $cp = new custom_profile(); $error = $cp_data = $cp_error = array(); if (!$agreed || $coppa === false && $config['coppa_enable'] || $coppa && !$config['coppa_enable']) { $add_lang = $change_lang ? '&change_lang=' . urlencode($change_lang) : ''; $add_coppa = $coppa !== false ? '&coppa=' . $coppa : ''; $s_hidden_fields = array('change_lang' => $change_lang); // If we change the language, we want to pass on some more possible parameter. if ($change_lang) { // We do not include the password $s_hidden_fields = array_merge($s_hidden_fields, array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => $user->lang_name, 'tz' => request_var('tz', (double) $config['board_timezone']))); } // Checking amount of available languages $sql = 'SELECT lang_id FROM ' . LANG_TABLE; $result = $db->sql_query($sql); $lang_row = array(); while ($row = $db->sql_fetchrow($result)) { $lang_row[] = $row; } $db->sql_freeresult($result); if ($coppa === false && $config['coppa_enable']) { $now = getdate(); $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']); unset($now); $template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=0' . $add_lang), 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=1' . $add_lang), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register' . $add_lang))); } else { $template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), 'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register' . $add_lang . $add_coppa))); } unset($lang_row); $this->tpl_name = 'ucp_agreement'; return; } // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. if ($config['enable_confirm']) { include $phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx; $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_REG); } // Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1 $timezone = date('Z') / 3600; $is_dst = date('I'); if ($config['board_timezone'] == $timezone || $config['board_timezone'] == $timezone - 1) { $timezone = $is_dst ? $timezone - 1 : $timezone; if (!isset($user->lang['tz_zones'][(string) $timezone])) { $timezone = $config['board_timezone']; } } else { $is_dst = $config['board_dst']; $timezone = $config['board_timezone']; } $data = array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'new_password' => request_var('new_password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (double) $timezone)); // Check and initialize some variables if needed if ($submit) { $error = validate_data($data, array('username' => array(array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username', '')), 'new_password' => array(array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array(array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60), 'tz' => array('num', false, -14, 14), 'lang' => array('language_iso_name'))); if (!check_form_key('ucp_register')) { $error[] = $user->lang['FORM_INVALID']; } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); if ($config['enable_confirm']) { $vc_response = $captcha->validate($data); if ($vc_response !== false) { $error[] = $vc_response; } if ($config['max_reg_attempts'] && $captcha->get_attempt_count() > $config['max_reg_attempts']) { $error[] = $user->lang['TOO_MANY_REGISTERS']; } } // DNSBL check if ($config['check_dnsbl']) { if (($dnsbl = $user->check_dnsbl('register')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); } } // validate custom profile fields $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error); if (!sizeof($error)) { if ($data['new_password'] != $data['password_confirm']) { $error[] = $user->lang['NEW_PASSWORD_ERROR']; } if ($data['email'] != $data['email_confirm']) { $error[] = $user->lang['NEW_EMAIL_ERROR']; } } if (!sizeof($error)) { $server_url = generate_board_url(); // Which group by default? $group_name = $coppa ? 'REGISTERED_COPPA' : 'REGISTERED'; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = '" . $db->sql_escape($group_name) . "'\n\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } $group_id = $row['group_id']; if (($coppa || $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) { $user_actkey = gen_rand_string(mt_rand(6, 10)); $user_type = USER_INACTIVE; $user_inactive_reason = INACTIVE_REGISTER; $user_inactive_time = time(); } else { $user_type = USER_NORMAL; $user_actkey = ''; $user_inactive_reason = 0; $user_inactive_time = 0; } $user_row = array('username' => $data['username'], 'user_password' => phpbb_hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => (double) $data['tz'], 'user_dst' => $is_dst, 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time); if ($config['new_member_post_limit']) { $user_row['user_new'] = 1; } // Register user... $user_id = user_add($user_row, $cp_data); // This should not happen, because the required variables are listed above... if ($user_id === false) { trigger_error('NO_USER', E_USER_ERROR); } // Okay, captcha, your job is done. if ($config['enable_confirm'] && isset($captcha)) { $captcha->reset(); } if ($coppa && $config['email_enable']) { $message = $user->lang['ACCOUNT_COPPA']; $email_template = 'coppa_welcome_inactive'; } else { if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE']; $email_template = 'user_welcome_inactive'; } else { if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE_ADMIN']; $email_template = 'admin_welcome_inactive'; } else { $message = $user->lang['ACCOUNT_ADDED']; $email_template = 'user_welcome'; } } } if ($config['email_enable']) { include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); $messenger->template($email_template, $data['lang']); $messenger->to($data['email'], $data['username']); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array('WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}")); if ($coppa) { $messenger->assign_vars(array('FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $data['email'])); } $messenger->send(NOTIFY_EMAIL); if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $admin_ary = !empty($admin_ary[0]['a_user']) ? $admin_ary[0]['a_user'] : array(); // Also include founders $where_sql = ' WHERE user_type = ' . USER_FOUNDER; if (sizeof($admin_ary)) { $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); } $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' ' . $where_sql; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($data['username']), 'U_USER_DETAILS' => "{$server_url}/memberlist.{$phpEx}?mode=viewprofile&u={$user_id}", 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}")); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } } $message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'); trigger_error($message); } } $s_hidden_fields = array('agreed' => 'true', 'change_lang' => 0); if ($config['coppa_enable']) { $s_hidden_fields['coppa'] = $coppa; } if ($config['enable_confirm']) { $s_hidden_fields = array_merge($s_hidden_fields, $captcha->get_hidden_fields()); } $s_hidden_fields = build_hidden_fields($s_hidden_fields); $confirm_image = ''; // Visual Confirmation - Show images if ($config['enable_confirm']) { $template->assign_vars(array('CAPTCHA_TEMPLATE' => $captcha->get_template())); } // $l_reg_cond = ''; switch ($config['require_activation']) { case USER_ACTIVATION_SELF: $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE']; break; case USER_ACTIVATION_ADMIN: $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE']; break; } $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'USERNAME' => $data['username'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], 'EMAIL_CONFIRM' => $data['email_confirm'], 'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_OPTIONS' => tz_select($data['tz']), 'S_CONFIRM_REFRESH' => $config['enable_confirm'] && $config['confirm_refresh'] ? true : false, 'S_REGISTRATION' => true, 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register'))); // $user->profile_fields = array(); // Generate profile fields -> Template Block Variable profile_fields $cp->generate_profile_fields('register', $user->get_iso_lang_id()); // $this->tpl_name = 'ucp_register'; $this->page_title = 'UCP_REGISTRATION'; }
/** * Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him. */ function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0) { global $config, $db, $user, $phpbb_root_path, $phpEx; $method = trim(basename($config['auth_method'])); include_once $phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx; $method = 'login_' . $method; if (function_exists($method)) { $login = $method($username, $password); // If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE) { // we are going to use the user_add function so include functions_user.php if it wasn't defined yet if (!function_exists('user_add')) { include $phpbb_root_path . 'includes/functions_user.' . $phpEx; } user_add($login['user_row'], isset($login['cp_data']) ? $login['cp_data'] : false); $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . "\n\t\t\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { return array('status' => LOGIN_ERROR_EXTERNAL_AUTH, 'error_msg' => 'AUTH_NO_PROFILE_CREATED', 'user_row' => array('user_id' => ANONYMOUS)); } $login = array('status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $row); } // If login succeeded, we will log the user in... else we pass the login array through... if ($login['status'] == LOGIN_SUCCESS) { $old_session_id = $user->session_id; if ($admin) { global $SID, $_SID; $cookie_expire = time() - 31536000; $user->set_cookie('u', '', $cookie_expire); $user->set_cookie('sid', '', $cookie_expire); unset($cookie_expire); $SID = '?sid='; $user->session_id = $_SID = ''; } $result = $user->session_create($login['user_row']['user_id'], $admin, $autologin, $viewonline); // Successful session creation if ($result === true) { // If admin re-authentication we remove the old session entry because a new one has been created... if ($admin) { // the login array is used because the user ids do not differ for re-authentication $sql = 'DELETE FROM ' . SESSIONS_TABLE . "\n\t\t\t\t\t\t\tWHERE session_id = '" . $db->sql_escape($old_session_id) . "'\n\t\t\t\t\t\t\tAND session_user_id = {$login['user_row']['user_id']}"; $db->sql_query($sql); } return array('status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $login['user_row']); } return array('status' => LOGIN_BREAK, 'error_msg' => $result, 'user_row' => $login['user_row']); } return $login; } trigger_error('Authentication method not found', E_USER_ERROR); }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; global $request, $phpbb_container, $phpbb_dispatcher; // if ($config['require_activation'] == USER_ACTIVATION_DISABLE || in_array($config['require_activation'], array(USER_ACTIVATION_SELF, USER_ACTIVATION_ADMIN)) && !$config['email_enable']) { trigger_error('UCP_REGISTER_DISABLE'); } $coppa = $request->is_set('coppa') ? (int) $request->variable('coppa', false) : false; $agreed = $request->variable('agreed', false); $submit = $request->is_set_post('submit'); $change_lang = $request->variable('change_lang', ''); $user_lang = $request->variable('lang', $user->lang_name); if ($agreed) { add_form_key('ucp_register'); } else { add_form_key('ucp_register_terms'); } if ($change_lang || $user_lang != $config['default_lang']) { $use_lang = $change_lang ? basename($change_lang) : basename($user_lang); if (!validate_language_iso_name($use_lang)) { if ($change_lang) { $submit = false; // Setting back agreed to let the user view the agreement in his/her language $agreed = false; } $user_lang = $use_lang; } else { $change_lang = ''; $user_lang = $user->lang_name; } } /* @var $cp \phpbb\profilefields\manager */ $cp = $phpbb_container->get('profilefields.manager'); $error = $cp_data = $cp_error = array(); $s_hidden_fields = array(); // Handle login_link data added to $_hidden_fields $login_link_data = $this->get_login_link_data_array(); if (!empty($login_link_data)) { // Confirm that we have all necessary data /* @var $provider_collection \phpbb\auth\provider_collection */ $provider_collection = $phpbb_container->get('auth.provider_collection'); $auth_provider = $provider_collection->get_provider($request->variable('auth_provider', '')); $result = $auth_provider->login_link_has_necessary_data($login_link_data); if ($result !== null) { $error[] = $user->lang[$result]; } $s_hidden_fields = array_merge($s_hidden_fields, $this->get_login_link_data_for_hidden_fields($login_link_data)); } if (!$agreed || $coppa === false && $config['coppa_enable'] || $coppa && !$config['coppa_enable']) { $add_coppa = $coppa !== false ? '&coppa=' . $coppa : ''; $s_hidden_fields = array_merge($s_hidden_fields, array('change_lang' => '')); // If we change the language, we want to pass on some more possible parameter. if ($change_lang) { // We do not include the password $s_hidden_fields = array_merge($s_hidden_fields, array('username' => $request->variable('username', '', true), 'email' => strtolower($request->variable('email', '')), 'lang' => $user->lang_name, 'tz' => $request->variable('tz', $config['board_timezone']))); } // Checking amount of available languages $sql = 'SELECT lang_id FROM ' . LANG_TABLE; $result = $db->sql_query($sql); $lang_row = array(); while ($row = $db->sql_fetchrow($result)) { $lang_row[] = $row; } $db->sql_freeresult($result); if ($coppa === false && $config['coppa_enable']) { $now = getdate(); $coppa_birthday = $user->create_datetime()->setDate($now['year'] - 13, $now['mon'], $now['mday'] - 1)->setTime(0, 0, 0)->format($user->lang['DATE_FORMAT'], true); unset($now); $template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=0'), 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=1'), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register'), 'COOKIE_NAME' => $config['cookie_name'], 'COOKIE_PATH' => $config['cookie_path'])); } else { $template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), 'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register' . $add_coppa), 'COOKIE_NAME' => $config['cookie_name'], 'COOKIE_PATH' => $config['cookie_path'])); } unset($lang_row); /** * Allows to modify the agreements. * * To assign data to the template, use $template->assign_vars() * * @event core.ucp_register_agreement * @since 3.1.6-RC1 */ $phpbb_dispatcher->dispatch('core.ucp_register_agreement'); $this->tpl_name = 'ucp_agreement'; return; } // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. if ($config['enable_confirm']) { $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_REG); } $timezone = $config['board_timezone']; $data = array('username' => $request->variable('username', '', true), 'new_password' => $request->variable('new_password', '', true), 'password_confirm' => $request->variable('password_confirm', '', true), 'email' => strtolower($request->variable('email', '')), 'lang' => basename($request->variable('lang', $user->lang_name)), 'tz' => $request->variable('tz', $timezone)); /** * Add UCP register data before they are assigned to the template or submitted * * To assign data to the template, use $template->assign_vars() * * @event core.ucp_register_data_before * @var bool submit Do we display the form only * or did the user press submit * @var array data Array with current ucp registration data * @since 3.1.4-RC1 */ $vars = array('submit', 'data'); extract($phpbb_dispatcher->trigger_event('core.ucp_register_data_before', compact($vars))); // Check and initialize some variables if needed if ($submit) { $error = validate_data($data, array('username' => array(array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username', '')), 'new_password' => array(array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array(array('string', false, 6, 60), array('user_email')), 'tz' => array('timezone'), 'lang' => array('language_iso_name'))); if (!check_form_key('ucp_register')) { $error[] = $user->lang['FORM_INVALID']; } // Replace "error" strings with their real, localised form $error = array_map(array($user, 'lang'), $error); if ($config['enable_confirm']) { $vc_response = $captcha->validate($data); if ($vc_response !== false) { $error[] = $vc_response; } if ($config['max_reg_attempts'] && $captcha->get_attempt_count() > $config['max_reg_attempts']) { $error[] = $user->lang['TOO_MANY_REGISTERS']; } } // DNSBL check if ($config['check_dnsbl']) { if (($dnsbl = $user->check_dnsbl('register')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); } } // validate custom profile fields $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error); if (!sizeof($error)) { if ($data['new_password'] != $data['password_confirm']) { $error[] = $user->lang['NEW_PASSWORD_ERROR']; } } /** * Check UCP registration data after they are submitted * * @event core.ucp_register_data_after * @var bool submit Do we display the form only * or did the user press submit * @var array data Array with current ucp registration data * @var array cp_data Array with custom profile fields data * @var array error Array with list of errors * @since 3.1.4-RC1 */ $vars = array('submit', 'data', 'cp_data', 'error'); extract($phpbb_dispatcher->trigger_event('core.ucp_register_data_after', compact($vars))); if (!sizeof($error)) { $server_url = generate_board_url(); // Which group by default? $group_name = $coppa ? 'REGISTERED_COPPA' : 'REGISTERED'; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = '" . $db->sql_escape($group_name) . "'\n\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } $group_id = $row['group_id']; if (($coppa || $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) { $user_actkey = gen_rand_string(mt_rand(6, 10)); $user_type = USER_INACTIVE; $user_inactive_reason = INACTIVE_REGISTER; $user_inactive_time = time(); } else { $user_type = USER_NORMAL; $user_actkey = ''; $user_inactive_reason = 0; $user_inactive_time = 0; } // Instantiate passwords manager /* @var $passwords_manager \phpbb\passwords\manager */ $passwords_manager = $phpbb_container->get('passwords.manager'); $user_row = array('username' => $data['username'], 'user_password' => $passwords_manager->hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => $data['tz'], 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time); if ($config['new_member_post_limit']) { $user_row['user_new'] = 1; } /** * Add into $user_row before user_add * * user_add allows adding more data into the users table * * @event core.ucp_register_user_row_after * @var bool submit Do we display the form only * or did the user press submit * @var array cp_data Array with custom profile fields data * @var array user_row Array with current ucp registration data * @since 3.1.4-RC1 */ $vars = array('submit', 'cp_data', 'user_row'); extract($phpbb_dispatcher->trigger_event('core.ucp_register_user_row_after', compact($vars))); // Register user... $user_id = user_add($user_row, $cp_data); // This should not happen, because the required variables are listed above... if ($user_id === false) { trigger_error('NO_USER', E_USER_ERROR); } // Okay, captcha, your job is done. if ($config['enable_confirm'] && isset($captcha)) { $captcha->reset(); } if ($coppa && $config['email_enable']) { $message = $user->lang['ACCOUNT_COPPA']; $email_template = 'coppa_welcome_inactive'; } else { if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE']; $email_template = 'user_welcome_inactive'; } else { if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE_ADMIN']; $email_template = 'admin_welcome_inactive'; } else { $message = $user->lang['ACCOUNT_ADDED']; $email_template = 'user_welcome'; } } } if ($config['email_enable']) { include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); $messenger->template($email_template, $data['lang']); $messenger->to($data['email'], $data['username']); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array('WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}")); if ($coppa) { $messenger->assign_vars(array('FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $data['email'])); } $messenger->send(NOTIFY_EMAIL); } if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); $phpbb_notifications->add_notifications('notification.type.admin_activate_user', array('user_id' => $user_id, 'user_actkey' => $user_row['user_actkey'], 'user_regdate' => $user_row['user_regdate'])); } // Perform account linking if necessary if (!empty($login_link_data)) { $login_link_data['user_id'] = $user_id; $result = $auth_provider->link_account($login_link_data); if ($result) { $message = $message . '<br /><br />' . $user->lang[$result]; } } $message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'); trigger_error($message); } } $s_hidden_fields = array_merge($s_hidden_fields, array('agreed' => 'true', 'change_lang' => 0)); if ($config['coppa_enable']) { $s_hidden_fields['coppa'] = $coppa; } if ($config['enable_confirm']) { $s_hidden_fields = array_merge($s_hidden_fields, $captcha->get_hidden_fields()); } $s_hidden_fields = build_hidden_fields($s_hidden_fields); $confirm_image = ''; // Visual Confirmation - Show images if ($config['enable_confirm']) { $template->assign_vars(array('CAPTCHA_TEMPLATE' => $captcha->get_template())); } // $l_reg_cond = ''; switch ($config['require_activation']) { case USER_ACTIVATION_SELF: $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE']; break; case USER_ACTIVATION_ADMIN: $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE']; break; } $timezone_selects = phpbb_timezone_select($template, $user, $data['tz'], true); $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'USERNAME' => $data['username'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], 'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])), 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])), 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_PRESELECT' => !$submit, 'S_CONFIRM_REFRESH' => $config['enable_confirm'] && $config['confirm_refresh'] ? true : false, 'S_REGISTRATION' => true, 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register'), 'COOKIE_NAME' => $config['cookie_name'], 'COOKIE_PATH' => $config['cookie_path'])); // $user->profile_fields = array(); // Generate profile fields -> Template Block Variable profile_fields $cp->generate_profile_fields('register', $user->get_iso_lang_id()); // $this->tpl_name = 'ucp_register'; $this->page_title = 'UCP_REGISTRATION'; }