public static function check__GWF_IP_QUICK($arg)
{
if (GWF_IP6::isValidType($arg)) {
return false;
}
return 'Invalid IP type.';
}
public function execute()
{
return $_SERVER['REMOTE_ADDR'];
$ip = Common::getGetString('ip', false);
$type = Common::getGetString('type', GWF_IP6::INT_32);
return GWF_IP6::getIP($type, $ip);
}
public static function onAccess(Module_Account $module, GWF_User $user)
{
$alert = false;
$table = self::table(__CLASS__);
# Check UA
$ua = self::uahash();
if ($user->isOptionEnabled(GWF_User::ALERT_UAS)) {
if (!$table->selectVar('1', "accacc_uid={$user->getID()} AND accacc_ua=" . self::hashquote($ua))) {
$alert = true;
}
}
# Check exact IP
$ip = GWF_IP6::getIP(GWF_IP_EXACT);
if ($user->isOptionEnabled(GWF_User::ALERT_IPS)) {
if (!$table->selectVar('1', "accacc_uid={$user->getID()} AND accacc_ip='" . $table->escape($ip) . "'")) {
$alert = true;
}
}
$isp = null;
if ($user->isOptionEnabled(GWF_User::ALERT_ISPS)) {
$isp = self::isphash();
if (!$table->selectVar('1', "accacc_uid={$user->getID()} AND accacc_isp=" . self::hashquote($isp))) {
$alert = true;
}
}
if ($alert === true) {
self::sendAlertMail($module, $user, 'record_alert');
}
$data = array('accacc_uid' => $user->getID(), 'accacc_ip' => $ip, 'accacc_isp' => $isp, 'accacc_ua' => $ua, 'accacc_time' => time());
$table->insertAssoc($data);
}
private function onRegister()
{
$form = $this->getForm();
$errorsA = $errorsB = '';
if (false !== ($errorsA = $form->validate($this->module)) || false !== ($errorsB = $this->onRegisterB())) {
return $errorsA . $errorsB . $this->templateForm();
}
$username = Common::getPost('username');
$password = Common::getPost('password');
$email = Common::getPost('email');
$birthdate = sprintf('%04d%02d%02d', Common::getPost('birthdatey'), Common::getPost('birthdatem'), Common::getPost('birthdated'));
$default_country = $this->module->cfgDetectCountry() ? GWF_IP2Country::detectCountryID() : 0;
$countryid = $form->getVar('countryid', $default_country);
require_once GWF_CORE_PATH . 'module/Register/GWF_UserActivation.php';
$token = GWF_UserActivation::generateToken();
$ua = new GWF_UserActivation(array('username' => $username, 'email' => $email, 'token' => $token, 'birthdate' => $birthdate, 'countryid' => $countryid, 'password' => GWF_Password::hashPasswordS($password), 'timestamp' => time(), 'ip' => GWF_IP6::getIP(GWF_IP_EXACT)));
if (false === $ua->insert()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)) . $this->templateForm();
}
if ($this->module->wantEmailActivation()) {
return $this->sendEmail($username, $email, $token, $password);
} else {
GWF_Website::redirect(GWF_WEB_ROOT . 'quick_activate/' . $token);
}
return $this->module->message('msg_registered');
}
public static function detectCountryID()
{
if (self::$detectedCountry === true) {
$ip = GWF_IP6::getIP(GWF_IP6::UINT_32);
self::$detectedCountry = self::table(__CLASS__)->selectVar('ip2c_cid', "ip2c_start<='{$ip}' AND ip2c_end>='{$ip}'");
}
return self::$detectedCountry;
}
/**
* Get a fake Guest User.
* @return GWF_User
*/
public static function getGuest()
{
static $GUEST;
if (!isset($GUEST)) {
$GUEST = new GWF_User(array('user_id' => '0', 'user_options' => 0, 'user_name' => GWF_HTML::lang('guest'), 'user_password' => '', 'user_regdate' => '', 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_email' => '', 'user_gender' => GWF_User::NO_GENDER, 'user_lastlogin' => '0', 'user_lastactivity' => time(), 'user_birthdate' => '', 'user_avatar_v' => '0', 'user_countryid' => '0', 'user_langid' => '0', 'user_langid2' => '0', 'user_level' => '0', 'user_title' => '', 'user_settings' => '', 'user_data' => '', 'user_credits' => '0.00'));
}
return $GUEST;
}
public static function getFailedData(GWF_User $user, $time)
{
$ip = GDO::escape(GWF_IP6::getIP(GWF_IP_EXACT));
$cut = time() - $time;
if (false === ($result = GDO::table(__CLASS__)->selectFirst('COUNT(*) c, MIN(logfail_time) min', "logfail_ip='{$ip}' AND logfail_time>{$cut}"))) {
return array(0, 0);
}
return array((int) $result['c'], (int) $result['min']);
}
private function onCrossRegister($username)
{
$options = 0;
$password = GWF_Random::randomKey();
$user = new GWF_User(array('user_id' => 0, 'user_options' => $options, 'user_name' => $username, 'user_password' => GWF_Password::hashPasswordS($password), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_email' => '', 'user_gender' => 'no_gender', 'user_lastlogin' => time(), 'user_lastactivity' => time(), 'user_birthdate' => '00000000', 'user_avatar_v' => 0, 'user_countryid' => 0, 'user_langid' => 1, 'user_langid2' => 0, 'user_level' => 0, 'user_title' => '', 'user_settings' => '', 'user_data' => '', 'user_credits' => '0.00'));
if (false === $user->insert()) {
return false;
}
return true;
}
private static function installPMBot(Module_PM $module)
{
$user = new GWF_User(array('user_name' => '_GWF_PM_BOT_', 'user_password' => 'x', 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT, '127.0.0.1'), 'user_email' => GWF_BOT_EMAIL, 'user_birthdate' => GWF_Time::getDate(GWF_Time::LEN_DAY), 'user_countryid' => 0, 'user_langid' => 0, 'user_options' => GWF_User::BOT, 'user_lastactivity' => time()));
if (false === $user->insert()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === GWF_ModuleLoader::saveModuleVar($module, 'pm_bot_uid', $user->getID())) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return '';
}
function wcc_ip6_check_answer(WC_Challenge $chall, $answer, $level)
{
require_once 'solutions.php';
if ($level === count($solutions)) {
$ip = $_SERVER['REMOTE_ADDR'];
if (GWF_IP6::isV6($ip)) {
$chall->onChallengeSolved(GWF_Session::getUserID());
}
return false;
}
return in_array(strtolower($answer), $solutions[$level], true);
}
private function parseIPs($ips)
{
$ips = str_replace(',', ' ', $ips);
if (0 === preg_match_all('/(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})/', $ips, $matches)) {
return array();
}
$back = array();
foreach ($matches[1] as $match) {
$ip = GWF_IP6::getIP(GWF_IP_QUICK, $match);
if (!in_array($ip, $back, true)) {
$back[] = $ip;
}
}
return $back;
}
public static function isBlocked($user)
{
$table = self::table(__CLASS__);
$ip = GWF_IP6::getIP(GWF_IP6::BIN_32_128);
$eip = $table->escape($ip);
$cut = time() - self::MAX_TIMEOUT;
$count = $table->countRows("wcsb_ip='{$eip}' AND wcsb_time>{$cut}");
if ($count >= self::MAX_ANSWERS) {
$min = $table->selectVar('MIN(wcsb_time)', "wcsb_ip='{$eip}' AND wcsb_time>{$cut}");
return $min + self::MAX_TIMEOUT - time();
}
$row = new self(array('wcsb_uid' => $user === false ? 0 : $user->getID(), 'wcsb_ip' => $ip, 'wcsb_time' => time()));
if (false === $row->insert()) {
return false;
}
return false;
}
private function onGuestVote()
{
if (!$this->votescore->isGuestVote()) {
return $this->module->error('err_no_guest');
}
$ip = GWF_IP6::getIP(GWF_IP_QUICK);
if (false === ($vsr = GWF_VoteScoreRow::getByIP($this->votescore->getID(), $ip))) {
if (false === $this->votescore->onGuestVote($this->score, $ip)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->onVoted(false);
} else {
if ($vsr->isUserVote()) {
return $this->module->message('err_vote_ip');
}
if (!$vsr->isGuestVoteExpired($this->module->cfgGuestTimeout())) {
$this->votescore->revertVote($vsr, $ip, 0);
}
if (false === $this->votescore->onGuestVote($this->score, $ip)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->onVoted(false);
}
}
public function onVote($user, array $chosen)
{
if ($user === false) {
return $this->onVoteGuest(GWF_IP6::getIP(GWF_IP_QUICK), $chosen);
} else {
return $this->onVoteUser($user, $chosen);
}
}
public function onProbe(Dog_Server $server, Dog_User $user, $from, $origin, $message)
{
if (GWF_IP6::isValidV4($message)) {
$ip = $message;
$host = 'my.ip.com';
} elseif ($message !== ($ip = gethostbyname($message))) {
$host = $message;
} else {
return "Cannot resolve hostname {$message}.";
}
$this->addIP($server, $ip);
return "Added {$host} / {$ip} to the scanning queue (on IRC " . $server->getDomain() . ").";
}
public function execute()
{
PT_IP::collect(GWF_IP6::getIP(GWF_IP_QUICK, Common::getGet('ip', false)));
die;
}
public function hasIPActivatedRecently()
{
$duration = $this->getIPTimeout();
$users = GDO::table('GWF_User');
$cut = GWF_Time::getDate(GWF_Date::LEN_SECOND, time() - $duration);
$ip = $users->escape(GWF_IP6::getIP(GWF_IP_EXACT));
return $users->selectFirst('1', "user_regip='{$ip}' AND user_regdate>'{$cut}'") !== false;
}
<?php
require_once 'WC_HTML.php';
# We always need it
# DEBUG
$debug = GWF_DEBUG_EMAIL && GWF_IP6::isLocal();
define('WECHALL_DEBUG_SCORING', $debug);
# set true to debug scoring events.
define('WECHALL_DEBUG_LINKING', $debug);
# set true to debug site linking
define('WECHALL_CAESUM_PATCH', 'defined');
/**
* WeChall + GWF! :D
* @author gizmore
* @version 1.02
*/
final class Module_WeChall extends GWF_Module
{
const BOARD_CHALLS = 'Challenges';
const BOARD_CHALLS_DESCR = 'Ask questions about our challenges here';
const BOARD_SOLUTIONS = 'Solutions';
const BOARD_SOLUTIONS_DESCR = 'Discuss solution to our challenges here';
const BOARD_SITES = 'Sites';
const BOARD_SITES_DESCR = 'Discuss the Challenge Sites here';
################
### Instance ###
################
private static $instance = false;
/**
* @return Module_WeChall
*/
public static function createAdmin($username, $password, $email, &$output)
{
if (false === ($user = GWF_User::getByName($username))) {
$user = new GWF_User(array('user_name' => $username, 'user_email' => $email, 'user_password' => GWF_Password::hashPasswordS($password), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_lastactivity' => time()));
if (false === $user->insert()) {
return false;
}
}
$userid = $user->getID();
if (false === GWF_UserGroup::addToGroup($userid, GWF_Group::getByName(GWF_Group::ADMIN)->getID())) {
return false;
}
if (false === GWF_UserGroup::addToGroup($userid, GWF_Group::getByName(GWF_Group::STAFF)->getID())) {
return false;
}
$output .= GWF_HTML::message('Install Wizard', sprintf('Added new admin user: %s - Password: [censored]', $username));
return true;
}
<?php
if (count($tVars['matches']) > 0) {
echo '<table>' . PHP_EOL;
echo sprintf('<tr><th>%s</th></tr>', $tLang->lang('matches', array(count($tVars['matches'])))) . PHP_EOL;
foreach ($tVars['matches'] as $ip) {
echo GWF_Table::rowStart();
echo sprintf('<td>%s</td>', GWF_IP6::displayIP($ip, GWF_IP_QUICK)) . PHP_EOL;
echo GWF_Table::rowEnd();
}
echo '</table>' . PHP_EOL;
}
echo $tVars['form'];
public static function updateCleared($userid)
{
return self::table(__CLASS__)->insertAssoc(array('lc_uid' => $userid, 'lc_date' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'lc_ip' => GWF_IP6::getIP(GWF_IP_EXACT)), true);
}
<?php
$p = $tVars['poll'];
$p instanceof GWF_VoteMulti;
$pid = $p->getVar('vm_id');
$o = $p->getChoices();
$total = $p->getVotecount();
$user = GWF_Session::getUser();
$has_voted = $p->hasVoted($user);
$may_vote = $p->mayVote($user);
$may_edit = $p->mayEdit($user);
$reveal = $p->canSeeOutcome($user);
$voterow = $user === false ? GWF_VoteMultiRow::getVoteRowGuest($pid, GWF_IP6::getIP(GWF_IP_QUICK)) : GWF_VoteMultiRow::getVoteRowUser($pid, $user->getID());
?>
<form method="post" action="<?php
echo htmlspecialchars($tVars['form_action']);
?>
">
<table>
<thead><tr><th colspan="4"><?php
echo $p->display('vm_title');
?>
</th></tr></thead>
<tr><td colspan="4"><span id="vm_<?php
echo $pid;
?>
"><?php
echo $reveal ? $total : '????';
?>
</span> <?php
echo $tLang->lang('votes');
/**
* Vote and revert votes safely. Return false or error msg.
* @param int $score
* @param int $userid
* @return error msg or false
*/
public function onUserVoteSafe($score, $userid)
{
$userid = (int) $userid;
$vsid = $this->getID();
# Revert Guest Vote with same IP
$ip = GWF_IP6::getIP(GWF_IP_QUICK);
// var_dump($ip);
if (false !== ($vsr = GWF_VoteScoreRow::getByIP($vsid, $ip))) {
// echo '<div>HAVE GUEST VOTE</div>';
// var_dump($vsr);
if (!$vsr->isGuestVoteExpired(GWF_Module::getModule('Votes')->cfgGuestTimeout())) {
if (false === $this->revertVote($vsr, $ip, 0)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
}
}
# Revert Users Vote
if (false !== ($vsr = GWF_VoteScoreRow::getByUID($vsid, $userid))) {
// echo '<div>HAVE OLD VOTE</div>';
if (false === $this->revertVote($vsr, 0, $userid)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
}
# And Vote it
if (false === $this->onUserVote($score, $userid, 0)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return false;
# No error
}
public function getColumnDefines()
{
return array('user_id' => array(GDO::AUTO_INCREMENT), 'user_options' => array(GDO::UINT | GDO::INDEX, 0), 'user_name' => array(GDO::VARCHAR | GDO::UNIQUE | GDO::ASCII | GDO::CASE_I, GDO::NOT_NULL, self::USERNAME_LENGTH), 'user_password' => array(GDO::CHAR | GDO::ASCII | GDO::CASE_S, GDO::NOT_NULL, 44), 'user_regdate' => array(GDO::CHAR | GDO::ASCII | GDO::CASE_S | GDO::INDEX, GDO::NOT_NULL, GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::gdoDefine(GWF_IP_EXACT, GDO::NOT_NULL), 'user_email' => array(GDO::VARCHAR | GDO::UTF8 | GDO::CASE_I, '', 255), 'user_gender' => array(GDO::ENUM, 'no_gender', array('male', 'female', 'no_gender')), 'user_lastlogin' => array(GDO::UINT, 0), 'user_lastactivity' => array(GDO::UINT | GDO::INDEX, 0), 'user_birthdate' => array(GDO::CHAR | GDO::ASCII | GDO::CASE_S, '00000000', GWF_Date::LEN_DAY), 'user_avatar_v' => array(GDO::UINT, 0), 'user_countryid' => array(GDO::UINT | GDO::INDEX, 0, 11), 'user_langid' => array(GDO::UINT, 0, 11), 'user_langid2' => array(GDO::UINT, 0, 11), 'user_level' => array(GDO::INT | GDO::INDEX, 0), 'user_title' => array(GDO::VARCHAR | GDO::UTF8 | GDO::CASE_I, '', 63), 'user_settings' => array(GDO::BLOB), 'user_data' => array(GDO::BLOB), 'user_credits' => array(GDO::DECIMAL, '0.00', array(9, 4)));
}
if ($gwf_path === '') {
die('Cannot autodetect GWF location!');
}
# Save detection to write it to index.php and cronjob.php
define('GWF_DETECT_PATH', $gwf_path);
########################
### Include GWF core ###
########################
require_once $gwf_path . 'gwf3.class.php';
###################################
### Try to load the config file ###
###################################
$config_path = 'protected/config.php';
if (is_file($config_path) && is_readable($config_path)) {
require_once $config_path;
} else {
require_once GWF_CORE_PATH . 'inc/install/GWF_AutoConfig.php';
GWF_AutoConfig::configure();
}
######################
### Security check ###
######################
if (!GWF_IP6::isLocal()) {
if ($_SERVER['REMOTE_ADDR'] !== $worker_ip) {
die(sprintf('You have no valid $worker_ip in %s line %s. Your current IP is %s', __FILE__, __LINE__, $_SERVER['REMOTE_ADDR']));
}
}
######################
### Call Installer ###
######################
require_once GWF_CORE_PATH . 'inc/install/install.php';
public function getColumnDefines()
{
return array('vsr_vsid' => array(GDO::UINT | GDO::INDEX, GDO::NOT_NULL), 'vsr_uid' => array(GDO::UINT | GDO::INDEX, GDO::NOT_NULL), 'vsr_ip' => GWF_IP6::gdoDefine(GWF_IP_QUICK, 0), 'vsr_time' => array(GDO::UINT, GDO::NOT_NULL), 'vsr_score' => array(GDO::INT, GDO::NOT_NULL), 'users' => array(GDO::JOIN, GDO::NOT_NULL, array('GWF_User', 'vsr_uid', 'user_id')));
}
private static function fixWeChallUser(Module_WeChall $module)
{
if (false === ($user = GWF_User::getByName('WeChall'))) {
$user = new GWF_User(array('user_name' => 'WeChall', 'user_email' => '*****@*****.**', 'user_password' => GWF_Password::hashPasswordS('wechallbot'), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT, '127.0.0.1'), 'user_lastactivity' => time(), 'user_options' => GWF_User::BOT));
if (false === $user->insert()) {
echo GWF_HTML::error('WeChall Install', 'Can not find user WeChall');
$uid = 0;
} else {
$uid = $user->getID();
}
} else {
$uid = $user->getID();
}
if (false === $module->saveModuleVar('wc_uid', $uid)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return '';
}
/**
* Get a robot by IP
* @param string $ip human notation
* @return GWF_User
*/
public static function getSpiderByIP($ip)
{
return self::getSpiderByIPHex128(GWF_IP6::getIP(GWF_IP6::HEX_128, $ip));
}
public function getColumnDefines()
{
return array('vmr_vmid' => array(GDO::UINT | GDO::INDEX, GDO::NOT_NULL), 'vmr_uid' => array(GDO::UINT | GDO::INDEX, GDO::NOT_NULL), 'vmr_ip' => GWF_IP6::gdoDefine(GWF_IP_QUICK, GDO::NULL, GDO::INDEX), 'vmr_time' => array(GDO::UINT, GDO::NOT_NULL), 'vmr_choices' => array(GDO::VARCHAR | GDO::ASCII | GDO::CASE_S, GDO::NOT_NULL, 255), 'vmr_vm' => array(GDO::JOIN, NULL, array('GWF_VoteMulti', 'vmr_vmid', 'vm_id')));
}
public function getColumnDefines()
{
return array('ptip_ip' => GWF_IP6::gdoDefine(GWF_IP_QUICK, GDO::NOT_NULL, GDO::PRIMARY_KEY), 'ptip_time' => array(GDO::DATE | GDO::PRIMARY_KEY, GDO::NOT_NULL, GWF_Date::LEN_HOUR));
}