public static function onAccess(Module_Account $module, GWF_User $user)
{
$alert = false;
$table = self::table(__CLASS__);
# Check UA
$ua = self::uahash();
if ($user->isOptionEnabled(GWF_User::ALERT_UAS)) {
if (!$table->selectVar('1', "accacc_uid={$user->getID()} AND accacc_ua=" . self::hashquote($ua))) {
$alert = true;
}
}
# Check exact IP
$ip = GWF_IP6::getIP(GWF_IP_EXACT);
if ($user->isOptionEnabled(GWF_User::ALERT_IPS)) {
if (!$table->selectVar('1', "accacc_uid={$user->getID()} AND accacc_ip='" . $table->escape($ip) . "'")) {
$alert = true;
}
}
$isp = null;
if ($user->isOptionEnabled(GWF_User::ALERT_ISPS)) {
$isp = self::isphash();
if (!$table->selectVar('1', "accacc_uid={$user->getID()} AND accacc_isp=" . self::hashquote($isp))) {
$alert = true;
}
}
if ($alert === true) {
self::sendAlertMail($module, $user, 'record_alert');
}
$data = array('accacc_uid' => $user->getID(), 'accacc_ip' => $ip, 'accacc_isp' => $isp, 'accacc_ua' => $ua, 'accacc_time' => time());
$table->insertAssoc($data);
}
public function execute()
{
return $_SERVER['REMOTE_ADDR'];
$ip = Common::getGetString('ip', false);
$type = Common::getGetString('type', GWF_IP6::INT_32);
return GWF_IP6::getIP($type, $ip);
}
private function onRegister()
{
$form = $this->getForm();
$errorsA = $errorsB = '';
if (false !== ($errorsA = $form->validate($this->module)) || false !== ($errorsB = $this->onRegisterB())) {
return $errorsA . $errorsB . $this->templateForm();
}
$username = Common::getPost('username');
$password = Common::getPost('password');
$email = Common::getPost('email');
$birthdate = sprintf('%04d%02d%02d', Common::getPost('birthdatey'), Common::getPost('birthdatem'), Common::getPost('birthdated'));
$default_country = $this->module->cfgDetectCountry() ? GWF_IP2Country::detectCountryID() : 0;
$countryid = $form->getVar('countryid', $default_country);
require_once GWF_CORE_PATH . 'module/Register/GWF_UserActivation.php';
$token = GWF_UserActivation::generateToken();
$ua = new GWF_UserActivation(array('username' => $username, 'email' => $email, 'token' => $token, 'birthdate' => $birthdate, 'countryid' => $countryid, 'password' => GWF_Password::hashPasswordS($password), 'timestamp' => time(), 'ip' => GWF_IP6::getIP(GWF_IP_EXACT)));
if (false === $ua->insert()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)) . $this->templateForm();
}
if ($this->module->wantEmailActivation()) {
return $this->sendEmail($username, $email, $token, $password);
} else {
GWF_Website::redirect(GWF_WEB_ROOT . 'quick_activate/' . $token);
}
return $this->module->message('msg_registered');
}
/**
* Get a fake Guest User.
* @return GWF_User
*/
public static function getGuest()
{
static $GUEST;
if (!isset($GUEST)) {
$GUEST = new GWF_User(array('user_id' => '0', 'user_options' => 0, 'user_name' => GWF_HTML::lang('guest'), 'user_password' => '', 'user_regdate' => '', 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_email' => '', 'user_gender' => GWF_User::NO_GENDER, 'user_lastlogin' => '0', 'user_lastactivity' => time(), 'user_birthdate' => '', 'user_avatar_v' => '0', 'user_countryid' => '0', 'user_langid' => '0', 'user_langid2' => '0', 'user_level' => '0', 'user_title' => '', 'user_settings' => '', 'user_data' => '', 'user_credits' => '0.00'));
}
return $GUEST;
}
public static function detectCountryID()
{
if (self::$detectedCountry === true) {
$ip = GWF_IP6::getIP(GWF_IP6::UINT_32);
self::$detectedCountry = self::table(__CLASS__)->selectVar('ip2c_cid', "ip2c_start<='{$ip}' AND ip2c_end>='{$ip}'");
}
return self::$detectedCountry;
}
public static function getFailedData(GWF_User $user, $time)
{
$ip = GDO::escape(GWF_IP6::getIP(GWF_IP_EXACT));
$cut = time() - $time;
if (false === ($result = GDO::table(__CLASS__)->selectFirst('COUNT(*) c, MIN(logfail_time) min', "logfail_ip='{$ip}' AND logfail_time>{$cut}"))) {
return array(0, 0);
}
return array((int) $result['c'], (int) $result['min']);
}
private function onCrossRegister($username)
{
$options = 0;
$password = GWF_Random::randomKey();
$user = new GWF_User(array('user_id' => 0, 'user_options' => $options, 'user_name' => $username, 'user_password' => GWF_Password::hashPasswordS($password), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_email' => '', 'user_gender' => 'no_gender', 'user_lastlogin' => time(), 'user_lastactivity' => time(), 'user_birthdate' => '00000000', 'user_avatar_v' => 0, 'user_countryid' => 0, 'user_langid' => 1, 'user_langid2' => 0, 'user_level' => 0, 'user_title' => '', 'user_settings' => '', 'user_data' => '', 'user_credits' => '0.00'));
if (false === $user->insert()) {
return false;
}
return true;
}
private static function installPMBot(Module_PM $module)
{
$user = new GWF_User(array('user_name' => '_GWF_PM_BOT_', 'user_password' => 'x', 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT, '127.0.0.1'), 'user_email' => GWF_BOT_EMAIL, 'user_birthdate' => GWF_Time::getDate(GWF_Time::LEN_DAY), 'user_countryid' => 0, 'user_langid' => 0, 'user_options' => GWF_User::BOT, 'user_lastactivity' => time()));
if (false === $user->insert()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === GWF_ModuleLoader::saveModuleVar($module, 'pm_bot_uid', $user->getID())) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return '';
}
private function parseIPs($ips)
{
$ips = str_replace(',', ' ', $ips);
if (0 === preg_match_all('/(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})/', $ips, $matches)) {
return array();
}
$back = array();
foreach ($matches[1] as $match) {
$ip = GWF_IP6::getIP(GWF_IP_QUICK, $match);
if (!in_array($ip, $back, true)) {
$back[] = $ip;
}
}
return $back;
}
public static function isBlocked($user)
{
$table = self::table(__CLASS__);
$ip = GWF_IP6::getIP(GWF_IP6::BIN_32_128);
$eip = $table->escape($ip);
$cut = time() - self::MAX_TIMEOUT;
$count = $table->countRows("wcsb_ip='{$eip}' AND wcsb_time>{$cut}");
if ($count >= self::MAX_ANSWERS) {
$min = $table->selectVar('MIN(wcsb_time)', "wcsb_ip='{$eip}' AND wcsb_time>{$cut}");
return $min + self::MAX_TIMEOUT - time();
}
$row = new self(array('wcsb_uid' => $user === false ? 0 : $user->getID(), 'wcsb_ip' => $ip, 'wcsb_time' => time()));
if (false === $row->insert()) {
return false;
}
return false;
}
private function onGuestVote()
{
if (!$this->votescore->isGuestVote()) {
return $this->module->error('err_no_guest');
}
$ip = GWF_IP6::getIP(GWF_IP_QUICK);
if (false === ($vsr = GWF_VoteScoreRow::getByIP($this->votescore->getID(), $ip))) {
if (false === $this->votescore->onGuestVote($this->score, $ip)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->onVoted(false);
} else {
if ($vsr->isUserVote()) {
return $this->module->message('err_vote_ip');
}
if (!$vsr->isGuestVoteExpired($this->module->cfgGuestTimeout())) {
$this->votescore->revertVote($vsr, $ip, 0);
}
if (false === $this->votescore->onGuestVote($this->score, $ip)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->onVoted(false);
}
}
<?php
$p = $tVars['poll'];
$p instanceof GWF_VoteMulti;
$pid = $p->getVar('vm_id');
$o = $p->getChoices();
$total = $p->getVotecount();
$user = GWF_Session::getUser();
$has_voted = $p->hasVoted($user);
$may_vote = $p->mayVote($user);
$may_edit = $p->mayEdit($user);
$reveal = $p->canSeeOutcome($user);
$voterow = $user === false ? GWF_VoteMultiRow::getVoteRowGuest($pid, GWF_IP6::getIP(GWF_IP_QUICK)) : GWF_VoteMultiRow::getVoteRowUser($pid, $user->getID());
?>
<form method="post" action="<?php
echo htmlspecialchars($tVars['form_action']);
?>
">
<table>
<thead><tr><th colspan="4"><?php
echo $p->display('vm_title');
?>
</th></tr></thead>
<tr><td colspan="4"><span id="vm_<?php
echo $pid;
?>
"><?php
echo $reveal ? $total : '????';
?>
</span> <?php
echo $tLang->lang('votes');
public static function createAdmin($username, $password, $email, &$output)
{
if (false === ($user = GWF_User::getByName($username))) {
$user = new GWF_User(array('user_name' => $username, 'user_email' => $email, 'user_password' => GWF_Password::hashPasswordS($password), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_lastactivity' => time()));
if (false === $user->insert()) {
return false;
}
}
$userid = $user->getID();
if (false === GWF_UserGroup::addToGroup($userid, GWF_Group::getByName(GWF_Group::ADMIN)->getID())) {
return false;
}
if (false === GWF_UserGroup::addToGroup($userid, GWF_Group::getByName(GWF_Group::STAFF)->getID())) {
return false;
}
$output .= GWF_HTML::message('Install Wizard', sprintf('Added new admin user: %s - Password: [censored]', $username));
return true;
}
/**
* Insert an event on login.
* @param int $userid
* @return boolean
*/
public static function insertEvent($userid)
{
return self::table(__CLASS__)->insertAssoc(array('loghis_uid' => $userid, 'loghis_time' => time(), 'loghis_ip' => GWF_IP6::getIP(GWF_IP_EXACT)), false);
}
public function execute()
{
PT_IP::collect(GWF_IP6::getIP(GWF_IP_QUICK, Common::getGet('ip', false)));
die;
}
public static function updateCleared($userid)
{
return self::table(__CLASS__)->insertAssoc(array('lc_uid' => $userid, 'lc_date' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'lc_ip' => GWF_IP6::getIP(GWF_IP_EXACT)), true);
}
/**
* Log the current UID+IP+UA
* Enter description here ...
*/
public static function logIP()
{
return self::table(__CLASS__)->insertAssoc(array('iplog_uid' => GWF_Session::getUserID(), 'iplog_ip' => GWF_IP6::getIP(GWF_IP_EXACT), 'iplog_ua' => self::getUAHash(), 'iplog_time' => time()), true);
}
private static function fixWeChallUser(Module_WeChall $module)
{
if (false === ($user = GWF_User::getByName('WeChall'))) {
$user = new GWF_User(array('user_name' => 'WeChall', 'user_email' => '*****@*****.**', 'user_password' => GWF_Password::hashPasswordS('wechallbot'), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT, '127.0.0.1'), 'user_lastactivity' => time(), 'user_options' => GWF_User::BOT));
if (false === $user->insert()) {
echo GWF_HTML::error('WeChall Install', 'Can not find user WeChall');
$uid = 0;
} else {
$uid = $user->getID();
}
} else {
$uid = $user->getID();
}
if (false === $module->saveModuleVar('wc_uid', $uid)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return '';
}
public function hasIPActivatedRecently()
{
$duration = $this->getIPTimeout();
$users = GDO::table('GWF_User');
$cut = GWF_Time::getDate(GWF_Date::LEN_SECOND, time() - $duration);
$ip = $users->escape(GWF_IP6::getIP(GWF_IP_EXACT));
return $users->selectFirst('1', "user_regip='{$ip}' AND user_regdate>'{$cut}'") !== false;
}
public static function onLogin(GWF_User $user, $bind_to_ip = true, $with_hooks = true)
{
$userid = $user->getID();
# Keep only N sessions for one user
if (false === ($result = self::$SESSION->selectFirst('sess_id min', "sess_user={$userid}", 'sess_id DESC', NULL, self::ARRAY_N, GWF_SESS_PER_USER - 1))) {
$cut_id = '1';
#return false;
} else {
$cut_id = $result[0];
}
if (false === self::$SESSION->deleteWhere("sess_user={$userid} AND sess_id<{$cut_id}")) {
GWF_HTML::err(ERR_DATABASE, array(__FILE__, __LINE__));
return false;
}
# Update session
if (!self::$SESSION->saveVars(array('sess_user' => $userid, 'sess_ip' => $bind_to_ip ? GWF_IP6::getIP(GWF_IP_EXACT) : null))) {
return false;
}
self::$SESSION->setVar('sess_user', $user);
# Set cookies
self::setCookies(self::$SESSION->getVar('sess_id'), $userid, self::$SESSION->getVar('sess_sid'));
self::$USER = $user;
# Call hooks
return $with_hooks ? GWF_Hook::call(GWF_Hook::LOGIN, $user) : true;
}
public function onVote($user, array $chosen)
{
if ($user === false) {
return $this->onVoteGuest(GWF_IP6::getIP(GWF_IP_QUICK), $chosen);
} else {
return $this->onVoteUser($user, $chosen);
}
}
/**
* Vote and revert votes safely. Return false or error msg.
* @param int $score
* @param int $userid
* @return error msg or false
*/
public function onUserVoteSafe($score, $userid)
{
$userid = (int) $userid;
$vsid = $this->getID();
# Revert Guest Vote with same IP
$ip = GWF_IP6::getIP(GWF_IP_QUICK);
// var_dump($ip);
if (false !== ($vsr = GWF_VoteScoreRow::getByIP($vsid, $ip))) {
// echo '<div>HAVE GUEST VOTE</div>';
// var_dump($vsr);
if (!$vsr->isGuestVoteExpired(GWF_Module::getModule('Votes')->cfgGuestTimeout())) {
if (false === $this->revertVote($vsr, $ip, 0)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
}
}
# Revert Users Vote
if (false !== ($vsr = GWF_VoteScoreRow::getByUID($vsid, $userid))) {
// echo '<div>HAVE OLD VOTE</div>';
if (false === $this->revertVote($vsr, 0, $userid)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
}
# And Vote it
if (false === $this->onUserVote($score, $userid, 0)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return false;
# No error
}
/**
* Get a robot by IP
* @param string $ip human notation
* @return GWF_User
*/
public static function getSpiderByIP($ip)
{
return self::getSpiderByIPHex128(GWF_IP6::getIP(GWF_IP6::HEX_128, $ip));
}
private static function get_ip_range($ip)
{
$count = 3 - substr_count($ip, '.');
$ipmin = $ip . str_repeat('.0', $count);
$ipmax = $ip . str_repeat('.255', $count);
// echo "Crating range from shortcut. $ipmin-$ipmax<br/>";
return array(GWF_Numeric::baseConvert(GWF_IP6::getIP(GWF_IP6::HEX_128, $ipmin), 16, 10), GWF_Numeric::baseConvert(GWF_IP6::getIP(GWF_IP6::HEX_128, $ipmax), 16, 10));
}