Esempio n. 1
0
 public static function onAccess(Module_Account $module, GWF_User $user)
 {
     $alert = false;
     $table = self::table(__CLASS__);
     # Check UA
     $ua = self::uahash();
     if ($user->isOptionEnabled(GWF_User::ALERT_UAS)) {
         if (!$table->selectVar('1', "accacc_uid={$user->getID()} AND accacc_ua=" . self::hashquote($ua))) {
             $alert = true;
         }
     }
     # Check exact IP
     $ip = GWF_IP6::getIP(GWF_IP_EXACT);
     if ($user->isOptionEnabled(GWF_User::ALERT_IPS)) {
         if (!$table->selectVar('1', "accacc_uid={$user->getID()} AND accacc_ip='" . $table->escape($ip) . "'")) {
             $alert = true;
         }
     }
     $isp = null;
     if ($user->isOptionEnabled(GWF_User::ALERT_ISPS)) {
         $isp = self::isphash();
         if (!$table->selectVar('1', "accacc_uid={$user->getID()} AND accacc_isp=" . self::hashquote($isp))) {
             $alert = true;
         }
     }
     if ($alert === true) {
         self::sendAlertMail($module, $user, 'record_alert');
     }
     $data = array('accacc_uid' => $user->getID(), 'accacc_ip' => $ip, 'accacc_isp' => $isp, 'accacc_ua' => $ua, 'accacc_time' => time());
     $table->insertAssoc($data);
 }
Esempio n. 2
0
 public function execute()
 {
     return $_SERVER['REMOTE_ADDR'];
     $ip = Common::getGetString('ip', false);
     $type = Common::getGetString('type', GWF_IP6::INT_32);
     return GWF_IP6::getIP($type, $ip);
 }
Esempio n. 3
0
 private function onRegister()
 {
     $form = $this->getForm();
     $errorsA = $errorsB = '';
     if (false !== ($errorsA = $form->validate($this->module)) || false !== ($errorsB = $this->onRegisterB())) {
         return $errorsA . $errorsB . $this->templateForm();
     }
     $username = Common::getPost('username');
     $password = Common::getPost('password');
     $email = Common::getPost('email');
     $birthdate = sprintf('%04d%02d%02d', Common::getPost('birthdatey'), Common::getPost('birthdatem'), Common::getPost('birthdated'));
     $default_country = $this->module->cfgDetectCountry() ? GWF_IP2Country::detectCountryID() : 0;
     $countryid = $form->getVar('countryid', $default_country);
     require_once GWF_CORE_PATH . 'module/Register/GWF_UserActivation.php';
     $token = GWF_UserActivation::generateToken();
     $ua = new GWF_UserActivation(array('username' => $username, 'email' => $email, 'token' => $token, 'birthdate' => $birthdate, 'countryid' => $countryid, 'password' => GWF_Password::hashPasswordS($password), 'timestamp' => time(), 'ip' => GWF_IP6::getIP(GWF_IP_EXACT)));
     if (false === $ua->insert()) {
         return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)) . $this->templateForm();
     }
     if ($this->module->wantEmailActivation()) {
         return $this->sendEmail($username, $email, $token, $password);
     } else {
         GWF_Website::redirect(GWF_WEB_ROOT . 'quick_activate/' . $token);
     }
     return $this->module->message('msg_registered');
 }
Esempio n. 4
0
 /**
  * Get a fake Guest User.
  * @return GWF_User
  */
 public static function getGuest()
 {
     static $GUEST;
     if (!isset($GUEST)) {
         $GUEST = new GWF_User(array('user_id' => '0', 'user_options' => 0, 'user_name' => GWF_HTML::lang('guest'), 'user_password' => '', 'user_regdate' => '', 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_email' => '', 'user_gender' => GWF_User::NO_GENDER, 'user_lastlogin' => '0', 'user_lastactivity' => time(), 'user_birthdate' => '', 'user_avatar_v' => '0', 'user_countryid' => '0', 'user_langid' => '0', 'user_langid2' => '0', 'user_level' => '0', 'user_title' => '', 'user_settings' => '', 'user_data' => '', 'user_credits' => '0.00'));
     }
     return $GUEST;
 }
Esempio n. 5
0
 public static function detectCountryID()
 {
     if (self::$detectedCountry === true) {
         $ip = GWF_IP6::getIP(GWF_IP6::UINT_32);
         self::$detectedCountry = self::table(__CLASS__)->selectVar('ip2c_cid', "ip2c_start<='{$ip}' AND ip2c_end>='{$ip}'");
     }
     return self::$detectedCountry;
 }
Esempio n. 6
0
 public static function getFailedData(GWF_User $user, $time)
 {
     $ip = GDO::escape(GWF_IP6::getIP(GWF_IP_EXACT));
     $cut = time() - $time;
     if (false === ($result = GDO::table(__CLASS__)->selectFirst('COUNT(*) c, MIN(logfail_time) min', "logfail_ip='{$ip}' AND logfail_time>{$cut}"))) {
         return array(0, 0);
     }
     return array((int) $result['c'], (int) $result['min']);
 }
Esempio n. 7
0
 private function onCrossRegister($username)
 {
     $options = 0;
     $password = GWF_Random::randomKey();
     $user = new GWF_User(array('user_id' => 0, 'user_options' => $options, 'user_name' => $username, 'user_password' => GWF_Password::hashPasswordS($password), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_email' => '', 'user_gender' => 'no_gender', 'user_lastlogin' => time(), 'user_lastactivity' => time(), 'user_birthdate' => '00000000', 'user_avatar_v' => 0, 'user_countryid' => 0, 'user_langid' => 1, 'user_langid2' => 0, 'user_level' => 0, 'user_title' => '', 'user_settings' => '', 'user_data' => '', 'user_credits' => '0.00'));
     if (false === $user->insert()) {
         return false;
     }
     return true;
 }
Esempio n. 8
0
 private static function installPMBot(Module_PM $module)
 {
     $user = new GWF_User(array('user_name' => '_GWF_PM_BOT_', 'user_password' => 'x', 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT, '127.0.0.1'), 'user_email' => GWF_BOT_EMAIL, 'user_birthdate' => GWF_Time::getDate(GWF_Time::LEN_DAY), 'user_countryid' => 0, 'user_langid' => 0, 'user_options' => GWF_User::BOT, 'user_lastactivity' => time()));
     if (false === $user->insert()) {
         return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
     }
     if (false === GWF_ModuleLoader::saveModuleVar($module, 'pm_bot_uid', $user->getID())) {
         return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
     }
     return '';
 }
Esempio n. 9
0
 private function parseIPs($ips)
 {
     $ips = str_replace(',', ' ', $ips);
     if (0 === preg_match_all('/(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})/', $ips, $matches)) {
         return array();
     }
     $back = array();
     foreach ($matches[1] as $match) {
         $ip = GWF_IP6::getIP(GWF_IP_QUICK, $match);
         if (!in_array($ip, $back, true)) {
             $back[] = $ip;
         }
     }
     return $back;
 }
Esempio n. 10
0
 public static function isBlocked($user)
 {
     $table = self::table(__CLASS__);
     $ip = GWF_IP6::getIP(GWF_IP6::BIN_32_128);
     $eip = $table->escape($ip);
     $cut = time() - self::MAX_TIMEOUT;
     $count = $table->countRows("wcsb_ip='{$eip}' AND wcsb_time>{$cut}");
     if ($count >= self::MAX_ANSWERS) {
         $min = $table->selectVar('MIN(wcsb_time)', "wcsb_ip='{$eip}' AND wcsb_time>{$cut}");
         return $min + self::MAX_TIMEOUT - time();
     }
     $row = new self(array('wcsb_uid' => $user === false ? 0 : $user->getID(), 'wcsb_ip' => $ip, 'wcsb_time' => time()));
     if (false === $row->insert()) {
         return false;
     }
     return false;
 }
Esempio n. 11
0
 private function onGuestVote()
 {
     if (!$this->votescore->isGuestVote()) {
         return $this->module->error('err_no_guest');
     }
     $ip = GWF_IP6::getIP(GWF_IP_QUICK);
     if (false === ($vsr = GWF_VoteScoreRow::getByIP($this->votescore->getID(), $ip))) {
         if (false === $this->votescore->onGuestVote($this->score, $ip)) {
             return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
         }
         return $this->onVoted(false);
     } else {
         if ($vsr->isUserVote()) {
             return $this->module->message('err_vote_ip');
         }
         if (!$vsr->isGuestVoteExpired($this->module->cfgGuestTimeout())) {
             $this->votescore->revertVote($vsr, $ip, 0);
         }
         if (false === $this->votescore->onGuestVote($this->score, $ip)) {
             return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
         }
         return $this->onVoted(false);
     }
 }
Esempio n. 12
0
<?php

$p = $tVars['poll'];
$p instanceof GWF_VoteMulti;
$pid = $p->getVar('vm_id');
$o = $p->getChoices();
$total = $p->getVotecount();
$user = GWF_Session::getUser();
$has_voted = $p->hasVoted($user);
$may_vote = $p->mayVote($user);
$may_edit = $p->mayEdit($user);
$reveal = $p->canSeeOutcome($user);
$voterow = $user === false ? GWF_VoteMultiRow::getVoteRowGuest($pid, GWF_IP6::getIP(GWF_IP_QUICK)) : GWF_VoteMultiRow::getVoteRowUser($pid, $user->getID());
?>
<form method="post" action="<?php 
echo htmlspecialchars($tVars['form_action']);
?>
">
<table>
<thead><tr><th colspan="4"><?php 
echo $p->display('vm_title');
?>
</th></tr></thead>
<tr><td colspan="4"><span id="vm_<?php 
echo $pid;
?>
"><?php 
echo $reveal ? $total : '????';
?>
</span>&nbsp;<?php 
echo $tLang->lang('votes');
Esempio n. 13
0
 public static function createAdmin($username, $password, $email, &$output)
 {
     if (false === ($user = GWF_User::getByName($username))) {
         $user = new GWF_User(array('user_name' => $username, 'user_email' => $email, 'user_password' => GWF_Password::hashPasswordS($password), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT), 'user_lastactivity' => time()));
         if (false === $user->insert()) {
             return false;
         }
     }
     $userid = $user->getID();
     if (false === GWF_UserGroup::addToGroup($userid, GWF_Group::getByName(GWF_Group::ADMIN)->getID())) {
         return false;
     }
     if (false === GWF_UserGroup::addToGroup($userid, GWF_Group::getByName(GWF_Group::STAFF)->getID())) {
         return false;
     }
     $output .= GWF_HTML::message('Install Wizard', sprintf('Added new admin user: %s - Password: [censored]', $username));
     return true;
 }
Esempio n. 14
0
 /**
  * Insert an event on login.
  * @param int $userid
  * @return boolean
  */
 public static function insertEvent($userid)
 {
     return self::table(__CLASS__)->insertAssoc(array('loghis_uid' => $userid, 'loghis_time' => time(), 'loghis_ip' => GWF_IP6::getIP(GWF_IP_EXACT)), false);
 }
Esempio n. 15
0
 public function execute()
 {
     PT_IP::collect(GWF_IP6::getIP(GWF_IP_QUICK, Common::getGet('ip', false)));
     die;
 }
Esempio n. 16
0
 public static function updateCleared($userid)
 {
     return self::table(__CLASS__)->insertAssoc(array('lc_uid' => $userid, 'lc_date' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'lc_ip' => GWF_IP6::getIP(GWF_IP_EXACT)), true);
 }
Esempio n. 17
0
 /**
  * Log the current UID+IP+UA
  * Enter description here ...
  */
 public static function logIP()
 {
     return self::table(__CLASS__)->insertAssoc(array('iplog_uid' => GWF_Session::getUserID(), 'iplog_ip' => GWF_IP6::getIP(GWF_IP_EXACT), 'iplog_ua' => self::getUAHash(), 'iplog_time' => time()), true);
 }
Esempio n. 18
0
 private static function fixWeChallUser(Module_WeChall $module)
 {
     if (false === ($user = GWF_User::getByName('WeChall'))) {
         $user = new GWF_User(array('user_name' => 'WeChall', 'user_email' => '*****@*****.**', 'user_password' => GWF_Password::hashPasswordS('wechallbot'), 'user_regdate' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'user_regip' => GWF_IP6::getIP(GWF_IP_EXACT, '127.0.0.1'), 'user_lastactivity' => time(), 'user_options' => GWF_User::BOT));
         if (false === $user->insert()) {
             echo GWF_HTML::error('WeChall Install', 'Can not find user WeChall');
             $uid = 0;
         } else {
             $uid = $user->getID();
         }
     } else {
         $uid = $user->getID();
     }
     if (false === $module->saveModuleVar('wc_uid', $uid)) {
         return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
     }
     return '';
 }
Esempio n. 19
0
 public function hasIPActivatedRecently()
 {
     $duration = $this->getIPTimeout();
     $users = GDO::table('GWF_User');
     $cut = GWF_Time::getDate(GWF_Date::LEN_SECOND, time() - $duration);
     $ip = $users->escape(GWF_IP6::getIP(GWF_IP_EXACT));
     return $users->selectFirst('1', "user_regip='{$ip}' AND user_regdate>'{$cut}'") !== false;
 }
Esempio n. 20
0
 public static function onLogin(GWF_User $user, $bind_to_ip = true, $with_hooks = true)
 {
     $userid = $user->getID();
     # Keep only N sessions for one user
     if (false === ($result = self::$SESSION->selectFirst('sess_id min', "sess_user={$userid}", 'sess_id DESC', NULL, self::ARRAY_N, GWF_SESS_PER_USER - 1))) {
         $cut_id = '1';
         #return false;
     } else {
         $cut_id = $result[0];
     }
     if (false === self::$SESSION->deleteWhere("sess_user={$userid} AND sess_id<{$cut_id}")) {
         GWF_HTML::err(ERR_DATABASE, array(__FILE__, __LINE__));
         return false;
     }
     # Update session
     if (!self::$SESSION->saveVars(array('sess_user' => $userid, 'sess_ip' => $bind_to_ip ? GWF_IP6::getIP(GWF_IP_EXACT) : null))) {
         return false;
     }
     self::$SESSION->setVar('sess_user', $user);
     # Set cookies
     self::setCookies(self::$SESSION->getVar('sess_id'), $userid, self::$SESSION->getVar('sess_sid'));
     self::$USER = $user;
     # Call hooks
     return $with_hooks ? GWF_Hook::call(GWF_Hook::LOGIN, $user) : true;
 }
Esempio n. 21
0
 public function onVote($user, array $chosen)
 {
     if ($user === false) {
         return $this->onVoteGuest(GWF_IP6::getIP(GWF_IP_QUICK), $chosen);
     } else {
         return $this->onVoteUser($user, $chosen);
     }
 }
Esempio n. 22
0
 /**
  * Vote and revert votes safely. Return false or error msg.
  * @param int $score
  * @param int $userid
  * @return error msg or false
  */
 public function onUserVoteSafe($score, $userid)
 {
     $userid = (int) $userid;
     $vsid = $this->getID();
     # Revert Guest Vote with same IP
     $ip = GWF_IP6::getIP(GWF_IP_QUICK);
     //		var_dump($ip);
     if (false !== ($vsr = GWF_VoteScoreRow::getByIP($vsid, $ip))) {
         //			echo '<div>HAVE GUEST VOTE</div>';
         //			var_dump($vsr);
         if (!$vsr->isGuestVoteExpired(GWF_Module::getModule('Votes')->cfgGuestTimeout())) {
             if (false === $this->revertVote($vsr, $ip, 0)) {
                 return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
             }
         }
     }
     # Revert Users Vote
     if (false !== ($vsr = GWF_VoteScoreRow::getByUID($vsid, $userid))) {
         //			echo '<div>HAVE OLD VOTE</div>';
         if (false === $this->revertVote($vsr, 0, $userid)) {
             return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
         }
     }
     # And Vote it
     if (false === $this->onUserVote($score, $userid, 0)) {
         return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
     }
     return false;
     # No error
 }
Esempio n. 23
0
 /**
  * Get a robot by IP
  * @param string $ip human notation
  * @return GWF_User
  */
 public static function getSpiderByIP($ip)
 {
     return self::getSpiderByIPHex128(GWF_IP6::getIP(GWF_IP6::HEX_128, $ip));
 }
Esempio n. 24
0
 private static function get_ip_range($ip)
 {
     $count = 3 - substr_count($ip, '.');
     $ipmin = $ip . str_repeat('.0', $count);
     $ipmax = $ip . str_repeat('.255', $count);
     //		echo "Crating range from shortcut. $ipmin-$ipmax<br/>";
     return array(GWF_Numeric::baseConvert(GWF_IP6::getIP(GWF_IP6::HEX_128, $ipmin), 16, 10), GWF_Numeric::baseConvert(GWF_IP6::getIP(GWF_IP6::HEX_128, $ipmax), 16, 10));
 }