/**
* Clean up tasks that should be done hourly. This task cannot be relied on
* to run every hour, consistently.
*/
public static function runHourlyCleanUp()
{
// delete unassociated attachments
$unassociatedAttachCutOff = XenForo_Application::$time - 86400;
$attachmentModel = XenForo_Model::create('XenForo_Model_Attachment');
$attachmentModel->deleteUnassociatedAttachments($unassociatedAttachCutOff);
$attachmentModel->deleteUnusedAttachmentData();
// delete expired sessions
$session = new XenForo_Session();
$session->deleteExpiredSessions();
// delete expired admin sessions
$session = new XenForo_Session(array('admin' => true));
$session->deleteExpiredSessions();
// delete expired session activities
$sessionModel = XenForo_Model::create('XenForo_Model_Session');
$sessionCleanUpCutOff = XenForo_Application::$time - 3600;
$sessionModel->updateUserLastActivityFromSessions();
$sessionModel->deleteSessionActivityOlderThanCutOff($sessionCleanUpCutOff);
// delete expired thread redirects
$threadRedirectModel = XenForo_Model::create('XenForo_Model_ThreadRedirect');
$redirects = $threadRedirectModel->getExpiredThreadRedirects(XenForo_Application::$time);
$threadRedirectModel->deleteThreadRedirects(array_keys($redirects));
XenForo_Model::create('XenForo_Model_Alert')->deleteOldReadAlerts();
XenForo_Model::create('XenForo_Model_Alert')->deleteOldUnreadAlerts();
XenForo_Model::create('XenForo_Model_NewsFeed')->deleteOldNewsFeedItems();
XenForo_Model::create('XenForo_Model_Login')->cleanUpLoginAttempts();
XenForo_Model::create('XenForo_Model_CaptchaQuestion')->deleteOldCaptchas();
}
public function actionLogin()
{
$this->_assertPostOnly();
$data = $this->_input->filter(array('login' => XenForo_Input::STRING, 'password' => XenForo_Input::STRING, 'redirect' => XenForo_Input::STRING, 'cookie_check' => XenForo_Input::UINT));
$redirect = $data['redirect'] ? $data['redirect'] : XenForo_Link::buildAdminLink('index');
$loginModel = $this->_getLoginModel();
if ($data['cookie_check'] && count($_COOKIE) == 0) {
// login came from a page, so we should at least have a session cookie.
// if we don't, assume that cookies are disabled
return $this->responseError(new XenForo_Phrase('cookies_required_to_log_in_to_site'));
}
$needCaptcha = $loginModel->requireLoginCaptcha($data['login']);
if ($needCaptcha) {
// just block logins here instead of using the captcha
return $this->responseError(new XenForo_Phrase('your_account_has_temporarily_been_locked_due_to_failed_login_attempts'));
}
$userModel = $this->_getUserModel();
$userId = $userModel->validateAuthentication($data['login'], $data['password'], $error);
if (!$userId) {
$loginModel->logLoginAttempt($data['login']);
if ($loginModel->requireLoginCaptcha($data['login'])) {
return $this->responseError(new XenForo_Phrase('your_account_has_temporarily_been_locked_due_to_failed_login_attempts'));
}
if ($this->_input->filterSingle('upgrade', XenForo_Input::UINT)) {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $redirect);
} else {
// note - JSON view will return responseError($text)
return $this->responseView('XenForo_ViewAdmin_Login_Error', 'login_form', array('text' => $error, 'defaultLogin' => $data['login'], 'redirect' => $redirect), array('containerTemplate' => 'LOGIN_PAGE'));
}
}
$loginModel->clearLoginAttempts($data['login']);
XenForo_Model_Ip::log($userId, 'user', $userId, 'login_admin');
XenForo_Application::get('session')->changeUserId($userId);
XenForo_Visitor::setup($userId);
// if guest on front-end, login there too
$publicSession = new XenForo_Session();
$publicSession->start();
if (!$publicSession->get('user_id')) {
$publicSession->changeUserId($userId);
$publicSession->save();
}
$visitor = XenForo_Visitor::getInstance();
// now check that the user will be able to get into the ACP (is_admin)
if (!$visitor->is_admin) {
return $this->responseError(new XenForo_Phrase('your_account_does_not_have_admin_privileges'));
}
if ($this->_input->filterSingle('repost', XenForo_Input::UINT)) {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $redirect, '', array('repost' => 1, 'postVars' => $this->_input->filterSingle('postVars', XenForo_Input::JSON_ARRAY)));
} else {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $redirect);
}
}
/**
* Setup the session.
*
* @param string $action
*/
protected function _setupSession($action)
{
if (XenForo_Application::isRegistered('session')) {
return;
}
XenForo_Session::startAdminSession($this->_request);
}
public function actionLogout()
{
$fr_username = $this->_input->filterSingle('fr_username', XenForo_Input::STRING);
if (XenForo_Visitor::getInstance()->get('is_admin')) {
$admin = new XenForo_Session(array('admin' => true));
$admin->start();
if ($admin->get('user_id') == XenForo_Visitor::getUserId()) {
$admin->delete();
}
}
fr_remove_push_user();
$this->getModelFromCache('XenForo_Model_Session')->processLastActivityUpdateForLogOut(XenForo_Visitor::getUserId());
XenForo_Application::get('session')->delete();
XenForo_Helper_Cookie::deleteAllCookies(array('session'), array('user' => array('httpOnly' => false)));
XenForo_Visitor::setup(0);
$requires_authentication = false;
if (!XenForo_Visitor::getInstance()->hasPermission('general', 'view')) {
$requires_authentication = true;
}
$options = XenForo_Application::get('options');
if (!$options->boardActive) {
$requires_authentication = true;
}
return array('success' => true, 'requires_authentication' => $requires_authentication);
}
public static function tpr_callback($templateName, &$content, array &$containerData, XenForo_Template_Abstract $template)
{
if ($templateName == 'xenforo.css') {
XenForo_Session::startPublicSession();
$nid = 0;
#default
$visitor = XenForo_Visitor::getInstance();
if ($visitor['user_id']) {
if ($visitor->hasPermission('backgroundchanginggroup', 'canchangebkg')) {
$uid = $visitor['user_id'];
$r = customBackgroundChooser_sharedStatic::getFromDB($nid, $uid);
$f = null;
if (customBackgroundChooser_sharedStatic::startsWith($r, 'url')) {
$u = substr($r, 3);
$i = 'rgb(0, 0, 0) url(\'' . $u . '\') no-repeat fixed 50% 0 / cover';
$f = $i;
} else {
if (customBackgroundChooser_sharedStatic::startsWith($r, 'sug')) {
$u = substr($r, 3);
$i = 'rgb(0, 0, 0) url(\'styles/kiror/customBackgroundChooser/defaultImages/' . $u . '.jpg\') no-repeat fixed 50% 0 / cover';
$f = $i;
} else {
if (customBackgroundChooser_sharedStatic::startsWith($r, 'clr')) {
$u = substr($r, 3);
$f = $u;
}
}
}
if ($f) {
$content .= "\nbody\n{\n\tbackground: " . $f . ";\n}\n";
}
}
}
}
}
public function actionForm()
{
$publicSession = XenForo_Session::getPublicSession($this->_request);
if ($publicSession->get('user_id')) {
$publicVisitor = $this->getModelFromCache('XenForo_Model_User')->getUserById($publicSession->get('user_id'));
if ($publicVisitor) {
XenForo_Visitor::getInstance()->setVisitorLanguage($publicVisitor['language_id']);
}
} else {
$publicVisitor = false;
}
if ($this->_request->isPost()) {
$repost = true;
$postVars = $_POST;
if (!isset($postVars['redirect'])) {
$postVars['redirect'] = $this->getDynamicRedirect();
}
} else {
$repost = false;
$postVars = false;
}
$viewParams = array('publicVisitor' => $publicVisitor, 'repost' => $repost, 'postVars' => $postVars);
$containerParams = array('containerTemplate' => 'LOGIN_PAGE');
return $this->responseView('XenForo_ViewAdmin_Login_Form', 'login_form', $viewParams, $containerParams);
}
/**
* Single-stage logout procedure
*/
public function actionIndex()
{
$this->_checkCsrfFromToken($this->_input->filterSingle('_xfToken', XenForo_Input::STRING));
// remove an admin session if we're logged in as the same person
if (XenForo_Visitor::getInstance()->get('is_admin')) {
$adminSession = new XenForo_Session(array('admin' => true));
$adminSession->start();
if ($adminSession->get('user_id') == XenForo_Visitor::getUserId()) {
$adminSession->delete();
}
}
$this->getModelFromCache('XenForo_Model_Session')->processLastActivityUpdateForLogOut(XenForo_Visitor::getUserId());
XenForo_Application::get('session')->delete();
XenForo_Helper_Cookie::deleteAllCookies(array('session'), array('user' => array('httpOnly' => false)));
XenForo_Visitor::setup(0);
$redirect = $this->_input->filterSingle('redirect', XenForo_Input::STRING);
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $redirect ? $redirect : XenForo_Link::buildPublicLink('index'));
}
public static function logout()
{
self::start();
if (!self::userLoad()) {
return;
}
if (XenForo_Visitor::getInstance()->get('is_admin')) {
$adminSession = new XenForo_Session(array('admin' => true));
$adminSession->start();
if ($adminSession->get('user_id') == XenForo_Visitor::getUserId()) {
$adminSession->delete();
}
}
XenForo_Model::create('XenForo_Model_Session')->processLastActivityUpdateForLogOut(XenForo_Visitor::getUserId());
XenForo_Application::get('session')->delete();
XenForo_Helper_Cookie::deleteAllCookies(array('session'), array('user' => array('httpOnly' => false)));
XenForo_Visitor::setup(0);
}
protected function _setupSession($action)
{
if (!XenForo_Application::isRegistered('session')) {
if ($this->_noRedirect() && $this->_routeMatch->getResponseType() === 'json' && $this->_input->filterSingle('_layoutEditor', XenForo_Input::BOOLEAN)) {
// use public session if the page is being requested within layout editor
// this poses a slight security risk but UX benefit is tremendous
// TODO: keep an eye on it
XenForo_Session::startPublicSession($this->_request);
}
}
parent::_setupSession($action);
}
public function actionTest()
{
$this->assertAdminPermission('user');
$publicSession = new XenForo_Session();
$publicSession->start();
if ($publicSession->get('user_id') != XenForo_Visitor::getUserId()) {
return $this->responseError(new XenForo_Phrase('please_login_via_public_login_page_before_testing_permissions'));
}
if ($this->_request->isPost()) {
$username = $this->_input->filterSingle('username', XenForo_Input::STRING);
/* @var $userModel XenForo_Model_User */
$userModel = $this->getModelFromCache('XenForo_Model_User');
$user = $userModel->getUserByName($username);
if (!$user) {
return $this->responseError(new XenForo_Phrase('requested_user_not_found'), 404);
}
$publicSession->set('permissionTest', array('user_id' => $user['user_id'], 'username' => $user['username']));
$publicSession->save();
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink('index'));
} else {
return $this->responseView('XenForo_ViewAdmin_Permission_Test', 'permission_test');
}
}
public function __construct()
{
$startTime = microtime(true);
$xf_path = Yii::getPathOfAlias('webroot') . '/forum';
Yii::registerAutoloader(array('XenforeLoader', 'autoload'), true);
XenForo_Autoloader::getInstance()->setupAutoloader($xf_path . '/library');
XenForo_Application::initialize($xf_path . '/library', $xf_path);
XenForo_Application::set('page_start_time', $startTime);
XenForo_Application::disablePhpErrorHandler();
error_reporting(E_ALL ^ E_NOTICE ^ E_USER_NOTICE ^ E_WARNING);
$dependencies = new XenForo_Dependencies_Public();
$dependencies->preLoadData();
XenForo_Session::startPublicSession();
$this->visitor = XenForo_Visitor::getInstance();
/*$fc = new XenForo_FrontController(new XenForo_Dependencies_Public());
ob_start();
$fc->run();
$content = ob_get_clean();*/
}
/**
* Uses the XenForo_Autoloader to initialize and startPublicSession to get
* and instance of the Visitor, if there is one.
*
* @return int
*/
function authenticateSession()
{
/**
* Get the xenForo Autoloader
*/
if (is_dir($this->fileDir)) {
require $this->fileDir . '/library/XenForo/Autoloader.php';
XenForo_Autoloader::getInstance()->setupAutoloader($this->fileDir . '/library');
/**
* initialize
*/
XenForo_Application::initialize($this->fileDir . '/library', $this->fileDir);
XenForo_Session::startPublicSession();
$this->xfUser = XenForo_Visitor::getInstance();
return $this->xfUser->getUserId();
}
die('no path');
// TODO: CI error log
return false;
}
public function adminLogout()
{
$session = new XenForo_Session(array('admin' => true));
$session->start();
if ($session->get('user_id') == $this->getVisitor()->getUserId()) {
return $session->delete();
}
return true;
}
public function login($user_id, $username, $ip_address)
{
$session = XenForo_Session::startPublicSession();
$session->set('user_id', $user_id);
$session->set('username', $username);
$session->set('ip', XenForo_Helper_Ip::convertIpStringToBinary($ip_address));
//$session->set('userAgent', $user_agent);
$session->saveSessionToSource($session->getSessionId(), false);
return $session;
}
public function isParentLoggedIn($viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
$sessionId = XenForo_Session::getPublicSession(new Zend_Controller_Request_Http())->getSessionId();
if (!isset($viewingUser['parent_session']) || !$viewingUser['parent_session'] || $viewingUser['parent_session'] != $sessionId) {
return false;
}
return true;
}
public function start($sessionId = null, $ipAddress = null)
{
parent::start($sessionId, $ipAddress);
/* @var $oauth2Model bdApi_Model_OAuth2 */
$oauth2Model = XenForo_Model::create('bdApi_Model_OAuth2');
$helper = bdApi_Template_Helper_Core::getInstance();
$this->_oauthToken = $oauth2Model->getServer()->getEffectiveToken();
if (empty($this->_oauthToken) and isset($_REQUEST['oauth_token'])) {
// added support for one time oauth token
$parts = explode(',', $_REQUEST['oauth_token']);
$userId = 0;
$timestamp = 0;
$once = '';
$client = null;
if (count($parts) == 4) {
$userId = intval($parts[0]);
$timestamp = intval($parts[1]);
$once = $parts[2];
if ($timestamp >= XenForo_Application::$time) {
$client = $oauth2Model->getClientModel()->getClientById($parts[3]);
}
}
if (!empty($client)) {
if ($userId == 0) {
// guest
if ($once == md5($userId . $timestamp . $client['client_secret'])) {
// make up fake token with full scopes for guest
$this->_oauthToken = array('token_id' => 0, 'client_id' => $client['client_id'], 'token_text' => '', 'expire_date' => XenForo_Application::$time, 'issue_date' => XenForo_Application::$time, 'user_id' => $userId, 'scope' => $helper->scopeJoin($oauth2Model->getSystemSupportedScopes()));
}
} else {
// user
$userTokens = $oauth2Model->getTokenModel()->getTokens(array('user_id' => $userId));
foreach ($userTokens as $userToken) {
if ($userToken['expire_date'] >= XenForo_Application::$time) {
if ($once == md5($userId . $timestamp . $userToken['token_text'] . $client['client_secret'])) {
$this->_oauthToken = $userToken;
}
}
}
}
if (!empty($this->_oauthToken)) {
// oauth token is set using one time token
// update the token text to avoid exposing real access token
$this->_oauthToken['token_text'] = $_REQUEST['oauth_token'];
}
}
}
if (!empty($this->_oauthToken)) {
if (!empty($this->_oauthToken['user_id'])) {
$this->changeUserId($this->_oauthToken['user_id']);
}
$scopes = $helper->scopeSplit($this->_oauthToken['scope']);
$this->set('scopes', $scopes);
} else {
$guestScopes = array();
if (!bdApi_Option::get('restrictAccess')) {
$guestScopes[] = bdApi_Model_OAuth2::SCOPE_READ;
}
$this->set('scopes', $guestScopes);
}
}
/**
* Confirms a lost password reset request and resets the password.
*
* @return XenForo_ControllerResponse_Abstract
*/
public function actionParentalControlLostPasswordConfirm()
{
$confirmationModel = $this->_getUserConfirmationModel();
$visitor = XenForo_Visitor::getInstance();
$sessionId = XenForo_Session::getPublicSession(new Zend_Controller_Request_Http())->getSessionId();
if (isset($visitor['parent_session']) && $visitor['parent_session'] && $visitor['parent_session'] == $sessionId) {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::RESOURCE_CANONICAL, XenForo_Link::buildPublicLink('account/parental-control'));
}
$userId = XenForo_Visitor::getUserId();
$confirmation = $confirmationModel->getUserConfirmationRecord($userId, 'parent_password');
if (!$confirmation) {
if (XenForo_Visitor::getUserId()) {
return $this->responseError(new XenForo_Phrase('your_password_could_not_be_reset'));
}
}
$confirmationKey = $this->_input->filterSingle('c', XenForo_Input::STRING);
if ($confirmationKey) {
$accountConfirmed = $confirmationModel->validateUserConfirmationRecord($confirmationKey, $confirmation);
} else {
$accountConfirmed = false;
}
if ($accountConfirmed) {
$confirmationModel->resetParentPassword($userId);
$confirmationModel->deleteUserConfirmationRecord($userId, 'password');
return $this->responseMessage(new XenForo_Phrase('your_password_has_been_reset'));
} else {
return $this->responseError(new XenForo_Phrase('your_password_could_not_be_reset'));
}
}
public function actionComplete()
{
$session = XenForo_Session::startPublicSession();
$worldId = $session->get('gw2_world');
$session->set('gw2_world', '');
if (!$worldId) {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink(''), '');
}
$viewParams = array('world' => $worldId);
return $this->responseView('Moturdrn_TS3GW2Auth_ViewPublic_Complete', 'Moturdrn_TS3GW2Auth_Complete', $viewParams);
}
public function actionReveal()
{
$publicSession = new XenForo_Session();
$publicSession->start();
if ($publicSession->get('user_id') != XenForo_Visitor::getUserId()) {
return $this->responseError(new XenForo_Phrase('please_login_via_public_login_page_before_testing_permissions'));
}
$publicSession->set('_WidgetFramework_reveal', true);
$publicSession->save();
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink('index'));
}
/**
* Starts the admin session and sets up the visitor.
*
* @param Zend_Controller_Request_Http|null $request
*
* @return XenForo_Session
*/
public static function startAdminSession(Zend_Controller_Request_Http $request = null)
{
$session = new XenForo_Session(array('admin' => true));
$session->start();
XenForo_Application::set('session', $session);
XenForo_Visitor::setup($session->get('user_id'));
return $session;
}
$nav = array();
require HR_INC . 'logging.php';
require HR_INC . 'std.php';
// Load up the XenForo system
Log::add('Begin initialising XenForo...');
$startTime = microtime(true);
//$fileDir = realpath('./../forums/');
$fileDir = '/home2/bukkit/public_html/forums/';
require $fileDir . '/library/XenForo/Autoloader.php';
XenForo_Autoloader::getInstance()->setupAutoloader($fileDir . '/library');
XenForo_Application::initialize($fileDir . '/library', $fileDir);
XenForo_Application::set('page_start_time', $startTime);
// Not required if you are not using any of the preloaded data
$dependencies = new XenForo_Dependencies_Public();
$dependencies->preLoadData();
XenForo_Session::startPublicSession();
Log::add('XF initialisation complete!');
// End XenForo
inc('db.php');
inc('content.php');
inc('sidebar.php');
inc('user.php');
inc('template.php');
inc('message.php');
inc('plugin.php');
// Mandatory include-everywhere libraries
inclib('phpmailer/class.phpmailer.php');
// because then we can set defaults here
$mailer = new PHPMailer();
$mailer->SetFrom('*****@*****.**', 'hRepo System');
$mailer->IsSendmail();
/**
* Intercept a request for a link redirect
*
* @param string|bool $error If non-false, an error that occurred when validating the request
*/
protected function _outputLinkRedirect($error)
{
if ($error === 'invalid_url') {
header('Content-Type: text/html; utf-8', true, 500);
die('Invalid URL');
}
if (empty(XenForo_Application::getOptions()->imageLinkProxy['links'])) {
$error = 'disabled';
}
if (!$error) {
/* @var $proxyModel XenForo_Model_LinkProxy */
$proxyModel = XenForo_Model::create('XenForo_Model_LinkProxy');
$proxyModel->logVisit($this->_url);
header('Location: ' . $this->_url, true, 302);
exit;
}
$request = new Zend_Controller_Request_Http();
XenForo_Session::startPublicSession($request);
$this->_dependencies->preRenderView();
if (!preg_match('#^https?://#i', $this->_url)) {
throw new Exception('Unsafe proxy URL: ' . $this->_url);
}
$printable = urldecode($this->_url);
if (!preg_match('/./u', $printable)) {
$printable = $this->_url;
}
$renderer = new XenForo_ViewRenderer_HtmlPublic($this->_dependencies, $this->_response, $request);
$contents = $renderer->createTemplateObject('link_redirect', array('url' => $this->_url, 'printable' => $printable, 'parts' => parse_url($this->_url)));
$containerParams = $this->_dependencies->getEffectiveContainerParams(array(), $request);
$output = $renderer->renderContainer($contents, $containerParams);
$extraHeaders = XenForo_Application::gzipContentIfSupported($output);
foreach ($extraHeaders as $extraHeader) {
$this->_response->setHeader($extraHeader[0], $extraHeader[1], $extraHeader[2]);
}
$this->_response->setHeader('X-Proxy-Error', $error);
$this->_response->sendHeaders();
echo $output;
}
