function xoops_user_validate($username, $password, $validate)
 {
     global $xoopsModuleConfig, $xoopsConfig;
     if ($xoopsModuleConfig['site_user_auth'] == 1) {
         if ($ret = check_for_lock(basename(__FILE__), $username, $password)) {
             return $ret;
         }
         if (!checkright(basename(__FILE__), $username, $password)) {
             mark_for_lock(basename(__FILE__), $username, $password);
             return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in');
         }
     }
     if ($validate['passhash'] != '') {
         if ($validate['passhash'] != sha1($validate['time'] - $validate['rand'] . $validate['uname'] . $validate['pass'])) {
             return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
         }
     } else {
         return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
     }
     include_once XOOPS_ROOT_PATH . '/class/auth/authfactory.php';
     include_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/auth.php';
     $xoopsAuth =& XoopsAuthFactory::getAuthConnection($myts->addSlashes($validate['uname']));
     if (check_auth_class($xoopsAuth) == true) {
         $result = $xoopsAuth->validate($validate['uname'], $validate['email'], $validate['pass'], $validate['vpass']);
         return $result;
     } else {
         return array('ERRNUM' => 1, 'RESULT' => XoopsUserUtility::validate($validate['uname'], $validate['email'], $validate['pass'], $validate['vpass']));
     }
 }
function xoops_authentication($username, $password, $auth)
{
    global $xoopsModuleConfig, $xoopsConfig;
    if ($xoopsModuleConfig['site_user_auth'] == 1) {
        if ($ret = check_for_lock(basename(__FILE__), $username, $password)) {
            return $ret;
        }
        if (!checkright(basename(__FILE__), $username, $password)) {
            mark_for_lock(basename(__FILE__), $username, $password);
            return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in');
        }
    }
    if ($auth['passhash'] != '') {
        if ($auth['passhash'] != sha1($auth['time'] - $auth['rand'] . $auth['username'] . $auth['password'])) {
            return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
        }
    } else {
        return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
    }
    require_once XOOPS_ROOT_PATH . '/class/auth/authfactory.php';
    require_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/auth.php';
    $xoopsAuth =& XoopsAuthFactory::getAuthConnection(addslashes($auth['username']));
    $user = $xoopsAuth->authenticate(addslashes($auth['username']), addslashes($auth['password']));
    if (is_object($user)) {
        $row = array("uid" => $user->getVar('uid'), "uname" => $user->getVar('uname'), "email" => $user->getVar('email'), "user_from" => $user->getVar('user_from'), "name" => $user->getVar('name'), "url" => $user->getVar('url'), "user_icq" => $user->getVar('user_icq'), "user_sig" => $user->getVar('user_sig'), "user_viewemail" => $user->getVar('user_viewemail'), "user_aim" => $user->getVar('user_aim'), "user_yim" => $user->getVar('user_yim'), "user_msnm" => $user->getVar('user_msnm'), "attachsig" => $user->getVar('attachsig'), "timezone_offset" => $user->getVar('timezone_offset'), "notify_method" => $user->getVar('notify_method'), "user_occ" => $user->getVar('user_occ'), "bio" => $user->getVar('bio'), "user_intrest" => $user->getVar('user_intrest'), "user_mailok" => $user->getVar('user_mailok'));
    }
    if (!empty($row)) {
        return array("ERRNUM" => 1, "RESULT" => $row);
    } else {
        return array("ERRNUM" => 3, "ERRTXT" => _ERR_FUNCTION_FAIL);
    }
}
function xoops_network_disclaimer($username, $password)
{
    global $xoopsModuleConfig, $xoopsConfig;
    if ($xoopsModuleConfig['site_user_auth'] == 1) {
        if ($ret = check_for_lock(basename(__FILE__), $username, $password)) {
            return $ret;
        }
        if (!checkright(basename(__FILE__), $username, $password)) {
            mark_for_lock(basename(__FILE__), $username, $password);
            return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in');
        }
    }
    include_once XOOPS_ROOT_PATH . '/class/auth/authfactory.php';
    include_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/auth.php';
    $xoopsAuth =& XoopsAuthFactory::getAuthConnection();
    if (check_auth_class($xoopsAuth) == true) {
        $result = $xoopsAuth->network_disclaimer();
        return $result;
    } else {
        $config_handler =& xoops_gethandler('config');
        $xoopsConfigUser =& $config_handler->getConfigsByCat(XOOPS_CONF_USER);
        return array("ERRNUM" => 1, "RESULT" => $xoopsConfigUser['reg_disclaimer']);
    }
}
Esempio n. 4
0
    ?>
</button>
        </div>
        <input type="hidden" name="xoops_redirect" value="/upgrade/index.php"/>
    </form>
    <?php 
} else {
    $myts = MyTextSanitizer::getInstance();
    $uname = !isset($_POST['uname']) ? '' : $myts->addSlashes(trim($_POST['uname']));
    $pass = !isset($_POST['pass']) ? '' : $myts->addSlashes(trim($_POST['pass']));
    $member_handler = xoops_getHandler('member');
    include_once XOOPS_ROOT_PATH . '/class/auth/authfactory.php';
    if (!@(include_once XOOPS_ROOT_PATH . '/language/' . $upgrade_language . '/auth.php')) {
        include_once XOOPS_ROOT_PATH . '/language/english/auth.php';
    }
    $xoopsAuth =& XoopsAuthFactory::getAuthConnection($uname);
    $user = $xoopsAuth->authenticate($uname, $pass);
    // For XOOPS 2.2*
    if (!is_object($user)) {
        $criteria = new CriteriaCompo(new Criteria('loginname', $uname));
        $criteria->add(new Criteria('pass', md5($pass)));
        list($user) = $member_handler->getUsers($criteria);
    }
    $isAllowed = false;
    if (is_object($user) && $user->getVar('level') > 0) {
        $isAllowed = true;
        if ($xoopsConfig['closesite'] == 1) {
            $groups = $user->getGroups();
            if (in_array(XOOPS_GROUP_ADMIN, $groups) || array_intersect($groups, $xoopsConfig['closesite_okgrp'])) {
                $isAllowed = true;
            } else {
Esempio n. 5
0
 * @author          John Neill <*****@*****.**>
 * @version         $Id: checklogin.php 3541 2009-08-31 23:02:37Z trabis $
 */
defined('XOOPS_ROOT_PATH') or die('Restricted access');
xoops_loadLanguage('user');
$uname = !isset($_POST['uname']) ? '' : trim($_POST['uname']);
$pass = !isset($_POST['pass']) ? '' : trim($_POST['pass']);
if ($uname == '' || $pass == '') {
    redirect_header(XOOPS_URL . '/user.php', 1, _US_INCORRECTLOGIN);
    exit;
}
$member_handler =& xoops_gethandler('member');
$myts =& MyTextsanitizer::getInstance();
include_once $GLOBALS['xoops']->path('class/auth/authfactory.php');
xoops_loadLanguage('auth');
$xoopsAuth =& XoopsAuthFactory::getAuthConnection($myts->addSlashes($uname));
$user = $xoopsAuth->authenticate($myts->addSlashes($uname), $myts->addSlashes($pass));
if (false != $user) {
    if (0 == $user->getVar('level')) {
        redirect_header(XOOPS_URL . '/index.php', 5, _US_NOACTTPADM);
        exit;
    }
    if ($xoopsConfig['closesite'] == 1) {
        $allowed = false;
        foreach ($user->getGroups() as $group) {
            if (in_array($group, $xoopsConfig['closesite_okgrp']) || XOOPS_GROUP_ADMIN == $group) {
                $allowed = true;
                break;
            }
        }
        if (!$allowed) {
Esempio n. 6
0
if (!defined('XOOPS_ROOT_PATH')) {
    exit;
}
include_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/user.php';
$uname = !isset($_POST['uname']) ? '' : trim($_POST['uname']);
$pass = !isset($_POST['pass']) ? '' : trim($_POST['pass']);
if ($uname == '' || $pass == '') {
    redirect_header(XOOPS_URL . '/user.php', 1, _US_INCORRECTLOGIN);
    exit;
}
$member_handler =& xoops_gethandler('member');
$myts =& MyTextsanitizer::getInstance();
// Place here the Auth class calls
//**** BEGIN AUTH ****
require_once XOOPS_ROOT_PATH . '/class/auth/authfactory.php';
$xoopsAuth =& XoopsAuthFactory::getAuthConnection();
$auth = $xoopsAuth->authenticate($myts->addSlashes($uname), $myts->addSlashes($pass));
if (!$auth) {
    redirect_header(XOOPS_URL . '/user.php', 5, _US_INCORRECTLOGIN . $xoopsAuth->getHtmlErrors());
    exit;
}
//**** END AUTH ****
$user =& $member_handler->loginUser($myts->addSlashes($uname), $myts->addslashes($pass));
if (false != $user) {
    if (0 >= $user->getVar('level')) {
        redirect_header(XOOPS_URL . '/index.php', 5, _US_NOACTTPADM);
        exit;
    }
    if ($xoopsConfig['closesite'] == 1) {
        $allowed = false;
        foreach ($user->getGroups() as $group) {
function xoops_create_user($username, $password, $user, $siteinfo)
{
    xoops_load("userUtility");
    global $xoopsModuleConfig, $xoopsConfig;
    if ($xoopsModuleConfig['site_user_auth'] == 1) {
        if ($ret = check_for_lock(basename(__FILE__), $username, $password)) {
            return $ret;
        }
        if (!checkright(basename(__FILE__), $username, $password)) {
            mark_for_lock(basename(__FILE__), $username, $password);
            return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in');
        }
    }
    return array("Username" => $username, "password" => $password, 'user' => $user, 'siteinfo' => $siteinfo);
    if ($user['passhash'] != '') {
        if ($user['passhash'] != sha1($user['time'] - $user['rand'] . $user['uname'] . $user['pass'])) {
            return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
        }
    } else {
        return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
    }
    foreach ($user as $k => $l) {
        ${$k} = $l;
    }
    include_once XOOPS_ROOT_PATH . '/class/auth/authfactory.php';
    include_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/auth.php';
    $xoopsAuth =& XoopsAuthFactory::getAuthConnection($uname);
    if (check_auth_class($xoopsAuth) == true) {
        $result = $xoopsAuth->create_user($user_viewemail, $uname, $email, $url, $actkey, $pass, $timezone_offset, $user_mailok, $siteinfo);
        return $result;
    } else {
        if (strlen(userCheck($uname, $email, $pass, $pass)) == 0) {
            global $xoopsConfig;
            $config_handler =& xoops_gethandler('config');
            $xoopsConfigUser =& $config_handler->getConfigsByCat(XOOPS_CONF_USER);
            $member_handler =& xoops_gethandler('member');
            $newuser =& $member_handler->createUser();
            $newuser->setVar('user_viewemail', $user_viewemail, true);
            $newuser->setVar('uname', $uname, true);
            $newuser->setVar('email', $email, true);
            if ($url != '') {
                $newuser->setVar('url', formatURL($url), true);
            }
            $newuser->setVar('user_avatar', 'blank.gif', true);
            if (empty($actkey)) {
                $actkey = substr(md5(uniqid(mt_rand(), 1)), 0, 8);
            }
            $newuser->setVar('actkey', $actkey, true);
            $newuser->setVar('pass', md5($pass), true);
            $newuser->setVar('timezone_offset', $timezone_offset, true);
            $newuser->setVar('user_regdate', time(), true);
            $newuser->setVar('uorder', $xoopsConfig['com_order'], true);
            $newuser->setVar('umode', $xoopsConfig['com_mode'], true);
            $newuser->setVar('user_mailok', $user_mailok, true);
            $newuser->setVar('user_intrest', _US_USERREG . ' @ ' . $xoops_url, true);
            if ($xoopsConfigUser['activation_type'] == 1) {
                $newuser->setVar('level', 1, true);
            }
            if (!$member_handler->insertUser($newuser, true)) {
                $return = array('state' => 1, "text" => _US_REGISTERNG);
            } else {
                $newid = $newuser->getVar('uid');
                if (!$member_handler->addUserToGroup(XOOPS_GROUP_USERS, $newid)) {
                    $return = array('state' => 1, "text" => _US_REGISTERNG);
                }
                if ($xoopsConfigUser['activation_type'] == 1) {
                    $return = array('state' => 2, "user" => $uname);
                }
                // Sending notification email to user for self activation
                if ($xoopsConfigUser['activation_type'] == 0) {
                    $xoopsMailer =& xoops_getMailer();
                    $xoopsMailer->useMail();
                    $xoopsMailer->setTemplate('register.tpl');
                    $xoopsMailer->assign('SITENAME', $siteinfo['sitename']);
                    $xoopsMailer->assign('ADMINMAIL', $siteinfo['adminmail']);
                    $xoopsMailer->assign('SITEURL', XOOPS_URL . "/");
                    $xoopsMailer->setToUsers(new XoopsUser($newid));
                    $xoopsMailer->setFromEmail($siteinfo['adminmail']);
                    $xoopsMailer->setFromName($siteinfo['sitename']);
                    $xoopsMailer->setSubject(sprintf(_US_USERKEYFOR, $uname));
                    if (!$xoopsMailer->send()) {
                        $return = array('state' => 1, "text" => _US_YOURREGMAILNG);
                    } else {
                        $return = array('state' => 1, "text" => _US_YOURREGISTERED);
                    }
                    // Sending notification email to administrator for activation
                } elseif ($xoopsConfigUser['activation_type'] == 2) {
                    $xoopsMailer =& xoops_getMailer();
                    $xoopsMailer->useMail();
                    $xoopsMailer->setTemplate('adminactivate.tpl');
                    $xoopsMailer->assign('USERNAME', $uname);
                    $xoopsMailer->assign('USEREMAIL', $email);
                    if ($siteinfo['xoops_url'] == XOOPS_URL) {
                        $xoopsMailer->assign('USERACTLINK', $siteinfo['xoops_url'] . '/register.php?op=actv&id=' . $newid . '&actkey=' . $actkey);
                    }
                } else {
                    $xoopsMailer->assign('USERACTLINK', $siteinfo['xoops_url'] . '/register.php?op=actv&uname=' . $uname . '&actkey=' . $actkey);
                }
                $xoopsMailer->assign('SITENAME', $siteinfo['sitename']);
                $xoopsMailer->assign('ADMINMAIL', $siteinfo['adminmail']);
                $xoopsMailer->assign('SITEURL', $siteinfo['xoops_url'] . "/");
                $member_handler =& xoops_gethandler('member');
                $xoopsMailer->setToGroups($member_handler->getGroup($xoopsConfigUser['activation_group']));
                $xoopsMailer->setFromEmail($siteinfo['adminmail']);
                $xoopsMailer->setFromName($siteinfo['sitename']);
                $xoopsMailer->setSubject(sprintf(_US_USERKEYFOR, $uname));
                if (!$xoopsMailer->send()) {
                    $return = array('state' => 1, "text" => _US_YOURREGMAILNG);
                } else {
                    $return = array('state' => 1, "text" => _US_YOURREGISTERED2);
                }
            }
            if ($xoopsConfigUser['new_user_notify'] == 1 && !empty($xoopsConfigUser['new_user_notify_group'])) {
                $xoopsMailer =& xoops_getMailer();
                $xoopsMailer->useMail();
                $member_handler =& xoops_gethandler('member');
                $xoopsMailer->setToGroups($member_handler->getGroup($xoopsConfigUser['new_user_notify_group']));
                $xoopsMailer->setFromEmail($siteinfo['adminmail']);
                $xoopsMailer->setFromName($siteinfo['sitename']);
                $xoopsMailer->setSubject(sprintf(_US_NEWUSERREGAT, $xoopsConfig['sitename']));
                $xoopsMailer->setBody(sprintf(_US_HASJUSTREG, $uname));
                $xoopsMailer->send();
            }
            if (strpos(strtolower($_SERVER['HTTP_HOST']), 'xortify.com')) {
                define('XORTIFY_API_LOCAL', 'http://xortify.chronolabs.coop/soap/');
                define('XORTIFY_API_URI', 'http://xortify.chronolabs.coop/soap/');
            } else {
                define('XORTIFY_API_LOCAL', 'http://xortify.com/soap/');
                define('XORTIFY_API_URI', 'http://xortify.com/soap/');
            }
            $soap_client = @new soapclient(NULL, array('location' => XORTIFY_API_LOCAL, 'uri' => XORTIFY_API_URI));
            $result = @$soap_client->__soapCall('xoops_create_user', array("username" => $username, "password" => $password, "user" => $user, "siteinfo" => $siteinfo));
            return array("ERRNUM" => 1, "RESULT" => $return);
        } else {
            return array("ERRNUM" => 1, "RESULT" => array('state' => 1, 'text' => userCheck($uname, $email, $pass, $pass)));
        }
    }
}
function xoops_check_activation($username, $password, $user)
{
    global $xoopsModuleConfig, $xoopsConfig;
    if ($xoopsModuleConfig['site_user_auth'] == 1) {
        if ($ret = check_for_lock(basename(__FILE__), $username, $password)) {
            return $ret;
        }
        if (!checkright(basename(__FILE__), $username, $password)) {
            mark_for_lock(basename(__FILE__), $username, $password);
            return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in');
        }
    }
    if ($user['passhash'] != '') {
        if ($user['passhash'] != sha1($user['time'] - $user['rand'] . $user['uname'] . $user['actkey'])) {
            return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
        }
    } else {
        return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
    }
    foreach ($user as $k => $l) {
        ${$k} = $l;
    }
    $siteinfo = check_siteinfo($siteinfo);
    include_once XOOPS_ROOT_PATH . '/class/auth/authfactory.php';
    include_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/auth.php';
    $xoopsAuth =& XoopsAuthFactory::getAuthConnection(addslashes($uname));
    if (check_auth_class($xoopsAuth) == true) {
        $result = $xoopsAuth->check_activation($uname, $actkey, $siteinfo);
        return $result;
    } else {
        global $xoopsConfig, $xoopsConfigUser;
        global $xoopsDB;
        $sql = "SELECT uid FROM " . $xoopsDB->prefix('users') . " WHERE uname = '{$uname}'";
        $ret = $xoopsDB->query($sql);
        $row = $xoopsDB->fetchArray($ret);
        $member_handler =& xoops_gethandler('member');
        $thisuser =& $member_handler->getUser($row['uid']);
        if (!is_object($thisuser)) {
            exit;
        }
        if ($thisuser->getVar('actkey') != $actkey) {
            $return = array("state" => _US_STATE_ONE, "action" => "redirect_header", "url" => 'index.php', "opt" => 5, "text" => _US_ACTKEYNOT);
        } else {
            if ($thisuser->getVar('level') > 0) {
                $return = array("state" => _US_STATE_ONE, "action" => "redirect_header", "url" => 'user.php', "opt" => 5, "text" => _US_ACONTACT, "set" => false);
            } else {
                if (false != $member_handler->activateUser($thisuser)) {
                    $config_handler =& xoops_gethandler('config');
                    $xoopsConfigUser = $config_handler->getConfigsByCat(XOOPS_CONF_USER);
                    if ($xoopsConfigUser['activation_type'] == 2) {
                        $myts =& MyTextSanitizer::getInstance();
                        $xoopsMailer =& xoops_getMailer();
                        $xoopsMailer->useMail();
                        $xoopsMailer->setTemplate('activated.tpl');
                        $xoopsMailer->assign('SITENAME', $siteinfo['sitename']);
                        $xoopsMailer->assign('ADMINMAIL', $siteinfo['adminmail']);
                        $xoopsMailer->assign('SITEURL', $siteinfo['xoops_url'] . "/");
                        $xoopsMailer->setToUsers($thisuser);
                        $xoopsMailer->setFromEmail($siteinfo['adminmail']);
                        $xoopsMailer->setFromName($siteinfo['sitename']);
                        $xoopsMailer->setSubject(sprintf(_US_YOURACCOUNT, $siteinfo['sitename']));
                        if (!$xoopsMailer->send()) {
                            $return = array("state" => _US_STATE_TWO, "text" => sprintf(_US_ACTVMAILNG, $thisuser->getVar('uname')));
                        } else {
                            $return = array("state" => _US_STATE_TWO, "text" => sprintf(_US_ACTVMAILOK, $thisuser->getVar('uname')));
                        }
                    } else {
                        $local = explode(' @ ', $thisuser->getVar('user_intrest'));
                        if ($local[0] == _US_USERREG) {
                            $return = array("state" => _US_STATE_ONE, "action" => "redirect_header", "url" => $local[1] . '/user.php', "opt" => 5, "text" => _US_ACTLOGIN, "set" => false);
                        } else {
                            $return = array("state" => _US_STATE_ONE, "action" => "redirect_header", "url" => 'user.php', "opt" => 5, "text" => _US_ACTLOGIN, "set" => false);
                        }
                    }
                } else {
                    $return = array("state" => _US_STATE_ONE, "action" => "redirect_header", "url" => 'index.php', "opt" => 5, "text" => 'Activation failed!');
                }
            }
        }
        return $return;
    }
}