/**
* Returns the ip address.
*
* @return string
*/
public function getFormattedIPAddress()
{
if ($address = UserUtil::convertIPv6To4($this->ipAddress)) {
return $address;
}
return $this->ipAddress;
}
/**
* Returns the active virtual session object or null.
*
* @param string $sessionID
* @return \wcf\data\session\virtual\SessionVirtual
*/
public static function getExistingSession($sessionID)
{
$sql = "SELECT\t*\n\t\t\tFROM\t" . static::getDatabaseTableName() . "\n\t\t\tWHERE\tsessionID = ?\n\t\t\t\tAND ipAddress = ?\n\t\t\t\tAND userAgent = ?";
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array($sessionID, UserUtil::getIpAddress(), UserUtil::getUserAgent()));
return $statement->fetchObject(__CLASS__);
}
/**
* @see \wcf\system\event\listener\IParameterizedEventListener::execute()
*/
public function execute($eventObj, $className, $eventName, array &$parameters)
{
if (WCF::getUser()->userID && WCF::getSession()->getPermission('admin.general.canUseAcp') && !defined(get_class($eventObj) . '::DO_NOT_LOG')) {
// try to find existing session log
$sql = "SELECT\tsessionLogID\n\t\t\t\tFROM\twcf" . WCF_N . "_acp_session_log\n\t\t\t\tWHERE\tsessionID = ?\n\t\t\t\t\tAND lastActivityTime >= ?";
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array(WCF::getSession()->sessionID, TIME_NOW - SESSION_TIMEOUT));
$row = $statement->fetchArray();
if (!empty($row['sessionLogID'])) {
$sessionLogID = $row['sessionLogID'];
$sessionLogEditor = new ACPSessionLogEditor(new ACPSessionLog(null, array('sessionLogID' => $sessionLogID)));
$sessionLogEditor->update(array('lastActivityTime' => TIME_NOW));
} else {
// create new session log
$sessionLog = ACPSessionLogEditor::create(array('sessionID' => WCF::getSession()->sessionID, 'userID' => WCF::getUser()->userID, 'ipAddress' => UserUtil::getIpAddress(), 'hostname' => @gethostbyaddr(WCF::getSession()->ipAddress), 'userAgent' => WCF::getSession()->userAgent, 'time' => TIME_NOW, 'lastActivityTime' => TIME_NOW));
$sessionLogID = $sessionLog->sessionLogID;
}
// format request uri
$requestURI = WCF::getSession()->requestURI;
// remove directories
$URIComponents = explode('/', $requestURI);
$requestURI = array_pop($URIComponents);
// remove session url
$requestURI = preg_replace('/(?:\\?|&)s=[a-f0-9]{40}/', '', $requestURI);
// save access
ACPSessionAccessLogEditor::create(array('sessionLogID' => $sessionLogID, 'ipAddress' => UserUtil::getIpAddress(), 'time' => TIME_NOW, 'requestURI' => $requestURI, 'requestMethod' => WCF::getSession()->requestMethod, 'className' => get_class($eventObj)));
}
}
/**
* Validates given email address.
*
* @return array
*/
public function validateEmailAddress()
{
if (!UserRegistrationUtil::isValidEmail($this->parameters['email'])) {
return array('isValid' => false, 'error' => 'notValid');
}
if (!UserUtil::isAvailableEmail($this->parameters['email'])) {
return array('isValid' => false, 'error' => 'notUnique');
}
return array('isValid' => true);
}
/**
* @see wcf\system\option\IOptionType::getData()
*/
public function getData(Option $option, $newValue)
{
if (!empty($newValue)) {
$ips = explode("\n", $newValue);
foreach ($ips as &$ip) {
$ip = trim($ip);
$ip = UserUtil::convertIPv4To6($ip);
}
unset($ip);
$newValue = implode("\n", $ips);
}
return $newValue;
}
/**
* @see \wcf\form\IForm::readFormParameters()
*/
public function readFormParameters()
{
parent::readFormParameters();
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'register') {
// if the username field is an email, save it as email for the registration
if (UserUtil::isValidEmail($this->username)) {
WCF::getSession()->register('__email', $this->username);
} else {
WCF::getSession()->register('__username', $this->username);
}
WCF::getSession()->update();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('Register'));
exit;
}
$this->useCookies = 0;
if (isset($_POST['useCookies'])) {
$this->useCookies = intval($_POST['useCookies']);
}
}
/**
* Attention: This method does not always return a new object, in case a matching virtual session
* already exists, the existing session will be returned rather than a new session being created.
*
* @see \wcf\data\AbstractDatabaseObjectAction::create()
*/
public function create()
{
// try to find an existing virtual session
$baseClass = call_user_func(array($this->className, 'getBaseClass'));
$virtualSession = call_user_func(array($baseClass, 'getExistingSession'), $this->parameters['data']['sessionID']);
if ($virtualSession !== null) {
return $virtualSession;
}
if (!isset($this->parameters['data']['lastActivityTime'])) {
$this->parameters['data']['lastActivityTime'] = TIME_NOW;
}
if (!isset($this->parameters['data']['ipAddress'])) {
$this->parameters['data']['ipAddress'] = UserUtil::getIpAddress();
}
if (!isset($this->parameters['data']['userAgent'])) {
$this->parameters['data']['userAgent'] = UserUtil::getUserAgent();
}
return parent::create();
}
/**
* @see \wcf\form\IForm::validate()
*/
public function validate()
{
EventHandler::getInstance()->fireAction($this, 'validate');
// check given user id
$this->user = new User($this->userID);
if (!$this->user->userID) {
throw new UserInputException('u', 'notValid');
}
// user is already enabled
if ($this->user->reactivationCode == 0) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.emailActivation.error.emailAlreadyEnabled'));
}
// check whether the new email isn't unique anymore
if (!UserUtil::isAvailableEmail($this->user->newEmail)) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.email.error.notUnique'));
}
// check given activation code
if ($this->user->reactivationCode != $this->activationCode) {
throw new UserInputException('a', 'notValid');
}
}
/**
* Validates response.
*
* @param string $response
*/
public function validate($response)
{
// fail if response is empty to avoid sending api requests
if (empty($response)) {
throw new UserInputException('recaptchaString', 'false');
}
$request = new HTTPRequest('https://www.google.com/recaptcha/api/siteverify?secret=' . rawurlencode(RECAPTCHA_PRIVATEKEY) . '&response=' . rawurlencode($response) . '&remoteip=' . rawurlencode(UserUtil::getIpAddress()), array('timeout' => 10));
try {
$request->execute();
$reply = $request->getReply();
$data = JSON::decode($reply['body']);
if ($data['success']) {
// yeah
} else {
throw new UserInputException('recaptchaString', 'false');
}
} catch (SystemException $e) {
// log error, but accept captcha
$e->getExceptionID();
}
WCF::getSession()->register('recaptchaDone', true);
}
/**
* Exports posts.
*/
public function exportPosts($offset, $limit)
{
$sql = "SELECT\t\tpost_table.*, user_table.username AS editor\n\t\t\tFROM\t\t" . $this->databasePrefix . "posts post_table\n\t\t\tLEFT JOIN\t" . $this->databasePrefix . "users user_table\n\t\t\tON\t\tuser_table.uid = post_table.edituid\n\t\t\tWHERE\t\tpid BETWEEN ? AND ?\n\t\t\tORDER BY\tpid";
$statement = $this->database->prepareStatement($sql);
$statement->execute(array($offset + 1, $offset + $limit));
while ($row = $statement->fetchArray()) {
ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['pid'], array('threadID' => $row['tid'], 'userID' => $row['uid'], 'username' => $row['username'], 'subject' => $row['subject'], 'message' => self::fixBBCodes($row['message']), 'time' => $row['dateline'], 'isDisabled' => $row['visible'] ? 0 : 1, 'editorID' => $row['edituid'] ?: null, 'editor' => $row['editor'] ?: '', 'lastEditTime' => $row['edittime'], 'editCount' => $row['editor'] ? 1 : 0, 'enableSmilies' => $row['smilieoff'] ? 0 : 1, 'showSignature' => $row['includesig'], 'ipAddress' => UserUtil::convertIPv4To6($row['ipaddress'])));
}
}
public function getIpLog()
{
// get ip addresses of the author
$authorIpAddresses = News::getIpAddressByAuthor($this->news->userID, $this->news->username, $this->news->ipAddress);
// resolve hostnames
$newIpAddresses = array();
foreach ($authorIpAddresses as $ipAddress) {
$ipAddress = UserUtil::convertIPv6To4($ipAddress);
$newIpAddresses[] = array('hostname' => @gethostbyaddr($ipAddress), 'ipAddress' => $ipAddress);
}
$authorIpAddresses = $newIpAddresses;
// get other users of this ip address
$otherUsers = array();
if ($this->news->ipAddress) {
$otherUsers = News::getAuthorByIpAddress($this->news->ipAddress, $this->news->userID, $this->news->username);
}
$ipAddress = UserUtil::convertIPv6To4($this->news->ipAddress);
if ($this->news->userID) {
$sql = "SELECT\tregistrationIpAddress\n\t\t\t\tFROM\twcf" . WCF_N . "_user\n\t\t\t\tWHERE\tuserID = ?";
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array($this->news->userID));
$row = $statement->fetchArray();
if ($row !== false && $row['registrationIpAddress']) {
$registrationIpAddress = UserUtil::convertIPv6To4($row['registrationIpAddress']);
WCF::getTPL()->assign(array('registrationIpAddress' => array('hostname' => @gethostbyaddr($registrationIpAddress), 'ipAddress' => $registrationIpAddress)));
}
}
WCF::getTPL()->assign(array('authorIpAddresses' => $authorIpAddresses, 'ipAddress' => array('hostname' => @gethostbyaddr($ipAddress), 'ipAddress' => $ipAddress), 'otherUsers' => $otherUsers, 'news' => $this->news));
return array('newsID' => $this->news->newsID, 'template' => WCF::getTPL()->fetch('newsIpAddress', 'cms'));
}
/**
* @see \wcf\form\IForm::validate()
*/
public function validate()
{
if (!WCF::getUser()->userID) {
if (empty($this->email)) {
throw new UserInputException('email');
}
if (!UserUtil::isValidEmail($this->email)) {
throw new UserInputException('email', 'notValid');
}
}
if (empty($this->subject)) {
throw new UserInputException('subject');
}
if (empty($this->message)) {
throw new UserInputException('message');
}
parent::validate();
}
/**
* Executes the blacklist.
*/
protected function initBlacklist()
{
$isAjax = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest';
if (defined('BLACKLIST_IP_ADDRESSES') && BLACKLIST_IP_ADDRESSES != '') {
if (!StringUtil::executeWordFilter(UserUtil::convertIPv6To4(self::getSession()->ipAddress), BLACKLIST_IP_ADDRESSES)) {
if ($isAjax) {
throw new AJAXException(self::getLanguage()->get('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS);
} else {
throw new PermissionDeniedException();
}
} else {
if (!StringUtil::executeWordFilter(self::getSession()->ipAddress, BLACKLIST_IP_ADDRESSES)) {
if ($isAjax) {
throw new AJAXException(self::getLanguage()->get('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS);
} else {
throw new PermissionDeniedException();
}
}
}
}
if (defined('BLACKLIST_USER_AGENTS') && BLACKLIST_USER_AGENTS != '') {
if (!StringUtil::executeWordFilter(self::getSession()->userAgent, BLACKLIST_USER_AGENTS)) {
if ($isAjax) {
throw new AJAXException(self::getLanguage()->get('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS);
} else {
throw new PermissionDeniedException();
}
}
}
if (defined('BLACKLIST_HOSTNAMES') && BLACKLIST_HOSTNAMES != '') {
if (!StringUtil::executeWordFilter(@gethostbyaddr(self::getSession()->ipAddress), BLACKLIST_HOSTNAMES)) {
if ($isAjax) {
throw new AJAXException(self::getLanguage()->get('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS);
} else {
throw new PermissionDeniedException();
}
}
}
// handle banned users
if (self::getUser()->userID && self::getUser()->banned) {
if ($isAjax) {
throw new AJAXException(self::getLanguage()->getDynamicVariable('wcf.user.error.isBanned'), AJAXException::INSUFFICIENT_PERMISSIONS);
} else {
throw new NamedUserException(self::getLanguage()->getDynamicVariable('wcf.user.error.isBanned'));
}
}
}
/**
* Searches for existing session of a search spider.
*
* @param integer $spiderID
* @return \wcf\data\session\Session
*/
protected function getExistingSpiderSession($spiderID)
{
$sql = "SELECT\t*\n\t\t\tFROM\twcf" . WCF_N . "_session\n\t\t\tWHERE\tspiderID = ?\n\t\t\t\tAND userID IS NULL";
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array($spiderID));
$row = $statement->fetchArray();
if ($row !== false) {
// fix session validation
$row['ipAddress'] = UserUtil::getIpAddress();
$row['userAgent'] = UserUtil::getUserAgent();
// return session object
return new $this->sessionClassName(null, $row);
}
return null;
}
/**
* Validates the email address.
*/
public function validateEmail()
{
if (!empty($this->email)) {
// check whether user entered the same email, instead of leaving the input empty
if (mb_strtolower($this->email) != mb_strtolower($this->user->email)) {
if (!UserRegistrationUtil::isValidEmail($this->email)) {
throw new UserInputException('email', 'notValid');
}
// Check if email exists already.
if (!UserUtil::isAvailableEmail($this->email)) {
throw new UserInputException('email', 'notUnique');
}
} else {
$this->email = '';
}
}
}
/**
* @see \wcf\form\IForm::submit()
*/
public function submit()
{
parent::submit();
// save authentication failure
if (ENABLE_USER_AUTHENTICATION_FAILURE) {
if ($this->errorField == 'username' || $this->errorField == 'password') {
$action = new UserAuthenticationFailureAction(array(), 'create', array('data' => array('environment' => RequestHandler::getInstance()->isACPRequest() ? 'admin' : 'user', 'userID' => $this->user !== null ? $this->user->userID : null, 'username' => $this->username, 'time' => TIME_NOW, 'ipAddress' => UserUtil::getIpAddress(), 'userAgent' => UserUtil::getUserAgent())));
$action->executeAction();
if ($this->captchaObjectType) {
$this->captchaObjectType->getProcessor()->reset();
}
}
}
}
/**
* Throws a UserInputException if the email is not unique or not valid.
*
* @param string $email
* @param string $confirmEmail
*/
protected function validateEmail($email, $confirmEmail) {
if (empty($email)) {
throw new UserInputException('email');
}
// check for valid email (one @ etc.)
if (!UserUtil::isValidEmail($email)) {
throw new UserInputException('email', 'notValid');
}
// Check if email exists already.
if (!UserUtil::isAvailableEmail($email)) {
throw new UserInputException('email', 'notUnique');
}
// check confirm input
if (StringUtil::toLowerCase($email) != StringUtil::toLowerCase($confirmEmail)) {
throw new UserInputException('confirmEmail', 'notEqual');
}
}
/**
* @see \wcf\form\IForm::validate()
*/
public function validate()
{
parent::validate();
// password
if (!WCF::getUser()->authData) {
if (empty($this->password)) {
throw new UserInputException('password');
}
if (!WCF::getUser()->checkPassword($this->password)) {
throw new UserInputException('password', 'false');
}
}
// user name
if (WCF::getSession()->getPermission('user.profile.canRename') && $this->username != WCF::getUser()->username) {
if (mb_strtolower($this->username) != mb_strtolower(WCF::getUser()->username)) {
if (WCF::getUser()->lastUsernameChange + WCF::getSession()->getPermission('user.profile.renamePeriod') * 86400 > TIME_NOW) {
throw new UserInputException('username', 'alreadyRenamed');
}
// checks for forbidden chars (e.g. the ",")
if (!UserRegistrationUtil::isValidUsername($this->username)) {
throw new UserInputException('username', 'notValid');
}
// checks if user name exists already.
if (!UserUtil::isAvailableUsername($this->username)) {
throw new UserInputException('username', 'notUnique');
}
}
}
// password
if (!WCF::getUser()->authData) {
if (!empty($this->newPassword) || !empty($this->confirmNewPassword)) {
if (empty($this->newPassword)) {
throw new UserInputException('newPassword');
}
if (empty($this->confirmNewPassword)) {
throw new UserInputException('confirmNewPassword');
}
if (!UserRegistrationUtil::isSecurePassword($this->newPassword)) {
throw new UserInputException('newPassword', 'notSecure');
}
if ($this->newPassword != $this->confirmNewPassword) {
throw new UserInputException('confirmNewPassword', 'notEqual');
}
}
}
// email
if (WCF::getSession()->getPermission('user.profile.canChangeEmail') && $this->email != WCF::getUser()->email && $this->email != WCF::getUser()->newEmail) {
if (empty($this->email)) {
throw new UserInputException('email');
}
// checks if only letter case has changed
if (mb_strtolower($this->email) != mb_strtolower(WCF::getUser()->email)) {
// check for valid email (one @ etc.)
if (!UserRegistrationUtil::isValidEmail($this->email)) {
throw new UserInputException('email', 'notValid');
}
// checks if email already exists.
if (!UserUtil::isAvailableEmail($this->email)) {
throw new UserInputException('email', 'notUnique');
}
}
// checks confirm input
if (mb_strtolower($this->email) != mb_strtolower($this->confirmEmail)) {
throw new UserInputException('confirmEmail', 'notEqual');
}
}
}
/**
* Exports posts.
*/
public function exportPosts($offset, $limit)
{
$sql = "SELECT\t\tchild.*, IF(parent.contenttypeid = child.contenttypeid, 0, 1) AS isFirstPost, text.*\n\t\t\tFROM\t\t" . $this->databasePrefix . "node child\n\t\t\tINNER JOIN\t" . $this->databasePrefix . "text text\n\t\t\tON\t\tchild.nodeid = text.nodeid\n\t\t\tINNER JOIN\t" . $this->databasePrefix . "node parent\n\t\t\tON\t\tchild.parentid = parent.nodeid\n\t\t\t\n\t\t\tINNER JOIN\t(SELECT contenttypeid FROM " . $this->databasePrefix . "contenttype WHERE class IN(?, ?)) x\n\t\t\tON\t\tx.contenttypeid = child.contenttypeid\n\t\t\t\n\t\t\tWHERE\t\tchild.nodeid BETWEEN ? AND ?\n\t\t\tORDER BY\tchild.nodeid ASC";
$statement = $this->database->prepareStatement($sql);
$statement->execute(array('Text', 'Poll', $offset + 1, $offset + $limit));
while ($row = $statement->fetchArray()) {
ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['nodeid'], array('threadID' => $row['isFirstPost'] ? $row['nodeid'] : $row['parentid'], 'userID' => $row['userid'], 'username' => $row['authorname'], 'subject' => StringUtil::decodeHTML($row['title']), 'message' => self::fixBBCodes($row['rawtext']), 'time' => $row['created'], 'isDeleted' => $row['deleteuserid'] !== null ? 1 : 0, 'deleteTime' => $row['deleteuserid'] !== null ? TIME_NOW : 0, 'isDisabled' => $row['approved'] ? 0 : 1, 'isClosed' => 0, 'editorID' => null, 'editor' => '', 'lastEditTime' => 0, 'editCount' => 0, 'editReason' => '', 'enableSmilies' => $row['allowsmilie'], 'enableHtml' => isset($row['htmlState']) && $row['htmlState'] != 'off' ? 1 : 0, 'enableBBCodes' => 1, 'showSignature' => $row['showsignature'], 'ipAddress' => UserUtil::convertIPv4To6($row['ipaddress'])));
}
}
/**
* Updates user session on shutdown.
*/
public function update() {
if ($this->doNotUpdate) return;
// set up data
$data = array(
'ipAddress' => UserUtil::getIpAddress(),
'userAgent' => $this->userAgent,
'requestURI' => $this->requestURI,
'requestMethod' => $this->requestMethod,
'lastActivityTime' => TIME_NOW
);
if (PACKAGE_ID && RequestHandler::getInstance()->getActiveRequest() && RequestHandler::getInstance()->getActiveRequest()->getRequestObject() instanceof ITrackablePage && RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->isTracked()) {
$data['controller'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getController();
$data['parentObjectType'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getParentObjectType();
$data['parentObjectID'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getParentObjectID();
$data['objectType'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getObjectType();
$data['objectID'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getObjectID();
}
if ($this->variablesChanged) {
$data['sessionVariables'] = serialize($this->variables);
}
// update session
$sessionEditor = new $this->sessionEditorClassName($this->session);
$sessionEditor->update($data);
}
/**
* Exports posts.
*/
public function exportPosts($offset, $limit)
{
$sql = "SELECT\t\tpost_table.*, user_table.username, editor.username AS editorName,\n\t\t\t\t\t(SELECT COUNT(*) FROM " . $this->databasePrefix . "attachments attachment_table WHERE attachment_table.post_msg_id = post_table.post_id AND in_message = ?) AS attachments\n\t\t\tFROM\t\t" . $this->databasePrefix . "posts post_table\n\t\t\tLEFT JOIN\t" . $this->databasePrefix . "users user_table\n\t\t\tON\t\tpost_table.poster_id = user_table.user_id\n\t\t\tLEFT JOIN\t" . $this->databasePrefix . "users editor\n\t\t\tON\t\tpost_table.post_edit_user = editor.user_id\n\t\t\tWHERE\t\tpost_id BETWEEN ? AND ?\n\t\t\tORDER BY\tpost_id";
$statement = $this->database->prepareStatement($sql);
$statement->execute(array(0, $offset + 1, $offset + $limit));
while ($row = $statement->fetchArray()) {
ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['post_id'], array('threadID' => $row['topic_id'], 'userID' => $row['poster_id'], 'username' => $row['post_username'] ?: (StringUtil::decodeHTML($row['username']) ?: ''), 'subject' => StringUtil::decodeHTML($row['post_subject']), 'message' => self::fixBBCodes(StringUtil::decodeHTML($row['post_text']), $row['bbcode_uid']), 'time' => $row['post_time'], 'isDisabled' => $row['post_approved'] ? 0 : 1, 'isClosed' => $row['post_edit_locked'] ? 1 : 0, 'editorID' => $row['post_edit_user'] ?: null, 'editor' => $row['editorName'] ?: '', 'lastEditTime' => $row['post_edit_time'], 'editCount' => $row['post_edit_count'], 'editReason' => !empty($row['post_edit_reason']) ? $row['post_edit_reason'] : '', 'attachments' => $row['attachments'], 'enableSmilies' => $row['enable_smilies'], 'enableHtml' => 0, 'enableBBCodes' => $row['enable_bbcode'], 'showSignature' => $row['enable_sig'], 'ipAddress' => UserUtil::convertIPv4To6($row['poster_ip'])));
}
}
/**
* Exports posts.
*/
public function exportPosts($offset, $limit)
{
$sql = "SELECT\t\tpost.*, user.username AS editor, INET_NTOA(ip.ip) AS ip, thread.title\n\t\t\tFROM\t\txf_post post\n\t\t\tLEFT JOIN\txf_user user\n\t\t\tON\t\tpost.last_edit_user_id = user.user_id\n\t\t\tLEFT JOIN\txf_ip ip\n\t\t\tON\t\tpost.ip_id = ip.ip_id\n\t\t\tLEFT JOIN\txf_thread thread\n\t\t\tON\t\tthread.first_post_id = post.post_id\n\t\t\tWHERE\t\tpost_id BETWEEN ? AND ?\n\t\t\tORDER BY\tpost_id";
$statement = $this->database->prepareStatement($sql);
$statement->execute(array($offset + 1, $offset + $limit));
while ($row = $statement->fetchArray()) {
ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['post_id'], array('threadID' => $row['thread_id'], 'userID' => $row['user_id'], 'username' => $row['username'], 'subject' => $row['title'] ?: '', 'message' => self::fixBBCodes($row['message']), 'time' => $row['post_date'], 'isDisabled' => $row['message_state'] == 'moderated' ? 1 : 0, 'editorID' => $row['last_edit_user_id'] ?: null, 'editor' => $row['editor'] ?: '', 'lastEditTime' => $row['last_edit_date'], 'editCount' => $row['editor'] ? $row['edit_count'] : 0, 'enableSmilies' => 1, 'showSignature' => 1, 'ipAddress' => $row['ip'] ? UserUtil::convertIPv4To6($row['ip']) : ''));
}
}
/**
* Shows the page for creating the admin account.
*/
protected function createUser()
{
$errorType = $errorField = $username = $email = $confirmEmail = $password = $confirmPassword = '';
$username = '';
$email = $confirmEmail = '';
$password = $confirmPassword = '';
if (isset($_POST['send']) || self::$developerMode) {
if (isset($_POST['send'])) {
if (isset($_POST['username'])) {
$username = StringUtil::trim($_POST['username']);
}
if (isset($_POST['email'])) {
$email = StringUtil::trim($_POST['email']);
}
if (isset($_POST['confirmEmail'])) {
$confirmEmail = StringUtil::trim($_POST['confirmEmail']);
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
}
if (isset($_POST['confirmPassword'])) {
$confirmPassword = $_POST['confirmPassword'];
}
} else {
$username = $password = $confirmPassword = '******';
$email = $confirmEmail = '*****@*****.**';
}
// error handling
try {
// username
if (empty($username)) {
throw new UserInputException('username');
}
if (!UserUtil::isValidUsername($username)) {
throw new UserInputException('username', 'notValid');
}
// e-mail address
if (empty($email)) {
throw new UserInputException('email');
}
if (!UserUtil::isValidEmail($email)) {
throw new UserInputException('email', 'notValid');
}
// confirm e-mail address
if ($email != $confirmEmail) {
throw new UserInputException('confirmEmail', 'notEqual');
}
// password
if (empty($password)) {
throw new UserInputException('password');
}
// confirm e-mail address
if ($password != $confirmPassword) {
throw new UserInputException('confirmPassword', 'notEqual');
}
// no errors
// init database connection
$this->initDB();
// get language id
$languageID = 0;
$sql = "SELECT\tlanguageID\n\t\t\t\t\tFROM\twcf" . WCF_N . "_language\n\t\t\t\t\tWHERE\tlanguageCode = ?";
$statement = self::getDB()->prepareStatement($sql);
$statement->execute(array(self::$selectedLanguageCode));
$row = $statement->fetchArray();
if (isset($row['languageID'])) {
$languageID = $row['languageID'];
}
if (!$languageID) {
$languageID = LanguageFactory::getInstance()->getDefaultLanguageID();
}
// create user
$data = array('data' => array('email' => $email, 'languageID' => $languageID, 'password' => $password, 'username' => $username), 'groups' => array(1, 3, 4), 'languages' => array($languageID));
$userAction = new UserAction(array(), 'create', $data);
$userAction->executeAction();
// go to next step
$this->gotoNextStep('installPackages');
exit;
} catch (UserInputException $e) {
$errorField = $e->getField();
$errorType = $e->getType();
}
}
WCF::getTPL()->assign(array('errorField' => $errorField, 'errorType' => $errorType, 'username' => $username, 'email' => $email, 'confirmEmail' => $confirmEmail, 'password' => $password, 'confirmPassword' => $confirmPassword, 'nextStep' => 'createUser'));
WCF::getTPL()->display('stepCreateUser');
}
/**
* Exports posts.
*/
public function exportPosts($offset, $limit)
{
$sql = "SELECT\t\t*\n\t\t\tFROM\t\t" . $this->databasePrefix . "kunena_messages kunena_messages\n\t\t\tLEFT JOIN\t" . $this->databasePrefix . "kunena_messages_text kunena_messages_text\n\t\t\tON\t\t(kunena_messages_text.mesid = kunena_messages.id)\n\t\t\tWHERE\t\tid BETWEEN ? AND ?\n\t\t\tORDER BY\tid";
$statement = $this->database->prepareStatement($sql);
$statement->execute(array($offset + 1, $offset + $limit));
while ($row = $statement->fetchArray()) {
ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['id'], array('threadID' => $row['thread'], 'userID' => $row['userid'], 'username' => $row['name'], 'subject' => $row['subject'], 'message' => self::fixBBCodes($row['message']), 'time' => $row['time'], 'ipAddress' => UserUtil::convertIPv4To6($row['ip']), 'isClosed' => $row['locked'] ? 1 : 0, 'editorID' => null));
}
}
/**
* Returns the ip address and attempts to convert into IPv4.
*
* @return string
*/
public function getIpAddress()
{
return UserUtil::convertIPv6To4($this->ipAddress);
}
/**
* Exports gallery images.
*/
public function exportGalleryImages($offset, $limit)
{
// get ids
$imageIDs = array();
$sql = "SELECT\t\tphotoID\n\t\t\tFROM\t\twcf" . $this->dbNo . "_user_gallery\n\t\t\tWHERE\t\tphotoID BETWEEN ? AND ?\n\t\t\tORDER BY\tphotoID";
$statement = $this->database->prepareStatement($sql);
$statement->execute(array($offset + 1, $offset + $limit));
while ($row = $statement->fetchArray()) {
$imageIDs[] = $row['photoID'];
}
if (empty($imageIDs)) {
return;
}
// get tags
$tags = $this->getTags('com.woltlab.wcf.user.gallery.photo', $imageIDs);
// get categories
$categories = array();
$conditionBuilder = new PreparedStatementConditionBuilder();
$conditionBuilder->add('photo_to_category.objectType = ?', array('photo'));
$conditionBuilder->add('photo_to_category.objectID IN (?)', array($imageIDs));
$sql = "SELECT\t\tphoto_to_category.*\n\t\t\tFROM\t\twcf" . $this->dbNo . "_user_gallery_category_to_object photo_to_category\n\t\t\tLEFT JOIN\twcf" . $this->dbNo . "_user_gallery_category category\n\t\t\tON\t\t(category.categoryID = photo_to_category.categoryID)\n\t\t\t" . $conditionBuilder;
$statement = $this->database->prepareStatement($sql);
$statement->execute($conditionBuilder->getParameters());
while ($row = $statement->fetchArray()) {
if (!isset($categories[$row['objectID']])) {
$categories[$row['objectID']] = array();
}
$categories[$row['objectID']][] = $row['categoryID'];
}
// get images
$conditionBuilder = new PreparedStatementConditionBuilder();
$conditionBuilder->add('user_gallery.photoID IN (?)', array($imageIDs));
$sql = "SELECT\t\tuser_gallery.*\n\t\t\tFROM\t\twcf" . $this->dbNo . "_user_gallery user_gallery\n\t\t\t" . $conditionBuilder;
$statement = $this->database->prepareStatement($sql);
$statement->execute($conditionBuilder->getParameters());
while ($row = $statement->fetchArray()) {
$additionalData = array('fileLocation' => $this->fileSystemPath . 'images/photos/photo-' . $row['photoID'] . ($row['photoHash'] ? '-' . $row['photoHash'] : '') . '.' . $row['fileExtension']);
if (isset($tags[$row['photoID']])) {
$additionalData['tags'] = $tags[$row['photoID']];
}
if (isset($categories[$row['photoID']])) {
$additionalData['categories'] = array_unique($categories[$row['photoID']]);
}
ImportHandler::getInstance()->getImporter('com.woltlab.gallery.image')->import($row['photoID'], array('userID' => $row['ownerID'] ?: null, 'username' => $row['username'], 'albumID' => $row['albumID'] ?: null, 'title' => $row['title'], 'description' => $row['description'], 'filename' => $row['filename'], 'fileExtension' => $row['fileExtension'], 'filesize' => $row['filesize'], 'comments' => $row['comments'], 'views' => $row['views'], 'uploadTime' => $row['uploadTime'], 'creationTime' => $row['creationTime'], 'width' => $row['width'], 'height' => $row['height'], 'camera' => $row['camera'], 'latitude' => $row['latitude'], 'longitude' => $row['longitude'], 'ipAddress' => UserUtil::convertIPv4To6($row['ipAddress'])), $additionalData);
}
}
/**
* Exports posts.
*/
public function exportPosts($offset, $limit)
{
$sql = "SELECT\t\t*\n\t\t\tFROM\t\t" . $this->databasePrefix . "posts\n\t\t\tWHERE\t\tpid BETWEEN ? AND ?\n\t\t\tORDER BY\tpid";
$statement = $this->database->prepareStatement($sql);
$statement->execute(array($offset + 1, $offset + $limit));
while ($row = $statement->fetchArray()) {
ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['pid'], array('threadID' => $row['topic_id'], 'userID' => $row['author_id'], 'username' => $row['author_name'] ?: '', 'message' => self::fixMessage($row['post']), 'time' => $row['post_date'], 'isDeleted' => $row['queued'] == 3 ? 1 : 0, 'isDisabled' => $row['queued'] == 2 ? 1 : 0, 'lastEditTime' => $row['edit_time'] ?: 0, 'editorID' => null, 'editReason' => $row['post_edit_reason'], 'ipAddress' => UserUtil::convertIPv4To6($row['ip_address']), 'deleteTime' => $row['pdelete_time']));
}
}
/**
* Creates a new session.
*/
protected function create()
{
// create new session hash
$sessionID = StringUtil::getRandomID();
// get user automatically
$this->user = UserAuthenticationFactory::getUserAuthentication()->loginAutomatically(call_user_func(array($this->sessionClassName, 'supportsPersistentLogins')));
// create user
if ($this->user === null) {
// no valid user found
// create guest user
$this->user = new User(null);
}
if ($this->user->userID != 0) {
// user is no guest
// delete all other sessions of this user
call_user_func(array($this->sessionEditorClassName, 'deleteUserSessions'), array($this->user->userID));
}
// save session
$this->session = call_user_func(array($this->sessionEditorClassName, 'create'), array('sessionID' => $sessionID, 'packageID' => PACKAGE_ID, 'userID' => $this->user->userID, 'username' => $this->user->username === null ? '' : $this->user->username, 'ipAddress' => UserUtil::getIpAddress(), 'userAgent' => UserUtil::getUserAgent(), 'lastActivityTime' => TIME_NOW, 'requestURI' => UserUtil::getRequestURI(), 'requestMethod' => !empty($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : ''));
}
/**
* Queries server to verify successful response.
*
* @param string $challenge
* @param string $response
*/
protected function verify($challenge, $response)
{
$request = new HTTPRequest('http://www.google.com/recaptcha/api/verify', array('timeout' => 10), array('privatekey' => $this->privateKey, 'remoteip' => UserUtil::getIpAddress(), 'challenge' => $challenge, 'response' => $response));
try {
$request->execute();
$reply = $request->getReply();
$reCaptchaResponse = explode("\n", $reply['body']);
if (StringUtil::trim($reCaptchaResponse[0]) === "true") {
return self::VALID_ANSWER;
} else {
return StringUtil::trim($reCaptchaResponse[1]);
}
} catch (SystemException $e) {
return self::ERROR_NOT_REACHABLE;
}
}
/**
* @see \wcf\system\condition\IContentCondition::showContent()
*/
public function showContent(Condition $condition)
{
return $condition->usesMobileBrowser && UserUtil::usesMobileBrowser() || !$condition->usesMobileBrowser && !UserUtil::usesMobileBrowser();
}
