/** * Returns the ip address. * * @return string */ public function getFormattedIPAddress() { if ($address = UserUtil::convertIPv6To4($this->ipAddress)) { return $address; } return $this->ipAddress; }
/** * Returns the active virtual session object or null. * * @param string $sessionID * @return \wcf\data\session\virtual\SessionVirtual */ public static function getExistingSession($sessionID) { $sql = "SELECT\t*\n\t\t\tFROM\t" . static::getDatabaseTableName() . "\n\t\t\tWHERE\tsessionID = ?\n\t\t\t\tAND ipAddress = ?\n\t\t\t\tAND userAgent = ?"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(array($sessionID, UserUtil::getIpAddress(), UserUtil::getUserAgent())); return $statement->fetchObject(__CLASS__); }
/** * @see \wcf\system\event\listener\IParameterizedEventListener::execute() */ public function execute($eventObj, $className, $eventName, array &$parameters) { if (WCF::getUser()->userID && WCF::getSession()->getPermission('admin.general.canUseAcp') && !defined(get_class($eventObj) . '::DO_NOT_LOG')) { // try to find existing session log $sql = "SELECT\tsessionLogID\n\t\t\t\tFROM\twcf" . WCF_N . "_acp_session_log\n\t\t\t\tWHERE\tsessionID = ?\n\t\t\t\t\tAND lastActivityTime >= ?"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(array(WCF::getSession()->sessionID, TIME_NOW - SESSION_TIMEOUT)); $row = $statement->fetchArray(); if (!empty($row['sessionLogID'])) { $sessionLogID = $row['sessionLogID']; $sessionLogEditor = new ACPSessionLogEditor(new ACPSessionLog(null, array('sessionLogID' => $sessionLogID))); $sessionLogEditor->update(array('lastActivityTime' => TIME_NOW)); } else { // create new session log $sessionLog = ACPSessionLogEditor::create(array('sessionID' => WCF::getSession()->sessionID, 'userID' => WCF::getUser()->userID, 'ipAddress' => UserUtil::getIpAddress(), 'hostname' => @gethostbyaddr(WCF::getSession()->ipAddress), 'userAgent' => WCF::getSession()->userAgent, 'time' => TIME_NOW, 'lastActivityTime' => TIME_NOW)); $sessionLogID = $sessionLog->sessionLogID; } // format request uri $requestURI = WCF::getSession()->requestURI; // remove directories $URIComponents = explode('/', $requestURI); $requestURI = array_pop($URIComponents); // remove session url $requestURI = preg_replace('/(?:\\?|&)s=[a-f0-9]{40}/', '', $requestURI); // save access ACPSessionAccessLogEditor::create(array('sessionLogID' => $sessionLogID, 'ipAddress' => UserUtil::getIpAddress(), 'time' => TIME_NOW, 'requestURI' => $requestURI, 'requestMethod' => WCF::getSession()->requestMethod, 'className' => get_class($eventObj))); } }
/** * Validates given email address. * * @return array */ public function validateEmailAddress() { if (!UserRegistrationUtil::isValidEmail($this->parameters['email'])) { return array('isValid' => false, 'error' => 'notValid'); } if (!UserUtil::isAvailableEmail($this->parameters['email'])) { return array('isValid' => false, 'error' => 'notUnique'); } return array('isValid' => true); }
/** * @see wcf\system\option\IOptionType::getData() */ public function getData(Option $option, $newValue) { if (!empty($newValue)) { $ips = explode("\n", $newValue); foreach ($ips as &$ip) { $ip = trim($ip); $ip = UserUtil::convertIPv4To6($ip); } unset($ip); $newValue = implode("\n", $ips); } return $newValue; }
/** * @see \wcf\form\IForm::readFormParameters() */ public function readFormParameters() { parent::readFormParameters(); if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'register') { // if the username field is an email, save it as email for the registration if (UserUtil::isValidEmail($this->username)) { WCF::getSession()->register('__email', $this->username); } else { WCF::getSession()->register('__username', $this->username); } WCF::getSession()->update(); HeaderUtil::redirect(LinkHandler::getInstance()->getLink('Register')); exit; } $this->useCookies = 0; if (isset($_POST['useCookies'])) { $this->useCookies = intval($_POST['useCookies']); } }
/** * Attention: This method does not always return a new object, in case a matching virtual session * already exists, the existing session will be returned rather than a new session being created. * * @see \wcf\data\AbstractDatabaseObjectAction::create() */ public function create() { // try to find an existing virtual session $baseClass = call_user_func(array($this->className, 'getBaseClass')); $virtualSession = call_user_func(array($baseClass, 'getExistingSession'), $this->parameters['data']['sessionID']); if ($virtualSession !== null) { return $virtualSession; } if (!isset($this->parameters['data']['lastActivityTime'])) { $this->parameters['data']['lastActivityTime'] = TIME_NOW; } if (!isset($this->parameters['data']['ipAddress'])) { $this->parameters['data']['ipAddress'] = UserUtil::getIpAddress(); } if (!isset($this->parameters['data']['userAgent'])) { $this->parameters['data']['userAgent'] = UserUtil::getUserAgent(); } return parent::create(); }
/** * @see \wcf\form\IForm::validate() */ public function validate() { EventHandler::getInstance()->fireAction($this, 'validate'); // check given user id $this->user = new User($this->userID); if (!$this->user->userID) { throw new UserInputException('u', 'notValid'); } // user is already enabled if ($this->user->reactivationCode == 0) { throw new NamedUserException(WCF::getLanguage()->get('wcf.user.emailActivation.error.emailAlreadyEnabled')); } // check whether the new email isn't unique anymore if (!UserUtil::isAvailableEmail($this->user->newEmail)) { throw new NamedUserException(WCF::getLanguage()->get('wcf.user.email.error.notUnique')); } // check given activation code if ($this->user->reactivationCode != $this->activationCode) { throw new UserInputException('a', 'notValid'); } }
/** * Validates response. * * @param string $response */ public function validate($response) { // fail if response is empty to avoid sending api requests if (empty($response)) { throw new UserInputException('recaptchaString', 'false'); } $request = new HTTPRequest('https://www.google.com/recaptcha/api/siteverify?secret=' . rawurlencode(RECAPTCHA_PRIVATEKEY) . '&response=' . rawurlencode($response) . '&remoteip=' . rawurlencode(UserUtil::getIpAddress()), array('timeout' => 10)); try { $request->execute(); $reply = $request->getReply(); $data = JSON::decode($reply['body']); if ($data['success']) { // yeah } else { throw new UserInputException('recaptchaString', 'false'); } } catch (SystemException $e) { // log error, but accept captcha $e->getExceptionID(); } WCF::getSession()->register('recaptchaDone', true); }
/** * Exports posts. */ public function exportPosts($offset, $limit) { $sql = "SELECT\t\tpost_table.*, user_table.username AS editor\n\t\t\tFROM\t\t" . $this->databasePrefix . "posts post_table\n\t\t\tLEFT JOIN\t" . $this->databasePrefix . "users user_table\n\t\t\tON\t\tuser_table.uid = post_table.edituid\n\t\t\tWHERE\t\tpid BETWEEN ? AND ?\n\t\t\tORDER BY\tpid"; $statement = $this->database->prepareStatement($sql); $statement->execute(array($offset + 1, $offset + $limit)); while ($row = $statement->fetchArray()) { ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['pid'], array('threadID' => $row['tid'], 'userID' => $row['uid'], 'username' => $row['username'], 'subject' => $row['subject'], 'message' => self::fixBBCodes($row['message']), 'time' => $row['dateline'], 'isDisabled' => $row['visible'] ? 0 : 1, 'editorID' => $row['edituid'] ?: null, 'editor' => $row['editor'] ?: '', 'lastEditTime' => $row['edittime'], 'editCount' => $row['editor'] ? 1 : 0, 'enableSmilies' => $row['smilieoff'] ? 0 : 1, 'showSignature' => $row['includesig'], 'ipAddress' => UserUtil::convertIPv4To6($row['ipaddress']))); } }
public function getIpLog() { // get ip addresses of the author $authorIpAddresses = News::getIpAddressByAuthor($this->news->userID, $this->news->username, $this->news->ipAddress); // resolve hostnames $newIpAddresses = array(); foreach ($authorIpAddresses as $ipAddress) { $ipAddress = UserUtil::convertIPv6To4($ipAddress); $newIpAddresses[] = array('hostname' => @gethostbyaddr($ipAddress), 'ipAddress' => $ipAddress); } $authorIpAddresses = $newIpAddresses; // get other users of this ip address $otherUsers = array(); if ($this->news->ipAddress) { $otherUsers = News::getAuthorByIpAddress($this->news->ipAddress, $this->news->userID, $this->news->username); } $ipAddress = UserUtil::convertIPv6To4($this->news->ipAddress); if ($this->news->userID) { $sql = "SELECT\tregistrationIpAddress\n\t\t\t\tFROM\twcf" . WCF_N . "_user\n\t\t\t\tWHERE\tuserID = ?"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(array($this->news->userID)); $row = $statement->fetchArray(); if ($row !== false && $row['registrationIpAddress']) { $registrationIpAddress = UserUtil::convertIPv6To4($row['registrationIpAddress']); WCF::getTPL()->assign(array('registrationIpAddress' => array('hostname' => @gethostbyaddr($registrationIpAddress), 'ipAddress' => $registrationIpAddress))); } } WCF::getTPL()->assign(array('authorIpAddresses' => $authorIpAddresses, 'ipAddress' => array('hostname' => @gethostbyaddr($ipAddress), 'ipAddress' => $ipAddress), 'otherUsers' => $otherUsers, 'news' => $this->news)); return array('newsID' => $this->news->newsID, 'template' => WCF::getTPL()->fetch('newsIpAddress', 'cms')); }
/** * @see \wcf\form\IForm::validate() */ public function validate() { if (!WCF::getUser()->userID) { if (empty($this->email)) { throw new UserInputException('email'); } if (!UserUtil::isValidEmail($this->email)) { throw new UserInputException('email', 'notValid'); } } if (empty($this->subject)) { throw new UserInputException('subject'); } if (empty($this->message)) { throw new UserInputException('message'); } parent::validate(); }
/** * Executes the blacklist. */ protected function initBlacklist() { $isAjax = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest'; if (defined('BLACKLIST_IP_ADDRESSES') && BLACKLIST_IP_ADDRESSES != '') { if (!StringUtil::executeWordFilter(UserUtil::convertIPv6To4(self::getSession()->ipAddress), BLACKLIST_IP_ADDRESSES)) { if ($isAjax) { throw new AJAXException(self::getLanguage()->get('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS); } else { throw new PermissionDeniedException(); } } else { if (!StringUtil::executeWordFilter(self::getSession()->ipAddress, BLACKLIST_IP_ADDRESSES)) { if ($isAjax) { throw new AJAXException(self::getLanguage()->get('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS); } else { throw new PermissionDeniedException(); } } } } if (defined('BLACKLIST_USER_AGENTS') && BLACKLIST_USER_AGENTS != '') { if (!StringUtil::executeWordFilter(self::getSession()->userAgent, BLACKLIST_USER_AGENTS)) { if ($isAjax) { throw new AJAXException(self::getLanguage()->get('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS); } else { throw new PermissionDeniedException(); } } } if (defined('BLACKLIST_HOSTNAMES') && BLACKLIST_HOSTNAMES != '') { if (!StringUtil::executeWordFilter(@gethostbyaddr(self::getSession()->ipAddress), BLACKLIST_HOSTNAMES)) { if ($isAjax) { throw new AJAXException(self::getLanguage()->get('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS); } else { throw new PermissionDeniedException(); } } } // handle banned users if (self::getUser()->userID && self::getUser()->banned) { if ($isAjax) { throw new AJAXException(self::getLanguage()->getDynamicVariable('wcf.user.error.isBanned'), AJAXException::INSUFFICIENT_PERMISSIONS); } else { throw new NamedUserException(self::getLanguage()->getDynamicVariable('wcf.user.error.isBanned')); } } }
/** * Searches for existing session of a search spider. * * @param integer $spiderID * @return \wcf\data\session\Session */ protected function getExistingSpiderSession($spiderID) { $sql = "SELECT\t*\n\t\t\tFROM\twcf" . WCF_N . "_session\n\t\t\tWHERE\tspiderID = ?\n\t\t\t\tAND userID IS NULL"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(array($spiderID)); $row = $statement->fetchArray(); if ($row !== false) { // fix session validation $row['ipAddress'] = UserUtil::getIpAddress(); $row['userAgent'] = UserUtil::getUserAgent(); // return session object return new $this->sessionClassName(null, $row); } return null; }
/** * Validates the email address. */ public function validateEmail() { if (!empty($this->email)) { // check whether user entered the same email, instead of leaving the input empty if (mb_strtolower($this->email) != mb_strtolower($this->user->email)) { if (!UserRegistrationUtil::isValidEmail($this->email)) { throw new UserInputException('email', 'notValid'); } // Check if email exists already. if (!UserUtil::isAvailableEmail($this->email)) { throw new UserInputException('email', 'notUnique'); } } else { $this->email = ''; } } }
/** * @see \wcf\form\IForm::submit() */ public function submit() { parent::submit(); // save authentication failure if (ENABLE_USER_AUTHENTICATION_FAILURE) { if ($this->errorField == 'username' || $this->errorField == 'password') { $action = new UserAuthenticationFailureAction(array(), 'create', array('data' => array('environment' => RequestHandler::getInstance()->isACPRequest() ? 'admin' : 'user', 'userID' => $this->user !== null ? $this->user->userID : null, 'username' => $this->username, 'time' => TIME_NOW, 'ipAddress' => UserUtil::getIpAddress(), 'userAgent' => UserUtil::getUserAgent()))); $action->executeAction(); if ($this->captchaObjectType) { $this->captchaObjectType->getProcessor()->reset(); } } } }
/** * Throws a UserInputException if the email is not unique or not valid. * * @param string $email * @param string $confirmEmail */ protected function validateEmail($email, $confirmEmail) { if (empty($email)) { throw new UserInputException('email'); } // check for valid email (one @ etc.) if (!UserUtil::isValidEmail($email)) { throw new UserInputException('email', 'notValid'); } // Check if email exists already. if (!UserUtil::isAvailableEmail($email)) { throw new UserInputException('email', 'notUnique'); } // check confirm input if (StringUtil::toLowerCase($email) != StringUtil::toLowerCase($confirmEmail)) { throw new UserInputException('confirmEmail', 'notEqual'); } }
/** * @see \wcf\form\IForm::validate() */ public function validate() { parent::validate(); // password if (!WCF::getUser()->authData) { if (empty($this->password)) { throw new UserInputException('password'); } if (!WCF::getUser()->checkPassword($this->password)) { throw new UserInputException('password', 'false'); } } // user name if (WCF::getSession()->getPermission('user.profile.canRename') && $this->username != WCF::getUser()->username) { if (mb_strtolower($this->username) != mb_strtolower(WCF::getUser()->username)) { if (WCF::getUser()->lastUsernameChange + WCF::getSession()->getPermission('user.profile.renamePeriod') * 86400 > TIME_NOW) { throw new UserInputException('username', 'alreadyRenamed'); } // checks for forbidden chars (e.g. the ",") if (!UserRegistrationUtil::isValidUsername($this->username)) { throw new UserInputException('username', 'notValid'); } // checks if user name exists already. if (!UserUtil::isAvailableUsername($this->username)) { throw new UserInputException('username', 'notUnique'); } } } // password if (!WCF::getUser()->authData) { if (!empty($this->newPassword) || !empty($this->confirmNewPassword)) { if (empty($this->newPassword)) { throw new UserInputException('newPassword'); } if (empty($this->confirmNewPassword)) { throw new UserInputException('confirmNewPassword'); } if (!UserRegistrationUtil::isSecurePassword($this->newPassword)) { throw new UserInputException('newPassword', 'notSecure'); } if ($this->newPassword != $this->confirmNewPassword) { throw new UserInputException('confirmNewPassword', 'notEqual'); } } } // email if (WCF::getSession()->getPermission('user.profile.canChangeEmail') && $this->email != WCF::getUser()->email && $this->email != WCF::getUser()->newEmail) { if (empty($this->email)) { throw new UserInputException('email'); } // checks if only letter case has changed if (mb_strtolower($this->email) != mb_strtolower(WCF::getUser()->email)) { // check for valid email (one @ etc.) if (!UserRegistrationUtil::isValidEmail($this->email)) { throw new UserInputException('email', 'notValid'); } // checks if email already exists. if (!UserUtil::isAvailableEmail($this->email)) { throw new UserInputException('email', 'notUnique'); } } // checks confirm input if (mb_strtolower($this->email) != mb_strtolower($this->confirmEmail)) { throw new UserInputException('confirmEmail', 'notEqual'); } } }
/** * Exports posts. */ public function exportPosts($offset, $limit) { $sql = "SELECT\t\tchild.*, IF(parent.contenttypeid = child.contenttypeid, 0, 1) AS isFirstPost, text.*\n\t\t\tFROM\t\t" . $this->databasePrefix . "node child\n\t\t\tINNER JOIN\t" . $this->databasePrefix . "text text\n\t\t\tON\t\tchild.nodeid = text.nodeid\n\t\t\tINNER JOIN\t" . $this->databasePrefix . "node parent\n\t\t\tON\t\tchild.parentid = parent.nodeid\n\t\t\t\n\t\t\tINNER JOIN\t(SELECT contenttypeid FROM " . $this->databasePrefix . "contenttype WHERE class IN(?, ?)) x\n\t\t\tON\t\tx.contenttypeid = child.contenttypeid\n\t\t\t\n\t\t\tWHERE\t\tchild.nodeid BETWEEN ? AND ?\n\t\t\tORDER BY\tchild.nodeid ASC"; $statement = $this->database->prepareStatement($sql); $statement->execute(array('Text', 'Poll', $offset + 1, $offset + $limit)); while ($row = $statement->fetchArray()) { ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['nodeid'], array('threadID' => $row['isFirstPost'] ? $row['nodeid'] : $row['parentid'], 'userID' => $row['userid'], 'username' => $row['authorname'], 'subject' => StringUtil::decodeHTML($row['title']), 'message' => self::fixBBCodes($row['rawtext']), 'time' => $row['created'], 'isDeleted' => $row['deleteuserid'] !== null ? 1 : 0, 'deleteTime' => $row['deleteuserid'] !== null ? TIME_NOW : 0, 'isDisabled' => $row['approved'] ? 0 : 1, 'isClosed' => 0, 'editorID' => null, 'editor' => '', 'lastEditTime' => 0, 'editCount' => 0, 'editReason' => '', 'enableSmilies' => $row['allowsmilie'], 'enableHtml' => isset($row['htmlState']) && $row['htmlState'] != 'off' ? 1 : 0, 'enableBBCodes' => 1, 'showSignature' => $row['showsignature'], 'ipAddress' => UserUtil::convertIPv4To6($row['ipaddress']))); } }
/** * Updates user session on shutdown. */ public function update() { if ($this->doNotUpdate) return; // set up data $data = array( 'ipAddress' => UserUtil::getIpAddress(), 'userAgent' => $this->userAgent, 'requestURI' => $this->requestURI, 'requestMethod' => $this->requestMethod, 'lastActivityTime' => TIME_NOW ); if (PACKAGE_ID && RequestHandler::getInstance()->getActiveRequest() && RequestHandler::getInstance()->getActiveRequest()->getRequestObject() instanceof ITrackablePage && RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->isTracked()) { $data['controller'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getController(); $data['parentObjectType'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getParentObjectType(); $data['parentObjectID'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getParentObjectID(); $data['objectType'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getObjectType(); $data['objectID'] = RequestHandler::getInstance()->getActiveRequest()->getRequestObject()->getObjectID(); } if ($this->variablesChanged) { $data['sessionVariables'] = serialize($this->variables); } // update session $sessionEditor = new $this->sessionEditorClassName($this->session); $sessionEditor->update($data); }
/** * Exports posts. */ public function exportPosts($offset, $limit) { $sql = "SELECT\t\tpost_table.*, user_table.username, editor.username AS editorName,\n\t\t\t\t\t(SELECT COUNT(*) FROM " . $this->databasePrefix . "attachments attachment_table WHERE attachment_table.post_msg_id = post_table.post_id AND in_message = ?) AS attachments\n\t\t\tFROM\t\t" . $this->databasePrefix . "posts post_table\n\t\t\tLEFT JOIN\t" . $this->databasePrefix . "users user_table\n\t\t\tON\t\tpost_table.poster_id = user_table.user_id\n\t\t\tLEFT JOIN\t" . $this->databasePrefix . "users editor\n\t\t\tON\t\tpost_table.post_edit_user = editor.user_id\n\t\t\tWHERE\t\tpost_id BETWEEN ? AND ?\n\t\t\tORDER BY\tpost_id"; $statement = $this->database->prepareStatement($sql); $statement->execute(array(0, $offset + 1, $offset + $limit)); while ($row = $statement->fetchArray()) { ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['post_id'], array('threadID' => $row['topic_id'], 'userID' => $row['poster_id'], 'username' => $row['post_username'] ?: (StringUtil::decodeHTML($row['username']) ?: ''), 'subject' => StringUtil::decodeHTML($row['post_subject']), 'message' => self::fixBBCodes(StringUtil::decodeHTML($row['post_text']), $row['bbcode_uid']), 'time' => $row['post_time'], 'isDisabled' => $row['post_approved'] ? 0 : 1, 'isClosed' => $row['post_edit_locked'] ? 1 : 0, 'editorID' => $row['post_edit_user'] ?: null, 'editor' => $row['editorName'] ?: '', 'lastEditTime' => $row['post_edit_time'], 'editCount' => $row['post_edit_count'], 'editReason' => !empty($row['post_edit_reason']) ? $row['post_edit_reason'] : '', 'attachments' => $row['attachments'], 'enableSmilies' => $row['enable_smilies'], 'enableHtml' => 0, 'enableBBCodes' => $row['enable_bbcode'], 'showSignature' => $row['enable_sig'], 'ipAddress' => UserUtil::convertIPv4To6($row['poster_ip']))); } }
/** * Exports posts. */ public function exportPosts($offset, $limit) { $sql = "SELECT\t\tpost.*, user.username AS editor, INET_NTOA(ip.ip) AS ip, thread.title\n\t\t\tFROM\t\txf_post post\n\t\t\tLEFT JOIN\txf_user user\n\t\t\tON\t\tpost.last_edit_user_id = user.user_id\n\t\t\tLEFT JOIN\txf_ip ip\n\t\t\tON\t\tpost.ip_id = ip.ip_id\n\t\t\tLEFT JOIN\txf_thread thread\n\t\t\tON\t\tthread.first_post_id = post.post_id\n\t\t\tWHERE\t\tpost_id BETWEEN ? AND ?\n\t\t\tORDER BY\tpost_id"; $statement = $this->database->prepareStatement($sql); $statement->execute(array($offset + 1, $offset + $limit)); while ($row = $statement->fetchArray()) { ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['post_id'], array('threadID' => $row['thread_id'], 'userID' => $row['user_id'], 'username' => $row['username'], 'subject' => $row['title'] ?: '', 'message' => self::fixBBCodes($row['message']), 'time' => $row['post_date'], 'isDisabled' => $row['message_state'] == 'moderated' ? 1 : 0, 'editorID' => $row['last_edit_user_id'] ?: null, 'editor' => $row['editor'] ?: '', 'lastEditTime' => $row['last_edit_date'], 'editCount' => $row['editor'] ? $row['edit_count'] : 0, 'enableSmilies' => 1, 'showSignature' => 1, 'ipAddress' => $row['ip'] ? UserUtil::convertIPv4To6($row['ip']) : '')); } }
/** * Shows the page for creating the admin account. */ protected function createUser() { $errorType = $errorField = $username = $email = $confirmEmail = $password = $confirmPassword = ''; $username = ''; $email = $confirmEmail = ''; $password = $confirmPassword = ''; if (isset($_POST['send']) || self::$developerMode) { if (isset($_POST['send'])) { if (isset($_POST['username'])) { $username = StringUtil::trim($_POST['username']); } if (isset($_POST['email'])) { $email = StringUtil::trim($_POST['email']); } if (isset($_POST['confirmEmail'])) { $confirmEmail = StringUtil::trim($_POST['confirmEmail']); } if (isset($_POST['password'])) { $password = $_POST['password']; } if (isset($_POST['confirmPassword'])) { $confirmPassword = $_POST['confirmPassword']; } } else { $username = $password = $confirmPassword = '******'; $email = $confirmEmail = '*****@*****.**'; } // error handling try { // username if (empty($username)) { throw new UserInputException('username'); } if (!UserUtil::isValidUsername($username)) { throw new UserInputException('username', 'notValid'); } // e-mail address if (empty($email)) { throw new UserInputException('email'); } if (!UserUtil::isValidEmail($email)) { throw new UserInputException('email', 'notValid'); } // confirm e-mail address if ($email != $confirmEmail) { throw new UserInputException('confirmEmail', 'notEqual'); } // password if (empty($password)) { throw new UserInputException('password'); } // confirm e-mail address if ($password != $confirmPassword) { throw new UserInputException('confirmPassword', 'notEqual'); } // no errors // init database connection $this->initDB(); // get language id $languageID = 0; $sql = "SELECT\tlanguageID\n\t\t\t\t\tFROM\twcf" . WCF_N . "_language\n\t\t\t\t\tWHERE\tlanguageCode = ?"; $statement = self::getDB()->prepareStatement($sql); $statement->execute(array(self::$selectedLanguageCode)); $row = $statement->fetchArray(); if (isset($row['languageID'])) { $languageID = $row['languageID']; } if (!$languageID) { $languageID = LanguageFactory::getInstance()->getDefaultLanguageID(); } // create user $data = array('data' => array('email' => $email, 'languageID' => $languageID, 'password' => $password, 'username' => $username), 'groups' => array(1, 3, 4), 'languages' => array($languageID)); $userAction = new UserAction(array(), 'create', $data); $userAction->executeAction(); // go to next step $this->gotoNextStep('installPackages'); exit; } catch (UserInputException $e) { $errorField = $e->getField(); $errorType = $e->getType(); } } WCF::getTPL()->assign(array('errorField' => $errorField, 'errorType' => $errorType, 'username' => $username, 'email' => $email, 'confirmEmail' => $confirmEmail, 'password' => $password, 'confirmPassword' => $confirmPassword, 'nextStep' => 'createUser')); WCF::getTPL()->display('stepCreateUser'); }
/** * Exports posts. */ public function exportPosts($offset, $limit) { $sql = "SELECT\t\t*\n\t\t\tFROM\t\t" . $this->databasePrefix . "kunena_messages kunena_messages\n\t\t\tLEFT JOIN\t" . $this->databasePrefix . "kunena_messages_text kunena_messages_text\n\t\t\tON\t\t(kunena_messages_text.mesid = kunena_messages.id)\n\t\t\tWHERE\t\tid BETWEEN ? AND ?\n\t\t\tORDER BY\tid"; $statement = $this->database->prepareStatement($sql); $statement->execute(array($offset + 1, $offset + $limit)); while ($row = $statement->fetchArray()) { ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['id'], array('threadID' => $row['thread'], 'userID' => $row['userid'], 'username' => $row['name'], 'subject' => $row['subject'], 'message' => self::fixBBCodes($row['message']), 'time' => $row['time'], 'ipAddress' => UserUtil::convertIPv4To6($row['ip']), 'isClosed' => $row['locked'] ? 1 : 0, 'editorID' => null)); } }
/** * Returns the ip address and attempts to convert into IPv4. * * @return string */ public function getIpAddress() { return UserUtil::convertIPv6To4($this->ipAddress); }
/** * Exports gallery images. */ public function exportGalleryImages($offset, $limit) { // get ids $imageIDs = array(); $sql = "SELECT\t\tphotoID\n\t\t\tFROM\t\twcf" . $this->dbNo . "_user_gallery\n\t\t\tWHERE\t\tphotoID BETWEEN ? AND ?\n\t\t\tORDER BY\tphotoID"; $statement = $this->database->prepareStatement($sql); $statement->execute(array($offset + 1, $offset + $limit)); while ($row = $statement->fetchArray()) { $imageIDs[] = $row['photoID']; } if (empty($imageIDs)) { return; } // get tags $tags = $this->getTags('com.woltlab.wcf.user.gallery.photo', $imageIDs); // get categories $categories = array(); $conditionBuilder = new PreparedStatementConditionBuilder(); $conditionBuilder->add('photo_to_category.objectType = ?', array('photo')); $conditionBuilder->add('photo_to_category.objectID IN (?)', array($imageIDs)); $sql = "SELECT\t\tphoto_to_category.*\n\t\t\tFROM\t\twcf" . $this->dbNo . "_user_gallery_category_to_object photo_to_category\n\t\t\tLEFT JOIN\twcf" . $this->dbNo . "_user_gallery_category category\n\t\t\tON\t\t(category.categoryID = photo_to_category.categoryID)\n\t\t\t" . $conditionBuilder; $statement = $this->database->prepareStatement($sql); $statement->execute($conditionBuilder->getParameters()); while ($row = $statement->fetchArray()) { if (!isset($categories[$row['objectID']])) { $categories[$row['objectID']] = array(); } $categories[$row['objectID']][] = $row['categoryID']; } // get images $conditionBuilder = new PreparedStatementConditionBuilder(); $conditionBuilder->add('user_gallery.photoID IN (?)', array($imageIDs)); $sql = "SELECT\t\tuser_gallery.*\n\t\t\tFROM\t\twcf" . $this->dbNo . "_user_gallery user_gallery\n\t\t\t" . $conditionBuilder; $statement = $this->database->prepareStatement($sql); $statement->execute($conditionBuilder->getParameters()); while ($row = $statement->fetchArray()) { $additionalData = array('fileLocation' => $this->fileSystemPath . 'images/photos/photo-' . $row['photoID'] . ($row['photoHash'] ? '-' . $row['photoHash'] : '') . '.' . $row['fileExtension']); if (isset($tags[$row['photoID']])) { $additionalData['tags'] = $tags[$row['photoID']]; } if (isset($categories[$row['photoID']])) { $additionalData['categories'] = array_unique($categories[$row['photoID']]); } ImportHandler::getInstance()->getImporter('com.woltlab.gallery.image')->import($row['photoID'], array('userID' => $row['ownerID'] ?: null, 'username' => $row['username'], 'albumID' => $row['albumID'] ?: null, 'title' => $row['title'], 'description' => $row['description'], 'filename' => $row['filename'], 'fileExtension' => $row['fileExtension'], 'filesize' => $row['filesize'], 'comments' => $row['comments'], 'views' => $row['views'], 'uploadTime' => $row['uploadTime'], 'creationTime' => $row['creationTime'], 'width' => $row['width'], 'height' => $row['height'], 'camera' => $row['camera'], 'latitude' => $row['latitude'], 'longitude' => $row['longitude'], 'ipAddress' => UserUtil::convertIPv4To6($row['ipAddress'])), $additionalData); } }
/** * Exports posts. */ public function exportPosts($offset, $limit) { $sql = "SELECT\t\t*\n\t\t\tFROM\t\t" . $this->databasePrefix . "posts\n\t\t\tWHERE\t\tpid BETWEEN ? AND ?\n\t\t\tORDER BY\tpid"; $statement = $this->database->prepareStatement($sql); $statement->execute(array($offset + 1, $offset + $limit)); while ($row = $statement->fetchArray()) { ImportHandler::getInstance()->getImporter('com.woltlab.wbb.post')->import($row['pid'], array('threadID' => $row['topic_id'], 'userID' => $row['author_id'], 'username' => $row['author_name'] ?: '', 'message' => self::fixMessage($row['post']), 'time' => $row['post_date'], 'isDeleted' => $row['queued'] == 3 ? 1 : 0, 'isDisabled' => $row['queued'] == 2 ? 1 : 0, 'lastEditTime' => $row['edit_time'] ?: 0, 'editorID' => null, 'editReason' => $row['post_edit_reason'], 'ipAddress' => UserUtil::convertIPv4To6($row['ip_address']), 'deleteTime' => $row['pdelete_time'])); } }
/** * Creates a new session. */ protected function create() { // create new session hash $sessionID = StringUtil::getRandomID(); // get user automatically $this->user = UserAuthenticationFactory::getUserAuthentication()->loginAutomatically(call_user_func(array($this->sessionClassName, 'supportsPersistentLogins'))); // create user if ($this->user === null) { // no valid user found // create guest user $this->user = new User(null); } if ($this->user->userID != 0) { // user is no guest // delete all other sessions of this user call_user_func(array($this->sessionEditorClassName, 'deleteUserSessions'), array($this->user->userID)); } // save session $this->session = call_user_func(array($this->sessionEditorClassName, 'create'), array('sessionID' => $sessionID, 'packageID' => PACKAGE_ID, 'userID' => $this->user->userID, 'username' => $this->user->username === null ? '' : $this->user->username, 'ipAddress' => UserUtil::getIpAddress(), 'userAgent' => UserUtil::getUserAgent(), 'lastActivityTime' => TIME_NOW, 'requestURI' => UserUtil::getRequestURI(), 'requestMethod' => !empty($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : '')); }
/** * Queries server to verify successful response. * * @param string $challenge * @param string $response */ protected function verify($challenge, $response) { $request = new HTTPRequest('http://www.google.com/recaptcha/api/verify', array('timeout' => 10), array('privatekey' => $this->privateKey, 'remoteip' => UserUtil::getIpAddress(), 'challenge' => $challenge, 'response' => $response)); try { $request->execute(); $reply = $request->getReply(); $reCaptchaResponse = explode("\n", $reply['body']); if (StringUtil::trim($reCaptchaResponse[0]) === "true") { return self::VALID_ANSWER; } else { return StringUtil::trim($reCaptchaResponse[1]); } } catch (SystemException $e) { return self::ERROR_NOT_REACHABLE; } }
/** * @see \wcf\system\condition\IContentCondition::showContent() */ public function showContent(Condition $condition) { return $condition->usesMobileBrowser && UserUtil::usesMobileBrowser() || !$condition->usesMobileBrowser && !UserUtil::usesMobileBrowser(); }