コード例 #1
0
ファイル: autosave.php プロジェクト: erico-deh/ocPortal
/**
 * Declare that an action succeeded - delete safety autosave cookies.
 */
function clear_ocp_autosave()
{
    $or_list = '';
    foreach (array_keys($_COOKIE) as $key) {
        if (substr($key, 0, 13) == 'ocp_autosave_') {
            require_code('users_active_actions');
            // Has to do both, due to inconsistencies with how PHP reads and sets cookies -- reading de-urlencodes (although not strictly needed), whilst setting does not urlencode; may differ between versions
            ocp_setcookie(urlencode($key), '0', true);
            ocp_setcookie($key, '0', true);
            if ($or_list != '') {
                $or_list .= ' OR ';
            }
            $or_list .= db_string_equal_to('a_key', $key);
        }
    }
    if ($or_list != '') {
        $GLOBALS['SITE_DB']->query('DELETE FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'autosave WHERE a_time<' . strval(time() - 60 * 60 * 24) . ' OR (a_member_id=' . strval(intval(get_member())) . ' AND (' . $or_list . '))');
    }
}
コード例 #2
0
ファイル: support.php プロジェクト: erico-deh/ocPortal
/**
 * Determine whether the user's browser supports cookies or not.
 * Unfortunately this function will only return true once a user has been to the site more than once... ocPortal will set a cookie, and if it perseveres, that indicates cookies work.
 *
 * @return boolean		Whether the user has definitely got cookies
 */
function has_cookies()
{
    global $HAS_COOKIES;
    if ($HAS_COOKIES !== NULL) {
        return $HAS_COOKIES;
    }
    /*if (($GLOBALS['DEBUG_MODE']) && (get_param_integer('keep_debug_has_cookies',0)==0) && (!running_script('occle')))	We know this works by now, was tested for years. Causes annoyance when developing
    	{
    		$_COOKIE=array();
    		return false;
    	}*/
    if (isset($_COOKIE['has_cookies'])) {
        $HAS_COOKIES = true;
        return true;
    }
    require_code('users_active_actions');
    ocp_setcookie('has_cookies', '1');
    $HAS_COOKIES = false;
    return false;
}
コード例 #3
0
ファイル: aef.php プロジェクト: erico-deh/ocPortal
 /**
  * Create a member login cookie.
  *
  * @param  MEMBER			The member id
  * @param  ?SHORT_TEXT	The username (NULL: lookup)
  * @param  string			The password
  */
 function forum_create_cookie($id, $name, $password)
 {
     global $SITE_INFO;
     $cookie_prefix = preg_replace('/\\[logpass\\]/', '', $SITE_INFO['pass_cookie']);
     unset($name);
     unset($password);
     $row = $this->get_member_row($id);
     $logpass = $row['cookpass'];
     //cookie var [logpass]
     $loguid = $row['id'];
     //cookie var [loguid]
     if (empty($logpass)) {
         $logpass = $this->generateRandStr(32);
         $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'users SET cookpass=\'' . db_escape_string($logpass) . '\' WHERE id=' . strval((int) $id), 1);
     }
     //Set a COOKIE of User ID
     ocp_setcookie($cookie_prefix . '[loguid]', $loguid);
     //Set a CookPass
     ocp_setcookie($cookie_prefix . '[logpass]', $logpass);
     $session_row = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'sessions WHERE uid=' . strval((int) $id), 1);
     $session_row = !empty($session_row[0]) ? $session_row[0] : array();
     $session_id = !empty($session_row['sid']) ? $session_row['sid'] : '';
     if (!empty($session_id)) {
         $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'sessions SET time=' . strval(time()) . ' WHERE uid=' . strval((int) $id), 1);
     } else {
         $session_id = strtolower($this->generateRandStr(32));
         $this->connection->query_insert('sessions', array('sid' => $session_id, 'uid' => $id, 'time' => time(), 'data' => '', 'ip' => $row['r_ip']));
     }
     //Now lets try and set a COOKIE of AEF Session ID
     @ocp_setcookie($cookie_prefix . '[aefsid]', $session_id);
     $_COOKIE[$cookie_prefix . '[logpass]'] = $logpass;
     $_COOKIE[$cookie_prefix . '[loguid]'] = strval($loguid);
     $_COOKIE[$cookie_prefix . '[aefsid]'] = $session_id;
 }
コード例 #4
0
ファイル: login.php プロジェクト: erico-deh/ocPortal
 /**
  * The actualiser for toggling invisible mode.
  *
  * @return tempcode	The UI.
  */
 function invisible()
 {
     if (get_option('is_on_invisibility') == '1') {
         $visible = array_key_exists(get_session_id(), $GLOBALS['SESSION_CACHE']) && $GLOBALS['SESSION_CACHE'][get_session_id()]['session_invisible'] == 0;
     } else {
         $visible = false;
         // Small fudge: always say thay are not visible now, so this will make them visible -- because they don't have permission to be invisible
     }
     $title = get_page_title($visible ? 'INVISIBLE' : 'BE_VISIBLE');
     $GLOBALS['SITE_DB']->query_update('sessions', array('session_invisible' => $visible ? 1 : 0), array('the_user' => get_member(), 'the_session' => get_session_id()), '', 1);
     global $SESSION_CACHE;
     if ($SESSION_CACHE[get_session_id()]['the_user'] == get_member()) {
         $SESSION_CACHE[get_session_id()]['session_invisible'] = $visible ? 1 : 0;
         if (get_value('session_prudence') !== '1') {
             persistant_cache_set('SESSION_CACHE', $SESSION_CACHE);
         }
     }
     decache('side_users_online');
     // Store in cookie, if we have login cookies around
     if (array_key_exists(get_member_cookie(), $_COOKIE)) {
         require_code('users_active_actions');
         ocp_setcookie(get_member_cookie() . '_invisible', strval($visible ? 1 : 0));
         $_COOKIE[get_member_cookie() . '_invisible'] = strval($visible ? 1 : 0);
     }
     $url = get_param('redirect', NULL);
     if (is_null($url)) {
         $_url = build_url(array('page' => ''), '');
         $url = $_url->evaluate();
     }
     return redirect_screen($title, $url, do_lang_tempcode('SUCCESS'));
 }
コード例 #5
0
ファイル: phpbb3.php プロジェクト: erico-deh/ocPortal
 /**
  * Create a member login cookie.
  *
  * @param  MEMBER			The member id
  * @param  ?SHORT_TEXT	The username (NULL: lookup)
  * @param  string			The password
  */
 function forum_create_cookie($id, $name, $password)
 {
     unset($name);
     unset($password);
     $member_cookie_name = get_member_cookie();
     $colon_pos = strpos($member_cookie_name, ':');
     if ($colon_pos !== false) {
         $base = substr($member_cookie_name, 0, $colon_pos);
         $real_member_cookie = substr($member_cookie_name, $colon_pos + 1);
         $real_pass_cookie = substr(get_pass_cookie(), $colon_pos + 1);
         $real_session_cookie = 'sid';
     } else {
         $real_member_cookie = $member_cookie_name;
         $real_pass_cookie = get_pass_cookie();
         $real_session_cookie = preg_replace('#\\_u$#', '_sid', $real_member_cookie);
     }
     $hash = substr(uniqid(strval(mt_rand(0, 32000)), true), 0, 17);
     $this->connection->query_insert('sessions_keys', array('key_id' => md5($hash), 'user_id' => $id, 'last_ip' => ip2long(get_ip_address()), 'last_login' => time()));
     $session_id = uniqid(strval(mt_rand(0, 32000)), true);
     $this->connection->query_insert('sessions', array('session_id' => $session_id, 'session_user_id' => $id, 'session_forum_id' => 0, 'session_last_visit' => time(), 'session_start' => time(), 'session_time' => time(), 'session_ip' => get_ip_address(), 'session_browser' => get_browser_string(), 'session_forwarded_for' => '', 'session_page' => '', 'session_viewonline' => 1, 'session_autologin' => 1, 'session_admin' => $this->_is_super_admin($id)));
     $cookie = serialize(array($real_member_cookie => strval($id), $real_pass_cookie => $hash, $real_session_cookie => $session_id));
     if ($colon_pos !== false) {
         ocp_setcookie($base, $cookie);
         $_COOKIE[$base] = $cookie;
     } else {
         ocp_setcookie($real_member_cookie, strval($id));
         ocp_setcookie($real_pass_cookie, $hash);
         ocp_setcookie($real_session_cookie, $session_id);
         $_COOKIE[$real_member_cookie] = strval($id);
         $_COOKIE[$real_pass_cookie] = $hash;
         $_COOKIE[$real_session_cookie] = $session_id;
     }
 }
コード例 #6
0
ファイル: chat.php プロジェクト: erico-deh/ocPortal
 /**
  * Save the user's options into a cookie.
  *
  * @return tempcode		The UI
  */
 function chat_options()
 {
     $title = get_page_title('ROOM');
     $value = post_param('text_colour', get_option('chat_default_post_colour')) . ';' . post_param('font_name', get_option('chat_default_post_font')) . ';';
     require_code('users_active_actions');
     ocp_setcookie('ocp_chat_prefs', $value);
     $url = build_url(array('page' => '_SELF', 'type' => 'room', 'id' => get_param('id'), 'no_reenter_message' => 1), '_SELF');
     return redirect_screen($title, $url, do_lang_tempcode('SUCCESS'));
 }
コード例 #7
0
ファイル: ipb3.php プロジェクト: erico-deh/ocPortal
 /**
  * Create a member login cookie.
  *
  * @param  MEMBER			The member id
  * @param  ?SHORT_TEXT	The username (NULL: lookup)
  * @param  string			The password
  */
 function forum_create_cookie($id, $name, $password)
 {
     unset($name);
     unset($password);
     // User
     ocp_setcookie(get_member_cookie(), strval($id));
     $_COOKIE[get_member_cookie()] = strval($id);
     // Password
     $_password = $this->get_member_row_field($id, 'member_login_key');
     ocp_setcookie(get_pass_cookie(), $_password);
     $_COOKIE[get_pass_cookie()] = $_password;
     // Set stronghold
     global $SITE_INFO;
     if (array_key_exists('stronghold_cookies', $SITE_INFO) && $SITE_INFO['stronghold_cookies'] == 1) {
         $ip_octets = explode('.', ocp_srv('REMOTE_ADDR'));
         $crypt_salt = md5(get_db_forums_password() . get_db_forums_user());
         $a = get_member_cookie();
         $b = get_pass_cookie();
         for ($i = 0; $i < strlen($a) && $i < strlen($b); $i++) {
             if ($a[$i] != $b[$i]) {
                 break;
             }
         }
         $cookie_prefix = substr($a, 0, $i);
         $stronghold = md5(md5(strval($id) . '-' . $ip_octets[0] . '-' . $ip_octets[1] . '-' . $_password) . $crypt_salt);
         ocp_setcookie($cookie_prefix . 'ipb_stronghold', $stronghold);
     }
 }
コード例 #8
0
ファイル: occle.php プロジェクト: erico-deh/ocPortal
 /**
  * Change the current working directory. Equivalent to Unix "cd".
  *
  * @param  array				The target directory path
  * @return boolean			Success?
  */
 function change_directory($target_directory)
 {
     //Change the current directory
     if ($this->_is_dir($target_directory)) {
         $this->pwd = $target_directory;
         ocp_setcookie('occle_dir', $this->_pwd_to_string($target_directory));
         return true;
     } else {
         return false;
     }
 }
コード例 #9
0
ファイル: ocf.php プロジェクト: erico-deh/ocPortal
 /**
  * Handle flood control for members.
  *
  * @param  MEMBER			The member ID that just got detected
  */
 function ocf_flood_control($id)
 {
     global $NON_PAGE_SCRIPT;
     if ($NON_PAGE_SCRIPT == 1) {
         return;
     }
     global $FLOOD_CONTROL_ONCE;
     if ($FLOOD_CONTROL_ONCE) {
         return;
     }
     $FLOOD_CONTROL_ONCE = true;
     if (get_page_name() == 'join') {
         return;
     }
     if (!running_script('index') && !running_script('iframe')) {
         return;
     }
     require_code('ocf_groups');
     // Set last visit time session cookie if it doesn't exist
     if (!array_key_exists('last_visit', $_COOKIE) && $GLOBALS['FORUM_DRIVER']->get_guest_id() != $id) {
         require_code('users_active_actions');
         $lvt = $this->get_member_row_field($id, 'm_last_visit_time');
         ocp_setcookie('last_visit', is_null($lvt) ? strval(time()) : strval($lvt), true);
         $new_visit = true;
     } else {
         $new_visit = false;
     }
     // Do some flood control
     $submitting = count($_POST) > 0 && get_param('type', NULL) !== 'ed' && get_param('type', NULL) !== 'ec' && !running_script('preview');
     $restrict = $submitting ? 'flood_control_submit_secs' : 'flood_control_access_secs';
     $restrict_setting = $submitting ? 'm_last_submit_time' : 'm_last_visit_time';
     $restrict_answer = ocf_get_best_group_property($this->get_members_groups($id), $restrict);
     if (!$submitting && array_key_exists('redirect', $_GET)) {
         $restrict_answer = 0;
     }
     if ($restrict_answer < 0) {
         $restrict_answer = 0;
     }
     $last = $this->get_member_row_field($id, $restrict_setting);
     if ($last > time()) {
         $last = time() - $restrict_answer;
     }
     // Weird clock problem
     $wait_time = $restrict_answer - time() + $last;
     if ($wait_time > 0 && addon_installed('stats')) {
         require_code('site');
         log_stats('/flood', 0);
         $time_threshold = 30;
         $count_threshold = 50;
         $query = 'SELECT COUNT(*) FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'stats WHERE date_and_time>' . strval(time() - $time_threshold) . ' AND date_and_time<' . strval(time()) . ' AND ' . db_string_equal_to('ip', get_ip_address());
         $count = $GLOBALS['SITE_DB']->query_value_null_ok_full($query);
         if ($count >= $count_threshold && addon_installed('securitylogging')) {
             $ip = get_ip_address();
             require_code('failure');
             add_ip_ban($ip);
             require_code('notifications');
             dispatch_notification('auto_ban', NULL, do_lang('AUTO_BAN_SUBJECT', $ip, NULL, NULL, get_site_default_lang()), do_lang('AUTO_BAN_DOS_MESSAGE', $ip, integer_format($count_threshold), integer_format($time_threshold), get_site_default_lang()), NULL, A_FROM_SYSTEM_PRIVILEGED);
         }
         if (!function_exists('require_lang')) {
             require_code('lang');
         }
         if (!function_exists('do_lang_tempcode')) {
             require_code('tempcode');
         }
         require_lang('ocf');
         warn_exit(do_lang_tempcode('FLOOD_CONTROL_RESTRICT', integer_format($wait_time)));
     }
     $extra = $submitting ? array('m_last_submit_time' => time()) : array();
     $dif = time() - $this->get_member_row_field($id, 'm_last_visit_time');
     if ($dif < 0) {
         $dif = 0;
     }
     // can happen if system clock changes
     if (is_guest($id)) {
         if (get_value('session_prudence') !== '1') {
             global $SESSION_CACHE;
             $num_guests = 0;
             foreach ($SESSION_CACHE as $c) {
                 if (!array_key_exists('the_user', $c)) {
                     continue;
                 }
                 // Workaround to HipHop PHP weird bug
                 if ($c['last_activity'] > time() - 60 * 4 && is_guest($c['the_user'])) {
                     $num_guests++;
                 }
             }
             $dif *= $num_guests;
         } else {
             $restrict_answer = 0;
         }
     }
     if ($submitting || count($_POST) == 0 && $dif > $wait_time) {
         if ($restrict_answer != 0 || $dif > 180 || $new_visit) {
             $old_ip = $this->get_member_row_field($id, 'm_ip_address');
             $change_map = array('m_last_visit_time' => time());
             if (get_ip_address() != $old_ip) {
                 $change_map['m_ip_address'] = get_ip_address();
             }
             if (get_db_type() != 'xml') {
                 $this->connection->query_update('f_members', $change_map + $extra, array('id' => $id), '', 1, NULL, false, true);
             }
         }
     }
 }
コード例 #10
0
ファイル: vb3.php プロジェクト: erico-deh/ocPortal
 /**
  * Create a member login cookie.
  *
  * @param  MEMBER			The member id
  * @param  ?SHORT_TEXT	The username (NULL: lookup)
  * @param  string			The password
  */
 function forum_create_cookie($id, $name, $password)
 {
     unset($name);
     unset($password);
     // User
     ocp_setcookie(get_member_cookie(), strval($id));
     $_COOKIE[get_member_cookie()] = strval($id);
     // Password
     $password_hashed = $this->get_member_row_field($id, 'password');
     global $SITE_INFO;
     $_password = md5($password_hashed . $SITE_INFO['vb_unique_id']);
     ocp_setcookie(get_pass_cookie(), $_password);
     $_COOKIE[get_pass_cookie()] = $_password;
 }
コード例 #11
0
ファイル: wowbb.php プロジェクト: erico-deh/ocPortal
 /**
  * Create a member login cookie.
  *
  * @param  MEMBER			The member id
  * @param  ?SHORT_TEXT	The username (NULL: lookup)
  * @param  string			The password
  */
 function forum_create_cookie($id, $name, $password)
 {
     /*// User
     		ocp_setcookie(get_member_cookie(),$id);
     		$_COOKIE[get_member_cookie()]=$id;
     
     		// Password
     		$_password=md5($id.$password);
     		ocp_setcookie(get_pass_cookie(),$_password);
     		$_COOKIE[get_pass_cookie()]=$_password;*/
     if (is_null($name)) {
         $name = $this->get_username($id);
     }
     $data = $name . '||' . md5($password) . '||0||||||||';
     ocp_setcookie('wowbb', $data);
     $_COOKIE['wowbb'] = $data;
 }
コード例 #12
0
ファイル: phpbb2.php プロジェクト: erico-deh/ocPortal
 /**
  * Create a member login cookie.
  *
  * @param  MEMBER			The member id
  * @param  ?SHORT_TEXT	The username (NULL: lookup)
  * @param  string			The password
  */
 function forum_create_cookie($id, $name, $password)
 {
     unset($name);
     unset($password);
     $member_cookie_name = get_member_cookie();
     $colon_pos = strpos($member_cookie_name, ':');
     $base = substr($member_cookie_name, 0, $colon_pos);
     $real_member_cookie = substr($member_cookie_name, $colon_pos + 1);
     $real_pass_cookie = substr(get_pass_cookie(), $colon_pos + 1);
     $hash = substr(uniqid(strval(mt_rand(0, 32000)), true), 0, 17);
     $cookie = serialize(array($real_member_cookie => strval($id), $real_pass_cookie => $hash));
     $this->connection->query_insert('sessions', array('session_id' => md5($hash), 'session_user_id' => $id, 'session_ip' => ip2long(get_ip_address()), 'session_time' => time()));
     ocp_setcookie($base, $cookie);
     $_COOKIE[$base] = $cookie;
 }
コード例 #13
0
ファイル: calendar.php プロジェクト: erico-deh/ocPortal
/**
 * Detect calendar matches in a time period, in user-time.
 *
 * @param  MEMBER			The member to detect conflicts for
 * @param  boolean		Whether to restrict only to viewable events for the current member
 * @param  ?TIME			The timestamp that found times must exceed. In user-time (NULL: use find_periods_recurrence default)
 * @param  ?TIME			The timestamp that found times must not exceed. In user-time (NULL: use find_periods_recurrence default)
 * @param  ?array			The type filter (NULL: none)
 * @param  boolean		Whether to include RSS events in the results
 * @return array			A list of events happening, with time details
 */
function calendar_matches($member_id, $restrict, $period_start, $period_end, $filter = NULL, $do_rss = true)
{
    if (is_null($period_start)) {
        $period_start = utctime_to_usertime(time());
    }
    if (is_null($period_end)) {
        $period_end = utctime_to_usertime(time() + 60 * 60 * 24 * 360 * 20);
    }
    $matches = array();
    $where = '';
    if ($restrict) {
        if ($where != '') {
            $where .= ' AND ';
        }
        $where .= '(e_submitter=' . strval((int) $member_id) . ' OR e_is_public=1)';
    }
    if (!is_null($filter)) {
        foreach ($filter as $a => $b) {
            if ($b == 0) {
                if ($where != '') {
                    $where .= ' AND ';
                }
                $where .= 'e_type<>' . strval((int) substr($a, 4));
            }
        }
    }
    if ($where != '') {
        $where .= ' AND ';
    }
    $where .= '(validated=1 OR e_is_public=0)';
    if (addon_installed('syndication_blocks')) {
        // Determine what feeds to overlay
        $feed_urls_todo = array();
        for ($i = 0; $i < 10; $i++) {
            $feed_url = post_param('feed_' . strval($i), ocp_admirecookie('feed_' . strval($i), ''));
            require_code('users_active_actions');
            ocp_setcookie('feed_' . strval($i), $feed_url);
            if ($feed_url != '' && preg_match('#^[\\w\\d\\-\\_]*$#', $feed_url) == 0) {
                $feed_urls_todo[$feed_url] = NULL;
            }
        }
        $_event_types = list_to_map('id', $GLOBALS['SITE_DB']->query_select('calendar_types', array('id', 't_title', 't_logo', 't_external_feed')));
        foreach ($_event_types as $j => $_event_type) {
            if ($_event_type['t_external_feed'] != '' && (is_null($filter) || !array_key_exists($_event_type['id'], $filter) || $filter[$_event_type['id']] == 1) && has_category_access(get_member(), 'calendar', strval($_event_type['id']))) {
                $feed_urls_todo[$_event_type['t_external_feed']] = $_event_type['id'];
            }
            $_event_types[$j]['text_original'] = get_translated_text($_event_type['t_title']);
        }
        $event_types = collapse_2d_complexity('text_original', 't_logo', $_event_types);
        // Overlay it
        foreach ($feed_urls_todo as $feed_url => $event_type) {
            $temp_file_path = ocp_tempnam('feed');
            require_code('files');
            $write_to_file = fopen($temp_file_path, 'wb');
            http_download_file($feed_url, 1024 * 512, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $write_to_file);
            if ($GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'] == 'text/calendar' || $GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'] == 'application/octet-stream') {
                $data = file_get_contents($temp_file_path);
                require_code('calendar_ical');
                $whole = end(explode('BEGIN:VCALENDAR', $data));
                $events = explode('BEGIN:VEVENT', $whole);
                $calendar_nodes = array();
                foreach ($events as $key => $items) {
                    $items = preg_replace('#(.+)\\n +(.*)\\n#', '${1}${2}' . "\n", $items);
                    // Merge split lines
                    $nodes = explode("\n", $items);
                    foreach ($nodes as $_child) {
                        if (strpos($_child, ':') === false) {
                            continue;
                        }
                        $child = array('', '');
                        $in_quotes = false;
                        $j = 0;
                        for ($i = 0; $i < strlen($_child); $i++) {
                            $char = $_child[$i];
                            if ($char == '"') {
                                $in_quotes = !$in_quotes;
                            }
                            if ($j != 1 && !$in_quotes && $char == ':') {
                                $j++;
                            } else {
                                $child[$j] .= $char;
                            }
                        }
                        $matches2 = array();
                        if (preg_match('#;TZID=(.*)#', $child[0], $matches2)) {
                            $calendar_nodes[$key]['TZID'] = $matches2[1];
                        }
                        $child[0] = preg_replace('#;.*#', '', $child[0]);
                        if (array_key_exists("1", $child) && $child[0] !== 'PRODID' && $child[0] !== 'VERSION' && $child[0] !== 'END') {
                            $calendar_nodes[$key][$child[0]] = str_replace(array('\\n', '\\,'), array("\n", ','), trim($child[1]));
                        }
                    }
                    if ($key != 0) {
                        list($full_url, $type_id, $type, $recurrence, $recurrences, $seg_recurrences, $title, $content, $priority, $is_public, $start_year, $start_month, $start_day, $start_hour, $start_minute, $end_year, $end_month, $end_day, $end_hour, $end_minute, $timezone, $validated, $allow_rating, $allow_comments, $allow_trackbacks, $notes) = get_event_data_ical($calendar_nodes[$key]);
                        $is_public = 1;
                        $event = array('e_recurrence' => $recurrence, 'e_content' => $content, 'e_title' => $title, 'e_id' => $feed_url, 'e_priority' => $priority, 't_logo' => 'calendar/rss', 'e_recurrences' => $recurrences, 'e_seg_recurrences' => $seg_recurrences, 'e_is_public' => $is_public, 'e_start_year' => $start_year, 'e_start_month' => $start_month, 'e_start_day' => $start_day, 'e_start_hour' => $start_hour, 'e_start_minute' => $start_minute, 'e_end_year' => $end_year, 'e_end_month' => $end_month, 'e_end_day' => $end_day, 'e_end_hour' => $end_hour, 'e_end_minute' => $end_minute, 'e_timezone' => $timezone);
                        if (!is_null($event_type)) {
                            $event['t_logo'] = $_event_types[$event_type]['t_logo'];
                        }
                        if (!is_null($type)) {
                            $event['t_title'] = $type;
                            if (array_key_exists($type, $event_types)) {
                                $event['t_logo'] = $event_types[$type];
                            }
                        }
                        $their_times = find_periods_recurrence($timezone, 0, $start_year, $start_month, $start_day, $start_hour, $start_minute, $end_year, $end_month, $end_day, $end_hour, $end_minute, $recurrence, $recurrences, $period_start, $period_end);
                        // Now search every combination to see if we can get a hit
                        foreach ($their_times as $their) {
                            $matches[] = array($full_url, $event, $their[0], $their[1], $their[2], $their[3], $their[4], $their[5]);
                        }
                    }
                }
            } else {
                require_code('rss');
                $rss = new rss($temp_file_path, true);
                $content = new ocp_tempcode();
                foreach ($rss->gleamed_items as $item) {
                    if (array_key_exists('guid', $item)) {
                        $full_url = $item['guid'];
                    } elseif (array_key_exists('comment_url', $item)) {
                        $full_url = $item['comment_url'];
                    } elseif (array_key_exists('full_url', $item)) {
                        $full_url = $item['full_url'];
                    } else {
                        $full_url = '';
                    }
                    if (array_key_exists('title', $item) && array_key_exists('clean_add_date', $item) && $full_url != '') {
                        $event = array('e_recurrence' => 'none', 'e_content' => array_key_exists('news', $item) ? $item['news'] : '', 'e_title' => $item['title'], 'e_id' => $full_url, 'e_priority' => 'na', 't_logo' => 'calendar/rss', 'e_recurrences' => 1, 'e_seg_recurrences' => '', 'e_is_public' => 1, 'e_timezone' => get_users_timezone());
                        if (!is_null($event_type)) {
                            $event['t_logo'] = $_event_types[$event_type]['t_logo'];
                        }
                        if (array_key_exists('category', $item)) {
                            $event['t_title'] = $item['category'];
                            if (array_key_exists($item['category'], $event_types)) {
                                $event['t_logo'] = $event_types[$item['category']];
                            }
                        }
                        $from = utctime_to_usertime($item['clean_add_date']);
                        if ($from >= $period_start && $from < $period_end) {
                            $event += array('e_start_year' => date('Y', $from), 'e_start_month' => date('m', $from), 'e_start_day' => date('D', $from), 'e_start_hour' => date('H', $from), 'e_start_minute' => date('i', $from), 'e_end_year' => NULL, 'e_end_month' => NULL, 'e_end_day' => NULL, 'e_end_hour' => NULL, 'e_end_minute' => NULL);
                            $matches[] = array($full_url, $event, $from, NULL, $from, NULL, $from, NULL);
                        }
                    }
                }
            }
            @unlink($temp_file_path);
        }
    }
    if ($where != '') {
        $where .= ' AND ';
    }
    $where .= '(((e_start_month>=' . strval(intval(date('m', $period_start)) - 1) . ' AND e_start_year=' . date('Y', $period_start) . ' OR e_start_year>' . date('Y', $period_start) . ') AND (e_start_month<=' . strval(intval(date('m', $period_end)) + 1) . ' AND e_start_year=' . date('Y', $period_end) . ' OR e_start_year<' . date('Y', $period_end) . ')) OR ' . db_string_not_equal_to('e_recurrence', 'none') . ')';
    $where = ' WHERE ' . $where;
    $event_count = $GLOBALS['SITE_DB']->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_events e LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_types t ON e.e_type=t.id' . $where);
    if ($event_count > 2000) {
        attach_message(do_lang_tempcode('TOO_MANY_TO_CHOOSE_FROM'), 'inform');
        return array();
    }
    $events = $GLOBALS['SITE_DB']->query('SELECT *,e.id AS e_id FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_events e LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_types t ON e.e_type=t.id' . $where);
    foreach ($events as $event) {
        if (!has_category_access(get_member(), 'calendar', strval($event['e_type']))) {
            continue;
        }
        $their_times = find_periods_recurrence($event['e_timezone'], $event['e_do_timezone_conv'], $event['e_start_year'], $event['e_start_month'], $event['e_start_day'], $event['e_start_hour'], $event['e_start_minute'], $event['e_end_year'], $event['e_end_month'], $event['e_end_day'], $event['e_end_hour'], $event['e_end_minute'], $event['e_recurrence'], $event['e_recurrences'], $period_start, $period_end);
        // Now search every combination to see if we can get a hit
        foreach ($their_times as $their) {
            $matches[] = array($event['e_id'], $event, $their[0], $their[1], $their[2], $their[3], $their[4], $their[5]);
        }
    }
    global $M_SORT_KEY;
    $M_SORT_KEY = 2;
    usort($matches, 'multi_sort');
    return $matches;
}
コード例 #14
0
ファイル: smf.php プロジェクト: erico-deh/ocPortal
 /**
  * Create a member login cookie.
  *
  * @param  MEMBER			The member id
  * @param  ?SHORT_TEXT	The username (NULL: lookup)
  * @param  string			The password
  */
 function forum_create_cookie($id, $name, $password)
 {
     unset($name);
     unset($password);
     list($stub, ) = explode(':', get_member_cookie());
     if (!$GLOBALS['SMF_NEW'] || !function_exists('sha1')) {
         $row = $this->get_member_row($id);
         $_password = $this->forum_md5($row['passwd'], 'ys');
         $bits = explode('::', $_password);
         $_password = $bits[0];
     } elseif (function_exists('sha1')) {
         $row = $this->get_member_row($id);
         $_password = sha1($row['passwd'] . $row['passwordSalt']);
     }
     $data = array($id, $_password, time() + get_cookie_days() * 24 * 60 * 60, 3);
     ocp_setcookie($stub, serialize($data));
     $_COOKIE[$stub] = strval($id);
 }
コード例 #15
0
/**
 * Process a login.
 *
 * @param  ID_TEXT		Username
 */
function handle_active_login($username)
{
    global $SESSION_CACHE;
    $result = array();
    $member_cookie_name = get_member_cookie();
    $colon_pos = strpos($member_cookie_name, ':');
    if ($colon_pos !== false) {
        $base = substr($member_cookie_name, 0, $colon_pos);
        $real_member_cookie = substr($member_cookie_name, $colon_pos + 1);
        $real_pass_cookie = substr(get_pass_cookie(), $colon_pos + 1);
        $serialized = true;
    } else {
        $real_member_cookie = get_member_cookie();
        $base = $real_member_cookie;
        $real_pass_cookie = get_pass_cookie();
        $serialized = false;
    }
    $password = trim(post_param('password'));
    $login_array = $GLOBALS['FORUM_DRIVER']->forum_authorise_login($username, NULL, apply_forum_driver_md5_variant($password, $username), $password);
    $member = $login_array['id'];
    // Run hooks, if any exist
    $hooks = find_all_hooks('systems', 'upon_login');
    foreach (array_keys($hooks) as $hook) {
        require_code('hooks/systems/upon_login/' . filter_naughty($hook));
        $ob = object_factory('upon_login' . filter_naughty($hook), true);
        if (is_null($ob)) {
            continue;
        }
        $ob->run(true, $username, $member);
        // true means "a new login attempt"
    }
    if (!is_null($member)) {
        $remember = post_param_integer('remember', 0);
        // Create invisibility cookie
        if (array_key_exists(get_member_cookie() . '_invisible', $_COOKIE) || $remember == 1) {
            $invisible = post_param_integer('login_invisible', 0);
            ocp_setcookie(get_member_cookie() . '_invisible', strval($invisible));
            $_COOKIE[get_member_cookie() . '_invisible'] = strval($invisible);
        }
        // Store the cookies
        if ($remember == 1) {
            global $IS_A_COOKIE_LOGIN;
            $IS_A_COOKIE_LOGIN = true;
            // Create user cookie
            if (method_exists($GLOBALS['FORUM_DRIVER'], 'forum_create_cookie')) {
                $GLOBALS['FORUM_DRIVER']->forum_create_cookie($member, NULL, $password);
            } else {
                if ($GLOBALS['FORUM_DRIVER']->is_cookie_login_name()) {
                    $name = $GLOBALS['FORUM_DRIVER']->get_username($member);
                    if ($serialized) {
                        $result[$real_member_cookie] = $name;
                    } else {
                        ocp_setcookie(get_member_cookie(), $name, false, true);
                        $_COOKIE[get_member_cookie()] = $name;
                    }
                } else {
                    if ($serialized) {
                        $result[$real_member_cookie] = $member;
                    } else {
                        ocp_setcookie(get_member_cookie(), strval($member), false, true);
                        $_COOKIE[get_member_cookie()] = strval($member);
                    }
                }
                // Create password cookie
                if (!$serialized) {
                    if ($GLOBALS['FORUM_DRIVER']->is_hashed()) {
                        ocp_setcookie(get_pass_cookie(), apply_forum_driver_md5_variant($password, $username), false, true);
                    } else {
                        ocp_setcookie(get_pass_cookie(), $password, false, true);
                    }
                } else {
                    if ($GLOBALS['FORUM_DRIVER']->is_hashed()) {
                        $result[$real_pass_cookie] = apply_forum_driver_md5_variant($password, $username);
                    } else {
                        $result[$real_pass_cookie] = $password;
                    }
                    $_result = serialize($result);
                    ocp_setcookie($base, $_result, false, true);
                }
            }
        }
        // Create session
        require_code('users_inactive_occasionals');
        create_session($member, 1, post_param_integer('login_invisible', 0) == 1);
    } else {
        $GLOBALS['SITE_DB']->query_insert('failedlogins', array('failed_account' => substr(trim(post_param('login_username')), 0, 80), 'date_and_time' => time(), 'ip' => get_ip_address()));
        $count = $GLOBALS['SITE_DB']->query_value_null_ok_full('SELECT COUNT(*) FROM ' . get_table_prefix() . 'failedlogins WHERE date_and_time>' . strval(time() - 60 * 15) . ' AND ' . db_string_equal_to('ip', get_ip_address()));
        if ($count > 30) {
            log_hack_attack_and_exit('BRUTEFORCE_LOGIN_HACK');
        }
    }
}
コード例 #16
0
ファイル: mybb.php プロジェクト: erico-deh/ocPortal
 /**
  * Create a member login cookie.
  *
  * @param  MEMBER			The member id
  * @param  ?SHORT_TEXT	The username (NULL: lookup)
  * @param  string			The password
  */
 function forum_create_cookie($id, $name, $password)
 {
     global $SITE_INFO;
     unset($name);
     unset($password);
     $row = $this->get_member_row($id);
     $loginkey = $row['loginkey'];
     //used for 'mybbuser' memberid.'_'.'loginkey'
     $loguid = $row['uid'];
     //member id
     //Set a User COOKIE
     ocp_setcookie('mybbuser', $loguid . '_' . $loginkey);
     $current_ip = get_ip_address();
     $session_row = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'sessions WHERE ' . db_string_equal_to('ip', $current_ip), 1);
     $session_row = !empty($session_row[0]) ? $session_row[0] : array();
     $session_id = !empty($session_row['sid']) ? $session_row['sid'] : '';
     if (!empty($session_id)) {
         $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'sessions SET time=' . strval(time()) . ', uid=' . strval($loguid) . ' WHERE ' . db_string_equal_to('sid', $session_id), 1);
     } else {
         $session_id = md5(strval(time()));
         $this->connection->query_insert('sessions', array('sid' => $session_id, 'uid' => $id, 'time' => time(), 'ip' => $current_ip));
     }
     //Now lets try and set a COOKIE of MyBB Session ID
     @ocp_setcookie('sid', $session_id);
     $_COOKIE['mybbuser'] = strval($loguid) . '_' . $loginkey;
     $_COOKIE['sid'] = $session_id;
 }