PHP restricted_manually_enabled_backdoorの例

プログラミング言語: PHP

メソッド/関数: restricted_manually_enabled_backdoor

hotexamples.comのコード掲載数: 2

PHP restricted_manually_enabled_backdoor - 2件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたPHPのrestricted_manually_enabled_backdoorの実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

コード例 #1

ファイルを表示

ファイル: ocp_test_case.php プロジェクト: erico-deh/ocPortal

 function establish_admin_session()
 {
     global $MEMBER_CACHED;
     require_code('users_active_actions');
     $MEMBER_CACHED = restricted_manually_enabled_backdoor();
     $this->dump($this->_browser->getContent());
 }

コード例 #2

ファイルを表示

ファイル: users.php プロジェクト: erico-deh/ocPortal

/**
 * Get the ID of the currently active member.
 * It see's if the session exists / cookie is valid -- and gets the member id accordingly
 *
 * @param  boolean		Whether to just do a quick check, don't establish new sessions
 * @return MEMBER			The member requesting this web page (possibly the guest member - which strictly speaking, is not a member)
 */
function get_member($quick_only = false)
{
    global $SESSION_CACHE, $MEMBER_CACHED, $GETTING_MEMBER, $SITE_INFO;
    if ($MEMBER_CACHED !== NULL) {
        $GETTING_MEMBER = false;
        return $MEMBER_CACHED;
    }
    // If lots of aging sessions, clean out
    reset($SESSION_CACHE);
    if (count($SESSION_CACHE) > 50 && $SESSION_CACHE[key($SESSION_CACHE)]['last_activity'] < time() - 60 * 60 * max(1, intval(get_option('session_expiry_time')))) {
        delete_expired_sessions_or_recover();
    }
    // Try via backdoor that someone with full server access can place
    $backdoor_ip_address = mixed();
    // Enable to a real IP address to force login from FTP access (if lost admin password)
    if (array_key_exists('backdoor_ip', $SITE_INFO)) {
        $backdoor_ip_address = $SITE_INFO['backdoor_ip'];
    }
    if (is_string($backdoor_ip_address) && get_ip_address() == $backdoor_ip_address) {
        require_code('users_active_actions');
        $MEMBER_CACHED = restricted_manually_enabled_backdoor();
        // Will have created a session in here already
        return $MEMBER_CACHED;
    }
    if ($GETTING_MEMBER) {
        if (!isset($GLOBALS['FORUM_DRIVER'])) {
            return db_get_first_id();
        }
        // :S
        return $GLOBALS['FORUM_DRIVER']->get_guest_id();
    }
    $GETTING_MEMBER = true;
    global $FORCE_INVISIBLE_GUEST;
    if ($FORCE_INVISIBLE_GUEST) {
        $GETTING_MEMBER = false;
        if (!isset($GLOBALS['FORUM_DRIVER'])) {
            fatal_exit(do_lang_tempcode('INTERNAL_ERROR'));
        }
        $MEMBER_CACHED = $GLOBALS['FORUM_DRIVER']->get_guest_id();
        return $MEMBER_CACHED;
    }
    $member = NULL;
    $cookie_bits = explode(':', str_replace('|', ':', get_member_cookie()));
    $base = $cookie_bits[0];
    // Try by session
    $session = get_session_id();
    if ($session != -1 && get_param_integer('keep_force_htaccess', 0) == 0) {
        $ip = get_ip_address(3);
        // I hope AOL can cope with this
        $allow_unbound_guest = true;
        // Note: Guest sessions are not IP bound
        $member_row = NULL;
        if ($SESSION_CACHE !== NULL && array_key_exists($session, $SESSION_CACHE) && $SESSION_CACHE[$session] !== NULL && array_key_exists('the_user', $SESSION_CACHE[$session]) && (get_option('ip_strict_for_sessions') == '0' || $SESSION_CACHE[$session]['ip'] == $ip || is_guest($SESSION_CACHE[$session]['the_user']) && $allow_unbound_guest || $SESSION_CACHE[$session]['session_confirmed'] == 0 && !is_guest($SESSION_CACHE[$session]['the_user'])) && $SESSION_CACHE[$session]['last_activity'] > time() - 60 * 60 * max(1, intval(get_option('session_expiry_time')))) {
            $member_row = $SESSION_CACHE[$session];
        }
        if ($member_row !== NULL && (!array_key_exists($base, $_COOKIE) || !is_guest($member_row['the_user']))) {
            $member = $member_row['the_user'];
            if ($member !== NULL && time() - $member_row['last_activity'] > 10) {
                //$GLOBALS['SITE_DB']->query_update('sessions',array('last_activity'=>time(),'the_zone'=>get_zone_name(),'the_page'=>get_page_name()),array('the_session'=>$session),'',1);  Done in get_page_title now
                $SESSION_CACHE[$session]['last_activity'] = time();
                if (get_value('session_prudence') !== '1') {
                    persistant_cache_set('SESSION_CACHE', $SESSION_CACHE);
                }
            }
            global $SESSION_CONFIRMED;
            $SESSION_CONFIRMED = $member_row['session_confirmed'];
            if (get_forum_type() == 'ocf') {
                $GLOBALS['FORUM_DRIVER']->ocf_flood_control($member);
            }
            if (!is_guest($member) && $GLOBALS['FORUM_DRIVER']->is_banned($member)) {
                warn_exit(do_lang_tempcode('USER_BANNED'));
            }
            // Test this member still exists
            if ($GLOBALS['FORUM_DRIVER']->get_username($member) === NULL) {
                $member = $GLOBALS['FORUM_DRIVER']->get_guest_id();
            }
            if (array_key_exists($base, $_COOKIE)) {
                global $IS_A_COOKIE_LOGIN;
                $IS_A_COOKIE_LOGIN = true;
            }
        } else {
            require_code('users_inactive_occasionals');
            set_session_id(-1);
        }
    }
    if ($member === NULL && get_session_id() == -1 && get_param_integer('keep_force_htaccess', 0) == 0) {
        // Try by cookie (will defer to forum driver to authorise against detected cookie)
        require_code('users_inactive_occasionals');
        $member = try_cookie_login();
        // Can forum driver help more directly?
        if (method_exists($GLOBALS['FORUM_DRIVER'], 'get_member')) {
            $member = $GLOBALS['FORUM_DRIVER']->get_member();
        }
    }
    // Try via additional login providers. They can choose whether to respect existing $member of get_session_id() settings. Some may do an account linkage, so we need to let them decide what to do.
    $hooks = find_all_hooks('systems', 'login_providers');
    foreach (array_keys($hooks) as $hook) {
        require_code('hooks/systems/login_providers/' . $hook);
        $ob = object_factory('Hook_login_provider_' . $hook);
        $member = $ob->try_login($member);
    }
    // Guest or banned
    if ($member === NULL) {
        $member = $GLOBALS['FORUM_DRIVER']->get_guest_id();
        $is_guest = true;
    } else {
        $is_guest = is_guest($member);
    }
    // If we are doing a very quick init, bomb out now - no need to establish session etc
    global $SITE_INFO;
    if ($quick_only) {
        $GETTING_MEMBER = false;
        return $member;
    }
    // If one of the try_* functions hasn't actually created the session, call it here
    $session = get_session_id();
    if ($session == -1) {
        require_code('users_inactive_occasionals');
        create_session($member);
    }
    // If we are logged in, maybe do some further processing
    if (!$is_guest) {
        // Is there a su operation?
        $ks = get_param('keep_su', '');
        if ($ks != '') {
            require_code('users_inactive_occasionals');
            $member = try_su_login($member);
        }
        // Run hooks, if any exist
        $hooks = find_all_hooks('systems', 'upon_login');
        foreach (array_keys($hooks) as $hook) {
            require_code('hooks/systems/upon_login/' . filter_naughty($hook));
            $ob = object_factory('upon_login' . filter_naughty($hook), true);
            if ($ob === NULL) {
                continue;
            }
            $ob->run(false, NULL, $member);
            // false means "not a new login attempt"
        }
    }
    // Ok we have our answer
    $MEMBER_CACHED = $member;
    $GETTING_MEMBER = false;
    // We call this to ensure any HTTP-auth specific code has a chance to run
    is_httpauth_login();
    return $member;
}