function bh_get_total_bandwidth($username, $type) { $bandrows = select_bhdb("bandwidth", array("username" => $username, "type" => $type), ""); foreach ($bandrows as $bandrow) { $totalbytes += $bandrow['bytes']; } return $totalbytes; }
function bh_filelink_get($filecode, $what) { $filecoderows = select_bhdb("filecodes", array("filecode" => $filecode), ""); if (empty($filecoderows)) { return false; } else { return $filecoderows[0][$what]; } }
function bh_setview($username, $filepath, $view) { # Get our prefs for this dir, if we have any $filepathrows = select_bhdb("usersviews", array("username" => $username, "filepath" => $filepath), 1); if (empty($filepathrows)) { insert_bhdb("usersviews", array("username" => $username, "filepath" => $filepath, "view" => $view), ""); } else { update_bhdb("usersviews", array("view" => $view), array("username" => $username, "filepath" => $filepath)); } }
function bh_authenticate($username, $password) { $md5password = md5($password); $authrows = select_bhdb("users", array('username' => $username, 'password' => $md5password), 1); if (empty($authrows)) { return 0; } elseif ($authrows[0]['disabled'] == 1) { return -1; } else { return 1; } }
function bh_changeconfig($variable, $value) { global $bhconfig; # See if it's already in the db. $rows = select_bhdb("config", array("variable" => $variable), 1); # If it is... if (!empty($rows)) { # Update it update_bhdb("config", array("value" => addslashes($value)), array("variable" => $variable)); } else { # Add it insert_bhdb("config", array("variable" => $variable, "value" => addslashes($value))); } }
function sendtotype($usertype) { $userrows = select_bhdb("users", array("type" => $usertype), ""); if (empty($userrows)) { return false; } $fails = 0; foreach ($userrows as $userrow) { $result = $this->sendtouser($userrow['username']); if ($result == false) { $fails++; } } return $fails; }
function bh_authenticate($username, $password) { global $bhconfig; // first, verify that the user is allowed to use this application // look for the user in the user table $authrows = select_bhdb("users", array('username' => $username), 1); if (empty($authrows)) { return 0; } elseif ($authrows[0]['disabled'] == 1) { return -1; } // now check against LDAP $port = $bhconfig['ldapport'] ? $bhconfig['ldapport'] : 389; // Connect to LDAP server $ds = @ldap_connect($bhconfig['ldapsrv'], $port); if ($ds) { // Bind as anonymous $r = @ldap_bind($ds); // find user entry in the tree $sr = @ldap_search($ds, $bhconfig['ldapbase'], $bhconfig['ldapattr'] . "={$username}"); // Must find one entry, no more no less if (@ldap_count_entries($ds, $sr) != 1) { // user unknown @ldap_close($ds); return false; } // find entry in the result set if (($entry = @ldap_first_entry($ds, $sr)) == false) { // user unknown @ldap_close($ds); return 0; } // bind as the user to verify pasword $dn = ldap_get_dn($ds, $entry); $r = @ldap_bind($ds, $dn, $password); // Link no longer needed @ldap_close($ds); if ($r) { return true; } else { return false; } } else { return false; } }
#name Groups List #author Andrew Godwin #description Displays a list of groups, and lets you add users to them. #iscore 1 $layout = new bhadminlayout("groupslist"); if (empty($_POST['group'])) { $_POST['group'] = array(); } if (empty($_GET['group'])) { $_GET['group'] = array(); } $group = array_merge($_POST['group'], $_GET['group']); if ($group['action'] == "add") { $grouprows = select_bhdb("groupusers", array("username" => $group['username'], "group" => $group['group']), ""); if (empty($grouprows)) { $userrows = select_bhdb("users", array("username" => $group['username']), ""); if (empty($userrows)) { bh_add_logvars(array("username" => $group['username'], "group" => $group['group'])); bh_add_error($bhlang['error:user_does_not_exist']); } else { insert_bhdb("groupusers", array("username" => $group['username'], "group" => $group['group'])); bh_add_logvars(array("username" => $group['username'], "group" => $group['group'])); bh_add_notice($bhlang['notice:user_added_to_group']); } } else { bh_add_logvars(array("username" => $group['username'], "group" => $group['group'])); bh_add_error($bhlang['error:user_is_in_group']); } } if ($group['action'] == "remove") { delete_bhdb("groupusers", array("username" => $group['username'], "group" => $group['group']));
# Open layout object $layoutobj = new bhlayout("generic"); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:signup']; $layoutobj->content1 = "<br><br>" . $bhlang['error:username_invalid']; $layoutobj->display(); } else { # Generate a random new ten-letter password $alphabetanumba = "abcdefghijklmnopqrstuvwxyz0123456789"; $newpass = ""; $max = strlen($alphabetanumba) - 1; $length = 10; for ($i = 0; $i <= $length; $i++) { $newpass .= substr($alphabetanumba, rand(0, $max), 1); } $userirows = select_bhdb("userinfo", array("username" => $resetrows[0]['username'], "itemname" => "email"), ""); $emailaddr = $userirows[0]['itemcontent']; # Send the email with the new password # Email them about it with the validation link $emailobj = new bhemail($emailaddr); $emailobj->subject = str_replace("#SITENAME#", $bhconfig['sitename'], $bhlang['emailsubject:passreset_new_password']); $emailobj->message = str_replace("#PASSWORD#", $newpass, $bhlang['email:passreset_new_password']); $emailaway = $emailobj->send(); if ($emailaway == false) { # Open layout object $layoutobj = new bhlayout("generic"); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:signup']; $layoutobj->content1 = "<br><br>" . $bhlang['error:email_error']; $layoutobj->display(); } else {
} } if ($_GET['action'] == "reject") { $regrows = select_bhdb("registrations", array("regid" => $_GET['regid'], "username" => $_GET['username']), ""); if (empty($regrows)) { log_bh($bhlang['error:registration_doesnt_exist'], "BH_ERROR"); } else { # Delete the reg row delete_bhdb("registrations", array("regid" => $_GET['regid'], "username" => $_GET['username'])); # Email the user $emailobj = new bhemail($regrows[0]['email']); $emailobj->subject = str_replace("#SITENAME#", $bhconfig['sitename'], $bhlang['emailsubject:registration_rejected']); $emailobj->message = str_replace("#USERNAME#", $regrows[0]['username'], $bhlang['email:registration_rejected']); $emailaway = $emailobj->send(); # All done. Say so. bh_log(str_replace("#USER#", $_GET['username'], $bhlang['notice:#USER#_rejected']), "BH_NOTICE"); } } } if ($bhconfig['signupmoderation'] == 0) { $layout = new bhadminlayout("generic"); $layout->content1 = $bhlang['notice:registration_moderation_off']; $layout->title = $bhlang['title:registrations_administration']; $layout->display(); } else { $layout = new bhadminlayout("regslist"); $registrations = select_bhdb("registrations", array("status" => "1"), ""); $layout->content1 = $registrations; $layout->title = $bhlang['title:registrations_administration']; $layout->display(); }
function set_grouprights($group, $status, $recursion = 1) { if ($this->is_dir() && $recursion == 1) { $this->loadfile(); foreach ($this->filecontents as $file2set) { $file2setobj = new bhfile($file2set['filepath']); $file2setobj->set_grouprights($group, $status); } } if ($status >= 0) { $grouprows = select_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath), ""); if (!empty($grouprows)) { update_bhdb("aclgroups", array("status" => $status), array("group" => $group, "filepath" => $this->filepath)); } else { insert_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath, "status" => $status)); } } else { delete_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath)); } }
} else { # Tell them what they did wrong bh_log($bhlang['error:old_password_invalid'], "BH_ERROR"); } } # See if there's an incoming profile change request if (!empty($_POST['changeprofile'])) { # Go through the options and add/update them foreach ($_POST['changeprofile'] as $option => $value) { $optionrows = select_bhdb("userinfo", array("username" => $bhsession['username'], "itemname" => $option), ""); if (empty($optionrows)) { insert_bhdb("userinfo", array("username" => $bhsession['username'], "itemname" => $option, "itemcontent" => $value)); } else { update_bhdb("userinfo", array("itemcontent" => $value), array("username" => $bhsession['username'], "itemname" => $option)); } } # Say it's updated bh_log($bhlang['notice:profile_saved'], "BH_NOTICE"); } # Get user profile info $profilerows = select_bhdb("userinfo", array("username" => $bhsession['username']), ""); $profile = array(); foreach ($profilerows as $profilerow) { $profile[$profilerow['itemname']] = $profilerow['itemcontent']; } # Open layout object $layoutobj = new bhlayout("options"); # Send the content to the layout $layoutobj->title = $bhlang['title:options']; $layoutobj->content1 = $profile; $layoutobj->display();
function set_grouprights($group, $status) { $grouprows = select_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath), ""); if (!empty($grouprows)) { update_bhdb("aclgroups", array("status" => $status), array("group" => $group, "filepath" => $this->filepath)); } else { insert_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath, "status" => $status)); } }
function bh_authenticate($username, $password) { global $dbconfig, $bhconfig; $oldprefix = $dbconfig['prefix']; $olddb = $dbconfig['db']; $dbconfig['prefix'] = $bhconfig['phpbb_prefix']; $dbconfig['db'] = $bhconfig['phpbb_db']; $md5password = md5($password); $authrows = select_bhdb("users", array('username' => $username, 'user_password' => $md5password), 1); $dbconfig['prefix'] = $oldprefix; $dbconfig['db'] = $olddb; if (empty($authrows)) { return 0; } else { return 1; } }
function bh_updatemoduledb() { global $bhconfig; # Open modules folder $handle = opendir($bhconfig['bhfilepath'] . "/modules/"); # Go through and see if modules are in db. while (false !== ($file = readdir($handle))) { if (!preg_match("/^\\.{1,2}\$/", $file)) { $filerow = select_bhdb("modules", array("file" => $file), ""); if (empty($filerow)) { # Open file and check through for name etc. $filearray = file($bhconfig['bhfilepath'] . "/modules/" . $file); $nameline = preg_grep("/^#name.*\$/", $filearray); $name = substr(current($nameline), 6); $descline = preg_grep("/^#description.*\$/", $filearray); $desc = substr(current($descline), 13); $authline = preg_grep("/^#author.*\$/", $filearray); $auth = substr(current($authline), 8); insert_bhdb("modules", array("module" => str_replace(".inc.php", "", $file), "file" => $file, "name" => $name, "author" => $auth, "description" => $desc)); } } } }
<?php /* * ByteHoard 2.1 * Copyright (c) Andrew Godwin & contributors 2005 * * Module * $Id: filelinks.inc.php,v 1.1 2005/07/28 20:11:47 andrewgodwin Exp $ * */ #name File Links #author Andrew Godwin #description Lets the administrator delete a file link if necessary. #iscore 1 if (!empty($_GET['deletelink'])) { bh_filelink_remove($_GET['deletelink']); bh_log($bhlang['notice:filelink_deleted'], "BH_NOTICE"); } $flinks = select_bhdb("filecodes", "", ""); foreach ($flinks as $flink) { $filecodes[$flink['username']][$flink['email']][$flink['filecode']] = $flink; } $layoutobj = new bhadminlayout("filelinks"); $layoutobj->content1 = $filecodes; $layoutobj->title = $bhlang['title:filelinks']; $layoutobj->display();
function bh_text($textname) { $textrows = select_bhdb("texts", array("textname" => $textname), 1); return $textrows[0]['textbody']; }
require "modules/login.inc.php"; } } else { # This means that The Administrator must Approve this User. # So, up the status of the regrow to 1 if it exists. Or tell them to go away. $regrows = select_bhdb("registrations", array("regid" => $_GET['confirmregid'], "username" => $_GET['username']), ""); if (empty($regrows)) { # Open layout object $layoutobj = new bhlayout("generic"); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:signup']; $layoutobj->content1 = "<br><br>" . $bhlang['error:validation_link_wrong']; $layoutobj->display(); } else { # check if it's already at stage 1. $regs1rows = select_bhdb("registrations", array("regid" => $_GET['confirmregid'], "username" => $_GET['username'], "status" => "0"), ""); if (empty($regs1rows)) { # Open layout object $layoutobj = new bhlayout("generic"); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:signup']; $layoutobj->content1 = "<br><br>" . $bhlang['notice:validation_already_done_pending_approval']; $layoutobj->display(); } else { # Up the reg row status update_bhdb("registrations", array("status" => "1"), array("regid" => $_GET['confirmregid'], "username" => $_GET['username'])); # All done. Say so. bh_log($bhlang['log:user_validated_'] . $username, "BH_SIGNUP_VALIDATED"); bh_log($bhlang['log:user_signup_m_pending_'] . $username, "BH_SIGNUP_M_PENDING"); # Open layout object $layoutobj = new bhlayout("generic");
function bh_log($message, $type) { global $bhlang, $bhcurrent, $bhconfig, $bherrors; # This is the all-singing, all-dancing logging system. # First, retrieve all actions matching this type from the database $matchingactions = select_bhdb("logactions", array("type" => $type), ""); # Then, see if there are some, and go through them if there are. if (!empty($matchingactions)) { foreach ($matchingactions as $matchingaction) { # Try to match the action to the ones we know about. switch ($matchingaction['action']) { case "fileappend": case "logtofile": # Append to a file. Check if we have a filename, or just log to the default one. if (!empty($matchingaction['parameters'])) { $fn = @fopen($bhconfig['bhfilepath'] . "/" . $matchingaction['parameters'], "a"); @fputs($fn, time() . ":" . $_SERVER['REMOTE_ADDR'] . ":" . $message . "\n"); @fclose($fn); } elseif (!empty($bhconfig['logfile'])) { $fn = @fopen($bhconfig['bhfilepath'] . "/" . $bhconfig['logfile'], "a"); @fputs($fn, time() . ":" . $_SERVER['REMOTE_ADDR'] . ":" . $message . "\n"); @fclose($fn); } else { $fn = @fopen($bhconfig['bhfilepath'] . "/log", "a"); @fputs($fn, time() . ":" . $_SERVER['REMOTE_ADDR'] . ":" . $message . "\n"); @fclose($fn); } break; case "email": # Email it to someone. Check for a specified email address, or fail. if (!empty($matchingaction['parameters'])) { $emailobj = new bhemail($matchingaction['parameters']); $emailobj->subject = "Notification from ByteHoard @ " . $_SERVER['HTTP_HOST']; $emailobj->sig = "\n\n\nPowered by ByteHoard " . $bhconfig['version'] . " / Sent at " . date("l dS F Y h:i:s A"); $emailobj->message = $message; $emailobj->send(); } else { # Nothing to do. Oh well. } break; case "emailtype": # Email it to them. Check for a specified type, or fail. if (!empty($matchingaction['parameters'])) { $emailobj = new bhemail(); $emailobj->subject = "Notification from ByteHoard @ " . $_SERVER['HTTP_HOST']; $emailobj->sig = "\n\n\nPowered by ByteHoard " . $bhconfig['version'] . " / Sent at " . date("l dS F Y h:i:s A"); $emailobj->message = $message; $emailobj->sendtotype($matchingaction['parameters']); } else { # Nothing to do. Oh well. } break; case "onscreen": # Set error in template thingmywatsit. $bherrors[] = array('message' => $message, 'type' => $matchingaction['parameters']); break; } } } else { # Set error in template thingmywatsit. $bherrors[] = array('message' => $message, 'type' => 'warning'); } }
# FileLink/FileMail functions # File array $file = file($_GET['file']) or die("I'm sorry. That isn't a valid file."); # Loooop through foreach ($file as $num => $line) { if (substr($line, 0, 1) == "#" || substr($line, 0, 1) == ";" || trim($line) == "") { } else { $linearray = explode(",", $line); if (empty($linearray[0])) { die("No username provided! Line " . ($num + 1)); } elseif (empty($linearray[1])) { die("No password provided! Line " . ($num + 1)); } elseif (empty($linearray[2])) { die("No email provided! Line " . ($num + 1)); } else { $userrows = select_bhdb("users", array("username" => $linearray[0]), ""); if (empty($userrows)) { if (empty($linearray[4])) { $linearray[4] = "normal"; } bh_adduser($linearray[0], $linearray[1], bh_fpclean("/" . $linearray[0]), $linearray[4]); insert_bhdb("userinfo", array("username" => $linearray[0], "itemname" => "fullname", "itemcontent" => empty($linearray[3]))); insert_bhdb("userinfo", array("username" => $linearray[0], "itemname" => "email", "itemcontent" => empty($linearray[2]))); echo "User " . $linearray[0] . " added! <br>\n\r"; } else { echo "User " . $linearray[0] . " exists, not added. <br>\n\r"; } } } } echo $num + 1 . " lines processed. Finished.";
/* * ByteHoard 2.1 * Copyright (c) Andrew Godwin & contributors 2004 * * Installer2 - Database Script File * $Id$ * */ # Database scripts expect the following: # - $dbconfig (config.inc.php) loaded # - All bhdb_* functions loaded # - configfunc.inc.php loaded # 2.1b -> 2.1g # Import filecodes and users into memory $filecoderows = select_bhdb("filecodes", "", ""); $userrows = select_bhdb("users", "", ""); # Remove old tables drop_bhdb("filecodes"); drop_bhdb("users"); $insttables['filecodes'] = array("filecode" => array("type" => "varchar"), "filepath" => array("type" => "text"), "expires" => array("type" => "varchar"), "username" => array("type" => "varchar"), "email" => array("type" => "text"), "notify" => array("type" => "varchar")); $insttables['log'] = array("entryid" => array("type" => "varchar"), "time" => array("type" => "varchar"), "username" => array("type" => "varchar"), "ip" => array("type" => "varchar"), "type" => array("type" => "varchar"), "page" => array("type" => "text"), "filepath" => array("type" => "text"), "data" => array("type" => "text")); $insttables['users'] = array("username" => array("type" => "varchar"), "password" => array("type" => "varchar"), "homedir" => array("type" => "text"), "type" => array("type" => "varchar"), "disabled" => array("type" => "varchar"), "quota" => array("type" => "varchar")); $insttables['filecodereminders'] = array("filecode" => array("type" => "varchar"), "remindat" => array("type" => "varchar")); $insttables['satellitetransfers'] = array("transferid" => array("type" => "varchar"), "file" => array("type" => "text"), "offset" => array("type" => "varchar"), "length" => array("type" => "varchar")); # Add them foreach ($insttables as $tablename => $tablecontent) { $result = create_bhdb($tablename, $tablecontent); if ($result === FALSE) { $errors[] = $dbmoderror; } }
* Copyright (c) Andrew Godwin & contributors 2004 * * Module * $Id: edituser.inc.php,v 1.2 2005/06/17 18:52:00 andrewgodwin Exp $ * */ #name Add User #author Andrew Godwin #description Lets you edit a user. #iscore 1 $addusername = $_GET['username']; if (!empty($_POST['user'])) { $signup = $_POST['user']; $username = strtolower($signup['username']); $usernamerows = select_bhdb("users", array("username" => $username), ""); $regusernamerows = select_bhdb("registrations", array("username" => $username), ""); if (!empty($usernamerows) || !empty($regusernamerows) || $username == "guest" || $username == "admin" || $username == "administrator" || $username == "all") { bh_log($bhlang['error:username_in_use'], BH_ERROR); # Open layout object $layoutobj = new bhadminlayout("generic"); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:add_user']; $layoutobj->display(); } elseif (strlen($username) > 255) { bh_log($bhlang['error:username_too_long'], BH_ERROR); # Open layout object $layoutobj = new bhadminlayout("generic"); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:add_user']; $layoutobj->display(); } else {
$uploadrows = select_bhdb("uploads", array("sessionid" => session_id()), 1); if (empty($uploadrows) || $uploadrows[0]['status'] == "uploading") { $layoutobj = new bhlayout("popup_upload"); $layoutobj->display(); } elseif ($uploadrows[0]['status'] = "finished") { # Echo window closing script $str = "<html>\n<head>\n</head>\n<body>\n<script>self.close();</script>\n</body>\n</html>"; echo $str; # Remove entry in DB delete_bhdb("uploads", array("sessionid" => session_id())); } else { bh_log("Fatal error in upload notification system", "BH_ERROR"); } } elseif (count($fupload) > 0) { # Notify the popup to close $uploadrows = select_bhdb("uploads", array("sessionid" => session_id()), 1); if (empty($uploadrows)) { insert_bhdb("uploads", array("sessionid" => session_id(), "status" => "finished")); } else { update_bhdb("uploads", array("status" => "finished"), array("sessionid" => session_id())); } # Calculate used bandwidth foreach ($fupload as $fileinfo) { bh_bandwidth($bhsession['username'], "up", $fileinfo['size']); } # Check they can write to the destination directory if (bh_checkrights($infolder, $bhsession['username']) >= 2) { foreach ($fupload as $fileinfo) { # If it's a valid upload... if (empty($fileinfo['name']) !== TRUE) { # Check the file actually exists.
/* * ByteHoard 2.1 * Copyright (c) Andrew Godwin & contributors 2004 * * Installer2 - Database Script File * $Id$ * */ # Database scripts expect the following: # - $dbconfig (config.inc.php) loaded # - All bhdb_* functions loaded # - configfunc.inc.php loaded # 2.1a -> 2.1b # Import filecodes into memory $filecoderows = select_bhdb("filecodes", "", ""); # Remove old filecodes table drop_bhdb("filecodes"); $insttables['modulesdirectory'] = array("module" => array("type" => "varchar"), "status" => array("type" => "varchar")); $insttables['packages'] = array("code" => array("type" => "varchar"), "name" => array("type" => "varchar"), "description" => array("type" => "text"), "version" => array("type" => "varchar"), "type" => array("type" => "varchar")); $insttables['passwordresets'] = array("username" => array("type" => "varchar"), "resetid" => array("type" => "varchar"), "time" => array("type" => "varchar")); $insttables['registrations'] = array("regid" => array("type" => "varchar"), "username" => array("type" => "varchar"), "password" => array("type" => "varchar"), "email" => array("type" => "text"), "fullname" => array("type" => "text"), "status" => array("type" => "varchar"), "regtime" => array("type" => "varchar")); $insttables['filecodes'] = array("filecode" => array("type" => "varchar"), "filepath" => array("type" => "text"), "expires" => array("type" => "varchar"), "username" => array("type" => "varchar"), "email" => array("type" => "text")); # Add them foreach ($insttables as $tablename => $tablecontent) { $result = create_bhdb($tablename, $tablecontent); if ($result === FALSE) { $errors[] = $dbmoderror; } } # Right. Now add New Stuff (TM)