예제 #1
0
파일: fn.php 프로젝트: 10corp/playSMS
/**
 * Reset IP address login attempt counter
 *
 * @param string $label
 *        single label, can be $username or $uid, its up to the implementator
 * @param string $ip
 *        single IP address
 * @return boolean TRUE on resetted counter
 */
function firewall_hook_blacklist_clearip($label, $ip)
{
    $ret = FALSE;
    $hash = md5($label . $ip);
    if (registry_remove(0, 'feature', 'firewall', $hash)) {
        $ret = TRUE;
    }
    return $ret;
}
예제 #2
0
파일: fn.php 프로젝트: 10corp/playSMS
/**
 * Set option to site configuration
 *
 * @param array $config
 *        Partial or full site configuration
 * @return array Site configuration
 */
function site_config_set($config)
{
    global $user_config, $plugin_config;
    registry_remove($user_config['uid'], 'core', 'site_config');
    // save domain owner
    if ($user_config['status'] == 2 || $user_config['status'] == 3) {
        $items['uid'] = $user_config['uid'];
    } else {
        $items['uid'] = 0;
    }
    registry_update($user_config['uid'], 'core', 'site_config', $config);
    return site_config_get();
}
예제 #3
0
파일: fn.php 프로젝트: 10corp/playSMS
/**
 * Validate username and password
 *
 * @param string $username
 *        Username
 * @param string $password
 *        Password
 * @return boolean TRUE when validated or boolean FALSE when validation failed
 */
function auth_validate_login($username, $password)
{
    $uid = user_username2uid($username);
    _log('login attempt u:' . $username . ' uid:' . $uid . ' p:' . md5($password) . ' ip:' . $_SERVER['REMOTE_ADDR'], 3, 'auth_validate_login');
    // check blacklist
    if (blacklist_ifipexists($username, $_SERVER['REMOTE_ADDR'])) {
        _log('IP blacklisted u:' . $username . ' uid:' . $uid . ' ip:' . $_SERVER['REMOTE_ADDR'], 2, 'auth_validate_login');
        return FALSE;
    }
    if (user_banned_get($uid)) {
        _log('user banned u:' . $username . ' uid:' . $uid . ' ip:' . $_SERVER['REMOTE_ADDR'], 2, 'auth_validate_login');
        return FALSE;
    }
    $db_query = "SELECT password FROM " . _DB_PREF_ . "_tblUser WHERE flag_deleted='0' AND username='******'";
    $db_result = dba_query($db_query);
    $db_row = dba_fetch_array($db_result);
    $res_password = trim($db_row['password']);
    $password = md5($password);
    if ($password && $res_password && $password == $res_password) {
        _log('valid login u:' . $username . ' uid:' . $uid . ' ip:' . $_SERVER['REMOTE_ADDR'], 2, 'auth_validate_login');
        // remove IP on successful login
        blacklist_clearip($username, $_SERVER['REMOTE_ADDR']);
        return true;
    } else {
        $ret = registry_search(1, 'auth', 'tmp_password', $username);
        $tmp_password = $ret['auth']['tmp_password'][$username];
        if ($password && $tmp_password && $password == $tmp_password) {
            _log('valid login u:' . $username . ' uid:' . $uid . ' ip:' . $_SERVER['REMOTE_ADDR'] . ' using temporary password', 2, 'auth_validate_login');
            if (!registry_remove(1, 'auth', 'tmp_password', $username)) {
                _log('WARNING: unable to remove temporary password after successful login', 3, 'login');
            }
            // remove IP on successful login
            blacklist_clearip($username, $_SERVER['REMOTE_ADDR']);
            return true;
        }
    }
    // check blacklist
    blacklist_checkip($username, $_SERVER['REMOTE_ADDR']);
    _log('invalid login u:' . $username . ' uid:' . $uid . ' ip:' . $_SERVER['REMOTE_ADDR'], 2, 'auth_validate_login');
    return false;
}
예제 #4
0
        }
        header("Location: " . _u('index.php?app=main&inc=core_sender_id&op=sender_id_edit&id=' . $_REQUEST['id']));
        exit;
        break;
    case "toggle_status":
        $search = array('id' => $_REQUEST['id'], 'registry_family' => 'sender_id');
        foreach (registry_search_record($search) as $row) {
            $status = $row['registry_value'] == 0 ? 1 : 0;
            $items[$row['registry_key']] = $status;
            registry_update($row['uid'], 'features', 'sender_id', $items);
        }
        $_SESSION['dialog']['info'][] = ($status == 1 ? _('Sender ID is now approved') : _('Sender ID is now disabled')) . ' (' . _('Sender ID') . ': ' . $row['registry_key'] . ')';
        header("Location: " . _u('index.php?app=main&inc=core_sender_id&op=sender_id_list'));
        exit;
        break;
    case "sender_id_delete":
        $nav = themes_nav_session();
        $search = themes_search_session();
        $ref = $nav['url'] . '&search_keyword=' . $search['keyword'] . '&page=' . $nav['page'] . '&nav=' . $nav['nav'];
        $uid = auth_isadmin() && $data_sender_id[0]['uid'] ? $data_sender_id[0]['uid'] : $user_config['uid'];
        registry_remove($uid, 'features', 'sender_id', $data_sender_id[0]['registry_key']);
        registry_remove($uid, 'features', 'sender_id_description', $data_sender_id[0]['registry_key']);
        $default_sender_id = sender_id_default_get($uid);
        if (strtoupper($data_sender_id[0]['registry_key']) == strtoupper($default_sender_id)) {
            sender_id_default_set($data_sender_id[0]['uid'], '');
        }
        $_SESSION['dialog']['info'][] = _('Sender ID has been removed') . ' (' . _('Sender ID') . ': ' . $data_sender_id[0]['registry_key'] . ')';
        header("Location: " . _u($ref));
        exit;
        break;
}
예제 #5
0
     } else {
         $json['status'] = 'ERR';
         $json['error'] = '100';
     }
     $log_this = TRUE;
     break;
 case "WS_LOGIN":
     $user = user_getdatabyusername($u);
     if ($c_uid = $user['uid']) {
         // supplied login key
         $login_key = trim($_REQUEST['login_key']);
         // saved login key
         $reg = registry_search($c_uid, 'core', 'webservices', 'login_key');
         $c_login_key = trim($reg['core']['webservices']['login_key']);
         // immediately remove saved login key, only proceed upon successful removal
         if (registry_remove($c_uid, 'core', 'webservices', 'login_key')) {
             // auth by comparing login keys
             if ($login_key && $c_login_key && $login_key == $c_login_key) {
                 // setup login session
                 auth_session_setup($c_uid);
                 _log("webservices logged in u:" . $u . " ip:" . $_SERVER['REMOTE_ADDR'] . " op:" . _OP_, 3, "webservices");
             } else {
                 _log("webservices invalid login u:" . $u . " ip:" . $_SERVER['REMOTE_ADDR'] . " op:" . _OP_, 3, "webservices");
             }
         } else {
             _log("webservices error unable to remove registry u:" . $u . " ip:" . $_SERVER['REMOTE_ADDR'] . " op:" . _OP_, 3, "webservices");
         }
     } else {
         _log("webservices invalid user u:" . $u . " ip:" . $_SERVER['REMOTE_ADDR'] . " op:" . _OP_, 3, "webservices");
     }
     // redirect to index.php no matter what
예제 #6
0
파일: fn.php 프로젝트: 10corp/playSMS
/**
 * Remove account from banned account list
 *
 * @param integer $uid
 *        User ID
 * @return boolean TRUE if user successfully removed from banned user list
 */
function user_banned_remove($uid)
{
    if (registry_remove(1, 'auth', 'banned_users', $uid)) {
        _log('unbanned uid:' . $uid, 2, 'user_banned_remove');
        return TRUE;
    } else {
        return FALSE;
    }
}