function Upgrade_Slaytags_1_01(Module_Slaytags $module) { GWF_Website::addDefaultOutput(GWF_HTML::message('Slaytags', "BPM and Key")); $songs = GDO::table('Slay_Song'); $songs->createColumn('ss_bpm'); $songs->createColumn('ss_key'); }
function wccgpg_doit(WC_Challenge $chall, $user) { if ($user === false) { echo GWF_HTML::error('GPG', $chall->lang('err_login'), false); return; } if (!$user->hasValidMail()) { echo GWF_HTML::error('GPG', $chall->lang('err_no_mail')); return; } $receiver = $user->getValidMail(); if (!function_exists('gnupg_init')) { echo GWF_HTML::error('GPG', $chall->lang('err_server')); return; } if (false === ($fingerprint = GWF_PublicKey::getFingerprintForUser($user))) { $url = GWF_WEB_ROOT . 'account'; echo GWF_HTML::error('GPG', $chall->lang('err_no_gpg', $url), false); return; } $solution = WC_CryptoChall::generateSolution('OHOYOUGOTGPG!', true, false); $mail = new GWF_Mail(); $mail->setSubject($chall->lang('mail_s')); $mail->setSender(GWF_BOT_EMAIL); $mail->setReceiver($receiver); $mail->setBody($chall->lang('mail_b', array($user->displayUsername(), $solution))); if (false === $mail->sendToUser($user)) { echo GWF_HTML::err('ERR_MAIL_SENT'); } else { echo GWF_HTML::message('GPG', $chall->lang('msg_mail_sent', array(htmlspecialchars($receiver)))); } }
public function display($title = 'Error') { if ($this->is_error) { return GWF_HTML::error($title, $this->message); } else { return GWF_HTML::message($title, $this->message); } }
function dldc_cleanup() { $table = GDO::table('DLDC_User'); $table->deleteWhere("wechall_userid=" . GWF_Session::getUserID()); if ($table->affectedRows() > 0) { echo GWF_HTML::message('Disclosures', 'We have deleted your old account for this challenge!', false); } }
public function display($title = 'Error') { if ($this->isError()) { return GWF_HTML::error($title, (array) $this->msg); } else { return GWF_HTML::message($title, (array) $this->msg); } }
function Upgrade_Language_1_02(Module_Language $module) { echo GWF_HTML::message('GWF', 'Triggering Upgrade_Language_1_02'); echo GWF_HTML::message('GWF', 'Removing some outdated module vars ...'); echo GWF_HTML::message('GWF', 'Removing edit_time'); if (false === GWF_ModuleLoader::removeModuleVar($module, 'edit_time')) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
function Upgrade_Register_1_01(Module_Register $module) { echo GWF_HTML::message('GWF', 'Triggering Upgrade_Register_1_01'); echo GWF_HTML::message('GWF', 'The email field in user activation database is now UTF8.'); echo GWF_HTML::message('GWF', 'I simply re-created the table!'); if (false === GDO::table('GWF_UserActivation')->createTable(true)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
/** * We don't like the text "evilfunction" and "badmethod". */ function the_preg_match(WC_Challenge $chall, $text) { if (1 === preg_match('#^.*((?:badmethod)|(?:evilfunction)).*$#s', $text, $matches)) { echo GWF_HTML::error($chall->lang('title'), $chall->lang('evil', array($matches[1]))); return false; } else { echo GWF_HTML::message($chall->lang('title'), $chall->lang('lovely')); return true; } }
function Upgrade_GWF_1_04(Module_GWF $module) { $db = gdo_db(); $country = GWF_TABLE_PREFIX . 'country'; $query = "ALTER TABLE {$country} ADD COLUMN country_pop INT(11) UNSIGNED NOT NULL DEFAULT 0"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } GWF_HTML::message('GWF', '[+] GWF 1.04 (country population)', true, true); return ''; }
function Upgrade_Profile_1_01(Module_Profile $module) { $db = gdo_db(); $profile = GWF_TABLE_PREFIX . 'profile'; $query = "ALTER TABLE {$profile} ADD COLUMN prof_irc VARCHAR(255) CHARACTER SET ascii COLLATE ascii_bin"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } echo GWF_HTML::message('Profile', '[+] Profile IRC', false); return ''; }
private function fixFavCats() { require_once GWF_CORE_PATH . 'module/WeChall/WC_FavCats.php'; $cats = GWF_TABLE_PREFIX . 'wc_sitecat'; $table = GDO::table('WC_FavCats'); if (false === $table->deleteWhere("IF((SELECT 1 FROM {$cats} WHERE sitecat_name=wcfc_cat LIMIT 1), 0, 1)")) { echo GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } $num_deleted = $table->affectedRows(); echo GWF_HTML::message('WC', sprintf('Deleted %d invalid favcat links!', $num_deleted)); }
function Upgrade_WeChall_1_06(Module_WeChall $module) { GWF_Website::addDefaultOutput(GWF_HTML::message('WC5', "Regat table now stores challs_solved. (thx Jinx)")); $db = gdo_db(); $regat = GWF_TABLE_PREFIX . 'wc_regat'; $query = "ALTER TABLE {$regat} ADD COLUMN regat_challsolved INT(11) NOT NULL DEFAULT -1"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
function Upgrade_Profile_1_02(Module_Profile $module) { $db = gdo_db(); $profile = GWF_TABLE_PREFIX . 'profile'; $query = "ALTER TABLE {$profile} ADD COLUMN prof_poi_score INT(11) DEFAULT 0"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } echo GWF_HTML::message('Profile', '[+] Profile POI Score', false); return ''; }
function Upgrade_PM_1_04(Module_PM $module) { echo GWF_HTML::message('PM', 'Triggering Upgrade_PM_1_04'); echo GWF_HTML::message('PM', 'PM ignore reasons'); $db = gdo_db(); $pmi = GWF_TABLE_PREFIX . 'pm_ignore'; $query = "ALTER TABLE {$pmi} ADD COLUMN pmi_reason TEXT CHARACTER SET utf8 COLLATE utf8_general_ci"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
function Upgrade_PM_1_05(Module_PM $module) { echo GWF_HTML::message('PM', 'Triggering Upgrade_PM_1_05'); echo GWF_HTML::message('PM', 'PMO_user_level'); $db = gdo_db(); $pmo = GWF_TABLE_PREFIX . 'pm_options'; $query = "ALTER TABLE {$pmo} ADD COLUMN pmo_level INT(11) UNSIGNED DEFAULT 0"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
function Upgrade_News_1_01(Module_News $module) { if (false === gdo_db()->query('ALTER TABLE ' . GWF_TABLE_PREFIX . 'newstrans' . ' ADD COLUMN newst_threadid INT(11) UNSIGNED NOT NULL DEFAULT 0')) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } $msg = GWF_HTML::message('News', 'It is now possible to have news in forums.'); if (GWF_OUTPUT_BUFFERING) { echo $msg; } else { GWF_Website::addDefaultOutput($msg); } return ''; }
function Upgrade_GWF_3_10(Module_GWF $module) { echo GWF_HTML::message('GWF', 'Triggering Upgrade_GWF_3_10'); echo GWF_HTML::message('GWF', 'Removing some outdated module vars ...'); echo GWF_HTML::message('GWF', 'Removing log_404'); if (false === GWF_ModuleLoader::removeModuleVar($module, 'log_404')) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } echo GWF_HTML::message('GWF', 'Removing mail_404'); if (false === GWF_ModuleLoader::removeModuleVar($module, 'mail_404')) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
function Upgrade_GWF_3_04(Module_GWF $module) { echo GWF_HTML::message('GWF', 'Triggering Upgrade_GWF_3_04'); echo GWF_HTML::message('GWF', 'The email field in user database is now UTF8.'); $db = gdo_db(); $users = GWF_TABLE_PREFIX . 'user'; $query = "ALTER TABLE `{$users}` CHANGE `user_email` `user_email` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } $modules = GWF_TABLE_PREFIX . 'module'; $query = "ALTER TABLE `{$modules}` ADD UNIQUE `module_name` ( `module_name` )"; return ''; }
function Upgrade_WeChall_5_03(Module_WeChall $module) { GWF_Website::addDefaultOutput(GWF_HTML::message('WC5', "Sites can have multiple warboxes now. (thx awe)")); $module->includeClass('WC_Site'); $sites = GDO::table('WC_Site'); $columns = array('site_warport', 'site_warhost', 'site_war_rs', 'site_war_ip'); $back = ''; foreach ($columns as $column) { if (!$sites->dropColumn($column)) { $back .= GWF_HTML::lang('ERR_DATABASE', array(__FILE__, __LINE__)); } } return $back; }
function Upgrade_WeChall_1_03(Module_WeChall $module) { $db = gdo_db(); $sites = GWF_TABLE_PREFIX . 'wc_site'; $query = "ALTER TABLE {$sites} ADD COLUMN site_spc INT(11) UNSIGNED NOT NULL DEFAULT 25"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } $query = "ALTER TABLE {$sites} ADD COLUMN site_powarg INT(11) UNSIGNED NOT NULL DEFAULT 100"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } GWF_HTML::message('WC', '[+] Advanced Scoring by Caesum', true, true); return ''; }
function Upgrade_Links_1_03(Module_Links $module) { echo GWF_HTML::message('Links', 'Langauge filter'); $db = gdo_db(); $table = GWF_TABLE_PREFIX . 'links'; $query = "ALTER TABLE {$table} ADD COLUMN link_lang INT(11) UNSIGNED NOT NULL DEFAULT 1"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } $query = "ALTER TABLE {$table} ADD INDEX(link_lang)"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
function Upgrade_Links_1_02(Module_Links $module) { echo GWF_HTML::message('Links', 'Link Up/Down Checker'); $db = gdo_db(); $table = GWF_TABLE_PREFIX . 'links'; $query = "ALTER TABLE {$table} ADD COLUMN link_lastcheck INT(11) UNSIGNED NOT NULL DEFAULT 0"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } $query = "ALTER TABLE {$table} ADD COLUMN link_downcount INT(11) UNSIGNED NOT NULL DEFAULT 0"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
function Upgrade_PM_1_01(Module_PM $module) { echo GWF_HTML::message('PM', 'TRIGGERED Upgrade_PM_1_01'); echo GWF_HTML::message('PM', 'It is now possible to navigate prev/next for pms'); $db = gdo_db(); $pms = GWF_TABLE_PREFIX . 'pm'; $query = "ALTER TABLE {$pms} ADD COLUMN pm_in_reply INT(11) UNSIGNED NOT NULL DEFAULT 0"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } $query = "ALTER TABLE {$pms} ADD INDEX pm_in_reply(pm_in_reply)"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
function shadowlamb3solver(WC_Challenge $chall, $answer) { if (!GWF_Session::isLoggedIn()) { echo GWF_HTML::error('Shadowlamb', 'Better login first!'); return; } $code = WC5Lamb_Solution::validateSolution3($answer, GWF_Session::getUserID()); switch ($code) { case 1: echo GWF_HTML::message('Shadowlamb', $chall->lang('msg_right')); $chall->onChallengeSolved(GWF_Session::getUserID()); break; default: echo GWF_HTML::error('Shadowlamb', $chall->lang('err_wrong_' . $code)); break; } }
function Upgrade_GWF_3_05(Module_GWF $module) { echo GWF_HTML::message('GWF', 'Triggering Upgrade_GWF_3_05'); echo GWF_HTML::message('GWF', 'The module_name column got a unique index.'); $db = gdo_db(); $modules = GWF_TABLE_PREFIX . 'module'; // $query = "ALTER TABLE `$modules` DROP INDEX `module_name` "; // if (false === ($db->queryWrite($query))) // { // return GWF_HTML::err('ERR_DATABASE', array( __FILE__, __LINE__)); // } $query = "ALTER TABLE `{$modules}` ADD UNIQUE INDEX `module_name` ( `module_name` )"; if (false === $db->queryWrite($query)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
/** * Exploit this! * @param WC_Challenge $chall * @param unknown_type $username * @param unknown_type $password * @return boolean */ function auth1_onLogin(WC_Challenge $chall, $username, $password) { $db = auth1_db(); $password = md5($password); $query = "SELECT * FROM users WHERE username='******' AND password='******'"; if (false === ($result = $db->queryFirst($query))) { echo GWF_HTML::error('Auth1', $chall->lang('err_unknown'), false); # Unknown user return false; } # Welcome back! echo GWF_HTML::message('Auth1', $chall->lang('msg_welcome_back', htmlspecialchars($result['username'])), false); # Challenge solved? if (strtolower($result['username']) === 'admin') { $chall->onChallengeSolved(GWF_Session::getUserID()); } return true; }
function ttr2_request(WC_Challenge $chall, GWF_Form $form) { if (false !== ($errors = $form->validate($chall))) { return $errors; } # Generate reset token $sid = GWF_Session::getSessSID(); $email = $form->getVar('email'); $token = ttr2_random(16); if (!TTR2_Tokens::insertToken($sid, $email, $token)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } # If it's your own real mail, even send it for the lulz :) if ($email === GWF_User::getStaticOrGuest()->getValidMail()) { ttr2_mail_me($chall, $email, $token); } return GWF_HTML::message($chall->lang('title'), $chall->lang('msg_mail_sent')); }
function Upgrade_WeChall_5_04(Module_WeChall $module) { GWF_Website::addDefaultOutput(GWF_HTML::message('WC5', "Warboxes can have flags now. (thx Steven)")); $back = ''; # Kill Old Warbox mode bit $killbit = WC_Site::NO_V1_SCRIPTS; $module->includeClass('WC_Site'); $sites = GDO::table('WC_Site'); if (!$sites->update("site_options=site_options&{$killbit}")) { $back .= GWF_HTML::lang('ERR_DATABASE', array(__FILE__, __LINE__)); } $module->includeClass('WC_Warbox'); $boxes = GDO::table('WC_Warbox'); if (!$boxes->createColumn('wb_options')) { $back .= GWF_HTML::lang('ERR_DATABASE', array(__FILE__, __LINE__)); } return $back; }
function Upgrade_WeChall_5_02(Module_WeChall $module) { GWF_Website::addDefaultOutput(GWF_HTML::message('WC5', "Sites have hostname, port, reducescore and IP now. (thx epoch)")); $module->includeClass('WC_Site'); $sites = GDO::table('WC_Site'); if (!$sites->createColumn('site_warhost')) { return GWF_HTML::lang('ERR_DATABASE', array(__FILE__, __LINE__)); } if (!$sites->createColumn('site_warport')) { return GWF_HTML::lang('ERR_DATABASE', array(__FILE__, __LINE__)); } if (!$sites->createColumn('site_war_rs')) { return GWF_HTML::lang('ERR_DATABASE', array(__FILE__, __LINE__)); } if (!$sites->createColumn('site_war_ip')) { return GWF_HTML::lang('ERR_DATABASE', array(__FILE__, __LINE__)); } return ''; }
function ttr2_submit(WC_Challenge $chall) { if ('' === ($answer = Common::getPostString('answer', ''))) { return; } $sessid = GWF_Session::getSessSID(); # First check all "custom" solutions $solutions = TTR2_Tokens::getSolutions($sessid); foreach ($solutions as $solution) { if ($solution['ttr_token'] === $answer) { echo GWF_HTML::message($chall->lang('title'), $chall->lang('msg_reset_own', array(htmlspecialchars($solution['ttr_email'])))); return; } } # Now lets check "THE" solution $solution = TTR2_Tokens::getSolution($sessid); $chall->setSolution($solution['ttr_token']); $chall->onSolve(GWF_User::getStaticOrGuest(), $answer); }