function check_cookie(&$pun_user) { global $db, $pun_config, $cookie_name, $cookie_seed; $now = time(); $expire = $now + 31536000; // The cookie expires after a year // We assume it's a guest $cookie = array('user_id' => 1, 'password_hash' => 'Guest'); // If a cookie is set, we get the user_id and password hash from it if (isset($_COOKIE[$cookie_name])) { list($cookie['user_id'], $cookie['password_hash']) = @unserialize($_COOKIE[$cookie_name]); } if ($cookie['user_id'] > 1) { // Check if there's a user with the user ID and password hash from the cookie $result = $db->query('SELECT u.*, g.*, o.logged, o.idle FROM ' . $db->prefix . 'users AS u INNER JOIN ' . $db->prefix . 'groups AS g ON u.group_id=g.g_id LEFT JOIN ' . $db->prefix . 'online AS o ON o.user_id=u.id WHERE u.id=' . intval($cookie['user_id'])) or error('Unable to fetch user information', __FILE__, __LINE__, $db->error()); $pun_user = $db->fetch_assoc($result); // If user authorisation failed if (!isset($pun_user['id']) || md5($cookie_seed . $pun_user['password']) !== $cookie['password_hash']) { pun_setcookie(0, random_pass(8), $expire); set_default_user(); return; } // Set a default language if the user selected language no longer exists if (!@file_exists(PUN_ROOT . 'lang/' . $pun_user['language'])) { $pun_user['language'] = $pun_config['o_default_lang']; } // Set a default style if the user selected style no longer exists if (!(@file_exists(PUN_ROOT . 'style/' . $pun_user['style'] . '.css') || defined('PUN_STYLE_DIR') && defined('PUN_STYLE_PATH') && @file_exists(PUN_STYLE_DIR . $pun_user['style'] . '.css'))) { trigger_error('resetting'); $pun_user['style'] = $pun_config['o_default_style']; } if (!$pun_user['disp_topics']) { $pun_user['disp_topics'] = $pun_config['o_disp_topics_default']; } if (!$pun_user['disp_posts']) { $pun_user['disp_posts'] = $pun_config['o_disp_posts_default']; } if ($pun_user['save_pass'] == '0') { $expire = 0; } // Define this if you want this visit to affect the online list and the users last visit data if (!defined('PUN_QUIET_VISIT')) { // Update the online list if (!$pun_user['logged']) { $db->query('INSERT INTO ' . $db->prefix . 'online (user_id, ident, logged) VALUES(' . $pun_user['id'] . ', \'' . $db->escape($pun_user['username']) . '\', ' . $now . ')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); } else { // Special case: We've timed out, but no other user has browsed the forums since we timed out if ($pun_user['logged'] < $now - $pun_config['o_timeout_visit']) { $db->query('UPDATE ' . $db->prefix . 'users SET last_visit=' . $pun_user['logged'] . ' WHERE id=' . $pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); $pun_user['last_visit'] = $pun_user['logged']; } $idle_sql = $pun_user['idle'] == '1' ? ', idle=0' : ''; $db->query('UPDATE ' . $db->prefix . 'online SET logged=' . $now . $idle_sql . ' WHERE user_id=' . $pun_user['id']) or error('Unable to update online list', __FILE__, __LINE__, $db->error()); } } $pun_user['is_guest'] = false; } else { set_default_user(); } }
// The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_subject = str_replace('<board_title>', $pun_config['o_board_title'], $mail_subject); $mail_message = str_replace('<base_url>', get_base_url() . '/', $mail_message); $mail_message = str_replace('<username>', $username, $mail_message); $mail_message = str_replace('<password>', $password1, $mail_message); $mail_message = str_replace('<login_url>', get_base_url() . '/login.php', $mail_message); $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message); pun_mail($email1, $mail_subject, $mail_message); message($lang->t('Reg email') . ' <a href="mailto:' . $pun_config['o_admin_email'] . '">' . $pun_config['o_admin_email'] . '</a>.', true); } // Regenerate the users info cache $cache->delete('boardstats'); pun_setcookie($new_uid, $password_hash, time() + $pun_config['o_timeout_visit']); redirect('index.php', $lang->t('Reg complete')); } } $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang->t('Register')); $required_fields = array('req_user' => $lang->t('Username'), 'req_password1' => $lang->t('Password'), 'req_password2' => $lang->t('Confirm pass'), 'req_email1' => $lang->t('Email'), 'req_email2' => $lang->t('Email') . ' 2'); $focus_element = array('register', 'req_user'); define('PUN_ACTIVE_PAGE', 'register'); require PUN_ROOT . 'header.php'; $timezone = isset($timezone) ? $timezone : $pun_config['o_default_timezone']; $dst = isset($dst) ? $dst : $pun_config['o_default_dst']; $email_setting = isset($email_setting) ? $email_setting : $pun_config['o_default_email_setting']; // If there are errors, we display them if (!empty($errors)) { ?> <div id="posterror" class="block">
$expire = $save_pass == '1' ? time() + 31536000 : 0; pun_setcookie($user_id, $form_password_hash, $expire); redirect($_POST['redirect_url'], $lang_login['Login redirect']); } else { if ($action == 'out') { if ($pun_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $pun_user['id']) { header('Location: index.php'); exit; } // Remove user from "users online" list. $db->query('DELETE FROM ' . $db->prefix . 'online WHERE user_id=' . $pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); // Update last_visit (make sure there's something to update it with) if (isset($pun_user['logged'])) { $db->query('UPDATE ' . $db->prefix . 'users SET last_visit=' . $pun_user['logged'] . ' WHERE id=' . $pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); } pun_setcookie(1, random_pass(8), time() + 31536000); redirect('index.php', $lang_login['Logout redirect']); } else { if ($action == 'forget' || $action == 'forget_2') { if (!$pun_user['is_guest']) { header('Location: index.php'); } if (isset($_POST['form_sent'])) { require PUN_ROOT . 'include/email.php'; // Validate the email-address $email = strtolower(trim($_POST['req_email'])); if (!is_valid_email($email)) { message($lang_common['Invalid e-mail']); } $result = $db->query('SELECT id, username FROM ' . $db->prefix . 'users WHERE email=\'' . $db->escape($email) . '\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); if ($db->num_rows($result)) {
// Load the "welcome" template $mail_tpl = trim(file_get_contents(PUN_ROOT . 'lang/' . $pun_user['language'] . '/mail_templates/welcome.tpl')); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_subject = str_replace('<board_title>', $pun_config['o_board_title'], $mail_subject); $mail_message = str_replace('<base_url>', $pun_config['o_base_url'] . '/', $mail_message); $mail_message = str_replace('<username>', $username, $mail_message); $mail_message = str_replace('<password>', $password1, $mail_message); $mail_message = str_replace('<login_url>', $pun_config['o_base_url'] . '/login.php', $mail_message); $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'] . ' ' . $lang_common['Mailer'], $mail_message); pun_mail($email1, $mail_subject, $mail_message); message($lang_register['Reg e-mail'] . ' <a href="mailto:' . $pun_config['o_admin_email'] . '">' . $pun_config['o_admin_email'] . '</a>.', true); } pun_setcookie($new_uid, $password_hash, $save_pass != '0' ? $now + 31536000 : 0); redirect('index.php', $lang_register['Reg complete']); } } } $page_title = pun_htmlspecialchars($pun_config['o_board_title']) . ' / ' . $lang_register['Register']; $required_fields = array('req_username' => $lang_common['Username'], 'req_password1' => $lang_common['Password'], 'req_password2' => $lang_prof_reg['Confirm pass'], 'req_email1' => $lang_common['E-mail'], 'req_email2' => $lang_common['E-mail'] . ' 2'); $focus_element = array('register', 'req_username'); require PUN_ROOT . 'header.php'; ?> <div class="blockform"> <h2><span><?php echo $lang_register['Register']; ?> </span></h2> <div class="box">
$result = $db->query('SELECT * FROM ' . $db->prefix . 'users WHERE id=' . $id) or error('Unable to fetch password', __FILE__, __LINE__, $db->error()); $cur_user = $db->fetch_assoc($result); $authorized = false; if (!empty($cur_user['password'])) { $old_password_hash = pun_hash($old_password); if ($cur_user['password'] == $old_password_hash || $pun_user['is_admmod']) { $authorized = true; } } if (!$authorized) { message($lang_profile['Wrong pass']); } $new_password_hash = pun_hash($new_password1); $db->query('UPDATE ' . $db->prefix . 'users SET password=\'' . $new_password_hash . '\'' . (!empty($cur_user['salt']) ? ', salt=NULL' : '') . ' WHERE id=' . $id) or error('Unable to update password', __FILE__, __LINE__, $db->error()); if ($pun_user['id'] == $id) { pun_setcookie($pun_user['id'], $new_password_hash, time() + $pun_config['o_timeout_visit']); } redirect('profile.php?section=essentials&id=' . $id, $lang_profile['Pass updated redirect']); } $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Change pass']); $required_fields = array('req_old_password' => $lang_profile['Old pass'], 'req_new_password1' => $lang_profile['New pass'], 'req_new_password2' => $lang_profile['Confirm new pass']); $focus_element = array('change_pass', !$pun_user['is_admmod'] ? 'req_old_password' : 'req_new_password1'); define('PUN_ACTIVE_PAGE', 'profile'); require PUN_ROOT . 'header.php'; ?> <div class="blockform"> <h2><span><?php echo $lang_profile['Change pass']; ?> </span></h2> <div class="box">
case 'privacy': $form = extract_elements(array('email_setting', 'save_pass', 'notify_with_post')); $form['email_setting'] = intval($form['email_setting']); if ($form['email_setting'] < 0 && $form['email_setting'] > 2) { $form['email_setting'] = 1; } if (!isset($form['save_pass']) || $form['save_pass'] != '1') { $form['save_pass'] = '******'; } if (!isset($form['notify_with_post']) || $form['notify_with_post'] != '1') { $form['notify_with_post'] = '0'; } // If the save_pass setting has changed, we need to set a new cookie with the appropriate expire date if ($pun_user['id'] == $id && $form['save_pass'] != $pun_user['save_pass']) { $result = $db->query('SELECT password FROM ' . $db->prefix . 'users WHERE id=' . $id) or error('Unable to fetch user password hash', __FILE__, __LINE__, $db->error()); pun_setcookie($id, $db->result($result), $form['save_pass'] == '1' ? time() + 31536000 : 0); } break; default: message($lang_common['Bad request']); } // Singlequotes around non-empty values and NULL for empty values $temp = array(); while (list($key, $input) = @each($form)) { $value = $input !== '' ? '\'' . $db->escape($input) . '\'' : 'NULL'; $temp[] = $key . '=' . $value; } if (empty($temp)) { message($lang_common['Bad request']); } $db->query('UPDATE ' . $db->prefix . 'users SET ' . implode(',', $temp) . ' WHERE id=' . $id) or error('Unable to update profile', __FILE__, __LINE__, $db->error());
function check_cookie(&$pun_user) { global $db, $db_type, $pun_config, $cookie_name, $cookie_seed; $now = time(); // If the cookie is set and it matches the correct pattern, then read the values from it if (isset($_COOKIE[$cookie_name]) && preg_match('%^(\\d+)\\|([0-9a-fA-F]+)\\|(\\d+)\\|([0-9a-fA-F]+)$%', $_COOKIE[$cookie_name], $matches)) { $cookie = array('user_id' => intval($matches[1]), 'password_hash' => $matches[2], 'expiration_time' => intval($matches[3]), 'cookie_hash' => $matches[4]); } // If it has a non-guest user, and hasn't expired if (isset($cookie) && $cookie['user_id'] > 1 && $cookie['expiration_time'] > $now) { // If the cookie has been tampered with $is_authorized = pun_hash_equals(forum_hmac($cookie['user_id'] . '|' . $cookie['expiration_time'], $cookie_seed . '_cookie_hash'), $cookie['cookie_hash']); if (!$is_authorized) { $expire = $now + 31536000; // The cookie expires after a year pun_setcookie(1, pun_hash(uniqid(rand(), true)), $expire); set_default_user(); return; } // Check if there's a user with the user ID and password hash from the cookie $result = $db->query('SELECT u.*, g.*, o.logged, o.idle FROM ' . $db->prefix . 'users AS u INNER JOIN ' . $db->prefix . 'groups AS g ON u.group_id=g.g_id LEFT JOIN ' . $db->prefix . 'online AS o ON o.user_id=u.id WHERE u.id=' . intval($cookie['user_id'])) or error('Unable to fetch user information', __FILE__, __LINE__, $db->error()); $pun_user = $db->fetch_assoc($result); // If user authorisation failed $is_authorized = pun_hash_equals(forum_hmac($pun_user['password'], $cookie_seed . '_password_hash'), $cookie['password_hash']); if (!isset($pun_user['id']) || !$is_authorized) { $expire = $now + 31536000; // The cookie expires after a year pun_setcookie(1, pun_hash(uniqid(rand(), true)), $expire); set_default_user(); return; } // Send a new, updated cookie with a new expiration timestamp $expire = $cookie['expiration_time'] > $now + $pun_config['o_timeout_visit'] ? $now + 1209600 : $now + $pun_config['o_timeout_visit']; pun_setcookie($pun_user['id'], $pun_user['password'], $expire); // Set a default language if the user selected language no longer exists if (!file_exists(PUN_ROOT . 'lang/' . $pun_user['language'])) { $pun_user['language'] = $pun_config['o_default_lang']; } // Set a default style if the user selected style no longer exists if (!file_exists(PUN_ROOT . 'style/' . $pun_user['style'] . '.css')) { $pun_user['style'] = $pun_config['o_default_style']; } if (!$pun_user['disp_topics']) { $pun_user['disp_topics'] = $pun_config['o_disp_topics_default']; } if (!$pun_user['disp_posts']) { $pun_user['disp_posts'] = $pun_config['o_disp_posts_default']; } // Define this if you want this visit to affect the online list and the users last visit data if (!defined('PUN_QUIET_VISIT')) { // Update the online list if (!$pun_user['logged']) { $pun_user['logged'] = $now; // With MySQL/MySQLi/SQLite, REPLACE INTO avoids a user having two rows in the online table switch ($db_type) { case 'mysql': case 'mysqli': case 'mysql_innodb': case 'mysqli_innodb': case 'sqlite': $db->query('REPLACE INTO ' . $db->prefix . 'online (user_id, ident, logged) VALUES(' . $pun_user['id'] . ', \'' . $db->escape($pun_user['username']) . '\', ' . $pun_user['logged'] . ')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); break; default: $db->query('INSERT INTO ' . $db->prefix . 'online (user_id, ident, logged) SELECT ' . $pun_user['id'] . ', \'' . $db->escape($pun_user['username']) . '\', ' . $pun_user['logged'] . ' WHERE NOT EXISTS (SELECT 1 FROM ' . $db->prefix . 'online WHERE user_id=' . $pun_user['id'] . ')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); break; } // Reset tracked topics set_tracked_topics(null); } else { // Special case: We've timed out, but no other user has browsed the forums since we timed out if ($pun_user['logged'] < $now - $pun_config['o_timeout_visit']) { $db->query('UPDATE ' . $db->prefix . 'users SET last_visit=' . $pun_user['logged'] . ' WHERE id=' . $pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); $pun_user['last_visit'] = $pun_user['logged']; } $idle_sql = $pun_user['idle'] == '1' ? ', idle=0' : ''; $db->query('UPDATE ' . $db->prefix . 'online SET logged=' . $now . $idle_sql . ' WHERE user_id=' . $pun_user['id']) or error('Unable to update online list', __FILE__, __LINE__, $db->error()); // Update tracked topics with the current expire time if (isset($_COOKIE[$cookie_name . '_track'])) { forum_setcookie($cookie_name . '_track', $_COOKIE[$cookie_name . '_track'], $now + $pun_config['o_timeout_visit']); } } } else { if (!$pun_user['logged']) { $pun_user['logged'] = $pun_user['last_visit']; } } $pun_user['is_guest'] = false; $pun_user['is_admmod'] = $pun_user['g_id'] == PUN_ADMIN || $pun_user['g_moderator'] == '1'; } else { set_default_user(); } }
case 'privacy': $form = extract_elements(array('email_setting', 'save_pass', 'notify_with_post')); $form['email_setting'] = intval($form['email_setting']); if ($form['email_setting'] < 0 && $form['email_setting'] > 2) { $form['email_setting'] = 1; } if ($form['save_pass'] != 1) { $form['save_pass'] = 0; } if ($form['notify_with_post'] != 1) { $form['notify_with_post'] = 0; } // If the save_pass setting has changed, we need to set a new cookie with the appropriate expire date if ($pun_user['id'] == $id && $form['save_pass'] != $pun_user['save_pass']) { $result = $db->query('SELECT `password` FROM `' . $db->prefix . 'users` WHERE id=' . $id) or error('Unable to fetch user password hash', __FILE__, __LINE__, $db->error()); pun_setcookie($id, $db->result($result), $form['save_pass'] == 1 ? $_SERVER['REQUEST_TIME'] + 31536000 : 0); } break; default: message($lang_common['Bad request']); break; } // Singlequotes around non-empty values and NULL for empty values $temp = array(); while (list($key, $input) = @each($form)) { $value = $input !== null ? '\'' . $db->escape($input) . '\'' : 'NULL'; $temp[] = $key . '=' . $value; } if (!$temp) { message($lang_common['Bad request']); }
function check_cookie(&$pun_user) { global $db, $pun_config, $cookie_name, $cookie_seed; $expire = time() + 31536000; // The cookie expires after a year // We assume it's a guest $cookie = array('user_id' => 1, 'password_hash' => 'Guest'); // If a cookie is set, we get the user_id and password hash from it /* if (isset($_COOKIE[$cookie_name]) && preg_match('/a:2:{i:0;s:\d+:"(\d+)";i:1;s:\d+:"([0-9a-f]+)";}/', $_COOKIE[$cookie_name], $matches)) { list(, $cookie['user_id'], $cookie['password_hash']) = $matches; } */ if (isset($_COOKIE[$cookie_name])) { list($cookie['user_id'], $cookie['password_hash']) = unserialize($_COOKIE[$cookie_name]); } if ($cookie['user_id'] > 1) { // Check if there's a user with the user ID and password hash from the cookie $result = $db->query(' SELECT u.*, g.*, o.logged, o.idle FROM ' . $db->prefix . 'users AS u INNER JOIN ' . $db->prefix . 'groups AS g ON u.group_id=g.g_id LEFT JOIN ' . $db->prefix . 'online AS o ON o.user_id=u.id WHERE u.id=' . intval($cookie['user_id'])) or error('Unable to fetch user information', __FILE__, __LINE__, $db->error()); $pun_user = $db->fetch_assoc($result); // If user authorisation failed if (!isset($pun_user['id']) || md5($cookie_seed . $pun_user['password']) !== $cookie['password_hash']) { pun_setcookie(1, md5(uniqid(mt_rand(), true)), $expire); set_default_user(); return; } // Set a default language if the user selected language no longer exists if (!@file_exists(PUN_ROOT . 'lang/' . $pun_user['language'])) { $pun_user['language'] = $pun_config['o_default_lang']; } // Set a default style if the user selected style no longer exists if (!@file_exists(PUN_ROOT . 'style/' . $pun_user['style'] . '.css')) { $pun_user['style'] = $pun_config['o_default_style']; } // Set a default style if the user selected style no longer exists // if (!@file_exists(PUN_ROOT . 'style_wap/' . $pun_user['style_wap'] . '.css')) { // $pun_user['style_wap'] = $pun_config['o_default_style_wap']; // } if (!@is_file(PUN_ROOT . '/include/template/wap/' . $pun_user['style_wap'] . '/style.css')) { $pun_user['style_wap'] = $pun_config['o_default_style_wap']; } if (!$pun_user['disp_topics']) { $pun_user['disp_topics'] = $pun_config['o_disp_topics_default']; } if (!$pun_user['disp_posts']) { $pun_user['disp_posts'] = $pun_config['o_disp_posts_default']; } // Define this if you want this visit to affect the online list and the users last visit data if (!defined('PUN_QUIET_VISIT')) { // Update the online list if (!$pun_user['logged']) { $pun_user['logged'] = $_SERVER['REQUEST_TIME']; $db->query('REPLACE INTO ' . $db->prefix . 'online (user_id, ident, logged) VALUES(' . $pun_user['id'] . ', \'' . $db->escape($pun_user['username']) . '\', ' . $pun_user['logged'] . ')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); } else { // Special case: We've timed out, but no other user has browsed the forums since we timed out if ($pun_user['logged'] < $_SERVER['REQUEST_TIME'] - $pun_config['o_timeout_visit']) { $db->query('UPDATE ' . $db->prefix . 'users SET last_visit=' . $pun_user['logged'] . ' WHERE id=' . $pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); $pun_user['last_visit'] = $pun_user['logged']; } $idle_sql = $pun_user['idle'] == 1 ? ', idle=0' : ''; $db->query('UPDATE ' . $db->prefix . 'online SET logged=' . $_SERVER['REQUEST_TIME'] . $idle_sql . ' WHERE user_id=' . $pun_user['id']) or error('Unable to update online list', __FILE__, __LINE__, $db->error()); } } $pun_user['is_guest'] = false; } else { set_default_user(); } }
//echo pun_htmlspecialchars($_POST['redirect_url']); exit("Success"); redirect(pun_htmlspecialchars($_POST['redirect_url']), $lang_login['Login redirect']); //print_r($lang_login['Login redirect']); } else { if ($action == 'out') { if ($pun_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $pun_user['id'] || !isset($_GET['csrf_token']) || $_GET['csrf_token'] != pun_hash($pun_user['id'] . pun_hash(get_remote_address()))) { header('Location: index.php'); exit; } // Remove user from "users online" list $db->query('DELETE FROM ' . $db->prefix . 'online WHERE user_id=' . $pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); // Update last_visit (make sure there's something to update it with) if (isset($pun_user['logged'])) { $db->query('UPDATE ' . $db->prefix . 'users SET last_visit=' . $pun_user['logged'] . ' WHERE id=' . $pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); } pun_setcookie(1, pun_hash(uniqid(rand(), true)), time() + 31536000); redirect('index.php', $lang_login['Logout redirect']); } else { if ($action == 'forget' || $action == 'forget_2') { if (!$pun_user['is_guest']) { header('Location: index.php'); exit; } if (isset($_POST['form_sent'])) { // Start with a clean slate $errors = array(); require PUN_ROOT . 'include/email.php'; // Validate the email address $email = strtolower(pun_trim($_POST['req_email'])); if (!is_valid_email($email)) { $errors[] = $lang_common['Invalid email'];
$db->query('DELETE FROM ' . $db->prefix . 'online WHERE ident=\'' . $db->escape(get_remote_address()) . '\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); $expire = $save_pass == 1 ? time() + 31536000 : 0; pun_setcookie($user_id, $form_password_hash, $expire); redirect(pun_htmlspecialchars($_POST['redirect_url']), $lang_login['Login redirect']); } else { if (isset($_GET['action']) && $_GET['action'] == 'out') { if ($pun_user['is_guest'] || $_GET['id'] != $pun_user['id'] || $_GET['csrf_token'] != sha1($pun_user['id'] . sha1(get_remote_address()))) { redirect('index.php', '', 302); } // Remove user from "users online" list. $db->query('DELETE FROM ' . $db->prefix . 'online WHERE user_id=' . $pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); // Update last_visit (make sure there's something to update it with) if (isset($pun_user['logged'])) { $db->query('UPDATE ' . $db->prefix . 'users SET last_visit=' . $pun_user['logged'] . ' WHERE id=' . $pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); } pun_setcookie(1, md5(uniqid(mt_rand(), true)), time() + 31536000); redirect('index.php', $lang_login['Logout redirect']); } else { if (isset($_GET['action']) && ($_GET['action'] == 'forget' || $_GET['action'] == 'forget_2')) { if (!$pun_user['is_guest']) { redirect('index.php', '', 302); } if (isset($_POST['form_sent'])) { include PUN_ROOT . 'include/email.php'; // Validate the email-address $email = strtolower(trim($_POST['req_email'])); if (!is_valid_email($email)) { message($lang_common['Invalid e-mail']); } $result = $db->query('SELECT id, username FROM ' . $db->prefix . 'users WHERE email=\'' . $db->escape($email) . '\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); if ($db->num_rows($result)) {
function check_cookie(&$pun_user) { global $db, $db_type, $pun_config, $flux_config; $now = time(); // If the cookie is set and it matches the correct pattern, then read the values from it if (isset($_COOKIE[$flux_config['cookie']['name']]) && preg_match('%^(\\d+)\\|([0-9a-fA-F]+)\\|(\\d+)\\|([0-9a-fA-F]+)$%', $_COOKIE[$flux_config['cookie']['name']], $matches)) { $cookie = array('user_id' => intval($matches[1]), 'password_hash' => $matches[2], 'expiration_time' => intval($matches[3]), 'cookie_hash' => $matches[4]); } // If it has a non-guest user, and hasn't expired if (isset($cookie) && $cookie['user_id'] > 1 && $cookie['expiration_time'] > $now) { // If the cookie has been tampered with if (forum_hmac($cookie['user_id'] . '|' . $cookie['expiration_time'], $flux_config['cookie']['seed'] . '_cookie_hash') != $cookie['cookie_hash']) { $expire = $now + 31536000; // The cookie expires after a year pun_setcookie(1, pun_hash(uniqid(rand(), true)), $expire); set_default_user(); return; } // Check if there's a user with the user ID and password hash from the cookie $query = $db->select(array('user' => 'u.*', 'group' => 'g.*', 'logged' => 'o.logged', 'idle' => 'o.idle'), 'users AS u'); $query->innerJoin('g', 'groups AS g', 'u.group_id = g.g_id'); $query->leftJoin('o', 'online AS o', 'o.user_id = u.id'); $query->where = 'u.id = :user_id'; $params = array(':user_id' => $cookie['user_id']); $result = $query->run($params); unset($query, $params); // If the password is invalid if (empty($result) || forum_hmac($result[0]['password'], $flux_config['cookie']['seed'] . '_password_hash') !== $cookie['password_hash']) { $expire = $now + 31536000; // The cookie expires after a year pun_setcookie(1, pun_hash(uniqid(rand(), true)), $expire); set_default_user(); return; } $pun_user = $result[0]; unset($result); // Send a new, updated cookie with a new expiration timestamp $expire = $cookie['expiration_time'] > $now + $pun_config['o_timeout_visit'] ? $now + 1209600 : $now + $pun_config['o_timeout_visit']; pun_setcookie($pun_user['id'], $pun_user['password'], $expire); // Set a default language if the user selected language no longer exists if (!file_exists(PUN_ROOT . 'lang/' . $pun_user['language'])) { $pun_user['language'] = $pun_config['o_default_lang']; } // Set a default style if the user selected style no longer exists if (!file_exists(PUN_ROOT . 'style/' . $pun_user['style'] . '.css')) { $pun_user['style'] = $pun_config['o_default_style']; } if (!$pun_user['disp_topics']) { $pun_user['disp_topics'] = $pun_config['o_disp_topics_default']; } if (!$pun_user['disp_posts']) { $pun_user['disp_posts'] = $pun_config['o_disp_posts_default']; } // Define this if you want this visit to affect the online list and the users last visit data if (!defined('PUN_QUIET_VISIT')) { // Update the online list if (!$pun_user['logged']) { $pun_user['logged'] = $now; // REPLACE INTO avoids a user having two rows in the online table $query = $db->replace(array('user_id' => ':user_id', 'logged' => ':logged'), 'online', array('ident' => ':ident')); $params = array(':user_id' => $pun_user['id'], ':ident' => $pun_user['username'], ':logged' => $pun_user['logged']); $query->run($params); unset($query, $params); // Reset tracked topics set_tracked_topics(null); } else { // Special case: We've timed out, but no other user has browsed the forums since we timed out if ($pun_user['logged'] < $now - $pun_config['o_timeout_visit']) { $query = $db->update(array('last_visit' => ':logged'), 'users'); $query->where = 'id = :user_id'; $params = array(':logged' => $pun_user['logged'], ':user_id' => $pun_user['id']); $query->run($params); unset($query, $params); $pun_user['last_visit'] = $pun_user['logged']; } $query = $db->update(array('logged' => ':now', 'idle' => '0'), 'online'); $query->where = 'user_id = :user_id'; $params = array(':now' => $now, ':user_id' => $pun_user['id']); $query->run($params); unset($query, $params); // Update tracked topics with the current expire time if (isset($_COOKIE[$flux_config['cookie']['name'] . '_track'])) { forum_setcookie($flux_config['cookie']['name'] . '_track', $_COOKIE[$flux_config['cookie']['name'] . '_track'], $now + $pun_config['o_timeout_visit']); } } } else { if (!$pun_user['logged']) { $pun_user['logged'] = $pun_user['last_visit']; } } $pun_user['is_guest'] = false; $pun_user['is_admmod'] = $pun_user['g_id'] == PUN_ADMIN || $pun_user['g_moderator'] == '1'; } else { set_default_user(); } }
function check_cookie(&$pun_user) { global $db, $db_type, $pun_config, $cookie_name, $cookie_seed; $now = time(); $expire = $now + 31536000; // The cookie expires after a year // We assume it's a guest $cookie = array('user_id' => 1, 'password_hash' => 'Guest'); // If a cookie is set, we get the user_id and password hash from it // security fix from http://punbb.informer.com/trac/changeset/1663 // if (isset($_COOKIE[$cookie_name])) if (isset($_COOKIE[$cookie_name]) && preg_match('/a:2:{i:0;s:\\d+:"(\\d+)";i:1;s:\\d+:"([0-9a-f]+)";}/', $_COOKIE[$cookie_name], $matches)) { list(, $cookie['user_id'], $cookie['password_hash']) = $matches; } // list($cookie['user_id'], $cookie['password_hash']) = @unserialize($_COOKIE[$cookie_name]); if ($cookie['user_id'] > 1) { // Check if there's a user with the user ID and password hash from the cookie $result = $db->query('SELECT u.*, g.*, o.logged, o.idle, COUNT(pm.id) AS total_pm FROM ' . $db->prefix . 'users AS u INNER JOIN ' . $db->prefix . 'groups AS g ON u.group_id=g.g_id LEFT JOIN ' . $db->prefix . 'online AS o ON o.user_id=u.id LEFT JOIN ' . $db->prefix . 'messages AS pm ON pm.owner=u.id WHERE u.id=' . intval($cookie['user_id']) . ' GROUP BY u.id') or error('Unable to fetch user information', __FILE__, __LINE__, $db->error()); //$result = $db->query('SELECT u.*, g.*, o.logged, o.idle FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON u.group_id=g.g_id LEFT JOIN '.$db->prefix.'online AS o ON o.user_id=u.id WHERE u.id='.intval($cookie['user_id'])) or error('Unable to fetch user information', __FILE__, __LINE__, $db->error()); //before private messaging $pun_user = $db->fetch_assoc($result); // If user authorisation failed if (!isset($pun_user['id']) || md5($cookie_seed . $pun_user['password']) !== $cookie['password_hash']) { pun_setcookie(1, md5(uniqid(rand(), true)), $expire); set_default_user(); return; } // Set a default language if the user selected language no longer exists if (!@file_exists(PUN_ROOT . 'lang/' . $pun_user['language'])) { $pun_user['language'] = $pun_config['o_default_lang']; } // Set a default style if the user selected style no longer exists if (!@file_exists(PUN_ROOT . 'style/' . $pun_user['style'] . '.css')) { $pun_user['style'] = $pun_config['o_default_style']; } if (!$pun_user['disp_topics']) { $pun_user['disp_topics'] = $pun_config['o_disp_topics_default']; } if (!$pun_user['disp_posts']) { $pun_user['disp_posts'] = $pun_config['o_disp_posts_default']; } if ($pun_user['save_pass'] == '0') { $expire = 0; } // Define this if you want this visit to affect the online list and the users last visit data if (!defined('PUN_QUIET_VISIT')) { // Update the online list if (!$pun_user['logged']) { $pun_user['logged'] = $now; // With MySQL/MySQLi, REPLACE INTO avoids a user having two rows in the online table switch ($db_type) { case 'mysql': case 'mysqli': $db->query('REPLACE INTO ' . $db->prefix . 'online (user_id, ident, logged) VALUES(' . $pun_user['id'] . ', \'' . $db->escape($pun_user['username']) . '\', ' . $pun_user['logged'] . ')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); break; default: $db->query('INSERT INTO ' . $db->prefix . 'online (user_id, ident, logged) VALUES(' . $pun_user['id'] . ', \'' . $db->escape($pun_user['username']) . '\', ' . $pun_user['logged'] . ')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); break; } } else { // Special case: We've timed out, but no other user has browsed the forums since we timed out if ($pun_user['logged'] < $now - $pun_config['o_timeout_visit']) { $db->query('UPDATE ' . $db->prefix . 'users SET last_visit=' . $pun_user['logged'] . ' WHERE id=' . $pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); $pun_user['last_visit'] = $pun_user['logged']; } $idle_sql = $pun_user['idle'] == '1' ? ', idle=0' : ''; $db->query('UPDATE ' . $db->prefix . 'online SET logged=' . $now . $idle_sql . ' WHERE user_id=' . $pun_user['id']) or error('Unable to update online list', __FILE__, __LINE__, $db->error()); } } $pun_user['is_guest'] = false; } else { set_default_user(); } }
function check_cookie(&$pun_user) { # hacked to change interface language without a logged user global $db, $pun_config, $cookie_name, $cookie_path, $cookie_seed, $tmplang; $now = time(); $expire = $now + 31536000; // The cookie expires after a year // We assume it's a guest $cookie = array('user_id' => 1, 'password_hash' => 'Invité'); // If a cookie is set, we get the user_id and password hash from it if (isset($_COOKIE[$cookie_name])) { list($cookie['user_id'], $cookie['password_hash']) = @unserialize($_COOKIE[$cookie_name]); } if (isset($_COOKIE[$cookie_name]) && preg_match('/a:2:{i:0;s:\\d+:"(\\d+)";i:1;s:\\d+:"([0-9a-f]+)";}/', $_COOKIE[$cookie_name], $matches)) { list(, $cookie['user_id'], $cookie['password_hash']) = $matches; } if (isset($_GET['language'])) { $tmplang = $_GET['language']; } elseif (isset($_COOKIE['language'])) { $tmplang = $_COOKIE['language']; } else { $tmplang = "French"; } if ($cookie['user_id'] > 1) { // Check if there's a user with the user ID and password hash from the cookie $result = $db->query('SELECT u.*, g.*, o.logged, o.idle FROM ' . $db->prefix . 'users AS u INNER JOIN ' . $db->prefix . 'groups AS g ON u.group_id=g.g_id LEFT JOIN ' . $db->prefix . 'online AS o ON o.user_id=u.id WHERE u.id=' . intval($cookie['user_id'])) or error('Impossible de retrouver les informations utilisateur', __FILE__, __LINE__, $db->error()); $pun_user = $db->fetch_assoc($result); // If user authorisation failed if (!isset($pun_user['id']) || md5($cookie_seed . $pun_user['password']) !== $cookie['password_hash']) { pun_setcookie(0, random_pass(8), $expire); set_default_user(); return; } // Set a default language if the user selected language no longer exists if (!@file_exists(PUN_ROOT . 'lang/' . $pun_user['language'])) { $pun_user['language'] = $pun_config['o_default_lang']; } // Set a default style if the user selected style no longer exists if (!@file_exists(PUN_ROOT . 'style/' . $pun_user['style'] . '.css')) { $pun_user['style'] = $pun_config['o_default_style']; } if (!$pun_user['disp_topics']) { $pun_user['disp_topics'] = $pun_config['o_disp_topics_default']; } if (!$pun_user['disp_posts']) { $pun_user['disp_posts'] = $pun_config['o_disp_posts_default']; } if ($pun_user['save_pass'] == '0') { $expire = 0; } if ($pun_user['read_topics']) { $pun_user['read_topics'] = unserialize($pun_user['read_topics']); } else { $pun_user['read_topics'] = array(); } // Define this if you want this visit to affect the online list and the users last visit data if (!defined('PUN_QUIET_VISIT')) { // Update the online list if (!$pun_user['logged']) { $db->query('INSERT INTO ' . $db->prefix . 'online (user_id, ident, logged) SELECT ' . $pun_user['id'] . ', \'' . $db->escape($pun_user['username']) . '\', ' . $now . ' FROM ' . $db->prefix . 'users WHERE id = ' . $pun_user['id'] . ' AND NOT EXISTS (SELECT 1 FROM ' . $db->prefix . 'online WHERE user_id = ' . $pun_user['id'] . ')') or error('Impossible d\'insérer un élément dans la liste des utilisateurs en ligne', __FILE__, __LINE__, $db->error()); } else { // Special case: We've timed out, but no other user has browsed the forums since we timed out if ($pun_user['logged'] < $now - $pun_config['o_timeout_visit']) { $db->query('UPDATE ' . $db->prefix . 'users SET last_visit=' . $pun_user['logged'] . ', read_topics=NULL WHERE id=' . $pun_user['id']) or error('Impossible de mettre à jour les données de visite de l\'utilisateur', __FILE__, __LINE__, $db->error()); $pun_user['last_visit'] = $pun_user['logged']; } $idle_sql = $pun_user['idle'] == '1' ? ', idle=0' : ''; $db->query('UPDATE ' . $db->prefix . 'online SET logged=' . $now . $idle_sql . ' WHERE user_id=' . $pun_user['id']) or error('Impossible de mettre à jour la liste des utilisateurs en ligne', __FILE__, __LINE__, $db->error()); } } $pun_user['is_guest'] = false; } else { set_default_user(); if (!@file_exists(PUN_ROOT . 'lang/' . $pun_user['language'])) { $pun_user['language'] = $pun_config['o_default_lang']; } if ($pun_user['read_topics']) { $pun_user['read_topics'] = array(); } } }
/** * remove fluxbb cookie on logout */ function logOff() { global $pun_user; $pun_user = array(); $pun_user['is_guest'] = 1; pun_setcookie(1, random_pass(8), time() + 31536000); }