function wccgpg_doit(WC_Challenge $chall, $user)
{
if ($user === false) {
echo GWF_HTML::error('GPG', $chall->lang('err_login'), false);
return;
}
if (!$user->hasValidMail()) {
echo GWF_HTML::error('GPG', $chall->lang('err_no_mail'));
return;
}
$receiver = $user->getValidMail();
if (!function_exists('gnupg_init')) {
echo GWF_HTML::error('GPG', $chall->lang('err_server'));
return;
}
if (false === ($fingerprint = GWF_PublicKey::getFingerprintForUser($user))) {
$url = GWF_WEB_ROOT . 'account';
echo GWF_HTML::error('GPG', $chall->lang('err_no_gpg', $url), false);
return;
}
$solution = WC_CryptoChall::generateSolution('OHOYOUGOTGPG!', true, false);
$mail = new GWF_Mail();
$mail->setSubject($chall->lang('mail_s'));
$mail->setSender(GWF_BOT_EMAIL);
$mail->setReceiver($receiver);
$mail->setBody($chall->lang('mail_b', array($user->displayUsername(), $solution)));
if (false === $mail->sendToUser($user)) {
echo GWF_HTML::err('ERR_MAIL_SENT');
} else {
echo GWF_HTML::message('GPG', $chall->lang('msg_mail_sent', array(htmlspecialchars($receiver))));
}
}
public function execute()
{
if (false === ($user = GWF_Session::getUser()) && !$this->module->cfgGuestShouts()) {
return GWF_HTML::err('ERR_LOGIN_REQUIRED');
}
if ($user !== false && $user->isWebspider()) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
if (false !== ($error = $this->isFlooding())) {
return $error;
}
$message = Common::getPost('message', '');
if (false !== ($error = $this->validate_message($message))) {
return GWF_HTML::error('Shoutbox', $error);
}
$entry = new GWF_Shoutbox(array('shout_id' => '0', 'shout_uid' => GWF_Session::getUserID(), 'shout_date' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'shout_uname' => GWF_Shoutbox::generateUsername(), 'shout_message' => $message));
if (false === $entry->insert()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if ($this->module->cfgEMailModeration()) {
$this->onEMailModeration($user, $entry);
}
$url = htmlspecialchars(GWF_Session::getLastURL());
return $this->module->message('msg_shouted', array($url, $url));
}
private function onPurchase()
{
if (false !== ($error = GWF_Form::validateCSRF_WeakS())) {
return GWF_HTML::error('Purchase GWF Modules', $error) . $this->templatePurchase();
}
if (!isset($_POST['mod']) || !is_array($_POST['mod'])) {
return $this->module->error('err_select_modules') . $this->templatePurchase();
// return GWF_HTML::err('ERR_GENERAL', array( __FILE__, __LINE__)).$this->templatePurchase();
}
$purchased_modules = array();
foreach ($_POST['mod'] as $mname => $yes) {
if (isset($this->modules[$mname])) {
$purchased_modules[] = $mname;
}
}
if (count($purchased_modules) === 0) {
return $this->module->error('err_select_modules') . $this->templatePurchase();
}
$designs = GWF_Design::getDesigns();
$purchased_designs = array();
foreach ($_POST['design'] as $dname => $yes) {
if (array_key_exists($dname, $designs)) {
$purchased_designs[] = $dname;
}
}
$user = GWF_User::getStaticOrGuest();
$userid = GWF_Session::getUserID();
if (false === ($client = GWF_Client::getClient($userid))) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)) . $this->templatePurchase();
}
$order = new GWF_ClientOrder(array('vsco_uid' => $userid, 'vsco_modules' => implode(',', $purchased_modules), 'vsco_designs' => implode(',', $purchased_designs)));
Module_Payment::saveTempOrder($order);
$tVars = array('order' => Module_Payment::displayOrderS($this->module, $order, $user));
return $this->module->template('order.tpl', $tVars);
}
private function templateError()
{
$module = $this->module;
$module instanceof Module_GWF;
$codes = $module->lang('ERR_HTTP');
# Get the error page
$code = Common::getGetString('code', '0');
if (false === isset($codes[$code])) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
@header($_SERVER['SERVER_PROTOCOL'] . ' ' . $code . ' ' . $codes[$code]);
# Generate template
$tVars = array('code' => $code, 'file' => GWF_HTML::error(GWF_SITENAME, $module->getLang()->langA('ERR_HTTP', $code, array(htmlspecialchars($_SERVER['REQUEST_URI']))), false));
$template = $module->template($this->_tpl, $tVars);
# Is the request blacklisted?
foreach (preg_split('/[,;]/', $module->cfgBlacklist()) as $pattern) {
if (false !== strpos($_SERVER['REQUEST_URI'], $pattern)) {
# Do not log and email the request
return $template;
}
}
$message = self::getMessage($code);
# Mail it?
if (1 === preg_match("/(?:^|[,;]){$code}(?:\$|[,;])/", $module->cfgMail())) {
self::errorMail($code, $message);
}
# Log it?
if (1 === preg_match("/(?:^|[,;]){$code}(?:\$|[,;])/", $module->cfgLog())) {
GWF_Log::logHTTP($message);
}
return $template;
}
private function onTag(Slay_Song $song)
{
$form = $this->formTag($song);
if (false !== ($error = $form->validateCSRF_WeakS())) {
return $error;
}
$tags = array();
$errors = array();
foreach ($_POST as $k => $v) {
if (Common::startsWith($k, 'tag_')) {
$k = substr($k, 4);
if (Slay_Tag::getByName($k) === false) {
$errors[] = $this->module->lang('err_tag_uk');
} else {
$tags[] = $k;
}
}
}
if (count($errors) > 0) {
return GWF_HTML::error('Slaytags', $errors);
}
$user = GWF_Session::getUser();
if (false === Slay_TagVote::clearVotes($song, $user)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === Slay_TagVote::addVotes($song, $user, $tags)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === $song->computeTags()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_tagged');
}
public function display($title = 'Error')
{
if ($this->isError()) {
return GWF_HTML::error($title, (array) $this->msg);
} else {
return GWF_HTML::message($title, (array) $this->msg);
}
}
private function sanitize()
{
$this->user = GWF_Session::getUser();
if (false !== ($error = GWF_LinksValidator::mayAddLink($this->module, $this->user))) {
return GWF_HTML::error('Links', $error);
}
return false;
}
public function display($title = 'Error')
{
if ($this->is_error) {
return GWF_HTML::error($title, $this->message);
} else {
return GWF_HTML::message($title, $this->message);
}
}
public static function getHTAccess()
{
if (false === Common::isFile(GWF_WWW_PATH . '.htaccess')) {
GWF_HTML::error('ERR_FILE_NOT_FOUND', array(GWF_WWW_PATH . '.htaccess'));
# TODO
return false;
}
return file_get_contents(GWF_WWW_PATH . '.htaccess');
}
private function onJoin($array)
{
if (false !== ($error = GWF_Form::validateCSRF_WeakS())) {
return GWF_HTML::error('Join Group', $error);
}
if (false === ($group = GWF_Group::getByID(key($array)))) {
return $this->module->error('err_unk_group');
}
return $this->module->getMethod('Join')->onQuickJoin($group, GWF_User::getStaticOrGuest());
}
/**
* We don't like the text "evilfunction" and "badmethod".
*/
function the_preg_match(WC_Challenge $chall, $text)
{
if (1 === preg_match('#^.*((?:badmethod)|(?:evilfunction)).*$#s', $text, $matches)) {
echo GWF_HTML::error($chall->lang('title'), $chall->lang('evil', array($matches[1])));
return false;
} else {
echo GWF_HTML::message($chall->lang('title'), $chall->lang('lovely'));
return true;
}
}
function www_basic_go(WC_Challenge $chall, $url, $content)
{
if (false === ($response = GWF_HTTP::getFromURL($url))) {
echo GWF_HTML::error('WWW Basics', $chall->lang('err_file_not_found'));
} elseif ($response !== $content) {
echo GWF_HTML::error('WWW Basics', $chall->lang('err_wrong', array(htmlspecialchars($response), htmlspecialchars($content), strlen($response), strlen($content))));
} else {
$chall->onChallengeSolved(GWF_Session::getUserID());
}
}
function bacon_check_messages(WC_Challenge $chall, $hidden)
{
$chars = bacon_count_chars($hidden);
$bits = $chars * 5;
$avail = bacon_count_chars($chall->lang('message'));
if ($bits > $avail) {
echo GWF_HTML::error('Bacon', "The carrier message is too short: Need {$bits} bits and have only {$avail} available.", false);
return false;
}
return true;
}
private function onDeleteFolders()
{
if (false !== ($error = GWF_Form::validateCSRF_WeakS())) {
return GWF_HTML::error('PM', $error, false);
}
$back = '';
foreach (Common::getPostArray('folder', array()) as $folderid => $stub) {
$back .= $this->onDeleteFolder($folderid);
}
return $back;
}
public function __call($name, $args)
{
if (false === ($mo = Common::substrUntil($name, '_'))) {
return GWF_HTML::error('ERR_GENERAL', array(__FILE__, __LINE__));
}
$me = Common::substrFrom($name, '_');
if (false === ($module = GWF_Module::loadModuleDB($mo))) {
return GWF_HTML::error('ERR_MODULE_MISSING', array(__FILE__, __LINE__));
}
return $module->execute($me);
}
public static function paypalError($resArray)
{
$back = "PayPal Error: <br><br>";
$count = 0;
while (isset($resArray["L_SHORTMESSAGE" . $count])) {
$errorCode = $resArray["L_ERRORCODE" . $count];
$shortMessage = $resArray["L_SHORTMESSAGE" . $count];
$longMessage = $resArray["L_LONGMESSAGE" . $count];
$count++;
$back .= "{$errorCode}: {$shortMessage}<br>" . " - {$longMessage}<br><br>";
}
return GWF_HTML::error('PayPal', $back, true);
}
function identity_filter(WC_Challenge $chall)
{
if (!isset($_POST['answer']) || !is_string($_POST['answer'])) {
return;
}
$answer = $_POST['answer'];
$answer = str_replace(array(' ', ','), '', $answer);
$answer = strtolower($answer);
$answer = str_replace('049', '0', $answer);
if (strpos($answer, '17659598844') !== false) {
echo GWF_HTML::error($chall->lang('title'), $chall->lang('err_home_phone'));
}
$_POST['answer'] = $answer;
}
function www_rewrite_go(WC_Challenge $chall, $url)
{
$n1 = rand(1000000, 1000000000) . rand(1000000, 1000000000);
$n2 = rand(1000000, 1000000000) . rand(1000000, 1000000000);
$solution = bcmul($n1, $n2);
$url .= $n1 . '_mul_' . $n2 . '.html';
if (false === ($response = GWF_HTTP::getFromURL($url))) {
echo GWF_HTML::error('WWW Rewrite', $chall->lang('err_file_not_found'));
} elseif ($response !== $solution) {
echo GWF_HTML::error('WWW Rewrite', $chall->lang('err_wrong', array(htmlspecialchars($response), htmlspecialchars($solution), strlen($response), strlen($solution))));
} else {
$chall->onChallengeSolved(GWF_Session::getUserID());
}
}
private static function validateB($context, GWF_Form $form, $validator)
{
$name = method_exists($context, 'getName') ? $context->getName() : 'unknown Name';
if (false !== ($error = self::validateCSRF($context, $form, $validator))) {
return GWF_HTML::error($name, $error, false);
}
if (false !== ($errors = self::validateMissingVars($context, $form, $validator))) {
return GWF_HTML::error($name, $errors, false);
}
if (false !== ($errors = self::validateVars($context, $form, $validator))) {
return GWF_HTML::error($name, $errors, false);
}
return false;
}
public static function hook(GWF_User $user, GWF_Download $dl)
{
$dlid = $dl->getID();
if ($dlid > 2) {
return true;
}
$demo = $dlid == 2;
if (false === ($row = BAIM_MC::generate($user, $demo))) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
$mime = $dl->getVar('dl_mime');
$path = $dl->getDownloadPath();
$temp_path = GWF_PATH . 'extra/temp/baim/' . $user->getVar('user_id') . '_' . $row->getToken();
if (!Common::isFile($path)) {
return GWF_HTML::err('ERR_FILE_NOT_FOUND', htmlspecialchars($path));
}
if (Common::isFile($temp_path)) {
if (false === unlink($temp_path)) {
return GWF_HTML::err('ERR_WRITE_FILE', array($temp_path));
}
}
if ($mime === 'application/zip') {
if (false === copy($path, $temp_path)) {
return GWF_HTML::err('ERR_WRITE_FILE', array($temp_path));
}
$have_zip = true;
} else {
$have_zip = false;
}
$zip = new GWF_ZipArchive();
if (false === $zip->open($temp_path, GWF_ZipArchive::CREATE)) {
return GWF_HTML::err('ERR_WRITE_FILE', array($temp_path));
}
if ($have_zip === false) {
$filename = $dl->getVar('dl_filename');
$zip->addFile($path, $filename);
$dl->setCustomDownloadName($filename . '.zip');
}
if (false === $zip->addFromString('B.AiM/key.dat', self::getIniContent($row))) {
return GWF_HTML::error('BAIM', 'The download slot is not a zip archive!');
}
$zip->addFromString('B.AiM/readme.txt', self::getReadmeContent($row));
$zip->addFromString('B.AiM/release_notes.txt', self::getReleaseNotes($row));
$zip->close();
$dl->setCustomDownloadPath($temp_path);
return '';
}
function shadowlamb3solver(WC_Challenge $chall, $answer)
{
if (!GWF_Session::isLoggedIn()) {
echo GWF_HTML::error('Shadowlamb', 'Better login first!');
return;
}
$code = WC5Lamb_Solution::validateSolution3($answer, GWF_Session::getUserID());
switch ($code) {
case 1:
echo GWF_HTML::message('Shadowlamb', $chall->lang('msg_right'));
$chall->onChallengeSolved(GWF_Session::getUserID());
break;
default:
echo GWF_HTML::error('Shadowlamb', $chall->lang('err_wrong_' . $code));
break;
}
}
/**
* Returns error message or false.
* @param GWF_Order $order
* @param GWF_User $user
* @return string | false
*/
public function canAffordB(GWF_Order $order, $user)
{
if ($user === false) {
return false;
}
if ($user->isAdmin()) {
return false;
}
$money = $user->getMoney();
$price = $order->getOrderPriceTotal();
$left = $money - $price;
if ($left >= 0) {
return false;
}
$lang = $this->loadLangGWF();
return GWF_HTML::error('Buy with GWF', $lang->lang('err_funds', array(Module_Payment::displayPrice($money), Module_Payment::displayPrice($price), Module_Payment::displayPrice(-$left))));
}
/**
* Exploit this!
* @param WC_Challenge $chall
* @param unknown_type $username
* @param unknown_type $password
* @return boolean
*/
function auth1_onLogin(WC_Challenge $chall, $username, $password)
{
$db = auth1_db();
$password = md5($password);
$query = "SELECT * FROM users WHERE username='******' AND password='******'";
if (false === ($result = $db->queryFirst($query))) {
echo GWF_HTML::error('Auth1', $chall->lang('err_unknown'), false);
# Unknown user
return false;
}
# Welcome back!
echo GWF_HTML::message('Auth1', $chall->lang('msg_welcome_back', htmlspecialchars($result['username'])), false);
# Challenge solved?
if (strtolower($result['username']) === 'admin') {
$chall->onChallengeSolved(GWF_Session::getUserID());
}
return true;
}
public static function installCurrencies(Module_Payment $module, $dropTable)
{
$path = GWF_CORE_PATH . '/module/Payment/install/_currencies.txt';
if (false === ($fh = @fopen($path, 'r'))) {
return GWF_HTML::err('ERR_FILE_NOT_FOUND', array($path));
}
$n = 0;
$errors = array();
while (false !== ($line = fgets($fh))) {
$n++;
if ($line[0] === '#') {
continue;
}
$cols = explode("\t", $line);
$cols = array_map('trim', $cols);
if (count($cols) < 6) {
$errors[] = sprintf('Error in currency file %s line %d.', $path, $n);
continue;
}
list($countryname, $currency, $char, $iso, $fracname, $multi) = $cols;
if (false === ($c = GWF_Country::getByName($countryname))) {
$errors[] = sprintf('Unknown Country %s in currency file %s line %d.', $countryname, $path, $n);
} elseif ($currency == '') {
$errors[] = sprintf('Unknown Currency for %s in currency file %s line %d.', $countryname, $path, $n);
} elseif ($char == '') {
$errors[] = sprintf('No Symbol for %s in currency file %s line %d.', $currency, $path, $n);
} elseif (strlen($iso) !== 3) {
continue;
$errors[] = sprintf('No ISO for %s in currency file %s line %d.', $currency, $path, $n);
} elseif ($fracname == '') {
$errors[] = sprintf('No Fraction Name for %s in currency file %s line %d.', $currency, $path, $n);
} elseif ($multi !== '1,000' && $multi !== '100' && $multi !== '10') {
$errors[] = sprintf('Invalid Multiplier for %s in currency file %s line %d.', $currency, $path, $n);
} else {
$row = new GWF_Currency(array('curr_iso' => $iso === 'None' ? sprintf('%03d', $n) : strtoupper($iso), 'curr_cid' => $c->getID(), 'curr_char' => $char, 'curr_digits' => $multi === '100' ? 2 : ($multi === '1,000' ? 3 : ($multi === '10' ? 2 : 0))));
if (false === $row->replace()) {
$errors[] = GWF_HTML::lang('ERR_DATABASE', array(__FILE__, __LINE__));
break;
}
}
}
fclose($fh);
return GWF_HTML::error('Install Currencies', $errors);
}
public function execute()
{
if (false !== ($errors = $this->sanitize())) {
return GWF_HTML::error('WC4', $errors, true);
}
require_once GWF_CORE_PATH . 'module/WeChall/WC_SiteDescr.php';
if (false !== Common::getPost('add')) {
return $this->onAdd() . $this->templateDescr();
}
if (false !== Common::getPost('edit')) {
return $this->onEdit() . $this->templateDescr();
}
if (false !== Common::getPost('delete')) {
return $this->onDelete() . $this->templateDescr();
}
if (false !== Common::getPost('default')) {
return $this->onDefault() . $this->templateDescr();
}
return $this->templateDescr();
}
public static function checkPlaintext($pt, $lowercase = false, $check_utf8 = true)
{
# Check if all needed letters occur in the plaintext.
if ($lowercase === true) {
$need = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'r', 's', 'l', 'm', 'n', 'o', 'p');
} else {
$need = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'R', 'S', 'L', 'M', 'N', 'O', 'P');
}
foreach ($need as $c) {
if (false === strpos($pt, $c)) {
echo GWF_HTML::error('WCCC', sprintf('The letter %s is missing!', $c), false);
}
}
# Check plaintext utf8 lengths
if ($check_utf8 === true) {
if (mb_strlen($pt, 'UTF8') !== strlen($pt)) {
echo GWF_HTML::error('WCCC', sprintf('Error: The plaintext is not extended ascii!'));
}
}
}
private function sanitize()
{
if (!GWF_User::isLoggedIn() && !$this->module->cfgGuestPMs()) {
return GWF_HTML::err('ERR_LOGIN_REQUIRED');
}
$this->user = GWF_User::getStaticOrGuest();
if ($this->user->isBot()) {
return $this->module->error('err_bot');
}
if (false !== ($uname = Common::getGet('to'))) {
if (false === ($this->rec = GWF_User::getByName($uname)) || $this->rec->isDeleted()) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
}
if (false !== ($pmid = Common::getGetString('reply', false))) {
if (false === ($pm = GWF_PM::getByID($pmid))) {
return $this->module->error('err_pm');
}
$this->rec = $pm->getSender();
}
if (false !== ($pmid = Common::getGetString('quote', false))) {
if (false === ($pm = GWF_PM::getByID($pmid))) {
return $this->module->error('err_pm');
}
$this->rec = $pm->getSender();
}
if ($this->rec === false) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
if (false !== ($error = $this->module->validate_limits($this->user, $this->rec))) {
return GWF_HTML::error('PM', $error);
}
if ($this->rec === false) {
$pmid = max(Common::getGetInt('reply'), Common::getGetInt('quote'));
if (false !== ($error = $this->sanitizePM($pmid))) {
return $error;
}
}
return false;
}
private function onDelete($array)
{
if (!GWF_User::isInGroupS('moderator')) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
if (!is_array($array)) {
return GWF_HTML::err('ERR_GENERAL', array(__FILE__, __LINE__));
}
if (false !== ($error = GWF_Form::validateCSRF_WeakS())) {
return GWF_HTML::error('Shoutbox', $error);
}
foreach ($array as $id => $foo) {
break;
}
if (false === ($row = GWF_Shoutbox::getByID($id))) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === $row->delete()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_deleted');
}
/**
* Exploit this! It is the same as MySQL-I, but with an additional check, marked with ###
* @param WC_Challenge $chall
* @param unknown_type $username
* @param unknown_type $password
* @return boolean
*/
function auth2_onLogin(WC_Challenge $chall, $username, $password)
{
$db = auth2_db();
$password = md5($password);
$query = "SELECT * FROM users WHERE username='******'";
if (false === ($result = $db->queryFirst($query))) {
echo GWF_HTML::error('Auth2', $chall->lang('err_unknown'), false);
return false;
}
#############################
### This is the new check ###
if ($result['password'] !== $password) {
echo GWF_HTML::error('Auth2', $chall->lang('err_password'), false);
return false;
}
# End of the new code ###
#############################
echo GWF_HTML::message('Auth2', $chall->lang('msg_welcome_back', array(htmlspecialchars($result['username']))), false);
if (strtolower($result['username']) === 'admin') {
$chall->onChallengeSolved(GWF_Session::getUserID());
}
return true;
}
function hashgame_check_answer(WC_Challenge $chall, $answer, array $list1, array $list2)
{
$solutions = array_merge(hashgame_longest_two($list1), hashgame_longest_two($list2));
$answers = explode(',', $answer);
if (count($answers) !== 4) {
echo GWF_HTML::error('HashGame', $chall->lang('err_answer_count', array(count($answers))), false);
// return false;
}
if (count($answers) > 4) {
echo GWF_HTML::error('HashGame', $chall->lang('err_answer_count_high', array(count($answers))), false);
$answers = array_slice($answers, 0, 4);
}
$correct = 0;
foreach ($answers as $word) {
$word = trim($word);
foreach ($solutions as $i => $solution) {
if ($word === $solution) {
unset($solutions[$i]);
$correct++;
break;
}
}
}
if ($correct === 4) {
$chall->onChallengeSolved(GWF_Session::getUserID());
} else {
echo GWF_HTML::error('HashGame', $chall->lang('err_some_good', array($correct)), false);
}
}
