public function Reg($param)
{
//echo 'hello';
import('SC.Reg.Reg');
$userReg = new Reg($param);
$result = $userReg->run();
echo $result;
}
/**
* Does login operation
* @param string $username
* @param string $password
* @param bool $writeCookie
* @param bool $isPasswordEncrypted
*
* @throws RuntimeException (Codes: 1 - Incorrect login/password combination, 2 - Account is disabled)
*/
public function doLogin($username, $password, $writeCookie = false, $isPasswordEncrypted = false)
{
if ($this->um->checkCredentials($username, $password, $isPasswordEncrypted)) {
$this->usr = $this->um->getObjectByLogin($username);
$this->authorize($this->usr);
$this->saveUserId($this->usr->getId());
if ($writeCookie) {
$secs = getdate();
$exp_time = $secs[0] + 60 * 60 * 24 * $this->config->rememberDaysCount;
$cookie_value = $this->usr->getId() . ":" . hash('sha256', $username . ":" . md5($password));
setcookie($this->config->loginCookieName, $cookie_value, $exp_time, '/');
}
if (Reg::get('packageMgr')->isPluginLoaded("Security", "RequestLimiter") and $this->config->bruteForceProtectionEnabled) {
$this->query->exec("DELETE FROM `" . Tbl::get('TBL_SECURITY_INVALID_LOGINS_LOG') . "` WHERE `ip`='" . $_SERVER['REMOTE_ADDR'] . "'");
}
} else {
if (Reg::get('packageMgr')->isPluginLoaded("Security", "RequestLimiter") and $this->config->bruteForceProtectionEnabled) {
$this->query->exec("SELECT `count` \n\t\t\t\t\t\t\t\t\t\t\tFROM `" . Tbl::get('TBL_SECURITY_INVALID_LOGINS_LOG') . "` \n\t\t\t\t\t\t\t\t\t\t\tWHERE `ip`='" . $_SERVER['REMOTE_ADDR'] . "'");
$failedAuthCount = $this->query->fetchField('count');
$newFailedAuthCount = $failedAuthCount + 1;
if ($newFailedAuthCount >= $this->config->failedAuthLimit) {
Reg::get(ConfigManager::getConfig("Security", "RequestLimiter")->Objects->RequestLimiter)->blockIP();
$this->query->exec("DELETE FROM `" . Tbl::get('TBL_SECURITY_INVALID_LOGINS_LOG') . "` WHERE `ip`='" . $_SERVER['REMOTE_ADDR'] . "'");
throw new RequestLimiterTooManyAuthTriesException("Too many unsucessful authorization tries.");
}
$this->query->exec("INSERT INTO `" . Tbl::get('TBL_SECURITY_INVALID_LOGINS_LOG') . "` (`ip`) \n\t\t\t\t\t\t\t\t\t\tVALUES ('" . $_SERVER['REMOTE_ADDR'] . "')\n\t\t\t\t\t\t\t\t\t\tON DUPLICATE KEY UPDATE `count` = `count` + 1");
}
throw new RuntimeException("Incorrect login/password combination", static::EXCEPTION_INCORRECT_LOGIN_PASSWORD);
}
}
public function updateAttachmentMessageId($attachmentId, $newMessageId)
{
if (empty($attachmentId) or !is_numeric($attachmentId)) {
throw new InvalidIntegerArgumentException("\$attachmentId have to be non zero integer.");
}
if (empty($newMessageId) or !is_numeric($newMessageId)) {
throw new InvalidIntegerArgumentException("\$newMessageId have to be non zero integer.");
}
$convMgr = Reg::get(ConfigManager::getConfig("Messaging", "Conversations")->Objects->ConversationManager);
$filter = new ConversationMessagesFilter();
$filter->setId($newMessageId);
$message = $convMgr->getConversationMessage($filter);
$qb = new QueryBuilder();
$qb->update(Tbl::get('TBL_CONVERSATION_ATTACHEMENTS'))->set(new Field('message_id'), $message->id)->where($qb->expr()->equal(new Field('id'), $attachmentId));
MySqlDbManager::getDbObject()->startTransaction();
try {
$convMgr->setMessageHasAttachment($message);
$affected = $this->query->exec($qb->getSQL())->affected();
if (!MySqlDbManager::getDbObject()->commit()) {
MySqlDbManager::getDbObject()->rollBack();
}
} catch (Exception $e) {
MySqlDbManager::getDbObject()->rollBack();
throw $e;
}
}
function isAuthorized()
{
if (Reg::isRegistered(ConfigManager::getConfig("Users", "Users")->ObjectsIgnored->User)) {
return true;
}
return false;
}
protected function loadGeoIPGps()
{
$geoIPConfig = ConfigManager::getConfig("GeoIP", "GeoIP");
$gpsConfig = ConfigManager::getConfig("Gps", "Gps");
$geoIpGps = new GeoIPGps(Reg::get($geoIPConfig->Objects->GeoIP), Reg::get($gpsConfig->Objects->Gps));
$this->register($geoIpGps);
}
/**
* @param string $gpsId
* @return string
*/
function smarty_modifier_gpsName($gpsId)
{
if (empty($gpsId) or !is_numeric($gpsId)) {
return null;
}
return Reg::get('gps')->getNodeName($gpsId);
}
/**
* Get Country code from IP
*
* @param string $ip
* @return string
*/
function smarty_modifier_ipToCountryCode($ip)
{
if (!empty($ip)) {
return Reg::get('geoIp')->getCountryCode($ip, -1);
}
return "";
}
public function hookParseURL()
{
// Parse URL rewriting
if (!defined('IS_CGI')) {
Reg::get($this->config->Objects->rewriteURL)->parseURL();
}
}
protected function loadYubikeyUserAuthorization()
{
$usersConfig = ConfigManager::getConfig("Users", "Users");
$resultingConfig = ConfigManager::mergeConfigs($usersConfig->AuxConfig, $this->config->AuxConfig);
$yubikeyUserAuthorization = new YubikeyUserAuthorization(Reg::get($usersConfig->Objects->UserManagement), $resultingConfig);
$this->register($yubikeyUserAuthorization);
}
public function hookUserAuthorization()
{
$user = Reg::get($this->config->Objects->UserAuthorization)->getUserFromRequest();
if (is_a($user, "User")) {
Reg::register($this->config->ObjectsIgnored->User, $user);
}
}
public static function logCustom($name, $value)
{
$remoteIP = "";
if (isset($_SERVER['REMOTE_ADDR'])) {
$remoteIP = $_SERVER['REMOTE_ADDR'];
}
Reg::get('sql')->exec("INSERT DELAYED INTO `" . Tbl::get("TBL_MIXED_LOG") . "` \n\t\t\t\t\t\t\t\t\t\t(`session_id`,`name`,`value`,`ip`)\n\t\t\t\t\t\t\t\t\t\tVALUES (\n\t\t\t\t\t\t\t\t\t\t\t\t\t'" . session_id() . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($name) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($value) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t'{$remoteIP}'\n\t\t\t\t\t\t\t\t\t\t\t\t)");
}
/**
* Make link string from given formatted string.
* If OUTPUT_LINK_STYLE is
*
* @param string $string
* @param boolean $with_gets $_GET parametrs to the end
* @param string $exclude param from $_GET. (should be coma separated)
* @return string
*/
function smarty_modifier_glink($link, $with_gets = false, $exclude = '')
{
$exclude = explode(",", $exclude);
if ($with_gets) {
$link = RewriteURL::ensureSourceLastDelimiter($link) . get_all_get_params($exclude);
}
$link = Reg::get('rewriteURL')->glink($link);
return $link;
}
/**
* Make Json output and disable Smarty output
* @param array $array
*/
public static function jsonOutput($array)
{
$smartyConfig = ConfigManager::getConfig("Output", "Smarty");
Reg::get($smartyConfig->Objects->Smarty)->disableOutput();
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Content-type: application/json');
echo self::jsonEncode($array);
}
public function hookSetTemplateByHost()
{
$smarty = Reg::get(ConfigManager::getConfig("Smarty", "Smarty")->Objects->Smarty);
$host = Reg::get(ConfigManager::getConfig("Host", "Host")->Objects->Host);
$templateByHost = SmartyHostTpl::getTemplateByHost($host);
if ($templateByHost !== false) {
$smarty->setTemplate($templateByHost);
}
}
/**
* Function get random username
* @param string $prefix is name of current external plugin
* @return string
*/
private static function findFreeRandomUsername($prefix)
{
$um = Reg::get(ConfigManager::getConfig("Users", "Users")->Objects->UserManager);
$possibleUsername = $prefix . "_" . generateRandomString(6);
if (!$um->isLoginExists($possibleUsername, 0)) {
return $possibleUsername;
} else {
return static::findFreeRandomUsername($prefix);
}
}
public static function logCustom($name, $value)
{
$remoteIP = "";
if (isset($_SERVER['REMOTE_ADDR'])) {
$remoteIP = $_SERVER['REMOTE_ADDR'];
}
$qb = new QueryBuilder();
$qb->insert(Tbl::get('TBL_MIXED_LOG'))->values(array("session_id" => session_id(), "name" => $name, "value" => $value, "ip" => $remoteIP));
Reg::get('sql')->exec($qb->getSQL());
}
/**
* Make link string from given formatted string.
* If OUTPUT_LINK_STYLE is
*
* @param string $string
* @param boolean $with_gets $_GET parametrs to the end
* @param string $exclude param from $_GET. (should be coma separated)
* @return string
*/
function smarty_modifier_glink($link, $with_gets = false, $exclude = '')
{
$exclude = explode(",", $exclude);
if ($with_gets) {
RewriteURL::ensureLastSlash($link);
$link .= getAllGetParams($exclude);
}
$link = Reg::get('rewriteURL')->glink($link);
return $link;
}
/**
* Blacklist given country
*
* @param string $countryCode
* @throws InvalidArgumentException
* @throws RuntimeException
*/
public function blackListCountry($countryCode)
{
if (!Reg::get(ConfigManager::getConfig('GeoIP', 'GeoIP')->Objects->GeoIP)->isValidCountryCode($countryCode)) {
throw new InvalidArgumentException("Invalid country code specified for blacklisting");
}
$this->query->exec("SELECT count(*) as `count` FROM `" . Tbl::get('TBL_SECURITY_BLACKLISTED_COUNTRIES', 'IpFilter') . "`\n\t\t\t\t\t\t\t\tWHERE `country`='{$countryCode}'");
if ($this->query->fetchField('count') != 0) {
throw new RuntimeException("Sorry, this country already blacklisted!");
}
$this->query->exec("INSERT INTO `" . Tbl::get('TBL_SECURITY_BLACKLISTED_COUNTRIES', 'IpFilter') . "` \n\t\t\t\t\t\t\t\t(`country`) VALUES ('{$countryCode}') ");
}
protected function getTextAliasObjectFromData($data, $cacheMinutes = null)
{
$textAlias = new TextAlias();
$hostLanguagePair = HostLanguageManager::getHostLanguagePair($data['host_language'], $cacheMinutes);
$textAlias->id = $data['id'];
$textAlias->textValue = Reg::get(ConfigManager::getConfig("Texts")->Objects->TextsValuesManager)->getTextValueById($data['value_id'], $cacheMinutes);
$textAlias->language = $hostLanguagePair['language'];
$textAlias->host = $hostLanguagePair['host'];
$textAlias->hostLanguageId = $data['host_language'];
return $textAlias;
}
/**
* Call other controller with given URI.
* Can be used to call different controller using some logic.
* WARNING! All GET parameters are being lost upon redirection.
*
* @param string $uri
*/
function redirectController($uri)
{
$_SERVER['REQUEST_URI'] = SITE_PATH . $uri;
$_GET = array();
if (Reg::get('packageMgr')->isPluginLoaded("RewriteURL", "RewriteURL")) {
Reg::get(ConfigManager::getConfig("RewriteURL", "RewriteURL")->Objects->rewriteURL)->parseURL();
}
$newNav = Reg::get(ConfigManager::getConfig("SiteNavigation", "SiteNavigation")->Objects->RequestParser)->parse();
Reg::register(ConfigManager::getConfig("SiteNavigation", "SiteNavigation")->ObjectsIgnored->Nav, $newNav, true);
Reg::get(ConfigManager::getConfig("SiteNavigation", "SiteNavigation")->Objects->Controller)->exec();
}
public function hookSetPageInfo()
{
$smartyConfig = ConfigManager::getConfig("Smarty");
$siteNavConfig = ConfigManager::getConfig("SiteNavigation");
$module = Reg::get($siteNavConfig->ObjectsIgnored->Nav)->module;
$page = Reg::get($siteNavConfig->ObjectsIgnored->Nav)->page;
$pageInfo = $this->pageInfo->getInfo($module, $page);
Reg::get($smartyConfig->Objects->Smarty)->setPageTitle($pageInfo['title']);
Reg::get($smartyConfig->Objects->Smarty)->setPageKeywords($pageInfo['meta_keywords']);
Reg::get($smartyConfig->Objects->Smarty)->setPageDescription($pageInfo['meta_description']);
}
/**
* @param string $string
* @return string
*/
function smarty_modifier_C($constantName)
{
$value = "";
// try{
$value = Reg::get('lm')->getValueOf($constantName);
/*}
catch(Exception $e){
$value = constant($constantName);
}*/
return $value;
}
public static function logRequest($dbInstanceKey = null)
{
$sql = MySqlDbManager::getQueryObject($dbInstanceKey);
$userId = "NULL";
$userObjectSerialized = "''";
$userObj = Reg::get(ConfigManager::getConfig("Users", "Users")->ObjectsIgnored->User);
if ($userObj->isAuthorized()) {
$userId = $userObj->getId();
$userObjectSerialized = "'" . mysql_real_escape_string(serialize($userObj)) . "'";
}
$sql->exec("INSERT DELAYED INTO `" . Tbl::get("TBL_REQUEST_LOG") . "` \n\t\t\t\t\t\t(`user_id`, `user_obj`,`session_id`, `get`, `post`, `server`, `cookies`, `session`, `response`)\n\t\t\t\t\t\tVALUES\t(\n\t\t\t\t\t\t\t\t\t{$userId},\n\t\t\t\t\t\t\t\t\t{$userObjectSerialized},\n\t\t\t\t\t\t\t\t\t'" . session_id() . "',\n\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string(serialize($_GET)) . "',\n\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string(serialize($_POST)) . "',\n\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string(serialize($_SERVER)) . "',\n\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string(serialize($_COOKIE)) . "',\n\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string(serialize($_SESSION)) . "',\n\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string(ob_get_contents()) . "'\n\t\t\t\t\t\t\t\t)");
}
protected function customInitAfterObjects()
{
$hostLangId = null;
$configDBFilter = new ConfigDBFilter();
if (Reg::get('packageMgr')->isPluginLoaded("Language", "HostLanguage")) {
$hostName = ConfigManager::getConfig("Host", "Host")->Objects->Host;
$languageName = ConfigManager::getConfig("Language", "Language")->ObjectsIgnored->Language;
$hostLangId = HostLanguageManager::getHostLanguageId(Reg::get($hostName), Reg::get($languageName));
$configDBFilter->setCommonOrHostLang($hostLangId);
}
ConfigDBManager::initDBConfig($configDBFilter);
}
public function getDataArray()
{
$responseArray = array();
if (!empty($this->newLastId)) {
$responseArray['lastId'] = $this->newLastId;
} else {
$responseArray['lastId'] = Reg::get('convMgr')->getMessagesLastId();
}
if (is_array($this->newMessages) and count($this->newMessages) > 0) {
$responseArray['messages'] = $this->newMessages;
}
return $responseArray;
}
/**
* Return text for currect host/language
*
* @param string $name
* @param string $group
* @return string
*/
function smarty_modifier_text($name, $group)
{
try {
$textValMgr = Reg::get(ConfigManager::getConfig("Texts", "Texts")->Objects->TextsValuesManager);
return $textValMgr->getTextValue($name, $group);
} catch (Exception $e) {
if (Debug::getMode()) {
return "_~#~_";
} else {
return "";
}
}
}
public static function logRequest($dbInstanceKey = null)
{
$sql = MySqlDbManager::getQueryObject($dbInstanceKey);
$userId = "NULL";
$userObjectSerialized = "''";
$userObj = Reg::get(ConfigManager::getConfig("Users", "Users")->ObjectsIgnored->User);
if ($userObj->isAuthorized()) {
$userId = $userObj->id;
$userObjectSerialized = "'" . mysql_real_escape_string(serialize($userObj)) . "'";
}
$qb = new QueryBuilder();
$qb->insert(Tbl::get('TBL_REQUEST_LOG'))->values(array("user_id" => $userId, "user_obj" => $userObjectSerialized, "session_id" => session_id(), "get" => serialize($_GET), "post" => serialize($_POST), "server" => serialize($_SERVER), "cookies" => serialize($_COOKIE), "session" => serialize($_SESSION), "response" => ob_get_contents()));
$sql->exec($qb->getSQL());
}
/**
* @param string $string
* @return string
*/
function smarty_modifier_img($filename, $backupFileName = null)
{
/* @var $smarty SamrtyWrapper */
$smarty = Reg::get(ConfigManager::getConfig("Output", "Smarty")->Objects->Smarty);
try {
return SITE_PATH . $smarty->findFilePath('img/' . $filename);
} catch (Exception $e) {
if ($backupFileName !== null) {
return SITE_PATH . $smarty->findFilePath('img/' . $backupFileName);
} else {
throw $e;
}
}
}
function getMyPermissionsHash()
{
$permissionsList = "";
if (isAuthorized()) {
if (isset(Reg::get('usr')->perms) and !empty(Reg::get('usr')->perms)) {
if (is_array(Reg::get('usr')->perms->permissionsList)) {
foreach (Reg::get('usr')->perms->permissionsList as $perm) {
$permissionsList .= $perm->id . ':';
}
}
}
}
return md5($permissionsList);
}
public function hookSetTemplateByHost()
{
$controller = Reg::get(ConfigManager::getConfig("SiteNavigation", "SiteNavigation")->Objects->Controller);
$smarty = Reg::get(ConfigManager::getConfig("Output", "Smarty")->Objects->Smarty);
$host = Reg::get(ConfigManager::getConfig("Host", "Host")->Objects->Host);
$result = HostControllerTemplate::getControllerTemplateByHost($host);
if ($result !== false) {
if (isset($result['controller']) and !empty($result['controller'])) {
$controller->setControllersPath($result['controller']);
}
if (isset($result['template']) and !empty($result['template'])) {
$smarty->setTemplate($result['template']);
}
}
}