/** * If a file is posted beyond php's posting limits, it will drop the * POST without an error message. checkOverPost sends the user to an * overpost error page. */ public static function checkOverPost() { if (!isset($_GET['check_overpost'])) { return true; } elseif (empty($_POST) && isset($_SERVER['CONTENT_LENGTH'])) { Security::log(_('User tried to post a file beyond server limits.')); PHPWS_Core::errorPage('overpost'); } return true; }
public static function disallow($message = null) { if (!isset($message)) { $message = dgettext('users', 'Improper permission level for action requested.'); } Security::log($message); PHPWS_Core::errorPage('403'); }
/* Security against those with register globals = on */ if (ini_get('register_globals')) { ini_set('register_globals', FALSE); foreach ($_REQUEST as $requestVarName => $nullIT) { unset($requestVarName); } unset($nullIT); } /* Attempts to turn off use_trans_sid if enabled */ if (ini_get('session.use_trans_sid')) { ini_set('session.use_trans_sid', FALSE); ini_set('url_rewriter.tags', ''); } // Attempt to clean out the xss tags if (!PHPWS_Core::allowScriptTags() && (!checkUserInput($_SERVER['REQUEST_URI']) || !checkUserInput($_REQUEST))) { Security::log(_('Attempted cross-site scripting attack.')); PHPWS_Core::errorPage('400'); } /** * Checks for <script> embedding and any double-URL-encoded data * * @return bool */ function checkUserInput($input) { $scripting = '/(%3C|<|<|<)\\s*(script|\\?)/iU'; $asciiChars = '/%(0|1)(\\d|[a-f])/i'; // Call recursively if input is an array if (is_array($input)) { foreach ($input as $input_val) { if (!checkUserInput($input_val)) {
public function postForgot(&$content) { if (empty($_POST['fg_username']) && empty($_POST['fg_email'])) { $content = dgettext('users', 'You must enter either a username or email address.'); return false; } if (!empty($_POST['fg_username'])) { $username = $_POST['fg_username']; if (preg_match('/\'|"/', html_entity_decode(strip_tags($username), ENT_QUOTES))) { $content = dgettext('users', 'User name not found. Check your spelling or enter an email address instead.'); return false; } $db = new PHPWS_DB('users'); $db->addWhere('username', strtolower($username)); $db->addColumn('email'); $db->addColumn('id'); $db->addColumn('deity'); $db->addColumn('authorize'); $user_search = $db->select('row'); if (PHPWS_Error::logIfError($user_search)) { $content = dgettext('users', 'User name not found. Check your spelling or enter an email address instead.'); return false; } elseif (empty($user_search)) { $content = dgettext('users', 'User name not found. Check your spelling or enter an email address instead.'); return false; } else { if ($user_search['deity'] && !ALLOW_DEITY_FORGET) { Security::log(dgettext('users', 'Forgotten password attempt made on a deity account.')); $content = dgettext('users', 'User name not found. Check your spelling or enter an email address instead.'); return false; } if ($user_search['authorize'] != 1) { $content = sprintf(dgettext('users', 'Sorry but your authorization is not checked on this site. Please contact %s for information on reseting your password.'), PHPWS_User::getUserSetting('site_contact')); return false; } if (PHPWS_Core::isPosted()) { $content = dgettext('users', 'Please check your email for a response.'); return true; } if (empty($user_search['email'])) { $content = dgettext('users', 'Your email address is missing from your account. Please contact the site administrators.'); PHPWS_Error::log(USER_ERR_NO_EMAIL, 'users', 'User_Action::postForgot'); return true; } if (User_Action::emailPasswordReset($user_search['id'], $user_search['email'])) { $content = dgettext('users', 'We have sent you an email to reset your password.'); return true; } else { $content = dgettext('users', 'We are currently unable to send out email reminders. Try again later.'); return true; } } } elseif (!empty($_POST['fg_email'])) { $email = $_POST['fg_email']; if (preg_match('/\'|"/', html_entity_decode(strip_tags($email), ENT_QUOTES))) { $content = dgettext('users', 'Email address not found. Please try again.'); return false; } if (!PHPWS_Text::isValidInput($email, 'email')) { $content = dgettext('users', 'Email address not found. Please try again.'); return false; } $db = new PHPWS_DB('users'); $db->addWhere('email', $email); $db->addColumn('username'); $user_search = $db->select('row'); if (PHPWS_Error::logIfError($user_search)) { $content = dgettext('users', 'Email address not found. Please try again.'); return false; } elseif (empty($user_search)) { $content = dgettext('users', 'Email address not found. Please try again.'); return false; } else { if (PHPWS_Core::isPosted()) { $content = dgettext('users', 'Please check your email for a response.'); return true; } if (User_Action::emailUsernameReminder($user_search['username'], $email)) { $content = dgettext('users', 'We have sent you an user name reminder. Please check your email and return to log in.'); return true; } else { $content = dgettext('users', 'We are currently unable to send out email reminders. Try again later.'); return true; } } } }
public static function rememberLogin() { if (!isset($_SESSION['User'])) { return false; } $remember = PHPWS_Cookie::read('remember_me'); if (!$remember) { return false; } $rArray = @unserialize($remember); if (!is_array($rArray)) { return false; } if (!isset($rArray['username']) || !isset($rArray['password'])) { return false; } if (preg_match('/\\W/', $rArray['password'])) { return false; } $username = strtolower($rArray['username']); if (preg_match('/\'|"/', html_entity_decode($username, ENT_QUOTES))) { Security::log(dgettext('users', 'User tried to login using Remember Me with a malformed cookie.')); return false; } $db = new PHPWS_DB('user_authorization'); $db->addWhere('username', $username); $db->addWhere('password', $rArray['password']); $result = $db->select('row'); if (!$result) { return false; } elseif (PHPWS_Error::isError($result)) { PHPWS_Error::log($result); return false; } $db2 = new PHPWS_DB('users'); $db2->addWhere('username', $username); $db2->addWhere('approved', 1); $db2->addWhere('active', 1); if (!ALLOW_DEITY_REMEMBER_ME) { $db2->addWhere('deity', 0); } $result = $db2->loadObject($_SESSION['User']); if (!$result) { return false; } elseif (PHPWS_Error::isError($result)) { PHPWS_Error::log($result); return false; } $_SESSION['User']->login(); return true; }