示例#1
0
/**
 * Question the verity of the admin by asking for his or her password.
 * - loads Login.template.php and uses the admin_login sub template.
 * - sends data to template so the admin is sent on to the page they
 *   wanted if their password is correct, otherwise they can try again.
 *
 * @param string $type = 'admin'
 */
function adminLogin($type = 'admin')
{
    global $context, $scripturl, $txt, $user_info, $user_settings;
    loadLanguage('Admin');
    loadTemplate('Login');
    // Validate what type of session check this is.
    $types = array();
    call_integration_hook('integrate_validateSession', array($types));
    $type = in_array($type, $types) || $type == 'moderate' ? $type : 'admin';
    // They used a wrong password, log it and unset that.
    if (isset($_POST[$type . '_hash_pass']) || isset($_POST[$type . '_pass'])) {
        $txt['security_wrong'] = sprintf($txt['security_wrong'], isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $txt['unknown'], $_SERVER['HTTP_USER_AGENT'], $user_info['ip']);
        log_error($txt['security_wrong'], 'critical');
        if (isset($_POST[$type . '_hash_pass'])) {
            unset($_POST[$type . '_hash_pass']);
        }
        if (isset($_POST[$type . '_pass'])) {
            unset($_POST[$type . '_pass']);
        }
        $context['incorrect_password'] = true;
    }
    createToken('admin-login');
    // Figure out the get data and post data.
    $context['get_data'] = '?' . construct_query_string($_GET);
    $context['post_data'] = '';
    // Now go through $_POST.  Make sure the session hash is sent.
    $_POST[$context['session_var']] = $context['session_id'];
    foreach ($_POST as $k => $v) {
        $context['post_data'] .= adminLogin_outputPostVars($k, $v);
    }
    // Now we'll use the admin_login sub template of the Login template.
    $context['sub_template'] = 'admin_login';
    // And title the page something like "Login".
    if (!isset($context['page_title'])) {
        $context['page_title'] = $txt['login'];
    }
    // The type of action.
    $context['sessionCheckType'] = $type;
    obExit();
    // We MUST exit at this point, because otherwise we CANNOT KNOW that the user is privileged.
    trigger_error('Hacking attempt...', E_USER_ERROR);
}
示例#2
0
function smf_openID_return()
{
    global $smcFunc, $user_info, $user_profile, $sourcedir, $modSettings, $context, $sc, $user_settings;
    // Is OpenID even enabled?
    if (empty($modSettings['enableOpenID'])) {
        fatal_lang_error('no_access', false);
    }
    if (!isset($_GET['openid_mode'])) {
        fatal_lang_error('openid_return_no_mode', false);
    }
    // @todo Check for error status!
    if ($_GET['openid_mode'] != 'id_res') {
        fatal_lang_error('openid_not_resolved');
    }
    // SMF has this annoying habit of removing the + from the base64 encoding.  So lets put them back.
    foreach (array('openid_assoc_handle', 'openid_invalidate_handle', 'openid_sig', 'sf') as $key) {
        if (isset($_GET[$key])) {
            $_GET[$key] = str_replace(' ', '+', $_GET[$key]);
        }
    }
    // Did they tell us to remove any associations?
    if (!empty($_GET['openid_invalidate_handle'])) {
        smf_openid_removeAssociation($_GET['openid_invalidate_handle']);
    }
    $server_info = smf_openid_getServerInfo($_GET['openid_identity']);
    // Get the association data.
    $assoc = smf_openID_getAssociation($server_info['server'], $_GET['openid_assoc_handle'], true);
    if ($assoc === null) {
        fatal_lang_error('openid_no_assoc');
    }
    $secret = base64_decode($assoc['secret']);
    $signed = explode(',', $_GET['openid_signed']);
    $verify_str = '';
    foreach ($signed as $sign) {
        $verify_str .= $sign . ':' . strtr($_GET['openid_' . str_replace('.', '_', $sign)], array('&' => '&')) . "\n";
    }
    $verify_str = base64_encode(sha1_hmac($verify_str, $secret));
    if ($verify_str != $_GET['openid_sig']) {
        fatal_lang_error('openid_sig_invalid', 'critical');
    }
    if (!isset($_SESSION['openid']['saved_data'][$_GET['t']])) {
        fatal_lang_error('openid_load_data');
    }
    $openid_uri = $_SESSION['openid']['saved_data'][$_GET['t']]['openid_uri'];
    $modSettings['cookieTime'] = $_SESSION['openid']['saved_data'][$_GET['t']]['cookieTime'];
    if (empty($openid_uri)) {
        fatal_lang_error('openid_load_data');
    }
    // Any save fields to restore?
    $context['openid_save_fields'] = isset($_GET['sf']) ? unserialize(base64_decode($_GET['sf'])) : array();
    // Is there a user with this OpenID_uri?
    $result = $smcFunc['db_query']('', '
		SELECT passwd, id_member, id_group, lngfile, is_activated, email_address, additional_groups, member_name, password_salt,
			openid_uri
		FROM {db_prefix}members
		WHERE openid_uri = {string:openid_uri}', array('openid_uri' => $openid_uri));
    $member_found = $smcFunc['db_num_rows']($result);
    if (!$member_found && isset($_GET['sa']) && $_GET['sa'] == 'change_uri' && !empty($_SESSION['new_openid_uri']) && $_SESSION['new_openid_uri'] == $openid_uri) {
        // Update the member.
        updateMemberData($user_settings['id_member'], array('openid_uri' => $openid_uri));
        unset($_SESSION['new_openid_uri']);
        $_SESSION['openid'] = array('verified' => true, 'openid_uri' => $openid_uri);
        // Send them back to profile.
        redirectexit('action=profile;area=authentication;updated');
    } elseif (!$member_found) {
        // Store the received openid info for the user when returned to the registration page.
        $_SESSION['openid'] = array('verified' => true, 'openid_uri' => $openid_uri);
        if (isset($_GET['openid_sreg_nickname'])) {
            $_SESSION['openid']['nickname'] = $_GET['openid_sreg_nickname'];
        }
        if (isset($_GET['openid_sreg_email'])) {
            $_SESSION['openid']['email'] = $_GET['openid_sreg_email'];
        }
        if (isset($_GET['openid_sreg_dob'])) {
            $_SESSION['openid']['dob'] = $_GET['openid_sreg_dob'];
        }
        if (isset($_GET['openid_sreg_gender'])) {
            $_SESSION['openid']['gender'] = $_GET['openid_sreg_gender'];
        }
        // Were we just verifying the registration state?
        if (isset($_GET['sa']) && $_GET['sa'] == 'register2') {
            require_once $sourcedir . '/Register.php';
            return Register2(true);
        } else {
            redirectexit('action=register');
        }
    } elseif (isset($_GET['sa']) && $_GET['sa'] == 'revalidate' && $user_settings['openid_uri'] == $openid_uri) {
        $_SESSION['openid_revalidate_time'] = time();
        // Restore the get data.
        require_once $sourcedir . '/Subs-Auth.php';
        $_SESSION['openid']['saved_data'][$_GET['t']]['get']['openid_restore_post'] = $_GET['t'];
        $query_string = construct_query_string($_SESSION['openid']['saved_data'][$_GET['t']]['get']);
        redirectexit($query_string);
    } else {
        $user_settings = $smcFunc['db_fetch_assoc']($result);
        $smcFunc['db_free_result']($result);
        $user_settings['passwd'] = sha1(strtolower($user_settings['member_name']) . $secret);
        $user_settings['password_salt'] = substr(md5(mt_rand()), 0, 4);
        updateMemberData($user_settings['id_member'], array('passwd' => $user_settings['passwd'], 'password_salt' => $user_settings['password_salt']));
        // Cleanup on Aisle 5.
        $_SESSION['openid'] = array('verified' => true, 'openid_uri' => $openid_uri);
        require_once $sourcedir . '/LogInOut.php';
        if (!checkActivation()) {
            return;
        }
        DoLogin();
    }
}
示例#3
0
function adminLogin()
{
    global $context, $scripturl, $txt, $user_info, $user_settings;
    loadLanguage('Admin');
    EoS_Smarty::loadTemplate('generic_skeleton');
    EoS_Smarty::getConfigInstance()->registerHookTemplate('generic_content_area', 'loginout/adminlogin');
    // They used a wrong password, log it and unset that.
    if (isset($_POST['admin_hash_pass']) || isset($_POST['admin_pass'])) {
        $txt['security_wrong'] = sprintf($txt['security_wrong'], isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $txt['unknown'], $_SERVER['HTTP_USER_AGENT'], $user_info['ip']);
        log_error($txt['security_wrong'], 'critical');
        if (isset($_POST['admin_hash_pass'])) {
            unset($_POST['admin_hash_pass']);
        }
        if (isset($_POST['admin_pass'])) {
            unset($_POST['admin_pass']);
        }
        $context['incorrect_password'] = true;
    }
    // Figure out the get data and post data.
    $context['get_data'] = '?' . construct_query_string($_GET);
    $context['post_data'] = '';
    // Now go through $_POST.  Make sure the session hash is sent.
    $_POST[$context['session_var']] = $context['session_id'];
    foreach ($_POST as $k => $v) {
        $context['post_data'] .= adminLogin_outputPostVars($k, $v);
    }
    // And title the page something like "Login".
    if (!isset($context['page_title'])) {
        $context['page_title'] = $txt['login'];
    }
    obExit();
    // We MUST exit at this point, because otherwise we CANNOT KNOW that the user is privileged.
    trigger_error('Hacking attempt...', E_USER_ERROR);
}
示例#4
0
 /**
  * Callback action handler for OpenID
  */
 public function action_openidreturn()
 {
     global $modSettings, $context, $user_settings;
     // We'll need our subs.
     require_once SUBSDIR . '/OpenID.subs.php';
     // Is OpenID even enabled?
     if (empty($modSettings['enableOpenID'])) {
         fatal_lang_error('no_access', false);
     }
     // The OpenID provider did not respond with the OpenID mode? Throw an error..
     if (!isset($_GET['openid_mode'])) {
         fatal_lang_error('openid_return_no_mode', false);
     }
     // @todo Check for error status!
     if ($_GET['openid_mode'] != 'id_res') {
         fatal_lang_error('openid_not_resolved');
     }
     // this has annoying habit of removing the + from the base64 encoding.  So lets put them back.
     foreach (array('openid_assoc_handle', 'openid_invalidate_handle', 'openid_sig', 'sf') as $key) {
         if (isset($_GET[$key])) {
             $_GET[$key] = str_replace(' ', '+', $_GET[$key]);
         }
     }
     $openID = new OpenID();
     // Did they tell us to remove any associations?
     if (!empty($_GET['openid_invalidate_handle'])) {
         $openID->removeAssociation($_GET['openid_invalidate_handle']);
     }
     // Get the OpenID server info.
     $server_info = $openID->getServerInfo($_GET['openid_identity']);
     // Get the association data.
     $assoc = $openID->getAssociation($server_info['server'], $_GET['openid_assoc_handle'], true);
     if ($assoc === null) {
         fatal_lang_error('openid_no_assoc');
     }
     $secret = base64_decode($assoc['secret']);
     $signed = explode(',', $_GET['openid_signed']);
     $verify_str = '';
     foreach ($signed as $sign) {
         $verify_str .= $sign . ':' . strtr($_GET['openid_' . str_replace('.', '_', $sign)], array('&' => '&')) . "\n";
     }
     $verify_str = base64_encode(hash_hmac('sha1', $verify_str, $secret, true));
     // Verify the OpenID signature.
     if ($verify_str != $_GET['openid_sig']) {
         fatal_lang_error('openid_sig_invalid', 'critical');
     }
     if (!isset($_SESSION['openid']['saved_data'][$_GET['t']])) {
         fatal_lang_error('openid_load_data');
     }
     $openid_uri = $_SESSION['openid']['saved_data'][$_GET['t']]['openid_uri'];
     $modSettings['cookieTime'] = $_SESSION['openid']['saved_data'][$_GET['t']]['cookieTime'];
     if (empty($openid_uri)) {
         fatal_lang_error('openid_load_data');
     }
     // Any save fields to restore?
     $context['openid_save_fields'] = isset($_GET['sf']) ? unserialize(base64_decode($_GET['sf'])) : array();
     $context['openid_claimed_id'] = $_GET['openid_claimed_id'];
     // Is there a user with this OpenID_uri?
     $member_found = memberByOpenID($context['openid_claimed_id']);
     if (empty($member_found) && isset($_GET['sa']) && $_GET['sa'] == 'change_uri' && !empty($_SESSION['new_openid_uri']) && $_SESSION['new_openid_uri'] == $context['openid_claimed_id']) {
         // Update the member.
         updateMemberData($user_settings['id_member'], array('openid_uri' => $context['openid_claimed_id']));
         unset($_SESSION['new_openid_uri']);
         $_SESSION['openid'] = array('verified' => true, 'openid_uri' => $context['openid_claimed_id']);
         // Send them back to profile.
         redirectexit('action=profile;area=authentication;updated');
     } elseif (empty($member_found)) {
         // Store the received openid info for the user when returned to the registration page.
         $_SESSION['openid'] = array('verified' => true, 'openid_uri' => $context['openid_claimed_id']);
         if (isset($_GET['openid_sreg_nickname'])) {
             $_SESSION['openid']['nickname'] = $_GET['openid_sreg_nickname'];
         }
         if (isset($_GET['openid_sreg_email'])) {
             $_SESSION['openid']['email'] = $_GET['openid_sreg_email'];
         }
         if (isset($_GET['openid_sreg_dob'])) {
             $_SESSION['openid']['dob'] = $_GET['openid_sreg_dob'];
         }
         if (isset($_GET['openid_sreg_gender'])) {
             $_SESSION['openid']['gender'] = $_GET['openid_sreg_gender'];
         }
         // Were we just verifying the registration state?
         if (isset($_GET['sa']) && $_GET['sa'] == 'register2') {
             require_once CONTROLLERDIR . '/Register.controller.php';
             $controller = new Register_Controller();
             return $controller->action_register2(true);
         } else {
             redirectexit('action=register');
         }
     } elseif (isset($_GET['sa']) && $_GET['sa'] == 'revalidate' && $user_settings['openid_uri'] == $openid_uri) {
         $_SESSION['openid_revalidate_time'] = time();
         // Restore the get data.
         require_once SUBSDIR . '/Auth.subs.php';
         $_SESSION['openid']['saved_data'][$_GET['t']]['get']['openid_restore_post'] = $_GET['t'];
         $query_string = construct_query_string($_SESSION['openid']['saved_data'][$_GET['t']]['get']);
         redirectexit($query_string);
     } else {
         $user_settings = $member_found;
         // @Todo: this seems outdated?
         $user_settings['passwd'] = sha1(strtolower($user_settings['member_name']) . $secret);
         $user_settings['password_salt'] = substr(md5(mt_rand()), 0, 4);
         updateMemberData($user_settings['id_member'], array('passwd' => $user_settings['passwd'], 'password_salt' => $user_settings['password_salt']));
         // Cleanup on Aisle 5.
         $_SESSION['openid'] = array('verified' => true, 'openid_uri' => $context['openid_claimed_id']);
         require_once CONTROLLERDIR . '/Auth.controller.php';
         // Activation required?
         if (!checkActivation()) {
             return;
         }
         // Finally do the login.
         doLogin();
     }
 }