public function actionSetPushToken() { $token = $this->_input->filterSingle('token', XenForo_Input::STRING); $visitor = XenForo_Visitor::getInstance(); if (!$visitor->getUserId()) { fr_no_permission(); } fr_update_push_user('', 1, $token); return array('success' => true); }
function do_get_new_updates() { global $vbulletin; require_once DIR . '/includes/functions_login.php'; $vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'password' => TYPE_STR, 'md5_password' => TYPE_STR, 'fr_username' => TYPE_STR, 'fr_b' => TYPE_BOOL)); if (!$vbulletin->GPC['username'] || !$vbulletin->GPC['password'] && !$vbulletin->GPC['md5_password']) { json_error(ERR_NO_PERMISSION); } $vbulletin->GPC['username'] = prepare_remote_utf8_string($vbulletin->GPC['username']); $vbulletin->GPC['password'] = prepare_remote_utf8_string($vbulletin->GPC['password']); if (!verify_authentication($vbulletin->GPC['username'], $vbulletin->GPC['password'], $vbulletin->GPC['md5_password'], $vbulletin->GPC['md5_password'], $vbulletin->GPC['cookieuser'], true)) { json_error(ERR_NO_PERMISSION); } // Don't save the session, we just want pm & marked thread info process_new_login('', false, ''); // Since we are not saving the session, fetch our userinfo $vbulletin->userinfo =& fetch_userinfo($vbulletin->userinfo['userid']); cache_permissions($vbulletin->userinfo, true); $sub_notices = get_sub_thread_updates(); fr_update_push_user($vbulletin->GPC['fr_username'], $vbulletin->GPC['fr_b']); return array('pm_notices' => $vbulletin->userinfo['pmunread'], 'sub_notices' => $sub_notices); }
function do_login() { global $fr_version, $fr_platform; $options = vB::get_datastore()->get_value('options'); $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('username' => vB_Cleaner::TYPE_STR, 'password' => vB_Cleaner::TYPE_STR, 'md5_password' => vB_Cleaner::TYPE_STR, 'fr_username' => vB_Cleaner::TYPE_STR, 'fr_b' => vB_Cleaner::TYPE_BOOL, 'token' => vB_Cleaner::TYPE_STR)); $navbg = null; if (strlen($options['forumrunner_branding_navbar_bg'])) { $navbg = $options['forumrunner_branding_navbar_bg']; if (is_iphone() && strlen($navbg) == 7) { $r = hexdec(substr($navbg, 1, 2)); $g = hexdec(substr($navbg, 3, 2)); $b = hexdec(substr($navbg, 5, 2)); $navbg = "{$r},{$g},{$b}"; } } $out = array('v' => $fr_version, 'p' => $fr_platform); if ($navbg) { $out['navbg'] = $navbg; } if (is_iphone() && $options['forumrunner_admob_publisherid_iphone']) { $out['admob'] = $options['forumrunner_admob_publisherid_iphone']; } else { if (is_android() && $options['forumrunner_admob_publisherid_android']) { $out['admob'] = $options['forumrunner_admob_publisherid_android']; } } if ($options['forumrunner_google_analytics_id']) { $out['gan'] = $options['forumrunner_google_analytics_id']; } if ($options['forumrunner_enable_registration']) { $out['reg'] = true; } if (!$cleaned['username'] || !$cleaned['password'] && !$cleaned['md5_password']) { // This could be an attempt to see if forums require login. Check. $out += array('authenticated' => false, 'requires_authentication' => requires_authentication()); } else { $login = vB_Api::instance('user')->login($cleaned['username'], $cleaned['password'], '', '', 'cplogin'); if (isset($login['errors']) and !empty($login['errors'])) { $login = vB_Api::instance('user')->login($cleaned['username'], $cleaned['password'], '', '', ''); if (isset($login['errors']) and !empty($login['errors'])) { return json_error('Incorrect login.', RV_BAD_PASSWORD); } } if (!$options['bbactive'] && !vB::getUserContext()->hasAdminPermission('cancontrolpanel')) { vB_Api::instance('user')->processLogout(); return json_error(strip_tags($options['bbclosedreason']), RV_BAD_PASSWORD); } if (isset($login['cpsession'])) { vB5_Cookie::set('cpsession', $login['cpsession'], 30); } vB5_Cookie::set('sessionhash', $login['sessionhash'], 30); vB5_Cookie::set('password', $login['password'], 30); vB5_Cookie::set('userid', $login['userid'], 30); if (isset($cleaned['fr_username'])) { fr_update_push_user($cleaned['fr_username'], $cleaned['fr_b']); } $userinfo = vB_Api::instance('user')->fetchUserInfo(); $out += array('authenticated' => true, 'username' => $userinfo['username'], 'cookiepath' => $options['cookiepath']); } return $out; }
public function actionLogin() { global $fr_version, $fr_platform; $vals = $this->_input->filter(array('username' => XenForo_Input::STRING, 'password' => XenForo_Input::STRING, 'md5_password' => XenForo_Input::STRING, 'fr_username' => XenForo_Input::STRING, 'fr_b' => XenForo_Input::UINT, 'token' => XenForo_Input::STRING)); $login_model = $this->_getLoginModel(); $user_model = $this->_getUserModel(); $options = XenForo_Application::get('options'); $navbg = ''; $style = $options->forumrunnerColor; if ($style) { // Convert to right style. iPhone needs r,g,b. Android needs #rrggbb. $color = convert_color($style); if (is_iphone() && strlen($color) == 7) { $r = hexdec(substr($color, 1, 2)); $g = hexdec(substr($color, 3, 2)); $b = hexdec(substr($color, 5, 2)); $color = "{$r},{$g},{$b}"; } $navbg = $color; } $authenticated = false; $requires_authentication = false; $out = array(); if (!$vals['username'] || !$vals['password'] && !$vals['md5_password']) { if (!XenForo_Visitor::getInstance()->hasPermission('general', 'view')) { $requires_authentication = true; } $options = XenForo_Application::get('options'); if (!$options->boardActive && !XenForo_Visitor::getInstance()->get('is_admin')) { $requires_authentication = true; } } else { $user_id = $user_model->validateAuthentication($vals['username'], $vals['password'], $error); if (!$user_id) { $login_model->logLoginAttempt($vals['username']); json_error($error->render(), RV_BAD_PASSWORD); } $login_model->clearLoginAttempts($vals['username']); $user_model->setUserRememberCookie($user_id); XenForo_Model_Ip::log($user_id, 'user', $user_id, 'login'); XenForo_Application::get('session')->changeUserId($user_id); XenForo_Visitor::setup($user_id); $out['username'] = prepare_utf8_string(XenForo_Visitor::getInstance()->get('username')); $authenticated = true; } $out += array('authenticated' => $authenticated, 'v' => $fr_version, 'p' => $fr_platform, 'requires_authentication' => $requires_authentication); if ($navbg != '') { $out['navbg'] = $navbg; } if (is_iphone() && $options->forumrunnerAdsAdMobPublisherIDiPhone) { $out['admob'] = $options->forumrunnerAdsAdMobPublisherIDiPhone; } else { if (is_android() && $options->forumrunnerAdsAdMobPublisherIDAndroid) { $out['admob'] = $options->forumrunnerAdsAdMobPublisherIDAndroid; } } if ($options->forumrunnerGoogleAnalyticsID && $options->forumrunnerGoogleAnalyticsID != '') { $out['gan'] = $options->forumrunnerGoogleAnalyticsID; } if ($options->forumrunnerFacebookApplicationID && $options->forumrunnerFacebookApplicationID != '') { $out['fb'] = $options->forumrunnerFacebookApplicationID; } if ($options->forumrunnerRegistration) { $out['reg'] = true; } fr_update_push_user($vals['fr_username'], $vals['fr_b'], $vals['token']); return $out; }
function do_login() { global $vbulletin, $fr_version, $fr_platform; $vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'password' => TYPE_STR, 'md5_password' => TYPE_STR, 'fr_username' => TYPE_STR, 'fr_b' => TYPE_BOOL)); $navbg = null; if (strlen($vbulletin->options['forumrunner_branding_navbar_bg'])) { $navbg = $vbulletin->options['forumrunner_branding_navbar_bg']; if (is_iphone() && strlen($navbg) == 7) { $r = hexdec(substr($navbg, 1, 2)); $g = hexdec(substr($navbg, 3, 2)); $b = hexdec(substr($navbg, 5, 2)); $navbg = "{$r},{$g},{$b}"; } } $vbulletin->GPC['username'] = prepare_remote_utf8_string($vbulletin->GPC['username']); $vbulletin->GPC['password'] = prepare_remote_utf8_string($vbulletin->GPC['password']); $out = array('v' => $fr_version, 'p' => $fr_platform); if ($navbg) { $out['navbg'] = $navbg; } if (is_iphone() && $vbulletin->options['forumrunner_admob_publisherid_iphone']) { $out['admob'] = $vbulletin->options['forumrunner_admob_publisherid_iphone']; } else { if (is_android() && $vbulletin->options['forumrunner_admob_publisherid_android']) { $out['admob'] = $vbulletin->options['forumrunner_admob_publisherid_android']; } } if ($vbulletin->options['forumrunner_google_analytics_id']) { $out['gan'] = $vbulletin->options['forumrunner_google_analytics_id']; } if ($vbulletin->options['forumrunner_facebook_application_id']) { $out['fb'] = $vbulletin->options['forumrunner_facebook_application_id']; } if ($vbulletin->options['forumrunner_cms_onoff']) { $out['cms'] = true; $out['cms_section'] = $vbulletin->options['forumrunner_cms_section']; } if ($vbulletin->options['forumrunner_enable_registration']) { $out['reg'] = true; } if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_albums']) { $out['albums'] = true; } if (!$vbulletin->GPC['username'] || !$vbulletin->GPC['password'] && !$vbulletin->GPC['md5_password']) { // This could be an attempt to see if forums require login. Check. $requires_authentication = false; if (!($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview'])) { $requires_authentication = true; } // If the forum is closed, require login! if (!$vbulletin->options['bbactive']) { $requires_authentication = true; } $out += array('authenticated' => false, 'requires_authentication' => $requires_authentication); } else { // can the user login? $strikes = verify_strike_status($vbulletin->GPC['username'], true); // make sure our user info stays as whoever we were (for example, we might be logged in via cookies already) $original_userinfo = $vbulletin->userinfo; if (!verify_authentication($vbulletin->GPC['username'], $vbulletin->GPC['password'], $vbulletin->GPC['md5_password'], $vbulletin->GPC['md5_password'], true, true)) { exec_strike_user($vbulletin->GPC['username']); if ($vbulletin->options['usestrikesystem']) { if ($strikes === false) { $message = 'Incorrect login. You have used up your login allowance. Please wait 15 minutes before trying again.'; } else { $message = 'Incorrect login (' . ($strikes + 1) . ' of 5 tries allowed)'; } } else { $message = 'Incorrect login.'; } json_error($message, RV_BAD_PASSWORD); } exec_unstrike_user($vbulletin->GPC['username']); // create new session process_new_login('', true, ''); cache_permissions($vbulletin->userinfo, true); $vbulletin->session->save(); // If the forum is closed, boot em if (!$vbulletin->options['bbactive'] && !($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { process_logout(); json_error(strip_tags($vbulletin->options['bbclosedreason']), RV_BAD_PASSWORD); } fr_update_push_user($vbulletin->GPC['fr_username'], $vbulletin->GPC['fr_b']); $out += array('authenticated' => true, 'username' => prepare_utf8_string($vbulletin->userinfo['username']), 'cookiepath' => $vbulletin->options['cookiepath']); } return $out; }
function do_set_push_token() { $userinfo = vB_Api::instance('user')->fetchUserInfo(); if ($userinfo['userid'] < 1) { return json_error(ERR_INVALID_LOGGEDIN); } $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('token' => vB_Cleaner::TYPE_STR)); fr_update_push_user('', 1, $cleaned['token']); return true; }