function ActionUserCompleted($action_file, $type) { global $nc_core, $db, $ROOT_FOLDER, $admin_mode, $perm; global $systemTableID, $systemTableName, $systemMessageID; global $FILES_FOLDER, $INCLUDE_FOLDER; global $DIRCHMOD, $FILECHMOD, $AUTHORIZE_BY; $params = array('Checked', 'InsideAdminAccess', 'PermissionGroupID', 'Catalogue_ID', 'Password1', 'Password2', 'UserID', 'posting'); foreach ($params as $v) { global ${$v}; } $st = new nc_Component(0, 3); foreach ($st->get_fields() as $v) { $name = 'f_' . $v['name']; global ${$name}; if ($v['type'] == 6) { global ${$name . "_old"}; global ${"f_KILL" . $v['id']}; } if ($v['type'] == 8) { global ${$name . "_day"}; global ${$name . "_month"}; global ${$name . "_year"}; global ${$name . "_hours"}; global ${$name . "_minutes"}; global ${$name . "_seconds"}; } } $UserID = intval($UserID); $Checked = intval($Checked); $ret = 0; // возврщаемое значение (текст ошибки или 0) require_once $INCLUDE_FOLDER . "s_files.inc.php"; $is_there_any_files = getFileCount(0, $systemTableID); $user_table_mode = true; if ($type == 1) { $action = "add"; } else { $action = "change"; $message = $UserID; } $Priority += 0; nc_check_availability_candidates_for_delete_in_multifile_and_delete(); nc_rename_multifile(); require $ROOT_FOLDER . "message_fields.php"; if ($posting == 0) { return $warnText; } require $ROOT_FOLDER . "message_put.php"; if (empty($PermissionGroupID)) { return CONTROL_USER_FUNC_GROUP_ERROR; } // значение, которое пойдет в таблицу User // для совместимости со старыми версиями $mainPermissionGroupID = intval(min($PermissionGroupID)); $groups_with_more_rights = $perm->GetGroupWithMoreRights(); //нельзя добавить в группу с большими правами $add_groups_with_more_rights = array_intersect($PermissionGroupID, $groups_with_more_rights); if (!empty($add_groups_with_more_rights)) { return $warnText = NETCAT_MODERATION_ERROR_NORIGHT; } eval("\$Login = \$f_{$AUTHORIZE_BY};"); if ($type == 1) { $Password = $Password1; for ($i = 0; $i < $fldCount; $i++) { if (isset(${$fld[$i] . 'Defined'}) && ${$fld[$i] . 'Defined'} == true) { $fieldString .= "`" . $fld[$i] . "`,"; $valueString .= ${$fld[$i] . 'NewValue'} . ","; } } $insert = "INSERT INTO User ( " . $fieldString; $insert .= "PermissionGroup_ID, Catalogue_ID, Password, Checked, Created,InsideAdminAccess) values ( " . $valueString; $insert .= "'" . $mainPermissionGroupID . "', "; if (isset($_POST['Catalogue_ID'])) { $insert .= +$_POST['Catalogue_ID'] . ", "; } else { $insert .= "0, "; } $insert .= $nc_core->MYSQL_ENCRYPT . "('" . $Password . "'),'{$Checked}','" . date("Y-m-d H:i:s") . "', '" . (int) $InsideAdminAccess . "')"; // execute core action $nc_core->event->execute("addUserPrep", 0); $Result = $db->query($insert); $UserID = $db->insert_id; $message = $UserID; if ($Result) { // execute core action $nc_core->event->execute("addUser", $message); nc_print_status(CONTROL_USER_NEW_ADDED, 'ok'); foreach ($PermissionGroupID as $v) { nc_usergroup_add_to_group($UserID, $v); } } else { return CONTROL_USER_NEW_NOTADDED . "<br/>" . sprintf(NETCAT_ERROR_SQL, $db->last_query, $db->last_error); } } if ($type == 2) { $cur_checked = $db->get_var("SELECT `Checked` FROM `User` WHERE `User_ID` = '" . $UserID . "'"); $update = "update User set "; for ($i = 0; $i < $fldCount; $i++) { if ($fldTypeOfEdit[$i] == 3 || $fldTypeOfEdit[$i] == 2 && !nc_field_check_admin_perm()) { continue; } // поле недоступно никому или доступно администратору но нет прав администратора if (isset(${$fld[$i] . 'Defined'}) && ${$fld[$i] . 'Defined'} == true) { $update .= $fld[$i] . "=" . ${$fld[$i] . 'NewValue'} . ","; } else { $update .= $fld[$i] . "=" . ($fldValue[$i] ? $fldValue[$i] : "NULL") . ","; } } $update .= "Checked=\"" . $Checked . "\","; $update .= "PermissionGroup_ID=\"" . $mainPermissionGroupID . "\","; $update .= "InsideAdminAccess=" . (int) $InsideAdminAccess; if (isset($_POST['Catalogue_ID'])) { $update .= ", Catalogue_ID=" . (int) $_POST['Catalogue_ID']; } $update .= " where User_ID=" . $UserID; // execute core action $nc_core->event->execute("updateUserPrep", $UserID); if ($cur_checked != $Checked) { $nc_core->event->execute($Checked ? "checkUserPrep" : "uncheckUserPrep", $UserID); } $Result = $db->query($update); // execute core action $nc_core->event->execute("updateUser", $UserID); $db->query("DELETE FROM `User_Group` WHERE `User_ID`='" . intval($UserID) . "'"); foreach ($PermissionGroupID as $v) { nc_usergroup_add_to_group($UserID, $v, 0); } // произошла смена состояния пользователя if ($cur_checked != $Checked) { $nc_core->event->execute($Checked ? "checkUser" : "uncheckUser", $UserID); } } if (is_array($SQL_multifield)) { nc_multifield_sql_exec($message, $SQL_multifield); } // Обновление в таблице с файлами if (!empty($filetable_lastid)) { $db->query("UPDATE `Filetable` SET `Message_ID`='" . $message . "' WHERE ID IN (" . join(',', $filetable_lastid) . ")"); } // create dir @mkdir($FILES_FOLDER . "u/", $DIRCHMOD); /* * */ for ($i = 0; $i < count($tmpFile); $i++) { eval("\$tmpNewFile[\$i] = \"" . $tmpNewFile[$i] . "\";"); @rename($FILES_FOLDER . $tmpFile[$i], $FILES_FOLDER . $File_Path[$i] . $tmpNewFile[$i]); @chmod($FILES_FOLDER . $File_Path[$i] . $tmpNewFile[$i], $FILECHMOD); } // привязка токена $nc_token_login = $nc_core->input->fetch_get_post('nc_token_login'); $nc_token_key = $nc_core->input->fetch_get_post('nc_token_key'); if ($nc_token_login && $nc_token_key && $UserID) { $db->query("INSERT INTO `Auth_Token`\n SET `Login` = '" . $db->escape($nc_token_login) . "',\n `PublicKey` = '" . $db->escape($nc_token_key) . "',\n `User_ID` = '" . $UserID . "' "); } $nc_token_destroy = $nc_core->input->fetch_get_post('nc_token_destroy'); if ($nc_token_destroy) { $nc_auth_token = new nc_auth_token(); $nc_auth_token->delete_by_id($nc_token_destroy); } return 0; }
/** * Вывод формы авторизации пользователя */ function LoginForm() { global $REQUEST_URI, $AUTH_USER, $ADMIN_LANGUAGE, $ADMIN_TEMPLATE, $AUTH_PW; global $posting, $USER_LANG, $ADMIN_AUTHTYPE, $AUTHORIZATION_TYPE; global $SUB_FOLDER, $HTTP_ROOT_PATH; global $nc_core; if ($_REQUEST['AUTH_USER'] || $_REQUEST['AUTH_PW']) { $textinfo = CONTROL_AUTH_LOGIN_OR_PASSWORD_INCORRECT; } $m_auth = $nc_core->modules->get_by_keyword('auth'); // есть модуль ЛК $need_captcha = 0; // нужна ли каптча $login_en = 1; // доступна авторизация по логину $token_en = 0; // доступна авторизация по токену if ($m_auth) { $nc_auth = nc_auth::get_object(); $login_en = $nc_core->get_settings('authtype_admin', 'auth') & NC_AUTHTYPE_LOGIN; $token_en = $nc_auth->token_enabled(); $nc_auth_token = new nc_auth_token(); $nc_token_rand = $nc_auth_token->get_random_256(); $_SESSION['nc_token_rand'] = $nc_token_rand; $need_captcha = $nc_auth->need_captcha(); if ($nc_auth->is_invalid_captcha()) { $textinfo = NETCAT_MODULE_CAPTCHA_WRONG_CODE_SMALL; } } $lang = Language_Show(); $sellang = $_COOKIE['PHP_AUTH_LANG'] ? $_COOKIE['PHP_AUTH_LANG'] : $ADMIN_LANGUAGE; // селект с языком $lang_select = "<div class='nc-select nc--blocked'><select name='NEW_AUTH_LANG'>"; foreach ($lang as $val) { $lang_select .= "<option value='" . $val . "'" . ($val == $sellang ? " selected" : "") . ">" . $val . "</option>\n"; } $lang_select .= " </select><i class='nc-caret'></i></div>"; // сохранить логин пароль $loginsave = ''; if ($ADMIN_AUTHTYPE == 'manual' && $AUTHORIZATION_TYPE == 'cookie') { $loginsave = nc_admin_checkbox_simple('loginsave', '', CONTROL_AUTH_HTML_SAVELOGIN); } ?> <noscript><div style="font-weight: bold;"><?php echo CONTROL_AUTH_JS_REQUIRED; ?> </div></noscript> <?php if ($m_auth) { ?> <script type='text/javascript' src='<?php echo $SUB_FOLDER . $HTTP_ROOT_PATH . 'modules/auth/auth.js'; ?> '></script> <?php } ?> <script type='text/javascript'> function authCheckFields () { var authForm = document.getElementById('AUTH_FORM'); var login = document.getElementsByName('AUTH_USER'); var pass = document.getElementsByName('AUTH_PW'); switch (true) { case (login.value == '' && pass.value == ''): alert('<?php echo CONTROL_AUTH_FIELDS_NOT_EMPTY; ?> '); return false; break; case (login.value == ''): alert('<?php echo CONTROL_AUTH_LOGIN_NOT_EMPTY; ?> '); return false; break; default: return true; //authForm.submit(); } } $nc(function() { $nc('#AUTH_FORM').submit( function() { var login = $nc("input[name = 'AUTH_USER']").val(); var pass = $nc("input[name = 'AUTH_PW']").val(); if (!login && !pass) { alert('<?php echo CONTROL_AUTH_FIELDS_NOT_EMPTY; ?> '); return false; } if (!login) { alert('<?php echo CONTROL_AUTH_LOGIN_NOT_EMPTY; ?> '); return false; } return true; }); function place_footer() { var footer = $nc('.bottom_line'); var form = $nc('.content'); var body_height = $nc(document.body).height(); var form_bottom = form.offset().top + form.height(); footer.css({top:null, bottom:null}); if (form_bottom + footer.height() > body_height) { footer.css({top:form_bottom+'px'}); } else { footer.css({bottom:'0px'}); } } $nc(window).resize(place_footer); place_footer(); $nc('INPUT[name=AUTH_USER]').focus(); }); </script> <form action='<?php echo $REQUEST_URI; ?> ' method='post' name='AUTH_FORM' id='AUTH_FORM'> <input type='hidden' name='AuthPhase' value='1'> <table border='0' cellpadding='4' cellspacing='0' id="classical" style="display:none; margin:0 auto"> <tr> <td></td> <td class="nc-text-red"><?php echo $textinfo; ?> </td> </tr> <tr> <td><label><?php echo CONTROL_AUTH_HTML_LOGIN; ?> </label></td> <td><?php echo nc_admin_input_simple('AUTH_USER', stripcslashes($AUTH_USER), 32, "", "id='AUTH_USER' class='nc--blocked' maxlength='255'"); ?> </td> </tr> <tr> <td><label><?php echo CONTROL_AUTH_HTML_PASSWORD; ?> </label></td> <td><?php echo nc_admin_input_password('AUTH_PW', stripcslashes($AUTH_PW), 32, "", "class='nc--blocked' maxlength='255'"); ?> </td> </tr> <tr> <td><label><?php echo CONTROL_AUTH_HTML_LANG; ?> </label></td> <td><?php echo $lang_select; ?> </td> </tr> <?php if ($need_captcha) { ?> <tr> <td></td> <td class="captcha"><?php echo nc_captcha_formfield(); ?> </td> </tr> <tr> <td><?php echo NETCAT_MODERATION_CAPTCHA_SMALL; ?> </td> <td><?php echo nc_admin_input_simple('nc_captcha_code', '', 32, "maxlength='255'"); ?> </td> </tr> <?php } ?> <tr> <td rowspan='2'><?php echo $icon; ?> </td> <td><?php echo $loginsave; ?> </td> </tr> <tr> <td> <button type='submit' class="nc-btn nc--blue"><?php echo CONTROL_AUTH_HTML_AUTH; ?> </button> <span id='menu'></span> <?php if ($posting && $REQUEST_URI != $REQUESTED_FROM) { echo "<br/><a href='" . $REQUESTED_FROM . "' class='relogin'>" . CONTROL_AUTH_HTML_BACK . "</a>"; } ?> </td> </tr> </table> <!-- форма авторизация по токену --> <?php /*$token_en=1;*/ if ($token_en) { ?> <table border='0' cellpadding='4' cellspacing='0' id="token" style="display:none; margin:0 auto"> <tr> <td colspan="2"> <div id='tokeninfo' class="nc-alert nc--red"></div> </td> </tr> <tr><td colspan="2"> <div id='nc_token_plugin_wrapper'></div> <script> $nc("#nc_token_plugin_wrapper").append("<object id='nc_token_plugin' type='application/x-rutoken' width='0' height='0'></object>"); </script> <input type='hidden' value='' id='nc_token_signature' name='nc_token_signature'/> </td></tr> <tr> <td><label><?php echo CONTROL_AUTH_HTML_LOGIN; ?> </label></td> <td><div class='nc-select nc--blocked'><select name='nc_token_login' id='nc_token_login'></select><i class='nc-caret'></i></div></td> </tr> <tr> <td><label><?php echo CONTROL_AUTH_HTML_LANG; ?> </label></td> <td><?php echo $lang_select; ?> </td> </tr> <tr> <td> </td> <td colspan="2"> <button onclick='nc_token_sign(); return false;' type='submit' class="nc-btn nc--blue"><?php echo CONTROL_AUTH_HTML_AUTH; ?> </button> </td> </tr> </table> <?php } ?> </form> <script type='text/javascript'> var authForm = document.getElementById('AUTH_FORM'); // перенаправлять туда, куда пользователь хотел зайти authForm.action += window.location.hash; function show_token () { <?php if ($login_en && $token_en) { ?> $nc("#menu").html("<a href='#' class='nc-btn nc--small' onclick='show_classical(); return false;'><?php echo NETCAT_AUTH_TYPE_LOGINPASSWORD; ?> </a>"); <?php } ?> $nc("#classical").hide(); $nc("#token").show(); $nc("#classical :input").attr('disabled', true); $nc("#token :input").removeAttr('disabled'); $nc('#tokeninfo').hide(); if ( !nc_token_obj.load() ) { $nc('#tokeninfo').html("<?php echo CONTROL_AUTH_USB_TOKEN_NOT_INSERTED; ?> "); $nc('#tokeninfo').show(); } } function show_classical () { <?php if ($login_en && $token_en) { ?> $nc("#menu").html("<button type='button' class='nc-btn nc--right nc--small' onclick='show_token()' ><?php echo NETCAT_AUTH_TYPE_TOKEN; ?> </button>"); <?php } ?> $nc("#classical").show(); $nc("#token").hide(); $nc("#classical :input").removeAttr('disabled'); $nc("#token :input").attr('disabled', true); } <?php if ($m_auth) { echo "nc_token_obj = new nc_auth_token ( {'randnum' : '" . $nc_token_rand . "'}); "; } ?> function nc_token_sign ( ) { $nc('#tokeninfot').hide(); err_text = { 1: "<?php echo CONTROL_AUTH_TOKEN_PLUGIN_DONT_INSTALL; ?> ", 2: "<?php echo CONTROL_AUTH_USB_TOKEN_NOT_INSERTED; ?> ", 3: "<?php echo CONTROL_AUTH_PIN_INCORRECT; ?> ", 4: "<?php echo CONTROL_AUTH_KEYPAIR_INCORRECT; ?> "}; if ( (err_num = nc_token_obj.sign()) ) { $nc('#tokeninfo').html(err_text[err_num]); $nc('#tokeninfo').show(); } } <?php echo $login_en ? "show_classical();" : "show_token();"; ?> </script> <?php }
public function authorize_by_token($login, $sign, $text) { $user_info = $this->db->get_row("SELECT `User_ID`, `PublicKey` FROM `Auth_Token`\n WHERE `Login` = '" . $this->db->escape($login) . "'", ARRAY_A); if (!$user_info) { return 0; } // публичный ключ, текст, компоненты ключа и эцп $pk = $user_info['PublicKey']; $Hash = strtoupper($text); $Qx = strtoupper(substr($pk, 0, 64)); $Qy = strtoupper(substr($pk, 64)); $R = strtoupper(substr($sign, 0, 64)); $S = strtoupper(substr($sign, 64)); $nc_auth_token = new nc_auth_token(); if ($nc_auth_token->verify($Hash, $Qx, $Qy, $R, $S)) { return $this->authorize_by_id($user_info['User_ID'], NC_AUTHTYPE_TOKEN); } return 0; }