[6] | 1 | <?php |
---|
| 2 | |
---|
| 3 | /** |
---|
| 4 | * Copyright (C) 2008-2011 FluxBB |
---|
| 5 | * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB |
---|
| 6 | * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher |
---|
| 7 | */ |
---|
| 8 | |
---|
| 9 | if (isset($_GET['action'])) |
---|
| 10 | define('PUN_QUIET_VISIT', 1); |
---|
| 11 | |
---|
| 12 | define('PUN_ROOT', dirname(__FILE__).'/'); |
---|
| 13 | require PUN_ROOT.'include/common.php'; |
---|
| 14 | |
---|
| 15 | |
---|
| 16 | // Load the login.php language file |
---|
| 17 | require PUN_ROOT.'lang/'.$pun_user['language'].'/login.php'; |
---|
| 18 | |
---|
| 19 | $action = isset($_GET['action']) ? $_GET['action'] : null; |
---|
| 20 | |
---|
| 21 | if (isset($_POST['form_sent']) && $action == 'in') |
---|
| 22 | { |
---|
| 23 | $form_username = pun_trim($_POST['req_username']); |
---|
| 24 | $form_password = pun_trim($_POST['req_password']); |
---|
| 25 | $save_pass = isset($_POST['save_pass']); |
---|
| 26 | |
---|
| 27 | $username_sql = ($db_type == 'mysql' || $db_type == 'mysqli' || $db_type == 'mysql_innodb' || $db_type == 'mysqli_innodb') ? 'username=\''.$db->escape($form_username).'\'' : 'LOWER(username)=LOWER(\''.$db->escape($form_username).'\')'; |
---|
| 28 | |
---|
| 29 | $result = $db->query('SELECT * FROM '.$db->prefix.'users WHERE '.$username_sql) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
| 30 | $cur_user = $db->fetch_assoc($result); |
---|
| 31 | |
---|
| 32 | $authorized = false; |
---|
| 33 | |
---|
| 34 | if (!empty($cur_user['password'])) |
---|
| 35 | { |
---|
| 36 | $form_password_hash = pun_hash($form_password); // Will result in a SHA-1 hash |
---|
| 37 | |
---|
| 38 | // If there is a salt in the database we have upgraded from 1.3-legacy though havent yet logged in |
---|
| 39 | if (!empty($cur_user['salt'])) |
---|
| 40 | { |
---|
| 41 | if (sha1($cur_user['salt'].sha1($form_password)) == $cur_user['password']) // 1.3 used sha1(salt.sha1(pass)) |
---|
| 42 | { |
---|
| 43 | $authorized = true; |
---|
| 44 | |
---|
| 45 | $db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\', salt=NULL WHERE id='.$cur_user['id']) or error('Unable to update user password', __FILE__, __LINE__, $db->error()); |
---|
| 46 | } |
---|
| 47 | } |
---|
| 48 | // If the length isn't 40 then the password isn't using sha1, so it must be md5 from 1.2 |
---|
| 49 | else if (strlen($cur_user['password']) != 40) |
---|
| 50 | { |
---|
| 51 | if (md5($form_password) == $cur_user['password']) |
---|
| 52 | { |
---|
| 53 | $authorized = true; |
---|
| 54 | |
---|
| 55 | $db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\' WHERE id='.$cur_user['id']) or error('Unable to update user password', __FILE__, __LINE__, $db->error()); |
---|
| 56 | } |
---|
| 57 | } |
---|
| 58 | // Otherwise we should have a normal sha1 password |
---|
| 59 | else |
---|
| 60 | $authorized = ($cur_user['password'] == $form_password_hash); |
---|
| 61 | } |
---|
| 62 | |
---|
| 63 | if (!$authorized) |
---|
| 64 | message($lang_login['Wrong user/pass'].' <a href="login.php?action=forget">'.$lang_login['Forgotten pass'].'</a>'); |
---|
| 65 | |
---|
| 66 | // Update the status if this is the first time the user logged in |
---|
| 67 | if ($cur_user['group_id'] == PUN_UNVERIFIED) |
---|
| 68 | { |
---|
| 69 | $db->query('UPDATE '.$db->prefix.'users SET group_id='.$pun_config['o_default_user_group'].' WHERE id='.$cur_user['id']) or error('Unable to update user status', __FILE__, __LINE__, $db->error()); |
---|
| 70 | |
---|
| 71 | // Regenerate the users info cache |
---|
| 72 | if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) |
---|
| 73 | require PUN_ROOT.'include/cache.php'; |
---|
| 74 | |
---|
| 75 | generate_users_info_cache(); |
---|
| 76 | } |
---|
| 77 | |
---|
| 78 | // Remove this users guest entry from the online list |
---|
| 79 | $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape(get_remote_address()).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); |
---|
| 80 | |
---|
| 81 | $expire = ($save_pass == '1') ? time() + 1209600 : time() + $pun_config['o_timeout_visit']; |
---|
| 82 | pun_setcookie($cur_user['id'], $form_password_hash, $expire); |
---|
| 83 | |
---|
| 84 | // Reset tracked topics |
---|
| 85 | set_tracked_topics(null); |
---|
| 86 | |
---|
| 87 | redirect(htmlspecialchars($_POST['redirect_url']), $lang_login['Login redirect']); |
---|
| 88 | } |
---|
| 89 | |
---|
| 90 | |
---|
| 91 | else if ($action == 'out') |
---|
| 92 | { |
---|
| 93 | if ($pun_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $pun_user['id'] || !isset($_GET['csrf_token']) || $_GET['csrf_token'] != pun_hash($pun_user['id'].pun_hash(get_remote_address()))) |
---|
| 94 | { |
---|
| 95 | header('Location: index.php'); |
---|
| 96 | exit; |
---|
| 97 | } |
---|
| 98 | |
---|
| 99 | // Remove user from "users online" list |
---|
| 100 | $db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); |
---|
| 101 | |
---|
| 102 | // Update last_visit (make sure there's something to update it with) |
---|
| 103 | if (isset($pun_user['logged'])) |
---|
| 104 | $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); |
---|
| 105 | |
---|
| 106 | pun_setcookie(1, pun_hash(uniqid(rand(), true)), time() + 31536000); |
---|
| 107 | |
---|
| 108 | redirect('index.php', $lang_login['Logout redirect']); |
---|
| 109 | } |
---|
| 110 | |
---|
| 111 | |
---|
| 112 | else if ($action == 'forget' || $action == 'forget_2') |
---|
| 113 | { |
---|
| 114 | if (!$pun_user['is_guest']) |
---|
| 115 | header('Location: index.php'); |
---|
| 116 | |
---|
| 117 | if (isset($_POST['form_sent'])) |
---|
| 118 | { |
---|
| 119 | // Start with a clean slate |
---|
| 120 | $errors = array(); |
---|
| 121 | |
---|
| 122 | require PUN_ROOT.'include/email.php'; |
---|
| 123 | |
---|
| 124 | // Validate the email address |
---|
| 125 | $email = strtolower(trim($_POST['req_email'])); |
---|
| 126 | if (!is_valid_email($email)) |
---|
| 127 | $errors[] = $lang_common['Invalid email']; |
---|
| 128 | |
---|
| 129 | // Did everything go according to plan? |
---|
| 130 | if (empty($errors)) |
---|
| 131 | { |
---|
| 132 | $result = $db->query('SELECT id, username, last_email_sent FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
| 133 | |
---|
| 134 | if ($db->num_rows($result)) |
---|
| 135 | { |
---|
| 136 | // Load the "activate password" template |
---|
| 137 | $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_password.tpl')); |
---|
| 138 | |
---|
| 139 | // The first row contains the subject |
---|
| 140 | $first_crlf = strpos($mail_tpl, "\n"); |
---|
| 141 | $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); |
---|
| 142 | $mail_message = trim(substr($mail_tpl, $first_crlf)); |
---|
| 143 | |
---|
| 144 | // Do the generic replacements first (they apply to all emails sent out here) |
---|
| 145 | $mail_message = str_replace('<base_url>', get_base_url().'/', $mail_message); |
---|
| 146 | $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message); |
---|
| 147 | |
---|
| 148 | // Loop through users we found |
---|
| 149 | while ($cur_hit = $db->fetch_assoc($result)) |
---|
| 150 | { |
---|
| 151 | if ($cur_hit['last_email_sent'] != '' && (time() - $cur_hit['last_email_sent']) < 3600 && (time() - $cur_hit['last_email_sent']) >= 0) |
---|
| 152 | message($lang_login['Email flood'], true); |
---|
| 153 | |
---|
| 154 | // Generate a new password and a new password activation code |
---|
| 155 | $new_password = random_pass(8); |
---|
| 156 | $new_password_key = random_pass(8); |
---|
| 157 | |
---|
| 158 | $db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.pun_hash($new_password).'\', activate_key=\''.$new_password_key.'\', last_email_sent = '.time().' WHERE id='.$cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $db->error()); |
---|
| 159 | |
---|
| 160 | // Do the user specific replacements to the template |
---|
| 161 | $cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message); |
---|
| 162 | $cur_mail_message = str_replace('<activation_url>', get_base_url().'/profile.php?id='.$cur_hit['id'].'&action=change_pass&key='.$new_password_key, $cur_mail_message); |
---|
| 163 | $cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message); |
---|
| 164 | |
---|
| 165 | pun_mail($email, $mail_subject, $cur_mail_message); |
---|
| 166 | } |
---|
| 167 | |
---|
| 168 | message($lang_login['Forget mail'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true); |
---|
| 169 | } |
---|
| 170 | else |
---|
| 171 | $errors[] = $lang_login['No email match'].' '.htmlspecialchars($email).'.'; |
---|
| 172 | } |
---|
| 173 | } |
---|
| 174 | |
---|
| 175 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_login['Request pass']); |
---|
| 176 | $required_fields = array('req_email' => $lang_common['Email']); |
---|
| 177 | $focus_element = array('request_pass', 'req_email'); |
---|
| 178 | define ('PUN_ACTIVE_PAGE', 'login'); |
---|
| 179 | require PUN_ROOT.'header.php'; |
---|
| 180 | |
---|
| 181 | // If there are errors, we display them |
---|
| 182 | if (!empty($errors)) |
---|
| 183 | { |
---|
| 184 | |
---|
| 185 | ?> |
---|
| 186 | <div id="posterror" class="block"> |
---|
| 187 | <h2><span><?php echo $lang_login['New password errors'] ?></span></h2> |
---|
| 188 | <div class="box"> |
---|
| 189 | <div class="inbox error-info"> |
---|
| 190 | <p><?php echo $lang_login['New passworderrors info'] ?></p> |
---|
| 191 | <ul class="error-list"> |
---|
| 192 | <?php |
---|
| 193 | |
---|
| 194 | foreach ($errors as $cur_error) |
---|
| 195 | echo "\t\t\t\t".'<li><strong>'.$cur_error.'</strong></li>'."\n"; |
---|
| 196 | ?> |
---|
| 197 | </ul> |
---|
| 198 | </div> |
---|
| 199 | </div> |
---|
| 200 | </div> |
---|
| 201 | |
---|
| 202 | <?php |
---|
| 203 | |
---|
| 204 | } |
---|
| 205 | ?> |
---|
| 206 | <div class="blockform"> |
---|
| 207 | <h2><span><?php echo $lang_login['Request pass'] ?></span></h2> |
---|
| 208 | <div class="box"> |
---|
| 209 | <form id="request_pass" method="post" action="login.php?action=forget_2" onsubmit="this.request_pass.disabled=true;if(process_form(this)){return true;}else{this.request_pass.disabled=false;return false;}"> |
---|
| 210 | <div class="inform"> |
---|
| 211 | <fieldset> |
---|
| 212 | <legend><?php echo $lang_login['Request pass legend'] ?></legend> |
---|
| 213 | <div class="infldset"> |
---|
| 214 | <input type="hidden" name="form_sent" value="1" /> |
---|
| 215 | <label class="required"><strong><?php echo $lang_common['Email'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input id="req_email" type="text" name="req_email" size="50" maxlength="80" /><br /></label> |
---|
| 216 | <p><?php echo $lang_login['Request pass info'] ?></p> |
---|
| 217 | </div> |
---|
| 218 | </fieldset> |
---|
| 219 | </div> |
---|
| 220 | <p class="buttons"><input type="submit" name="request_pass" value="<?php echo $lang_common['Submit'] ?>" /><?php if (empty($errors)): ?> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a><?php endif; ?></p> |
---|
| 221 | </form> |
---|
| 222 | </div> |
---|
| 223 | </div> |
---|
| 224 | <?php |
---|
| 225 | |
---|
| 226 | require PUN_ROOT.'footer.php'; |
---|
| 227 | } |
---|
| 228 | |
---|
| 229 | |
---|
| 230 | if (!$pun_user['is_guest']) |
---|
| 231 | header('Location: index.php'); |
---|
| 232 | |
---|
| 233 | // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to index.php after login) |
---|
| 234 | if (!empty($_SERVER['HTTP_REFERER'])) |
---|
| 235 | { |
---|
| 236 | $referrer = parse_url($_SERVER['HTTP_REFERER']); |
---|
| 237 | // Remove www subdomain if it exists |
---|
| 238 | if (strpos($referrer['host'], 'www.') === 0) |
---|
| 239 | $referrer['host'] = substr($referrer['host'], 4); |
---|
| 240 | |
---|
| 241 | // Make sure the path component exists |
---|
| 242 | if (!isset($referrer['path'])) |
---|
| 243 | $referrer['path'] = ''; |
---|
| 244 | |
---|
| 245 | $valid = parse_url(get_base_url()); |
---|
| 246 | // Remove www subdomain if it exists |
---|
| 247 | if (strpos($valid['host'], 'www.') === 0) |
---|
| 248 | $valid['host'] = substr($valid['host'], 4); |
---|
| 249 | |
---|
| 250 | // Make sure the path component exists |
---|
| 251 | if (!isset($valid['path'])) |
---|
| 252 | $valid['path'] = ''; |
---|
| 253 | |
---|
| 254 | if ($referrer['host'] == $valid['host'] && preg_match('%^'.preg_quote($valid['path'], '%').'/(.*?)\.php%i', $referrer['path'])) |
---|
| 255 | $redirect_url = $_SERVER['HTTP_REFERER']; |
---|
| 256 | } |
---|
| 257 | |
---|
| 258 | if (!isset($redirect_url)) |
---|
| 259 | $redirect_url = 'index.php'; |
---|
| 260 | |
---|
| 261 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Login']); |
---|
| 262 | $required_fields = array('req_username' => $lang_common['Username'], 'req_password' => $lang_common['Password']); |
---|
| 263 | $focus_element = array('login', 'req_username'); |
---|
| 264 | define('PUN_ACTIVE_PAGE', 'login'); |
---|
| 265 | require PUN_ROOT.'header.php'; |
---|
| 266 | |
---|
| 267 | ?> |
---|
| 268 | <div class="blockform"> |
---|
| 269 | <h2><span><?php echo $lang_common['Login'] ?></span></h2> |
---|
| 270 | <div class="box"> |
---|
| 271 | <form id="login" method="post" action="login.php?action=in" onsubmit="return process_form(this)"> |
---|
| 272 | <div class="inform"> |
---|
| 273 | <fieldset> |
---|
| 274 | <legend><?php echo $lang_login['Login legend'] ?></legend> |
---|
| 275 | <div class="infldset"> |
---|
| 276 | <input type="hidden" name="form_sent" value="1" /> |
---|
| 277 | <input type="hidden" name="redirect_url" value="<?php echo pun_htmlspecialchars($redirect_url) ?>" /> |
---|
| 278 | <label class="conl required"><strong><?php echo $lang_common['Username'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="text" name="req_username" size="25" maxlength="25" tabindex="1" /><br /></label> |
---|
| 279 | <label class="conl required"><strong><?php echo $lang_common['Password'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="password" name="req_password" size="25" tabindex="2" /><br /></label> |
---|
| 280 | |
---|
| 281 | <div class="rbox clearb"> |
---|
| 282 | <label><input type="checkbox" name="save_pass" value="1" tabindex="3" /><?php echo $lang_login['Remember me'] ?><br /></label> |
---|
| 283 | </div> |
---|
| 284 | |
---|
| 285 | <p class="clearb"><?php echo $lang_login['Login info'] ?></p> |
---|
| 286 | <p class="actions"><span><a href="register.php" tabindex="5"><?php echo $lang_login['Not registered'] ?></a></span> <span><a href="login.php?action=forget" tabindex="6"><?php echo $lang_login['Forgotten pass'] ?></a></span></p> |
---|
| 287 | </div> |
---|
| 288 | </fieldset> |
---|
| 289 | </div> |
---|
| 290 | <p class="buttons"><input type="submit" name="login" value="<?php echo $lang_common['Login'] ?>" tabindex="4" /></p> |
---|
| 291 | </form> |
---|
| 292 | </div> |
---|
| 293 | </div> |
---|
| 294 | <?php |
---|
| 295 | |
---|
| 296 | require PUN_ROOT.'footer.php'; |
---|