Changeset 3 for branches/rsr.v5.1.dev/web/punbb/login.php
- Timestamp:
- Nov 14, 2011, 11:17:15 PM (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/rsr.v5.1.dev/web/punbb/login.php
r1 r3 1 1 <?php 2 /*********************************************************************** 3 4 Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org) 5 6 This file is part of PunBB. 7 8 PunBB is free software; you can redistribute it and/or modify it 9 under the terms of the GNU General Public License as published 10 by the Free Software Foundation; either version 2 of the License, 11 or (at your option) any later version. 12 13 PunBB is distributed in the hope that it will be useful, but 14 WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public License 19 along with this program; if not, write to the Free Software 20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, 21 MA 02111-1307 USA 22 23 ************************************************************************/ 24 2 3 /** 4 * Copyright (C) 2008-2011 FluxBB 5 * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB 6 * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher 7 */ 25 8 26 9 if (isset($_GET['action'])) 27 10 define('PUN_QUIET_VISIT', 1); 28 11 29 define('PUN_ROOT', './');12 define('PUN_ROOT', dirname(__FILE__).'/'); 30 13 require PUN_ROOT.'include/common.php'; 31 14 … … 38 21 if (isset($_POST['form_sent']) && $action == 'in') 39 22 { 40 $form_username = trim($_POST['req_username']); 41 $form_password = trim($_POST['req_password']); 42 43 $username_sql = ($db_type == 'mysql' || $db_type == 'mysqli') ? 'username=\''.$db->escape($form_username).'\'' : 'LOWER(username)=LOWER(\''.$db->escape($form_username).'\')'; 44 45 $result = $db->query('SELECT id, group_id, password, save_pass FROM '.$db->prefix.'users WHERE '.$username_sql) or error('Impossible de retrouver les informations utilisateur', __FILE__, __LINE__, $db->error()); 46 list($user_id, $group_id, $db_password_hash, $save_pass) = $db->fetch_row($result); 23 $form_username = pun_trim($_POST['req_username']); 24 $form_password = pun_trim($_POST['req_password']); 25 $save_pass = isset($_POST['save_pass']); 26 27 $username_sql = ($db_type == 'mysql' || $db_type == 'mysqli' || $db_type == 'mysql_innodb' || $db_type == 'mysqli_innodb') ? 'username=\''.$db->escape($form_username).'\'' : 'LOWER(username)=LOWER(\''.$db->escape($form_username).'\')'; 28 29 $result = $db->query('SELECT * FROM '.$db->prefix.'users WHERE '.$username_sql) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 30 $cur_user = $db->fetch_assoc($result); 47 31 48 32 $authorized = false; 49 33 50 if (!empty($db_password_hash)) 51 { 52 $sha1_in_db = (strlen($db_password_hash) == 40) ? true : false; 53 $sha1_available = (function_exists('sha1') || function_exists('mhash')) ? true : false; 54 55 $form_password_hash = pun_hash($form_password); // This could result in either an SHA-1 or an MD5 hash (depends on $sha1_available) 56 57 if ($sha1_in_db && $sha1_available && $db_password_hash == $form_password_hash) 58 $authorized = true; 59 else if (!$sha1_in_db && $db_password_hash == md5($form_password)) 34 if (!empty($cur_user['password'])) 35 { 36 $form_password_hash = pun_hash($form_password); // Will result in a SHA-1 hash 37 38 // If there is a salt in the database we have upgraded from 1.3-legacy though havent yet logged in 39 if (!empty($cur_user['salt'])) 60 40 { 61 $authorized = true; 62 63 if ($sha1_available) // There's an MD5 hash in the database, but SHA1 hashing is available, so we update the DB 64 $db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\' WHERE id='.$user_id) or error('Impossible de modifier le mot de passe', __FILE__, __LINE__, $db->error()); 41 if (sha1($cur_user['salt'].sha1($form_password)) == $cur_user['password']) // 1.3 used sha1(salt.sha1(pass)) 42 { 43 $authorized = true; 44 45 $db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\', salt=NULL WHERE id='.$cur_user['id']) or error('Unable to update user password', __FILE__, __LINE__, $db->error()); 46 } 65 47 } 48 // If the length isn't 40 then the password isn't using sha1, so it must be md5 from 1.2 49 else if (strlen($cur_user['password']) != 40) 50 { 51 if (md5($form_password) == $cur_user['password']) 52 { 53 $authorized = true; 54 55 $db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\' WHERE id='.$cur_user['id']) or error('Unable to update user password', __FILE__, __LINE__, $db->error()); 56 } 57 } 58 // Otherwise we should have a normal sha1 password 59 else 60 $authorized = ($cur_user['password'] == $form_password_hash); 66 61 } 67 62 … … 70 65 71 66 // Update the status if this is the first time the user logged in 72 if ($group_id == PUN_UNVERIFIED) 73 $db->query('UPDATE '.$db->prefix.'users SET group_id='.$pun_config['o_default_user_group'].' WHERE id='.$user_id) or error('Uimpossible de modifier le statut utilisateur', __FILE__, __LINE__, $db->error()); 67 if ($cur_user['group_id'] == PUN_UNVERIFIED) 68 { 69 $db->query('UPDATE '.$db->prefix.'users SET group_id='.$pun_config['o_default_user_group'].' WHERE id='.$cur_user['id']) or error('Unable to update user status', __FILE__, __LINE__, $db->error()); 70 71 // Regenerate the users info cache 72 if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) 73 require PUN_ROOT.'include/cache.php'; 74 75 generate_users_info_cache(); 76 } 74 77 75 78 // Remove this users guest entry from the online list 76 $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape(get_remote_address()).'\'') or error('Impossible de supprimer de la liste des utilisateur en ligne', __FILE__, __LINE__, $db->error()); 77 78 $expire = ($save_pass == '1') ? time() + 31536000 : 0; 79 pun_setcookie($user_id, $form_password_hash, $expire); 80 81 redirect($_POST['redirect_url'], $lang_login['Login redirect']); 79 $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape(get_remote_address()).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); 80 81 $expire = ($save_pass == '1') ? time() + 1209600 : time() + $pun_config['o_timeout_visit']; 82 pun_setcookie($cur_user['id'], $form_password_hash, $expire); 83 84 // Reset tracked topics 85 set_tracked_topics(null); 86 87 redirect(htmlspecialchars($_POST['redirect_url']), $lang_login['Login redirect']); 82 88 } 83 89 … … 85 91 else if ($action == 'out') 86 92 { 87 if ($pun_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $pun_user['id'] )93 if ($pun_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $pun_user['id'] || !isset($_GET['csrf_token']) || $_GET['csrf_token'] != pun_hash($pun_user['id'].pun_hash(get_remote_address()))) 88 94 { 89 95 header('Location: index.php'); … … 91 97 } 92 98 93 // Remove user from "users online" list .94 $db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$pun_user['id']) or error(' Impossible de supprimer de la liste des utilisateur en ligne', __FILE__, __LINE__, $db->error());99 // Remove user from "users online" list 100 $db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); 95 101 96 102 // Update last_visit (make sure there's something to update it with) 97 103 if (isset($pun_user['logged'])) 98 $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error(' Impossible de modifier les données de visite de l\'utilisateur', __FILE__, __LINE__, $db->error());99 100 pun_setcookie(1, random_pass(8), time() + 31536000);104 $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); 105 106 pun_setcookie(1, pun_hash(uniqid(rand(), true)), time() + 31536000); 101 107 102 108 redirect('index.php', $lang_login['Logout redirect']); … … 111 117 if (isset($_POST['form_sent'])) 112 118 { 119 // Start with a clean slate 120 $errors = array(); 121 113 122 require PUN_ROOT.'include/email.php'; 114 123 115 // Validate the email -address124 // Validate the email address 116 125 $email = strtolower(trim($_POST['req_email'])); 117 126 if (!is_valid_email($email)) 118 message($lang_common['Invalid e-mail']); 119 120 $result = $db->query('SELECT id, username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email).'\'') or error('Impossible de retrouver les informations utilisateur', __FILE__, __LINE__, $db->error()); 121 122 if ($db->num_rows($result)) 127 $errors[] = $lang_common['Invalid email']; 128 129 // Did everything go according to plan? 130 if (empty($errors)) 123 131 { 124 // Load the "activate password" template 125 $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_password.tpl')); 126 127 // The first row contains the subject 128 $first_crlf = strpos($mail_tpl, "\n"); 129 $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); 130 $mail_message = trim(substr($mail_tpl, $first_crlf)); 131 132 // Do the generic replacements first (they apply to all e-mails sent out here) 133 $mail_message = str_replace('<base_url>', $pun_config['o_base_url'].'/', $mail_message); 134 $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message); 135 136 // Loop through users we found 137 while ($cur_hit = $db->fetch_assoc($result)) 132 $result = $db->query('SELECT id, username, last_email_sent FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 133 134 if ($db->num_rows($result)) 138 135 { 139 // Generate a new password and a new password activation code 140 $new_password = random_pass(8); 141 $new_password_key = random_pass(8); 142 143 $db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.pun_hash($new_password).'\', activate_key=\''.$new_password_key.'\' WHERE id='.$cur_hit['id']) or error('Impossible de modifier les données d\'activation', __FILE__, __LINE__, $db->error()); 144 145 // Do the user specific replacements to the template 146 $cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message); 147 $cur_mail_message = str_replace('<activation_url>', $pun_config['o_base_url'].'/profile.php?id='.$cur_hit['id'].'&action=change_pass&key='.$new_password_key, $cur_mail_message); 148 $cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message); 149 150 pun_mail($email, $mail_subject, $cur_mail_message); 151 } 152 153 message($lang_login['Forget mail'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); 136 // Load the "activate password" template 137 $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_password.tpl')); 138 139 // The first row contains the subject 140 $first_crlf = strpos($mail_tpl, "\n"); 141 $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); 142 $mail_message = trim(substr($mail_tpl, $first_crlf)); 143 144 // Do the generic replacements first (they apply to all emails sent out here) 145 $mail_message = str_replace('<base_url>', get_base_url().'/', $mail_message); 146 $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message); 147 148 // Loop through users we found 149 while ($cur_hit = $db->fetch_assoc($result)) 150 { 151 if ($cur_hit['last_email_sent'] != '' && (time() - $cur_hit['last_email_sent']) < 3600 && (time() - $cur_hit['last_email_sent']) >= 0) 152 message($lang_login['Email flood'], true); 153 154 // Generate a new password and a new password activation code 155 $new_password = random_pass(8); 156 $new_password_key = random_pass(8); 157 158 $db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.pun_hash($new_password).'\', activate_key=\''.$new_password_key.'\', last_email_sent = '.time().' WHERE id='.$cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $db->error()); 159 160 // Do the user specific replacements to the template 161 $cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message); 162 $cur_mail_message = str_replace('<activation_url>', get_base_url().'/profile.php?id='.$cur_hit['id'].'&action=change_pass&key='.$new_password_key, $cur_mail_message); 163 $cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message); 164 165 pun_mail($email, $mail_subject, $cur_mail_message); 166 } 167 168 message($lang_login['Forget mail'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true); 169 } 170 else 171 $errors[] = $lang_login['No email match'].' '.htmlspecialchars($email).'.'; 172 } 154 173 } 155 else 156 message($lang_login['No e-mail match'].' '.htmlspecialchars($email).'.'); 157 } 158 159 160 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_login['Request pass']; 161 $required_fields = array('req_email' => $lang_common['E-mail']); 174 175 $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_login['Request pass']); 176 $required_fields = array('req_email' => $lang_common['Email']); 162 177 $focus_element = array('request_pass', 'req_email'); 178 define ('PUN_ACTIVE_PAGE', 'login'); 163 179 require PUN_ROOT.'header.php'; 164 180 181 // If there are errors, we display them 182 if (!empty($errors)) 183 { 184 185 ?> 186 <div id="posterror" class="block"> 187 <h2><span><?php echo $lang_login['New password errors'] ?></span></h2> 188 <div class="box"> 189 <div class="inbox error-info"> 190 <p><?php echo $lang_login['New passworderrors info'] ?></p> 191 <ul class="error-list"> 192 <?php 193 194 foreach ($errors as $cur_error) 195 echo "\t\t\t\t".'<li><strong>'.$cur_error.'</strong></li>'."\n"; 196 ?> 197 </ul> 198 </div> 199 </div> 200 </div> 201 202 <?php 203 204 } 165 205 ?> 166 206 <div class="blockform"> … … 173 213 <div class="infldset"> 174 214 <input type="hidden" name="form_sent" value="1" /> 175 < input id="req_email" type="text" name="req_email" size="50" maxlength="50" />215 <label class="required"><strong><?php echo $lang_common['Email'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input id="req_email" type="text" name="req_email" size="50" maxlength="80" /><br /></label> 176 216 <p><?php echo $lang_login['Request pass info'] ?></p> 177 217 </div> 178 218 </fieldset> 179 219 </div> 180 <p ><input type="submit" name="request_pass" value="<?php echo $lang_common['Submit'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>220 <p class="buttons"><input type="submit" name="request_pass" value="<?php echo $lang_common['Submit'] ?>" /><?php if (empty($errors)): ?> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a><?php endif; ?></p> 181 221 </form> 182 222 </div> … … 192 232 193 233 // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to index.php after login) 194 $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php'; 195 196 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Login']; 234 if (!empty($_SERVER['HTTP_REFERER'])) 235 { 236 $referrer = parse_url($_SERVER['HTTP_REFERER']); 237 // Remove www subdomain if it exists 238 if (strpos($referrer['host'], 'www.') === 0) 239 $referrer['host'] = substr($referrer['host'], 4); 240 241 // Make sure the path component exists 242 if (!isset($referrer['path'])) 243 $referrer['path'] = ''; 244 245 $valid = parse_url(get_base_url()); 246 // Remove www subdomain if it exists 247 if (strpos($valid['host'], 'www.') === 0) 248 $valid['host'] = substr($valid['host'], 4); 249 250 // Make sure the path component exists 251 if (!isset($valid['path'])) 252 $valid['path'] = ''; 253 254 if ($referrer['host'] == $valid['host'] && preg_match('%^'.preg_quote($valid['path'], '%').'/(.*?)\.php%i', $referrer['path'])) 255 $redirect_url = $_SERVER['HTTP_REFERER']; 256 } 257 258 if (!isset($redirect_url)) 259 $redirect_url = 'index.php'; 260 261 $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Login']); 197 262 $required_fields = array('req_username' => $lang_common['Username'], 'req_password' => $lang_common['Password']); 198 263 $focus_element = array('login', 'req_username'); 264 define('PUN_ACTIVE_PAGE', 'login'); 199 265 require PUN_ROOT.'header.php'; 200 266 … … 207 273 <fieldset> 208 274 <legend><?php echo $lang_login['Login legend'] ?></legend> 209 210 211 <input type="hidden" name="redirect_url" value="<?php echo $redirect_url?>" />212 <label class="conl"><strong><?php echo $lang_common['Username'] ?></strong><br /><input type="text" name="req_username" size="25" maxlength="25" tabindex="1" /><br /></label>213 <label class="conl"><strong><?php echo $lang_common['Password'] ?></strong><br /><input type="password" name="req_password" size="16" maxlength="16" tabindex="2" /><br /></label>214 <p class="clearb"><?php echo $lang_login['Login info'] ?></p> 215 <p><a href="register.php" tabindex="4"><?php echo $lang_login['Not registered'] ?></a>  216 < a href="login.php?action=forget" tabindex="5"><?php echo $lang_login['Forgotten pass'] ?></a></p>275 <div class="infldset"> 276 <input type="hidden" name="form_sent" value="1" /> 277 <input type="hidden" name="redirect_url" value="<?php echo pun_htmlspecialchars($redirect_url) ?>" /> 278 <label class="conl required"><strong><?php echo $lang_common['Username'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="text" name="req_username" size="25" maxlength="25" tabindex="1" /><br /></label> 279 <label class="conl required"><strong><?php echo $lang_common['Password'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="password" name="req_password" size="25" tabindex="2" /><br /></label> 280 281 <div class="rbox clearb"> 282 <label><input type="checkbox" name="save_pass" value="1" tabindex="3" /><?php echo $lang_login['Remember me'] ?><br /></label> 217 283 </div> 284 285 <p class="clearb"><?php echo $lang_login['Login info'] ?></p> 286 <p class="actions"><span><a href="register.php" tabindex="5"><?php echo $lang_login['Not registered'] ?></a></span> <span><a href="login.php?action=forget" tabindex="6"><?php echo $lang_login['Forgotten pass'] ?></a></span></p> 287 </div> 218 288 </fieldset> 219 289 </div> 220 <p ><input type="submit" name="login" value="<?php echo $lang_common['Login'] ?>" tabindex="3" /></p>290 <p class="buttons"><input type="submit" name="login" value="<?php echo $lang_common['Login'] ?>" tabindex="4" /></p> 221 291 </form> 222 292 </div>
Note: See TracChangeset
for help on using the changeset viewer.