|
Chris@76
|
1 <?php
|
|
Chris@76
|
2
|
|
Chris@76
|
3 /**
|
|
Chris@76
|
4 * Simple Machines Forum (SMF)
|
|
Chris@76
|
5 *
|
|
Chris@76
|
6 * @package SMF
|
|
Chris@76
|
7 * @author Simple Machines http://www.simplemachines.org
|
|
Chris@76
|
8 * @copyright 2011 Simple Machines
|
|
Chris@76
|
9 * @license http://www.simplemachines.org/about/smf/license.php BSD
|
|
Chris@76
|
10 *
|
|
Chris@76
|
11 * @version 2.0.3
|
|
Chris@76
|
12 */
|
|
Chris@76
|
13
|
|
Chris@76
|
14 if (!defined('SMF'))
|
|
Chris@76
|
15 die('Hacking attempt...');
|
|
Chris@76
|
16
|
|
Chris@76
|
17 /* This file has the very important job of insuring forum security. This
|
|
Chris@76
|
18 task includes banning and permissions, namely. It does this by providing
|
|
Chris@76
|
19 the following functions:
|
|
Chris@76
|
20
|
|
Chris@76
|
21 void validateSession()
|
|
Chris@76
|
22 - makes sure the user is who they claim to be by requiring a
|
|
Chris@76
|
23 password to be typed in every hour.
|
|
Chris@76
|
24 - is turned on and off by the securityDisable setting.
|
|
Chris@76
|
25 - uses the adminLogin() function of Subs-Auth.php if they need to
|
|
Chris@76
|
26 login, which saves all request (post and get) data.
|
|
Chris@76
|
27
|
|
Chris@76
|
28 void is_not_guest(string message = '')
|
|
Chris@76
|
29 - checks if the user is currently a guest, and if so asks them to
|
|
Chris@76
|
30 login with a message telling them why.
|
|
Chris@76
|
31 - message is what to tell them when asking them to login.
|
|
Chris@76
|
32
|
|
Chris@76
|
33 void is_not_banned(bool force_check = false)
|
|
Chris@76
|
34 - checks if the user is banned, and if so dies with an error.
|
|
Chris@76
|
35 - caches this information for optimization purposes.
|
|
Chris@76
|
36 - forces a recheck if force_check is true.
|
|
Chris@76
|
37
|
|
Chris@76
|
38 void banPermissions()
|
|
Chris@76
|
39 - applies any states of banning by removing permissions the user
|
|
Chris@76
|
40 cannot have.
|
|
Chris@76
|
41
|
|
Chris@76
|
42 void log_ban(array ban_ids = array(), string email = null)
|
|
Chris@76
|
43 - log the current user in the ban logs.
|
|
Chris@76
|
44 - increment the hit counters for the specified ban ID's (if any.)
|
|
Chris@76
|
45
|
|
Chris@76
|
46 void isBannedEmail(string email, string restriction, string error)
|
|
Chris@76
|
47 - check if a given email is banned.
|
|
Chris@76
|
48 - performs an immediate ban if the turns turns out positive.
|
|
Chris@76
|
49
|
|
Chris@76
|
50 string checkSession(string type = 'post', string from_action = none,
|
|
Chris@76
|
51 is_fatal = true)
|
|
Chris@76
|
52 - checks the current session, verifying that the person is who he or
|
|
Chris@76
|
53 she should be.
|
|
Chris@76
|
54 - also checks the referrer to make sure they didn't get sent here.
|
|
Chris@76
|
55 - depends on the disableCheckUA setting, which is usually missing.
|
|
Chris@76
|
56 - will check GET, POST, or REQUEST depending on the passed type.
|
|
Chris@76
|
57 - also optionally checks the referring action if passed. (note that
|
|
Chris@76
|
58 the referring action must be by GET.)
|
|
Chris@76
|
59 - returns the error message if is_fatal is false.
|
|
Chris@76
|
60
|
|
Chris@76
|
61 bool checkSubmitOnce(string action, bool is_fatal = true)
|
|
Chris@76
|
62 - registers a sequence number for a form.
|
|
Chris@76
|
63 - checks whether a submitted sequence number is registered in the
|
|
Chris@76
|
64 current session.
|
|
Chris@76
|
65 - depending on the value of is_fatal shows an error or returns true or
|
|
Chris@76
|
66 false.
|
|
Chris@76
|
67 - frees a sequence number from the stack after it's been checked.
|
|
Chris@76
|
68 - frees a sequence number without checking if action == 'free'.
|
|
Chris@76
|
69
|
|
Chris@76
|
70 bool allowedTo(string permission, array boards = current)
|
|
Chris@76
|
71 - checks whether the user is allowed to do permission. (ie. post_new.)
|
|
Chris@76
|
72 - if boards is specified, checks those boards instead of the current
|
|
Chris@76
|
73 one.
|
|
Chris@76
|
74 - always returns true if the user is an administrator.
|
|
Chris@76
|
75 - returns true if he or she can do it, false otherwise.
|
|
Chris@76
|
76
|
|
Chris@76
|
77 void isAllowedTo(string permission, array boards = current)
|
|
Chris@76
|
78 - uses allowedTo() to check if the user is allowed to do permission.
|
|
Chris@76
|
79 - checks the passed boards or current board for the permission.
|
|
Chris@76
|
80 - if they are not, it loads the Errors language file and shows an
|
|
Chris@76
|
81 error using $txt['cannot_' . $permission].
|
|
Chris@76
|
82 - if they are a guest and cannot do it, this calls is_not_guest().
|
|
Chris@76
|
83
|
|
Chris@76
|
84 array boardsAllowedTo(string permission, bool check_access = false)
|
|
Chris@76
|
85 - returns a list of boards on which the user is allowed to do the
|
|
Chris@76
|
86 specified permission.
|
|
Chris@76
|
87 - returns an array with only a 0 in it if the user has permission
|
|
Chris@76
|
88 to do this on every board.
|
|
Chris@76
|
89 - returns an empty array if he or she cannot do this on any board.
|
|
Chris@76
|
90 - if check_access is true will also make sure the group has proper access to that board.
|
|
Chris@76
|
91
|
|
Chris@76
|
92 string showEmailAddress(string userProfile_hideEmail, int userProfile_id)
|
|
Chris@76
|
93 - returns whether an email address should be shown and how.
|
|
Chris@76
|
94 - possible outcomes are
|
|
Chris@76
|
95 'yes': show the full email address
|
|
Chris@76
|
96 'yes_permission_override': show the full email address, either you
|
|
Chris@76
|
97 are a moderator or it's your own email address.
|
|
Chris@76
|
98 'no_through_forum': don't show the email address, but do allow
|
|
Chris@76
|
99 things to be mailed using the built-in forum mailer.
|
|
Chris@76
|
100 'no': keep the email address hidden.
|
|
Chris@76
|
101 */
|
|
Chris@76
|
102
|
|
Chris@76
|
103 // Check if the user is who he/she says he is
|
|
Chris@76
|
104 function validateSession()
|
|
Chris@76
|
105 {
|
|
Chris@76
|
106 global $modSettings, $sourcedir, $user_info, $sc, $user_settings;
|
|
Chris@76
|
107
|
|
Chris@76
|
108 // We don't care if the option is off, because Guests should NEVER get past here.
|
|
Chris@76
|
109 is_not_guest();
|
|
Chris@76
|
110
|
|
Chris@76
|
111 // If we're using XML give an additional ten minutes grace as an admin can't log on in XML mode.
|
|
Chris@76
|
112 $refreshTime = isset($_GET['xml']) ? 4200 : 3600;
|
|
Chris@76
|
113
|
|
Chris@76
|
114 // Is the security option off? Or are they already logged in?
|
|
Chris@76
|
115 if (!empty($modSettings['securityDisable']) || (!empty($_SESSION['admin_time']) && $_SESSION['admin_time'] + $refreshTime >= time()))
|
|
Chris@76
|
116 return;
|
|
Chris@76
|
117
|
|
Chris@76
|
118 require_once($sourcedir . '/Subs-Auth.php');
|
|
Chris@76
|
119
|
|
Chris@76
|
120 // Hashed password, ahoy!
|
|
Chris@76
|
121 if (isset($_POST['admin_hash_pass']) && strlen($_POST['admin_hash_pass']) == 40)
|
|
Chris@76
|
122 {
|
|
Chris@76
|
123 checkSession();
|
|
Chris@76
|
124
|
|
Chris@76
|
125 $good_password = in_array(true, call_integration_hook('integrate_verify_password', array($user_info['username'], $_POST['admin_hash_pass'], true)), true);
|
|
Chris@76
|
126
|
|
Chris@76
|
127 if ($good_password || $_POST['admin_hash_pass'] == sha1($user_info['passwd'] . $sc))
|
|
Chris@76
|
128 {
|
|
Chris@76
|
129 $_SESSION['admin_time'] = time();
|
|
Chris@76
|
130 unset($_SESSION['request_referer']);
|
|
Chris@76
|
131 return;
|
|
Chris@76
|
132 }
|
|
Chris@76
|
133 }
|
|
Chris@76
|
134 // Posting the password... check it.
|
|
Chris@76
|
135 if (isset($_POST['admin_pass']))
|
|
Chris@76
|
136 {
|
|
Chris@76
|
137 checkSession();
|
|
Chris@76
|
138
|
|
Chris@76
|
139 $good_password = in_array(true, call_integration_hook('integrate_verify_password', array($user_info['username'], $_POST['admin_pass'], false)), true);
|
|
Chris@76
|
140
|
|
Chris@76
|
141 // Password correct?
|
|
Chris@76
|
142 if ($good_password || sha1(strtolower($user_info['username']) . $_POST['admin_pass']) == $user_info['passwd'])
|
|
Chris@76
|
143 {
|
|
Chris@76
|
144 $_SESSION['admin_time'] = time();
|
|
Chris@76
|
145 unset($_SESSION['request_referer']);
|
|
Chris@76
|
146 return;
|
|
Chris@76
|
147 }
|
|
Chris@76
|
148 }
|
|
Chris@76
|
149 // OpenID?
|
|
Chris@76
|
150 if (!empty($user_settings['openid_uri']))
|
|
Chris@76
|
151 {
|
|
Chris@76
|
152 require_once($sourcedir . '/Subs-OpenID.php');
|
|
Chris@76
|
153 smf_openID_revalidate();
|
|
Chris@76
|
154
|
|
Chris@76
|
155 $_SESSION['admin_time'] = time();
|
|
Chris@76
|
156 unset($_SESSION['request_referer']);
|
|
Chris@76
|
157 return;
|
|
Chris@76
|
158 }
|
|
Chris@76
|
159
|
|
Chris@76
|
160 // Better be sure to remember the real referer
|
|
Chris@76
|
161 if (empty($_SESSION['request_referer']))
|
|
Chris@76
|
162 $_SESSION['request_referer'] = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
|
|
Chris@76
|
163 elseif (empty($_POST))
|
|
Chris@76
|
164 unset($_SESSION['request_referer']);
|
|
Chris@76
|
165 // Need to type in a password for that, man.
|
|
Chris@76
|
166 adminLogin();
|
|
Chris@76
|
167 }
|
|
Chris@76
|
168
|
|
Chris@76
|
169 // Require a user who is logged in. (not a guest.)
|
|
Chris@76
|
170 function is_not_guest($message = '')
|
|
Chris@76
|
171 {
|
|
Chris@76
|
172 global $user_info, $txt, $context, $scripturl;
|
|
Chris@76
|
173
|
|
Chris@76
|
174 // Luckily, this person isn't a guest.
|
|
Chris@76
|
175 if (!$user_info['is_guest'])
|
|
Chris@76
|
176 return;
|
|
Chris@76
|
177
|
|
Chris@76
|
178 // People always worry when they see people doing things they aren't actually doing...
|
|
Chris@76
|
179 $_GET['action'] = '';
|
|
Chris@76
|
180 $_GET['board'] = '';
|
|
Chris@76
|
181 $_GET['topic'] = '';
|
|
Chris@76
|
182 writeLog(true);
|
|
Chris@76
|
183
|
|
Chris@76
|
184 // Just die.
|
|
Chris@76
|
185 if (isset($_REQUEST['xml']))
|
|
Chris@76
|
186 obExit(false);
|
|
Chris@76
|
187
|
|
Chris@76
|
188 // Attempt to detect if they came from dlattach.
|
|
Chris@76
|
189 if (!WIRELESS && SMF != 'SSI' && empty($context['theme_loaded']))
|
|
Chris@76
|
190 loadTheme();
|
|
Chris@76
|
191
|
|
Chris@76
|
192 // Never redirect to an attachment
|
|
Chris@76
|
193 if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false)
|
|
Chris@76
|
194 $_SESSION['login_url'] = $_SERVER['REQUEST_URL'];
|
|
Chris@76
|
195
|
|
Chris@76
|
196 // Load the Login template and language file.
|
|
Chris@76
|
197 loadLanguage('Login');
|
|
Chris@76
|
198
|
|
Chris@76
|
199 // Are we in wireless mode?
|
|
Chris@76
|
200 if (WIRELESS)
|
|
Chris@76
|
201 {
|
|
Chris@76
|
202 $context['login_error'] = $message ? $message : $txt['only_members_can_access'];
|
|
Chris@76
|
203 $context['sub_template'] = WIRELESS_PROTOCOL . '_login';
|
|
Chris@76
|
204 }
|
|
Chris@76
|
205 // Apparently we're not in a position to handle this now. Let's go to a safer location for now.
|
|
Chris@76
|
206 elseif (empty($context['template_layers']))
|
|
Chris@76
|
207 {
|
|
Chris@76
|
208 $_SESSION['login_url'] = $scripturl . '?' . $_SERVER['QUERY_STRING'];
|
|
Chris@76
|
209 redirectexit('action=login');
|
|
Chris@76
|
210 }
|
|
Chris@76
|
211 else
|
|
Chris@76
|
212 {
|
|
Chris@76
|
213 loadTemplate('Login');
|
|
Chris@76
|
214 $context['sub_template'] = 'kick_guest';
|
|
Chris@76
|
215 $context['robot_no_index'] = true;
|
|
Chris@76
|
216 }
|
|
Chris@76
|
217
|
|
Chris@76
|
218 // Use the kick_guest sub template...
|
|
Chris@76
|
219 $context['kick_message'] = $message;
|
|
Chris@76
|
220 $context['page_title'] = $txt['login'];
|
|
Chris@76
|
221
|
|
Chris@76
|
222 obExit();
|
|
Chris@76
|
223
|
|
Chris@76
|
224 // We should never get to this point, but if we did we wouldn't know the user isn't a guest.
|
|
Chris@76
|
225 trigger_error('Hacking attempt...', E_USER_ERROR);
|
|
Chris@76
|
226 }
|
|
Chris@76
|
227
|
|
Chris@76
|
228 // Do banning related stuff. (ie. disallow access....)
|
|
Chris@76
|
229 function is_not_banned($forceCheck = false)
|
|
Chris@76
|
230 {
|
|
Chris@76
|
231 global $txt, $modSettings, $context, $user_info;
|
|
Chris@76
|
232 global $sourcedir, $cookiename, $user_settings, $smcFunc;
|
|
Chris@76
|
233
|
|
Chris@76
|
234 // You cannot be banned if you are an admin - doesn't help if you log out.
|
|
Chris@76
|
235 if ($user_info['is_admin'])
|
|
Chris@76
|
236 return;
|
|
Chris@76
|
237
|
|
Chris@76
|
238 // Only check the ban every so often. (to reduce load.)
|
|
Chris@76
|
239 if ($forceCheck || !isset($_SESSION['ban']) || empty($modSettings['banLastUpdated']) || ($_SESSION['ban']['last_checked'] < $modSettings['banLastUpdated']) || $_SESSION['ban']['id_member'] != $user_info['id'] || $_SESSION['ban']['ip'] != $user_info['ip'] || $_SESSION['ban']['ip2'] != $user_info['ip2'] || (isset($user_info['email'], $_SESSION['ban']['email']) && $_SESSION['ban']['email'] != $user_info['email']))
|
|
Chris@76
|
240 {
|
|
Chris@76
|
241 // Innocent until proven guilty. (but we know you are! :P)
|
|
Chris@76
|
242 $_SESSION['ban'] = array(
|
|
Chris@76
|
243 'last_checked' => time(),
|
|
Chris@76
|
244 'id_member' => $user_info['id'],
|
|
Chris@76
|
245 'ip' => $user_info['ip'],
|
|
Chris@76
|
246 'ip2' => $user_info['ip2'],
|
|
Chris@76
|
247 'email' => $user_info['email'],
|
|
Chris@76
|
248 );
|
|
Chris@76
|
249
|
|
Chris@76
|
250 $ban_query = array();
|
|
Chris@76
|
251 $ban_query_vars = array('current_time' => time());
|
|
Chris@76
|
252 $flag_is_activated = false;
|
|
Chris@76
|
253
|
|
Chris@76
|
254 // Check both IP addresses.
|
|
Chris@76
|
255 foreach (array('ip', 'ip2') as $ip_number)
|
|
Chris@76
|
256 {
|
|
Chris@76
|
257 // Check if we have a valid IP address.
|
|
Chris@76
|
258 if (preg_match('/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/', $user_info[$ip_number], $ip_parts) == 1)
|
|
Chris@76
|
259 {
|
|
Chris@76
|
260 $ban_query[] = '((' . $ip_parts[1] . ' BETWEEN bi.ip_low1 AND bi.ip_high1)
|
|
Chris@76
|
261 AND (' . $ip_parts[2] . ' BETWEEN bi.ip_low2 AND bi.ip_high2)
|
|
Chris@76
|
262 AND (' . $ip_parts[3] . ' BETWEEN bi.ip_low3 AND bi.ip_high3)
|
|
Chris@76
|
263 AND (' . $ip_parts[4] . ' BETWEEN bi.ip_low4 AND bi.ip_high4))';
|
|
Chris@76
|
264
|
|
Chris@76
|
265 // IP was valid, maybe there's also a hostname...
|
|
Chris@76
|
266 if (empty($modSettings['disableHostnameLookup']))
|
|
Chris@76
|
267 {
|
|
Chris@76
|
268 $hostname = host_from_ip($user_info[$ip_number]);
|
|
Chris@76
|
269 if (strlen($hostname) > 0)
|
|
Chris@76
|
270 {
|
|
Chris@76
|
271 $ban_query[] = '({string:hostname} LIKE bi.hostname)';
|
|
Chris@76
|
272 $ban_query_vars['hostname'] = $hostname;
|
|
Chris@76
|
273 }
|
|
Chris@76
|
274 }
|
|
Chris@76
|
275 }
|
|
Chris@76
|
276 // We use '255.255.255.255' for 'unknown' since it's not valid anyway.
|
|
Chris@76
|
277 elseif ($user_info['ip'] == 'unknown')
|
|
Chris@76
|
278 $ban_query[] = '(bi.ip_low1 = 255 AND bi.ip_high1 = 255
|
|
Chris@76
|
279 AND bi.ip_low2 = 255 AND bi.ip_high2 = 255
|
|
Chris@76
|
280 AND bi.ip_low3 = 255 AND bi.ip_high3 = 255
|
|
Chris@76
|
281 AND bi.ip_low4 = 255 AND bi.ip_high4 = 255)';
|
|
Chris@76
|
282 }
|
|
Chris@76
|
283
|
|
Chris@76
|
284 // Is their email address banned?
|
|
Chris@76
|
285 if (strlen($user_info['email']) != 0)
|
|
Chris@76
|
286 {
|
|
Chris@76
|
287 $ban_query[] = '({string:email} LIKE bi.email_address)';
|
|
Chris@76
|
288 $ban_query_vars['email'] = $user_info['email'];
|
|
Chris@76
|
289 }
|
|
Chris@76
|
290
|
|
Chris@76
|
291 // How about this user?
|
|
Chris@76
|
292 if (!$user_info['is_guest'] && !empty($user_info['id']))
|
|
Chris@76
|
293 {
|
|
Chris@76
|
294 $ban_query[] = 'bi.id_member = {int:id_member}';
|
|
Chris@76
|
295 $ban_query_vars['id_member'] = $user_info['id'];
|
|
Chris@76
|
296 }
|
|
Chris@76
|
297
|
|
Chris@76
|
298 // Check the ban, if there's information.
|
|
Chris@76
|
299 if (!empty($ban_query))
|
|
Chris@76
|
300 {
|
|
Chris@76
|
301 $restrictions = array(
|
|
Chris@76
|
302 'cannot_access',
|
|
Chris@76
|
303 'cannot_login',
|
|
Chris@76
|
304 'cannot_post',
|
|
Chris@76
|
305 'cannot_register',
|
|
Chris@76
|
306 );
|
|
Chris@76
|
307 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
308 SELECT bi.id_ban, bi.email_address, bi.id_member, bg.cannot_access, bg.cannot_register,
|
|
Chris@76
|
309 bg.cannot_post, bg.cannot_login, bg.reason, IFNULL(bg.expire_time, 0) AS expire_time
|
|
Chris@76
|
310 FROM {db_prefix}ban_items AS bi
|
|
Chris@76
|
311 INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group AND (bg.expire_time IS NULL OR bg.expire_time > {int:current_time}))
|
|
Chris@76
|
312 WHERE
|
|
Chris@76
|
313 (' . implode(' OR ', $ban_query) . ')',
|
|
Chris@76
|
314 $ban_query_vars
|
|
Chris@76
|
315 );
|
|
Chris@76
|
316 // Store every type of ban that applies to you in your session.
|
|
Chris@76
|
317 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
318 {
|
|
Chris@76
|
319 foreach ($restrictions as $restriction)
|
|
Chris@76
|
320 if (!empty($row[$restriction]))
|
|
Chris@76
|
321 {
|
|
Chris@76
|
322 $_SESSION['ban'][$restriction]['reason'] = $row['reason'];
|
|
Chris@76
|
323 $_SESSION['ban'][$restriction]['ids'][] = $row['id_ban'];
|
|
Chris@76
|
324 if (!isset($_SESSION['ban']['expire_time']) || ($_SESSION['ban']['expire_time'] != 0 && ($row['expire_time'] == 0 || $row['expire_time'] > $_SESSION['ban']['expire_time'])))
|
|
Chris@76
|
325 $_SESSION['ban']['expire_time'] = $row['expire_time'];
|
|
Chris@76
|
326
|
|
Chris@76
|
327 if (!$user_info['is_guest'] && $restriction == 'cannot_access' && ($row['id_member'] == $user_info['id'] || $row['email_address'] == $user_info['email']))
|
|
Chris@76
|
328 $flag_is_activated = true;
|
|
Chris@76
|
329 }
|
|
Chris@76
|
330 }
|
|
Chris@76
|
331 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
332 }
|
|
Chris@76
|
333
|
|
Chris@76
|
334 // Mark the cannot_access and cannot_post bans as being 'hit'.
|
|
Chris@76
|
335 if (isset($_SESSION['ban']['cannot_access']) || isset($_SESSION['ban']['cannot_post']) || isset($_SESSION['ban']['cannot_login']))
|
|
Chris@76
|
336 log_ban(array_merge(isset($_SESSION['ban']['cannot_access']) ? $_SESSION['ban']['cannot_access']['ids'] : array(), isset($_SESSION['ban']['cannot_post']) ? $_SESSION['ban']['cannot_post']['ids'] : array(), isset($_SESSION['ban']['cannot_login']) ? $_SESSION['ban']['cannot_login']['ids'] : array()));
|
|
Chris@76
|
337
|
|
Chris@76
|
338 // If for whatever reason the is_activated flag seems wrong, do a little work to clear it up.
|
|
Chris@76
|
339 if ($user_info['id'] && (($user_settings['is_activated'] >= 10 && !$flag_is_activated)
|
|
Chris@76
|
340 || ($user_settings['is_activated'] < 10 && $flag_is_activated)))
|
|
Chris@76
|
341 {
|
|
Chris@76
|
342 require_once($sourcedir . '/ManageBans.php');
|
|
Chris@76
|
343 updateBanMembers();
|
|
Chris@76
|
344 }
|
|
Chris@76
|
345 }
|
|
Chris@76
|
346
|
|
Chris@76
|
347 // Hey, I know you! You're ehm...
|
|
Chris@76
|
348 if (!isset($_SESSION['ban']['cannot_access']) && !empty($_COOKIE[$cookiename . '_']))
|
|
Chris@76
|
349 {
|
|
Chris@76
|
350 $bans = explode(',', $_COOKIE[$cookiename . '_']);
|
|
Chris@76
|
351 foreach ($bans as $key => $value)
|
|
Chris@76
|
352 $bans[$key] = (int) $value;
|
|
Chris@76
|
353 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
354 SELECT bi.id_ban, bg.reason
|
|
Chris@76
|
355 FROM {db_prefix}ban_items AS bi
|
|
Chris@76
|
356 INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group)
|
|
Chris@76
|
357 WHERE bi.id_ban IN ({array_int:ban_list})
|
|
Chris@76
|
358 AND (bg.expire_time IS NULL OR bg.expire_time > {int:current_time})
|
|
Chris@76
|
359 AND bg.cannot_access = {int:cannot_access}
|
|
Chris@76
|
360 LIMIT ' . count($bans),
|
|
Chris@76
|
361 array(
|
|
Chris@76
|
362 'cannot_access' => 1,
|
|
Chris@76
|
363 'ban_list' => $bans,
|
|
Chris@76
|
364 'current_time' => time(),
|
|
Chris@76
|
365 )
|
|
Chris@76
|
366 );
|
|
Chris@76
|
367 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
368 {
|
|
Chris@76
|
369 $_SESSION['ban']['cannot_access']['ids'][] = $row['id_ban'];
|
|
Chris@76
|
370 $_SESSION['ban']['cannot_access']['reason'] = $row['reason'];
|
|
Chris@76
|
371 }
|
|
Chris@76
|
372 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
373
|
|
Chris@76
|
374 // My mistake. Next time better.
|
|
Chris@76
|
375 if (!isset($_SESSION['ban']['cannot_access']))
|
|
Chris@76
|
376 {
|
|
Chris@76
|
377 require_once($sourcedir . '/Subs-Auth.php');
|
|
Chris@76
|
378 $cookie_url = url_parts(!empty($modSettings['localCookies']), !empty($modSettings['globalCookies']));
|
|
Chris@76
|
379 setcookie($cookiename . '_', '', time() - 3600, $cookie_url[1], $cookie_url[0], 0);
|
|
Chris@76
|
380 }
|
|
Chris@76
|
381 }
|
|
Chris@76
|
382
|
|
Chris@76
|
383 // If you're fully banned, it's end of the story for you.
|
|
Chris@76
|
384 if (isset($_SESSION['ban']['cannot_access']))
|
|
Chris@76
|
385 {
|
|
Chris@76
|
386 // We don't wanna see you!
|
|
Chris@76
|
387 if (!$user_info['is_guest'])
|
|
Chris@76
|
388 $smcFunc['db_query']('', '
|
|
Chris@76
|
389 DELETE FROM {db_prefix}log_online
|
|
Chris@76
|
390 WHERE id_member = {int:current_member}',
|
|
Chris@76
|
391 array(
|
|
Chris@76
|
392 'current_member' => $user_info['id'],
|
|
Chris@76
|
393 )
|
|
Chris@76
|
394 );
|
|
Chris@76
|
395
|
|
Chris@76
|
396 // 'Log' the user out. Can't have any funny business... (save the name!)
|
|
Chris@76
|
397 $old_name = isset($user_info['name']) && $user_info['name'] != '' ? $user_info['name'] : $txt['guest_title'];
|
|
Chris@76
|
398 $user_info['name'] = '';
|
|
Chris@76
|
399 $user_info['username'] = '';
|
|
Chris@76
|
400 $user_info['is_guest'] = true;
|
|
Chris@76
|
401 $user_info['is_admin'] = false;
|
|
Chris@76
|
402 $user_info['permissions'] = array();
|
|
Chris@76
|
403 $user_info['id'] = 0;
|
|
Chris@76
|
404 $context['user'] = array(
|
|
Chris@76
|
405 'id' => 0,
|
|
Chris@76
|
406 'username' => '',
|
|
Chris@76
|
407 'name' => $txt['guest_title'],
|
|
Chris@76
|
408 'is_guest' => true,
|
|
Chris@76
|
409 'is_logged' => false,
|
|
Chris@76
|
410 'is_admin' => false,
|
|
Chris@76
|
411 'is_mod' => false,
|
|
Chris@76
|
412 'can_mod' => false,
|
|
Chris@76
|
413 'language' => $user_info['language'],
|
|
Chris@76
|
414 );
|
|
Chris@76
|
415
|
|
Chris@76
|
416 // A goodbye present.
|
|
Chris@76
|
417 require_once($sourcedir . '/Subs-Auth.php');
|
|
Chris@76
|
418 $cookie_url = url_parts(!empty($modSettings['localCookies']), !empty($modSettings['globalCookies']));
|
|
Chris@76
|
419 setcookie($cookiename . '_', implode(',', $_SESSION['ban']['cannot_access']['ids']), time() + 3153600, $cookie_url[1], $cookie_url[0], 0);
|
|
Chris@76
|
420
|
|
Chris@76
|
421 // Don't scare anyone, now.
|
|
Chris@76
|
422 $_GET['action'] = '';
|
|
Chris@76
|
423 $_GET['board'] = '';
|
|
Chris@76
|
424 $_GET['topic'] = '';
|
|
Chris@76
|
425 writeLog(true);
|
|
Chris@76
|
426
|
|
Chris@76
|
427 // You banned, sucka!
|
|
Chris@76
|
428 fatal_error(sprintf($txt['your_ban'], $old_name) . (empty($_SESSION['ban']['cannot_access']['reason']) ? '' : '<br />' . $_SESSION['ban']['cannot_access']['reason']) . '<br />' . (!empty($_SESSION['ban']['expire_time']) ? sprintf($txt['your_ban_expires'], timeformat($_SESSION['ban']['expire_time'], false)) : $txt['your_ban_expires_never']), 'user');
|
|
Chris@76
|
429
|
|
Chris@76
|
430 // If we get here, something's gone wrong.... but let's try anyway.
|
|
Chris@76
|
431 trigger_error('Hacking attempt...', E_USER_ERROR);
|
|
Chris@76
|
432 }
|
|
Chris@76
|
433 // You're not allowed to log in but yet you are. Let's fix that.
|
|
Chris@76
|
434 elseif (isset($_SESSION['ban']['cannot_login']) && !$user_info['is_guest'])
|
|
Chris@76
|
435 {
|
|
Chris@76
|
436 // We don't wanna see you!
|
|
Chris@76
|
437 $smcFunc['db_query']('', '
|
|
Chris@76
|
438 DELETE FROM {db_prefix}log_online
|
|
Chris@76
|
439 WHERE id_member = {int:current_member}',
|
|
Chris@76
|
440 array(
|
|
Chris@76
|
441 'current_member' => $user_info['id'],
|
|
Chris@76
|
442 )
|
|
Chris@76
|
443 );
|
|
Chris@76
|
444
|
|
Chris@76
|
445 // 'Log' the user out. Can't have any funny business... (save the name!)
|
|
Chris@76
|
446 $old_name = isset($user_info['name']) && $user_info['name'] != '' ? $user_info['name'] : $txt['guest_title'];
|
|
Chris@76
|
447 $user_info['name'] = '';
|
|
Chris@76
|
448 $user_info['username'] = '';
|
|
Chris@76
|
449 $user_info['is_guest'] = true;
|
|
Chris@76
|
450 $user_info['is_admin'] = false;
|
|
Chris@76
|
451 $user_info['permissions'] = array();
|
|
Chris@76
|
452 $user_info['id'] = 0;
|
|
Chris@76
|
453 $context['user'] = array(
|
|
Chris@76
|
454 'id' => 0,
|
|
Chris@76
|
455 'username' => '',
|
|
Chris@76
|
456 'name' => $txt['guest_title'],
|
|
Chris@76
|
457 'is_guest' => true,
|
|
Chris@76
|
458 'is_logged' => false,
|
|
Chris@76
|
459 'is_admin' => false,
|
|
Chris@76
|
460 'is_mod' => false,
|
|
Chris@76
|
461 'can_mod' => false,
|
|
Chris@76
|
462 'language' => $user_info['language'],
|
|
Chris@76
|
463 );
|
|
Chris@76
|
464
|
|
Chris@76
|
465 // SMF's Wipe 'n Clean(r) erases all traces.
|
|
Chris@76
|
466 $_GET['action'] = '';
|
|
Chris@76
|
467 $_GET['board'] = '';
|
|
Chris@76
|
468 $_GET['topic'] = '';
|
|
Chris@76
|
469 writeLog(true);
|
|
Chris@76
|
470
|
|
Chris@76
|
471 require_once($sourcedir . '/LogInOut.php');
|
|
Chris@76
|
472 Logout(true, false);
|
|
Chris@76
|
473
|
|
Chris@76
|
474 fatal_error(sprintf($txt['your_ban'], $old_name) . (empty($_SESSION['ban']['cannot_login']['reason']) ? '' : '<br />' . $_SESSION['ban']['cannot_login']['reason']) . '<br />' . (!empty($_SESSION['ban']['expire_time']) ? sprintf($txt['your_ban_expires'], timeformat($_SESSION['ban']['expire_time'], false)) : $txt['your_ban_expires_never']) . '<br />' . $txt['ban_continue_browse'], 'user');
|
|
Chris@76
|
475 }
|
|
Chris@76
|
476
|
|
Chris@76
|
477 // Fix up the banning permissions.
|
|
Chris@76
|
478 if (isset($user_info['permissions']))
|
|
Chris@76
|
479 banPermissions();
|
|
Chris@76
|
480 }
|
|
Chris@76
|
481
|
|
Chris@76
|
482 // Fix permissions according to ban status.
|
|
Chris@76
|
483 function banPermissions()
|
|
Chris@76
|
484 {
|
|
Chris@76
|
485 global $user_info, $sourcedir, $modSettings, $context;
|
|
Chris@76
|
486
|
|
Chris@76
|
487 // Somehow they got here, at least take away all permissions...
|
|
Chris@76
|
488 if (isset($_SESSION['ban']['cannot_access']))
|
|
Chris@76
|
489 $user_info['permissions'] = array();
|
|
Chris@76
|
490 // Okay, well, you can watch, but don't touch a thing.
|
|
Chris@76
|
491 elseif (isset($_SESSION['ban']['cannot_post']) || (!empty($modSettings['warning_mute']) && $modSettings['warning_mute'] <= $user_info['warning']))
|
|
Chris@76
|
492 {
|
|
Chris@76
|
493 $denied_permissions = array(
|
|
Chris@76
|
494 'pm_send',
|
|
Chris@76
|
495 'calendar_post', 'calendar_edit_own', 'calendar_edit_any',
|
|
Chris@76
|
496 'poll_post',
|
|
Chris@76
|
497 'poll_add_own', 'poll_add_any',
|
|
Chris@76
|
498 'poll_edit_own', 'poll_edit_any',
|
|
Chris@76
|
499 'poll_lock_own', 'poll_lock_any',
|
|
Chris@76
|
500 'poll_remove_own', 'poll_remove_any',
|
|
Chris@76
|
501 'manage_attachments', 'manage_smileys', 'manage_boards', 'admin_forum', 'manage_permissions',
|
|
Chris@76
|
502 'moderate_forum', 'manage_membergroups', 'manage_bans', 'send_mail', 'edit_news',
|
|
Chris@76
|
503 'profile_identity_any', 'profile_extra_any', 'profile_title_any',
|
|
Chris@76
|
504 'post_new', 'post_reply_own', 'post_reply_any',
|
|
Chris@76
|
505 'delete_own', 'delete_any', 'delete_replies',
|
|
Chris@76
|
506 'make_sticky',
|
|
Chris@76
|
507 'merge_any', 'split_any',
|
|
Chris@76
|
508 'modify_own', 'modify_any', 'modify_replies',
|
|
Chris@76
|
509 'move_any',
|
|
Chris@76
|
510 'send_topic',
|
|
Chris@76
|
511 'lock_own', 'lock_any',
|
|
Chris@76
|
512 'remove_own', 'remove_any',
|
|
Chris@76
|
513 'post_unapproved_topics', 'post_unapproved_replies_own', 'post_unapproved_replies_any',
|
|
Chris@76
|
514 );
|
|
Chris@76
|
515 $user_info['permissions'] = array_diff($user_info['permissions'], $denied_permissions);
|
|
Chris@76
|
516 }
|
|
Chris@76
|
517 // Are they absolutely under moderation?
|
|
Chris@76
|
518 elseif (!empty($modSettings['warning_moderate']) && $modSettings['warning_moderate'] <= $user_info['warning'])
|
|
Chris@76
|
519 {
|
|
Chris@76
|
520 // Work out what permissions should change...
|
|
Chris@76
|
521 $permission_change = array(
|
|
Chris@76
|
522 'post_new' => 'post_unapproved_topics',
|
|
Chris@76
|
523 'post_reply_own' => 'post_unapproved_replies_own',
|
|
Chris@76
|
524 'post_reply_any' => 'post_unapproved_replies_any',
|
|
Chris@76
|
525 'post_attachment' => 'post_unapproved_attachments',
|
|
Chris@76
|
526 );
|
|
Chris@76
|
527 foreach ($permission_change as $old => $new)
|
|
Chris@76
|
528 {
|
|
Chris@76
|
529 if (!in_array($old, $user_info['permissions']))
|
|
Chris@76
|
530 unset($permission_change[$old]);
|
|
Chris@76
|
531 else
|
|
Chris@76
|
532 $user_info['permissions'][] = $new;
|
|
Chris@76
|
533 }
|
|
Chris@76
|
534 $user_info['permissions'] = array_diff($user_info['permissions'], array_keys($permission_change));
|
|
Chris@76
|
535 }
|
|
Chris@76
|
536
|
|
Chris@76
|
537 //!!! Find a better place to call this? Needs to be after permissions loaded!
|
|
Chris@76
|
538 // Finally, some bits we cache in the session because it saves queries.
|
|
Chris@76
|
539 if (isset($_SESSION['mc']) && $_SESSION['mc']['time'] > $modSettings['settings_updated'] && $_SESSION['mc']['id'] == $user_info['id'])
|
|
Chris@76
|
540 $user_info['mod_cache'] = $_SESSION['mc'];
|
|
Chris@76
|
541 else
|
|
Chris@76
|
542 {
|
|
Chris@76
|
543 require_once($sourcedir . '/Subs-Auth.php');
|
|
Chris@76
|
544 rebuildModCache();
|
|
Chris@76
|
545 }
|
|
Chris@76
|
546
|
|
Chris@76
|
547 // Now that we have the mod cache taken care of lets setup a cache for the number of mod reports still open
|
|
Chris@76
|
548 if (isset($_SESSION['rc']) && $_SESSION['rc']['time'] > $modSettings['last_mod_report_action'] && $_SESSION['rc']['id'] == $user_info['id'])
|
|
Chris@76
|
549 $context['open_mod_reports'] = $_SESSION['rc']['reports'];
|
|
Chris@76
|
550 elseif ($_SESSION['mc']['bq'] != '0=1')
|
|
Chris@76
|
551 {
|
|
Chris@76
|
552 require_once($sourcedir . '/ModerationCenter.php');
|
|
Chris@76
|
553 recountOpenReports();
|
|
Chris@76
|
554 }
|
|
Chris@76
|
555 else
|
|
Chris@76
|
556 $context['open_mod_reports'] = 0;
|
|
Chris@76
|
557 }
|
|
Chris@76
|
558
|
|
Chris@76
|
559 // Log a ban in the database.
|
|
Chris@76
|
560 function log_ban($ban_ids = array(), $email = null)
|
|
Chris@76
|
561 {
|
|
Chris@76
|
562 global $user_info, $smcFunc;
|
|
Chris@76
|
563
|
|
Chris@76
|
564 // Don't log web accelerators, it's very confusing...
|
|
Chris@76
|
565 if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch')
|
|
Chris@76
|
566 return;
|
|
Chris@76
|
567
|
|
Chris@76
|
568 $smcFunc['db_insert']('',
|
|
Chris@76
|
569 '{db_prefix}log_banned',
|
|
Chris@76
|
570 array('id_member' => 'int', 'ip' => 'string-16', 'email' => 'string', 'log_time' => 'int'),
|
|
Chris@76
|
571 array($user_info['id'], $user_info['ip'], ($email === null ? ($user_info['is_guest'] ? '' : $user_info['email']) : $email), time()),
|
|
Chris@76
|
572 array('id_ban_log')
|
|
Chris@76
|
573 );
|
|
Chris@76
|
574
|
|
Chris@76
|
575 // One extra point for these bans.
|
|
Chris@76
|
576 if (!empty($ban_ids))
|
|
Chris@76
|
577 $smcFunc['db_query']('', '
|
|
Chris@76
|
578 UPDATE {db_prefix}ban_items
|
|
Chris@76
|
579 SET hits = hits + 1
|
|
Chris@76
|
580 WHERE id_ban IN ({array_int:ban_ids})',
|
|
Chris@76
|
581 array(
|
|
Chris@76
|
582 'ban_ids' => $ban_ids,
|
|
Chris@76
|
583 )
|
|
Chris@76
|
584 );
|
|
Chris@76
|
585 }
|
|
Chris@76
|
586
|
|
Chris@76
|
587 // Checks if a given email address might be banned.
|
|
Chris@76
|
588 function isBannedEmail($email, $restriction, $error)
|
|
Chris@76
|
589 {
|
|
Chris@76
|
590 global $txt, $smcFunc;
|
|
Chris@76
|
591
|
|
Chris@76
|
592 // Can't ban an empty email
|
|
Chris@76
|
593 if (empty($email) || trim($email) == '')
|
|
Chris@76
|
594 return;
|
|
Chris@76
|
595
|
|
Chris@76
|
596 // Let's start with the bans based on your IP/hostname/memberID...
|
|
Chris@76
|
597 $ban_ids = isset($_SESSION['ban'][$restriction]) ? $_SESSION['ban'][$restriction]['ids'] : array();
|
|
Chris@76
|
598 $ban_reason = isset($_SESSION['ban'][$restriction]) ? $_SESSION['ban'][$restriction]['reason'] : '';
|
|
Chris@76
|
599
|
|
Chris@76
|
600 // ...and add to that the email address you're trying to register.
|
|
Chris@76
|
601 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
602 SELECT bi.id_ban, bg.' . $restriction . ', bg.cannot_access, bg.reason
|
|
Chris@76
|
603 FROM {db_prefix}ban_items AS bi
|
|
Chris@76
|
604 INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group)
|
|
Chris@76
|
605 WHERE {string:email} LIKE bi.email_address
|
|
Chris@76
|
606 AND (bg.' . $restriction . ' = {int:cannot_access} OR bg.cannot_access = {int:cannot_access})
|
|
Chris@76
|
607 AND (bg.expire_time IS NULL OR bg.expire_time >= {int:now})',
|
|
Chris@76
|
608 array(
|
|
Chris@76
|
609 'email' => $email,
|
|
Chris@76
|
610 'cannot_access' => 1,
|
|
Chris@76
|
611 'now' => time(),
|
|
Chris@76
|
612 )
|
|
Chris@76
|
613 );
|
|
Chris@76
|
614 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
615 {
|
|
Chris@76
|
616 if (!empty($row['cannot_access']))
|
|
Chris@76
|
617 {
|
|
Chris@76
|
618 $_SESSION['ban']['cannot_access']['ids'][] = $row['id_ban'];
|
|
Chris@76
|
619 $_SESSION['ban']['cannot_access']['reason'] = $row['reason'];
|
|
Chris@76
|
620 }
|
|
Chris@76
|
621 if (!empty($row[$restriction]))
|
|
Chris@76
|
622 {
|
|
Chris@76
|
623 $ban_ids[] = $row['id_ban'];
|
|
Chris@76
|
624 $ban_reason = $row['reason'];
|
|
Chris@76
|
625 }
|
|
Chris@76
|
626 }
|
|
Chris@76
|
627 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
628
|
|
Chris@76
|
629 // You're in biiig trouble. Banned for the rest of this session!
|
|
Chris@76
|
630 if (isset($_SESSION['ban']['cannot_access']))
|
|
Chris@76
|
631 {
|
|
Chris@76
|
632 log_ban($_SESSION['ban']['cannot_access']['ids']);
|
|
Chris@76
|
633 $_SESSION['ban']['last_checked'] = time();
|
|
Chris@76
|
634
|
|
Chris@76
|
635 fatal_error(sprintf($txt['your_ban'], $txt['guest_title']) . $_SESSION['ban']['cannot_access']['reason'], false);
|
|
Chris@76
|
636 }
|
|
Chris@76
|
637
|
|
Chris@76
|
638 if (!empty($ban_ids))
|
|
Chris@76
|
639 {
|
|
Chris@76
|
640 // Log this ban for future reference.
|
|
Chris@76
|
641 log_ban($ban_ids, $email);
|
|
Chris@76
|
642 fatal_error($error . $ban_reason, false);
|
|
Chris@76
|
643 }
|
|
Chris@76
|
644 }
|
|
Chris@76
|
645
|
|
Chris@76
|
646 // Make sure the user's correct session was passed, and they came from here. (type can be post, get, or request.)
|
|
Chris@76
|
647 function checkSession($type = 'post', $from_action = '', $is_fatal = true)
|
|
Chris@76
|
648 {
|
|
Chris@76
|
649 global $sc, $modSettings, $boardurl;
|
|
Chris@76
|
650
|
|
Chris@76
|
651 // Is it in as $_POST['sc']?
|
|
Chris@76
|
652 if ($type == 'post')
|
|
Chris@76
|
653 {
|
|
Chris@76
|
654 $check = isset($_POST[$_SESSION['session_var']]) ? $_POST[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_POST['sc']) ? $_POST['sc'] : null);
|
|
Chris@76
|
655 if ($check !== $sc)
|
|
Chris@76
|
656 $error = 'session_timeout';
|
|
Chris@76
|
657 }
|
|
Chris@76
|
658
|
|
Chris@76
|
659 // How about $_GET['sesc']?
|
|
Chris@76
|
660 elseif ($type == 'get')
|
|
Chris@76
|
661 {
|
|
Chris@76
|
662 $check = isset($_GET[$_SESSION['session_var']]) ? $_GET[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_GET['sesc']) ? $_GET['sesc'] : null);
|
|
Chris@76
|
663 if ($check !== $sc)
|
|
Chris@76
|
664 $error = 'session_verify_fail';
|
|
Chris@76
|
665 }
|
|
Chris@76
|
666
|
|
Chris@76
|
667 // Or can it be in either?
|
|
Chris@76
|
668 elseif ($type == 'request')
|
|
Chris@76
|
669 {
|
|
Chris@76
|
670 $check = isset($_GET[$_SESSION['session_var']]) ? $_GET[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_GET['sesc']) ? $_GET['sesc'] : (isset($_POST[$_SESSION['session_var']]) ? $_POST[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_POST['sc']) ? $_POST['sc'] : null)));
|
|
Chris@76
|
671
|
|
Chris@76
|
672 if ($check !== $sc)
|
|
Chris@76
|
673 $error = 'session_verify_fail';
|
|
Chris@76
|
674 }
|
|
Chris@76
|
675
|
|
Chris@76
|
676 // Verify that they aren't changing user agents on us - that could be bad.
|
|
Chris@76
|
677 if ((!isset($_SESSION['USER_AGENT']) || $_SESSION['USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) && empty($modSettings['disableCheckUA']))
|
|
Chris@76
|
678 $error = 'session_verify_fail';
|
|
Chris@76
|
679
|
|
Chris@76
|
680 // Make sure a page with session check requirement is not being prefetched.
|
|
Chris@76
|
681 if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch')
|
|
Chris@76
|
682 {
|
|
Chris@76
|
683 ob_end_clean();
|
|
Chris@76
|
684 header('HTTP/1.1 403 Forbidden');
|
|
Chris@76
|
685 die;
|
|
Chris@76
|
686 }
|
|
Chris@76
|
687
|
|
Chris@76
|
688 // Check the referring site - it should be the same server at least!
|
|
Chris@76
|
689 if (isset($_SESSION['request_referer']))
|
|
Chris@76
|
690 $referrer = $_SESSION['request_referer'];
|
|
Chris@76
|
691 else
|
|
Chris@76
|
692 $referrer = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
|
|
Chris@76
|
693 if (!empty($referrer['host']))
|
|
Chris@76
|
694 {
|
|
Chris@76
|
695 if (strpos($_SERVER['HTTP_HOST'], ':') !== false)
|
|
Chris@76
|
696 $real_host = substr($_SERVER['HTTP_HOST'], 0, strpos($_SERVER['HTTP_HOST'], ':'));
|
|
Chris@76
|
697 else
|
|
Chris@76
|
698 $real_host = $_SERVER['HTTP_HOST'];
|
|
Chris@76
|
699
|
|
Chris@76
|
700 $parsed_url = parse_url($boardurl);
|
|
Chris@76
|
701
|
|
Chris@76
|
702 // Are global cookies on? If so, let's check them ;).
|
|
Chris@76
|
703 if (!empty($modSettings['globalCookies']))
|
|
Chris@76
|
704 {
|
|
Chris@76
|
705 if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $parsed_url['host'], $parts) == 1)
|
|
Chris@76
|
706 $parsed_url['host'] = $parts[1];
|
|
Chris@76
|
707
|
|
Chris@76
|
708 if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $referrer['host'], $parts) == 1)
|
|
Chris@76
|
709 $referrer['host'] = $parts[1];
|
|
Chris@76
|
710
|
|
Chris@76
|
711 if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $real_host, $parts) == 1)
|
|
Chris@76
|
712 $real_host = $parts[1];
|
|
Chris@76
|
713 }
|
|
Chris@76
|
714
|
|
Chris@76
|
715 // Okay: referrer must either match parsed_url or real_host.
|
|
Chris@76
|
716 if (isset($parsed_url['host']) && strtolower($referrer['host']) != strtolower($parsed_url['host']) && strtolower($referrer['host']) != strtolower($real_host))
|
|
Chris@76
|
717 {
|
|
Chris@76
|
718 $error = 'verify_url_fail';
|
|
Chris@76
|
719 $log_error = true;
|
|
Chris@76
|
720 }
|
|
Chris@76
|
721 }
|
|
Chris@76
|
722
|
|
Chris@76
|
723 // Well, first of all, if a from_action is specified you'd better have an old_url.
|
|
Chris@76
|
724 if (!empty($from_action) && (!isset($_SESSION['old_url']) || preg_match('~[?;&]action=' . $from_action . '([;&]|$)~', $_SESSION['old_url']) == 0))
|
|
Chris@76
|
725 {
|
|
Chris@76
|
726 $error = 'verify_url_fail';
|
|
Chris@76
|
727 $log_error = true;
|
|
Chris@76
|
728 }
|
|
Chris@76
|
729
|
|
Chris@76
|
730 if (strtolower($_SERVER['HTTP_USER_AGENT']) == 'hacker')
|
|
Chris@76
|
731 fatal_error('Sound the alarm! It\'s a hacker! Close the castle gates!!', false);
|
|
Chris@76
|
732
|
|
Chris@76
|
733 // Everything is ok, return an empty string.
|
|
Chris@76
|
734 if (!isset($error))
|
|
Chris@76
|
735 return '';
|
|
Chris@76
|
736 // A session error occurred, show the error.
|
|
Chris@76
|
737 elseif ($is_fatal)
|
|
Chris@76
|
738 {
|
|
Chris@76
|
739 if (isset($_GET['xml']))
|
|
Chris@76
|
740 {
|
|
Chris@76
|
741 ob_end_clean();
|
|
Chris@76
|
742 header('HTTP/1.1 403 Forbidden - Session timeout');
|
|
Chris@76
|
743 die;
|
|
Chris@76
|
744 }
|
|
Chris@76
|
745 else
|
|
Chris@76
|
746 fatal_lang_error($error, isset($log_error) ? 'user' : false);
|
|
Chris@76
|
747 }
|
|
Chris@76
|
748 // A session error occurred, return the error to the calling function.
|
|
Chris@76
|
749 else
|
|
Chris@76
|
750 return $error;
|
|
Chris@76
|
751
|
|
Chris@76
|
752 // We really should never fall through here, for very important reasons. Let's make sure.
|
|
Chris@76
|
753 trigger_error('Hacking attempt...', E_USER_ERROR);
|
|
Chris@76
|
754 }
|
|
Chris@76
|
755
|
|
Chris@76
|
756 // Check if a specific confirm parameter was given.
|
|
Chris@76
|
757 function checkConfirm($action)
|
|
Chris@76
|
758 {
|
|
Chris@76
|
759 global $modSettings;
|
|
Chris@76
|
760
|
|
Chris@76
|
761 if (isset($_GET['confirm']) && isset($_SESSION['confirm_' . $action]) && md5($_GET['confirm'] . $_SERVER['HTTP_USER_AGENT']) == $_SESSION['confirm_' . $action])
|
|
Chris@76
|
762 return true;
|
|
Chris@76
|
763
|
|
Chris@76
|
764 else
|
|
Chris@76
|
765 {
|
|
Chris@76
|
766 $token = md5(mt_rand() . session_id() . (string) microtime() . $modSettings['rand_seed']);
|
|
Chris@76
|
767 $_SESSION['confirm_' . $action] = md5($token . $_SERVER['HTTP_USER_AGENT']);
|
|
Chris@76
|
768
|
|
Chris@76
|
769 return $token;
|
|
Chris@76
|
770 }
|
|
Chris@76
|
771 }
|
|
Chris@76
|
772
|
|
Chris@76
|
773 // Check whether a form has been submitted twice.
|
|
Chris@76
|
774 function checkSubmitOnce($action, $is_fatal = true)
|
|
Chris@76
|
775 {
|
|
Chris@76
|
776 global $context;
|
|
Chris@76
|
777
|
|
Chris@76
|
778 if (!isset($_SESSION['forms']))
|
|
Chris@76
|
779 $_SESSION['forms'] = array();
|
|
Chris@76
|
780
|
|
Chris@76
|
781 // Register a form number and store it in the session stack. (use this on the page that has the form.)
|
|
Chris@76
|
782 if ($action == 'register')
|
|
Chris@76
|
783 {
|
|
Chris@76
|
784 $context['form_sequence_number'] = 0;
|
|
Chris@76
|
785 while (empty($context['form_sequence_number']) || in_array($context['form_sequence_number'], $_SESSION['forms']))
|
|
Chris@76
|
786 $context['form_sequence_number'] = mt_rand(1, 16000000);
|
|
Chris@76
|
787 }
|
|
Chris@76
|
788 // Check whether the submitted number can be found in the session.
|
|
Chris@76
|
789 elseif ($action == 'check')
|
|
Chris@76
|
790 {
|
|
Chris@76
|
791 if (!isset($_REQUEST['seqnum']))
|
|
Chris@76
|
792 return true;
|
|
Chris@76
|
793 elseif (!in_array($_REQUEST['seqnum'], $_SESSION['forms']))
|
|
Chris@76
|
794 {
|
|
Chris@76
|
795 $_SESSION['forms'][] = (int) $_REQUEST['seqnum'];
|
|
Chris@76
|
796 return true;
|
|
Chris@76
|
797 }
|
|
Chris@76
|
798 elseif ($is_fatal)
|
|
Chris@76
|
799 fatal_lang_error('error_form_already_submitted', false);
|
|
Chris@76
|
800 else
|
|
Chris@76
|
801 return false;
|
|
Chris@76
|
802 }
|
|
Chris@76
|
803 // Don't check, just free the stack number.
|
|
Chris@76
|
804 elseif ($action == 'free' && isset($_REQUEST['seqnum']) && in_array($_REQUEST['seqnum'], $_SESSION['forms']))
|
|
Chris@76
|
805 $_SESSION['forms'] = array_diff($_SESSION['forms'], array($_REQUEST['seqnum']));
|
|
Chris@76
|
806 elseif ($action != 'free')
|
|
Chris@76
|
807 trigger_error('checkSubmitOnce(): Invalid action \'' . $action . '\'', E_USER_WARNING);
|
|
Chris@76
|
808 }
|
|
Chris@76
|
809
|
|
Chris@76
|
810 // Check the user's permissions.
|
|
Chris@76
|
811 function allowedTo($permission, $boards = null)
|
|
Chris@76
|
812 {
|
|
Chris@76
|
813 global $user_info, $modSettings, $smcFunc;
|
|
Chris@76
|
814
|
|
Chris@76
|
815 // You're always allowed to do nothing. (unless you're a working man, MR. LAZY :P!)
|
|
Chris@76
|
816 if (empty($permission))
|
|
Chris@76
|
817 return true;
|
|
Chris@76
|
818
|
|
Chris@76
|
819 // You're never allowed to do something if your data hasn't been loaded yet!
|
|
Chris@76
|
820 if (empty($user_info))
|
|
Chris@76
|
821 return false;
|
|
Chris@76
|
822
|
|
Chris@76
|
823 // Administrators are supermen :P.
|
|
Chris@76
|
824 if ($user_info['is_admin'])
|
|
Chris@76
|
825 return true;
|
|
Chris@76
|
826
|
|
Chris@76
|
827 // Are we checking the _current_ board, or some other boards?
|
|
Chris@76
|
828 if ($boards === null)
|
|
Chris@76
|
829 {
|
|
Chris@76
|
830 // Check if they can do it.
|
|
Chris@76
|
831 if (!is_array($permission) && in_array($permission, $user_info['permissions']))
|
|
Chris@76
|
832 return true;
|
|
Chris@76
|
833 // Search for any of a list of permissions.
|
|
Chris@76
|
834 elseif (is_array($permission) && count(array_intersect($permission, $user_info['permissions'])) != 0)
|
|
Chris@76
|
835 return true;
|
|
Chris@76
|
836 // You aren't allowed, by default.
|
|
Chris@76
|
837 else
|
|
Chris@76
|
838 return false;
|
|
Chris@76
|
839 }
|
|
Chris@76
|
840 elseif (!is_array($boards))
|
|
Chris@76
|
841 $boards = array($boards);
|
|
Chris@76
|
842
|
|
Chris@76
|
843 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
844 SELECT MIN(bp.add_deny) AS add_deny
|
|
Chris@76
|
845 FROM {db_prefix}boards AS b
|
|
Chris@76
|
846 INNER JOIN {db_prefix}board_permissions AS bp ON (bp.id_profile = b.id_profile)
|
|
Chris@76
|
847 LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})
|
|
Chris@76
|
848 WHERE b.id_board IN ({array_int:board_list})
|
|
Chris@76
|
849 AND bp.id_group IN ({array_int:group_list}, {int:moderator_group})
|
|
Chris@76
|
850 AND bp.permission {raw:permission_list}
|
|
Chris@76
|
851 AND (mods.id_member IS NOT NULL OR bp.id_group != {int:moderator_group})
|
|
Chris@76
|
852 GROUP BY b.id_board',
|
|
Chris@76
|
853 array(
|
|
Chris@76
|
854 'current_member' => $user_info['id'],
|
|
Chris@76
|
855 'board_list' => $boards,
|
|
Chris@76
|
856 'group_list' => $user_info['groups'],
|
|
Chris@76
|
857 'moderator_group' => 3,
|
|
Chris@76
|
858 'permission_list' => (is_array($permission) ? 'IN (\'' . implode('\', \'', $permission) . '\')' : ' = \'' . $permission . '\''),
|
|
Chris@76
|
859 )
|
|
Chris@76
|
860 );
|
|
Chris@76
|
861
|
|
Chris@76
|
862 // Make sure they can do it on all of the boards.
|
|
Chris@76
|
863 if ($smcFunc['db_num_rows']($request) != count($boards))
|
|
Chris@76
|
864 return false;
|
|
Chris@76
|
865
|
|
Chris@76
|
866 $result = true;
|
|
Chris@76
|
867 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
868 $result &= !empty($row['add_deny']);
|
|
Chris@76
|
869 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
870
|
|
Chris@76
|
871 // If the query returned 1, they can do it... otherwise, they can't.
|
|
Chris@76
|
872 return $result;
|
|
Chris@76
|
873 }
|
|
Chris@76
|
874
|
|
Chris@76
|
875 // Fatal error if they cannot...
|
|
Chris@76
|
876 function isAllowedTo($permission, $boards = null)
|
|
Chris@76
|
877 {
|
|
Chris@76
|
878 global $user_info, $txt;
|
|
Chris@76
|
879
|
|
Chris@76
|
880 static $heavy_permissions = array(
|
|
Chris@76
|
881 'admin_forum',
|
|
Chris@76
|
882 'manage_attachments',
|
|
Chris@76
|
883 'manage_smileys',
|
|
Chris@76
|
884 'manage_boards',
|
|
Chris@76
|
885 'edit_news',
|
|
Chris@76
|
886 'moderate_forum',
|
|
Chris@76
|
887 'manage_bans',
|
|
Chris@76
|
888 'manage_membergroups',
|
|
Chris@76
|
889 'manage_permissions',
|
|
Chris@76
|
890 );
|
|
Chris@76
|
891
|
|
Chris@76
|
892 // Make it an array, even if a string was passed.
|
|
Chris@76
|
893 $permission = is_array($permission) ? $permission : array($permission);
|
|
Chris@76
|
894
|
|
Chris@76
|
895 // Check the permission and return an error...
|
|
Chris@76
|
896 if (!allowedTo($permission, $boards))
|
|
Chris@76
|
897 {
|
|
Chris@76
|
898 // Pick the last array entry as the permission shown as the error.
|
|
Chris@76
|
899 $error_permission = array_shift($permission);
|
|
Chris@76
|
900
|
|
Chris@76
|
901 // If they are a guest, show a login. (because the error might be gone if they do!)
|
|
Chris@76
|
902 if ($user_info['is_guest'])
|
|
Chris@76
|
903 {
|
|
Chris@76
|
904 loadLanguage('Errors');
|
|
Chris@76
|
905 is_not_guest($txt['cannot_' . $error_permission]);
|
|
Chris@76
|
906 }
|
|
Chris@76
|
907
|
|
Chris@76
|
908 // Clear the action because they aren't really doing that!
|
|
Chris@76
|
909 $_GET['action'] = '';
|
|
Chris@76
|
910 $_GET['board'] = '';
|
|
Chris@76
|
911 $_GET['topic'] = '';
|
|
Chris@76
|
912 writeLog(true);
|
|
Chris@76
|
913
|
|
Chris@76
|
914 fatal_lang_error('cannot_' . $error_permission, false);
|
|
Chris@76
|
915
|
|
Chris@76
|
916 // Getting this far is a really big problem, but let's try our best to prevent any cases...
|
|
Chris@76
|
917 trigger_error('Hacking attempt...', E_USER_ERROR);
|
|
Chris@76
|
918 }
|
|
Chris@76
|
919
|
|
Chris@76
|
920 // If you're doing something on behalf of some "heavy" permissions, validate your session.
|
|
Chris@76
|
921 // (take out the heavy permissions, and if you can't do anything but those, you need a validated session.)
|
|
Chris@76
|
922 if (!allowedTo(array_diff($permission, $heavy_permissions), $boards))
|
|
Chris@76
|
923 validateSession();
|
|
Chris@76
|
924 }
|
|
Chris@76
|
925
|
|
Chris@76
|
926 // Return the boards a user has a certain (board) permission on. (array(0) if all.)
|
|
Chris@76
|
927 function boardsAllowedTo($permissions, $check_access = true)
|
|
Chris@76
|
928 {
|
|
Chris@76
|
929 global $user_info, $modSettings, $smcFunc;
|
|
Chris@76
|
930
|
|
Chris@76
|
931 // Administrators are all powerful, sorry.
|
|
Chris@76
|
932 if ($user_info['is_admin'])
|
|
Chris@76
|
933 return array(0);
|
|
Chris@76
|
934
|
|
Chris@76
|
935 // Arrays are nice, most of the time.
|
|
Chris@76
|
936 if (!is_array($permissions))
|
|
Chris@76
|
937 $permissions = array($permissions);
|
|
Chris@76
|
938
|
|
Chris@76
|
939 // All groups the user is in except 'moderator'.
|
|
Chris@76
|
940 $groups = array_diff($user_info['groups'], array(3));
|
|
Chris@76
|
941
|
|
Chris@76
|
942 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
943 SELECT b.id_board, bp.add_deny
|
|
Chris@76
|
944 FROM {db_prefix}board_permissions AS bp
|
|
Chris@76
|
945 INNER JOIN {db_prefix}boards AS b ON (b.id_profile = bp.id_profile)
|
|
Chris@76
|
946 LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})
|
|
Chris@76
|
947 WHERE bp.id_group IN ({array_int:group_list}, {int:moderator_group})
|
|
Chris@76
|
948 AND bp.permission IN ({array_string:permissions})
|
|
Chris@76
|
949 AND (mods.id_member IS NOT NULL OR bp.id_group != {int:moderator_group})' .
|
|
Chris@76
|
950 ($check_access ? ' AND {query_see_board}' : ''),
|
|
Chris@76
|
951 array(
|
|
Chris@76
|
952 'current_member' => $user_info['id'],
|
|
Chris@76
|
953 'group_list' => $groups,
|
|
Chris@76
|
954 'moderator_group' => 3,
|
|
Chris@76
|
955 'permissions' => $permissions,
|
|
Chris@76
|
956 )
|
|
Chris@76
|
957 );
|
|
Chris@76
|
958 $boards = array();
|
|
Chris@76
|
959 $deny_boards = array();
|
|
Chris@76
|
960 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
961 {
|
|
Chris@76
|
962 if (empty($row['add_deny']))
|
|
Chris@76
|
963 $deny_boards[] = $row['id_board'];
|
|
Chris@76
|
964 else
|
|
Chris@76
|
965 $boards[] = $row['id_board'];
|
|
Chris@76
|
966 }
|
|
Chris@76
|
967 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
968
|
|
Chris@76
|
969 $boards = array_unique(array_values(array_diff($boards, $deny_boards)));
|
|
Chris@76
|
970
|
|
Chris@76
|
971 return $boards;
|
|
Chris@76
|
972 }
|
|
Chris@76
|
973
|
|
Chris@76
|
974 function showEmailAddress($userProfile_hideEmail, $userProfile_id)
|
|
Chris@76
|
975 {
|
|
Chris@76
|
976 global $modSettings, $user_info;
|
|
Chris@76
|
977
|
|
Chris@76
|
978 // Should this users email address be shown?
|
|
Chris@76
|
979 // If you're guest and the forum is set to hide email for guests: no.
|
|
Chris@76
|
980 // If the user is post-banned: no.
|
|
Chris@76
|
981 // If it's your own profile and you've set your address hidden: yes_permission_override.
|
|
Chris@76
|
982 // If you're a moderator with sufficient permissions: yes_permission_override.
|
|
Chris@76
|
983 // If the user has set their email address to be hidden: no.
|
|
Chris@76
|
984 // If the forum is set to show full email addresses: yes.
|
|
Chris@76
|
985 // Otherwise: no_through_forum.
|
|
Chris@76
|
986
|
|
Chris@76
|
987 return (!empty($modSettings['guest_hideContacts']) && $user_info['is_guest']) || isset($_SESSION['ban']['cannot_post']) ? 'no' : ((!$user_info['is_guest'] && $user_info['id'] == $userProfile_id && !$userProfile_hideEmail) || allowedTo('moderate_forum') ? 'yes_permission_override' : ($userProfile_hideEmail ? 'no' : (!empty($modSettings['make_email_viewable']) ? 'yes' : 'no_through_forum')));
|
|
Chris@76
|
988 }
|
|
Chris@76
|
989
|
|
Chris@76
|
990 ?> |
