|
 |
d6e8d8 |
|
|
|
d6e8d8 |
/**
|
|
|
d6e8d8 |
* Database auth plug-in for phpBB3
|
|
|
d6e8d8 |
*
|
|
|
d6e8d8 |
* Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
|
|
|
d6e8d8 |
*
|
|
|
d6e8d8 |
* This is for authentication via the integrated user table
|
|
|
d6e8d8 |
*
|
|
|
d6e8d8 |
* @package login
|
|
|
d6e8d8 |
* @version $Id: auth_db.php 8479 2008-03-29 00:22:48Z naderman $
|
|
|
d6e8d8 |
* @copyright (c) 2005 phpBB Group
|
|
|
d6e8d8 |
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
|
|
|
d6e8d8 |
*
|
|
|
d6e8d8 |
*/
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
/**
|
|
|
d6e8d8 |
* @ignore
|
|
|
d6e8d8 |
*/
|
|
|
d6e8d8 |
if (!defined('IN_PHPBB'))
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
exit;
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
/**
|
|
|
d6e8d8 |
* Login function
|
|
|
d6e8d8 |
*/
|
|
|
d6e8d8 |
function login_db(&$username, &$password)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
global $db, $config;
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// do not allow empty password
|
|
|
d6e8d8 |
if (!$password)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_ERROR_PASSWORD,
|
|
|
d6e8d8 |
'error_msg' => 'NO_PASSWORD_SUPPLIED',
|
|
|
d6e8d8 |
'user_row' => array('user_id' => ANONYMOUS),
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
if (!$username)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_ERROR_USERNAME,
|
|
|
d6e8d8 |
'error_msg' => 'LOGIN_ERROR_USERNAME',
|
|
|
d6e8d8 |
'user_row' => array('user_id' => ANONYMOUS),
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
$sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts
|
|
|
d6e8d8 |
FROM ' . USERS_TABLE . "
|
|
|
d6e8d8 |
WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
|
|
|
d6e8d8 |
$result = $db->sql_query($sql);
|
|
|
d6e8d8 |
$row = $db->sql_fetchrow($result);
|
|
|
d6e8d8 |
$db->sql_freeresult($result);
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
if (!$row)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_ERROR_USERNAME,
|
|
|
d6e8d8 |
'error_msg' => 'LOGIN_ERROR_USERNAME',
|
|
|
d6e8d8 |
'user_row' => array('user_id' => ANONYMOUS),
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// If there are too much login attempts, we need to check for an confirm image
|
|
|
d6e8d8 |
// Every auth module is able to define what to do by itself...
|
|
|
d6e8d8 |
if ($config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts'])
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
$confirm_id = request_var('confirm_id', '');
|
|
|
d6e8d8 |
$confirm_code = request_var('confirm_code', '');
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// Visual Confirmation handling
|
|
|
d6e8d8 |
if (!$confirm_id)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_ERROR_ATTEMPTS,
|
|
|
d6e8d8 |
'error_msg' => 'LOGIN_ERROR_ATTEMPTS',
|
|
|
d6e8d8 |
'user_row' => $row,
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
else
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
global $user;
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
$sql = 'SELECT code
|
|
|
d6e8d8 |
FROM ' . CONFIRM_TABLE . "
|
|
|
d6e8d8 |
WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
|
|
|
d6e8d8 |
AND session_id = '" . $db->sql_escape($user->session_id) . "'
|
|
|
d6e8d8 |
AND confirm_type = " . CONFIRM_LOGIN;
|
|
|
d6e8d8 |
$result = $db->sql_query($sql);
|
|
|
d6e8d8 |
$confirm_row = $db->sql_fetchrow($result);
|
|
|
d6e8d8 |
$db->sql_freeresult($result);
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
if ($confirm_row)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
if (strcasecmp($confirm_row['code'], $confirm_code) === 0)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
|
|
|
d6e8d8 |
WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
|
|
|
d6e8d8 |
AND session_id = '" . $db->sql_escape($user->session_id) . "'
|
|
|
d6e8d8 |
AND confirm_type = " . CONFIRM_LOGIN;
|
|
|
d6e8d8 |
$db->sql_query($sql);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
else
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_ERROR_ATTEMPTS,
|
|
|
d6e8d8 |
'error_msg' => 'CONFIRM_CODE_WRONG',
|
|
|
d6e8d8 |
'user_row' => $row,
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
else
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_ERROR_ATTEMPTS,
|
|
|
d6e8d8 |
'error_msg' => 'CONFIRM_CODE_WRONG',
|
|
|
d6e8d8 |
'user_row' => $row,
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// If the password convert flag is set we need to convert it
|
|
|
d6e8d8 |
if ($row['user_pass_convert'])
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
// in phpBB2 passwords were used exactly as they were sent, with addslashes applied
|
|
|
d6e8d8 |
$password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : '';
|
|
|
d6e8d8 |
$password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format;
|
|
|
d6e8d8 |
$password_new_format = '';
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
set_var($password_new_format, stripslashes($password_old_format), 'string');
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
if ($password == $password_new_format)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
if (!function_exists('utf8_to_cp1252'))
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
global $phpbb_root_path, $phpEx;
|
|
|
d6e8d8 |
include($phpbb_root_path . 'includes/utf/data/recode_basic.' . $phpEx);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding
|
|
|
d6e8d8 |
if (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password'])
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
$hash = phpbb_hash($password_new_format);
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// Update the password in the users table to the new format and remove user_pass_convert flag
|
|
|
d6e8d8 |
$sql = 'UPDATE ' . USERS_TABLE . '
|
|
|
d6e8d8 |
SET user_password = \'' . $db->sql_escape($hash) . '\',
|
|
|
d6e8d8 |
user_pass_convert = 0
|
|
|
d6e8d8 |
WHERE user_id = ' . $row['user_id'];
|
|
|
d6e8d8 |
$db->sql_query($sql);
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
$row['user_pass_convert'] = 0;
|
|
|
d6e8d8 |
$row['user_password'] = $hash;
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
else
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
// Although we weren't able to convert this password we have to
|
|
|
d6e8d8 |
// increase login attempt count to make sure this cannot be exploited
|
|
|
d6e8d8 |
$sql = 'UPDATE ' . USERS_TABLE . '
|
|
|
d6e8d8 |
SET user_login_attempts = user_login_attempts + 1
|
|
|
d6e8d8 |
WHERE user_id = ' . $row['user_id'];
|
|
|
d6e8d8 |
$db->sql_query($sql);
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_ERROR_PASSWORD_CONVERT,
|
|
|
d6e8d8 |
'error_msg' => 'LOGIN_ERROR_PASSWORD_CONVERT',
|
|
|
d6e8d8 |
'user_row' => $row,
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// Check password ...
|
|
|
d6e8d8 |
if (!$row['user_pass_convert'] && phpbb_check_hash($password, $row['user_password']))
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
// Check for old password hash...
|
|
|
d6e8d8 |
if (strlen($row['user_password']) == 32)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
$hash = phpbb_hash($password);
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// Update the password in the users table to the new format
|
|
|
d6e8d8 |
$sql = 'UPDATE ' . USERS_TABLE . "
|
|
|
d6e8d8 |
SET user_password = '" . $db->sql_escape($hash) . "',
|
|
|
d6e8d8 |
user_pass_convert = 0
|
|
|
d6e8d8 |
WHERE user_id = {$row['user_id']}";
|
|
|
d6e8d8 |
$db->sql_query($sql);
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
$row['user_password'] = $hash;
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
if ($row['user_login_attempts'] != 0)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
// Successful, reset login attempts (the user passed all stages)
|
|
|
d6e8d8 |
$sql = 'UPDATE ' . USERS_TABLE . '
|
|
|
d6e8d8 |
SET user_login_attempts = 0
|
|
|
d6e8d8 |
WHERE user_id = ' . $row['user_id'];
|
|
|
d6e8d8 |
$db->sql_query($sql);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// User inactive...
|
|
|
d6e8d8 |
if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
|
|
|
d6e8d8 |
{
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_ERROR_ACTIVE,
|
|
|
d6e8d8 |
'error_msg' => 'ACTIVE_ERROR',
|
|
|
d6e8d8 |
'user_row' => $row,
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// Successful login... set user_login_attempts to zero...
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_SUCCESS,
|
|
|
d6e8d8 |
'error_msg' => false,
|
|
|
d6e8d8 |
'user_row' => $row,
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// Password incorrect - increase login attempts
|
|
|
d6e8d8 |
$sql = 'UPDATE ' . USERS_TABLE . '
|
|
|
d6e8d8 |
SET user_login_attempts = user_login_attempts + 1
|
|
|
d6e8d8 |
WHERE user_id = ' . $row['user_id'];
|
|
|
d6e8d8 |
$db->sql_query($sql);
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
// Give status about wrong password...
|
|
|
d6e8d8 |
return array(
|
|
|
d6e8d8 |
'status' => LOGIN_ERROR_PASSWORD,
|
|
|
d6e8d8 |
'error_msg' => 'LOGIN_ERROR_PASSWORD',
|
|
|
d6e8d8 |
'user_row' => $row,
|
|
|
d6e8d8 |
);
|
|
|
d6e8d8 |
}
|
|
|
d6e8d8 |
|
|
|
d6e8d8 |
?>
|