Security line in all includes changed
[mailer.git] / inc / modules / guest / what-login.php
index de77d7f..ad2c106 100644 (file)
@@ -33,7 +33,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
@@ -47,15 +47,13 @@ global $DATA, $FATAL;
 $probe_nickname = false; $uid = false; $hash = "";
 unset($login); unset($online);
 
-if ((!empty($GLOBALS['userid'])) && (isSessionVariableSet('u_hash')))
-{
+if ((!empty($GLOBALS['userid'])) && (isSessionVariableSet('u_hash'))) {
        // Already logged in?
        $uid = $GLOBALS['userid'];
 } elseif ((!empty($_POST['id'])) && (!empty($_POST['password'])) && (isset($_POST['ok']))) {
        // Set userid and crypt password when login data was submitted
-       $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($_POST['id'])."") != $_POST['id']));
-       if ($probe_nickname)
-       {
+       $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".bigintval($_POST['id'])."") != $_POST['id']));
+       if ($probe_nickname === true) {
                // Nickname entered
                $uid = SQL_ESCAPE($_POST['id']);
        } else {
@@ -79,6 +77,9 @@ if (empty($_GET['login']))     $_GET['login']     = "";
 if (IS_MEMBER()) {
        // Login immidiately...
        $URL = URL."/modules.php?module=login";
+} elseif ((isset($_POST['ok'])) && ("".$uid."" != "".$_POST['id']."")) {
+       // Invalid input (no nickname extension installed but nickname entered)
+       $ERROR = CODE_EXTENSION_PROBLEM;
 } elseif (isset($_POST['ok'])) {
        // Add last_login if available
        $LAST = "";
@@ -88,112 +89,112 @@ if (IS_MEMBER()) {
 
        // Check login data
        $password = "";
-       if ($probe_nickname) {
+       if ($probe_nickname === true) {
                // Nickname entered
                $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$LAST." FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' AND status='CONFIRMED' LIMIT 1",
                 array($uid), __FILE__, __LINE__);
                list($uid2, $password, $online, $login) = SQL_FETCHROW($result);
-               if (!empty($uid2)) $uid = $uid2;
+               if (!empty($uid2)) $uid = bigintval($uid2);
        } else {
                // Direct userid entered
                $result = SQL_QUERY_ESC("SELECT userid, password, last_online".$LAST." FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
-                array(bigintval($uid), $hash), __FILE__, __LINE__);
+                array($uid, $hash), __FILE__, __LINE__);
                list($dmy, $password, $online, $login) = SQL_FETCHROW($result);
        }
+
+       // Is there an entry?
        if (SQL_NUMROWS($result) == 1) {
-               // Valid data found so let's load the last login data
-               if (isset($_POST['ok'])) {
-                       // By default the hash is empty
-                       $hash = "";
-
-                       // Check for old MD5 passwords
-                       if ((strlen($password) == 32) && (md5($_POST['password']) == $password)) {
-                               // Just set the hash to the password from DB... :)
-                               $hash = $password;
-                       } else {
-                               // Encrypt hash for comparsion
-                               $hash = generateHash($_POST['password'], substr($password, 0, -40));
-                       }
+               // By default the hash is empty
+               $hash = "";
 
-                       if ($hash == $password) {
-                               // New hashed password found so let's generate a new one
-                               $hash = generateHash($_POST['password']);
+               // Check for old MD5 passwords
+               if ((strlen($password) == 32) && (md5($_POST['password']) == $password)) {
+                       // Just set the hash to the password from DB... :)
+                       $hash = $password;
+               } else {
+                       // Encrypt hash for comparsion
+                       $hash = generateHash($_POST['password'], substr($password, 0, -40));
+               }
 
-                               // ... and update database
-                               $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET password='%s' WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
-                                array($hash, $uid), __FILE__, __LINE__);
+               if ($hash == $password) {
+                       // New hashed password found so let's generate a new one
+                       $hash = generateHash($_POST['password']);
 
-                               // No login bonus by default
-                               $BONUS = false;
+                       // ... and update database
+                       $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET password='%s' WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
+                        array($hash, $uid), __FILE__, __LINE__);
 
-                               // Probe for last online timemark
-                               $probe = time() -  $online;
-                               if (!empty($login)) $probe = time() - $login;
-                               if ((GET_EXT_VERSION("bonus") >= "0.2.2") && ($probe >= $_CONFIG['login_timeout'])) {
-                                       // Add login bonus to user's account
-                                       $ADD = ", login_bonus=login_bonus+'".$_CONFIG['login_bonus']."'";
-                                       $BONUS = true;
+                       // No login bonus by default
+                       $BONUS = false;
 
-                                       // Subtract login bonus from userid's account or jackpot
-                                       if ((GET_EXT_VERSION("bonus") >= "0.3.5") && ($_CONFIG['bonus_mode'] != "ADD")) BONUS_POINTS_HANDLER('login_bonus');
-                               }
+                       // Probe for last online timemark
+                       $probe = time() -  $online;
+                       if (!empty($login)) $probe = time() - $login;
+                       if ((GET_EXT_VERSION("bonus") >= "0.2.2") && ($probe >= $_CONFIG['login_timeout'])) {
+                               // Add login bonus to user's account
+                               $ADD = ", login_bonus=login_bonus+'".$_CONFIG['login_bonus']."'";
+                               $BONUS = true;
 
+                               // Subtract login bonus from userid's account or jackpot
+                               if ((GET_EXT_VERSION("bonus") >= "0.3.5") && ($_CONFIG['bonus_mode'] != "ADD")) BONUS_POINTS_HANDLER('login_bonus');
+                       } // END - if
 
-                               // Secure lifetime from input form
-                               $l = bigintval($_POST['lifetime']);
-                               $life = "-1";
-                               if ($l > 0) {
-                                       // Calculate lifetime of cookies
-                                       $life = time() + $l;
 
-                                       // Calculate new hash with the secret key and master salt together
-                                       $hash = generatePassString($hash);
+                       // Secure lifetime from input form
+                       $l = bigintval($_POST['lifetime']);
+                       $life = "-1";
+                       if ($l > 0) {
+                               // Calculate lifetime of cookies
+                               $life = time() + $l;
 
-                                       // Update cookies
-                                       $login = (set_session("userid"  , $uid , $life, COOKIE_PATH)
-                                              && set_session("u_hash"  , $hash, $life, COOKIE_PATH)
-                                              && set_session("lifetime", $l   , $life, COOKIE_PATH));
+                               // Calculate new hash with the secret key and master salt together
+                               $hash = generatePassString($hash);
 
-                                       // Update global array
-                                       $GLOBALS['userid'] = bigintval($uid);
-                               } else {
-                                       // Check for login data
-                                       $login = IS_MEMBER();
-                               }
+                               // Update cookies
+                               $login = (set_session("userid"  , $uid , $life, COOKIE_PATH)
+                                      && set_session("u_hash"  , $hash, $life, COOKIE_PATH)
+                                      && set_session("lifetime", $l   , $life, COOKIE_PATH));
+
+                               // Update global array
+                               $GLOBALS['userid'] = $uid;
+                       } else {
+                               // Check for login data
+                               $login = IS_MEMBER();
+                       }
 
-                               if ($login) {
-                                       // Update database records
-                                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET total_logins=total_logins+1".$ADD." WHERE userid=%s LIMIT 1",
-                                        array(bigintval($uid)), __FILE__, __LINE__);
-                                       if (SQL_AFFECTEDROWS() == 1) {
-                                               // Procedure to checking for login data
-                                               if (($BONUS) && (EXT_IS_ACTIVE("bonus"))) {
-                                                       // Bonus added (just displaying!)
-                                                       $URL = URL."/modules.php?module=chk_login&mode=bonus";
-                                               } else {
-                                                       // Bonus not added
-                                                       $URL = URL."/modules.php?module=chk_login&mode=login";
-                                               }
+                       if ($login) {
+                               // Update database records
+                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET total_logins=total_logins+1".$ADD." WHERE userid=%s LIMIT 1",
+                                array($uid), __FILE__, __LINE__);
+                               if (SQL_AFFECTEDROWS() == 1) {
+                                       // Procedure to checking for login data
+                                       if (($BONUS) && (EXT_IS_ACTIVE("bonus"))) {
+                                               // Bonus added (just displaying!)
+                                               $URL = URL."/modules.php?module=chk_login&mode=bonus";
                                        } else {
-                                               // Cannot update counter!
-                                               $URL = URL."/modules.php?module=".$GLOBALS['module']."&what=login&login=".CODE_CNTR_FAILED;
+                                               // Bonus not added
+                                               $URL = URL."/modules.php?module=chk_login&mode=login";
                                        }
                                } else {
-                                       // Cookies not setable!
-                                       $URL = URL."/modules.php?module=".$GLOBALS['module']."&what=login&login=".CODE_NO_COOKIES;
+                                       // Cannot update counter!
+                                       $URL = URL."/modules.php?module=".$GLOBALS['module']."&what=login&login=".CODE_CNTR_FAILED;
                                }
                        } else {
-                               // Wrong password!
-                               $ERROR = CODE_WRONG_PASS;
+                               // Cookies not setable!
+                               $URL = URL."/modules.php?module=".$GLOBALS['module']."&what=login&login=".CODE_NO_COOKIES;
                        }
                } else {
-                       // Fatal error!
-                       $ERROR = CODE_LOGIN_FAILED;
+                       // Update failture counter
+                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET login_failtures=login_failtures+1,last_failture=NOW() WHERE userid=%s LIMIT 1",
+                               array($uid), __FILE__, __LINE__);
+
+                       // Wrong password!
+                       $ERROR = CODE_WRONG_PASS;
                }
        } else {
                // Other account status?
                $result = SQL_QUERY_ESC("SELECT status FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
-                array(bigintval($uid)), __FILE__, __LINE__);
+                array($uid), __FILE__, __LINE__);
                if (SQL_NUMROWS($result) == 1)
                {
                        // Load status
@@ -212,9 +213,7 @@ if (IS_MEMBER()) {
                                $ERROR = CODE_UNKNOWN_STATUS;
                                break;
                        }
-               }
-                else
-               {
+               } else {
                        // ID not found!
                        $ERROR = CODE_WRONG_ID;
                }
@@ -222,9 +221,7 @@ if (IS_MEMBER()) {
                // Construct URL
                $URL = URL."/modules.php?module=".$GLOBALS['module']."&what=login&login=".$ERROR;
        }
-}
- elseif ((!empty($_POST['new_pass'])) && (isset($uid)))
-{
+} elseif ((!empty($_POST['new_pass'])) && (isset($uid))) {
        // Compile email when found in address (only secure chars!)
        if (!empty($_POST['email'])) $_POST['email'] = str_replace("{DOT}", '.', $_POST['email']);
 
@@ -233,44 +230,38 @@ if (IS_MEMBER()) {
 
        // Probe userid/nickname
        $probe_nickname = ((EXT_IS_ACTIVE("nickname")) && (("".round($_POST['id'])."") != $_POST['id']));
-       if ($probe_nickname)
-       {
+       if ($probe_nickname) {
                // Nickname entered
                $result = SQL_QUERY_ESC("SELECT userid, status FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' OR email='%s' LIMIT 1",
                 array(addslashes($uid), $_POST['email']), __FILE__, __LINE__);
-       }
-        else
-       {
+       } else {
                // Direct userid entered
                $result = SQL_QUERY_ESC("SELECT userid, status FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s OR email='%s' LIMIT 1",
-                array(bigintval($uid), $_POST['email']), __FILE__, __LINE__);
+                array($uid, $_POST['email']), __FILE__, __LINE__);
        }
-       if (SQL_NUMROWS($result) == 1)
-       {
+
+       // Any entry found?
+       if (SQL_NUMROWS($result) == 1) {
                // This data is valid, so we create a new pass... :-)
                list($uid, $status) = SQL_FETCHROW($result);
 
-               if ($status == "CONFIRMED")
-               {
+               if ($status == "CONFIRMED") {
                        // Ooppps, this was missing! ;-) We should update the database...
                        $NEW_PASS = GEN_PASS();
                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET password='%s' WHERE userid=%s LIMIT 1",
-                        array(generateHash($NEW_PASS), bigintval($uid)), __FILE__, __LINE__);
+                        array(generateHash($NEW_PASS), $uid), __FILE__, __LINE__);
 
                        // Prepare data and message for email
-                       $msg = LOAD_EMAIL_TEMPLATE("new-pass", array('new_pass' => $NEW_PASS), bigintval($uid));
+                       $msg = LOAD_EMAIL_TEMPLATE("new-pass", array('new_pass' => $NEW_PASS), $uid);
 
                        // ... and send it away
-                       SEND_EMAIL(bigintval($uid), GUEST_NEW_PASSWORD, $msg);
+                       SEND_EMAIL($uid, GUEST_NEW_PASSWORD, $msg);
 
                        // Output note to user
                        LOAD_TEMPLATE("admin_settings_saved", false, GUEST_NEW_PASSWORD_SEND);
-               }
-                else
-               {
+               } else {
                        // Account is locked or unconfirmed
-                       switch ($status)
-                       {
+                       switch ($status) {
                                case "LOCKED"     : $MSG = CODE_ID_LOCKED;      break;
                                case "UNCONFIRMED": $MSG = CODE_ID_UNCONFIRMED; break;
                        }
@@ -278,25 +269,27 @@ if (IS_MEMBER()) {
                        // Load URL
                        LOAD_URL("modules.php?module=".$GLOBALS['module']."&what=login&login=".$MSG);
                }
-       }
-        else
-       {
+       } else {
                // ID or email is wrong
                LOAD_TEMPLATE("admin_settings_saved", false, "<SPAN class=\"guest_failed\">".GUEST_WRONG_ID_EMAIL."</SPAN>");
        }
 }
- else
-{
-       // Login problems?
-       if (!empty($_GET['login']))
-       {
-               // Ok, which one now?
-               $MSG = "<TR>
+
+// Login problems?
+if (!empty($_GET['login'])) {
+       // Use code from URL
+       $ERROR = SQL_ESCAPE($_GET['login']);
+} // END  - if
+
+// Login problems?
+if (!empty($ERROR)) {
+       // Ok, which one now?
+       $MSG = "<TR>
   <TD width=\"10\">&nbsp;</TD>
   <TD colspan=\"7\" align=\"center\">
     <STRONG><SPAN class=\"guest_failed\">";
-               switch ($_GET['login'])
-               {
+
+       switch ($ERROR) {
                case CODE_WRONG_PASS:
                        $MSG .= LOGIN_WRONG_PASS;
                        break;
@@ -317,6 +310,14 @@ if (IS_MEMBER()) {
                        $MSG .= LOGIN_NO_COOKIES;
                        break;
 
+               case CODE_EXTENSION_PROBLEM:
+                       if (IS_ADMIN()) {
+                               $MSG .= sprintf(EXTENSION_PROBLEM_NOT_INSTALLED, "nickname");
+                       } else {
+                               $MSG .= LOGIN_WRONG_ID;
+                       }
+                       break;
+
                default:
                        $MSG .= LOGIN_WRONG_ID;
                        break;
@@ -326,35 +327,29 @@ if (IS_MEMBER()) {
   <TD width=\"10\">&nbsp;</TD>
 </TR>\n";
                define('LOGIN_FAILURE_MSG', $MSG);
-       }
-        else
-       {
-               // No problems, no output
-               define('LOGIN_FAILURE_MSG', "");
-       }
-       // Display login form with resend-password form
-       if (EXT_IS_ACTIVE("nickname"))
-       {
-               LOAD_TEMPLATE("guest_nickname_login");
-       }
-        else
-       {
-               LOAD_TEMPLATE("guest_login");
-       }
+} else {
+       // No problems, no output
+       define('LOGIN_FAILURE_MSG', "");
+}
+
+// Display login form with resend-password form
+if (EXT_IS_ACTIVE("nickname")) {
+       LOAD_TEMPLATE("guest_nickname_login");
+} else {
+       LOAD_TEMPLATE("guest_login");
 }
 
 // Was an URL constructed?
 if (!empty($URL)) {
        // URL was constructed
-       if (!empty($FATAL[0]))
-       {
+       if (!empty($FATAL[0])) {
                // Fatal errors!
                require_once(PATH."inc/fatal_errors.php");
        } else {
                // Load URL
                LOAD_URL($URL);
        }
-}
+} // END - if
 
 //
 ?>