From: Roland Häder Date: Sun, 14 Sep 2008 23:46:06 +0000 (+0000) Subject: - Login failtures added to admin/member menu X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=commitdiff_plain;h=4db052cce49f60b6d9cc0f1c06b95cdd99f904ad - Login failtures added to admin/member menu - Some extensions had dropped config columns -> FIXED - Cache system now supports version number of one (!) extension --- diff --git a/.gitattributes b/.gitattributes index e73e21b501..cff1cc367f 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1219,6 +1219,7 @@ templates/de/html/install/install_welcome.tpl -text templates/de/html/lead_code.tpl -text templates/de/html/loader.tpl -text templates/de/html/login_failed_js.tpl -text +templates/de/html/login_failtures.tpl -text templates/de/html/mailid/.htaccess -text templates/de/html/mailid/mailid_banner.tpl -text templates/de/html/mailid/mailid_confirm_buttom.tpl -text diff --git a/inc/databases.php b/inc/databases.php index 66cd2d05e8..327f7c7a8b 100644 --- a/inc/databases.php +++ b/inc/databases.php @@ -114,7 +114,7 @@ define('USAGE_BASE', "usage"); define('SERVER_URL', "http://www.mxchange.org"); // This current patch level -define('CURR_SVN_REVISION', "328"); +define('CURR_SVN_REVISION', "329"); // Take a prime number which is long (if you know a longer one please try it out!) define('_PRIME', 591623); diff --git a/inc/extensions/ext-admins.php b/inc/extensions/ext-admins.php index 119c33010f..89d634fb7a 100644 --- a/inc/extensions/ext-admins.php +++ b/inc/extensions/ext-admins.php @@ -32,20 +32,19 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ +if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } // Version of this extension -$EXT_VERSION = "0.6.9"; +$EXT_VERSION = "0.7.0"; // Auto-set extension version if (empty($EXT_VER)) $EXT_VER = $EXT_VERSION; // Version history array (add more with , "0.1" and so on) -$EXT_VER_HISTORY = array("0.0", "0.1", "0.2", "0.3", "0.3.1", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9", "0.5.0", "0.5.1", "0.5.2", "0.5.3", "0.5.4", "0.5.5", "0.5.6", "0.5.7", "0.5.8", "0.5.9", "0.6.0", "0.6.1", "0.6.2", "0.6.3", "0.6.4", "0.6.5", "0.6.6", "0.6.7", "0.6.8", "0.6.9"); +$EXT_VER_HISTORY = array("0.0", "0.1", "0.2", "0.3", "0.3.1", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9", "0.5.0", "0.5.1", "0.5.2", "0.5.3", "0.5.4", "0.5.5", "0.5.6", "0.5.7", "0.5.8", "0.5.9", "0.6.0", "0.6.1", "0.6.2", "0.6.3", "0.6.4", "0.6.5", "0.6.6", "0.6.7", "0.6.8", "0.6.9", "0.7.0"); switch ($EXT_LOAD_MODE) { @@ -61,7 +60,6 @@ case "remove": // Do stuff when removing extension // SQL commands to run $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE action='admins' LIMIT 5"; $SQLs[] = "DROP TABLE "._MYSQL_PREFIX."_admins_acls"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP admins_default_acl"; $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins DROP default_acl"; break; @@ -276,6 +274,14 @@ PRIMARY KEY (id) // Update notes (these will be set as task text!) $UPDATE_NOTES = "Verwaltung nach Management umbenannt."; break; + + case "0.7.0": // SQL queries for v0.7.0 + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins ADD login_failtures BIGINT(20) UNSIGNED NOT NULL DEFAULT 0"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins ADD last_failture TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00'"; + + // Update notes (these will be set as task text!) + $UPDATE_NOTES = "Fehlgeschlagene Login-Versuche werden nun mitgezählt und der letzte vermerkt."; + break; } break; diff --git a/inc/extensions/ext-birthday.php b/inc/extensions/ext-birthday.php index 8cbf2b954d..1893fec46f 100644 --- a/inc/extensions/ext-birthday.php +++ b/inc/extensions/ext-birthday.php @@ -57,7 +57,6 @@ case "register": // Do stuff when installtion is running (modules.php?module=adm case "remove": // Do stuff when removing extension // SQL commands to run $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data DROP birthday_sent"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP birthday_points"; $SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_user_birthday"; $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE what='config_birthday' LIMIT 1"; break; diff --git a/inc/extensions/ext-cache.php b/inc/extensions/ext-cache.php index 4df414fa19..bf11d0da1f 100644 --- a/inc/extensions/ext-cache.php +++ b/inc/extensions/ext-cache.php @@ -61,9 +61,6 @@ case "register": // Do stuff when installtion is running (modules.php?module=adm case "remove": // Do stuff when removing extension // SQL commands to run $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE what='config_cache' OR what='cache_stats' LIMIT 2"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP cache_update"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP cache_path"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP cache_tested"; break; case "activate": // Do stuff when admin activates this extension diff --git a/inc/extensions/ext-newsletter.php b/inc/extensions/ext-newsletter.php index 04ab4c2c39..331f0853ee 100644 --- a/inc/extensions/ext-newsletter.php +++ b/inc/extensions/ext-newsletter.php @@ -134,7 +134,6 @@ case "update": // Update an extension break; case "0.1.1": // SQL queries for v0.1.1 - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP nl_currency"; // Update notes (these will be set as task text!) $UPDATE_NOTES = "Währung auf die Erweiterung ext-other.zip verlagert. Bitte auch diese aktualisieren."; diff --git a/inc/extensions/ext-order.php b/inc/extensions/ext-order.php index 8c72e86f92..bed01eaf14 100644 --- a/inc/extensions/ext-order.php +++ b/inc/extensions/ext-order.php @@ -55,7 +55,6 @@ case "register": // Do stuff when installtion is running (modules.php?module=adm case "remove": // Do stuff when removing extension // SQL commands to run - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP order_max_full"; $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE what='config_order' LIMIT 1"; break; diff --git a/inc/extensions/ext-sql_patches.php b/inc/extensions/ext-sql_patches.php index 2ed851d3fa..33dc3c9836 100644 --- a/inc/extensions/ext-sql_patches.php +++ b/inc/extensions/ext-sql_patches.php @@ -38,13 +38,13 @@ if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF']))) { } // Version number -$EXT_VERSION = "0.4.6"; +$EXT_VERSION = "0.4.7"; // Auto-set extension version if (!isset($EXT_VER)) $EXT_VER = $EXT_VERSION; // Version history array (add more with , "0.1" and so on) -$EXT_VER_HISTORY = array("0.0", "0.0.1", "0.0.2", "0.0.3", "0.0.4", "0.0.5", "0.0.6", "0.0.7", "0.0.8", "0.0.9", "0.1.0", "0.1.1", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.1.7", "0.1.8", "0.1.9", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6", "0.2.7", "0.2.8", "0.2.9", "0.3.0", "0.3.1", "0.3.2", "0.3.3", "0.3.4", "0.3.5", "0.3.6", "0.3.7", "0.3.8", "0.3.9", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6"); +$EXT_VER_HISTORY = array("0.0", "0.0.1", "0.0.2", "0.0.3", "0.0.4", "0.0.5", "0.0.6", "0.0.7", "0.0.8", "0.0.9", "0.1.0", "0.1.1", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.1.7", "0.1.8", "0.1.9", "0.2.0", "0.2.1", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6", "0.2.7", "0.2.8", "0.2.9", "0.3.0", "0.3.1", "0.3.2", "0.3.3", "0.3.4", "0.3.5", "0.3.6", "0.3.7", "0.3.8", "0.3.9", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7"); switch ($EXT_LOAD_MODE) { @@ -85,6 +85,41 @@ action='account'"; $SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_admin_menu_las"; $SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_admin_menu_las_data"; $SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_admin_menu_stats"; + + // Drop indexes + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_extensions DROP UNIQUE KEY (ext_name)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_themes DROP UNIQUE KEY (theme_path)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_themes DROP INDEX (theme_active)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins DROP UNIQUE KEY (login)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data DROP INDEX (status)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_refbanner DROP INDEX (visible)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_refdepths DROP UNIQUE KEY (level)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_refsystem DROP INDEX (level)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_pool DROP INDEX (data_type)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_mod_reg DROP UNIQUE KEY (module)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admin_menu DROP INDEX (action)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admin_menu DROP INDEX (what)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_task_system DROP INDEX (task_type)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_task_system DROP INDEX (status)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_task_system DROP INDEX (task_created)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_task_system DROP FULLTEXT (subject)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_task_system DROP INDEX (subject)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_extensions DROP INDEX (ext_active)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data DROP INDEX (status)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data DROP FULLTEXT (family)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data DROP INDEX (max_mails)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data DROP INDEX (password)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_guest_menu DROP INDEX (action)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_guest_menu DROP INDEX (what)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_guest_menu DROP INDEX (sort)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_guest_menu DROP INDEX (visible)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_guest_menu DROP INDEX (locked)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_member_menu DROP INDEX (what)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_member_menu DROP INDEX (sort)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_member_menu DROP INDEX (visible)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_member_menu DROP INDEX (locked)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_cats DROP INDEX (visible)"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_cats DROP INDEX (sort)"; break; case "activate": // Do stuff when admin activates this extension @@ -573,6 +608,14 @@ PRIMARY KEY (id) // Update notes (these will be set as task text!) $UPDATE_NOTES = "Offensives Wort "Sex" gegen "Gender" ausgetauscht."; break; + + case "0.4.7": // SQL queries for v0.4.7 + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data ADD login_failtures BIGINT(20) UNSIGNED NOT NULL DEFAULT 0"; + $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data ADD last_failture TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00'"; + + // Update notes (these will be set as task text!) + $UPDATE_NOTES = "Fehlgeschlagene Login-Versuche werden nun mitgezählt und der letzte vermerkt."; + break; } break; diff --git a/inc/extensions/ext-top10.php b/inc/extensions/ext-top10.php index 0ec4802f29..71de163105 100644 --- a/inc/extensions/ext-top10.php +++ b/inc/extensions/ext-top10.php @@ -63,7 +63,6 @@ case "remove": // Do stuff when removing extension // SQL commands to run $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_guest_menu WHERE what='top10' LIMIT 1"; $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE what='config_top10' LIMIT 1"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP top10_max"; break; case "activate": // Do stuff when admin activates this extension diff --git a/inc/extensions/ext-transfer.php b/inc/extensions/ext-transfer.php index 907583ad06..13a10276b5 100644 --- a/inc/extensions/ext-transfer.php +++ b/inc/extensions/ext-transfer.php @@ -108,11 +108,6 @@ case "remove": // Do stuff when removing extension $SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_user_transfers_out"; $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE action='transfer' LIMIT 4"; $SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_member_menu WHERE what='transfer' LIMIT 1"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP transfer_max"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP transfer_age"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP transfer_timeout"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP transfer_balance"; - $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP transfer_code"; $SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_user_data DROP opt_in"; break; diff --git a/inc/libs/cache_functions.php b/inc/libs/cache_functions.php index 1394c129b3..f3496a5ccb 100644 --- a/inc/libs/cache_functions.php +++ b/inc/libs/cache_functions.php @@ -47,6 +47,8 @@ class mxchange_cache var $cache_inc = ""; var $cache_ctime = 0; var $cache_pointer = false; + var $cache_data = ""; + var $cache_version = ""; // Constructor function mxchange_cache($interval, $path, $tested) { @@ -156,7 +158,7 @@ class mxchange_cache } // END - if // Write cache line to file - @fwrite($this->cache_pointer, "\$data['".$k."'][] = \"".$v."\";\n"); + @fwrite($this->cache_pointer, $this->add_raw_row($k, $v)); } } else { // Cannot create file @@ -186,27 +188,35 @@ class mxchange_cache } } - function cache_load() - { + function cache_load() { + // Is the cache file there? if (FILE_READABLE($this->cache_inc)) { // Prepare temporary array $data = array(); // Load cache file - $cache = implode("", file($this->cache_inc)); + $this->cache_data = implode("", file($this->cache_inc)); // Execute cache file - eval($cache); + eval($this->cache_data); + if (is_array($data)) { + // Cache data + $this->cache_data = $data; + + // Cache version found? + if (isset($cache_version)) { + // Remember it as well... + $this->cache_version = $cache_version; + } // END - if + // Return cache - return $data; + return $this->cache_data; } else { // Cache problem detected! $this->cache_destroy(); } - } - else - { + } else { // Cache file not found or not readable ADD_FATAL(__FILE__."(".__LINE__."): ".CACHE_CANNOT_LOAD_1.$this->cache_inc.CACHE_CANNOT_LOAD_2); } @@ -239,18 +249,15 @@ class mxchange_cache function cache_remove($search, $data, $array) { global $ARRAY; - if ((FILE_READABLE($this->cache_inc)) && (is_writeable($this->cache_inc))) - { + if ((FILE_READABLE($this->cache_inc)) && (is_writeable($this->cache_inc))) { // Load cache into dummy array $dummy = $this->cache_load(); // Search for key in array $key = array_search($data, $dummy[$search]); - if (!empty($key)) - { + if (!empty($key)) { // Key (hopefully) found? - foreach ($array as $a) - { + foreach ($array as $a) { // So we can remove all elements as requested unset($dummy[$a][$key]); } @@ -258,22 +265,17 @@ class mxchange_cache // Flush array to cache file $fp = fopen($this->cache_inc, 'w'); fwrite($fp, "\$ARRAY = \"".$ARRAY."\";\n"); - foreach ($dummy as $k => $v) - { - if (is_array($v)) - { + foreach ($dummy as $k => $v) { + if (is_array($v)) { // Multi line(s) found $LINE = ""; - foreach($v as $k2 => $v2) - { + foreach($v as $k2 => $v2) { // Put every array element in a row... - $LINE .= "\$data['".$k."'][] = \"".$v2."\";\n"; + $LINE .= $this->add_raw_row($k, $v2); } - } - else - { + } else { // Single line found - $LINE = "\$data['".$k."'] = \"".$v."\";\n"; + $LINE = $this->add_raw_row($k, $v); } // Write line(s) @@ -283,9 +285,7 @@ class mxchange_cache // Close cache file fclose($fp); } - } - else - { + } else { // Cannot write to cache! ADD_FATAL(__FILE__."(".__LINE__."): ".CACHE_PROBLEMS_DETECTED); } @@ -300,19 +300,15 @@ class mxchange_cache $dummy = $this->cache_load(); // Check if $dummy is valid (prevents some errors) - if ((is_array($dummy)) && (isset($dummy[$search])) && (is_array($dummy[$search]))) - { + if ((is_array($dummy)) && (isset($dummy[$search])) && (is_array($dummy[$search]))) { // Search for key in array $key_found = array_key_exists($search_key, $dummy[$search]); - if ($key_found == true) - { + if ($key_found == true) { $key = $search_key; // Key (hopefully) found? - foreach ($dummy as $a => $v) - { + foreach ($dummy as $a => $v) { // So we can update all entries - if ($a == $search) - { + if ($a == $search) { // Update now... $dummy[$a][$search_key] = $replace; } @@ -321,22 +317,17 @@ class mxchange_cache // Flush array to cache file $fp = fopen($this->cache_inc, 'w'); fwrite($fp, "\$dummy = \"".$ARRAY."\";\n"); - foreach ($dummy as $k => $v) - { - if (is_array($v)) - { + foreach ($dummy as $k => $v) { + if (is_array($v)) { // Multi line(s) found $LINE = ""; - foreach($v as $k2 => $v2) - { + foreach($v as $k2 => $v2) { // Put every array element in a row... - $LINE .= "\$data['".$k."'][] = \"".$v2."\";\n"; + $LINE .= $this->add_raw_row($k, $v2); } - } - else - { + } else { // Single line found - $LINE = "\$data['".$k."'] = \"".$v."\";\n"; + $LINE = $this->add_raw_row($k, $v); } // Write line(s) @@ -347,13 +338,54 @@ class mxchange_cache fclose($fp); } } - } - else - { + } else { // Cannot write to cache! ADD_FATAL(__FILE__."(".__LINE__."): ".CACHE_PROBLEMS_DETECTED); } } + + function store_extension_version ($ext_name) { + // Valid cache pointer? + if (is_resource($this->cache_pointer)) { + // Get extension version + $ext_ver = GET_EXT_VERSION($ext_name); + + // Write cache line to file + @fwrite($this->cache_pointer, "\$cache_version = \"".$ext_ver."\";\n"); + } else { + // Cannot create file + ADD_FATAL(__FILE__."(".__LINE__."): ".CACHE_PROBLEMS_DETECTED); + } + } + + function ext_version_matches ($ext_name) { + // Load cache (dummy) + $this->cache_load(); + + // Get extension version + $ext_ver = GET_EXT_VERSION($ext_name); + + //* DEBUG: */ echo __METHOD__.": ext_name={$ext_name},ext_ver={$ext_ver},cache_version={$this->cache_version}
\n"; + // Compare both + return ($ext_ver == $this->cache_version); + } + + function add_raw_row ($key, $value) { + // Init line + $line = ""; + + // String or non-string? ;-) + if (is_string($value)) { + // String... + $line = "\$data['".$key."'][] = \"".$value."\";\n"; + } else { + // Non-string + $line = "\$data['".$key."'][] = ".$value.";\n"; + } + + // Return line + return $line; + } } // ?> diff --git a/inc/load_extensions.php b/inc/load_extensions.php index 59bc1518a0..d6ef7eb1be 100644 --- a/inc/load_extensions.php +++ b/inc/load_extensions.php @@ -80,14 +80,13 @@ if (EXT_IS_ACTIVE("cache")) { } if ($cacheMode == "load") { - // Load more cache files (like admins) - require_once(PATH."inc/load_cache.php"); - // Re-initialize handler $cacheInstance->cache_file("extensions", true); // Load extension data from cache file $EXT_DUMMY = $cacheInstance->cache_load(); + + // Begin with the cache preparation of extensions $EXT_NAMES = array(); foreach ($EXT_DUMMY['ext_name'] as $k => $name) { // Load functions file @@ -153,6 +152,9 @@ if ($cacheMode == "load") { // No database load needed $res_ext_crt = false; + + // Load more cache files (like admins) + require_once(PATH."inc/load_cache.php"); } else { // If current user is not admin load only activated extensions // The admin shall use every available extension for testing purposes diff --git a/inc/loader/load_cache-admin.php b/inc/loader/load_cache-admin.php index e6d2822e7d..234e51ed3f 100644 --- a/inc/loader/load_cache-admin.php +++ b/inc/loader/load_cache-admin.php @@ -35,10 +35,10 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} +} // END - if // Let's start with the admins table... -if (($cacheInstance->cache_file("admins", true) == true)) { +if (($cacheInstance->cache_file("admins", true) == true) && ($cacheInstance->ext_version_matches("admins"))) { // Load cache global $cacheArray; $cacheArray['admins'] = $cacheInstance->cache_load(); @@ -57,23 +57,25 @@ if (($cacheInstance->cache_file("admins", true) == true)) { $cacheArray['admins']['password'][$login] = $cacheArray['admins']['password'][$k]; $cacheArray['admins']['email'][$login] = $cacheArray['admins']['email'][$k]; - // Some extra data depening on version + // Some extra data depending on version if (GET_EXT_VERSION("admins") >= "0.3") { $cacheArray['admins']['def_acl'][$login] = $cacheArray['admins']['def_acl'][$k]; if (GET_EXT_VERSION("admins") >= "0.6.7") { $cacheArray['admins']['la_mode'][$login] = $cacheArray['admins']['la_mode'][$k]; - } - } + if (GET_EXT_VERSION("admins") >= "0.7.0") { + $cacheArray['admins']['login_failtures'][$login] = $cacheArray['admins']['login_failtures'][$k]; + $cacheArray['admins']['last_failture'][$login] = $cacheArray['admins']['last_failture'][$k]; + } // END - if + } // END - if + } // END - if //* DEBUG: */ print_r($cacheArray['admins']); // Clear array - if (isset($cacheArray['admins']['aid'][$k])) unset($cacheArray['admins']['aid'][$k]); - if (isset($cacheArray['admins']['def_acl'][$k])) unset($cacheArray['admins']['def_acl'][$k]); - if (isset($cacheArray['admins']['la_mode'][$k])) unset($cacheArray['admins']['la_mode'][$k]); - if (isset($cacheArray['admins']['password'][$k])) unset($cacheArray['admins']['password'][$k]); - if (isset($cacheArray['admins']['email'][$k])) unset($cacheArray['admins']['email'][$k]); - } + foreach (array('aid', 'def_acl', 'la_mode', 'password', 'email', 'login_failtures', 'last_failture') as $rem) { + if (isset($cacheArray['admins'][$rem][$k])) unset($cacheArray['admins'][$rem][$k]); + } // END - foreach + } // END - if //* DEBUG: */ print_r($cacheArray['admins']); @@ -82,8 +84,8 @@ if (($cacheInstance->cache_file("admins", true) == true)) { $cacheArray['admins']['login'][$cacheArray['admins']['aid'][$login]] = $login; if (!in_array($k, $cacheArray['admins']['aid'])) { unset($cacheArray['admins']['login'][$k]); - } - } + } // END - if + } // END - foreach //* DEBUG: */ echo "****\n"; //* DEBUG: */ print_r($cacheArray['admins']); @@ -101,11 +103,13 @@ if (($cacheInstance->cache_file("admins", true) == true)) { } elseif (($_CONFIG['cache_admins'] == "Y") && ($CSS != "1") && ($CSS != "-1")) { // Create cache file $cacheInstance->cache_init("ADMINS"); + $cacheInstance->store_extension_version("admins"); // Load every data from DB to cache file $ADD = ", id, id"; if (GET_EXT_VERSION("admins") >= "0.3") $ADD = ", default_acl AS def_acl"; if (GET_EXT_VERSION("admins") >= "0.6.7") $ADD .= ", la_mode"; + if (GET_EXT_VERSION("admins") >= "0.7.0") $ADD .= ", login_failtures, UNIX_TIMESTAMP(last_failture) AS last_failture"; // Query the database about this $result_admins = SQL_QUERY("SELECT id AS aid, login, password, email".$ADD." @@ -114,7 +118,7 @@ ORDER BY login", __FILE__, __LINE__); while($dummy = SQL_FETCHARRAY($result_admins)) { // Save row $cacheInstance->add_row($dummy); - } + } // END - while // Free memory SQL_FREERESULT($result_admins); @@ -135,7 +139,7 @@ if (GET_EXT_VERSION("admins") >= "0.3") { $CNT = 0; foreach ($cacheArray['admin_acls'] as $k => $array) { $CNT += count($array); - } + } // END - foreach // When there is a period (.) in the result this test will fail and so the cache file is // damaged/corrupted @@ -146,8 +150,8 @@ if (GET_EXT_VERSION("admins") >= "0.3") { // Cache file is corrupted! $cacheInstance->cache_destroy(); unset($cacheArray['admin_acls']); - } - } + } // END - if + } // END - if } elseif (($_CONFIG['cache_acls'] == "Y") && ($CSS != "1") && ($CSS != "-1")) { // Create cache file here $cacheInstance->cache_init("ADMINS_ACLS"); @@ -157,7 +161,7 @@ if (GET_EXT_VERSION("admins") >= "0.3") { while ($DATA = SQL_FETCHARRAY($result)) { // Add row to cache file $cacheInstance->add_row($DATA); - } + } // END - while // Free memory SQL_FREERESULT($result); @@ -165,7 +169,7 @@ if (GET_EXT_VERSION("admins") >= "0.3") { // Close file $cacheInstance->cache_close(); -} +} // END - if // ?> diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index e580071754..3c063aaff7 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -69,20 +69,31 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password) $ret = "pass"; $_CONFIG['cache_hits']++; } else { + $ADD = ""; + if (GET_EXT_VERSION("admins") >= "0.7.0") { + // Load them here + $ADD = ", login_failtures, UNIX_TIMESTAMP(last_failture) AS last_failture"; + } // END - if + // Get password from DB - $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT password".$ADD." FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", array($admin_login), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { + // Login password found $ret = "pass"; - list($pass) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - } + + // Fetch data + $data = SQL_FETCHARRAY($result); + } // END - if + + // Free result + SQL_FREERESULT($result); } - //* DEBUG: */ echo "*".$pass."/".md5($password)."/".$ret."
"; - if ((strlen($pass) == 32) && ($pass == md5($password))) { + //* DEBUG: */ echo "*".$data['password']."/".md5($password)."/".$ret."
"; + if ((strlen($data['password']) == 32) && ($data['password'] == md5($password))) { // Generate new hash - $pass = generateHash($password); + $data['password'] = generateHash($password); // Is the sql_patches not installed, than we cannot have a valid hashed password here! if (($ret == "pass") && ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == ""))) $ret = "done"; @@ -92,38 +103,46 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password) } // Generate salt of password - define('__SALT', substr($pass, 0, -40)); + define('__SALT', substr($data['password'], 0, -40)); $salt = __SALT; // Check if password is same - //* DEBUG: */ echo "*".$ret.",".$pass.",".$password.",".$salt."*
\n"; - if (($ret == "pass") && ($pass == generateHash($password, $salt)) && (!empty($salt))) { + //* DEBUG: */ echo "*".$ret.",".$data['password'].",".$password.",".$salt."*
\n"; + if (($ret == "pass") && ($data['password'] == generateHash($password, $salt)) && (!empty($salt))) { // Change the passord hash here - $pass = generateHash($password); + $data['password'] = generateHash($password); + + // Do we have 0.7.0 of admins or later? + // Remmeber login failtures if available + if (GET_EXT_VERSION("admins") >= "0.7.0") { + // Store it in session + set_session("mxchange_admin_failtures", $data['login_failtures']); + ses_session("mxchange_admin_last_fail", $data['last_failture']); + } // END - if // Update password $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1", - array($pass, $admin_login), __FILE__, __LINE__); + array($data['password'], $admin_login), __FILE__, __LINE__); // Shall I remove the cache file? if ((EXT_IS_ACTIVE("cache")) && ($cacheInstance != false)) { if ($cacheInstance->cache_file("admins", true)) $cacheInstance->cache_destroy(); - } + } // END - if // Login has failed by default... ;-) $ret = "failed"; // Password matches so login here - if (LOGIN_ADMIN($admin_login, $pass)) { + if (LOGIN_ADMIN($admin_login, $data['password'])) { // All done now $ret = "done"; - } + } // END - if } elseif ((empty($salt)) && ($ret == "pass")) { // Something bad went wrong $ret = "failed"; } elseif ($ret == "done") { // Try to login here if we have the old hashing way (sql_patches not installed?) - if (!LOGIN_ADMIN($admin_login, $pass)) { + if (!LOGIN_ADMIN($admin_login, $data['password'])) { // Something went wrong $ret = "failed"; } diff --git a/inc/modules/chk_login.php b/inc/modules/chk_login.php index cad19305c3..93d3173ffa 100644 --- a/inc/modules/chk_login.php +++ b/inc/modules/chk_login.php @@ -32,56 +32,76 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ +if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } // @TODO Replace with own template! OPEN_TABLE("500", "guest_login_header dashed", "center"); - OUTPUT_HTML("
".VALIDATING_LOGIN."
"); if (!empty($GLOBALS['userid']) && (isSessionVariableSet('u_hash')) && (isSessionVariableSet('lifetime'))) { + // Login failtures are supported since 0.4.7 + // Do we have 0.4.7 of sql_patches or later? + $ADD = ""; + if (GET_EXT_VERSION("sql_patches") >= "0.4.7") { + // Load them here + $ADD = ", login_failtures, UNIX_TIMESTAMP(last_failture) AS last_failture"; + } // END - if + // Get theme from profile - $result = SQL_QUERY_ESC("SELECT curr_theme FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); - list($NewTheme) = SQL_FETCHROW($result); + $result = SQL_QUERY_ESC("SELECT curr_theme".$ADD." FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + array($GLOBALS['userid']), __FILE__, __LINE__); + + // Load data + $data = SQL_FETCHARRAY($result); + + // Free result SQL_FREERESULT($result); // Change to new theme - set_session("mxchange_theme", $NewTheme); + set_session("mxchange_theme", $data['curr_theme']); + + // Remmeber login failtures if available + if (GET_EXT_VERSION("sql_patches") >= "0.4.7") { + // Store it in session + set_session("mxchange_member_failtures", $data['login_failtures']); + ses_session("mxchange_member_last_fail", $data['last_failture']); + } // END - if + // Bonus is not given by default ;-) $bonus = false; if ((GET_EXT_VERSION("sql_patches") >= "0.2.8") && (GET_EXT_VERSION("bonus") >= "0.2.1") && ($_CONFIG['bonus_login_yn'] == "N") && ($_CONFIG['bonus_login_yn'] == "Y")) { - // Update last login + + // Update last login if far enougth away $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_login=UNIX_TIMESTAMP() WHERE userid=%s AND last_login < (UNIX_TIMESTAMP() - %s) -LIMIT 1", array($GLOBALS['userid'], $_CONFIG['login_timeout']), - __FILE__, __LINE__); +LIMIT 1", + array( + $GLOBALS['userid'], + $_CONFIG['login_timeout'] + ), __FILE__, __LINE__ + ); if (SQL_AFFECTEDROWS() == 1) $bonus = true; - } - if (($bonus) && ($_GET['mode'] == "bonus") && (EXT_IS_ACTIVE("bonus"))) { + } // END - if + + if (($bonus) && ($_GET['mode'] == "bonus") && (EXT_IS_ACTIVE("bonus"))) { // Output message with added points OUTPUT_HTML(" ".BONUS_LOGIN_BONUS_ADDED_1." ".TRANSLATE_COMMA($_CONFIG['login_bonus'])." ".POINTS." ".BONUS_LOGIN_BONUS_ADDED_2." "); - } - elseif (EXT_IS_ACTIVE("bonus")) - { + } elseif (EXT_IS_ACTIVE("bonus")) { // No login bonus added! OUTPUT_HTML("".BONUS_LOGIN_BONUS_NOT_ADDED.""); } // Redirect to member area LOAD_TEMPLATE("member_login_js"); -} - else -{ +} else { // Login failed! LOAD_TEMPLATE("login_failed_js"); } diff --git a/inc/modules/guest/what-login.php b/inc/modules/guest/what-login.php index a0601049a5..de77d7fe80 100644 --- a/inc/modules/guest/what-login.php +++ b/inc/modules/guest/what-login.php @@ -84,7 +84,7 @@ if (IS_MEMBER()) { $LAST = ""; if (GET_EXT_VERSION("sql_patches") >= "0.2.8") { $LAST = ", last_login"; - } + } // END - if // Check login data $password = ""; diff --git a/inc/modules/login.php b/inc/modules/login.php index f9589cd586..3ccd65f92b 100644 --- a/inc/modules/login.php +++ b/inc/modules/login.php @@ -76,7 +76,7 @@ $BLOCK_MODE = false; // Generate a tableset for the menu title and content LOAD_TEMPLATE("member_header"); -// Adding your title's template here... +// Begin menu block here OUTPUT_HTML(" "); @@ -90,8 +90,9 @@ if (empty($GLOBALS['action'])) { // Add the member's menu here... if (($_CONFIG['member_menu'] == "Y") || (!EXT_IS_ACTIVE("sql_patches", true))) { ADD_MENU("member", GET_ACTION("member", $GLOBALS['what']), $GLOBALS['what']); -} +} // END - if +// Menu -> content OUTPUT_HTML(" "); @@ -104,8 +105,7 @@ if ((FILE_READABLE($INC_ACTION)) && (VALIDATE_MENU_ACTION("member", GET_ACTION(" LOAD_URL("modules.php?module=login"); } -if (($_CONFIG['member_menu'] == "Y") || (!EXT_IS_ACTIVE("sql_patches", true))) -{ +if (($_CONFIG['member_menu'] == "Y") || (!EXT_IS_ACTIVE("sql_patches", true))) { OUTPUT_HTML("
diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php index 96e7cfb9d5..a5b364cf65 100644 --- a/inc/mysql-manager.php +++ b/inc/mysql-manager.php @@ -261,9 +261,12 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) { $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1", array($ACC_LVL, $type, $search), __FILE__, __LINE__); + // Menu found? if (SQL_NUMROWS($result) == 1) { + // Load title list($ret) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + + // Shall we return it? if ($return) { // Return title return $ret; @@ -275,9 +278,18 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) { //* DEBUG: */ echo __LINE__."+".$type."+
\n"; $OUT .= "
\n"; $DEPTH="0"; - } + + // Handle failed logins here if not in guest + if (($type != "guest") && (GET_EXT_VERSION("sql_patches") >= "0.4.7")) { + // Handle failture + $OUT .= HANDLE_LOGIN_FAILTURES($type); + } // END - if + } // END - if } - } + } // END - if + + // Free result + SQL_FREERESULT($result); // Return or output HTML code? if ($output) { @@ -1708,7 +1720,7 @@ function UPDATE_CONFIG ($entries, $values, $updateMode="") { if ($cacheInstance->cache_file("config", true)) $cacheInstance->cache_destroy(); // Rebuid the cache - require(PATH."inc/load_cache-config.php"); + require(PATH."inc/loader/load_cache-config.php"); } // END - if } // Creates a new task for updated extension @@ -1761,5 +1773,30 @@ VALUES (%s, 0, 'NEW', 'EXTENSION', '%s', '%s', UNIX_TIMESTAMP())", // Free memory SQL_FREERESULT($result); } +// Handle menu-depending failed logins and return the rendered content +function HANDLE_LOGIN_FAILTURES ($menuType) { + // Default output is empty ;-) + $OUT = ""; + + // Guest menus doesn't have login failtures so is the session data set? + if (($menuType != "guest") && (isSessionVariableSet('mxchange_'.$menuType.'_failtures')) && (isSessionVariableSet('mxchange_'.$menuType.'_last_fail'))) { + // Non-guest has login failtures found, get both data and prepare it for template + $content = array( + 'login_failtures' => get_session('mxchange_'.$menuType.'_failtures'), + 'last_failture' => MAKE_DATETIME(get_session('mxchange_'.$menuType.'_last_fail'), "2") + ); + + // Load template + $OUT = LOAD_TEMPLATE("login_failture", true, $content); + + // Reset session data + set_session('mxchange_'.$menuType.'_failtures', ""); + set_session('mxchange_'.$menuType.'_last_fail', ""); + } // END - if + + // Return rendered content + return $OUT; +} + // ?> diff --git a/templates/de/html/login_failtures.tpl b/templates/de/html/login_failtures.tpl new file mode 100644 index 0000000000..971f17dc71 --- /dev/null +++ b/templates/de/html/login_failtures.tpl @@ -0,0 +1,4 @@ +
+ Letzten $content[login_failtures] Loginversuche waren + fehlgeschlagen, der letzte war am $content[last_failture] +