From 5284f321789b5d0456b48a529ed59a99956020e8 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 3 Oct 2006 18:35:59 +0000 Subject: - extend config checking to include check for writeable path - removed not utilized user_allow_email column from schema - removed inactive groups (they had no use at all, since inactive users are not able to login) The only benefit those brought are distinguish users - but this is no longer needed too due to the inactive code present. This also allows us to retain group memberships as well as default settings for users being set inactive due to profile changes. - rewrote user_active_flip to support multiple users and a mode, as well as coping with the aforementioned changes - implemented updated jabber class to support SRV server records and for better jabberd2 support. - jabber errors now logged to the error log with a full transaction - fixed user_delete calls to include usernames where possible and also update last post information correctly - implemented additioal checks to user management to cope with common mistakes - On installation, guess the required mysql schema as best as possible. Users now only need to decide if they want to use the mysqli extension or not (mysqli selected by default) and no longer need to know their mysql version. - founders do not need to re-activate their account on profile changes - remove older session if re-authentication was successful (re-authentication always assigns a new session id) - set the cookie directly instead of using php's function - added inactive_remind to see which users got deactivated because of reminders (or re-activation) sent out hopefully not introduced too many bugs - those testing with CVS releases, please concentrate on user registration, activation, profile changes (email/password)... git-svn-id: file:///svn/phpbb/trunk@6436 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/acp/acp_attachments.php | 2 +- phpBB/includes/acp/acp_board.php | 6 +- phpBB/includes/acp/acp_inactive.php | 11 +- phpBB/includes/acp/acp_jabber.php | 9 +- phpBB/includes/acp/acp_permissions.php | 2 +- phpBB/includes/acp/acp_prune.php | 6 +- phpBB/includes/acp/acp_users.php | 73 ++- phpBB/includes/auth.php | 27 +- phpBB/includes/constants.php | 3 +- phpBB/includes/db/mysql.php | 10 +- phpBB/includes/functions.php | 2 +- phpBB/includes/functions_admin.php | 13 +- phpBB/includes/functions_jabber.php | 953 +++++++++++++++++++++------------ phpBB/includes/functions_messenger.php | 25 +- phpBB/includes/functions_posting.php | 2 +- phpBB/includes/functions_user.php | 145 ++--- phpBB/includes/session.php | 54 +- phpBB/includes/ucp/ucp_activate.php | 11 +- phpBB/includes/ucp/ucp_profile.php | 7 +- phpBB/includes/ucp/ucp_register.php | 4 +- phpBB/includes/ucp/ucp_resend.php | 4 +- 21 files changed, 821 insertions(+), 548 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 91d7c024f3..74373af86b 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -89,7 +89,7 @@ class acp_attachments 'legend1' => 'ACP_ATTACHMENT_SETTINGS', 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), - 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'path', 'type' => 'text:25:100', 'explain' => true), + 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'wpath', 'type' => 'text:25:100', 'explain' => true), 'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'custom', 'method' => 'display_order', 'explain' => true), 'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'int', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'int', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index b968b9bf56..8dbf70ccb1 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -27,7 +27,7 @@ class acp_board $action = request_var('action', ''); $submit = (isset($_POST['submit'])) ? true : false; - // Validation types are: string, int, bool, rpath, path + // Validation types are: string, int, bool, rpath (relative), rwpath (realtive, writeable), path (relative path, but able to escape the root), wpath (writeable) switch ($mode) { case 'settings': @@ -93,7 +93,7 @@ class acp_board 'avatar_filesize' => array('lang' => 'MAX_FILESIZE', 'validate' => 'int', 'type' => 'text:4:10', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), 'avatar_min' => array('lang' => 'MIN_AVATAR_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true), 'avatar_max' => array('lang' => 'MAX_AVATAR_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true), - 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), + 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rwpath', 'type' => 'text:20:255', 'explain' => true), 'avatar_gallery_path' => array('lang' => 'AVATAR_GALLERY_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true) ) ); @@ -279,7 +279,7 @@ class acp_board 'legend2' => 'PATH_SETTINGS', 'smilies_path' => array('lang' => 'SMILIES_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 'icons_path' => array('lang' => 'ICONS_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), - 'upload_icons_path' => array('lang' => 'UPLOAD_ICONS_PATH', 'validate' => 'path', 'type' => 'text:20:255', 'explain' => true), + 'upload_icons_path' => array('lang' => 'UPLOAD_ICONS_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 'ranks_path' => array('lang' => 'RANKS_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 'legend3' => 'SERVER_URL_SETTINGS', diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php index 05db9fa95b..9a26a3595d 100755 --- a/phpBB/includes/acp/acp_inactive.php +++ b/phpBB/includes/acp/acp_inactive.php @@ -58,16 +58,7 @@ class acp_inactive if ($action == 'activate') { include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); - - foreach ($mark as $user_id) - { - user_active_flip($user_id, USER_INACTIVE); - } - - set_config('num_users', $config['num_users'] + sizeof($mark), true); - - // Update latest username - update_last_username(); + user_active_flip('activate', $mark); } else if ($action == 'delete') { diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php index b55ac27fea..afb2ba329a 100644 --- a/phpBB/includes/acp/acp_jabber.php +++ b/phpBB/includes/acp/acp_jabber.php @@ -44,16 +44,9 @@ class acp_jabber $jab_resource = request_var('jab_resource', $config['jab_resource']); $jab_package_size = request_var('jab_package_size', $config['jab_package_size']); - $jabber = new jabber(); + $jabber = new jabber($jab_host, $jab_port, $jab_username, $jab_password, $jab_resource); $error = array(); - // Setup the basis vars for jabber connection - $jabber->server = $jab_host; - $jabber->port = ($jab_port) ? $jab_port : 5222; - $jabber->username = $jab_username; - $jabber->password = $jab_password; - $jabber->resource = $jab_resource; - $message = $user->lang['JAB_SETTINGS_CHANGED']; $log = 'JAB_SETTINGS_CHANGED'; diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index 36eac665c2..f9f08ee694 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -70,7 +70,7 @@ class acp_permissions if ($select_all_groups) { // Add default groups to selection - $sql_and = (!$config['coppa_enable']) ? " AND group_name NOT IN ('INACTIVE_COPPA', 'REGISTERED_COPPA')" : ''; + $sql_and = (!$config['coppa_enable']) ? " AND group_name <> 'REGISTERED_COPPA'" : ''; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . ' diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 7c789e4773..8fe9e10bae 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -267,11 +267,7 @@ class acp_prune { if ($action == 'deactivate') { - foreach ($user_ids as $user_id) - { - user_active_flip($user_id, USER_NORMAL, false, false, INACTIVE_MANUAL, true); - } - + user_active_flip('deactivate', $user_ids); $l_log = 'LOG_PRUNE_USER_DEAC'; } else if ($action == 'delete') diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 06a6f3c97a..bd28662a42 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -174,7 +174,7 @@ class acp_users if (confirm_box(true)) { - user_delete($delete_type, $user_id); + user_delete($delete_type, $user_id, $user_row['username']); add_log('admin', 'LOG_USER_DELETED', $user_row['username']); trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action)); @@ -205,6 +205,11 @@ class acp_users trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } + if ($user_row['user_type'] == USER_FOUNDER) + { + trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + $ban = array(); switch ($action) @@ -256,6 +261,16 @@ class acp_users trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } + if ($user_row['user_type'] == USER_FOUNDER) + { + trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + + if ($user_row['user_type'] == USER_IGNORE) + { + trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + if ($config['email_enable']) { include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); @@ -267,9 +282,14 @@ class acp_users $key_len = ($key_len > 6) ? $key_len : 6; $user_actkey = substr($user_actkey, 0, $key_len); - if ($user_row['user_type'] != USER_INACTIVE) + if ($user_row['user_type'] == USER_NORMAL) { - user_active_flip($user_id, $user_row['user_type'], $user_actkey, $user_row['username'], INACTIVE_MANUAL); + user_active_flip('deactivate', $user_id, INACTIVE_REMIND); + + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_actkey = '" . $db->sql_escape($user_actkey) . "' + WHERE user_id = $user_id"; + $db->sql_query($sql); } $messenger = new messenger(false); @@ -311,24 +331,23 @@ class acp_users trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - user_active_flip($user_id, $user_row['user_type'], false, $user_row['username'], INACTIVE_MANUAL); - - $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED'; - $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE'; - - add_log('user', $user_id, $log . '_USER'); - - if ($user_row['user_type'] == USER_INACTIVE) + if ($user_row['user_type'] == USER_FOUNDER) { - set_config('num_users', $config['num_users'] + 1, true); + trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - else + + if ($user_row['user_type'] == USER_IGNORE) { - set_config('num_users', $config['num_users'] - 1, true); + trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - // Update latest username - update_last_username(); + user_active_flip('flip', $user_id); + + $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED'; + $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE'; + + add_log('admin', $log, $user_row['username']); + add_log('user', $user_id, $log . '_USER'); trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&u=' . $user_id)); @@ -783,9 +802,21 @@ class acp_users } else { - $quick_tool_ary = array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP', 'active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'), 'delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH'); + $quick_tool_ary = array(); + + if ($user_row['user_type'] != USER_FOUNDER) + { + $quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP'); + } + + if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE) + { + $quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE')); + } + + $quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH'); - if ($config['email_enable']) + if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE)) { $quick_tool_ary['reactivate'] = 'FORCE'; } @@ -807,7 +838,7 @@ class acp_users 'S_USER_FOUNDER' => ($user_row['user_type'] == USER_FOUNDER) ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'S_OWN_ACCOUNT' => ($user_id == $user->data['user_id']) ? true : false, - 'S_USER_INACTIVE' => ($user_row['user_type'] == USER_IGNORE || $user_row['user_type'] == USER_INACTIVE) ? true : false, + 'S_USER_INACTIVE' => ($user_row['user_type'] == USER_INACTIVE) ? true : false, 'U_SHOW_IP' => $this->u_action . "&u=$user_id&ip=" . (($ip == 'ip') ? 'hostname' : 'ip'), 'U_WHOIS' => $this->u_action . "&action=whois&user_ip={$user_row['user_ip']}", @@ -1854,11 +1885,11 @@ class acp_users $s_group_options = ''; while ($row = $db->sql_fetchrow($result)) { - if (!$config['coppa_enable'] && in_array($row['group_name'], array('INACTIVE_COPPA', 'REGISTERED_COPPA'))) + if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA') { continue; } - + $s_group_options .= '' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . ''; } $db->sql_freeresult($result); diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index c578881c3f..5e927ce439 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -714,7 +714,7 @@ class auth $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " - WHERE username = '" . $db->sql_escape($username) . "'"; + WHERE LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -738,11 +738,36 @@ class auth // If login succeeded, we will log the user in... else we pass the login array through... if ($login['status'] == LOGIN_SUCCESS) { + $old_session_id = $user->session_id; + + if ($admin) + { + global $SID, $_SID; + + $cookie_expire = time() - 31536000; + $user->set_cookie('u', '', $cookie_expire); + $user->set_cookie('sid', '', $cookie_expire); + unset($cookie_expire); + + $SID = '?sid='; + $user->session_id = $_SID = ''; + } + $result = $user->session_create($login['user_row']['user_id'], $admin, $autologin, $viewonline); // Successful session creation if ($result === true) { + // If admin re-authentication we remove the old session entry because a new one has been created... + if ($admin) + { + // the login array is used because the user ids do not differ for re-authentication + $sql = 'DELETE FROM ' . SESSIONS_TABLE . " + WHERE session_id = '" . $db->sql_escape($old_session_id) . "' + AND session_user_id = {$login['user_row']['user_id']}"; + $db->sql_query($sql); + } + return array( 'status' => LOGIN_SUCCESS, 'error_msg' => false, diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 42d3c41463..0ed3ad8d84 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -27,12 +27,11 @@ define('USER_NORMAL', 0); define('USER_INACTIVE', 1); define('USER_IGNORE', 2); define('USER_FOUNDER', 3); -//define('USER_BOT', 2); -//define('USER_GUEST', 4); define('INACTIVE_REGISTER', 1); define('INACTIVE_PROFILE', 2); define('INACTIVE_MANUAL', 3); +define('INACTIVE_REMIND', 4); // ACL define('ACL_NEVER', 0); diff --git a/phpBB/includes/db/mysql.php b/phpBB/includes/db/mysql.php index 15158bbb59..1901bd4270 100644 --- a/phpBB/includes/db/mysql.php +++ b/phpBB/includes/db/mysql.php @@ -33,6 +33,8 @@ if (!defined('SQL_LAYER')) */ class dbal_mysql extends dbal { + var $mysql_version; + /** * Connect to server * @access public @@ -51,14 +53,14 @@ class dbal_mysql extends dbal if (@mysql_select_db($this->dbname)) { // Determine what version we are using and if it natively supports UNICODE - $mysql_version = mysql_get_server_info($this->db_connect_id); + $this->mysql_version = mysql_get_server_info($this->db_connect_id); - if (version_compare($mysql_version, '4.1.3', '>=')) + if (version_compare($this->mysql_version, '4.1.3', '>=')) { define('SQL_LAYER', 'mysql4'); @mysql_query("SET NAMES 'utf8'", $this->db_connect_id); } - else if (version_compare($mysql_version, '4.0.0', '>=')) + else if (version_compare($this->mysql_version, '4.0.0', '>=')) { define('SQL_LAYER', 'mysql4'); } @@ -79,7 +81,7 @@ class dbal_mysql extends dbal */ function sql_server_info() { - return 'MySQL ' . @mysql_get_server_info($this->db_connect_id); + return 'MySQL ' . $this->mysql_version; } /** diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 8ada82cffe..a5e6570116 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1913,7 +1913,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa 'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'), 'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false, - 'S_LOGIN_ACTION' => (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx"), // Needs to stay index.$phpEx because we are within the admin directory + 'S_LOGIN_ACTION' => (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id), // Needs to stay index.$phpEx because we are within the admin directory 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_ADMIN_AUTH' => $admin, diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index b346e09a2b..2119b86740 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -207,7 +207,7 @@ function group_select_options($group_id, $exclude_ids = false) global $db, $user, $config; $exclude_sql = ($exclude_ids !== false && sizeof($exclude_ids)) ? 'WHERE ' . $db->sql_in_set('group_id', array_map('intval', $exclude_ids), true) : ''; - $sql_and = (!$config['coppa_enable']) ? (($exclude_sql) ? ' AND ' : ' WHERE ') . "group_name NOT IN ('INACTIVE_COPPA', 'REGISTERED_COPPA')" : ''; + $sql_and = (!$config['coppa_enable']) ? (($exclude_sql) ? ' AND ' : ' WHERE ') . "group_name <> 'REGISTERED_COPPA'" : ''; $sql = 'SELECT group_id, group_name, group_type FROM ' . GROUPS_TABLE . " @@ -245,6 +245,7 @@ function get_forum_list($acl_list = 'f_list', $id_only = true, $postable_only = ORDER BY left_id ASC'; $result = $db->sql_query($sql, $expire_time); + $forum_rows = array(); while ($row = $db->sql_fetchrow($result)) { $forum_rows[] = $row; @@ -2343,7 +2344,7 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li $sql = 'SELECT user_id, username, user_regdate, user_lastvisit, user_inactive_time, user_inactive_reason FROM ' . USERS_TABLE . ' WHERE user_type = ' . USER_INACTIVE . - (($limit_days) ? "AND user_inactive_time >= $limit_days" : '') . " + (($limit_days) ? " AND user_inactive_time >= $limit_days" : '') . " ORDER BY $sort_by"; $result = $db->sql_query_limit($sql, $limit, $offset); @@ -2363,15 +2364,19 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li case INACTIVE_MANUAL: $row['inactive_reason'] = $user->lang['INACTIVE_REASON_MANUAL']; break; + + case INACTIVE_REMIND: + $row['inactive_reason'] = $user->lang['INACTIVE_REASON_REMIND']; + break; } $users[] = $row; } - $sql = 'SELECT count(user_id) AS user_count + $sql = 'SELECT COUNT(user_id) AS user_count FROM ' . USERS_TABLE . ' WHERE user_type = ' . USER_INACTIVE . - (($limit_days) ? "AND user_inactive_time >= $limit_days" : ''); + (($limit_days) ? " AND user_inactive_time >= $limit_days" : ''); $result = $db->sql_query($sql); $user_count = (int) $db->sql_fetchfield('user_count'); $db->sql_freeresult($result); diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php index 9efe17dc6b..1bdeb6eb40 100644 --- a/phpBB/includes/functions_jabber.php +++ b/phpBB/includes/functions_jabber.php @@ -3,23 +3,24 @@ * * @package phpBB3 * @version $Id$ -* @copyright (c) 2005 phpBB Group +* @copyright (c) 2006 phpBB Group * @license http://opensource.org/licenses/gpl-license.php GNU Public License * */ /** * -* Class.Jabber.PHP v0.4 -* (c) 2002 Carlo "Gossip" Zottmann -* http://phpjabber.g-blog.net *** gossip@jabber.g-blog.net +* Class.Jabber.PHP v0.4.2 +* (c) 2004 Nathan "Fritzy" Fritz +* http://cjphp.netflint.net *** fritzy@netflint.net * -* The FULL documentation and examples for this software can be found at -* http://phpjabber.g-blog.net (not many doc comments in here, sorry) +* This is a bugfix version, specifically for those who can't get +* 0.4 to work on Jabberd2 servers. * -* last modified: 27.04.2003 13:01:53 CET -* -* Modified by members of the phpBB Group +* last modified: 24.03.2004 13:01:53 +* +* Modified by phpBB Development Team +* version: v0.4.3a * * @package phpBB3 */ @@ -36,13 +37,14 @@ class jabber var $delay_disconnect; var $stream_id; - var $roster; + + var $enable_logging; + var $log_array; var $iq_sleep_timer; var $last_ping_time; var $packet_queue; - var $subscription_queue; var $iq_version_name; var $iq_version_os; @@ -60,17 +62,24 @@ class jabber /** * Constructor */ - function jabber() + function jabber($server, $port, $username, $password, $resource) { - $this->port = '5222'; - $this->resource = NULL; - $this->packet_queue = $this->subscription_queue = array(); + $this->server = ($server) ? $server : 'localhost'; + $this->port = ($port) ? $port : '5222'; + $this->username = $username; + $this->password = $password; + $this->resource = ($resource) ? $resource : NULL; + + $this->enable_logging = true; + $this->log_array = array(); + + $this->packet_queue = array(); $this->iq_sleep_timer = $this->delay_disconnect = 1; $this->returned_keep_alive = true; $this->txnid = 0; - $this->iq_version_name = "Class.Jabber.PHP -- http://phpjabber.g-blog.net -- by Carlo 'Gossip' Zottmann, gossip@jabber.g-blog.net"; + $this->iq_version_name = "Class.Jabber.PHP -- http://cjphp.netflint.net -- by Nathan 'Fritzy' Fritz, fritz@netflint.net"; $this->iq_version_version = '0.4'; $this->iq_version_os = $_SERVER['SERVER_SOFTWARE']; @@ -104,7 +113,7 @@ class jabber if ($this->connector->open_socket($this->server, $this->port)) { $this->send_packet("\n"); - $this->send_packet("\n"); + $this->send_packet("\n"); sleep(2); @@ -115,11 +124,13 @@ class jabber } else { + $this->add_to_log('ERROR: connect() #1'); return false; } } else { + $this->add_to_log('ERROR: connect() #2'); return false; } } @@ -138,56 +149,13 @@ class jabber $this->connector->close_socket(); } - /** - * Cruise Control - */ - function cruise_control($seconds = -1) - { - $count = 0; - - while ($count != $seconds) - { - $this->listen(); - - do - { - $packet = $this->get_first_from_queue(); - - if ($packet) - { - $this->call_handler($packet); - } - } - while (sizeof($this->packet_queue) > 1); - - $count += 0.25; - usleep(250000); - - if ($this->last_ping_time != date('H:i')) - { - // Modified by Nathan Fritz - if ($this->returned_keep_alive == false) - { - $this->connected = false; - //EVENT: Disconnected - } - - $this->returned_keep_alive = false; - $this->keep_alive_id = 'keep_alive_' . time(); - $this->send_packet("", 'cruise_control'); - $this->last_ping_time = date('H:i'); - } - } - - return true; - } - /** * Send authentication request */ function send_auth() { $this->auth_id = 'auth_' . md5(time() . $_SERVER['REMOTE_ADDR']); + $this->resource = ($this->resource != NULL) ? $this->resource : ('Class.Jabber.PHP ' . md5($this->auth_id)); $this->jid = "{$this->username}@{$this->server}/{$this->resource}"; // request available authentication methods @@ -197,6 +165,7 @@ class jabber // was a result returned? if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) { + // yes, now check for auth method availability in descending order (best to worst) if (isset($packet['iq']['#']['query'][0]['#']['sequence'][0]['#']) && isset($packet['iq']['#']['query'][0]['#']['token'][0]['#'])) { // auth_0k @@ -212,10 +181,16 @@ class jabber // plain text return $this->_sendauth_plaintext(); } + else + { + $this->add_to_log('ERROR: send_auth() #2 - No auth method available!'); + return false; + } } else { // no result returned + $this->add_to_log('ERROR: send_auth() #1'); return false; } } @@ -319,86 +294,15 @@ class jabber { $xml = trim($xml); - return ($this->connector->write_to_socket($xml)) ? true : false; - } - - /** - * get the transport registration fields - * method written by Steve Blinch, http://www.blitzaffe.com - */ - function transport_registration_details($transport) - { - $this->txnid++; - $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", "jabber:iq:register", NULL, $this->jid); - - if ($packet) - { - $res = array(); - - foreach ($packet['iq']['#']['query'][0]['#'] as $element => $data) - { - if ($element != 'instructions' && $element != 'key') - { - $res[] = $element; - } - } - - return $res; - } - else - { - return 3; - } - } - - /** - * register with the transport - * method written by Steve Blinch, http://www.blitzaffe.com - */ - function transport_registration($transport, $details) - { - $this->txnid++; - $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", "jabber:iq:register", NULL, $this->jid); - - if ($packet) + if ($this->connector->write_to_socket($xml)) { - // just in case a key was passed back from the server - $key = $this->get_info_from_iq_key($packet); - unset($packet); - - $payload = ($key) ? "$key\n" : ''; - foreach ($details as $element => $value) - { - $payload .= "<$element>$value\n"; - } - - $packet = $this->send_iq($transport, 'set', "reg_{$this->txnid}", "jabber:iq:register", $payload); - - if ($this->get_info_from_iq_type($packet) == 'result') - { - if (isset($packet['iq']['#']['query'][0]['#']['registered'][0]['#'])) - { - $return_code = 1; - } - else - { - $return_code = 2; - } - } - else if ($this->get_info_from_iq_type($packet) == 'error') - { - if (isset($packet['iq']['#']['error'][0]['#'])) - { - $return_code = "Error " . $packet['iq']['#']['error'][0]['@']['code'] . ": " . $packet['iq']['#']['error'][0]['#']; - // ERROR: TransportRegistration() - } - } - - return $return_code; + $this->add_to_log('SEND: ' . $xml); + return true; } else { - return 3; + $this->add_to_log('ERROR: send_packet() #1'); + return false; } } @@ -418,11 +322,12 @@ class jabber if ($incoming != '') { + $this->add_to_log('RECV: ' . $incoming); $temp = $this->_split_incoming($incoming); - for ($a = 0, $size = sizeof($temp); $a < $size; $a++) + for ($i = 0, $size = sizeof($temp); $i < $size; $i++) { - $this->packet_queue[] = $this->xmlize($temp[$a]); + $this->packet_queue[] = $this->xmlize($temp[$i]); } } @@ -454,12 +359,12 @@ class jabber $xml = "\n"; - if (isset($content['subject']) && $content['subject']) + if (!empty($content['subject'])) { $xml .= '' . $content['subject'] . "\n"; } - if (isset($content['thread']) && $content['thread']) + if (!empty($content['thread'])) { $xml .= '' . $content['thread'] . "\n"; } @@ -468,10 +373,18 @@ class jabber $xml .= $payload; $xml .= "\n"; - return ($this->send_packet($xml)) ? true : false; + if ($this->send_packet($xml)) + { + return true; + } + else + { + $this->add_to_log('ERROR: send_message() #1'); + } } else { + $this->add_to_log('ERROR: send_message() #2'); return false; } } @@ -492,7 +405,15 @@ class jabber $xml .= ($status || $show || $priority) ? "\n" : ''; - return ($this->send_packet($xml)) ? true : false; + if ($this->send_packet($xml)) + { + return true; + } + else + { + $this->add_to_log('ERROR: send_presence() #1'); + return false; + } } /** @@ -579,8 +500,60 @@ class jabber else { $this->handler_not_implemented($packet); + $this->add_to_log("ERROR: call_handler() #1 - neither method nor function $funcmeth() available"); + } + } + } + + /** + * Cruise Control + */ + function cruise_control($seconds = -1) + { + $count = 0; + + while ($count != $seconds) + { + $this->listen(); + + do + { + $packet = $this->get_first_from_queue(); + + if ($packet) + { + $this->call_handler($packet); + } + } + while (sizeof($this->packet_queue) > 1); + + $count += 0.25; + usleep(250000); + + if (($this->last_ping_time + 180) < time()) + { + // Modified by Nathan Fritz + if ($this->returned_keep_alive == false) + { + $this->connected = false; + $this->add_to_log('EVENT: Disconnected'); + } + + if ($this->returned_keep_alive == true) + { + $this->connected = true; + } + + $this->returned_keep_alive = false; + + $this->keep_alive_id = 'keep_alive_' . time(); + // $this->send_packet("", 'cruise_control'); + $this->send_packet(""); + $this->last_ping_time = time(); } } + + return true; } /** @@ -592,12 +565,13 @@ class jabber { unset($type); + $this->add_to_log("ERROR: send_iq() #2 - type must be 'get', 'set', 'result' or 'error'"); return false; } else if ($id && $xmlns) { $xml = "txnid}", 'jabber:iq:register', NULL, $this->jid); - // repeat as often as needed - for ($a = 0; $a < $zerok_sequence; $a++) + if ($packet) { - $zerok_hash = sha1($zerok_hash); - } - - $payload = "{$this->username} - $zerok_hash - {$this->resource}"; + $res = array(); - $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); + foreach ($packet['iq']['#']['query'][0]['#'] as $element => $data) + { + if ($element != 'instructions' && $element != 'key') + { + $res[] = $element; + } + } - // was a result returned? - return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false; + return $res; + } + else + { + return 3; + } } /** - * Send auth digest - * @access private + * register with the transport + * method written by Steve Blinch, http://www.blitzaffe.com */ - function _sendauth_digest() + function transport_registration($transport, $details) { - $payload = "{$this->username} - {$this->resource} - " . sha1($this->stream_id . $this->password) . ""; - - $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); - - // was a result returned? - return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false; - } + $this->txnid++; + $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", 'jabber:iq:register', NULL, $this->jid); - /** - * Send auth plain - * @access private - */ - function _sendauth_plaintext() - { - $payload = "{$this->username} - {$this->password} - {$this->resource}"; + if ($packet) + { + // just in case a key was passed back from the server + $key = $this->get_info_from_iq_key($packet); + unset($packet); - $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); + $payload = ($key) ? "$key\n" : ''; + foreach ($details as $element => $value) + { + $payload .= "<$element>$value\n"; + } - // was a result returned? - return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false; - } + $packet = $this->send_iq($transport, 'set', "reg_{$this->txnid}", 'jabber:iq:register', $payload); - /** - * Listen on socket - * @access private - */ + if ($this->get_info_from_iq_type($packet) == 'result') + { + $return_code = (isset($packet['iq']['#']['query'][0]['#']['registered'][0]['#'])) ? 1 : 2; + } + else if ($this->get_info_from_iq_type($packet) == 'error') + { + if (isset($packet['iq']['#']['error'][0]['#'])) + { + $return_code = 'Error ' . $packet['iq']['#']['error'][0]['@']['code'] . ': ' . $packet['iq']['#']['error'][0]['#']; + $this->add_to_log('ERROR: transport_registration()'); + } + } + + return $return_code; + } + else + { + return 3; + } + } + + /** + * Return log + */ + function get_log() + { + if ($this->enable_logging && sizeof($this->log_array)) + { + return implode("\n\n", $this->log_array); + } + + return ''; + } + + /** + * Add information to log + */ + function add_to_log($string) + { + if ($this->enable_logging) + { + $this->log_array[] = htmlspecialchars($string); + } + } + + + // ====================================================================== + // private methods + // ====================================================================== + + /** + * Send auth + * @access private + */ + function _sendauth_ok($zerok_token, $zerok_sequence) + { + // initial hash of password + $zerok_hash = sha1($this->password); + + // sequence 0: hash of hashed-password and token + $zerok_hash = sha1($zerok_hash . $zerok_token); + + // repeat as often as needed + for ($i = 0; $i < $zerok_sequence; $i++) + { + $zerok_hash = sha1($zerok_hash); + } + + $payload = "{$this->username} + $zerok_hash + {$this->resource}"; + + $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); + + // was a result returned? + if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) + { + return true; + } + else + { + $this->add_to_log('ERROR: _sendauth_ok() #1'); + return false; + } + } + + /** + * Send auth digest + * @access private + */ + function _sendauth_digest() + { + $payload = "{$this->username} + {$this->resource} + " . sha1($this->stream_id . $this->password) . ""; + + $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); + + // was a result returned? + if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) + { + return true; + } + else + { + $this->add_to_log('ERROR: _sendauth_digest() #1'); + return false; + } + } + + /** + * Send auth plain + * @access private + */ + function _sendauth_plaintext() + { + $payload = "{$this->username} + {$this->password} + {$this->resource}"; + + $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); + + // was a result returned? + if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) + { + return true; + } + else + { + $this->add_to_log('ERROR: _sendauth_plaintext() #1'); + return false; + } + } + + /** + * Listen on socket + * @access private + */ function _listen_incoming() { $incoming = ''; @@ -695,6 +792,12 @@ class jabber } $incoming = trim($incoming); + + if ($incoming != '') + { + $this->add_to_log('RECV: ' . $incoming); + } + return $this->xmlize($incoming); } @@ -708,40 +811,82 @@ class jabber if (is_array($incoming_array)) { - if ($incoming_array['stream:stream']['@']['from'] == $this->server - && $incoming_array['stream:stream']['@']['xmlns'] == 'jabber:client' - && $incoming_array['stream:stream']['@']['xmlns:stream'] == 'http://etherx.jabber.org/streams') + if ($incoming_array['stream:stream']['@']['from'] == $this->server && $incoming_array['stream:stream']['@']['xmlns'] == 'jabber:client' && $incoming_array['stream:stream']['@']['xmlns:stream'] == 'http://etherx.jabber.org/streams') { $this->stream_id = $incoming_array['stream:stream']['@']['id']; - return true; + if ($incoming_array['stream:stream']['#']['stream:features'][0]['#']['starttls'][0]['@']['xmlns'] == 'urn:ietf:params:xml:ns:xmpp-tls') + { + return $this->_starttls(); + } + else + { + return true; + } } else { + $this->add_to_log('ERROR: _check_connected() #1'); return false; } } else { + $this->add_to_log('ERROR: _check_connected() #2'); return false; } } /** - * Split incoming packet + * Start TLS/SSL session if supported (PHP5.1) * @access private */ - function _split_incoming($incoming) + function _starttls() { - $temp = preg_split('#<(message|iq|presence|stream)#', $incoming, -1, PREG_SPLIT_DELIM_CAPTURE); - $array = array(); + if (!function_exists('stream_socket_enable_crypto') || !function_exists('stream_get_meta_data') || !function_exists('socket_set_blocking')) + { + $this->add_to_log('WARNING: TLS is not available'); + return true; + } - for ($a = 1; $a < sizeof($temp); $a = $a + 2) + $this->send_packet("\n"); + sleep(2); + $incoming_array = $this->_listen_incoming(); + + if (!is_array($incoming_array)) { - $array[] = '<' . $temp[$a] . $temp[($a + 1)]; + $this->add_to_log('ERROR: _starttls() #1'); + return false; } - return $array; + if ($incoming_array['proceed']['@']['xmlns'] != 'urn:ietf:params:xml:ns:xmpp-tls') + { + $this->add_to_log('ERROR: _starttls() #2'); + return false; + } + + $meta = stream_get_meta_data($this->connector->active_socket); + socket_set_blocking($this->connector->active_socket, 1); + + if (!stream_socket_enable_crypto($this->connector->active_socket, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) + { + socket_set_blocking($this->connector->active_socket, $meta['blocked']); + $this->add_to_log('ERROR: _starttls() #3'); + return false; + } + socket_set_blocking($this->connector->active_socket, $meta['blocked']); + + $this->send_packet("\n"); + $this->send_packet("\n"); + sleep(2); + + if (!$this->_check_connected()) + { + $this->add_to_log('ERROR: _starttls() #4'); + return false; + } + + return true; } /** @@ -759,6 +904,23 @@ class jabber return ($packet_type) ? $packet_type : false; } + /** + * Split incoming packet + * @access private + */ + function _split_incoming($incoming) + { + $temp = preg_split('#<(message|iq|presence|stream)#', $incoming, -1, PREG_SPLIT_DELIM_CAPTURE); + $array = array(); + + for ($i = 1, $size = sizeof($temp); $i < $size; $i += 2) + { + $array[] = '<' . $temp[$i] . $temp[($i + 1)]; + } + + return $array; + } + /** * Recursively prepares the strings in an array to be used in XML data. * @access private @@ -843,6 +1005,14 @@ class jabber return (is_array($packet)) ? $packet['message']['#']['body'][0]['#'] : false; } + /** + * Get info from message (xmlns) + */ + function get_info_from_message_xmlns($packet = NULL) + { + return (is_array($packet)) ? $packet['message']['#']['x'] : false; + } + /** * Get info from message (error) */ @@ -902,25 +1072,90 @@ class jabber // ====================================================================== /** - * return message (from) + * Message type normal */ function handler_message_normal($packet) { $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type normal) from $from"); } /** - * return error (from) + * Message type chat + */ + function handler_message_chat($packet) + { + $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type chat) from $from"); + } + + /** + * Message type groupchat + */ + function handler_message_groupchat($packet) + { + $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type groupchat) from $from"); + } + + /** + * Message type headline + */ + function handler_message_headline($packet) + { + $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type headline) from $from"); + } + + /** + * Message type error */ function handler_message_error($packet) { $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type error) from $from"); } // ====================================================================== // handlers // ====================================================================== + /** + * application version updates + */ + function handler_iq_jabber_iq_autoupdate($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:autoupdate from $from"); + } + + /** + * interactive server component properties + */ + function handler_iq_jabber_iq_agent($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:agent from $from"); + } + + /** + * method to query interactive server components + */ + function handler_iq_jabber_iq_agents($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:agents from $from"); + } + /** * simple client authentication */ @@ -930,6 +1165,31 @@ class jabber $id = $this->get_info_from_iq_id($packet); $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:auth from $from"); + } + + /** + * out of band data + */ + function handler_iq_jabber_iq_oob($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:oob from $from"); + } + + /** + * method to store private data on the server + */ + function handler_iq_jabber_iq_private($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:private from $from"); } /** @@ -941,19 +1201,89 @@ class jabber $id = $this->get_info_from_iq_id($packet); $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:register from $from"); + } + + /** + * client roster management + */ + function handler_iq_jabber_iq_roster($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:roster from $from"); } /** - * keepalive method, added by Nathan Fritz + * method for searching a user database */ - function handler_iq_($packet) + function handler_iq_jabber_iq_search($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:search from $from"); + } + + /** + * method for requesting the current time + */ + function handler_iq_jabber_iq_time($packet) { if ($this->keep_alive_id == $this->get_info_from_iq_id($packet)) { $this->returned_keep_alive = true; + $this->connected = true; + + $this->add_to_log('EVENT: Keep-Alive returned, connection alive.'); + } + + $type = $this->get_info_from_iq_type($packet); + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + $id = ($id != '') ? $id : 'time_' . time(); + + if ($type == 'get') + { + $payload = '' . gmdate("Ydm\TH:i:s") . '' . date('T') . '' . date("Y/d/m h:i:s A") . ''; + $this->send_iq($from, 'result', $id, 'jabber:iq:time', $payload); + } + + $this->add_to_log("EVENT: jabber:iq:time (type $type) from $from"); + } + + /** + */ + function handler_iq_error($packet) + { + // We'll do something with these later. This is a placeholder so that errors don't bounce back and forth. + } + + /** + * method for requesting version + */ + function handler_iq_jabber_iq_version($packet) + { + $type = $this->get_info_from_iq_type($packet); + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + $id = ($id != '') ? $id : 'version_' . time(); + + if ($type == 'get') + { + $payload = "{$this->iq_version_name} + {$this->iq_version_os} + {$this->iq_version_version}"; + + //$this->SendIq($from, 'result', $id, "jabber:iq:version", $payload); } + + $this->add_to_log("EVENT: jabber:iq:version (type $type) from $from -- DISABLED"); } - + // ====================================================================== // Generic handlers // ====================================================================== @@ -968,28 +1298,34 @@ class jabber $id = call_user_func(array(&$this, 'get_info_from_' . strtolower($packet_type) . '_id'), $packet); $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: Unrecognized <$packet_type/> from $from"); } + // ====================================================================== // Third party code // m@d pr0ps to the coders ;) + // ====================================================================== /** * xmlize() - * (c) Hans Anderson / http://www.hansanderson.com/php/xml/ + * @author Hans Anderson + * @copyright Hans Anderson / http://www.hansanderson.com/php/xml/ */ - function xmlize($data) + function xmlize($data, $skip_white = 1, $encoding = 'UTF-8') { + $data = trim($data); + $vals = $index = $array = array(); - $parser = @xml_parser_create(); - @xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); - @xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1); - @xml_parse_into_struct($parser, $data, $vals, $index); - @xml_parser_free($parser); + $parser = xml_parser_create($encoding); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); + xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, $skip_white); + xml_parse_into_struct($parser, $data, $vals, $index); + xml_parser_free($parser); $i = 0; - $tagname = $vals[$i]['tag']; - $array[$tagname]['@'] = $vals[$i]['attributes']; + + $array[$tagname]['@'] = (isset($vals[$i]['attributes'])) ? $vals[$i]['attributes'] : array(); $array[$tagname]['#'] = $this->_xml_depth($vals, $i); return $array; @@ -997,47 +1333,51 @@ class jabber /** * _xml_depth() - * (c) Hans Anderson / http://www.hansanderson.com/php/xml/ + * @author Hans Anderson + * @copyright Hans Anderson / http://www.hansanderson.com/php/xml/ */ function _xml_depth($vals, &$i) { $children = array(); - if (isset($vals[$i]['value']) && $vals[$i]['value']) + if (isset($vals[$i]['value'])) { - array_push($children, trim($vals[$i]['value'])); + array_push($children, $vals[$i]['value']); } while (++$i < sizeof($vals)) { switch ($vals[$i]['type']) { - case 'cdata': - array_push($children, trim($vals[$i]['value'])); - break; + case 'open': - case 'complete': - $tagname = $vals[$i]['tag']; + $tagname = (isset($vals[$i]['tag'])) ? $vals[$i]['tag'] : ''; $size = (isset($children[$tagname])) ? sizeof($children[$tagname]) : 0; - $children[$tagname][$size]['#'] = (isset($vals[$i]['value'])) ? trim($vals[$i]['value']) : ''; - if (isset($vals[$i]['attributes']) && $vals[$i]['attributes']) + + if (isset($vals[$i]['attributes'])) { $children[$tagname][$size]['@'] = $vals[$i]['attributes']; } + + $children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i); + break; - case 'open': + case 'cdata': + array_push($children, $vals[$i]['value']); + break; + + case 'complete': + $tagname = $vals[$i]['tag']; $size = (isset($children[$tagname])) ? sizeof($children[$tagname]) : 0; - if ($vals[$i]['attributes']) + $children[$tagname][$size]['#'] = (isset($vals[$i]['value'])) ? $vals[$i]['value'] : array(); + + if (isset($vals[$i]['attributes'])) { $children[$tagname][$size]['@'] = $vals[$i]['attributes']; - $children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i); - } - else - { - $children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i); } + break; case 'close': @@ -1050,8 +1390,9 @@ class jabber } /** - * traverse_xmlize() - * (c) acebone@f2s.com, a HUGE help! + * TraverseXMLize() + * @author acebone@f2s.com + * @copyright acebone@f2s.com, a HUGE help! */ function traverse_xmlize($array, $arr_name = 'array', $level = 0) { @@ -1060,7 +1401,7 @@ class jabber echo '
';
 		}
 
-		while (list($key, $val) = @each($array))
+		foreach ($array as $key => $val)
 		{
 			if (is_array($val))
 			{
@@ -1068,7 +1409,7 @@ class jabber
 			}
 			else
 			{
-				echo '$' . $arr_name . '[' . $key . '] = "' . $val . "\"\n";
+				$GLOBALS['traverse_array'][] = '$' . $arr_name . '[' . $key . '] = "' . $val . "\"\n";
 			}
 		}
 
@@ -1076,117 +1417,13 @@ class jabber
 		{
 			echo '
'; } - } -} - -/** -* make_xml -* Currently not in use -* @package phpBB3 -class make_xml extends jabber -{ - var $nodes; - - function make_xml() - { - $nodes = array(); - } - - function add_packet_details($string, $value = NULL) - { - if (preg_match('#\(([0-9]*)\)$#i', $string)) - { - $string .= '/["#"]'; - } - - $temp = @explode('/', $string); - - for ($a = 0, $size = sizeof($temp); $a < $size; $a++) - { - $temp[$a] = preg_replace('#^[@]{1}([a-z0-9_]*)$#i', '["@"]["\1"]', $temp[$a]); - $temp[$a] = preg_replace('#^([a-z0-9_]*)\(([0-9]*)\)$/i', '["\1"][\2]', $temp[$a]); - $temp[$a] = preg_replace('#^([a-z0-9_]*)$#i', '["\1"]', $temp[$a]); - } - - $node = implode('', $temp); - - // Yeahyeahyeah, I know it's ugly... get over it. ;) - echo '$this->nodes' . $node . ' = "' . htmlspecialchars($value) . '";
'; - eval('$this->nodes' . $node . ' = "' . htmlspecialchars($value) . '";'); - } - - function build_packet($array = NULL) - { - if (!$array) - { - $array = $this->nodes; - } - - if (is_array($array)) - { - array_multisort($array, SORT_ASC, SORT_STRING); - - foreach ($array as $key => $value) - { - if (is_array($value) && $key == '@') - { - foreach ($value as $subkey => $subvalue) - { - $subvalue = htmlspecialchars($subvalue); - $text .= " $subkey='$subvalue'"; - } - - $text .= ">\n"; - - } - else if ($key == '#') - { - $text .= htmlspecialchars($value); - } - else if (is_array($value)) - { - for ($a = 0, $size = sizeof($value); $a < $size; $a++) - { - $text .= "<$key"; - - if (!$this->_preg_grep_keys('#^@#', $value[$a])) - { - $text .= '>'; - } - $text .= $this->build_packet($value[$a]); - $text .= "\n"; - } - } - else - { - $value = htmlspecialchars($value); - $text .= "<$key>$value\n"; - } - } - - return $text; - } - - return false; - } - - function _preg_grep_keys($pattern, $array) - { - foreach ($array as $key => $val) - { - if (preg_match($pattern, $key)) - { - $newarray[$key] = $val; - } - } - return (is_array($newarray)) ? $newarray : false; + return 1; } } -*/ /** -* connector +* Jabber Connector * @package phpBB3 */ class cjp_standard_connector @@ -1198,7 +1435,21 @@ class cjp_standard_connector */ function open_socket($server, $port) { - if ($this->active_socket = @fsockopen($server, $port, $err, $err2, 5)) + if (function_exists('dns_get_record')) + { + $record = dns_get_record("_xmpp-client._tcp.$server", DNS_SRV); + + if (!empty($record)) + { + $server = $record[0]['target']; + $port = $record[0]['port']; + } + } + + $errno = 0; + $errstr = ''; + + if ($this->active_socket = @fsockopen($server, $port, $errno, $errstr, 5)) { @socket_set_blocking($this->active_socket, 0); @socket_set_timeout($this->active_socket, 31536000); @@ -1233,9 +1484,7 @@ class cjp_standard_connector function read_from_socket($chunksize) { $buffer = @fread($this->active_socket, $chunksize); - - //$buffer = (STRIP) ? stripslashes($buffer) : $buffer; - //@set_magic_quotes_runtime(get_magic_quotes_gpc()); + $buffer = (STRIP) ? stripslashes($buffer) : $buffer; return $buffer; } diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index 983ec7f0a5..0edf294063 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -417,13 +417,7 @@ class messenger if (!$use_queue) { include_once($phpbb_root_path . 'includes/functions_jabber.'.$phpEx); - $this->jabber = new jabber; - - $this->jabber->server = $config['jab_host']; - $this->jabber->port = ($config['jab_port']) ? $config['jab_port'] : 5222; - $this->jabber->username = $config['jab_username']; - $this->jabber->password = $config['jab_password']; - $this->jabber->resource = ($config['jab_resource']) ? $config['jab_resource'] : ''; + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_resource']); if (!$this->jabber->connect()) { @@ -557,13 +551,7 @@ class queue } include_once($phpbb_root_path . 'includes/functions_jabber.'.$phpEx); - $this->jabber = new jabber; - - $this->jabber->server = $config['jab_host']; - $this->jabber->port = ($config['jab_port']) ? $config['jab_port'] : 5222; - $this->jabber->username = $config['jab_username']; - $this->jabber->password = $config['jab_password']; - $this->jabber->resource = ($config['jab_resource']) ? $config['jab_resource'] : ''; + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_resource']); if (!$this->jabber->connect()) { @@ -603,14 +591,19 @@ class queue $message = 'Method: [ ' . (($config['smtp_delivery']) ? 'SMTP' : 'PHP') . ' ]

' . $err_msg . '

CALLING PAGE

' . ((!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']); messenger::error('EMAIL', $message); - continue 3; + continue 2; } break; case 'jabber': foreach ($addresses as $address) { - $this->jabber->send_message($address, 'normal', NULL, array('body' => $msg)); + if ($this->jabber->send_message($address, 'normal', NULL, array('body' => $msg)) === false) + { + $message = 'Method: [ JABBER ]

' . $this->jabber->get_log() . '

CALLING PAGE

' . ((!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']); + messenger::error('JABBER', $message); + continue 3; + } } break; } diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index a24e26fe20..6e6cc1020e 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -1899,7 +1899,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u trigger_error('NO_SUCH_SEARCH_MODULE'); } - require("{$phpbb_root_path}includes/search/$search_type.$phpEx"); + require_once("{$phpbb_root_path}includes/search/$search_type.$phpEx"); $error = false; $search = new $search_type($error); diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 1c05e48ae3..b8b4c6a6dd 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -141,10 +141,6 @@ function user_add($user_row, $cp_data = false) 'user_type' => $user_row['user_type'], ); - /** - * @todo user_allow_email is not used anywhere. Think about removing it. - */ - // These are the additional vars able to be specified $additional_vars = array( 'user_permissions' => '', @@ -182,7 +178,6 @@ function user_add($user_row, $cp_data = false) 'user_notify_pm' => 1, 'user_notify_type' => NOTIFY_EMAIL, 'user_allow_pm' => 1, - 'user_allow_email' => 1, 'user_allow_viewonline' => 1, 'user_allow_viewemail' => 1, 'user_allow_massemail' => 1, @@ -265,23 +260,34 @@ function user_delete($mode, $user_id, $post_username = false) switch ($mode) { case 'retain': + + if ($post_username === false) + { + $post_username = $user->lang['GUEST']; + } + $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET forum_last_poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "'" : '') . ", forum_last_poster_colour = '' + SET forum_last_poster_id = ' . ANONYMOUS . ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "', forum_last_poster_colour = '' WHERE forum_last_poster_id = $user_id"; $db->sql_query($sql); $sql = 'UPDATE ' . POSTS_TABLE . ' - SET poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", post_username = '" . $db->sql_escape($post_username) . "'" : '') . " + SET poster_id = ' . ANONYMOUS . ", post_username = '" . $db->sql_escape($post_username) . "' WHERE poster_id = $user_id"; $db->sql_query($sql); + $sql = 'UPDATE ' . POSTS_TABLE . ' + SET post_edit_user = ' . ANONYMOUS . " + WHERE post_edit_user = $user_id"; + $db->sql_query($sql); + $sql = 'UPDATE ' . TOPICS_TABLE . ' - SET topic_poster = ' . ANONYMOUS . " + SET topic_poster = ' . ANONYMOUS . ", topic_first_poster_name = '" . $db->sql_escape($post_username) . "', topic_first_poster_colour = '' WHERE topic_poster = $user_id"; $db->sql_query($sql); $sql = 'UPDATE ' . TOPICS_TABLE . ' - SET topic_last_poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "'" : '') . " + SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = '' WHERE topic_last_poster_id = $user_id"; $db->sql_query($sql); break; @@ -413,99 +419,96 @@ function user_delete($mode, $user_id, $post_username = false) set_config('num_users', $config['num_users'] - 1, true); - // Adjust last post info... - - $db->sql_transaction('commit'); return false; } /** -* Flips user_type from active to inactive and vice versa, handles -* group membership updates +* Flips user_type from active to inactive and vice versa, handles group membership updates +* +* @param string $mode can be flip for flipping from active/inactive, activate or deactivate */ -function user_active_flip($user_id, $user_type, $user_actkey = false, $username = false, $reason = 0, $no_log = false) +function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) { - global $db, $user, $auth; + global $config, $db, $user; - $sql = 'SELECT group_id, group_name - FROM ' . GROUPS_TABLE . " - WHERE group_name IN ('REGISTERED', 'REGISTERED_COPPA', 'INACTIVE', 'INACTIVE_COPPA')"; - $result = $db->sql_query($sql); + $deactivated = $activated = 0; + $sql_statements = array(); - $group_id_ary = array(); - while ($row = $db->sql_fetchrow($result)) + if (!is_array($user_id_ary)) { - $group_id_ary[$row['group_name']] = $row['group_id']; + $user_id_ary = array($user_id_ary); } - $db->sql_freeresult($result); - $sql = 'SELECT group_id - FROM ' . USER_GROUP_TABLE . " - WHERE user_id = $user_id"; + if (!sizeof($user_id_ary)) + { + return; + } + + $sql = 'SELECT user_id, group_id, user_type, user_inactive_reason + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', $user_id_ary); $result = $db->sql_query($sql); - $group_name = ($user_type == USER_NORMAL) ? 'REGISTERED' : 'INACTIVE'; while ($row = $db->sql_fetchrow($result)) { - if ($name = array_search($row['group_id'], $group_id_ary)) + $sql_ary = array(); + + if ($row['user_type'] == USER_IGNORE || $row['user_type'] == USER_FOUNDER || + ($mode == 'activate' && $row['user_type'] != USER_INACTIVE) || + ($mode == 'deactivate' && $row['user_type'] == USER_INACTIVE)) { - $group_name = $name; - break; + continue; } - } - $db->sql_freeresult($result); - - $current_group = ($user_type == USER_NORMAL) ? 'REGISTERED' : 'INACTIVE'; - $switch_group = ($user_type == USER_NORMAL) ? 'INACTIVE' : 'REGISTERED'; - $new_group_id = $group_id_ary[str_replace($current_group, $switch_group, $group_name)]; + if ($row['user_type'] == USER_INACTIVE) + { + $activated++; + } + else + { + $deactivated++; - $sql = 'UPDATE ' . USER_GROUP_TABLE . " - SET group_id = $new_group_id - WHERE user_id = $user_id - AND group_id = " . $group_id_ary[$group_name]; - $db->sql_query($sql); + // Remove the users session key... + $user->reset_login_keys($row['user_id']); + } - $sql_ary = array( - 'user_type' => ($user_type == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL, - 'user_inactive_time' => ($user_type == USER_NORMAL) ? time() : 0, - 'user_inactive_reason' => ($user_type == USER_NORMAL) ? $reason : 0, - ); + $sql_ary += array( + 'user_type' => ($row['user_type'] == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL, + 'user_inactive_time' => ($row['user_type'] == USER_NORMAL) ? time() : 0, + 'user_inactive_reason' => ($row['user_type'] == USER_NORMAL) ? $reason : 0, + ); - if ($user_actkey !== false) - { - $sql_ary['user_actkey'] = $user_actkey; + $sql_statements[$row['user_id']] = $sql_ary; } + $db->sql_freeresult($result); - $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " - WHERE user_id = $user_id"; - $db->sql_query($sql); - - // Set the users default group from inactive to registered or registered to inactive - // only if the group id changed... - group_set_user_default($new_group_id, array($user_id)); - - $auth->acl_clear_prefetch($user_id); - - if (!$no_log) + if (sizeof($sql_statements)) { - if ($username === false) + foreach ($sql_statements as $user_id => $sql_ary) { - $sql = 'SELECT username - FROM ' . USERS_TABLE . " - WHERE user_id = $user_id"; - $result = $db->sql_query($sql); - $username = (string) $db->sql_fetchfield('username'); - $db->sql_freeresult($result); + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user_id; + $db->sql_query($sql); } - $log = ($user_type == USER_NORMAL) ? 'LOG_USER_INACTIVE' : 'LOG_USER_ACTIVE'; - add_log('admin', $log, $username); + $auth->acl_clear_prefetch(array_keys($sql_statements)); } - return false; + if ($deactivated) + { + set_config('num_users', $config['num_users'] - $deactivated, true); + } + + if ($activated) + { + set_config('num_users', $config['num_users'] + $activated, true); + } + + // Update latest username + update_last_username(); } /** diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index b0237c2f3f..41708d19ab 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -127,9 +127,6 @@ class session * * @param bool $update_session_page if true the session page gets updated. * This can be set to circumvent certain scripts to update the users last visited page. - * - * @todo Introduce further user types, bot, guest - * @todo Change user_type (as above) to a bitfield? user_type & USER_FOUNDER for example */ function session_begin($update_session_page = true) { @@ -148,9 +145,6 @@ class session if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_u'])) { - // Switch to request_var ... can this cause issues, can a _GET/_POST param - // be used to poison this? Not sure that it makes any difference in terms of - // the end result, be it a cookie or param. $this->cookie_data['u'] = request_var($config['cookie_name'] . '_u', 0, false, true); $this->cookie_data['k'] = request_var($config['cookie_name'] . '_k', '', false, true); $this->session_id = request_var($config['cookie_name'] . '_sid', '', false, true); @@ -265,7 +259,6 @@ class session $db->sql_query($sql); } - // Ultimately to be removed $this->data['is_registered'] = ($this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false; $this->data['is_bot'] = (!$this->data['is_registered'] && $this->data['user_id'] != ANONYMOUS) ? true : false; @@ -275,7 +268,10 @@ class session else { // Added logging temporarly to help debug bugs... - add_log('critical', 'LOG_IP_BROWSER_CHECK', $u_ip, $s_ip, $u_browser, $s_browser); + if (defined('DEBUG_EXTRA')) + { + add_log('critical', 'LOG_IP_BROWSER_CHECK', $u_ip, $s_ip, $u_browser, $s_browser); + } } } } @@ -374,7 +370,7 @@ class session $sql = 'SELECT u.* FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k WHERE u.user_id = ' . (int) $this->cookie_data['u'] . ' - AND u.user_type <> ' . USER_INACTIVE . " + AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ") AND k.user_id = u.user_id AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'"; $result = $db->sql_query($sql); @@ -389,7 +385,7 @@ class session $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . (int) $this->cookie_data['u'] . ' - AND user_type <> ' . USER_INACTIVE; + AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')'; $result = $db->sql_query($sql); $this->data = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -439,18 +435,14 @@ class session // session exists in which case session_id will also be set // Is user banned? Are they excluded? Won't return on ban, exists within method - // @todo Change to !$this->data['user_type'] & USER_FOUNDER && !$this->data['user_type'] & USER_BOT in time if ($this->data['user_type'] != USER_FOUNDER) { $this->check_ban($this->data['user_id'], $this->ip); } - // - // Do away with ultimately? - $this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS) ? true : false; + + $this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false; $this->data['is_bot'] = ($bot) ? true : false; - // - // // If our friend is a bot, we re-assign a previously assigned session if ($this->data['is_bot'] && $bot === $this->data['user_id'] && $this->data['session_id']) @@ -493,8 +485,8 @@ class session } } - // @todo Change this ... check for "... && user_type & USER_NORMAL" ? $session_autologin = (($this->cookie_data['k'] || $persist_login) && $this->data['is_registered']) ? true : false; + $set_admin = ($set_admin && $this->data['is_registered']) ? true : false; // Create or update the session $sql_ary = array( @@ -734,20 +726,11 @@ class session { global $config; - if (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') - { - @setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path']); - } - else - { - // Firefox does not allow setting cookies with a domain containing no periods. - if (strpos($config['cookie_domain'], '.') === false) - { - $config['cookie_domain'] = '.' . $config['cookie_domain']; - } + $name_data = rawurlencode($config['cookie_name'] . '_' . $name) . '=' . rawurlencode($cookiedata); + $expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime); + $domain = (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain']; - @setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']); - } + header('Set-Cookie: ' . $name_data . '; expires=' . $expire . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false); } /** @@ -1020,15 +1003,20 @@ class user extends session $this->timezone = $config['board_timezone'] * 3600; $this->dst = $config['board_dst'] * 3600; -/* Browser-specific language setting removed - might re-appear later + /** + * If a guest user is surfing, we try to guess his/her language first by obtaining the browser language + * @todo if re-enabled we need to make sure only those languages installed are checked if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); + foreach ($accept_lang_ary as $accept_lang) { // Set correct format ... guess full xx_YY form $accept_lang = substr($accept_lang, 0, 2) . '_' . strtoupper(substr($accept_lang, 3, 2)); + $accept_lang = basename($accept_lang); + if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx")) { $this->lang_name = $config['default_lang'] = $accept_lang; @@ -1039,6 +1027,8 @@ class user extends session { // No match on xx_YY so try xx $accept_lang = substr($accept_lang, 0, 2); + $accept_lang = basename($accept_lang); + if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx")) { $this->lang_name = $config['default_lang'] = $accept_lang; @@ -1048,7 +1038,7 @@ class user extends session } } } -*/ + */ } // We include common language file here to not load it every time a custom language file is included diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index b3c857b5d8..a6c1f82529 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -53,7 +53,6 @@ class ucp_activate if ($update_password) { $sql_ary = array( - 'user_type' => USER_NORMAL, 'user_actkey' => '', 'user_password' => $user_row['user_newpasswd'], 'user_newpasswd' => '' @@ -69,12 +68,12 @@ class ucp_activate { include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); - // Now we need to demote the user from the inactive group and add him to the registered group - user_active_flip($user_row['user_id'], $user_row['user_type'], '', $user_row['username'], 0, true); + user_active_flip('activate', $user_row['user_id']); - // Update last username - update_last_username(); - set_config('num_users', $config['num_users'] + 1, true); + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_actkey = '' + WHERE user_id = {$user_row['user_id']}"; + $db->sql_query($sql); } if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 15c7699253..011b87ddf2 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -120,7 +120,7 @@ class ucp_profile add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $username, $user->data['user_email'], $email); } - if ($config['email_enable'] && $email != $user->data['user_email'] && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) + if ($config['email_enable'] && $email != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) { include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx); @@ -185,11 +185,10 @@ class ucp_profile $messenger->save_queue(); + user_active_flip('deactivate', $user_id, INACTIVE_PROFILE); + $sql_ary += array( - 'user_type' => USER_INACTIVE, 'user_actkey' => $user_actkey, - 'user_inactive_reason' => INACTIVE_PROFILE, - 'user_inactive_time' => time(), ); } diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 49246ca4c0..e3e1315721 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -220,9 +220,7 @@ class ucp_register $server_url = generate_board_url(); // Which group by default? - $group_reg = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; - $group_inactive = ($coppa) ? 'INACTIVE_COPPA' : 'INACTIVE'; - $group_name = ($config['require_activation'] == USER_ACTIVATION_NONE || !$config['email_enable']) ? $group_reg : $group_inactive; + $group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php index 84ce3fe9b7..63d3aea790 100644 --- a/phpBB/includes/ucp/ucp_resend.php +++ b/phpBB/includes/ucp/ucp_resend.php @@ -46,7 +46,7 @@ class ucp_resend trigger_error('ACCOUNT_ALREADY_ACTIVATED'); } - // Determine coppa status on group (INACTIVE(_COPPA)) + // Determine coppa status on group (REGISTERED(_COPPA)) $sql = 'SELECT group_name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id = ' . $user_row['group_id']; @@ -59,7 +59,7 @@ class ucp_resend trigger_error('NO_GROUP'); } - $coppa = ($row['group_name'] == 'INACTIVE_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false; + $coppa = ($row['group_name'] == 'REGISTERED_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false; include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(false); -- cgit v1.2.1