Nemcio/Kleeja
1
0
Fork 0
mirror of https://github.com/kleeja-official/kleeja.git synced 2025-12-16 04:59:42 +01:00
Code Issues Packages Projects Releases Activity

Miscellaneous changes

Browse Source 
* PHP code style fixes
* Updated database schema for upgrade
This commit is contained in:
H.Rouatbi
2024-10-07 17:15:05 +01:00
parent 552423c700
commit 3cdfa9ce5a
47 changed files with 5007 additions and 4639 deletions
Download Patch File Download Diff File Expand all files Collapse all files

137
includes/usr.php
View File

@@ -9,17 +9,18 @@
//no for directly open
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit();
}
class usrcp
{
private $user_id = -1;
private $group_id = 2;
private $user_name = null;
private $user_mail = null;
private $user_id = -1;
private $group_id = 2;
private $user_name = null;
private $user_mail = null;
private $last_visit = null;
public function data($name, $pass, $hashed = false, $expire = 86400, $loginadm = false)
@@ -33,7 +34,8 @@ class usrcp
is_array($plugin_run_result = Plugins::getInstance()->run('data_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
if ($return_now) {
if ($return_now)
{
return $login_status;
}
@@ -48,7 +50,8 @@ class usrcp
is_array($plugin_run_result = Plugins::getInstance()->run('auth_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
if ($return_now) {
if ($return_now)
{
return $auth_status;
}
@@ -73,18 +76,24 @@ class usrcp
'LIMIT' => '1'
];
if ($hashed) {
if ($hashed)
{
$query['WHERE'] = 'id=' . intval($name) . " and password='" . $SQL->escape($pass) . "'";
} else {
}
else
{
$query['WHERE'] = "clean_name='" . $SQL->real_escape($this->cleanusername($name)) . "'";
}
is_array($plugin_run_result = Plugins::getInstance()->run('qr_select_usrdata_n_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
$result = $SQL->build($query);
if ($SQL->num_rows($result)) {
while ($row=$SQL->fetch_array($result)) {
if (empty($row['password'])) {
if ($SQL->num_rows($result))
{
while ($row=$SQL->fetch_array($result))
{
if (empty($row['password']))
{
//more security
return false;
}
@@ -92,10 +101,13 @@ class usrcp
$phppass = $hashed ? $pass : $pass . $row['password_salt'];
//CHECK IF IT'S MD5 PASSWORD
if (strlen($row['password']) == '32' && empty($row['password_salt']) && defined('CONVERTED_SCRIPT')) {
if (strlen($row['password']) == '32' && empty($row['password_salt']) && defined('CONVERTED_SCRIPT'))
{
$passmd5 = md5($pass);
////update old md5 hash to phpass hash
if ($row['password'] == $passmd5) {
if ($row['password'] == $passmd5)
{
////new salt
$new_salt = substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7);
////new password hash
@@ -111,34 +123,39 @@ class usrcp
];
$SQL->build($update_query);
} else { //if the password is wrong
}
else //if the password is wrong
{
return false;
}
}
if (($phppass != $row['password'] && $hashed) || ($this->kleeja_hash_password($phppass, $row['password']) != true && $hashed == false)) {
if (($phppass != $row['password'] && $hashed) || ($this->kleeja_hash_password($phppass, $row['password']) != true && $hashed == false))
{
return false;
}
//all user fileds info
$userinfo = $row;
$this->user_id = $row['id'];
$this->group_id = $row['group_id'];
$this->user_name = $row['name'];
$this->user_mail = $row['mail'];
$this->user_id = $row['id'];
$this->group_id = $row['group_id'];
$this->user_name = $row['name'];
$this->user_mail = $row['mail'];
$this->last_visit = $row['last_visit'];
$user_y = base64_encode(serialize(['id'=>$row['id'], 'name'=>$row['name'], 'mail'=>$row['mail'], 'last_visit'=>$row['last_visit']]));
if (! $hashed && ! $loginadm) {
if (! $hashed && ! $loginadm)
{
$hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire);
$this->kleeja_set_cookie('ulogu', $this->en_de_crypt($row['id'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . $row['group_id'] . '|' . $user_y), $expire);
}
//if last visit > 1 minute then update it
if (empty($row['last_visit']) || time() - $row['last_visit'] > 60) {
$this->last_visit = time();
if (empty($row['last_visit']) || time() - $row['last_visit'] > 60)
{
$this->last_visit = time();
$update_last_visit = [
'UPDATE' => "{$dbprefix}users",
'SET' => 'last_visit=' . $this->last_visit,
@@ -154,7 +171,9 @@ class usrcp
unset($pass);
return true;
} else {
}
else
{
return false;
}
}
@@ -167,7 +186,8 @@ class usrcp
{
global $dbprefix, $SQL;
if (! $user_id) {
if (! $user_id)
{
$user_id = $this->id();
}
@@ -233,14 +253,15 @@ class usrcp
is_array($plugin_run_result = Plugins::getInstance()->run('logout_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
//acp
if (user_can('enter_acp') && ! empty($_SESSION['ADMINLOGIN'])) {
if (user_can('enter_acp') && ! empty($_SESSION['ADMINLOGIN']))
{
$this->logout_cp();
}
$this->user_id = -1;
$this->group_id = 2;
$this->user_name = null;
$this->user_mail = null;
$this->user_id = -1;
$this->group_id = 2;
$this->user_name = null;
$this->user_mail = null;
$this->last_visit = null;
//is ther any cookies
@@ -254,7 +275,8 @@ class usrcp
{
is_array($plugin_run_result = Plugins::getInstance()->run('logout_cp_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
if (! empty($_SESSION['ADMINLOGIN'])) {
if (! empty($_SESSION['ADMINLOGIN']))
{
unset($_SESSION['ADMINLOGIN'], $_SESSION['USER_SESS'] /*, $_SESSION['LAST_VISIT']*/);
}
@@ -272,7 +294,8 @@ class usrcp
['a','a','a','a','a','a','a','a','a','a','e','e','e','e','e','e','e','i','i','i','i','i','i','i','i','o','o','o','o','o','o','o','o','o','o','o','u','u','u','u','u','u','c','c','n','n','y','e']
];
if (empty($arabic_t)) {
if (empty($arabic_t))
{
//Arabic chars must be stay in utf8 format, so we encoded them
$arabic_t = unserialize(base64_decode('YToyOntpOjA7YToxMjp7aTowO3M6Mjoi2KMiO2k6MTtzOjI6ItilIjtpOjI7czoyOiLYpCI7aTozO3M6Mjoi2YAiO2k6NDtzOjI6Itm' .
'LIjtpOjU7czoyOiLZjCI7aTo2O3M6Mjoi2Y8iO2k6NztzOjI6ItmOIjtpOjg7czoyOiLZkCI7aTo5O3M6Mjoi2ZIiO2k6MTA7czoyOiLYoiI7aToxMTtzOjI6ItimIjt9aToxO' .
@@ -321,7 +344,8 @@ class usrcp
//
//when user add define('FORCE_COOKIES', true) in config.php we will make our settings of cookies
//
if (defined('FORCE_COOKIES')) {
if (defined('FORCE_COOKIES'))
{
$config['cookie_domain'] = ! empty($_SERVER['HTTP_HOST']) ? strtolower($_SERVER['HTTP_HOST']) : (! empty($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : @getenv('SERVER_NAME'));
$config['cookie_domain'] = str_replace('www.', '.', substr($config['cookie_domain'], 0, strpos($config['cookie_domain'], ':')));
$config['cookie_path'] = '/';
@@ -344,27 +368,32 @@ class usrcp
global $config;
static $txt = [];
if (empty($txt)) {
if (empty($config['h_key'])) {
if (empty($txt))
{
if (empty($config['h_key']))
{
$config['h_key'] = sha1(microtime());
}
$chars = str_split($config['h_key']);
foreach (range('a', 'z') as $k=>$v) {
if (! isset($chars[$k])) {
foreach (range('a', 'z') as $k=>$v)
{
if (! isset($chars[$k]))
{
break;
}
$txt[$v] = $chars[$k] . $k . '-';
}
}
switch ($type) {
switch ($type)
{
case 1:
$data = str_replace('=', '_', base64_encode($data));
$data = strtr($data, $txt);
break;
break;
case 2:
$txtx = array_flip($txt);
@@ -372,7 +401,7 @@ class usrcp
$data = strtr($data, $txtx);
$data = base64_decode(str_replace('_', '=', $data));
break;
break;
}
return $data;
@@ -405,28 +434,34 @@ class usrcp
];
//if login up
if ($this->kleeja_get_cookie('ulogu')) {
if ($this->kleeja_get_cookie('ulogu'))
{
$user_data = false;
list($user_id, $hashed_password, $expire_at, $hashed_expire, $group_id, $u_info) = @explode('|', $this->en_de_crypt($this->kleeja_get_cookie('ulogu'), 2));
//if not expire
if (($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at)) && ($expire_at > time())) {
if (! empty($u_info)) {
if (($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at)) && ($expire_at > time()))
{
if (! empty($u_info))
{
$userinfo = unserialize(base64_decode($u_info));
$userinfo['group_id'] = $group_id;
$userinfo['password'] = $hashed_password;
$user_data = $this->data($user_id, $hashed_password, true, $expire_at);
$user_data = $this->data($user_id, $hashed_password, true, $expire_at);
}
}
if ($user_data == false) {
if ($user_data == false)
{
$this->logout();
} else {
$this->user_id = $userinfo['id'];
$this->group_id = $userinfo['group_id'];
$this->user_name = $userinfo['name'];
$this->user_mail = $userinfo['mail'];
}
else
{
$this->user_id = $userinfo['id'];
$this->group_id = $userinfo['group_id'];
$this->user_name = $userinfo['name'];
$this->user_mail = $userinfo['mail'];
$this->last_visit = $userinfo['last_visit'];
return $user_data;
}
@@ -434,4 +469,4 @@ class usrcp
return false; //nothing
}
}
}