Nemcio/Kleeja
1
0
Fork 0
mirror of https://github.com/kleeja-official/kleeja.git synced 2025-12-15 12:39:41 +01:00
Code Issues Packages Projects Releases Activity

i hate vb, fixes #54

Browse Source
This commit is contained in:
Abdulrahman
2019-02-07 21:34:43 +03:00
parent 1e88ce025e
commit 44a969c577
1 changed files with 28 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
includes/auth_integration/vb.php
View File

@@ -16,7 +16,7 @@ if (!defined('IN_COMMON'))
//
//Path of config file in vb
//
if(!defined('SCRIPT_CONFIG_PATH'))
if(! defined('SCRIPT_CONFIG_PATH'))
{
define('SCRIPT_CONFIG_PATH', '/includes/config.php');
}
@@ -34,10 +34,24 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm =
$script_path = substr($script_path, 0, strlen($script_path));
}
//get some useful data from vb config file
$configExists = false;
if(file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH))
{
require_once (PATH . $script_path . SCRIPT_CONFIG_PATH);
$configPath = PATH . $script_path . SCRIPT_CONFIG_PATH;
$configExists = true;
}
else if(file_exists(PATH . $script_path . '/core/includes/config.php'))
{
$configPath = PATH . $script_path . '/core/includes/config.php';
$configExists = true;
$isVB5 = true;
}
//get some useful data from vb config file
if($configExists)
{
require_once $configPath;
//
//get config from config file
@@ -105,13 +119,13 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm =
$name = empty($script_cp1256) || !$script_cp1256 || $hashed ? $name : $usrcp->kleeja_utf8($name, false);
$query_salt = array(
'SELECT' => $hashed ? '*' : 'salt',
'SELECT' => $hashed ? '*' : ($isVB5 ? 'token' : 'salt'),
'FROM' => "`{$forum_prefix}user`",
);
$query_salt['WHERE'] = $hashed ? "userid=" . intval($name) . " AND password='" . $SQLVB->real_escape($pass) . "' AND usergroupid != '8'" : "username='" . $SQLVB->real_escape($name) . "' AND usergroupid != '8'";
$query_salt['WHERE'] = $hashed ? "userid=" . intval($name) . " AND ". ($isVB5 ? 'token' : 'password') ."='" . $SQLVB->real_escape($pass) . "' AND usergroupid != '8'" : "username='" . $SQLVB->real_escape($name) . "' AND usergroupid != '8'";
//if return only name let's ignore the obove
//if return only name let's ignore the above
if($return_name)
{
$query_salt['SELECT'] = "username";
@@ -132,12 +146,14 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm =
if(!$hashed)
{
$pass = md5(md5($pass) . $row1['salt']); // without normal md5
$pass = ! $isVB5
? md5(md5($pass) . $row1['salt']) // without normal md5
: crypt(md5($pass), $row1['token']);
$query = array(
'SELECT' => '*',
'FROM' => "`{$forum_prefix}user`",
'WHERE' => "username='" . $SQLVB->real_escape($name) . "' AND password='" . $SQLVB->real_escape($pass) . "' AND usergroupid != '8'"
'WHERE' => "username='" . $SQLVB->real_escape($name) . "' AND ".($isVB5 ? 'token' : 'password')."='" . $SQLVB->real_escape($pass) . "' AND usergroupid != '8'"
);
$result = $SQLVB->build($query);
@@ -161,13 +177,13 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm =
$userinfo['group_id'] = ($row['usergroupid'] == 6 ? 1 : 3);
$user_y = kleeja_base64_encode(serialize(array('id'=>$row['userid'], 'name'=>USER_NAME, 'mail'=>$row['email'], 'last_visit'=>time())));
$hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire);
$hash_key_expire = sha1(md5($config['h_key'] . ($isVB5 ? $row['token'] : $row['password'])) . $expire);
if(!$loginadm)
{
$usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt(
$row['userid'] . '|' .
$row['password'] . '|' .
($isVB5 ? $row['token'] : $row['password']) . '|' .
$expire . '|' .
$hash_key_expire . '|' .
($row['usergroupid'] == 6 ? 1 : 3) . '|' .