403Webshell
Server IP : 103.119.228.120  /  Your IP : 18.227.72.24
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /usr/local/ssl/share/awl/inc/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :


[ Back ]     

Current File : /usr/local/ssl/share/awl/inc/Session.php
<?php
/**
* Session handling class and associated functions
*
* This subpackage provides some functions that are useful around web
* application session management.
*
* The class is intended to be as lightweight as possible while holding
* all session data in the database:
*  - Session hash is not predictable.
*  - No clear text information is held in cookies.
*  - Passwords are generally salted MD5 hashes, but individual users may
*    have plain text passwords set by an administrator.
*  - Temporary passwords are supported.
*  - Logout is supported
*  - "Remember me" cookies are supported, and will result in a new
*    Session for each browser session.
*
* @package   awl
* @subpackage   Session
* @author Andrew McMillan <andrew@mcmillan.net.nz>
* @copyright Catalyst IT Ltd, Morphoss Ltd <http://www.morphoss.com/>
* @license   http://gnu.org/copyleft/gpl.html GNU GPL v2 or later
*/
require_once('AWLUtilities.php');
require_once('AwlQuery.php');
require_once('EMail.php');


/**
* Checks what a user entered against any currently valid temporary passwords on their account.
* @param string $they_sent What the user entered.
* @param int $user_no Which user is attempting to log on.
* @return boolean Whether or not the user correctly guessed a temporary password within the necessary window of opportunity.
*/
function check_temporary_passwords( $they_sent, $user_no ) {
  $sql = 'SELECT 1 AS ok FROM tmp_password WHERE user_no = ? AND password = ? AND valid_until > current_timestamp';
  $qry = new AwlQuery( $sql, $user_no, $they_sent );
  if ( $qry->Exec('Session::check_temporary_passwords') ) {
    dbg_error_log( "Login", " check_temporary_passwords: Rows = ".$qry->rows());
    if ( $row = $qry->Fetch() ) {
      dbg_error_log( "Login", " check_temporary_passwords: OK = $row->ok");
      // Remove all the temporary passwords for that user...
      $sql = 'DELETE FROM tmp_password WHERE user_no = ? ';
      $qry = new AwlQuery( $sql, $user_no );
      $qry->Exec('Login',__LINE__,__FILE__);
      return true;
    }
  }
  return false;
}

/**
* A class for creating and holding session information.
*
* @package   awl
*/
class Session
{
  /**#@+
  * @access private
  */
  var $roles;
  var $cause = '';
  /**#@-*/

  /**#@+
  * @access public
  */

  /**
  * The user_no of the logged in user.
  * @var int
  */
  var $user_no;

  /**
  * A unique id for this user's logged-in session.
  * @var int
  */
  var $session_id = 0;

  /**
  * The user's username used to log in.
  * @var int
  */
  var $username = 'guest';

  /**
  * The user's full name from their usr record.
  * @var int
  */
  var $fullname = 'Guest';

  /**
  * The user's email address from their usr record.
  * @var int
  */
  var $email = '';

  /**
  * Whether this user has actually logged in.
  * @var int
  */
  var $logged_in = false;

  /**
  * Whether the user logged in to view the current page.  Perhaps some details on the
  * login form might pollute an editable form and result in an unplanned submit.  This
  * can be used to program around such a problem.
  * @var boolean
  */
  var $just_logged_in = false;

  /**
  * The date and time that the user logged on during their last session.
  * @var string
  */
  var $last_session_start;

  /**
  * The date and time that the user requested their last page during their last
  * session.
  * @var string
  */
  var $last_session_end;
  /**#@-*/

  /**
  * Create a new Session object.
  *
  * If a session identifier is supplied, or we can find one in a cookie, we validate it
  * and consider the person logged in.  We read some useful session and user data in
  * passing as we do this.
  *
  * The session identifier contains a random value, hashed, to provide validation. This
  * could be hijacked if the traffic was sniffable so sites who are paranoid about security
  * should only do this across SSL.
  *
  * A worthwhile enhancement would be to add some degree of external configurability to
  * that read.
  *
  * @param string $sid A session identifier.
  */
  function __construct( $sid="" )
  {
    global $sid, $sysname;

    $this->roles = array();
    $this->logged_in = false;
    $this->just_logged_in = false;
    $this->login_failed = false;

    if ( $sid == "" ) {
      if ( ! isset($_COOKIE['sid']) ) return;
      $sid = $_COOKIE['sid'];
    }

    list( $session_id, $session_key ) = explode( ';', $sid, 2 );

    /**
    * We regularly want to override the SQL for joining against the session record.
    * so the calling application can define a function local_session_sql() which
    * will return the SQL to join (up to and excluding the WHERE clause.  The standard
    * SQL used if this function is not defined is:
    * <code>
    * SELECT session.*, usr.* FROM session JOIN usr ON ( user_no )
    * </code>
    */
    if ( function_exists('local_session_sql') ) {
      $sql = local_session_sql();
    }
    else {
      $sql = "SELECT session.*, usr.* FROM session JOIN usr USING ( user_no )";
    }
    $sql .= " WHERE session.session_id = ? AND session.session_key = ? ORDER BY session.session_start DESC LIMIT 2";

    $qry = new AwlQuery($sql, $session_id, $session_key);
    if ( $qry->Exec('Session') && 1 == $qry->rows() ) {
      $this->AssignSessionDetails( $qry->Fetch() );
      $qry = new AwlQuery('UPDATE session SET session_end = current_timestamp WHERE session_id=?', $session_id);
      $qry->Exec('Session');
    }
    else {
      //  Kill the existing cookie, which appears to be bogus
      setcookie('sid', '', 0,'/');
      $this->cause = 'ERR: Other than one session record matches. ' . $qry->rows();
      $this->Log( "WARN: Login $this->cause" );
    }
  }


  /**
  * DEPRECATED Utility function to log stuff with printf expansion.
  *
  * This function could be expanded to log something identifying the session, but
  * somewhat strangely this has not yet been done.
  *
  * @param string $whatever A log string
  * @param mixed $whatever... Further parameters to be replaced into the log string a la printf
  * @deprecated
  */
  function Log( $whatever )
  {
    global $c;
    deprecated('Session::Log');

    $argc = func_num_args();
    $format = func_get_arg(0);
    if ( $argc == 1 || ($argc == 2 && func_get_arg(1) == "0" ) ) {
      error_log( "$c->sysabbr: $format" );
    }
    else {
      $args = array();
      for( $i=1; $i < $argc; $i++ ) {
        $args[] = func_get_arg($i);
      }
      error_log( "$c->sysabbr: " . vsprintf($format,$args) );
    }
  }

  /**
  * DEPRECATED Utility function to log debug stuff with printf expansion, and the ability to
  * enable it selectively.
  *
  * The enabling is done by setting a variable "$debuggroups[$group] = 1"
  *
  * @param string $group The name of an arbitrary debug group.
  * @param string $whatever A log string
  * @param mixed $whatever... Further parameters to be replaced into the log string a la printf
  * @deprecated
  */
  function Dbg( $whatever )
  {
    global $debuggroups, $c;
    deprecated('Session::Dbg');

    $argc = func_num_args();
    $dgroup = func_get_arg(0);

    if ( ! (isset($debuggroups[$dgroup]) && $debuggroups[$dgroup]) ) return;

    $format = func_get_arg(1);
    if ( $argc == 2 || ($argc == 3 && func_get_arg(2) == "0" ) ) {
      error_log( "$c->sysabbr: DBG: $dgroup: $format" );
    }
    else {
      $args = array();
      for( $i=2; $i < $argc; $i++ ) {
        $args[] = func_get_arg($i);
      }
      error_log( "$c->sysabbr: DBG: $dgroup: " . vsprintf($format,$args) );
    }
  }

  /**
  * Checks whether a user is allowed to do something.
  *
  * The check is performed to see if the user has that role.
  *
  * @param string $whatever The role we want to know if the user has.
  * @return boolean Whether or not the user has the specified role.
  */
  function AllowedTo ( $whatever ) {
    return ( $this->logged_in && isset($this->roles[$whatever]) && $this->roles[$whatever] );
  }


/**
* Internal function used to get the user's roles from the database.
*/
  function GetRoles () {
    $this->roles = array();
    $qry = new AwlQuery( 'SELECT role_name FROM role_member m join roles r ON r.role_no = m.role_no WHERE user_no = ? ', $this->user_no );
    if ( $qry->Exec('Session::GetRoles') && $qry->rows() > 0 ) {
      while( $role = $qry->Fetch() ) {
        $this->roles[$role->role_name] = true;
      }
    }
  }


/**
* Internal function used to assign the session details to a user's new session.
* @param object $u The user+session object we (probably) read from the database.
*/
  function AssignSessionDetails( $u ) {
    // Assign each field in the selected record to the object
    foreach( $u AS $k => $v ) {
      $this->{$k} = $v;
    }

    $date_format = ($this->date_format_type == 'E' ? 'European,ISO' : ($this->date_format_type == 'U' ? 'US,ISO' : 'ISO'));
    $qry = new AwlQuery( 'SET DATESTYLE TO '. $date_format );
    $qry->Exec();

    $this->GetRoles();
    $this->logged_in = true;
  }


/**
* Attempt to perform a login action.
*
* This will validate the user's username and password.  If they are OK then a new
* session id will be created and the user will be cookied with it for subsequent
* pages.  A logged in session will be created, and the $_POST array will be cleared
* of the username, password and submit values.  submit will also be cleared from
* $_GET and $GLOBALS, just in case.
*
* @param string $username The user's login name, or at least what they entered it as.
* @param string $password The user's password, or at least what they entered it as.
* @param string $authenticated If true, then authentication has already happened and the password is not checked, though the user must still exist.
* @return boolean Whether or not the user correctly guessed a temporary password within the necessary window of opportunity.
*/
  function Login( $username, $password, $authenticated = false ) {
    global $c;
    $rc = false;
    dbg_error_log( "Login", " Login: Attempting login for $username" );
    if ( isset($usr) ) unset($usr);  /** In case someone is running with register_globals on */

    /**
    * @todo In here we will need to put code to call the auth plugin, in order to
    * ensure the 'usr' table has current valid data.  At this stage we are just
    * thinking it through... like ...
    *
    */
    if ( !$authenticated && isset($c->authenticate_hook) && isset($c->authenticate_hook['call']) && function_exists($c->authenticate_hook['call']) ) {
      /**
      * The authenticate hook needs to:
      *   - Accept a username / password
      *   - Confirm the username / password are correct
      *   - Create (or update) a 'usr' record in our database
      *   - Return the 'usr' record as an object
      *   - Return === false when authentication fails
      * It can expect that:
      *   - Configuration data will be in $c->authenticate_hook['config'], which might be an array, or whatever is needed.
      */
      $usr = call_user_func( $c->authenticate_hook['call'], $username, $password );
      if ( $usr === false ) unset($usr); else $authenticated = true;
    }

    $sql = "SELECT * FROM usr WHERE lower(username) = text(?) AND active";
    $qry = new AwlQuery( $sql, strtolower($username) );
    if ( isset($usr) || ($qry->Exec('Login',__LINE__,__FILE__) && $qry->rows() == 1 && $usr = $qry->Fetch() ) ) {
      $user_no = ( method_exists( $usr, 'user_no' ) ? $usr->user_no() : $usr->user_no );
      if ( $authenticated || session_validate_password( $password, $usr->password ) || check_temporary_passwords( $password, $user_no ) ) {
        // Now get the next session ID to create one from...
        $qry = new AwlQuery( "SELECT nextval('session_session_id_seq')" );
        if ( $qry->Exec('Login') && $qry->rows() == 1 ) {
          $seq = $qry->Fetch();
          $session_id = $seq->nextval;
          $session_key = md5( rand(1010101,1999999999) . microtime() );  // just some random shite
          dbg_error_log( "Login", " Login: Valid username/password for $username ($user_no)" );

          // Set the last_used timestamp to match the previous login.
          $qry = new AwlQuery('UPDATE usr SET last_used = (SELECT session_start FROM session WHERE session.user_no = ? ORDER BY session_id DESC LIMIT 1) WHERE user_no = ?;', $usr->user_no, $usr->user_no);
          $qry->Exec('Session');

          // And create a session
          $sql = "INSERT INTO session (session_id, user_no, session_key) VALUES( ?, ?, ? )";
          $qry = new AwlQuery( $sql, $session_id, $user_no, $session_key );
          if ( $qry->Exec('Login') ) {
            // Assign our session ID variable
            $sid = "$session_id;$session_key";

            //  Create a cookie for the sesssion
            setcookie('sid',$sid, 0,'/');
            // Recognise that we have started a session now too...
            $this->__construct($sid);
            dbg_error_log( "Login", " Login: New session $session_id started for $username ($user_no)" );
            $this->just_logged_in = true;

            // Unset all of the submitted values, so we don't accidentally submit an unexpected form.
            unset($_POST['username']);
            unset($_POST['password']);
            unset($_POST['submit']);
            unset($_GET['submit']);
            unset($GLOBALS['submit']);

            if ( function_exists('local_session_sql') ) {
              $sql = local_session_sql();
            }
            else {
              $sql = "SELECT session.*, usr.* FROM session JOIN usr USING ( user_no )";
            }
            $sql .= " WHERE session.session_id = ? AND session.session_key = ? ORDER BY session.session_start DESC LIMIT 2";

            $qry = new AwlQuery($sql, $session_id, $session_key);
            if ( $qry->Exec('Session') && 1 == $qry->rows() ) {
              $this->AssignSessionDetails( $qry->Fetch() );
            }

            $rc = true;
            return $rc;
          }
   // else ...
          $this->cause = 'ERR: Could not create new session.';
        }
        else {
          $this->cause = 'ERR: Could not increment session sequence.';
        }
      }
      else {
        $c->messages[] = i18n('Invalid username or password.');
        if ( isset($c->dbg['Login']) || isset($c->dbg['ALL']) )
          $this->cause = 'WARN: Invalid password.';
        else
          $this->cause = 'WARN: Invalid username or password.';
      }
    }
    else {
    $c->messages[] = i18n('Invalid username or password.');
    if ( isset($c->dbg['Login']) || isset($c->dbg['ALL']) )
      $this->cause = 'WARN: Invalid username.';
    else
      $this->cause = 'WARN: Invalid username or password.';
    }

    $this->Log( "Login failure: $this->cause" );
    $this->login_failed = true;
    $rc = false;
    return $rc;
  }



/**
* Renders some HTML for a basic login panel
*
* @return string The HTML to display a login panel.
*/
  function RenderLoginPanel() {
    $action_target = htmlspecialchars(preg_replace('/\?logout.*$/','',$_SERVER['REQUEST_URI']));
    dbg_error_log( "Login", " RenderLoginPanel: action_target='%s'", $action_target );
    $userprompt = translate("User Name");
    $pwprompt = translate("Password");
    $gobutton = htmlspecialchars(translate("GO!"));
    $gotitle = htmlspecialchars(translate("Enter your username and password then click here to log in."));
    $temppwprompt = translate("If you have forgotten your password then");
    $temppwbutton = htmlspecialchars(translate("Help! I've forgotten my password!"));
    $temppwtitle = htmlspecialchars(translate("Enter a username, if you know it, and click here, to be e-mailed a temporary password."));
    $html = <<<EOTEXT
<div id="logon">
<form action="$action_target" method="post">
<table>
<tr>
<th class="prompt">$userprompt:</th>
<td class="entry">
<input class="text" type="text" name="username" size="12" /></td>
</tr>
<tr>
<th class="prompt">$pwprompt:</th>
<td class="entry">
<input class="password" type="password" name="password" size="12" />
</td>
</tr>
<tr>
<th class="prompt">&nbsp;</th>
<td class="entry">
<input type="submit" value="$gobutton" title="$gotitle" name="submit" class="submit" />
</td>
</tr>
</table>
<p>
$temppwprompt: <input type="submit" value="$temppwbutton" title="$temppwtitle" name="lostpass" class="submit" />
</p>
</form>
</div>

EOTEXT;
    return $html;
  }


/**
* Checks that this user is logged in, and presents a login screen if they aren't.
*
* The function can optionally confirm whether they are a member of one of a list
* of groups, and deny access if they are not a member of any of them.
*
* @param string $groups The list of groups that the user must be a member of one of to be allowed to proceed.
* @return boolean Whether or not the user is logged in and is a member of one of the required groups.
*/
  function LoginRequired( $groups = "" ) {
    global $c, $session, $page_elements;

    if ( $this->logged_in && $groups == "" ) return;
    if ( ! $this->logged_in ) {
//      $c->messages[] = i18n("You must log in to use this system.");
      if ( function_exists("local_index_not_logged_in") ) {
        local_index_not_logged_in();
      }
      else {
        $login_html = translate( "<h1>Log On Please</h1><p>For access to the %s you should log on withthe username and password that have been issued to you.</p><p>If you would like to request access, please e-mail %s.</p>");
        $page_content = sprintf( $login_html, $c->system_name, $c->admin_email );
        $page_content .= $this->RenderLoginPanel();
        if ( isset($page_elements) && gettype($page_elements) == 'array' ) {
          $page_elements[] = $page_content;
          @include("page-renderer.php");
          exit(0);
        }
        @include("page-header.php");
        echo $page_content;
        @include("page-footer.php");
      }
    }
    else {
      $valid_groups = explode(",", $groups);
      foreach( $valid_groups AS $k => $v ) {
        if ( $this->AllowedTo($v) ) return;
      }
      $c->messages[] = i18n("You are not authorised to use this function.");
      if ( isset($page_elements) && gettype($page_elements) == 'array' ) {
        @include("page-renderer.php");
        exit(0);
      }
      @include("page-header.php");
      @include("page-footer.php");
    }

    exit;
  }



/**
* E-mails a temporary password in response to a request from a user.
*
* This could be called from somewhere within the application that allows
* someone to set up a user and invite them.
*
* This function includes EMail.php to actually send the password.
*/
  function EmailTemporaryPassword( $username, $email_address, $body_template="" ) {
    global $c;

    $password_sent = false;
    $where = "";
    $params = array();
    if ( isset($username) && $username != "" ) {
      $where = 'WHERE active AND lower(usr.username) = :lcusername';
      $params[':lcusername'] = strtolower($username);
    }
    else if ( isset($email_address) && $email_address != "" ) {
      $where = 'WHERE active AND lower(usr.email) = :lcemail';
      $params[':lcemail'] = strtolower($email_address);
    }

    if ( $where != '' ) {
      if ( !isset($body_template) || $body_template == "" ) {
        $body_template = <<<EOTEXT

@@debugging@@A temporary password has been requested for @@system_name@@.

Temporary Password: @@password@@

This has been applied to the following usernames:

@@usernames@@
and will be valid for 24 hours.

If you have any problems, please contact the system administrator.

EOTEXT;
      }

      $qry = new AwlQuery( 'SELECT * FROM usr '.$where, $params );
      $qry->Exec('Session::EmailTemporaryPassword');
      if ( $qry->rows() > 0 ) {
        $q2 = new AwlQuery();
        $q2->Begin();

        while ( $row = $qry->Fetch() ) {
          $mail = new EMail( "Access to $c->system_name" );
          $mail->SetFrom($c->admin_email );
          $usernames = "";
          $debug_to = "";
          if ( isset($c->debug_email) ) {
            $debug_to = "This e-mail would normally be sent to:\n ";
            $mail->AddTo( "Tester <$c->debug_email>" );
          }

          $tmp_passwd = '';
          for ( $i=0; $i < 8; $i++ ) {
            $tmp_passwd .= substr( 'ABCDEFGHIJKLMNOPQRSTUVWXYZ+#.-=*%@0123456789abcdefghijklmnopqrstuvwxyz', rand(0,69), 1);
          }

          $q2->QDo('INSERT INTO tmp_password (user_no, password) VALUES(?,?)', array($row->user_no, $tmp_passwd));
          if ( isset($c->debug_email) ) {
            $debug_to .= "$row->fullname <$row->email> ";
          }
          else {
            $mail->AddTo( "$row->fullname <$row->email>" );
          }
          $usernames .= "        $row->username\n";

          if ( $mail->To() != "" ) {
            if ( isset($c->debug_email) ) {
              $debug_to .= "\n============================================================\n";
            }
            $sql .= "COMMIT;";
            $qry = new AwlQuery( $sql );
            $qry->Exec("Session::SendTemporaryPassword");
            $body = str_replace( '@@system_name@@', $c->system_name, $body_template);
            $body = str_replace( '@@password@@', $tmp_passwd, $body);
            $body = str_replace( '@@usernames@@', $usernames, $body);
            $body = str_replace( '@@debugging@@', $debug_to, $body);
            $mail->SetBody($body);
            $mail->Send();
            $password_sent = true;
          }
        }
      }
    }
    return $password_sent;
  }


/**
* Sends a temporary password in response to a request from a user.
*
* This is probably only going to be called from somewhere internal.  An external
* caller will probably just want the e-mail, without the HTML that this displays.
*
*/
  function SendTemporaryPassword( ) {
    global $c, $page_elements;

    $password_sent = $this->EmailTemporaryPassword( (isset($_POST['username'])?$_POST['username']:null), (isset($_POST['email_address'])?$_POST['email_address']:null) );

    if ( ! $password_sent && ((isset($_POST['username']) && $_POST['username'] != "" )
                              || (isset($_POST['email_address']) && $_POST['email_address'] != "" )) ) {
      // Username or EMail were non-null, but we didn't find that user.
      $page_content = <<<EOTEXT
<div id="logon">
<h1>Unable to Reset Password</h1>
<p>We were unable to reset your password at this time.  Please contact
<a href="mailto:$c->admin_email">$c->admin_email</a>
to arrange for an administrator to reset your password.</p>
<p>Thank you.</p>
</div>
EOTEXT;
    }
    else if ( $password_sent ) {
      $page_content = <<<EOTEXT
<div id="logon">
<h1>Temporary Password Sent</h1>
<p>A temporary password has been e-mailed to you.  This password
will be valid for 24 hours and you will be required to change
your password after logging in.</p>
<p><a href=".">Click here to return to the login page.</a></p>
</div>
EOTEXT;
    }
    else {
      $page_content = <<<EOTEXT
<div id="logon">
<h1>Temporary Password</h1>
<form action="$action_target" method="post">
<table>
<tr>
<th class="prompt" style="white-space: nowrap;">Enter your User Name:</th>
<td class="entry"><input class="text" type="text" name="username" size="12" /></td>
</tr>
<tr>
<th class="prompt" style="white-space: nowrap;">Or your EMail Address:</th>
<td class="entry"><input class="text" type="text" name="email_address" size="50" /></td>
</tr>
<tr>
<th class="prompt" style="white-space: nowrap;">and click on -></th>
<td class="entry">
<input class="submit" type="submit" value="Send me a temporary password" alt="Enter a username, or e-mail address, and click here." name="lostpass" />
</td>
</tr>
</table>
<p>Note: If you have multiple accounts with the same e-mail address, they will <em>all</em>
be assigned a new temporary password, but only the one(s) that you use that temporary password
on will have the existing password invalidated.</p>
<h2>The temporary password will only be valid for 24 hours.</h2>
<p>You will need to log on and change your password during this time.</p>
</form>
</div>
EOTEXT;
    }
    if ( isset($page_elements) && gettype($page_elements) == 'array' ) {
      $page_elements[] = $page_content;
      @include("page-renderer.php");
      exit(0);
    }
    @include("page-header.php");
    echo $page_content;
    @include("page-footer.php");
    exit(0);
  }

  static function _CheckLogout() {
    if ( isset($_GET['logout']) ) {
      dbg_error_log( "Login", ":_CheckLogout: Logging out");
      if ( isset($_COOKIE['sid']) ) {
        // clean up our session in the session table
        list( $session_id, $session_key ) = explode( ';', $_COOKIE['sid'], 2 );
        $sql = 'DELETE FROM session WHERE session_id = ? AND session_key = ?';
        $qry = new AwlQuery( $sql, $session_id, $session_key );
        $qry->Exec('Logout',__LINE__,__FILE__);
        // expire sessions older than 16 hours
        $sql = "DELETE FROM session WHERE session_end < current_timestamp - interval '16 hours'";
        $qry = new AwlQuery( $sql );
        $qry->Exec('Expire',__LINE__,__FILE__);
      }
      setcookie( 'sid', '', 0,'/');
      unset($_COOKIE['sid']);
      unset($GLOBALS['sid']);
    }
  }

  function _CheckLogin() {
    global $c;
    if ( isset($_POST['lostpass']) ) {
      dbg_error_log( "Login", ":_CheckLogin: User '$_POST[username]' has lost the password." );
      $this->SendTemporaryPassword();
    }
    else if ( isset($_POST['username']) && isset($_POST['password']) ) {
      // Try and log in if we have a username and password
      $this->Login( $_POST['username'], $_POST['password'] );
      @dbg_error_log( "Login", ":_CheckLogin: User %s(%s) - %s (%d) login status is %d", $_POST['username'], $this->fullname, $this->user_no, $this->logged_in );
    }
    else if ( !isset($_COOKIE['sid']) && isset($c->authenticate_hook['server_auth_type']) ) {
      /**
      * The authentication has happened in the server, and we should accept it if so.
      */
      if ( ( is_array($c->authenticate_hook['server_auth_type'])
             && in_array( strtolower($_SERVER['AUTH_TYPE']), array_map('strtolower', $c->authenticate_hook['server_auth_type'])) )
      ||
           ( !is_array($c->authenticate_hook['server_auth_type'])
             && strtolower($c->authenticate_hook['server_auth_type']) == strtolower($_SERVER['AUTH_TYPE']) )
      ) {
        if (isset($_SERVER["REMOTE_USER"]))
          $this->Login($_SERVER['REMOTE_USER'], "", true);  // Password will not be checked.
        else
          $this->Login($_SERVER['REDIRECT_REMOTE_USER'], "", true);  // Password will not be checked.
      }
    }
  }


  /**
  * Function to reformat an ISO date to something nicer and possibly more localised
  * @param string $indate The ISO date to be formatted.
  * @param string $type If 'timestamp' then the time will also be shown.
  * @return string The nicely formatted date.
  */
  function FormattedDate( $indate, $type='date' ) {
    $out = "";
    if ( preg_match( '#^\s*$#', $indate ) ) {
      // Looks like it's empty - just return empty
      return $indate;
    }
    if ( preg_match( '#^\d{1,2}[/-]\d{1,2}[/-]\d{2,4}#', $indate ) ) {
      // Looks like it's nice already - don't screw with it!
      return $indate;
    }
    $yr = substr($indate,0,4);
    $mo = substr($indate,5,2);
    $dy = substr($indate,8,2);
    switch ( $this->date_format_type ) {
      case 'U':
        $out = sprintf( "%d/%d/%d", $mo, $dy, $yr );
        break;
      case 'E':
        $out = sprintf( "%d/%d/%d", $dy, $mo, $yr );
        break;
      default:
        $out = sprintf( "%d-%02d-%02d", $yr, $mo, $dy );
        break;
    }
    if ( $type == 'timestamp' ) {
      $out .= substr($indate,10,6);
    }
    return $out;
  }


  /**
  * Build a hash which we can use for confirmation that we didn't get e-mailed
  * a bogus link by someone, and that we actually got here by traversing the
  * website.
  *
  * @param string $method Either 'GET' or 'POST' depending on the way we will use this.
  * @param string $varname The name of the variable which we will confirm
  * @return string A string we can use as either a GET or POST value (i.e. a hidden field, or a varname=hash pair.
  */
  function BuildConfirmationHash( $method, $varname ) {
    /**
    * We include session_start in this because it is never passed to the client
    * and since it includes microseconds would be very hard to predict.
    */
    $confirmation_hash = session_salted_md5( $this->session_start.$varname.$this->session_key, "" );
    if ( $method == 'GET' ) {
      $confirm = $varname .'='. urlencode($confirmation_hash);
    }
    else {
      $confirm = sprintf( '<input type="hidden" name="%s" value="%s">', $varname, htmlspecialchars($confirmation_hash) );
    }
    return $confirm;
  }


  /**
  * Check a hash which we created through BuildConfirmationHash
  *
  * @param string $method Either 'GET' or 'POST' depending on the way we will use this.
  * @param string $varname The name of the variable which we will confirm
  * @return string A string we can use as either a GET or POST value (i.e. a hidden field, or a varname=hash pair.
  */
  function CheckConfirmationHash( $method, $varname ) {
    if ( $method == 'GET' && isset($_GET[$varname])) {
      $hashwegot = $_GET[$varname];
      dbg_error_log('Session',':CheckConfirmationHash: We got "%s" from GET', $hashwegot );
    }
    else if ( isset($_POST[$varname]) ) {
      $hashwegot = $_POST[$varname];
      dbg_error_log('Session',':CheckConfirmationHash: We got "%s" from POST', $hashwegot );
    }
    else {
      return false;
    }

    if ( preg_match('{^\*(.+)\*.+$}i', $hashwegot, $regs ) ) {
      // A nicely salted md5sum like "*<salt>*<salted_md5>"
      $salt = $regs[1];
      dbg_error_log('Session',':CheckConfirmationHash: Salt "%s"', $salt );
      $test_against = session_salted_md5( $this->session_start.$varname.$this->session_key, $salt ) ;
      dbg_error_log('Session',':CheckConfirmationHash: Testing against "%s"', $test_against );

      return ($hashwegot == $test_against);
    }
    return false;
  }

}


/**
* @global resource $session
* @name $session
* The session object is global.
*/

if ( !isset($session) ) {
  Session::_CheckLogout();
  $session = new Session();
  $session->_CheckLogin();
}


Youez - 2016 - github.com/yon3zu
LinuXploit