首頁 探索 說明
註冊 登入
scaniatm
/
TorrentFlux-b4rt-PHP7
1
0
複刻 0
檔案 問題管理 0 合併請求 0
目錄樹: 830c6487c3
分支列表 標籤列表
TorrentFlux-b4r...
/
html
/
inc
/
functions
/
functions.common.auth.php

functions.common.auth.php 6.1 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209 
  1. <?php
    2. 

  2. 

  3. /* $Id: functions.common.auth.php 3053 2007-05-25 21:01:48Z b4rt $ */
    4. 

  4. 

  5. /*******************************************************************************
    6. 

  6. 

  7.  LICENSE
    8. 

  8. 

  9.  This program is free software; you can redistribute it and/or
    10. 

  10.  modify it under the terms of the GNU General Public License (GPL)
    11. 

  11.  as published by the Free Software Foundation; either version 2
    12. 

  12.  of the License, or (at your option) any later version.
    13. 

  13. 

  14.  This program is distributed in the hope that it will be useful,
    15. 

  15.  but WITHOUT ANY WARRANTY; without even the implied warranty of
    16. 

  16.  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    17. 

  17.  GNU General Public License for more details.
    18. 

  18. 

  19.  To read the license please visit http://www.gnu.org/copyleft/gpl.html
    20. 

  20. 

  21. *******************************************************************************/
    22. 

  22. 

  23. /**
    24. 

  24.  * perform Authentication
    25. 

  25.  *
    26. 

  26.  * @param $username
    27. 

  27.  * @param $password
    28. 

  28.  * @param $md5password
    29. 

  29.  * @return int with :
    30. 

  30.  *                     1 : user authenticated
    31. 

  31.  *                     0 : user not authenticated
    32. 

  32.  */
    33. 

  33. function performAuthentication($username = '', $password = '', $md5password = '') {
    34. 

  34. 	global $cfg, $db;
    35. 

  35. 	// check username
    36. 

  36. 	if (!isset($username))
    37. 

  37. 		return 0;
    38. 

  38. 	if ($username == '')
    39. 

  39. 		return 0;
    40. 

  40. 	// sql-state
    41. 

  41. 	$sql = "SELECT uid, hits, hide_offline, theme, language_file FROM tf_users WHERE state = 1 AND user_id=".$db->qstr($username)." AND password=";
    42. 

  42. 	if ((isset($md5password)) && (strlen($md5password) == 32)) /* md5-password */
    43. 

  43. 		$sql .= $db->qstr($md5password);
    44. 

  44. 	elseif (isset($password)) /* plaintext-password */
    45. 

  45. 		$sql .= $db->qstr(md5($password));
    46. 

  46. 	else /* no password */
    47. 

  47. 		return 0;
    48. 

  48. 	// exec query
    49. 

  49. 	$result = $db->Execute($sql);
    50. 

  50. 	if ($db->ErrorNo() != 0) dbError($sql);
    51. 

  51. 	list($uid, $hits, $cfg["hide_offline"], $cfg["theme"], $cfg["language_file"]) = $result->FetchRow();
    52. 

  52. 	if ($result->RecordCount() == 1) { // suc. auth.
    53. 

  53. 		// Add a hit to the user
    54. 

  54. 		$hits++;
    55. 

  55. 		$sql = "select * from tf_users where uid = ".$db->qstr($uid);
    56. 

  56. 		$rs = $db->Execute($sql);
    57. 

  57. 		if ($db->ErrorNo() != 0) dbError($sql);
    58. 

  58. 		$rec = array(
    59. 

  59. 						'hits' => $hits,
    60. 

  60. 						'last_visit' => $db->DBDate(time()),
    61. 

  61. 						'theme' => $cfg['theme'],
    62. 

  62. 						'language_file' => $cfg['language_file']
    63. 

  63. 					);
    64. 

  64. 		$sql = $db->GetUpdateSQL($rs, $rec);
    65. 

  65. 		$result = $db->Execute($sql);
    66. 

  66. 		if ($db->ErrorNo() != 0) dbError($sql);
    67. 

  67. 		$_SESSION['user'] = $username;
    68. 

  68. 		$_SESSION['uid'] = $uid;
    69. 

  69. 		$cfg["user"] = $_SESSION['user'];
    70. 

  70. 		$cfg['uid'] = $uid;
    71. 

  71. 		@session_write_close();
    72. 

  72. 		return 1;
    73. 

  73. 	} else { // wrong credentials
    74. 

  74. 		// log
    75. 

  75. 		AuditAction($cfg["constants"]["access_denied"], "FAILED AUTH: ".$username);
    76. 

  76. 		// unset
    77. 

  77. 		unset($_SESSION['user']);
    78. 

  78. 		unset($_SESSION['uid']);
    79. 

  79. 		unset($cfg["user"]);
    80. 

  80. 		// flush users cookie
    81. 

  81. 		@setcookie("autologin", "", time() - 3600);
    82. 

  82. 		// return
    83. 

  83. 		return 0;
    84. 

  84. 	}
    85. 

  85. 	// return
    86. 

  86. 	return 0;
    87. 

  87. }
    88. 

  88. 

  89. /**
    90. 

  90.  * get image-code
    91. 

  91.  *
    92. 

  92.  * @param $rstr
    93. 

  93.  * @param $rnd
    94. 

  94.  * @return string
    95. 

  95.  */
    96. 

  96. function loginImageCode($rstr, $rnd) {
    97. 

  97.     return substr((hexdec(md5($_SERVER['HTTP_USER_AGENT'].$rstr.$rnd.date("F j")))), 3, 6);
    98. 

  98. }
    99. 

  99. 

  100. /**
    101. 

  101.  * first Login
    102. 

  102.  *
    103. 

  103.  * @param $username
    104. 

  104.  * @param $password
    105. 

  105.  */
    106. 

  106. function firstLogin($username = '', $password = '') {
    107. 

  107. 	global $cfg, $db;
    108. 

  108. 	if (!isset($username))
    109. 

  109. 		return 0;
    110. 

  110. 	if (!isset($password))
    111. 

  111. 		return 0;
    112. 

  112. 	if ($username == '')
    113. 

  113. 		return 0;
    114. 

  114. 	if ($password == '')
    115. 

  115. 		return 0;
    116. 

  116. 	$create_time = time();
    117. 

  117. 	// This user is first in DB.  Make them super admin.
    118. 

  118. 	// this is The Super USER, add them to the user table
    119. 

  119. 	$record = array(
    120. 

  120. 					'user_id'=>strtolower($username),
    121. 

  121. 					'password'=>md5($password),
    122. 

  122. 					'hits'=>1,
    123. 

  123. 					'last_visit'=>$create_time,
    124. 

  124. 					'time_created'=>$create_time,
    125. 

  125. 					'user_level'=>2,
    126. 

  126. 					'hide_offline'=>0,
    127. 

  127. 					'theme'=>$cfg["default_theme"],
    128. 

  128. 					'language_file'=>$cfg["default_language"],
    129. 

  129. 					'state'=>1
    130. 

  130. 					);
    131. 

  131. 	$sTable = 'tf_users';
    132. 

  132. 	$sql = $db->GetInsertSql($sTable, $record);
    133. 

  133. 	$result = $db->Execute($sql);
    134. 

  134. 	if ($db->ErrorNo() != 0) dbError($sql);
    135. 

  135. 	// Test and setup some paths for the TF settings
    136. 

  136. 	// path
    137. 

  137. 	$tfPath = $cfg["path"];
    138. 

  138. 	if (!is_dir($cfg["path"]))
    139. 

  139. 		$tfPath = getcwd() . "/downloads/";
    140. 

  140. 	// settings
    141. 

  141. 	$settings = array(
    142. 

  142. 						"path" => $tfPath,
    143. 

  143. 						"pythonCmd" => $cfg["pythonCmd"],
    144. 

  144. 						"perlCmd" => $cfg["perlCmd"],
    145. 

  145. 						"bin_php" => $cfg["bin_php"],
    146. 

  146. 						"bin_grep" => $cfg["bin_grep"],
    147. 

  147. 						"bin_awk" => $cfg["bin_awk"],
    148. 

  148. 						"bin_du" => $cfg["bin_du"],
    149. 

  149. 						"bin_wget" => $cfg["bin_wget"],
    150. 

  150. 						"bin_unrar" => $cfg["bin_unrar"],
    151. 

  151. 						"bin_unzip" => $cfg["bin_unzip"],
    152. 

  152. 						"bin_cksfv" => $cfg["bin_cksfv"],
    153. 

  153. 						"bin_vlc" => $cfg["bin_vlc"],
    154. 

  154. 						"bin_uudeview" => $cfg["bin_uudeview"],
    155. 

  155. 						"btclient_transmission_bin" => $cfg["btclient_transmission_bin"],
    156. 

  156. 						"bin_netstat" => $cfg["bin_netstat"],
    157. 

  157. 						"bin_sockstat" => $cfg["bin_sockstat"]
    158. 

  158. 					);
    159. 

  159. 	// binaries to test
    160. 

  160. 	$binaries = array(
    161. 

  161. 						"pythonCmd" => $cfg["pythonCmd"],
    162. 

  162. 						"perlCmd" => $cfg["perlCmd"],
    163. 

  163. 						"bin_php" => $cfg["bin_php"],
    164. 

  164. 						"bin_grep" => $cfg["bin_grep"],
    165. 

  165. 						"bin_awk" => $cfg["bin_awk"],
    166. 

  166. 						"bin_du" => $cfg["bin_du"],
    167. 

  167. 						"bin_wget" => $cfg["bin_wget"],
    168. 

  168. 						"bin_unrar" => $cfg["bin_unrar"],
    169. 

  169. 						"bin_unzip" => $cfg["bin_unzip"],
    170. 

  170. 						"bin_cksfv" => $cfg["bin_cksfv"],
    171. 

  171. 						"bin_vlc" => $cfg["bin_vlc"],
    172. 

  172. 						"bin_uudeview" => $cfg["bin_uudeview"],
    173. 

  173. 						"btclient_transmission_bin" => $cfg["btclient_transmission_bin"],
    174. 

  174. 						"bin_netstat" => $cfg["bin_netstat"],
    175. 

  175. 						"bin_sockstat" => $cfg["bin_sockstat"]
    176. 

  176. 					);
    177. 

  177. 	// bins for which
    178. 

  178. 	$bins = array(
    179. 

  179. 						"pythonCmd" => "python",
    180. 

  180. 						"perlCmd" => "perl",
    181. 

  181. 						"bin_php" => "php",
    182. 

  182. 						"bin_grep" => "grep",
    183. 

  183. 						"bin_awk" => "awk",
    184. 

  184. 						"bin_du" => "du",
    185. 

  185. 						"bin_wget" => "wget",
    186. 

  186. 						"bin_unrar" => "unrar",
    187. 

  187. 						"bin_unzip" => "unzip",
    188. 

  188. 						"bin_cksfv" => "cksfv",
    189. 

  189. 						"bin_vlc" => "vlc",
    190. 

  190. 						"bin_uudeview" => "uudeview",
    191. 

  191. 						"btclient_transmission_bin" => "transmissioncli",
    192. 

  192. 						"bin_netstat" => "netstat",
    193. 

  193. 						"bin_sockstat" => "sockstat"
    194. 

  194. 					);
    195. 

  195. 	// check
    196. 

  196. 	foreach ($binaries as $key => $value) {
    197. 

  197. 		if (!is_file($value)) {
    198. 

  198. 			$bin = "";
    199. 

  199. 			$bin = @trim(shell_exec("which ".$bins[$key]));
    200. 

  200. 			if ($bin != "")
    201. 

  201. 				$settings[$key] = $bin;
    202. 

  202. 		}
    203. 

  203. 	}
    204. 

  204. 	// save
    205. 

  205. 	saveSettings('tf_settings', $settings);
    206. 

  206. 	AuditAction($cfg["constants"]["update"], "Initial Settings Updated for first login.");
    207. 

  207. }
    208. 

  208. 

  209. ?>
    210.