fritids · September 28, 2015 00:05
diff --git a/auth_clancms.php b/auth_clancms.php
 <?php
 // clanCMS to phpBB3 bridge by FuntimeError of dfbrigade.org

 /**
 * @ignore
 */
 if (!defined('IN_PHPBB'))
 {
 //	exit;
 }

 /**
 * INSTALL: Replace MYDBNAME with the real name of your database
 */
 DEFINE('CLANCMSDB','MYDBNAME');
 DEFINE('clancmsEncryptionKey', 'MYCRYPTKEY');
 DEFINE('sessionCookieName', 'clancms_session');
 DEFINE('clancms_mcrypt',true);
 DEFINE('clancms_cookie_encrypted',true);

 DEFINE('clancms_mcrypt_mode',MCRYPT_MODE_CBC);	//used in 0.6.0


 function validate_session_clancms($userrow)
 {
 	global $db;


 	$sess_info = unserialize(decode($_COOKIE[sessionCookieName],md5(clancmsEncryptionKey)));
 	$sess_id = $sess_info['session_id'];
 	$sess_ip = $sess_info['ip_address'];

        $sql = "SELECT *
                        FROM ".CLANCMSDB.".ClanCMS_sessions
                        WHERE
                        session_id = '". $db->sql_escape(utf8_clean_string($sess_id)). "' ";
                $result = $db->sql_query($sql);
                $row = $db->sql_fetchrow($result);
                $db->sql_freeresult($result);

                //if user logged into main site but not forum
                if($row && $userrow['username_clean'] == 'anonymous')
                {
                        $user_info = unserialize($row['user_data']);
                        if(strlen($user_info['username']))
                        {
                                $clancmsuser = $user_info['username'];
                                $sql = 'SELECT * FROM ' . USERS_TABLE . " WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($clancmsuser)) . "'";
                                $result = $db->sql_query($sql);
                                $row = $db->sql_fetchrow($result);
                                $db->sql_freeresult($result);
                                //invalidate session
 				return false;
                        }
                }
 		//no session mismatch, carry on
 		return true;
 }


 /**
 * Login function
 */
 function login_clancms(&$username, &$password)
 {
 	global $db, $config;

 	// do not allow empty password
 	if (!$password)
 	{
 		return array(
 			'status'	=> LOGIN_ERROR_PASSWORD,
 			'error_msg'	=> 'NO_PASSWORD_SUPPLIED',
 			'user_row'	=> array('user_id' => ANONYMOUS),
 		);
 	}

 	if (!$username)
 	{
 		return array(
 			'status'	=> LOGIN_ERROR_USERNAME,
 			'error_msg'	=> 'LOGIN_ERROR_USERNAME',
 			'user_row'	=> array('user_id' => ANONYMOUS),
 		);
 	}


 	$sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts
 				FROM ' . USERS_TABLE . "
 				WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 			$result = $db->sql_query($sql);
 			$row = $db->sql_fetchrow($result);
 	$db->sql_freeresult($result);

 	//if not in forum database, check main site db.
 	if (!$row)
 	{
 		$sql = "SELECT user_salt FROM ".CLANCMSDB.".ClanCMS_users WHERE user_name = '". $db->sql_escape(utf8_clean_string($username))."'";
 		$result = $db->sql_query($sql);
 		$row = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);
 		$salt = $row['user_salt'];

 		$sql = "SELECT * FROM ".CLANCMSDB.".ClanCMS_users WHERE user_name = '". $db->sql_escape(utf8_clean_string($username))."' and user_password = '". sha1($salt . sha1($password))."'";
 		$result = $db->sql_query($sql);
 		$row = $db->sql_fetchrow($result);
 		$row2 = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);

 		if(!$row)
 		{
 			return array(
 				'status'	=> LOGIN_ERROR_USERNAME,
 				'error_msg'	=> 'LOGIN_ERROR_USERNAME',
 				'user_row'	=> array('user_id' => ANONYMOUS),
 			);
 		}
 		else
 				{
 					// retrieve default group id
 					$sql = 'SELECT group_id
 						FROM ' . GROUPS_TABLE . "
 						WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
 						AND group_type = " . GROUP_SPECIAL;
 						$result = $db->sql_query($sql);
 						$row = $db->sql_fetchrow($result);
 						$db->sql_freeresult($result);

 						if (!$row)
 						{
 							trigger_error('NO_GROUP');
 						}

 						// generate user account data
 						$clancms_user_row = array(
 							'username'		=> $username,
 							'user_password'	=> phpbb_hash($password),
 							'user_email'	=> (!empty($row2['user_email'])) ? utf8_htmlspecialchars(htmlspecialchars_decode($row2['user_email'])): '',
 							'group_id'		=> (int) $row['group_id'],
 							'user_type'		=> USER_NORMAL,
 							'user_ip'		=> $user->ip,
 							'user_new'		=> ($config['new_member_post_limit']) ? 1 : 0,
 						);

 						unset($row);

 						// this is the user's first login so create an empty profile
 						return array(
 							'status'		=> LOGIN_SUCCESS_CREATE_PROFILE,
 							'error_msg'		=> false,
 							'user_row'		=> $clancms_user_row,
 						);

 		}
 	}

 	$show_captcha = false;
 	//$config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts'];

 	// If there are too much login attempts, we need to check for an confirm image
 	// Every auth module is able to define what to do by itself...
 	if ($show_captcha)
 	{
 		// Visual Confirmation handling
 		if (!class_exists('phpbb_captcha_factory'))
 		{
 			global $phpbb_root_path, $phpEx;
 			include ($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
 		}

 		$captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
 		$captcha->init(CONFIRM_LOGIN);
 		$vc_response = $captcha->validate($row);
 		if ($vc_response)
 		{
 			return array(
 				'status'		=> LOGIN_ERROR_ATTEMPTS,
 				'error_msg'		=> 'LOGIN_ERROR_ATTEMPTS',
 				'user_row'		=> $row,
 			);
 		}
 		else
 		{
 			$captcha->reset();
 		}

 	}

 	if (phpbb_check_hash($password, $row['user_password']))
 	{
 		$sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts
 		FROM ' . USERS_TABLE . "
 		WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 		$result = $db->sql_query($sql);
 		$row = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);
 		if ($row)
 		{
 			if ($row['user_login_attempts'] != 0)
 			{
 				// Successful, reset login attempts (the user passed all stages)
 				$sql = 'UPDATE ' . USERS_TABLE . '
 					SET user_login_attempts = 0
 					WHERE user_id = ' . $row['user_id'];
 				$db->sql_query($sql);
 			}

 			// User inactive...
 			if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
 			{
 				return array(
 					'status'		=> LOGIN_ERROR_ACTIVE,
 					'error_msg'		=> 'ACTIVE_ERROR',
 					'user_row'		=> $row,
 				);
 			}

 			// Successful login... set user_login_attempts to zero...
 			return array(
 				'status'		=> LOGIN_SUCCESS,
 				'error_msg'		=> false,
 				'user_row'		=> $row,
 			);
 		}
 	}
 	// Password incorrect - increase login attempts
 	$sql = 'UPDATE ' . USERS_TABLE . '
 		SET user_login_attempts = user_login_attempts + 1
 		WHERE user_id = ' . (int) $row['user_id'] . '
 			AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX;
 	$db->sql_query($sql);

 	// Give status about wrong password...
 	return array(
 		'status'		=> ($show_captcha) ? LOGIN_ERROR_ATTEMPTS : LOGIN_ERROR_PASSWORD,
 		'error_msg'		=> ($show_captcha) ? 'LOGIN_ERROR_ATTEMPTS' : 'LOGIN_ERROR_PASSWORD',
 		'user_row'		=> $row,
 	);
 }

 function autologin_clancms()
 {
 	
 		global $db;
 	$sess_info = unserialize(decode($_COOKIE[sessionCookieName],md5(clancmsEncryptionKey)));
 	$sess_id = $sess_info['session_id'];
 	$sess_ip = $sess_info['ip_address'];
 	$sql = "SELECT * 
 			FROM ".CLANCMSDB.".ClanCMS_sessions 
 			WHERE 
 			session_id = '". $db->sql_escape(utf8_clean_string($sess_id)). "' ";
 		$result = $db->sql_query($sql);
 		$row = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);
 		
 		//if user found
 		if($row)
 		{
 			$user_info = unserialize($row['user_data']);
 			if(strlen($user_info['username']))
 			{
 				$clancmsuser = $user_info['username'];
 				$sql = 'SELECT * FROM ' . USERS_TABLE . " WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($clancmsuser)) . "'";
 				$result = $db->sql_query($sql);
 				$row = $db->sql_fetchrow($result);
 				$db->sql_freeresult($result);
 				return $row;
 			}
 		}
 		//no user forund. phpbb still wants a blank array
 		return array();
 }



 function logout_clancms($userrow,$newsession)
 {
 	global $db;
 	
 	$sess_info = unserialize(decode($_COOKIE[sessionCookieName],md5(clancmsEncryptionKey)));
 	$sess_id = $sess_info['session_id'];
        $sql = "DELETE FROM ".CLANCMSDB.".ClanCMS_sessions WHERE session_id = '". $db->sql_escape(utf8_clean_string($sess_id)). "' ";

                $result = $db->sql_query($sql);
                $row = $db->sql_fetchrow($result);
                $db->sql_freeresult($result);

 	
 }



 function decode($string, $key = '')
 {
 	if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
 	{
 		return FALSE;
 	}

 	$dec = base64_decode($string);
 	if (clancms_mcrypt)
 	{
 		if (!($dec = mcrypt_decode($dec, $key)))
 		{
 			return FALSE;
 		}
 	}
 	else
 	{
                if(clancms_cookie_encrypted)
                {
 		      $dec = _xor_decode($dec, $key);
                }
 	}

 	return $dec;
 }

 function _xor_decode($string, $key)
 {
 	$string = _xor_merge($string, $key);
 	$dec = '';
 	for ($i = 0; $i < strlen($string); $i++)
 	{
 		$dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1));
 	}

 	return $dec;
 }

 function _xor_merge($string, $key)
 {
 	$hash = sha1($key);
 	$str = '';
 	for ($i = 0; $i < strlen($string); $i++)
 	{
 		$str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1);
 	}

 	return $str;
 }

 function mcrypt_decode($data, $key)
 {
 	$data = _remove_cipher_noise($data, $key);
 	$init_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, clancms_mcrypt_mode);
 	if ($init_size > strlen($data))
 	{
 		return FALSE;
 	}

 	$init_vect = substr($data, 0, $init_size);
 	$data = substr($data, $init_size);
 	return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $data, clancms_mcrypt_mode, $init_vect), "\0");
 }

 function _remove_cipher_noise($data, $key)
 {
 	$keyhash = sha1($key);
 	$keylen = strlen($keyhash);
 	$str = '';
 	for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
 	{
 		if ($j >= $keylen)
 		{
 			$j = 0;
 		}

 	$temp = ord($data[$i]) - ord($keyhash[$j]);

 		if ($temp < 0)
 		{
 			$temp = $temp + 256;
 		}
 			
 		$str .= chr($temp);
 	}
 	return $str;
 }



 ?>
	<?php
	// clanCMS to phpBB3 bridge by FuntimeError of dfbrigade.org

	/**
	* @ignore
	*/
	if (!defined('IN_PHPBB'))
	{
	// exit;
	}

	/**
	* INSTALL: Replace MYDBNAME with the real name of your database
	*/
	DEFINE('CLANCMSDB','MYDBNAME');
	DEFINE('clancmsEncryptionKey', 'MYCRYPTKEY');
	DEFINE('sessionCookieName', 'clancms_session');
	DEFINE('clancms_mcrypt',true);
	DEFINE('clancms_cookie_encrypted',true);

	DEFINE('clancms_mcrypt_mode',MCRYPT_MODE_CBC); //used in 0.6.0


	function validate_session_clancms($userrow)
	{
	global $db;


	$sess_info = unserialize(decode($_COOKIE[sessionCookieName],md5(clancmsEncryptionKey)));
	$sess_id = $sess_info['session_id'];
	$sess_ip = $sess_info['ip_address'];

	$sql = "SELECT *
	FROM ".CLANCMSDB.".ClanCMS_sessions
	WHERE
	session_id = '". $db->sql_escape(utf8_clean_string($sess_id)). "' ";
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);

	//if user logged into main site but not forum
	if($row && $userrow['username_clean'] == 'anonymous')
	{
	$user_info = unserialize($row['user_data']);
	if(strlen($user_info['username']))
	{
	$clancmsuser = $user_info['username'];
	$sql = 'SELECT * FROM ' . USERS_TABLE . " WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($clancmsuser)) . "'";
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);
	//invalidate session
	return false;
	}
	}
	//no session mismatch, carry on
	return true;
	}


	/**
	* Login function
	*/
	function login_clancms(&$username, &$password)
	{
	global $db, $config;

	// do not allow empty password
	if (!$password)
	{
	return array(
	'status' => LOGIN_ERROR_PASSWORD,
	'error_msg' => 'NO_PASSWORD_SUPPLIED',
	'user_row' => array('user_id' => ANONYMOUS),
	);
	}

	if (!$username)
	{
	return array(
	'status' => LOGIN_ERROR_USERNAME,
	'error_msg' => 'LOGIN_ERROR_USERNAME',
	'user_row' => array('user_id' => ANONYMOUS),
	);
	}


	$sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts
	FROM ' . USERS_TABLE . "
	WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);

	//if not in forum database, check main site db.
	if (!$row)
	{
	$sql = "SELECT user_salt FROM ".CLANCMSDB.".ClanCMS_users WHERE user_name = '". $db->sql_escape(utf8_clean_string($username))."'";
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);
	$salt = $row['user_salt'];

	$sql = "SELECT * FROM ".CLANCMSDB.".ClanCMS_users WHERE user_name = '". $db->sql_escape(utf8_clean_string($username))."' and user_password = '". sha1($salt . sha1($password))."'";
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$row2 = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);

	if(!$row)
	{
	return array(
	'status' => LOGIN_ERROR_USERNAME,
	'error_msg' => 'LOGIN_ERROR_USERNAME',
	'user_row' => array('user_id' => ANONYMOUS),
	);
	}
	else
	{
	// retrieve default group id
	$sql = 'SELECT group_id
	FROM ' . GROUPS_TABLE . "
	WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
	AND group_type = " . GROUP_SPECIAL;
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);

	if (!$row)
	{
	trigger_error('NO_GROUP');
	}

	// generate user account data
	$clancms_user_row = array(
	'username' => $username,
	'user_password' => phpbb_hash($password),
	'user_email' => (!empty($row2['user_email'])) ? utf8_htmlspecialchars(htmlspecialchars_decode($row2['user_email'])): '',
	'group_id' => (int) $row['group_id'],
	'user_type' => USER_NORMAL,
	'user_ip' => $user->ip,
	'user_new' => ($config['new_member_post_limit']) ? 1 : 0,
	);

	unset($row);

	// this is the user's first login so create an empty profile
	return array(
	'status' => LOGIN_SUCCESS_CREATE_PROFILE,
	'error_msg' => false,
	'user_row' => $clancms_user_row,
	);

	}
	}

	$show_captcha = false;
	//$config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts'];

	// If there are too much login attempts, we need to check for an confirm image
	// Every auth module is able to define what to do by itself...
	if ($show_captcha)
	{
	// Visual Confirmation handling
	if (!class_exists('phpbb_captcha_factory'))
	{
	global $phpbb_root_path, $phpEx;
	include ($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
	}

	$captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
	$captcha->init(CONFIRM_LOGIN);
	$vc_response = $captcha->validate($row);
	if ($vc_response)
	{
	return array(
	'status' => LOGIN_ERROR_ATTEMPTS,
	'error_msg' => 'LOGIN_ERROR_ATTEMPTS',
	'user_row' => $row,
	);
	}
	else
	{
	$captcha->reset();
	}

	}

	if (phpbb_check_hash($password, $row['user_password']))
	{
	$sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts
	FROM ' . USERS_TABLE . "
	WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);
	if ($row)
	{
	if ($row['user_login_attempts'] != 0)
	{
	// Successful, reset login attempts (the user passed all stages)
	$sql = 'UPDATE ' . USERS_TABLE . '
	SET user_login_attempts = 0
	WHERE user_id = ' . $row['user_id'];
	$db->sql_query($sql);
	}

	// User inactive...
	if ($row['user_type'] == USER_INACTIVE \|\| $row['user_type'] == USER_IGNORE)
	{
	return array(
	'status' => LOGIN_ERROR_ACTIVE,
	'error_msg' => 'ACTIVE_ERROR',
	'user_row' => $row,
	);
	}

	// Successful login... set user_login_attempts to zero...
	return array(
	'status' => LOGIN_SUCCESS,
	'error_msg' => false,
	'user_row' => $row,
	);
	}
	}
	// Password incorrect - increase login attempts
	$sql = 'UPDATE ' . USERS_TABLE . '
	SET user_login_attempts = user_login_attempts + 1
	WHERE user_id = ' . (int) $row['user_id'] . '
	AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX;
	$db->sql_query($sql);

	// Give status about wrong password...
	return array(
	'status' => ($show_captcha) ? LOGIN_ERROR_ATTEMPTS : LOGIN_ERROR_PASSWORD,
	'error_msg' => ($show_captcha) ? 'LOGIN_ERROR_ATTEMPTS' : 'LOGIN_ERROR_PASSWORD',
	'user_row' => $row,
	);
	}

	function autologin_clancms()
	{

	global $db;
	$sess_info = unserialize(decode($_COOKIE[sessionCookieName],md5(clancmsEncryptionKey)));
	$sess_id = $sess_info['session_id'];
	$sess_ip = $sess_info['ip_address'];
	$sql = "SELECT *
	FROM ".CLANCMSDB.".ClanCMS_sessions
	WHERE
	session_id = '". $db->sql_escape(utf8_clean_string($sess_id)). "' ";
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);

	//if user found
	if($row)
	{
	$user_info = unserialize($row['user_data']);
	if(strlen($user_info['username']))
	{
	$clancmsuser = $user_info['username'];
	$sql = 'SELECT * FROM ' . USERS_TABLE . " WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($clancmsuser)) . "'";
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);
	return $row;
	}
	}
	//no user forund. phpbb still wants a blank array
	return array();
	}



	function logout_clancms($userrow,$newsession)
	{
	global $db;

	$sess_info = unserialize(decode($_COOKIE[sessionCookieName],md5(clancmsEncryptionKey)));
	$sess_id = $sess_info['session_id'];
	$sql = "DELETE FROM ".CLANCMSDB.".ClanCMS_sessions WHERE session_id = '". $db->sql_escape(utf8_clean_string($sess_id)). "' ";

	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);


	}



	function decode($string, $key = '')
	{
	if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
	{
	return FALSE;
	}

	$dec = base64_decode($string);
	if (clancms_mcrypt)
	{
	if (!($dec = mcrypt_decode($dec, $key)))
	{
	return FALSE;
	}
	}
	else
	{
	if(clancms_cookie_encrypted)
	{
	$dec = _xor_decode($dec, $key);
	}
	}

	return $dec;
	}

	function _xor_decode($string, $key)
	{
	$string = _xor_merge($string, $key);
	$dec = '';
	for ($i = 0; $i < strlen($string); $i++)
	{
	$dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1));
	}

	return $dec;
	}

	function _xor_merge($string, $key)
	{
	$hash = sha1($key);
	$str = '';
	for ($i = 0; $i < strlen($string); $i++)
	{
	$str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1);
	}

	return $str;
	}

	function mcrypt_decode($data, $key)
	{
	$data = _remove_cipher_noise($data, $key);
	$init_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, clancms_mcrypt_mode);
	if ($init_size > strlen($data))
	{
	return FALSE;
	}

	$init_vect = substr($data, 0, $init_size);
	$data = substr($data, $init_size);
	return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $data, clancms_mcrypt_mode, $init_vect), "\0");
	}

	function _remove_cipher_noise($data, $key)
	{
	$keyhash = sha1($key);
	$keylen = strlen($keyhash);
	$str = '';
	for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
	{
	if ($j >= $keylen)
	{
	$j = 0;
	}

	$temp = ord($data[$i]) - ord($keyhash[$j]);

	if ($temp < 0)
	{
	$temp = $temp + 256;
	}

	$str .= chr($temp);
	}
	return $str;
	}



	?>