当前位置: 首页>>代码示例>>PHP>>正文

PHP phpbb_hash函数代码示例

本文整理汇总了PHP中phpbb_hash函数的典型用法代码示例。如果您正苦于以下问题:PHP phpbb_hash函数的具体用法?PHP phpbb_hash怎么用?PHP phpbb_hash使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了phpbb_hash函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: chgPwdphpBBuser

function chgPwdphpBBuser($nick, $pwd)
{
    $cryptpass = phpbb_hash($pwd);
    $sql = "UPDATE `" . $_SESSION['Application_host'] . "`.`forum_users` ";
    $sql .= "SET `user_password` = '" . $cryptpass . "' ";
    $sql .= "WHERE `username` = '" . $nick . "'";
    echo "<!--" . $sql . "-->";
    $req = execSQL($sql, "function", __FILE__, __FUNCTION__);
}
开发者ID:GrottoCenter,项目名称:GrottoCenter,代码行数:9,代码来源:phpBBinterface.php

示例2: main

    function main($id, $mode)
    {
        global $config, $phpbb_root_path, $phpEx;
        global $db, $user, $auth, $template;
        $username = request_var('username', '', true);
        $email = strtolower(request_var('email', ''));
        $submit = isset($_POST['submit']) ? true : false;
        if ($submit) {
            $sql = 'SELECT user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason
				FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE user_email = '" . $db->sql_escape($email) . "'\n\t\t\t\t\tAND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
            $result = $db->sql_query($sql);
            $user_row = $db->sql_fetchrow($result);
            $db->sql_freeresult($result);
            if (!$user_row) {
                trigger_error('NO_EMAIL_USER');
            }
            if ($user_row['user_type'] == USER_IGNORE) {
                trigger_error('NO_USER');
            }
            if ($user_row['user_type'] == USER_INACTIVE) {
                if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL) {
                    trigger_error('ACCOUNT_DEACTIVATED');
                } else {
                    trigger_error('ACCOUNT_NOT_ACTIVATED');
                }
            }
            // Check users permissions
            $auth2 = new auth();
            $auth2->acl($user_row);
            if (!$auth2->acl_get('u_chgpasswd')) {
                trigger_error('NO_AUTH_PASSWORD_REMINDER');
            }
            $server_url = generate_board_url();
            $key_len = 54 - strlen($server_url);
            $key_len = max(6, $key_len);
            // we want at least 6
            $key_len = $config['max_pass_chars'] ? min($key_len, $config['max_pass_chars']) : $key_len;
            // we want at most $config['max_pass_chars']
            $user_actkey = substr(gen_rand_string(10), 0, $key_len);
            $user_password = gen_rand_string(8);
            $sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'\n\t\t\t\tWHERE user_id = " . $user_row['user_id'];
            $db->sql_query($sql);
            include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
            $messenger = new messenger(false);
            $messenger->template('user_activate_passwd', $user_row['user_lang']);
            $messenger->to($user_row['user_email'], $user_row['username']);
            $messenger->im($user_row['user_jabber'], $user_row['username']);
            $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($user_row['username']), 'PASSWORD' => htmlspecialchars_decode($user_password), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_actkey}"));
            $messenger->send($user_row['user_notify_type']);
            meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}"));
            $message = $user->lang['PASSWORD_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>');
            trigger_error($message);
        }
        $template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword')));
        $this->tpl_name = 'ucp_remind';
        $this->page_title = 'UCP_REMIND';
    }
开发者ID:jvinhit,项目名称:php,代码行数:57,代码来源:ucp_remind.php

示例3: run_tool

 /**
  * Run Tool
  *
  * Does the actual stuff we want the tool to do after submission
  */
 function run_tool(&$error)
 {
     global $config, $user;
     $user->add_lang(array('acp/groups', 'ucp'));
     if (!check_form_key('add_user')) {
         $error[] = 'FORM_INVALID';
         return;
     }
     // Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1
     $timezone = date('Z') / 3600;
     $is_dst = date('I');
     if ($config['board_timezone'] == $timezone || $config['board_timezone'] == $timezone - 1) {
         $timezone = $is_dst ? $timezone - 1 : $timezone;
         if (!isset($user->lang['tz_zones'][(string) $timezone])) {
             $timezone = $config['board_timezone'];
         }
     } else {
         $is_dst = $config['board_dst'];
         $timezone = $config['board_timezone'];
     }
     // Collect the user data
     $data = array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'new_password' => request_var('new_password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (double) $timezone));
     // Check vars
     $this->validate_data($data, $error);
     // Something went wrong
     if (!empty($error)) {
         return false;
     }
     // Collect the groups data
     $groups = array('default' => request_var('defaultgroup', 0), 'groups' => request_var('usergroups', array(0)), 'leaders' => request_var('groupleader', array(0)));
     // Register the user
     $user_row = array('username' => $data['username'], 'user_password' => phpbb_hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $groups['default'], 'user_timezone' => (double) $data['tz'], 'user_dst' => $is_dst, 'user_lang' => $data['lang'], 'user_type' => USER_NORMAL, 'user_actkey' => '', 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => 0, 'user_inactive_time' => 0);
     $user_id = user_add($user_row, false);
     // Remove the default group from the groups array. Keeping it here causes an error
     if (in_array($groups['default'], $groups['groups'])) {
         foreach ($groups['groups'] as $group_key => $group_id) {
             if ($group_id == $groups['default']) {
                 unset($groups['groups'][$group_key]);
                 break;
             }
         }
     }
     // This should not happen, because the required variables are listed above...
     if ($user_id === false) {
         trigger_error('NO_USER', E_USER_ERROR);
     }
     // Add the user to the selected groups
     $this->add_groups($user_id, $groups, $error);
     // Last check for errors
     if (!empty($error)) {
         return false;
     }
     // And done
     trigger_error('USER_ADDED');
 }
开发者ID:napus,项目名称:support-toolkit,代码行数:60,代码来源:add_user.php

示例4: add_contact

function add_contact()
{
    /*Проверка прав на выполнение действия*/
    if (!check_rights('add_contact')) {
        //Возвращаем значение функции
        return "У вас нет соответствующих прав";
    }
    //IF
    if (!isset($_POST['name'])) {
        //Возвращаем значение функции
        return show_form_add_contact();
        //ELSE
    } else {
        //Проверка 'name'
        if (preg_match(REGEXP_USERNAME, $_POST['name'])) {
            if (db_easy_count("SELECT `user_id` FROM `phpbb_users` WHERE `username`='" . $_POST['name'] . "'") > 0) {
                $errors[] = ERROR_USERNAME_EXISTS;
            } else {
                $name = $_POST['name'];
            }
        } else {
            $errors[] = ERROR_USERNAME_REQUIREMENT;
        }
        //IF
        if (count($errors) == 0) {
            //Определяем переменную
            /*$user_data=array(	'username'=>$name.,
            			'group_id'=>'1774',
            			'user_lang'=>'ru',
            			'user_type'=>0,
            			'user_regdate'=>time()
            		);*/
            $user_data = array('username' => $name, 'user_password' => phpbb_hash('вава'), 'user_email' => '', 'group_id' => '1774', 'user_lang' => 'ru', 'user_type' => 0, 'user_regdate' => time(), 'point_id' => 1);
            /*Добавляем пользователя, использую функцию PHPBB*/
            $user_id = user_add($user_data);
            //Отправляем HTTP запрос
            header("location: /manager.php?action=edit_contact&contact={$user_id}");
            //ELSE
        } else {
            //Возвращаем значение функции
            return show_form_add_contact($_POST, $errors);
        }
    }
}
开发者ID:jsib,项目名称:intranet,代码行数:44,代码来源:add_contact.php

示例5: run_tool

    /**
     * Run Tool
     *
     * Does the actual stuff we want the tool to do after submission
     */
    function run_tool(&$error)
    {
        global $config, $db, $user;
        if (!check_form_key('change_password')) {
            $error[] = 'FORM_INVALID';
            return;
        }
        $user_req = utf8_normalize_nfc(request_var('user_req', '', true));
        if (!$user_req) {
            $error[] = 'NO_USER';
            return;
        }
        $sql = 'SELECT user_id, username, user_type FROM ' . USERS_TABLE . '
			WHERE ' . (!is_numeric($user_req) ? 'username_clean = \'' . $db->sql_escape(utf8_clean_string($user_req)) . '\'' : 'user_id = ' . (int) $user_req);
        $result = $db->sql_query($sql);
        $row = $db->sql_fetchrow($result);
        $db->sql_freeresult($result);
        $user_id = (int) $row['user_id'];
        $username = $row['username'];
        if (!$user_id) {
            $error[] = 'NO_USER';
            return;
        }
        $user->add_lang('ucp');
        if (!function_exists('validate_data')) {
            include PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT;
        }
        $data = array('new_password' => request_var('new_password', '', true), 'password_confirm' => request_var('password_confirm', '', true));
        if ($data['new_password'] != $data['password_confirm']) {
            $error[] = 'NEW_PASSWORD_ERROR';
            return;
        }
        $error = validate_data($data, array('new_password' => array('password'), 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars'])));
        if (!empty($error)) {
            return;
        }
        $db->sql_query('UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array('user_password' => phpbb_hash($data['new_password']))) . ' WHERE user_id = ' . $user_id);
        add_log('admin', 'LOG_USER_NEW_PASSWORD', $user_req);
        trigger_error(sprintf($user->lang['CHANGE_PASSWORD_SUCCESS'], append_sid(PHPBB_ROOT_PATH . 'memberlist.' . PHP_EXT, 'mode=viewprofile&amp;u=' . $user_id), $username));
    }
开发者ID:napus,项目名称:support-toolkit,代码行数:45,代码来源:change_password.php

示例6: login_db

/**
* Login function
*/
function login_db(&$username, &$password)
{
    global $db, $config;
    // do not allow empty password
    if (!$password) {
        return array('status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'NO_PASSWORD_SUPPLIED', 'user_row' => array('user_id' => ANONYMOUS));
    }
    if (!$username) {
        return array('status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => array('user_id' => ANONYMOUS));
    }
    $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts
		FROM ' . USERS_TABLE . "\n\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
    $result = $db->sql_query($sql);
    $row = $db->sql_fetchrow($result);
    $db->sql_freeresult($result);
    if (!$row) {
        return array('status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => array('user_id' => ANONYMOUS));
    }
    // If there are too much login attempts, we need to check for an confirm image
    // Every auth module is able to define what to do by itself...
    if ($config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts']) {
        // Visual Confirmation handling
        $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
        $captcha->init(CONFIRM_LOGIN);
        $vc_response = $captcha->validate();
        if ($vc_response) {
            return array('status' => LOGIN_ERROR_ATTEMPTS, 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', 'user_row' => $row);
        }
    }
    // If the password convert flag is set we need to convert it
    if ($row['user_pass_convert']) {
        // in phpBB2 passwords were used exactly as they were sent, with addslashes applied
        $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : '';
        $password_old_format = !STRIP ? addslashes($password_old_format) : $password_old_format;
        $password_new_format = '';
        set_var($password_new_format, stripslashes($password_old_format), 'string');
        if ($password == $password_new_format) {
            if (!function_exists('utf8_to_cp1252')) {
                global $phpbb_root_path, $phpEx;
                include $phpbb_root_path . 'includes/utf/data/recode_basic.' . $phpEx;
            }
            // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding
            // plain md5 support left in for conversions from other systems.
            if (strlen($row['user_password']) == 34 && (phpbb_check_hash(md5($password_old_format), $row['user_password']) || phpbb_check_hash(md5(utf8_to_cp1252($password_old_format)), $row['user_password'])) || strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password'])) {
                $hash = phpbb_hash($password_new_format);
                // Update the password in the users table to the new format and remove user_pass_convert flag
                $sql = 'UPDATE ' . USERS_TABLE . '
					SET user_password = \'' . $db->sql_escape($hash) . '\',
						user_pass_convert = 0
					WHERE user_id = ' . $row['user_id'];
                $db->sql_query($sql);
                $row['user_pass_convert'] = 0;
                $row['user_password'] = $hash;
            } else {
                // Although we weren't able to convert this password we have to
                // increase login attempt count to make sure this cannot be exploited
                $sql = 'UPDATE ' . USERS_TABLE . '
					SET user_login_attempts = user_login_attempts + 1
					WHERE user_id = ' . $row['user_id'];
                $db->sql_query($sql);
                return array('status' => LOGIN_ERROR_PASSWORD_CONVERT, 'error_msg' => 'LOGIN_ERROR_PASSWORD_CONVERT', 'user_row' => $row);
            }
        }
    }
    // Check password ...
    if (!$row['user_pass_convert'] && phpbb_check_hash($password, $row['user_password'])) {
        // Check for old password hash...
        if (strlen($row['user_password']) == 32) {
            $hash = phpbb_hash($password);
            // Update the password in the users table to the new format
            $sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_password = '" . $db->sql_escape($hash) . "',\n\t\t\t\t\tuser_pass_convert = 0\n\t\t\t\tWHERE user_id = {$row['user_id']}";
            $db->sql_query($sql);
            $row['user_password'] = $hash;
        }
        if ($row['user_login_attempts'] != 0) {
            // Successful, reset login attempts (the user passed all stages)
            $sql = 'UPDATE ' . USERS_TABLE . '
				SET user_login_attempts = 0
				WHERE user_id = ' . $row['user_id'];
            $db->sql_query($sql);
        }
        // User inactive...
        if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) {
            return array('status' => LOGIN_ERROR_ACTIVE, 'error_msg' => 'ACTIVE_ERROR', 'user_row' => $row);
        }
        // Successful login... set user_login_attempts to zero...
        return array('status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $row);
    }
    // Password incorrect - increase login attempts
    $sql = 'UPDATE ' . USERS_TABLE . '
		SET user_login_attempts = user_login_attempts + 1
		WHERE user_id = ' . $row['user_id'];
    $db->sql_query($sql);
    // Give status about wrong password...
    return array('status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'LOGIN_ERROR_PASSWORD', 'user_row' => $row);
}
开发者ID:ubick,项目名称:lorekeepers.org,代码行数:99,代码来源:auth_db.php

示例7: ei_user_register

function ei_user_register($username, $password, $email, $questionid = '', $answer = '', $regip = '')
{
    include_once BM_ROOT . 'src/inc/utf/utf_tools.php';
    $data = array('username' => $username, 'username_clean' => utf8_clean_string($username), 'password' => phpbb_hash($password));
    DB::insert('account', $data);
    return DB::insert_id();
}
开发者ID:huiwei19,项目名称:oursustc-php,代码行数:7,代码来源:user.php

示例8: create_user

 function create_user($user_data, $check_values = true, $batch_process = false)
 {
     global $db, $config, $cache, $user, $lang;
     if ($check_values) {
         if (!function_exists('validate_username')) {
             include_once IP_ROOT_PATH . 'includes/functions_validate.' . PHP_EXT;
         }
         $error = false;
         // Validating username
         if (empty($user_data['username'])) {
             $error = true;
             $error_msg .= (isset($error_msg) ? '<br />' : '') . $lang['Fields_empty'];
         } else {
             $result = validate_username($user_data['username']);
             if ($result['error']) {
                 $error = true;
                 $error_msg .= (isset($error_msg) ? '<br />' : '') . $result['error_msg'];
             }
         }
         // Validating password
         if (empty($user_data['user_password'])) {
             $error = true;
             $error_msg .= (isset($error_msg) ? '<br />' : '') . $lang['Fields_empty'];
         }
         // Validating email
         if (empty($user_data['user_email'])) {
             $error = true;
             $error_msg .= (isset($error_msg) ? '<br />' : '') . $lang['Fields_empty'];
         } else {
             $result = validate_email($user_data['user_email']);
             if ($result['error']) {
                 $error = true;
                 $error_msg .= (isset($error_msg) ? '<br />' : '') . $result['error_msg'];
             }
         }
         if (!empty($error) && $batch_process) {
             return false;
         }
         if ($error) {
             message_die(GENERAL_MESSAGE, $error_msg);
         }
     }
     $sql = "SELECT MAX(user_id) AS total FROM " . USERS_TABLE;
     $db->sql_return_on_error(true);
     $result = $db->sql_query($sql);
     $db->sql_return_on_error(false);
     if (!$result) {
         if ($batch_process) {
             return false;
         }
         message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
     }
     if (!($row = $db->sql_fetchrow($result))) {
         if ($batch_process) {
             return false;
         }
         message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
     }
     $user_id = $row['total'] + 1;
     $user_data = array('user_id' => $user_id, 'username' => $user_data['username'], 'username_clean' => utf8_clean_string($user_data['username']), 'user_first_name' => !empty($user_data['user_first_name']) ? $user_data['user_first_name'] : '', 'user_last_name' => !empty($user_data['user_last_name']) ? $user_data['user_last_name'] : '', 'user_password' => phpbb_hash($user_data['user_password']), 'user_regdate' => !empty($user_data['user_regdate']) ? $user_data['user_regdate'] : time(), 'user_email' => $user_data['user_email'], 'user_email_hash' => phpbb_email_hash($user_data['user_email']), 'user_website' => !empty($user_data['user_website']) ? $user_data['user_website'] : '', 'user_phone' => !empty($user_data['user_phone']) ? $user_data['user_phone'] : '', 'user_timezone' => !empty($user_data['user_timezone']) ? $user_data['user_timezone'] : $config['board_timezone'], 'user_dateformat' => !empty($user_data['user_dateformat']) ? $user_data['user_dateformat'] : $config['default_dateformat'], 'user_lang' => !empty($user_data['user_lang']) ? $user_data['user_lang'] : $config['default_lang'], 'user_style' => !empty($user_data['user_style']) ? $user_data['user_style'] : $config['default_style'], 'user_level' => !empty($user_data['user_level']) ? $user_data['user_level'] : 0, 'user_rank' => !empty($user_data['user_rank']) ? $user_data['user_rank'] : 0, 'user_active' => !empty($user_data['user_active']) ? $user_data['user_active'] : 1, 'user_actkey' => !empty($user_data['user_actkey']) ? $user_data['user_actkey'] : 'user_actkey');
     // PROFILE EDIT BRIDGE - BEGIN
     $target_profile_data = array('user_id' => $user_data['user_id'], 'username' => $user_data['username'], 'password' => $user_data['user_password'], 'email' => $user_data['user_email']);
     $this->profile_update($target_profile_data);
     unset($target_profile_data);
     // PROFILE EDIT BRIDGE - END
     $sql = "INSERT INTO " . USERS_TABLE . " " . $db->sql_build_insert_update($user_data, true);
     $db->sql_return_on_error(true);
     $db->sql_transaction('begin');
     $result = $db->sql_query($sql);
     $db->sql_return_on_error(false);
     if (!$result) {
         if ($batch_process) {
             return false;
         }
         message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
     }
     $sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator) VALUES ('', 'Personal User', 1, 0)";
     $db->sql_return_on_error(true);
     $result = $db->sql_query($sql);
     $db->sql_return_on_error(false);
     if (!$result) {
         if ($batch_process) {
             return false;
         }
         message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
     }
     $group_id = $db->sql_nextid();
     $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) VALUES ({$user_id}, {$group_id}, 0)";
     $db->sql_return_on_error(true);
     $result = $db->sql_query($sql);
     $db->sql_transaction('commit');
     $db->sql_return_on_error(false);
     if (!$result) {
         if ($batch_process) {
             return false;
         }
         message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
     }
     if (!$batch_process) {
         board_stats();
//.........这里部分代码省略.........
开发者ID:ALTUN69,项目名称:icy_phoenix,代码行数:101,代码来源:class_users.php

示例9: login

 /**
  * {@inheritdoc}
  */
 public function login($username, $password)
 {
     ini_set('display_errors', 'On');
     error_reporting(E_ALL | E_STRICT);
     $sqlByUsername = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts FROM ' . USERS_TABLE . ' WHERE username = \'%s\'';
     $sqlByID = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts FROM ' . USERS_TABLE . ' WHERE user_id = %d';
     $password = trim($password);
     // Do not allow empty passwords.
     if (!$password) {
         return ['status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'NO_PASSWORD_SUPPLIED', 'user_row' => ['user_id' => ANONYMOUS]];
     }
     // Do not allow empty usernames.
     if (!$username) {
         return ['status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => ['user_id' => ANONYMOUS]];
     }
     // Do not allow the default admin to log in.
     if ($username == 'admin') {
         return ['status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_ADMIN_USERNAME', 'user_row' => ['user_id' => ANONYMOUS]];
     }
     // Find a phpbb user incase someone is trying to login with their
     // character name. Use the user's email address instead to login.
     // This is needed in order to use the administration panel.
     $sth = $this->db->sql_query(sprintf($sqlByUsername, $this->db->sql_escape($username)));
     $phpbb_user = $this->db->sql_fetchrow($sth);
     $this->db->sql_freeresult($sth);
     if ($phpbb_user) {
         $username = $phpbb_user['user_email'];
     }
     // Get the user details from seat.
     $user = $this->authenticateUser($username, $password);
     if (is_integer($user)) {
         switch ($user) {
             case 1001:
                 $error = 'LOGIN_ERROR_INVALID_CONNECTION';
                 break;
             case 1002:
                 $error = 'LOGIN_ERROR_INVALID_CREDENTIALS';
                 break;
             case 1003:
                 $error = 'LOGIN_ERROR_NO_MAIN_CHARACTER_SET';
                 break;
             case 1004:
                 $error = 'LOGIN_ERROR_MAIN_CHARACTER_UNAUTHORIZED';
                 break;
             default:
                 $error = 'LOGIN_ERROR_UNKNOWN';
                 break;
         }
         return ['status' => LOGIN_ERROR_EXTERNAL_AUTH, 'error_msg' => $error, 'user_row' => ['user_id' => ANONYMOUS]];
     }
     // Return the phpbb user if it was already found earlier.
     if ($phpbb_user) {
         return ['status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $phpbb_user];
     }
     // Find a phpbb user using the seat user's character name.
     $sth = $this->db->sql_query(sprintf($sqlByUsername, $this->db->sql_escape($user['characterName'])));
     $phpbb_user = $this->db->sql_fetchrow($sth);
     $this->db->sql_freeresult($sth);
     if ($phpbb_user) {
         return ['status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $phpbb_user];
     }
     // Create a new phpbb user if one wasn't found.
     $result = user_add(['username' => $user['characterName'], 'user_password' => phpbb_hash(openssl_random_pseudo_bytes(256)), 'user_email' => $user['userEmail'], 'group_id' => in_array('Superuser', $user['userRoles']) ? 5 : 2, 'user_type' => in_array('Superuser', $user['userRoles']) ? 3 : USER_NORMAL]);
     // Return the newly created user.
     $sth = $this->db->sql_query(sprintf($sqlByID, $this->db->sql_escape($result)));
     $phpbb_user = $this->db->sql_fetchrow($sth);
     $this->db->sql_freeresult($sth);
     return ['status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $phpbb_user];
 }
开发者ID:msims04,项目名称:eveseat-addon-auth,代码行数:72,代码来源:seat.php

示例10: save_users

    /**
     * Creates users and puts them in the right groups.
     * Also populates the users array.
     */
    private function save_users()
    {
        global $db, $config, $settings;
        // Hash the password.
        if (defined('PHPBB_31')) {
            global $passwords_manager;
            $password = $passwords_manager->hash('123456');
        } else {
            $password = phpbb_hash('123456');
        }
        $registered_group = $newly_registered_group = 0;
        // Get the group id for registered users and newly registered.
        $sql = 'SELECT group_id, group_name FROM ' . GROUPS_TABLE . '
			WHERE group_name = \'REGISTERED\'
			OR group_name = \'NEWLY_REGISTERED\'';
        $result = $db->sql_query($sql);
        while ($row = $db->sql_fetchrow($result)) {
            if ($row['group_name'] == 'REGISTERED') {
                $registered_group = (int) $row['group_id'];
            } else {
                $newly_registered_group = (int) $row['group_id'];
            }
        }
        $db->sql_freeresult($result);
        $s_chunks = $this->num_users > $this->user_chunks ? true : false;
        $end = $this->num_users + 1;
        $chunk_cnt = 0;
        $sql_ary = array();
        if (!defined('PHPBB_31')) {
            $tz = new DateTimeZone($settings->get_config('qi_tz', ''));
            $tz_ary = $tz->getTransitions(time());
            $offset = (double) $tz_ary[0]['offset'] / 3600;
            // 3600 seconds = 1 hour.
            $qi_dst = $tz_ary[0]['isdst'] ? 1 : 0;
            unset($tz_ary, $tz);
        }
        foreach ($this->user_arr as $user) {
            $email = $user['username_clean'] . $this->email_domain;
            $sql_ary[] = array('user_id' => $user['user_id'], 'username' => $user['username'], 'username_clean' => $user['username_clean'], 'user_lastpost_time' => $user['user_lastpost_time'], 'user_lastmark' => $user['user_lastmark'], 'user_posts' => $user['user_posts'], 'user_password' => $password, 'user_email' => $email, 'user_email_hash' => phpbb_email_hash($email), 'group_id' => $registered_group, 'user_type' => USER_NORMAL, 'user_permissions' => '', 'user_lang' => $settings->get_config('qi_lang'), 'user_form_salt' => unique_id(), 'user_style' => (int) $config['default_style'], 'user_regdate' => $user['user_regdate'], 'user_passchg' => $user['user_passchg'], 'user_options' => 230271, 'user_full_folder' => PRIVMSGS_NO_BOX, 'user_notify_type' => NOTIFY_EMAIL, 'user_dateformat' => 'M jS, ’y, H:i', 'user_sig' => '');
            $count = count($sql_ary) - 1;
            if (defined('PHPBB_31')) {
                $sql_ary[$count]['user_timezone'] = $settings->get_config('qi_tz', '');
            } else {
                $sql_ary[$count]['user_timezone'] = $offset;
                $sql_ary[$count]['user_pass_convert'] = 0;
                $sql_ary[$count]['user_occ'] = '';
                $sql_ary[$count]['user_interests'] = '';
                $sql_ary[$count]['user_dst'] = $qi_dst;
            }
            $chunk_cnt++;
            if ($s_chunks && $chunk_cnt >= $this->user_chunks) {
                // throw the array to the users table
                $db->sql_multi_insert(USERS_TABLE, $sql_ary);
                unset($sql_ary);
                $sql_ary = array();
                $chunk_cnt = 0;
            }
        }
        // If there are any remaining users we need to throw them in to.
        if (!empty($sql_ary)) {
            $db->sql_multi_insert(USERS_TABLE, $sql_ary);
        }
        unset($sql_ary);
        // Put them in groups.
        $chunk_cnt = $newly_registered = $skip = 0;
        // Don't add the first users to the newly registered group if a moderator and/or an admin is needed.
        $skip = $this->create_mod ? $skip + 1 : $skip;
        $skip = $this->create_admin ? $skip + 1 : $skip;
        // First the registered group.
        foreach ($this->user_arr as $user) {
            $sql_ary[] = array('user_id' => (int) $user['user_id'], 'group_id' => (int) $registered_group, 'group_leader' => 0, 'user_pending' => 0);
            if ($newly_registered < $this->num_new_group && $skip < 1) {
                $sql_ary[] = array('user_id' => (int) $user['user_id'], 'group_id' => (int) $newly_registered_group, 'group_leader' => 0, 'user_pending' => 0);
                $newly_registered++;
            }
            $skip--;
            if ($s_chunks && $chunk_cnt >= $this->user_chunks) {
                // throw the array to the users table
                $db->sql_multi_insert(USER_GROUP_TABLE, $sql_ary);
                unset($sql_ary);
                $sql_ary = array();
                $chunk_cnt = 0;
            }
        }
        $db->sql_multi_insert(USER_GROUP_TABLE, $sql_ary);
        // Get the last user
        $user = end($this->user_arr);
        set_config('newest_user_id', $user['user_id']);
        set_config('newest_username', $user['username']);
        set_config('newest_user_colour', '');
        // phpBB installs the forum with one user.
        set_config('num_users', $this->num_users + 1);
    }
开发者ID:VSEphpbb,项目名称:quickinstall,代码行数:97,代码来源:functions_populate.php

示例11: unset

         unset($stk_passwd, $login_token);
     }
 }
 // No active session?
 if (!$stk_session) {
     // We're trying to login
     if (isset($_POST['login'])) {
         if ($cache->get('_stk_last_login') !== false) {
             // Make sure that we do not have an stk_last_login cache file (expires after 3 seconds).  To prevent a bruteforce attack
             $err_msg = 'STK_LOGIN_WAIT';
         } else {
             if (!check_form_key('stk_login_form')) {
                 $err_msg = 'FORM_INVALID';
             } else {
                 // Create a hash of the given token to compare the password
                 $login_token_hash = phpbb_hash($login_token);
                 if (phpbb_check_hash($stk_passwd, $login_token_hash)) {
                     $stk_session = true;
                     // Create a session cookie to keep the user logged in
                     setcookie('stk_token', $login_token_hash, 0);
                 } else {
                     // Store a cache file letting us know when the last login failure attempt was
                     $cache->put('_stk_last_login', true, 3);
                     $err_msg = 'INCORRECT_PASSWORD';
                 }
             }
         }
     }
     // Past this point we don't want the passwords anymore
     unset($stk_passwd, $login_token);
     // Still no session. Make the user happy and show him something to work with
开发者ID:napus,项目名称:support-toolkit,代码行数:31,代码来源:index.php

示例12: MAX

             $error_msg .= (isset($error_msg) ? '<br />' : '') . $result['error_msg'];
         }
     }
     if (!$error) {
         $username_sql = "username = '" . $db->sql_escape($username) . "', username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "', ";
     }
 }
 if (!$error) {
     $sql = "SELECT MAX(user_id) AS total\n\t\t\tFROM " . USERS_TABLE;
     $result = $db->sql_query($sql);
     if (!($row = $db->sql_fetchrow($result))) {
         message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
     }
     $user_id = $row['total'] + 1;
     $clean_password = $new_password;
     $new_password = phpbb_hash($new_password);
     $sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, username_clean, user_regdate, user_password, user_email, user_email_hash, user_style, user_timezone, user_dateformat, user_lang, user_level, user_active, user_actkey)\n\t\t\tVALUES ({$user_id}, '" . $db->sql_escape($username) . "', '" . $db->sql_escape(utf8_clean_string($username)) . "', " . time() . ", '" . $db->sql_escape($new_password) . "', '" . $db->sql_escape($email) . "', '" . $db->sql_escape(phpbb_email_hash($email)) . "', {$user_style}, {$user_timezone}, '" . $db->sql_escape($user_dateformat) . "', '" . $db->sql_escape($user_lang) . "', 0, 1, 'user_actkey')";
     $db->sql_transaction('begin');
     $result = $db->sql_query($sql);
     $sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)\n\t\t\tVALUES ('', 'Personal User', 1, 0)";
     $result = $db->sql_query($sql);
     $group_id = $db->sql_nextid();
     $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)\n\t\t\tVALUES ({$user_id}, {$group_id}, 0)";
     $result = $db->sql_query($sql);
     $db->sql_transaction('commit');
     // PROFILE EDIT BRIDGE - BEGIN
     $target_profile_data = array('user_id' => $user_id, 'username' => $username, 'password' => $clean_password, 'email' => $email);
     if (!class_exists('class_users')) {
         include_once IP_ROOT_PATH . 'includes/class_users.' . PHP_EXT;
     }
     if (empty($class_users)) {
开发者ID:ALTUN69,项目名称:icy_phoenix,代码行数:31,代码来源:admin_user_register.php

示例13: main


//.........这里部分代码省略.........
				$row = $db->sql_fetchrow($result);
				$db->sql_freeresult($result);

				if (!$row)
				{
					trigger_error('NO_GROUP');
				}

				$group_id = $row['group_id'];

				if (($coppa ||
					$config['require_activation'] == USER_ACTIVATION_SELF ||
					$config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable'])
				{
					$user_actkey = gen_rand_string(10);
					$key_len = 54 - (strlen($server_url));
					$key_len = ($key_len < 6) ? 6 : $key_len;
					$user_actkey = substr($user_actkey, 0, $key_len);

					$user_type = USER_INACTIVE;
					$user_inactive_reason = INACTIVE_REGISTER;
					$user_inactive_time = time();
				}
				else
				{
					$user_type = USER_NORMAL;
					$user_actkey = '';
					$user_inactive_reason = 0;
					$user_inactive_time = 0;
				}

				$user_row = array(
					'username'				=> $data['username'],
					'user_password'			=> phpbb_hash($data['new_password']),
					'user_email'			=> $data['email'],
					'group_id'				=> (int) $group_id,
					'user_timezone'			=> (float) $data['tz'],
					'user_dst'				=> $is_dst,
					'user_lang'				=> $data['lang'],
					'user_type'				=> $user_type,
					'user_actkey'			=> $user_actkey,
					'user_ip'				=> $user->ip,
					'user_regdate'			=> time(),
					'user_inactive_reason'	=> $user_inactive_reason,
					'user_inactive_time'	=> $user_inactive_time,
				);

				// Register user...
				$user_id = user_add($user_row, $cp_data);

				// This should not happen, because the required variables are listed above...
				if ($user_id === false)
				{
					trigger_error('NO_USER', E_USER_ERROR);
				}

				if ($coppa && $config['email_enable'])
				{
					$message = $user->lang['ACCOUNT_COPPA'];
					$email_template = 'coppa_welcome_inactive';
				}
				else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable'])
				{
					$message = $user->lang['ACCOUNT_INACTIVE'];
					$email_template = 'user_welcome_inactive';
				}
开发者ID:pombredanne,项目名称:ArcherSys,代码行数:67,代码来源:ucp_register.php

示例14: login_mybb16

/**
* Login function
*
* @param string $username
* @param string $password
* @param string $ip			IP address the login is taking place from. Used to
*							limit the number of login attempts per IP address.
* @param string $browser	The user agent used to login
* @param string $forwarded_for X_FORWARDED_FOR header sent with login request
* @return array				A associative array of the format
*							array(
*								'status' => status constant
*								'error_msg' => string
*								'user_row' => array
*							)
*/
function login_mybb16($username, $password, $ip = '', $browser = '', $forwarded_for = '')
{
    global $db, $config;
    // do not allow empty password
    if (!$password) {
        return array('status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'NO_PASSWORD_SUPPLIED', 'user_row' => array('user_id' => ANONYMOUS));
    }
    if (!$username) {
        return array('status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => array('user_id' => ANONYMOUS));
    }
    $username_clean = utf8_clean_string($username);
    $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts, user_passwd_salt
		FROM ' . USERS_TABLE . "\n\t\tWHERE username_clean = '" . $db->sql_escape($username_clean) . "'";
    $result = $db->sql_query($sql);
    $row = $db->sql_fetchrow($result);
    $db->sql_freeresult($result);
    if ($ip && !$config['ip_login_limit_use_forwarded'] || $forwarded_for && $config['ip_login_limit_use_forwarded']) {
        $sql = 'SELECT COUNT(*) AS attempts
			FROM ' . LOGIN_ATTEMPT_TABLE . '
			WHERE attempt_time > ' . (time() - (int) $config['ip_login_limit_time']);
        if ($config['ip_login_limit_use_forwarded']) {
            $sql .= " AND attempt_forwarded_for = '" . $db->sql_escape($forwarded_for) . "'";
        } else {
            $sql .= " AND attempt_ip = '" . $db->sql_escape($ip) . "' ";
        }
        $result = $db->sql_query($sql);
        $attempts = (int) $db->sql_fetchfield('attempts');
        $db->sql_freeresult($result);
        $attempt_data = array('attempt_ip' => $ip, 'attempt_browser' => trim(substr($browser, 0, 149)), 'attempt_forwarded_for' => $forwarded_for, 'attempt_time' => time(), 'user_id' => $row ? (int) $row['user_id'] : 0, 'username' => $username, 'username_clean' => $username_clean);
        $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $db->sql_build_array('INSERT', $attempt_data);
        $result = $db->sql_query($sql);
    } else {
        $attempts = 0;
    }
    if (!$row) {
        if ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']) {
            return array('status' => LOGIN_ERROR_ATTEMPTS, 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', 'user_row' => array('user_id' => ANONYMOUS));
        }
        return array('status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => array('user_id' => ANONYMOUS));
    }
    $show_captcha = $config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts'] || $config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max'];
    // If there are too much login attempts, we need to check for an confirm image
    // Every auth module is able to define what to do by itself...
    if ($show_captcha) {
        // Visual Confirmation handling
        if (!class_exists('phpbb_captcha_factory')) {
            global $phpbb_root_path, $phpEx;
            include $phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx;
        }
        $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
        $captcha->init(CONFIRM_LOGIN);
        $vc_response = $captcha->validate($row);
        if ($vc_response) {
            return array('status' => LOGIN_ERROR_ATTEMPTS, 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', 'user_row' => $row);
        } else {
            $captcha->reset();
        }
    }
    // If the password convert flag is set we need to convert it
    if ($row['user_pass_convert']) {
        // in phpBB2 passwords were used exactly as they were sent, with addslashes applied
        $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : '';
        $password_old_format = !STRIP ? addslashes($password_old_format) : $password_old_format;
        $password_new_format = '';
        set_var($password_new_format, stripslashes($password_old_format), 'string', true);
        if ($password == $password_new_format) {
            if (md5(md5($row['user_passwd_salt']) . md5($password_old_format)) === $row['user_password']) {
                $hash = phpbb_hash($password_new_format);
                // Update the password in the users table to the new format and remove user_pass_convert flag
                $sql = 'UPDATE ' . USERS_TABLE . '
					SET user_password = \'' . $db->sql_escape($hash) . '\',
						user_pass_convert = 0
					WHERE user_id = ' . $row['user_id'];
                $db->sql_query($sql);
                $row['user_pass_convert'] = 0;
                $row['user_password'] = $hash;
            } else {
                // Although we weren't able to convert this password we have to
                // increase login attempt count to make sure this cannot be exploited
                $sql = 'UPDATE ' . USERS_TABLE . '
					SET user_login_attempts = user_login_attempts + 1
					WHERE user_id = ' . (int) $row['user_id'] . '
						AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX;
                $db->sql_query($sql);
//.........这里部分代码省略.........
开发者ID:phimax,项目名称:zoroak,代码行数:101,代码来源:auth_mybb16.php

示例15: register

 /**
  * Register user
  * 
  * @access 	public
  */
 public function register()
 {
     global $config, $user, $phpbb_root_path, $phpEx;
     if (!$this->user || isset($this->user['error'])) {
         return false;
     }
     $data = array('username' => utf8_normalize_nfc($this->__fetch_random_name()), 'user_password' => phpbb_hash($this->__random(15)), 'user_email' => strtolower($this->__fetch_random_email()), 'user_birthday' => $this->user['bdate'] ? date('d-m-Y', strtotime($this->user['bdate'])) : '', 'user_from' => $this->__fetch_user_from(), 'user_timezone' => $config['board_timezone'], 'user_dst' => $config['board_dst'], 'user_lang' => basename($user->lang_name), 'user_type' => USER_NORMAL, 'user_actkey' => '', 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => 0, 'user_inactive_time' => 0);
     $error = array();
     if ($config['check_dnsbl']) {
         if (($dnsbl = $user->check_dnsbl('register')) !== false) {
             $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
         }
     }
     if ($error) {
         trigger_error(implode('', $error));
         return false;
     }
     $server_url = generate_board_url();
     if (!($row = $this->__get_first("SELECT group_id FROM " . GROUPS_TABLE . " WHERE group_name = '" . $this->db->sql_escape('REGISTERED') . "' AND group_type = " . GROUP_SPECIAL))) {
         trigger_error('NO_GROUP');
     }
     $data['group_id'] = (int) $row['group_id'];
     if ($config['new_member_post_limit']) {
         $data['user_new'] = 1;
     }
     if (!($user_id = user_add($data))) {
         trigger_error('NO_USER', E_USER_ERROR);
     }
     $this->__upload_avatar($user_id);
     $this->db->sql_query("INSERT INTO " . TABLE_PREFIX . "ulogin VALUES (NULL, " . $user_id . ", '" . $this->db->sql_escape($this->user['identity']) . "')");
     $email_template = 'user_welcome';
     if ($config['email_enable']) {
         require_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
         $messenger = new messenger(false);
         $messenger->template($email_template, $data['lang']);
         $messenger->to($data['email'], $data['username']);
         $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
         $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
         $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
         $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
         $messenger->assign_vars(array('WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($gen_password)));
         $messenger->send(NOTIFY_EMAIL);
     }
     return $user_id;
 }
开发者ID:mike-a-b,项目名称:crossfit,代码行数:50,代码来源:class_ulogin.php


注:本文中的phpbb_hash函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。