mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-09-02 19:02:39 +02:00
Code Issues Releases Wiki Activity

Password options for logon, email login option, random user name/PW generation, Bugtracker #4393 and possibly others previously added to 0.7

Browse Source
This commit is contained in:
e107steved
2008-06-13 20:20:23 +00:00
parent 51637af101
commit b5771e501d
28 changed files with 2336 additions and 558 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
e107_admin/auth.php
View File

@@ -11,9 +11,9 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_admin/auth.php,v $
| $Revision: 1.2 $
| $Date: 2007-08-25 05:48:53 $
| $Author: e107coders $
| $Revision: 1.3 $
| $Date: 2008-06-13 20:20:20 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@@ -49,21 +49,51 @@ else
}
}
$row = $authresult = $obj->authcheck($_POST['authname'], $_POST['authpass']);
if ($row[0] == "authfail") {
require_once(e_HANDLER.'user_handler.php');
$row = $authresult = $obj->authcheck($_POST['authname'], $_POST['authpass'], varset($_POST['hashchallenge'],''));
if ($row[0] == "authfail")
{
$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"LOGIN",LAN_ROLL_LOG_11,"U: ".$tp->toDB($_POST['authname']),FALSE,LOG_TO_ROLLING);
echo "<script type='text/javascript'>document.location.href='../index.php'</script>\n";
header("location: ../index.php");
exit;
} else {
}
else
{
$cookieval = $row['user_id'].".".md5($row['user_password']);
$userpass = md5($_POST['authpass']);
$cookieval = $row['user_id'].".".md5($userpass);
// $sql->db_Select("user", "*", "user_name='".$tp -> toDB($_POST['authname'])."'");
// list($user_id, $user_name, $userpass) = $sql->db_Fetch();
$sql->db_Select("user", "*", "user_name='".$tp -> toDB($_POST['authname'])."'");
list($user_id, $user_name, $userpass) = $sql->db_Fetch();
if ($pref['user_tracking'] == "session") {
// Calculate class membership - needed for a couple of things
// Problem is that USERCLASS_LIST just contains 'guest' and 'everyone' at this point
$class_list = explode(',',$row['user_class']);
if ($row['user_admin'] && strlen($row['user_perms']))
{
$class_list[] = e_UC_ADMIN;
if (strpos($row['user_perms'],'0') === 0)
{
$class_list[] = e_UC_MAINADMIN;
}
}
$class_list[] = e_UC_MEMBER;
$class_list[] = e_UC_PUBLIC;
$user_logging_opts = array_flip(explode(',',varset($pref['user_audit_opts'],'')));
if (isset($user_logging_opts[USER_AUDIT_LOGIN]) && in_array(varset($pref['user_audit_class'],''),$class_list))
{ // Need to note in user audit trail
$admin_log->user_audit(USER_AUDIT_LOGIN,'', $user_id,$user_name);
}
$edata_li = array("user_id" => $row['user_id'], "user_name" => $row['user_name'], 'class_list' => implode(',',$class_list));
$e_event->trigger("login", $edata_li);
if ($pref['user_tracking'] == "session")
{
$_SESSION[$pref['cookie_name']] = $cookieval;
} else {
}
else
{
cookie($pref['cookie_name'], $cookieval, (time()+3600 * 24 * 30));
}
echo "<script type='text/javascript'>document.location.href='admin.php'</script>\n";
@@ -73,7 +103,8 @@ else
$e_sub_cat = 'logout';
require_once(e_ADMIN."header.php");
if (ADMIN == FALSE) {
if (ADMIN == FALSE)
{
$obj = new auth;
$obj->authform();
require_once(e_ADMIN."footer.php");
@@ -84,7 +115,6 @@ else
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
class auth
{
function authform()
{
/*
@@ -95,24 +125,32 @@ class auth
# - scope public
*/
global $use_imagecode, $sec_img,$imode;
global $use_imagecode, $sec_img,$imode, $pref;
$text = "<div style='padding:20px;text-align:center'>
<form method='post' action='".e_SELF."'>\n
<form method='post' action='".e_SELF."'";
if (varsettrue($pref['password_CHAP'],0))
{
$text .= " onsubmit='hashLoginPassword(this)'";
}
$text .= ">\n
<table style='width:50%' class='fborder'>
<tr>
<td rowspan='4' style='vertical-align:middle;width:65px'>".(file_exists(THEME."images/password.png") ? "<img src='".THEME_ABS."images/password.png' alt='' />\n" : "<img src='".e_IMAGE."packs/".$imode."/generic/password.png' alt='' />\n" )."</td>
<td style='width:35%' class='forumheader3'>".ADLAN_89."</td>
<td class='forumheader3' style='text-align:center'><input class='tbox' type='text' name='authname' size='30' value='$authname' maxlength='20' />\n</td>
<td class='forumheader3' style='text-align:center'><input class='tbox' type='text' name='authname' id='username' size='30' value='' maxlength='".varset($pref['loginname_maxlength'],30)."' />\n</td>
</tr>
<tr>
<td style='width:35%' class='forumheader3'>".ADLAN_90."</td>
<td class='forumheader3' style='text-align:center'><input class='tbox' type='password' name='authpass' size='30' value='' maxlength='20' />\n</td>
<td class='forumheader3' style='text-align:center'><input class='tbox' type='password' name='authpass' id='userpass' size='30' value='' maxlength='30' />\n";
if (isset($_SESSION['challenge']) && varset($pref['password_CHAP'],0)) $text .= "<input type='hidden' name='hashchallenge' id='hashchallenge' value='{$_SESSION['challenge']}' />\n\n";
$text .= "</td>
</tr>
";
if ($use_imagecode) {
if ($use_imagecode)
{
$text .= "
<tr>
<td style='width:35%' class='forumheader3'>".ADLAN_152."</td>
@@ -139,7 +177,7 @@ class auth
$au->tablerender(ADLAN_92, $text);
}
function authcheck($authname, $authpass)
function authcheck($authname, $authpass, $authresponse = '')
{
/*
# Admin auth check
@@ -148,28 +186,50 @@ class auth
# - return boolean if fail, else result array
# - scope public
*/
global $tp;
global $tp, $pref;
$sql_auth = new db;
$authname = $tp -> toDB(preg_replace("/\sOR\s|\=|\#/", "", $authname));
if ($sql_auth->db_Select("user", "*", "user_loginname='$authname' AND user_admin='1' "))
$reason = '';
$user_info = new UserHandler;
$authname = $tp -> toDB(preg_replace("/\sOR\s|\=|\#/", "", trim($authname)));
$authpass = trim($authpass);
if (($authpass == '') || ($authname == '')) $reason = 'np';
if (strlen($authname) > varset($pref['loginname_maxlength'],30)) $reason = 'lu';
if (!$reason)
{
if ($sql_auth->db_Select("user", "*", "user_loginname='{$authname}' AND user_admin='1' "))
{
$row = $sql_auth->db_Fetch();
}
elseif ($sql_auth->db_Select("user", "*", "user_name='{$authname}' AND user_admin='1' "))
{
$row = $sql_auth->db_Fetch();
$authname = $row['user_loginname'];
}
else
{
if ($sql_auth->db_Select("user", "*", "user_name='$authname' AND user_admin='1' "))
$reason = 'iu';
}
}
if (!$reason && ($row['user_id']))
{ // Can validate password
if (($authresponse && isset($_SESSION['challenge'])) && ($authresponse != $_SESSION['challenge']))
{ // Verify using CHAP (can't handle login by email address - only loginname - although with this code it does still work if the password is stored unsalted)
if (($pass_result = $user_info->CheckCHAP($_SESSION['challenge'], $authresponse, $authname, $row['user_password'])) !== PASSWORD_INVALID)
{
$row = $sql_auth->db_Fetch();
return $$row;
}
}
if($row['user_id'])
{
if($row['user_password'] == md5($authpass))
else
{ // Plaintext password
if (($pass_result = $user_info->CheckPassword($authpass, $authname,$row['user_password'])) !== PASSWORD_INVALID)
{
return $row;
}
}
return array("authfail");
}
return array("authfail", "reason" => $reason);
}
}

215
e107_admin/prefs.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_admin/prefs.php,v $
| $Revision: 1.13 $
| $Date: 2008-03-23 21:53:34 $
| $Revision: 1.14 $
| $Date: 2008-06-13 20:20:20 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@@ -440,36 +440,41 @@ $text .= "</table></div>";
// =========== Registration Preferences. ==================
$text .= "<div id='registration' style='display:none; text-align:center'><table style='width:100%' class='fborder'>
<colgroup>
<col style='width:50%' />
<col style='width:50%' />
</colgroup>
<tr>
<td class='fcaption' title='".PRFLAN_80."' style='text-align:left;' colspan='2'>".PRFLAN_28."</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_29."<br /><span class='smalltext'>".PRFLAN_30."</span></td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_29."<br /><span class='smalltext'>".PRFLAN_30."</span></td>
<td style='text-align:right' class='forumheader3'>
<input type='radio' name='user_reg' value='1'".($pref['user_reg'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='user_reg' value='0'".(!$pref['user_reg'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_141."<br /></td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_141."<br /></td>
<td style='text-align:right' class='forumheader3'>
<input type='radio' name='xup_enabled' value='1'".($pref['xup_enabled'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='xup_enabled' value='0'".(!$pref['xup_enabled'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_154."</td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_154."</td>
<td style='text-align:right' class='forumheader3'>
<select name='user_reg_veri' class='tbox'>";
$veri_list[0] = PRFLAN_152;
$veri_list[1] = PRFLAN_31;
$veri_list[2] = PRFLAN_153;
foreach($veri_list as $v => $v_title){
foreach($veri_list as $v => $v_title)
{
$sel = ($pref['user_reg_veri'] == $v) ? "selected='selected'" : "";
$text .= "<option value='$v' $sel>".$v_title."</option>\n";
}
@@ -478,48 +483,48 @@ $text .= "<div id='registration' style='display:none; text-align:center'><table
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_160."<br /></td>
<td class='forumheader3' style='width:50%;text-align:right' >
<td class='forumheader3'>".PRFLAN_160."<br /></td>
<td class='forumheader3' style='text-align:right' >
<input type='radio' name='signup_remote_emailcheck' value='1'".($pref['signup_remote_emailcheck'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='signup_remote_emailcheck' value='0'".(!$pref['signup_remote_emailcheck'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_167."<br /></td>
<td class='forumheader3' style='width:50%;text-align:right' >
<td class='forumheader3'>".PRFLAN_167."<br /></td>
<td class='forumheader3' style='text-align:right' >
<input type='radio' name='disable_emailcheck' value='1'".($pref['disable_emailcheck'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='disable_emailcheck' value='0'".(!$pref['disable_emailcheck'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_32."<br /><span class='smalltext'>".PRFLAN_33."</span></td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_32."<br /><span class='smalltext'>".PRFLAN_33."</span></td>
<td style='text-align:right' class='forumheader3'>
<input type='radio' name='anon_post' value='1'".($pref['anon_post'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='anon_post' value='0'".(!$pref['anon_post'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_45."<br /><span class='smalltext'>".PRFLAN_46." <a href='http://www.cdt.org/legislation/105th/privacy/coppa.html'>".PRFLAN_94."</a></span></td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_45."<br /><span class='smalltext'>".PRFLAN_46." <a href='http://www.cdt.org/legislation/105th/privacy/coppa.html'>".PRFLAN_94."</a></span></td>
<td style='text-align:right' class='forumheader3'>
<input type='radio' name='use_coppa' value='1'".($pref['use_coppa'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='use_coppa' value='0'".(!$pref['use_coppa'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_58."<br /><span class='smalltext'>".PRFLAN_59."</span></td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_58."<br /><span class='smalltext'>".PRFLAN_59."</span></td>
<td style='text-align:right' class='forumheader3'>
<input type='radio' name='membersonly_enabled' value='1'".($pref['membersonly_enabled'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='membersonly_enabled' value='0'".(!$pref['membersonly_enabled'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".CUSTSIG_16."<br /><span class='smalltext'>".PRFLAN_78."</span></td>
<td class='forumheader3' style='width:50%;text-align:right' >
<td class='forumheader3'>".CUSTSIG_16."<br /><span class='smalltext'>".PRFLAN_78."</span></td>
<td class='forumheader3' style='text-align:right' >
<input type='text' class='tbox' size='3' name='signup_pass_len' value='".$pref['signup_pass_len']."' />
</td>
</tr>
@@ -527,37 +532,44 @@ $text .= "<div id='registration' style='display:none; text-align:center'><table
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_136."</td>
<td class='forumheader3' style='width:50%;text-align:right' >
<td class='forumheader3'>".PRFLAN_136."</td>
<td class='forumheader3' style='text-align:right' >
<input type='text' class='tbox' size='3' name='signup_maxip' value='".$pref['signup_maxip']."' />
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".CUSTSIG_18."<br /><span class='smalltext'>".CUSTSIG_19."</span></td>
<td class='forumheader3' style='width:50%;text-align:right' >
<td class='forumheader3'>".CUSTSIG_18."<br /><span class='smalltext'>".CUSTSIG_19."</span></td>
<td class='forumheader3' style='text-align:right' >
<textarea class='tbox' name='signup_disallow_text' cols='1' rows='3' style='width: 80%;'>".$pref['signup_disallow_text']."</textarea>
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_155.":</td>
<td class='forumheader3' style='width:50%;text-align:right' >
<td class='forumheader3'>".PRFLAN_155.":</td>
<td class='forumheader3' style='text-align:right' >
".r_userclass('displayname_class',$pref['displayname_class'],'off','nobody,public,admin,classes')."
<input class='button' type='submit' name='submit_resetdisplaynames' value='".PRFLAN_156."' />
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_158.":</td>
<td class='forumheader3' style='width:50%;text-align:right' >
<td class='forumheader3'>".PRFLAN_192.":<br /><span class='smalltext'>".PRFLAN_193."</span></td>
<td class='forumheader3' style='text-align:right' >
<input type='text' class='tbox' size='30' name='predefinedLoginName' value='".varset($pref['predefinedLoginName'],'')."' /><br />".PRFLAN_194."
</td>
</tr>
<tr>
<td class='forumheader3'>".PRFLAN_158.":</td>
<td class='forumheader3' style='text-align:right' >
<input type='text' class='tbox' size='3' name='displayname_maxlength' value='".varset($pref['displayname_maxlength'],15)."' />
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_172.":</td>
<td class='forumheader3' style='width:50%;text-align:right' >
<td class='forumheader3'>".PRFLAN_172.":</td>
<td class='forumheader3' style='text-align:right' >
<input type='text' class='tbox' size='3' name='loginname_maxlength' value='".varset($pref['loginname_maxlength'],30)."' />
</td>
</tr>
@@ -735,33 +747,48 @@ $text .= "<div id='textpost' style='display:none; text-align:center'>
$text .= pref_submit();
$text .= "</table></div>";
function multi_radio($name, $textsVals, $currentval = '')
{
$ret = '';
$gap = '';
foreach ($textsVals as $v => $t)
{
$sel = ($v == $currentval) ? " checked='checked'" : "";
$ret .= $gap."<input type='radio' name='{$name}' value='{$v}'{$sel} /> ".$t."\n";
$gap = "&nbsp;&nbsp;";
}
return $ret;
}
// Security Options. .
$hasGD = extension_loaded("gd");
$text .= "<div id='security' style='display:none; text-align:center'>
<table style='width:100%' class='fborder'>
<colgroup>
<col style='width:50%' />
<col style='width:50%' />
</colgroup>
<tr>
<td class='fcaption' title='".PRFLAN_80."' style='text-align:left;' colspan='2'>".PRFLAN_47."</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_60."<br /><span class='smalltext'>".PRFLAN_61."</span> </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<input type='radio' name='ssl_enabled' value='1'".($pref['ssl_enabled'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='ssl_enabled' value='0'".(!$pref['ssl_enabled'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
<td class='forumheader3'>".PRFLAN_60."<br /><span class='smalltext'>".PRFLAN_61."</span> </td>
<td style='text-align:right' class='forumheader3'>".
multi_radio('ssl_enabled',array('1' => PRFLAN_112, '0' => PRFLAN_113),$pref['ssl_enabled'])."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_76.": </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_76.": </td>
<td style='text-align:right' class='forumheader3'>
";
if($hasGD)
{
$text .= "
<input type='radio' name='signcode' value='1'".($pref['signcode'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='signcode' value='0'".(!$pref['signcode'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
";
$text .= multi_radio('signcode', array('1' =>PRFLAN_112,'0' => PRFLAN_113), $pref['signcode']);
}
else
{
@@ -772,15 +799,12 @@ $text .= "<div id='security' style='display:none; text-align:center'>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_81.": </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_81.": </td>
<td style='text-align:right' class='forumheader3'>
";
if($hasGD)
{
$text .= "
<input type='radio' name='logcode' value='1'".($pref['logcode'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='logcode' value='0'".(!$pref['logcode'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
";
$text .= multi_radio('logcode', array('1' =>PRFLAN_112,'0' => PRFLAN_113), $pref['logcode']);
}
else
{
@@ -791,82 +815,108 @@ $text .= "<div id='security' style='display:none; text-align:center'>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_138.": </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_138.": </td>
<td style='text-align:right' class='forumheader3'>
";
if($hasGD)
{
$text .= "
<input type='radio' name='fpwcode' value='1'".($pref['fpwcode'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='fpwcode' value='0'".(!$pref['fpwcode'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
";
$text .= multi_radio('fpwcode', array('1' =>PRFLAN_112,'0' => PRFLAN_113), $pref['fpwcode']);
}
else
{
$text .= PRFLAN_133;
}
$text .= "
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_92.": </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<input type='radio' name='user_reg_secureveri' value='1'".($pref['user_reg_secureveri'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='user_reg_secureveri' value='0'".(!$pref['user_reg_secureveri'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
<td class='forumheader3'>".PRFLAN_92.": </td>
<td style='text-align:right' class='forumheader3'>".
multi_radio('user_reg_secureveri',array('1' => PRFLAN_112, '0' => PRFLAN_113),$pref['user_reg_secureveri'])."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_129.":<br /><span class='smalltext'>".PRFLAN_130."</span> </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<input type='radio' name='disallowMultiLogin' value='1'".($pref['disallowMultiLogin'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='disallowMultiLogin' value='0'".(!$pref['disallowMultiLogin'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
<td class='forumheader3'>".PRFLAN_129.":<br /><span class='smalltext'>".PRFLAN_130."</span> </td>
<td style='text-align:right' class='forumheader3'>".
multi_radio('disallowMultiLogin',array('1' => PRFLAN_112, '0' => PRFLAN_113),$pref['disallowMultiLogin'])."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_48.": </td>
<td style='width:50%; text-align:right' class='forumheader3'>". ($pref['user_tracking'] == "cookie" ? "<input type='radio' name='user_tracking' value='cookie' checked='checked' /> ".PRFLAN_49 : "<input type='radio' name='user_tracking' value='cookie' /> ".PRFLAN_49). ($pref['user_tracking'] == "session" ? "<input type='radio' name='user_tracking' value='session' checked='checked' /> ".PRFLAN_50 : "<input type='radio' name='user_tracking' value='session' /> ".PRFLAN_50)."
<td class='forumheader3'>".PRFLAN_184.": <br /><span class='smalltext'>".PRFLAN_185."</span></td>
<td style='text-align:right' class='forumheader3'>".
multi_radio('allowEmailLogin',array('1' => PRFLAN_186, '0' => PRFLAN_187),varset($pref['allowEmailLogin'],0))."
</td>
</tr>
<tr>
<td class='forumheader3'>".PRFLAN_48.": </td>
<td style='text-align:right' class='forumheader3'>".
multi_radio('user_tracking', array('cookie' => PRFLAN_49, 'session' => PRFLAN_50), $pref['user_tracking'])."
<br />
".PRFLAN_55.": <input class='tbox' type='text' name='cookie_name' size='20' value='".$pref['cookie_name']."' maxlength='20' />
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_40."<br /><span class='smalltext'>".PRFLAN_41."</span></td>
<td style='width:50%; text-align:right' class='forumheader3'>
<input type='radio' name='profanity_filter' value='1'".($pref['profanity_filter'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='profanity_filter' value='0'".(!$pref['profanity_filter'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
<td class='forumheader3'>".PRFLAN_188.": <br /><span class='smalltext'>".PRFLAN_191."</span></td>
<td style='text-align:right' class='forumheader3'>".
multi_radio('passwordEncoding',array('0' => PRFLAN_189, '1' => PRFLAN_190),varset($pref['passwordEncoding'],0))."
</td>
</tr>
<tr>
<td class='forumheader3'>".PRFLAN_178."<br /><span class='smalltext'>".PRFLAN_179."</span></td>
<td style='text-align:right' class='forumheader3'>
<select name='password_CHAP' class='tbox'>";
$CHAP_list[0] = PRFLAN_180;
$CHAP_list[1] = PRFLAN_181;
$CHAP_list[2] = PRFLAN_182;
foreach($CHAP_list as $ab=>$ab_title){
$sel = ($pref['password_CHAP'] == $ab) ? "selected='selected'" : "";
$text .= "<option value='$ab' $sel>".$ab_title."</option>\n";
}
$text .="</select>\n
<br /><span class='smalltext'>".PRFLAN_183."</span></td>
</tr>
<tr>
<td class='forumheader3'>".PRFLAN_40."<br /><span class='smalltext'>".PRFLAN_41."</span></td>
<td style='text-align:right' class='forumheader3'>".
multi_radio('profanity_filter', array('1' => PRFLAN_112, '0' => PRFLAN_113), $pref['profanity_filter'])."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_42.": </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_42.": </td>
<td style='text-align:right' class='forumheader3'>
<input class='tbox' type='text' name='profanity_replace' size='30' value='".$pref['profanity_replace']."' maxlength='20' />
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_43.": </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_43.": </td>
<td style='text-align:right' class='forumheader3'>
<textarea class='tbox' name='profanity_words' cols='59' rows='2' style='width:100%'>".$pref['profanity_words']."</textarea>
<br />".PRFLAN_44."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_35.": </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<input type='radio' name='antiflood1' value='1'".($pref['antiflood1'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='antiflood1' value='0'".(!$pref['antiflood1'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
<td class='forumheader3'>".PRFLAN_35.": </td>
<td style='text-align:right' class='forumheader3'>".
multi_radio('antiflood1',array('1' => PRFLAN_112, '0' => PRFLAN_113),$pref['antiflood1'])."
</td>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_36.": </td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_36.": </td>
<td style='text-align:right' class='forumheader3'>
<input class='tbox' type='text' name='antiflood_timeout' size='3' value='".$pref['antiflood_timeout']."' maxlength='3' />
<br />
<b class=\"smalltext\" >".PRFLAN_38."</b>
@@ -875,8 +925,8 @@ $text .= "<div id='security' style='display:none; text-align:center'>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_37."<br /><span class='smalltext'>".PRFLAN_91."</span></td>
<td style='width:50%; text-align:right' class='forumheader3'>
<td class='forumheader3'>".PRFLAN_37."<br /><span class='smalltext'>".PRFLAN_91."</span></td>
<td style='text-align:right' class='forumheader3'>
<select name='autoban' class='tbox'>";
$autoban_list[0] = PRFLAN_113;
$autoban_list[1] = PRFLAN_144;
@@ -892,10 +942,9 @@ $text .= "<div id='security' style='display:none; text-align:center'>
</tr>
<tr>
<td style='width:50%' class='forumheader3'>".PRFLAN_139.":</td>
<td style='width:50%; text-align:right' class='forumheader3'>
<input type='radio' name='adminpwordchange' value='1'".($pref['adminpwordchange'] ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
<input type='radio' name='adminpwordchange' value='0'".(!$pref['adminpwordchange'] ? " checked='checked'" : "")." /> ".PRFLAN_113."
<td class='forumheader3'>".PRFLAN_139.":</td>
<td style='text-align:right' class='forumheader3'>".
multi_radio('adminpwordchange',array('1' => PRFLAN_112, '0' => PRFLAN_113),$pref['adminpwordchange'])."
</td>
</tr>
";

8
e107_admin/sql/core_sql.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_admin/sql/core_sql.php,v $
| $Revision: 1.10 $
| $Date: 2008-05-24 12:45:27 $
| $Revision: 1.11 $
| $Date: 2008-06-13 20:20:20 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@@ -495,7 +495,7 @@ CREATE TABLE user (
user_name varchar(100) NOT NULL default '',
user_loginname varchar(100) NOT NULL default '',
user_customtitle varchar(100) NOT NULL default '',
user_password varchar(32) NOT NULL default '',
user_password varchar(50) NOT NULL default '',
user_sess varchar(100) NOT NULL default '',
user_email varchar(100) NOT NULL default '',
user_signature text NOT NULL,
@@ -522,7 +522,7 @@ CREATE TABLE user (
user_xup varchar(100) NOT NULL default '',
PRIMARY KEY (user_id),
UNIQUE KEY user_name (user_name),
KEY user_ban_index (user_ban)
KEY join_ban_index (user_join,user_ban)
) TYPE=MyISAM;
# --------------------------------------------------------

60
e107_admin/users.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_admin/users.php,v $
| $Revision: 1.15 $
| $Date: 2008-06-06 19:14:20 $
| $Revision: 1.16 $
| $Date: 2008-06-13 20:20:20 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@@ -52,6 +52,9 @@ require_once("auth.php");
require_once(e_HANDLER."form_handler.php");
require_once(e_HANDLER."userclass_class.php");
require_once(e_HANDLER.'user_handler.php');
$user_info = new UserHandler;
$user_data = array();
$rs = new form;
@@ -215,12 +218,19 @@ if (isset($_POST['adduser']))
}
if (isset($_POST['generateloginname']))
{
$loginname = $user_info->generateUserLogin($pref['predefinedLoginName']);
}
else
{
$loginname = trim(preg_replace('/&nbsp;|\#|\=|\$/', "", strip_tags($_POST['loginname'])));
if ($loginname != $_POST['loginname'])
{
message_handler('P_ALERT',USRLAN_152);
$error = TRUE;
}
}
if ((strlen($loginname) > varset($pref['loginname_maxlength'],30)) || (strlen($loginname) < 3))
{
message_handler('P_ALERT',USRLAN_154);
@@ -233,11 +243,18 @@ if (isset($_POST['adduser']))
}
if (isset($_POST['generatepassword']))
{
$_POST['password1'] = $user_info->generateRandomString('**********'); // 10-char password should be enough
}
else
{
if ($_POST['password1'] != $_POST['password2'])
{
message_handler("P_ALERT", USRLAN_67);
$error = TRUE;
}
}
if ($_POST['name'] == "" || $_POST['password1'] == "" || $_POST['password2'] = "")
{
@@ -260,20 +277,21 @@ if (isset($_POST['adduser']))
$error = TRUE;
}
if (!$error)
{
// Always save some of the entered data - then we can redisplay on error
$user_data['user_name'] = $displayname;
$user_data['user_loginname'] = $loginname;
$user_data['user_class'] = implode(",", $_POST['userclass']);
$user_data['user_password'] = md5($_POST['password1']);
$user_data['user_email'] = $tp->toDB($_POST['email']);
$user_data['user_hideemail'] = 1;
$user_data['user_join'] = time();
$user_data['user_lastvisit'] = time();
$user_data['user_currentvisit'] = time();
$user_data['user_pwchange'] = time();
$user_data['user_login'] = $tp->toDB($_POST['realname']);
if (!$error)
{
$user_data['user_password'] = $user_info->HashPassword($_POST['password1'],$loginname);
$user_data['user_join'] = time();
$user_data['user_lastvisit'] = 0;
$user_data['user_currentvisit'] = 0;
$user_data['user_pwchange'] = 0;
if (admin_update($sql -> db_Insert("user", $user_data), 'insert', USRLAN_70))
{
// Add to admin log
@@ -293,6 +311,8 @@ if (isset($_POST['adduser']))
$message = USRLAN_159;
}
}
if (isset($_POST['generateloginname'])) $message .= '<br /><br />'.USRLAN_173.': '.$loginname;
if (isset($_POST['generatepassword'])) $message .= '<br /><br />'.USRLAN_172.': '.$_POST['password1'];
}
}
if (isset($message)) $user->show_message($message);
@@ -592,7 +612,7 @@ switch ($action)
break;
case "create" :
$user->add_user();
$user->add_user($user_data);
break;
default :
@@ -1106,37 +1126,40 @@ class users
function add_user()
// Add a new user - may be passed existing data if there was an entry error on first pass
function add_user($user_data)
{
global $rs, $ns, $pref, $e_userclass;
if (!is_object($e_userclass)) $e_userclass = new user_class;
$text = "<div style='text-align:center'>". $rs->form_open("post", e_SELF, "adduserform")."
$text = "<div style='text-align:center'>". $rs->form_open("post", e_SELF.(e_QUERY ? '?'.e_QUERY : ''), "adduserform")."
<table style='".ADMIN_WIDTH."' class='fborder'>
<tr>
<td style='width:30%' class='forumheader3'>".USRLAN_61."</td>
<td style='width:70%' class='forumheader3'>
".$rs->form_text("name", 40, "", 30)."
".$rs->form_text("name", 40, varset($user_data['user_name'],""), 30)."
</td>
</tr>
<tr>
<td style='width:30%' class='forumheader3'>".USRLAN_128."</td>
<td style='width:70%' class='forumheader3'>
".$rs->form_text("loginname", 40, "", 30)."
".$rs->form_text("loginname", 40, varset($user_data['user_loginname'],""), 30)."&nbsp;&nbsp;
".$rs->form_checkbox('generateloginname',1,varset($pref['predefinedLoginName'],FALSE)).USRLAN_170."
</td>
</tr>
<tr>
<td style='width:30%' class='forumheader3'>".USRLAN_129."</td>
<td style='width:70%' class='forumheader3'>
".$rs->form_text("realname", 40, "", 30)."
".$rs->form_text("realname", 40, varset($user_data['user_login'],""), 30)."
</td>
</tr>
<tr>
<td style='width:30%' class='forumheader3'>".USRLAN_62."</td>
<td style='width:70%' class='forumheader3'>
".$rs->form_password("password1", 40, "", 20)."
".$rs->form_password("password1", 40, "", 20)."&nbsp;&nbsp;
".$rs->form_checkbox('generatepassword',1,FALSE).USRLAN_171."
</td>
</tr>
<tr>
@@ -1148,12 +1171,13 @@ class users
<tr>
<td style='width:30%' class='forumheader3'>".USRLAN_64."</td>
<td style='width:70%' class='forumheader3'>
".$rs->form_text("email", 60, "", 100)."
".$rs->form_text("email", 60, varset($user_data['user_email'],""), 100)."
</td>
</tr>\n";
$temp = $e_userclass->vetted_tree('userclass[]',array($e_userclass,'checkbox_desc'), varset($pref['initial_user_classes'],''), 'classes');
if (!isset($user_data['user_class'])) $user_data['user_class'] = varset($pref['initial_user_classes'],'');
$temp = $e_userclass->vetted_tree('userclass',array($e_userclass,'checkbox_desc'), $user_data['user_class'], 'classes');
if ($temp)