From c282e18248bbfd862eda43fecaeec8e7af4fbb9e Mon Sep 17 00:00:00 2001 From: e107steved Date: Tue, 7 Sep 2010 17:03:30 +0000 Subject: [PATCH] Bugtracker #5043 - add log message when IP-related signups exceeded, plus some notice removal, delete some XUP-related code --- e107_handlers/login.php | 90 ------------------- .../English/admin/lan_log_messages.php | 1 + e107_languages/English/lan_signup.php | 2 + signup.php | 47 +--------- usersettings.php | 7 -- 5 files changed, 5 insertions(+), 142 deletions(-) diff --git a/e107_handlers/login.php b/e107_handlers/login.php index 4c0175477..12e6702ae 100644 --- a/e107_handlers/login.php +++ b/e107_handlers/login.php @@ -193,7 +193,6 @@ class userlogin // Trigger events happy as well $user_id = $this->userData['user_id']; $user_name = $this->userData['user_name']; - $user_xup = $this->userData['user_xup']; $user_admin = $this->userData['user_admin']; /* restrict more than one person logging in using same us/pw */ @@ -207,11 +206,6 @@ class userlogin // User login definitely accepted here - if($user_xup) - { - $this->update_xup($user_id, $user_xup); - } - $cookieval = $this->userMethods->makeUserCookie($this->userData,$autologin); @@ -508,88 +502,4 @@ class userlogin } - - /** - * called to update user settings from a XUP file - usually because the file name has changed. - * @param string $user_id - integer user ID - * @param string $user_xup - file name/location for XUP file - * @return none - */ - public function update_xup($user_id, $user_xup = "") - { - $e107 = &e107::getInstance(); - $user_id = intval($user_id); // Should already be an integer - but just in case... - $user_xup = trim($user_xup); - if($user_xup) - { - $xml = e107::getXml(); - $xupData = array(); - if($rawData = $xml -> getRemoteFile($user_xup)) - { - preg_match_all("#\#si", $rawData, $match); - $count = 0; - foreach($match[1] as $value) - { // Process all the data into an array - $xupData[$value] = $e107->tp -> toDB($match[2][$count]); - $count++; - } - - // List of fields in main user record, and their corresponding XUP fields - $main_fields = array('user_realname' => 'FN', - 'user_hideemail'=>'EMAILHIDE', - 'user_signature'=>'SIG', - 'user_sess'=>'PHOTO', - 'user_image'=>'AV'); - - $new_values = array(); - foreach ($main_fields as $f => $v) - { - if (isset($xupData[$v]) && $xupData[$v]) - { - $new_values['data'][$f] = $xupData[$v]; - } - } - - if (count($new_values['data'])) - { - if (!is_object($this->userMethods)) - { - $this->userMethods = new userHandler; - } - require_once(e_HANDLER.'validator_class.php'); - $this->userMethods($new_values); - $new_values['WHERE'] = 'user_id='.$user_id; - validatorClass::addFieldTypes($this->userMethods->userVettingInfo,$new_values); - $e107->sql -> db_Update('user', $new_values); - } - - $ueList = array(); - $fields = array('URL' => 'user_homepage', - 'ICQ' => 'user_icq', - 'AIM' => 'user_aim', - 'MSN' => 'user_msn', - 'YAHOO' => 'user_yahoo', - 'GEO' => 'user_location', - 'TZ' => 'user_timezone', - 'BDAY' => 'user_birthday'); - include_once(e_HANDLER.'user_extended_class.php'); - $usere = new e107_user_extended; - $extName = array(); - foreach ($fields as $keyxup => $keydb) - { - if (in_array($keydb, $usere->nameIndex) && in_array($keyxup,$xupData)) - { - $ueList['data'][$keydb] = $e107->tp->toDB($xupData[$keyxup]); - } - } - if (count($ueList['data'])) - { - $usere->addFieldTypes($ueList); - $ueList['WHERE'] = 'user_extended_id = '.$user_id; - $e107->sql -> db_Select_gen('INSERT INTO #user_extended (user_extended_id) values ('.$user_id.')'); - $e107->sql -> db_Update('user_extended', $ueList); - } - } - } - } } diff --git a/e107_languages/English/admin/lan_log_messages.php b/e107_languages/English/admin/lan_log_messages.php index 8dfc2246e..6e4c7e66a 100644 --- a/e107_languages/English/admin/lan_log_messages.php +++ b/e107_languages/English/admin/lan_log_messages.php @@ -62,6 +62,7 @@ define('LAN_AL_USET_11', 'Resend validation email'); define('LAN_AL_USET_12', 'Resend all validation emails'); define('LAN_AL_USET_13', 'Bounced emails deleted'); define('LAN_AL_USET_14', 'Class membership updated'); +define('LAN_AL_USET_15', 'Signup refused'); // Too many users at same IP address // Userclass events //------------------ diff --git a/e107_languages/English/lan_signup.php b/e107_languages/English/lan_signup.php index 1488ad36b..d44212054 100644 --- a/e107_languages/English/lan_signup.php +++ b/e107_languages/English/lan_signup.php @@ -140,6 +140,8 @@ define("LAN_SIGNUP_98", "Confirm Your Email Address"); define("LAN_SIGNUP_99", "Problem Encountered"); define("LAN_SIGNUP_100", "Admin Approval Pending"); define('LAN_SIGNUP_101', 'Update of records failed - please contact the site administrator'); +//define('LAN_SIGNUP_102', 'Signup refused'); +define('LAN_SIGNUP_103', 'Too many users already using IP address: '); define("LAN_LOGINNAME", "Username"); diff --git a/signup.php b/signup.php index 1d9cd0828..374ba9278 100644 --- a/signup.php +++ b/signup.php @@ -347,11 +347,9 @@ if (e_QUERY) //---------------------------------------- if (isset($_POST['register'])) { - $_POST['user_xup'] = trim(varset($_POST['user_xup'],'')); - $readXUP = varsettrue($pref['xup_enabled']) && varsettrue($_POST['user_xup']); $e107cache->clear("online_menu_totals"); require_once(e_HANDLER."message_handler.php"); - if (isset($_POST['rand_num']) && $signup_imagecode && !$readXUP ) + if (isset($_POST['rand_num']) && $signup_imagecode) { if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify'])) { @@ -366,48 +364,6 @@ if (isset($_POST['register'])) $error = TRUE; } - if (!$error && $readXUP) - { - require_once(e_HANDLER."xml_class.php"); - $xml = new parseXml; // old parser - if(!$rawData = $xml -> getRemoteXmlFile($_POST['user_xup'])) - { - $extraErrors[] = LAN_SIGNUP_68."\\n"; - $error = TRUE; - } - else - { - preg_match_all("#\#si", $rawData, $match); - $count = 0; - foreach($match[1] as $value) - { - $xup[$value] = $match[2][$count]; - $count++; - } - - $_POST['name'] = $xup['NICKNAME']; - $_POST['email'] = $xup['EMAIL']; - $_POST['email_confirm'] = $xup['EMAIL']; - $_POST['signature'] = $xup['SIG']; - $_POST['hideemail'] = $xup['EMAILHIDE']; - $_POST['realname'] = $xup['FN']; - $_POST['image'] = $xup['AV']; - - $_POST['ue']['user_timezone'] = $xup['TZ']; - $_POST['ue']['user_homepage'] = $xup['URL']; - $_POST['ue']['user_icq'] = $xup['ICQ']; - $_POST['ue']['user_aim'] = $xup['AIM']; - $_POST['ue']['user_msn'] = $xup['MSN']; - $_POST['ue']['user_yahoo'] = $xup['YAHOO']; - $_POST['ue']['user_location'] = $xup['GEO']; - $_POST['ue']['user_birthday'] = $xup['BDAY']; - - unset($xup); - if($_POST['loginnamexup']) $_POST['loginname'] = $_POST['loginnamexup']; - if($_POST['password1xup']) $_POST['password1'] = $_POST['password1xup']; - if($_POST['password2xup']) $_POST['password2'] = $_POST['password2xup']; - } - } if (!$error) { @@ -447,6 +403,7 @@ if (isset($_POST['register'])) { $allData['errors']['user_email'] = ERR_GENERIC; $allData['errortext']['user_email'] = LAN_SIGNUP_71; + $admin_log->log_event('USET_15',LAN_SIGNUP_103.$e107->getip(),4); } } } diff --git a/usersettings.php b/usersettings.php index 58c98a50c..751685568 100644 --- a/usersettings.php +++ b/usersettings.php @@ -529,13 +529,6 @@ if ($dataToSave && !$promptPassword) - // Update XUP data if file name changed. - if (isset($changedUserData['user_xup'])) - { - require_once (e_HANDLER."login.php"); - userlogin::update_xup($inp, $changedUserData['user_xup']); - } - $e_event->trigger('postuserset', $_POST); if (count($triggerData))