<?php

/**!info**

{

  "Plugin Name"  : "plugin_specialuserfuncs_title",

  "Plugin URI"   : "http://enanocms.org/",

  "Description"  : "plugin_specialuserfuncs_desc",

  "Author"       : "Dan Fuhry",

  "Version"      : "1.1.4",

  "Author URI"   : "http://enanocms.org/"

}

**!*/

/*

 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between

 * Version 1.1.4 (Caoineag alpha 4)

 * Copyright (C) 2006-2008 Dan Fuhry

 *

 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License

 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied

 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.

 */

global $db, $session, $paths, $template, $plugins; // Common objects

$plugins->attachHook('session_started', '

  global $paths;

    $paths->add_page(Array(

      \'name\'=>\'specialpage_log_in\',

      \'urlname\'=>\'Login\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_log_out\',

      \'urlname\'=>\'Logout\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_register\',

      \'urlname\'=>\'Register\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_preferences\',

      \'urlname\'=>\'Preferences\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_contributions\',

      \'urlname\'=>\'Contributions\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_change_theme\',

      \'urlname\'=>\'ChangeStyle\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_activate_account\',

      \'urlname\'=>\'ActivateAccount\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_captcha\',

      \'urlname\'=>\'Captcha\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_password_reset\',

      \'urlname\'=>\'PasswordReset\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_member_list\',

      \'urlname\'=>\'Memberlist\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_language_export\',

      \'urlname\'=>\'LangExportJSON\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>0,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    $paths->add_page(Array(

      \'name\'=>\'specialpage_avatar\',

      \'urlname\'=>\'Avatar\',

      \'namespace\'=>\'Special\',

      \'special\'=>0,\'visible\'=>0,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',

      ));

    ');

// function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>

$__login_status = '';

function page_Special_Login()

{

  global $db, $session, $paths, $template, $plugins; // Common objects

  global $__login_status;

  global $lang;

  $pubkey = $session->rijndael_genkey();

  $challenge = $session->dss_rand();

  $locked_out = false;

  // are we locked out?

  $threshold = ( $_ = getConfig('lockout_threshold') ) ? intval($_) : 5;

  $duration  = ( $_ = getConfig('lockout_duration') ) ? intval($_) : 15;

  // convert to minutes

  $duration  = $duration * 60;

  $policy = ( $x = getConfig('lockout_policy') && in_array(getConfig('lockout_policy'), array('lockout', 'disable', 'captcha')) ) ? getConfig('lockout_policy') : 'lockout';

  if ( $policy != 'disable' )

  {

    $ipaddr = $db->escape($_SERVER['REMOTE_ADDR']);

    $timestamp_cutoff = time() - $duration;

    $q = $session->sql('SELECT timestamp FROM '.table_prefix.'lockout WHERE timestamp > ' . $timestamp_cutoff . ' AND ipaddr = \'' . $ipaddr . '\' ORDER BY timestamp DESC;');

    $fails = $db->numrows();

    if ( $fails >= $threshold )

    {

      $row = $db->fetchrow();

      $locked_out = true;

      $lockdata = array(

          'locked_out' => true,

          'lockout_threshold' => $threshold,

          'lockout_duration' => ( $duration / 60 ),

          'lockout_fails' => $fails,

          'lockout_policy' => $policy,

          'lockout_last_time' => $row['timestamp'],

          'time_rem' => ( $duration / 60 ) - round( ( time() - $row['timestamp'] ) / 60 ),

          'captcha' => ''

        );

      if ( $policy == 'captcha' )

      {

        $lockdata['captcha'] = $session->make_captcha();

      }

    }

    $db->free_result();

  }

  if ( isset($_GET['act']) && $_GET['act'] == 'getkey' )

  {

    header('Content-type: text/javascript');

    $username = ( $session->user_logged_in ) ? $session->username : false;

    $response = Array(

      'username' => $username,

      'key' => $pubkey,

      'challenge' => $challenge,

      'locked_out' => false

      );

    if ( $locked_out )

    {

      foreach ( $lockdata as $x => $y )

      {

        $response[$x] = $y;

      }

      unset($x, $y);

    }

    // 1.1.3: generate diffie hellman key

    require_once( ENANO_ROOT . '/includes/diffiehellman.php' );

    global $dh_supported, $_math;

    $response['dh_supported'] = $dh_supported;

    if ( $dh_supported )

    {

      $dh_key_priv = dh_gen_private();

      $dh_key_pub = dh_gen_public($dh_key_priv);

      $dh_key_priv = $_math->str($dh_key_priv);

      $dh_key_pub = $_math->str($dh_key_pub);

      $response['dh_public_key'] = $dh_key_pub;

      // store the keys in the DB

      $q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");

      if ( !$q )

        $db->die_json();

    }

    $response = enano_json_encode($response);

    echo $response;

    return null;

  }

  $level = ( isset($_GET['level']) && in_array($_GET['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) ? intval($_GET['level']) : USER_LEVEL_MEMBER;

  if ( isset($_POST['login']) )

  {

    if ( in_array($_POST['auth_level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) )

    {

      $level = intval($_POST['auth_level']);

    }

  }

  if ( $level > USER_LEVEL_MEMBER && !$session->user_logged_in )

  {

    $level = USER_LEVEL_MEMBER;

  }

  if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in )

    $paths->main_page();

  $template->header();

  echo '<form action="'.makeUrl($paths->nslist['Special'].'Login').'" method="post" name="loginform" onsubmit="try{runEncryption();}catch(e){};">';

  $header = ( $level > USER_LEVEL_MEMBER ) ? $lang->get('user_login_message_short_elev') : $lang->get('user_login_message_short');

  if ( isset($_POST['login']) )

  {

    $errstring = $__login_status['error'];

    switch($__login_status['error'])

    {

      case 'key_not_found':

        $errstring = $lang->get('user_err_key_not_found');

        break;

      case 'ERR_DH_KEY_NOT_FOUND':

        $errstring = $lang->get('user_err_dh_key_not_found') . " -- {$__login_status['debug']}";

        break;

      case 'ERR_DH_KEY_NOT_INTEGER':

        $errstring = $lang->get('user_err_dh_key_not_numeric');

        break;

      case 'key_wrong_length':

        $errstring = $lang->get('user_err_key_wrong_length');

        break;

      case 'too_big_for_britches':

        $errstring = $lang->get('user_err_too_big_for_britches');

        break;

      case 'invalid_credentials':

        $errstring = $lang->get('user_err_invalid_credentials');

        if ( $__login_status['lockout_policy'] == 'lockout' )

        {

          $errstring .= $lang->get('err_invalid_credentials_lockout', array('fails' => $__login_status['lockout_fails']));

        }

        else if ( $__login_status['lockout_policy'] == 'captcha' )

        {

          $errstring .= $lang->get('user_err_invalid_credentials_lockout_captcha', array('fails' => $__login_status['lockout_fails']));

        }

        break;

      case 'backend_fail':

        $errstring = $lang->get('user_err_backend_fail');

        break;

      case 'locked_out':

        $attempts = intval($__login_status['lockout_fails']);

        if ( $attempts > $__login_status['lockout_threshold'])

          $attempts = $__login_status['lockout_threshold'];

        $server_time = time();

        $time_rem = ( intval(@$__login_status['lockout_last_time']) == time() ) ? $__login_status['lockout_duration'] : $__login_status['lockout_duration'] - round( ( $server_time - $__login_status['lockout_last_time'] ) / 60 );

        if ( $time_rem < 1 )

          $time_rem = $__login_status['lockout_duration'];

        $s = ( $time_rem == 1 ) ? '' : $lang->get('meta_plural');

        $captcha_string = ( $__login_status['lockout_policy'] == 'captcha' ) ? $lang->get('user_err_locked_out_captcha_blurb') : '';

        $errstring = $lang->get('user_err_locked_out', array('plural' => $s, 'captcha_blurb' => $captcha_string, 'time_rem' => $time_rem));

        break;

    }

    echo '<div class="error-box-mini">'.$errstring.'</div>';

  }

  if ( $p = $paths->getAllParams() )

  {

    echo '<input type="hidden" name="return_to" value="'.$p.'" />';

  }

  else if ( isset($_POST['login']) && isset($_POST['return_to']) )

  {

    echo '<input type="hidden" name="return_to" value="'.htmlspecialchars($_POST['return_to']).'" />';

  }

  ?>

    <div class="tblholder">

      <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">

        <tr>

          <th colspan="3"><?php echo $header; ?></th>

        </tr>

        <tr>

          <td colspan="3" class="row1">

            <?php

            if ( $level <= USER_LEVEL_MEMBER )

            {

              echo '<p>' . $lang->get('user_login_body', array('reg_link' => makeUrlNS('Special', 'Register'))) . '</p>';

            }

            else

            {

              echo '<p>' . $lang->get('user_login_body_elev') . '</p>';

            }

            ?>

          </td>

        </tr>

        <tr>

          <td class="row2">

            <?php echo $lang->get('user_login_field_username'); ?>:

          </td>

          <td class="row1">

            <input name="username" size="25" type="text" <?php

              if ( $level <= USER_LEVEL_MEMBER )

              {

                echo 'tabindex="1" ';

              }

              else

              {

                echo 'tabindex="3" ';

              }

              if ( $session->user_logged_in )

              {

                echo 'value="' . $session->username . '"';

              }

              ?> />

          </td>

          <?php if ( $level <= USER_LEVEL_MEMBER ) { ?>

          <td rowspan="<?php echo ( ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3">

            <small><?php echo $lang->get('user_login_forgotpass_blurb', array('forgotpass_link' => makeUrlNS('Special', 'PasswordReset'))); ?><br />

            <?php echo $lang->get('user_login_createaccount_blurb', array('reg_link' => makeUrlNS('Special', 'Register'))); ?></small>

          </td>

          <?php } ?>

        </tr>

        <tr>

          <td class="row2">

            <?php echo $lang->get('user_login_field_password'); ?>:

          </td><td class="row1"><input name="pass" size="25" type="password" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '2' : '1'; ?>" /></td>

         </tr>

         <?php

         if ( $locked_out && $lockdata['lockout_policy'] == 'captcha' )

         {

           ?>

           <tr>

             <td class="row2" rowspan="2"><?php echo $lang->get('user_login_field_captcha'); ?>:<br /></td><td class="row1"><input type="hidden" name="captcha_hash" value="<?php echo $lockdata['captcha']; ?>" /><input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" /></td>

           </tr>

           <tr>

             <td class="row3">

               <img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockdata['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" />

             </td>

           </tr>

           <?php

         }

         ?>

         <?php

         if ( $level <= USER_LEVEL_MEMBER && ( !isset($_GET['use_crypt']) || ( isset($_GET['use_crypt']) && $_GET['use_crypt']!='0' ) ) )

         {

           echo '<tr>

             <td class="row3" colspan="3">';

           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';

           $nocrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=0", true);

           echo '<p><b>' . $lang->get('user_login_nocrypt_title') . '</b> ' . $lang->get('user_login_nocrypt_body', array('nocrypt_link' => $nocrypt_link)) . '</p>';

           echo '<p>' . $lang->get('user_login_nocrypt_countrylist') . '</p>';

           echo '  </td>

           </tr>';

         }

         else if ( $level <= USER_LEVEL_MEMBER && ( isset($_GET['use_crypt']) && $_GET['use_crypt']=='0' ) )

         {

           echo '<tr>

             <td class="row3" colspan="3">';

           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';

           $usecrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=1", true);

           echo '<p><b>' . $lang->get('user_login_usecrypt_title') . '</b> ' . $lang->get('user_login_usecrypt_body', array('usecrypt_link' => $usecrypt_link)) . '</p>';

           echo '<p>' . $lang->get('user_login_usecrypt_countrylist') . '</p>';

           echo '  </td>

           </tr>';

         }

         ?>

         <tr>

           <th colspan="3" style="text-align: center" class="subhead"><input type="submit" name="login" value="Log in" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '2'; ?>" /></th>

         </tr>

      </table>

    </div>

      <input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />

      <input type="hidden" name="use_crypt" value="no" />

      <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />

      <input type="hidden" name="crypt_data" value="" />

      <input type="hidden" name="auth_level" value="<?php echo (string)$level; ?>" />

      <?php if ( $level <= USER_LEVEL_MEMBER ): ?>

      <script type="text/javascript">

        document.forms.loginform.username.focus();

      </script>

      <?php else: ?>

      <script type="text/javascript">

        document.forms.loginform.pass.focus();

      </script>

      <?php endif; ?>

      <?php

      // 1.1.4

      require_once( ENANO_ROOT . '/includes/diffiehellman.php' );

      global $dh_supported, $_math;

      if ( $dh_supported )

      {

        $dh_key_priv = dh_gen_private();

        $dh_key_pub = dh_gen_public($dh_key_priv);

        $dh_key_priv = $_math->str($dh_key_priv);

        $dh_key_pub = $_math->str($dh_key_pub);

        // store the keys in the DB

        $q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");

        if ( !$q )

          $db->_die();

        echo "<input type=\"hidden\" name=\"dh_supported\" value=\"true\" />

              <input type=\"hidden\" name=\"dh_public_key\" value=\"$dh_key_pub\" />

              <input type=\"hidden\" name=\"dh_client_public_key\" value=\"\" />";

      }

      else

      {

        echo "<input type=\"hidden\" name=\"dh_supported\" value=\"false\" />";

      }

      ?>

    </form>

    <?php

      echo $session->aes_javascript('loginform', 'pass', 'use_crypt', 'crypt_key', 'crypt_data', 'challenge_data', 'dh_supported', 'dh_public_key', 'dh_client_public_key');

    ?>

  <?php

  $template->footer();

}

function page_Special_Login_preloader() // adding _preloader to the end of the function name calls the function before $session and $paths setup routines are called

{

  global $db, $session, $paths, $template, $plugins; // Common objects

  global $__login_status;

  global $lang;

  if ( $paths->getParam(0) === 'action.json' )

  {

    if ( !isset($_POST['r']) )

      die('No request.');

    $request = $_POST['r'];

    try

    {

      $request = enano_json_decode($request);

    }

    catch ( Exception $e )

    {

      die(enano_json_encode(array(

          'mode' => 'error',

          'error' => 'ERR_JSON_PARSE_FAILED'

        )));

    }

    echo enano_json_encode($session->process_login_request($request));

    $db->close();

    exit;

  }

  if ( isset($_GET['act']) && $_GET['act'] == 'ajaxlogin' )

  {

    echo 'This version of the Enano LoginAPI is deprecated. Please use the action.json method instead.';

    return true;

  }

  if(isset($_POST['login']))

  {

    $captcha_hash = ( isset($_POST['captcha_hash']) ) ? $_POST['captcha_hash'] : false;

    $captcha_code = ( isset($_POST['captcha_code']) ) ? $_POST['captcha_code'] : false;

    if ( $_POST['use_crypt'] == 'yes' )

    {

      $result = $session->login_with_crypto($_POST['username'], $_POST['crypt_data'], $_POST['crypt_key'], $_POST['challenge_data'], intval($_POST['auth_level']), $captcha_hash, $captcha_code);

    }

    else if ( $_POST['use_crypt'] == 'yes_dh' )

    {

      // retrieve and decrypt the password using DiffieHellman

      require_once( ENANO_ROOT . '/includes/diffiehellman.php' );

      global $dh_supported, $_math;

      if ( !$dh_supported )

      {

        die_semicritical('DiffieHellman error', 'Server does not support DiffieHellman, denying logon request');

      }

      // Fetch private key

      $dh_public = $_POST['dh_public_key'];

      if ( !preg_match('/^[0-9]+$/', $dh_public) )

      {

        $__login_status = array(

          'success' => false,

          'error' => 'ERR_DH_KEY_NOT_INTEGER',

          'debug' => "public key: $dh_public"

        );

        return false;

      }

      $q = $db->sql_query('SELECT private_key, key_id FROM ' . table_prefix . "diffiehellman WHERE public_key = '$dh_public';");

      if ( !$q )

        $db->die_json();