<?php

/**!info**

{

  "Plugin Name"  : "plugin_specialuserfuncs_title",

  "Plugin URI"   : "http://enanocms.org/",

  "Description"  : "plugin_specialuserfuncs_desc",

  "Author"       : "Dan Fuhry",

  "Version"      : "1.1.6",

  "Author URI"   : "http://enanocms.org/"

}

**!*/

/*

 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between

 *

 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License

 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied

 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.

 */

global $db, $session, $paths, $template, $plugins; // Common objects

// $plugins->attachHook('session_started', 'SpecialUserFuncs_paths_init();');

function SpecialUserFuncs_paths_init()

{

  register_special_page('Login', 'specialpage_log_in');

  register_special_page('Logout', 'specialpage_log_out');

  register_special_page('Register', 'specialpage_register');

  register_special_page('Preferences', 'specialpage_preferences');

  register_special_page('Contributions', 'specialpage_contributions');

  register_special_page('ChangeStyle', 'specialpage_change_theme');

  register_special_page('ActivateAccount', 'specialpage_activate_account');

  register_special_page('Captcha', 'specialpage_captcha');

  register_special_page('PasswordReset', 'specialpage_password_reset');

  register_special_page('Memberlist', 'specialpage_member_list');

  register_special_page('LangExportJSON', 'specialpage_language_export', false);

  register_special_page('Avatar', 'specialpage_avatar', false);

}

// function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>

$__login_status = '';

function page_Special_Login()

{

  global $db, $session, $paths, $template, $plugins; // Common objects

  global $__login_status;

  global $lang;

  require_once(ENANO_ROOT . '/includes/math.php');

  require_once(ENANO_ROOT . '/includes/diffiehellman.php');

  global $dh_supported;

  $locked_out = false;

  // are we locked out?

  $threshold = ( $_ = getConfig('lockout_threshold') ) ? intval($_) : 5;

  $duration  = ( $_ = getConfig('lockout_duration') ) ? intval($_) : 15;

  // convert to minutes

  $duration  = $duration * 60;

  $policy = ( $x = getConfig('lockout_policy') && in_array(getConfig('lockout_policy'), array('lockout', 'disable', 'captcha')) ) ? getConfig('lockout_policy') : 'lockout';

  if ( $policy != 'disable' )

  {

    $ipaddr = $db->escape($_SERVER['REMOTE_ADDR']);

    $timestamp_cutoff = time() - $duration;

    $q = $session->sql('SELECT timestamp FROM '.table_prefix.'lockout WHERE timestamp > ' . $timestamp_cutoff . ' AND ipaddr = \'' . $ipaddr . '\' ORDER BY timestamp DESC;');

    $fails = $db->numrows();

    if ( $fails >= $threshold )

    {

      $row = $db->fetchrow();

      $locked_out = true;

      $lockdata = array(

          'locked_out' => true,

          'lockout_threshold' => $threshold,

          'lockout_duration' => ( $duration / 60 ),

          'lockout_fails' => $fails,

          'lockout_policy' => $policy,

          'lockout_last_time' => $row['timestamp'],

          'time_rem' => ( $duration / 60 ) - round( ( time() - $row['timestamp'] ) / 60 ),

          'captcha' => ''

        );

      if ( $policy == 'captcha' )

      {

        $lockdata['captcha'] = $session->make_captcha();

      }

    }

    $db->free_result();

  }

  if ( isset($_GET['act']) && $_GET['act'] == 'getkey' )

  {

    header('Content-type: text/javascript');

    $username = ( $session->user_logged_in ) ? $session->username : false;

    $response = Array(

      'username' => $username,

      'key' => $pubkey,

      'challenge' => $challenge,

      'locked_out' => false

      );

    if ( $locked_out )

    {

      foreach ( $lockdata as $x => $y )

      {

        $response[$x] = $y;

      }

      unset($x, $y);

    }

    // 1.1.3: generate diffie hellman key

    $response['dh_supported'] = $dh_supported;

    if ( $dh_supported )

    {

      $dh_key_priv = dh_gen_private();

      $dh_key_pub = dh_gen_public($dh_key_priv);

      $dh_key_priv = $_math->str($dh_key_priv);

      $dh_key_pub = $_math->str($dh_key_pub);

      $response['dh_public_key'] = $dh_key_pub;

      // store the keys in the DB

      $q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");

      if ( !$q )

        $db->die_json();

    }

    $response = enano_json_encode($response);

    echo $response;

    return null;

  }

  $level = ( isset($_GET['level']) && in_array($_GET['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) ? intval($_GET['level']) : USER_LEVEL_MEMBER;

  if ( isset($_POST['login']) )

  {

    if ( in_array($_POST['auth_level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) )

    {

      $level = intval($_POST['auth_level']);

    }

  }

  if ( $level > USER_LEVEL_MEMBER && !$session->user_logged_in )

  {

    $level = USER_LEVEL_MEMBER;

  }

  if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in )

    $paths->main_page();

  $template->header();

  echo '<form action="'.makeUrl($paths->nslist['Special'].'Login').'" method="post" name="loginform" onsubmit="try{runEncryption();}catch(e){};">';

  $header = ( $level > USER_LEVEL_MEMBER ) ? $lang->get('user_login_message_short_elev') : $lang->get('user_login_message_short');

  if ( isset($_POST['login']) )

  {

    $errstring = $__login_status['error'];

    switch($__login_status['error'])

    {

      case 'key_not_found':

        $errstring = $lang->get('user_err_key_not_found');

        break;

      case 'ERR_DH_KEY_NOT_FOUND':

        $errstring = $lang->get('user_err_dh_key_not_found'); // . " -- {$__login_status['debug']}";

        break;

      case 'ERR_DH_KEY_NOT_INTEGER':

        $errstring = $lang->get('user_err_dh_key_not_numeric');

        break;

      case 'key_wrong_length':

        $errstring = $lang->get('user_err_key_wrong_length');

        break;

      case 'too_big_for_britches':

        $errstring = $lang->get('user_err_too_big_for_britches');

        break;

      case 'invalid_credentials':

        $errstring = $lang->get('user_err_invalid_credentials');

        if ( getConfig('lockout_policy', 'lockout') == 'lockout' )

        {

          $errstring .= $lang->get('user_err_invalid_credentials_lockout', array('fails' => $__login_status['lockout_fails']));

        }

        else if ( getConfig('lockout_policy', 'lockout') == 'captcha' )

        {

          $errstring .= $lang->get('user_err_invalid_credentials_lockout_captcha', array('fails' => $__login_status['lockout_fails']));

        }

        break;

      case 'backend_fail':

        $errstring = $lang->get('user_err_backend_fail');

        break;

      case 'locked_out':

        $attempts = intval($__login_status['lockout_fails']);

        if ( $attempts > $__login_status['lockout_threshold'])

          $attempts = $__login_status['lockout_threshold'];

        $server_time = time();

        $time_rem = ( intval(@$__login_status['lockout_last_time']) == time() ) ? $__login_status['lockout_duration'] : $__login_status['lockout_duration'] - round( ( $server_time - $__login_status['lockout_last_time'] ) / 60 );

        if ( $time_rem < 1 )

          $time_rem = $__login_status['lockout_duration'];

        $s = ( $time_rem == 1 ) ? '' : $lang->get('meta_plural');

        $captcha_string = ( $__login_status['lockout_policy'] == 'captcha' ) ? $lang->get('user_err_locked_out_captcha_blurb') : '';

        $errstring = $lang->get('user_err_locked_out', array('plural' => $s, 'captcha_blurb' => $captcha_string, 'time_rem' => $time_rem));

        break;

      default:

        $errstring = $lang->get($errstring);

        break;

    }

    echo '<div class="error-box-mini">'.$errstring.'</div>';

  }

  if ( $p = $paths->getAllParams() )

  {

    echo '<input type="hidden" name="return_to" value="'.$p.'" />';

  }

  else if ( isset($_POST['login']) && isset($_POST['return_to']) )

  {

    echo '<input type="hidden" name="return_to" value="'.htmlspecialchars($_POST['return_to']).'" />';

  }

  ?>

    <div class="tblholder">

      <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">

        <tr>

          <th colspan="3"><?php echo $header; ?></th>

        </tr>

        <tr>

          <td colspan="3" class="row1">

            <?php

            if ( $level <= USER_LEVEL_MEMBER )

            {

              echo '<p>' . $lang->get('user_login_body', array('reg_link' => makeUrlNS('Special', 'Register'))) . '</p>';

            }

            else

            {

              echo '<p>' . $lang->get('user_login_body_elev') . '</p>';

            }

            ?>

          </td>

        </tr>

        <tr>

          <td class="row2">

            <?php echo $lang->get('user_login_field_username'); ?>:

          </td>

          <td class="row1">

            <input name="username" size="25" type="text" <?php

              if ( $level <= USER_LEVEL_MEMBER )

              {

                echo 'tabindex="1" ';

              }

              else

              {

                echo 'tabindex="3" ';

              }

              if ( $session->user_logged_in )

              {

                echo 'value="' . $session->username . '"';

              }

              ?> />

          </td>

          <?php if ( $level <= USER_LEVEL_MEMBER ) { ?>

          <td rowspan="<?php echo ( ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3">

            <small><?php echo $lang->get('user_login_forgotpass_blurb', array('forgotpass_link' => makeUrlNS('Special', 'PasswordReset'))); ?><br />

            <?php echo $lang->get('user_login_createaccount_blurb', array('reg_link' => makeUrlNS('Special', 'Register'))); ?></small>

          </td>

          <?php } ?>

        </tr>

        <tr>

          <td class="row2">

            <?php echo $lang->get('user_login_field_password'); ?>:

          </td><td class="row1"><input name="pass" size="25" type="password" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '2' : '1'; ?>" /></td>

         </tr>

         <?php

         if ( $locked_out && $lockdata['lockout_policy'] == 'captcha' )

         {

           ?>

           <tr>

             <td class="row2" rowspan="2"><?php echo $lang->get('user_login_field_captcha'); ?>:<br /></td><td class="row1"><input type="hidden" name="captcha_hash" value="<?php echo $lockdata['captcha']; ?>" /><input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" /></td>

           </tr>

           <tr>

             <td class="row3">

               <img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockdata['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" />

             </td>

           </tr>

           <?php

         }

         $code = $plugins->setHook('login_form_html');

         foreach ( $code as $cmd )

         {

           eval($cmd);

         }

         if ( $level <= USER_LEVEL_MEMBER )

         {

           // "remember me" switch

           // first order of business is to determine what the checkbox should say

           $session_time = intval(getConfig('session_remember_time', '30'));

           if ( $session_time === 0 )

           {

             // sessions are infinite

             $text_remember = $lang->get('user_login_check_remember_infinite');

           }

           else

           {

             // is the number of days evenly divisible by 7? if so, use weeks

             if ( $session_time % 7 == 0 )

             {

               $session_time = $session_time / 7;

               $unit = 'week';

             }

             else

             {

               $unit = 'day';

             }

             // if it's not equal to 1, pluralize it

             if ( $session_time != 1 )

             {

               $unit .= 's';

             }

             $text_remember = $lang->get('user_login_check_remember', array(

                 'session_length' => $session_time,

                 'length_units' => $lang->get("etc_unit_$unit")

               ));

           }

           ?>

           <tr>

             <td class="row2">

               <?php echo $lang->get('user_login_field_remember'); ?>

             </td>

             <td class="row1" colspan="2">

               <label>

                 <input type="checkbox" name="remember" tabindex="3" />

                 <?php echo $text_remember; ?>

               </label>

             </td>

           </tr>

           <?php

         }

         if ( $level <= USER_LEVEL_MEMBER && ( !isset($_GET['use_crypt']) || ( isset($_GET['use_crypt']) && $_GET['use_crypt']!='0' ) ) )

         {

           echo '<tr>

             <td class="row3" colspan="3">';

           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';

           $nocrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=0", true);

           echo '<p><b>' . $lang->get('user_login_nocrypt_title') . '</b> ' . $lang->get('user_login_nocrypt_body', array('nocrypt_link' => $nocrypt_link)) . '</p>';

           echo '<p>' . $lang->get('user_login_nocrypt_countrylist') . '</p>';

           echo '  </td>

           </tr>';

         }

         else if ( $level <= USER_LEVEL_MEMBER && ( isset($_GET['use_crypt']) && $_GET['use_crypt']=='0' ) )

         {

           echo '<tr>

             <td class="row3" colspan="3">';

           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';

           $usecrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=1", true);

           echo '<p><b>' . $lang->get('user_login_usecrypt_title') . '</b> ' . $lang->get('user_login_usecrypt_body', array('usecrypt_link' => $usecrypt_link)) . '</p>';

           echo '<p>' . $lang->get('user_login_usecrypt_countrylist') . '</p>';

           echo '  </td>

           </tr>';

         }

         else if ( $level > USER_LEVEL_MEMBER && !strstr($_SERVER['HTTP_USER_AGENT'], 'iPhone') && $dh_supported )

         {

           echo '<tr>';

           echo '<td class="row3" colspan="3">';

           echo '<p>' . $lang->get('user_login_dh_notice') . '</p>';

           echo '</td>';

           echo '</tr>';

         }

         ?>

         <tr>

           <th colspan="3" style="text-align: center" class="subhead"><input type="submit" name="login" value="Log in" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '4' : '2'; ?>" /></th>

         </tr>

      </table>

    </div>

      <input type="hidden" name="auth_level" value="<?php echo (string)$level; ?>" />

      <?php if ( $level <= USER_LEVEL_MEMBER ): ?>

      <script type="text/javascript">

        document.forms.loginform.username.focus();

      </script>

      <?php else: ?>

      <script type="text/javascript">

        document.forms.loginform.pass.focus();

      </script>

      <?php endif; ?>

      <?php

      echo $session->generate_aes_form();

      // Any additional parameters that need to be passed back?

      if ( $p = $paths->getAllParams() )

      {

        // ... only if we have a return_to destination.

        $get_fwd = $_GET;

        unset($get_fwd['do']);

        if ( isset($get_fwd['target_do']) )

        {

          $get_fwd['do'] = $get_fwd['target_do'];

          unset($get_fwd['target_do']);

        }

        if ( isset($get_fwd['level']) )

          unset($get_fwd['level']);

        if ( isset($get_fwd['title']) )

          unset($get_fwd['title']);

        if ( !empty($get_fwd) )

        {

          $get_string = htmlspecialchars(enano_json_encode($get_fwd));

          echo '<input type="hidden" name="get_fwd" value="' . $get_string . '" />';

        }

      }

      ?>

    </form>

    <?php

      echo $session->aes_javascript('loginform', 'pass');

    ?>

  <?php

  $template->footer();

}

function page_Special_Login_preloader() // adding _preloader to the end of the function name calls the function before $session and $paths setup routines are called

{

  global $db, $session, $paths, $template, $plugins; // Common objects

  global $__login_status;

  global $lang;

  require_once( ENANO_ROOT . '/includes/math.php' );

  if ( $paths->getParam(0) === 'action.json' )

  {

    if ( !isset($_POST['r']) )

      die('No request.');

    $request = $_POST['r'];

    try

    {

      $request = enano_json_decode($request);

    }

    catch ( Exception $e )

    {

      die(enano_json_encode(array(

          'mode' => 'error',

          'error' => 'ERR_JSON_PARSE_FAILED'

        )));

    }

    echo enano_json_encode($session->process_login_request($request));

    $db->close();

    exit;

  }

  if ( isset($_GET['act']) && $_GET['act'] == 'ajaxlogin' )

  {

    echo 'This version of the Enano LoginAPI is deprecated. Please clear your browser\'s cache and try your login again. Developers, please use the action.json method instead.';

    return true;

  }

  if(isset($_POST['login']))

  {

    $captcha_hash = ( isset($_POST['captcha_hash']) ) ? $_POST['captcha_hash'] : false;

    $captcha_code = ( isset($_POST['captcha_code']) ) ? $_POST['captcha_code'] : false;

    try

    {

      $password = $session->get_aes_post('pass');

    }

    catch ( Exception $e )

    {

      $__login_status = array(

        'mode' => 'error',

        'error' => $e->getMessage()

      );

      return false;

    }

    // These are to allow auth plugins to work universally between JSON and HTML login forms

    $userinfo =& $_POST;

    $userinfo['password'] =& $password;

    $req = array(

      'level' => intval($_POST['auth_level']),

      'remember' => isset($_POST['remember'])

    );

    // At this point if any extra fields were injected into the login form, we need to let plugins process it

    /**

     * Called upon processing an incoming login request from the plain HTML login form.. If you added anything to the form,

     * that will be in the $userinfo array here and on $_POST. Expected return values are: true if your plugin has

     * not only succeeded but ALSO issued a session key (bypass the whole Enano builtin login process) and an associative array

     * with "mode" set to "error" and an error string in "error" to send an error back to the client. Any return value other

     * than these will be ignored.

     * @hook login_process_userdata_json

     */

    $skip_normal_login = false;

    $code = $plugins->setHook('login_process_userdata_json');

    foreach ( $code as $cmd )

    {

      $result = eval($cmd);

      if ( $result === true )