Menu
▾
▴
[mxbb-commits] core/includes/sessions/phpbb3 constants.php, 1.1, 1.2 session.php, 1.10, 1.11
|
From: OryNider <ory...@us...> - 2008-02-11 12:09:06
|
Update of /cvsroot/mxbb/core/includes/sessions/phpbb3 In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv21088/phpbb3 Modified Files: constants.php session.php Log Message: added security check plus modifications comments Index: constants.php =================================================================== RCS file: /cvsroot/mxbb/core/includes/sessions/phpbb3/constants.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** constants.php 9 Sep 2007 16:51:32 -0000 1.1 --- constants.php 11 Feb 2008 12:09:00 -0000 1.2 *************** *** 9,158 **** */ /** */ // User related ! define('ANONYMOUS', 1); ! define('USER_ACTIVATION_NONE', 0); ! define('USER_ACTIVATION_SELF', 1); ! define('USER_ACTIVATION_ADMIN', 2); ! define('USER_ACTIVATION_DISABLE', 3); ! define('AVATAR_UPLOAD', 1); ! define('AVATAR_REMOTE', 2); ! define('AVATAR_GALLERY', 3); ! define('USER_NORMAL', 0); ! define('USER_INACTIVE', 1); ! define('USER_IGNORE', 2); ! define('USER_FOUNDER', 3); ! define('INACTIVE_REGISTER', 1); ! define('INACTIVE_PROFILE', 2); ! define('INACTIVE_MANUAL', 3); ! define('INACTIVE_REMIND', 4); // ACL ! define('ACL_NEVER', 0); ! define('ACL_YES', 1); ! define('ACL_NO', -1); // Login error codes ! define('LOGIN_CONTINUE', 1); ! define('LOGIN_BREAK', 2); ! define('LOGIN_SUCCESS', 3); ! define('LOGIN_SUCCESS_CREATE_PROFILE', 20); ! define('LOGIN_ERROR_USERNAME', 10); ! define('LOGIN_ERROR_PASSWORD', 11); ! define('LOGIN_ERROR_ACTIVE', 12); ! define('LOGIN_ERROR_ATTEMPTS', 13); ! define('LOGIN_ERROR_EXTERNAL_AUTH', 14); ! define('LOGIN_ERROR_PASSWORD_CONVERT', 15); // Group settings ! define('GROUP_OPEN', 0); ! define('GROUP_CLOSED', 1); ! define('GROUP_HIDDEN', 2); ! define('GROUP_SPECIAL', 3); ! define('GROUP_FREE', 4); // Forum/Topic states ! define('FORUM_CAT', 0); ! define('FORUM_POST', 1); ! define('FORUM_LINK', 2); ! define('ITEM_UNLOCKED', 0); ! define('ITEM_LOCKED', 1); ! define('ITEM_MOVED', 2); // Forum Flags ! define('FORUM_FLAG_LINK_TRACK', 1); ! define('FORUM_FLAG_PRUNE_POLL', 2); ! define('FORUM_FLAG_PRUNE_ANNOUNCE', 4); ! define('FORUM_FLAG_PRUNE_STICKY', 8); ! define('FORUM_FLAG_ACTIVE_TOPICS', 16); ! define('FORUM_FLAG_POST_REVIEW', 32); // Optional text flags ! define('OPTION_FLAG_BBCODE', 1); ! define('OPTION_FLAG_SMILIES', 2); ! define('OPTION_FLAG_LINKS', 4); // Topic types ! define('POST_NORMAL', 0); ! define('POST_STICKY', 1); ! define('POST_ANNOUNCE', 2); ! define('POST_GLOBAL', 3); // Lastread types ! define('TRACK_NORMAL', 0); ! define('TRACK_POSTED', 1); // Notify methods ! define('NOTIFY_EMAIL', 0); ! define('NOTIFY_IM', 1); ! define('NOTIFY_BOTH', 2); // Email Priority Settings ! define('MAIL_LOW_PRIORITY', 4); ! define('MAIL_NORMAL_PRIORITY', 3); ! define('MAIL_HIGH_PRIORITY', 2); // Log types ! define('LOG_ADMIN', 0); ! define('LOG_MOD', 1); ! define('LOG_CRITICAL', 2); ! define('LOG_USERS', 3); // Private messaging - Do NOT change these values ! define('PRIVMSGS_HOLD_BOX', -4); ! define('PRIVMSGS_NO_BOX', -3); ! define('PRIVMSGS_OUTBOX', -2); ! define('PRIVMSGS_SENTBOX', -1); ! define('PRIVMSGS_INBOX', 0); // Full Folder Actions ! define('FULL_FOLDER_NONE', -3); ! define('FULL_FOLDER_DELETE', -2); ! define('FULL_FOLDER_HOLD', -1); // Download Modes - Attachments ! define('INLINE_LINK', 1); // This mode is only used internally to allow modders extending the attachment functionality ! define('PHYSICAL_LINK', 2); // Confirm types ! define('CONFIRM_REG', 1); ! define('CONFIRM_LOGIN', 2); ! define('CONFIRM_POST', 3); // Categories - Attachments ! define('ATTACHMENT_CATEGORY_NONE', 0); ! define('ATTACHMENT_CATEGORY_IMAGE', 1); // Inline Images ! define('ATTACHMENT_CATEGORY_WM', 2); // Windows Media Files - Streaming ! define('ATTACHMENT_CATEGORY_RM', 3); // Real Media Files - Streaming ! define('ATTACHMENT_CATEGORY_THUMB', 4); // Not used within the database, only while displaying posts ! define('ATTACHMENT_CATEGORY_FLASH', 5); // Flash/SWF files ! define('ATTACHMENT_CATEGORY_QUICKTIME', 6); // Quicktime/Mov files // BBCode UID length ! define('BBCODE_UID_LEN', 5); // Number of core BBCodes ! define('NUM_CORE_BBCODES', 12); // Magic url types ! define('MAGIC_URL_EMAIL', 1); ! define('MAGIC_URL_FULL', 2); ! define('MAGIC_URL_LOCAL', 3); ! define('MAGIC_URL_WWW', 4); // Profile Field Types ! define('FIELD_INT', 1); ! define('FIELD_STRING', 2); ! define('FIELD_TEXT', 3); ! define('FIELD_BOOL', 4); ! define('FIELD_DROPDOWN', 5); ! define('FIELD_DATE', 6); --- 9,166 ---- */ + if ( !defined('IN_PORTAL') ) + { + die("Hacking attempt"); + } + /** + * Modifications: + * define -> @define + * to supress any notices since in mx_constants.php some are allready @@defined */ // User related ! @define('ANONYMOUS', 1); ! @define('USER_ACTIVATION_NONE', 0); ! @define('USER_ACTIVATION_SELF', 1); ! @define('USER_ACTIVATION_ADMIN', 2); ! @define('USER_ACTIVATION_DISABLE', 3); ! @define('AVATAR_UPLOAD', 1); ! @define('AVATAR_REMOTE', 2); ! @define('AVATAR_GALLERY', 3); ! @define('USER_NORMAL', 0); ! @define('USER_INACTIVE', 1); ! @define('USER_IGNORE', 2); ! @define('USER_FOUNDER', 3); ! @define('INACTIVE_REGISTER', 1); ! @define('INACTIVE_PROFILE', 2); ! @define('INACTIVE_MANUAL', 3); ! @define('INACTIVE_REMIND', 4); // ACL ! @define('ACL_NEVER', 0); ! @define('ACL_YES', 1); ! @define('ACL_NO', -1); // Login error codes ! @define('LOGIN_CONTINUE', 1); ! @define('LOGIN_BREAK', 2); ! @define('LOGIN_SUCCESS', 3); ! @define('LOGIN_SUCCESS_CREATE_PROFILE', 20); ! @define('LOGIN_ERROR_USERNAME', 10); ! @define('LOGIN_ERROR_PASSWORD', 11); ! @define('LOGIN_ERROR_ACTIVE', 12); ! @define('LOGIN_ERROR_ATTEMPTS', 13); ! @define('LOGIN_ERROR_EXTERNAL_AUTH', 14); ! @define('LOGIN_ERROR_PASSWORD_CONVERT', 15); // Group settings ! @define('GROUP_OPEN', 0); ! @define('GROUP_CLOSED', 1); ! @define('GROUP_HIDDEN', 2); ! @define('GROUP_SPECIAL', 3); ! @define('GROUP_FREE', 4); // Forum/Topic states ! @define('FORUM_CAT', 0); ! @define('FORUM_POST', 1); ! @define('FORUM_LINK', 2); ! @define('ITEM_UNLOCKED', 0); ! @define('ITEM_LOCKED', 1); ! @define('ITEM_MOVED', 2); // Forum Flags ! @define('FORUM_FLAG_LINK_TRACK', 1); ! @define('FORUM_FLAG_PRUNE_POLL', 2); ! @define('FORUM_FLAG_PRUNE_ANNOUNCE', 4); ! @define('FORUM_FLAG_PRUNE_STICKY', 8); ! @define('FORUM_FLAG_ACTIVE_TOPICS', 16); ! @define('FORUM_FLAG_POST_REVIEW', 32); // Optional text flags ! @define('OPTION_FLAG_BBCODE', 1); ! @define('OPTION_FLAG_SMILIES', 2); ! @define('OPTION_FLAG_LINKS', 4); // Topic types ! @define('POST_NORMAL', 0); ! @define('POST_STICKY', 1); ! @define('POST_ANNOUNCE', 2); ! @define('POST_GLOBAL', 3); // Lastread types ! @define('TRACK_NORMAL', 0); ! @define('TRACK_POSTED', 1); // Notify methods ! @define('NOTIFY_EMAIL', 0); ! @define('NOTIFY_IM', 1); ! @define('NOTIFY_BOTH', 2); // Email Priority Settings ! @define('MAIL_LOW_PRIORITY', 4); ! @define('MAIL_NORMAL_PRIORITY', 3); ! @define('MAIL_HIGH_PRIORITY', 2); // Log types ! @define('LOG_ADMIN', 0); ! @define('LOG_MOD', 1); ! @define('LOG_CRITICAL', 2); ! @define('LOG_USERS', 3); // Private messaging - Do NOT change these values ! @define('PRIVMSGS_HOLD_BOX', -4); ! @define('PRIVMSGS_NO_BOX', -3); ! @define('PRIVMSGS_OUTBOX', -2); ! @define('PRIVMSGS_SENTBOX', -1); ! @define('PRIVMSGS_INBOX', 0); // Full Folder Actions ! @define('FULL_FOLDER_NONE', -3); ! @define('FULL_FOLDER_DELETE', -2); ! @define('FULL_FOLDER_HOLD', -1); // Download Modes - Attachments ! @define('INLINE_LINK', 1); // This mode is only used internally to allow modders extending the attachment functionality ! @define('PHYSICAL_LINK', 2); // Confirm types ! @define('CONFIRM_REG', 1); ! @define('CONFIRM_LOGIN', 2); ! @define('CONFIRM_POST', 3); // Categories - Attachments ! @define('ATTACHMENT_CATEGORY_NONE', 0); ! @define('ATTACHMENT_CATEGORY_IMAGE', 1); // Inline Images ! @define('ATTACHMENT_CATEGORY_WM', 2); // Windows Media Files - Streaming ! @define('ATTACHMENT_CATEGORY_RM', 3); // Real Media Files - Streaming ! @define('ATTACHMENT_CATEGORY_THUMB', 4); // Not used within the database, only while displaying posts ! @define('ATTACHMENT_CATEGORY_FLASH', 5); // Flash/SWF files ! @define('ATTACHMENT_CATEGORY_QUICKTIME', 6); // Quicktime/Mov files // BBCode UID length ! @define('BBCODE_UID_LEN', 5); // Number of core BBCodes ! @define('NUM_CORE_BBCODES', 12); // Magic url types ! @define('MAGIC_URL_EMAIL', 1); ! @define('MAGIC_URL_FULL', 2); ! @define('MAGIC_URL_LOCAL', 3); ! @define('MAGIC_URL_WWW', 4); // Profile Field Types ! @define('FIELD_INT', 1); ! @define('FIELD_STRING', 2); ! @define('FIELD_TEXT', 3); ! @define('FIELD_BOOL', 4); ! @define('FIELD_DROPDOWN', 5); ! @define('FIELD_DATE', 6); *************** *** 161,226 **** // Table names ! define('ACL_GROUPS_TABLE', $table_prefix . 'acl_groups'); ! define('ACL_OPTIONS_TABLE', $table_prefix . 'acl_options'); ! define('ACL_ROLES_DATA_TABLE', $table_prefix . 'acl_roles_data'); ! define('ACL_ROLES_TABLE', $table_prefix . 'acl_roles'); ! define('ACL_USERS_TABLE', $table_prefix . 'acl_users'); ! define('ATTACHMENTS_TABLE', $table_prefix . 'attachments'); ! define('BANLIST_TABLE', $table_prefix . 'banlist'); ! define('BBCODES_TABLE', $table_prefix . 'bbcodes'); ! define('BOOKMARKS_TABLE', $table_prefix . 'bookmarks'); ! define('BOTS_TABLE', $table_prefix . 'bots'); ! define('CONFIG_TABLE', $table_prefix . 'config'); ! define('CONFIRM_TABLE', $table_prefix . 'confirm'); ! define('DISALLOW_TABLE', $table_prefix . 'disallow'); ! define('DRAFTS_TABLE', $table_prefix . 'drafts'); ! define('EXTENSIONS_TABLE', $table_prefix . 'extensions'); ! define('EXTENSION_GROUPS_TABLE', $table_prefix . 'extension_groups'); ! define('FORUMS_TABLE', $table_prefix . 'forums'); ! define('FORUMS_ACCESS_TABLE', $table_prefix . 'forums_access'); ! define('FORUMS_TRACK_TABLE', $table_prefix . 'forums_track'); ! define('FORUMS_WATCH_TABLE', $table_prefix . 'forums_watch'); ! define('GROUPS_TABLE', $table_prefix . 'groups'); ! define('ICONS_TABLE', $table_prefix . 'icons'); ! define('LANG_TABLE', $table_prefix . 'lang'); ! define('LOG_TABLE', $table_prefix . 'log'); ! define('MODERATOR_CACHE_TABLE', $table_prefix . 'moderator_cache'); ! define('MODULES_TABLE', $table_prefix . 'modules'); ! define('POLL_OPTIONS_TABLE', $table_prefix . 'poll_options'); ! define('POLL_VOTES_TABLE', $table_prefix . 'poll_votes'); ! define('POSTS_TABLE', $table_prefix . 'posts'); ! define('PRIVMSGS_TABLE', $table_prefix . 'privmsgs'); ! define('PRIVMSGS_FOLDER_TABLE', $table_prefix . 'privmsgs_folder'); ! define('PRIVMSGS_RULES_TABLE', $table_prefix . 'privmsgs_rules'); ! define('PRIVMSGS_TO_TABLE', $table_prefix . 'privmsgs_to'); ! define('PROFILE_FIELDS_TABLE', $table_prefix . 'profile_fields'); ! define('PROFILE_FIELDS_DATA_TABLE', $table_prefix . 'profile_fields_data'); ! define('PROFILE_FIELDS_LANG_TABLE', $table_prefix . 'profile_fields_lang'); ! define('PROFILE_LANG_TABLE', $table_prefix . 'profile_lang'); ! define('RANKS_TABLE', $table_prefix . 'ranks'); ! define('REPORTS_TABLE', $table_prefix . 'reports'); ! define('REPORTS_REASONS_TABLE', $table_prefix . 'reports_reasons'); ! define('SEARCH_RESULTS_TABLE', $table_prefix . 'search_results'); ! define('SEARCH_WORDLIST_TABLE', $table_prefix . 'search_wordlist'); ! define('SEARCH_WORDMATCH_TABLE', $table_prefix . 'search_wordmatch'); ! define('SESSIONS_TABLE', $table_prefix . 'sessions'); ! define('SESSIONS_KEYS_TABLE', $table_prefix . 'sessions_keys'); ! define('SITELIST_TABLE', $table_prefix . 'sitelist'); ! define('SMILIES_TABLE', $table_prefix . 'smilies'); ! define('STYLES_TABLE', $table_prefix . 'styles'); ! define('STYLES_TEMPLATE_TABLE', $table_prefix . 'styles_template'); ! define('STYLES_TEMPLATE_DATA_TABLE',$table_prefix . 'styles_template_data'); ! define('STYLES_THEME_TABLE', $table_prefix . 'styles_theme'); ! define('STYLES_IMAGESET_TABLE', $table_prefix . 'styles_imageset'); ! define('STYLES_IMAGESET_DATA_TABLE',$table_prefix . 'styles_imageset_data'); ! define('TOPICS_TABLE', $table_prefix . 'topics'); ! define('TOPICS_POSTED_TABLE', $table_prefix . 'topics_posted'); ! define('TOPICS_TRACK_TABLE', $table_prefix . 'topics_track'); ! define('TOPICS_WATCH_TABLE', $table_prefix . 'topics_watch'); ! define('USER_GROUP_TABLE', $table_prefix . 'user_group'); ! define('USERS_TABLE', $table_prefix . 'users'); ! define('WARNINGS_TABLE', $table_prefix . 'warnings'); ! define('WORDS_TABLE', $table_prefix . 'words'); ! define('ZEBRA_TABLE', $table_prefix . 'zebra'); // Additional tables --- 169,234 ---- // Table names ! @define('ACL_GROUPS_TABLE', $table_prefix . 'acl_groups'); ! @define('ACL_OPTIONS_TABLE', $table_prefix . 'acl_options'); ! @define('ACL_ROLES_DATA_TABLE', $table_prefix . 'acl_roles_data'); ! @define('ACL_ROLES_TABLE', $table_prefix . 'acl_roles'); ! @define('ACL_USERS_TABLE', $table_prefix . 'acl_users'); ! @define('ATTACHMENTS_TABLE', $table_prefix . 'attachments'); ! @define('BANLIST_TABLE', $table_prefix . 'banlist'); ! @define('BBCODES_TABLE', $table_prefix . 'bbcodes'); ! @define('BOOKMARKS_TABLE', $table_prefix . 'bookmarks'); ! @define('BOTS_TABLE', $table_prefix . 'bots'); ! @define('CONFIG_TABLE', $table_prefix . 'config'); ! @define('CONFIRM_TABLE', $table_prefix . 'confirm'); ! @define('DISALLOW_TABLE', $table_prefix . 'disallow'); ! @define('DRAFTS_TABLE', $table_prefix . 'drafts'); ! @define('EXTENSIONS_TABLE', $table_prefix . 'extensions'); ! @define('EXTENSION_GROUPS_TABLE', $table_prefix . 'extension_groups'); ! @define('FORUMS_TABLE', $table_prefix . 'forums'); ! @define('FORUMS_ACCESS_TABLE', $table_prefix . 'forums_access'); ! @define('FORUMS_TRACK_TABLE', $table_prefix . 'forums_track'); ! @define('FORUMS_WATCH_TABLE', $table_prefix . 'forums_watch'); ! @define('GROUPS_TABLE', $table_prefix . 'groups'); ! @define('ICONS_TABLE', $table_prefix . 'icons'); ! @define('LANG_TABLE', $table_prefix . 'lang'); ! @define('LOG_TABLE', $table_prefix . 'log'); ! @define('MODERATOR_CACHE_TABLE', $table_prefix . 'moderator_cache'); ! @define('MODULES_TABLE', $table_prefix . 'modules'); ! @define('POLL_OPTIONS_TABLE', $table_prefix . 'poll_options'); ! @define('POLL_VOTES_TABLE', $table_prefix . 'poll_votes'); ! @define('POSTS_TABLE', $table_prefix . 'posts'); ! @define('PRIVMSGS_TABLE', $table_prefix . 'privmsgs'); ! @define('PRIVMSGS_FOLDER_TABLE', $table_prefix . 'privmsgs_folder'); ! @define('PRIVMSGS_RULES_TABLE', $table_prefix . 'privmsgs_rules'); ! @define('PRIVMSGS_TO_TABLE', $table_prefix . 'privmsgs_to'); ! @define('PROFILE_FIELDS_TABLE', $table_prefix . 'profile_fields'); ! @define('PROFILE_FIELDS_DATA_TABLE', $table_prefix . 'profile_fields_data'); ! @define('PROFILE_FIELDS_LANG_TABLE', $table_prefix . 'profile_fields_lang'); ! @define('PROFILE_LANG_TABLE', $table_prefix . 'profile_lang'); ! @define('RANKS_TABLE', $table_prefix . 'ranks'); ! @define('REPORTS_TABLE', $table_prefix . 'reports'); ! @define('REPORTS_REASONS_TABLE', $table_prefix . 'reports_reasons'); ! @define('SEARCH_RESULTS_TABLE', $table_prefix . 'search_results'); ! @define('SEARCH_WORDLIST_TABLE', $table_prefix . 'search_wordlist'); ! @define('SEARCH_WORDMATCH_TABLE', $table_prefix . 'search_wordmatch'); ! @define('SESSIONS_TABLE', $table_prefix . 'sessions'); ! @define('SESSIONS_KEYS_TABLE', $table_prefix . 'sessions_keys'); ! @define('SITELIST_TABLE', $table_prefix . 'sitelist'); ! @define('SMILIES_TABLE', $table_prefix . 'smilies'); ! @define('STYLES_TABLE', $table_prefix . 'styles'); ! @define('STYLES_TEMPLATE_TABLE', $table_prefix . 'styles_template'); ! @define('STYLES_TEMPLATE_DATA_TABLE',$table_prefix . 'styles_template_data'); ! @define('STYLES_THEME_TABLE', $table_prefix . 'styles_theme'); ! @define('STYLES_IMAGESET_TABLE', $table_prefix . 'styles_imageset'); ! @define('STYLES_IMAGESET_DATA_TABLE',$table_prefix . 'styles_imageset_data'); ! @define('TOPICS_TABLE', $table_prefix . 'topics'); ! @define('TOPICS_POSTED_TABLE', $table_prefix . 'topics_posted'); ! @define('TOPICS_TRACK_TABLE', $table_prefix . 'topics_track'); ! @define('TOPICS_WATCH_TABLE', $table_prefix . 'topics_watch'); ! @define('USER_GROUP_TABLE', $table_prefix . 'user_group'); ! @define('USERS_TABLE', $table_prefix . 'users'); ! @define('WARNINGS_TABLE', $table_prefix . 'warnings'); ! @define('WORDS_TABLE', $table_prefix . 'words'); ! @define('ZEBRA_TABLE', $table_prefix . 'zebra'); // Additional tables Index: session.php =================================================================== RCS file: /cvsroot/mxbb/core/includes/sessions/phpbb3/session.php,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** session.php 5 Feb 2008 18:37:21 -0000 1.10 --- session.php 11 Feb 2008 12:09:00 -0000 1.11 *************** *** 9,18 **** */ ! /** ! * Modifications: ! * $config -> $board_config ! * $cache = new mx_nothing(); to disable bots() ! * removed '?' in the returned $SID string ! */ class mx_nothing { --- 9,41 ---- */ ! if ( !defined('IN_PORTAL') ) ! { ! die("Hacking attempt"); ! } ! ! /****************************************************************** ! * MODIFICATIONS ! * --------------- ! * started : Saturday, November 17, 2007 ! * copyright : © phpBB Group, mxP Development Team ! * email : ory...@rd... ! * ! * MODIFICATIONS: ! * - replaced $config -> $board_config - by Jon ! * - replaced $cache = new mx_nothing(); to disable bots() - by Jon ! * - removed '?' in the returned $SID string - by Jon ! * - in function setup() ! * $auth -> $phpbb_auth - by OryNider ! * -new globals: $mx_root_path, $mx_cache - by OryNider ! * $this->lang_name was redefined to use in worst case the new $board_config['phpbb_lang'] ! * wich was defined in mx_functions_style.php before lang name is expanded - by OryNider ! * $template = new mx_Template(); - by OryNider ! * - before $this->add_lang($lang_set); the phpBB common language is included if fails with $phpbb_root_path added ! * - in function set_lang() ! * - if empty $this->lang_path will be redefined from $phpbb_root_path and new $board_config['phpbb_lang'] ! * wich in this case are set as globals - by OryNider (similar check has been added in the phpBB3 version too) ! * - added function images() to help redefining $images var and indexes were is needed - by OryNider ! *******************************************************************/ ! class mx_nothing { *************** *** 1623,1627 **** } } ! //unset($lang_set); } elseif ($lang_set) --- 1646,1650 ---- } } ! unset($lang_set); } elseif ($lang_set) |
