Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
BioTorrents.de’s version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1112 Commits
2 Branches
Tree: c3e585ffc4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c3e585ffc4'
${ noResults }
Gazelle/sections/login/index.php

index.php 18KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409 
  1. <?php

  2. #declare(strict_types=1);

  3. 

  4. $ENV = ENV::go();

  5. 

  6. /*-- todo ---------------------------//

  7. Add the JavaScript validation into the display page using the class

  8. //-----------------------------------*/

  9. 

  10. // Allow users to reset their password while logged in

  11. if (!empty($LoggedUser['ID']) && $_REQUEST['act'] !== 'recover') {

  12.     header('Location: index.php');

  13.     error();

  14. }

  15. 

  16. if ($ENV->BLOCK_OPERA_MINI && isset($_SERVER['HTTP_X_OPERAMINI_PHONE'])) {

  17.     error('Opera Mini is banned. Please use another browser.');

  18. }

  19. 

  20. // Check if IP is banned

  21. if (Tools::site_ban_ip($_SERVER['REMOTE_ADDR'])) {

  22.     error('Your IP address has been banned.');

  23. }

  24. 

  25. # Initialize

  26. require_once SERVER_ROOT.'/classes/twofa.class.php';

  27. require_once SERVER_ROOT.'/classes/u2f.class.php';

  28. require_once SERVER_ROOT.'/classes/validate.class.php';

  29. 

  30. $Validate = new Validate;

  31. $TwoFA = new TwoFactorAuth($ENV->SITE_NAME);

  32. $U2F = new u2f\U2F('https://'.SITE_DOMAIN);

  33. 

  34. if (array_key_exists('action', $_GET) && $_GET['action'] === 'disabled') {

  35.     require('disabled.php');

  36.     error();

  37. }

  38. 

  39. if (isset($_REQUEST['act']) && $_REQUEST['act'] === 'recover') {

  40.     // Recover password

  41.     if (!empty($_REQUEST['key'])) {

  42.         // User has entered a new password, use step 2

  43.         $DB->query("

  44.         SELECT

  45.           m.`ID`,

  46.           m.`Email`,

  47.           i.`ResetExpires`

  48.         FROM `users_main` AS m

  49.           INNER JOIN `users_info` AS i ON i.`UserID` = m.`ID`

  50.           WHERE i.`ResetKey` = ?

  51.           AND i.`ResetKey` != ''", $_REQUEST['key']);

  52.         list($UserID, $Email, $Country, $Expires) = $DB->next_record();

  53. 

  54.         if (!apcu_exists('DBKEY')) {

  55.             error('Database not fully decrypted. Please wait for staff to fix this and try again later.');

  56.         }

  57. 

  58.         $Email = Crypto::decrypt($Email);

  59. 

  60.         if ($UserID && strtotime($Expires) > time()) {

  61.             // If the user has requested a password change, and his key has not expired

  62.             $Validate->SetFields('password', '1', 'regex', 'You entered an invalid password. Any password at least 15 characters long is accepted, but a strong password is 8 characters or longer, contains at least 1 lowercase and uppercase letter, contains at least a number or symbol', array('regex' => '/(?=^.{6,}$).*$/'));

  63.             $Validate->SetFields('verifypassword', '1', 'compare', 'Your passwords did not match.', array('comparefield' => 'password'));

  64. 

  65.             if (!empty($_REQUEST['password'])) {

  66.                 // If the user entered a password.

  67.                 // If not, $PassWasReset !== 1, success message hidden.

  68.                 $Err = $Validate->ValidateForm($_REQUEST);

  69.                 if ($Err == '') {

  70.                     // Form validates without error, set new secret and password.

  71.                     $DB->query(

  72.                         "

  73.                     UPDATE

  74.                       `users_main` AS m,

  75.                       `users_info` AS i

  76.                     SET

  77.                       m.`PassHash` = ?,

  78.                       i.`ResetKey` = '',

  79.                       m.`LastLogin` = NOW(),

  80.                       i.`ResetExpires` = NULL

  81.                       WHERE m.`ID` = ?

  82.                       AND i.`UserID` = m.`ID`",

  83.                         Users::make_sec_hash($_REQUEST['password']),

  84.                         $UserID

  85.                     );

  86. 

  87.                     $PassWasReset = true;

  88.                     $LoggedUser['ID'] = $UserID; // Set $LoggedUser['ID'] for logout_all_sessions() to work

  89.                     logout_all_sessions();

  90.                 }

  91.             }

  92. 

  93.             // Either a form asking for them to enter the password

  94.             // Or a success message if $PassWasReset is 1

  95.             require('recover_step2.php');

  96.         } else {

  97.             // Either his key has expired, or he hasn't requested a pass change at all

  98.             if (strtotime($Expires) < time() && $UserID) {

  99.                 // If his key has expired, clear all the reset information

  100.                 $DB->query("

  101.                 UPDATE users_info

  102.                 SET ResetKey = '',

  103.                   ResetExpires = NULL

  104.                   WHERE UserID = ?", $UserID);

  105.                 $_SESSION['reseterr'] = 'The link you were given has expired.'; // Error message to display on form

  106.             }

  107.             // Show him the first form (enter email address)

  108.             header('Location: login.php?act=recover');

  109.         }

  110.     } // End step 2

  111. 

  112.     // User has not clicked the link in his email, use step 1

  113.     else {

  114.         # Check for DBKEY before handling user inputs

  115.         if (!apcu_exists('DBKEY')) {

  116.             $Err = 'Database not fully decrypted. Please wait for staff to fix this and try again';

  117.         }

  118. 

  119.         if (!empty($_REQUEST['email'])) {

  120.             // User has entered email and submitted form

  121.             $Validate->SetFields('email', '1', 'email', 'You entered an invalid email address');

  122.             $Err = $Validate->ValidateForm($_REQUEST);

  123. 

  124.             if (!$Err) {

  125.                 // Form validates correctly

  126.                 $DB->query("

  127.                 SELECT

  128.                   `Email`

  129.                 FROM

  130.                   `users_main`

  131.                 ");

  132. 

  133.                 /**

  134.                  * Note that if any user has a blank email field,

  135.                  * the comparison will fail and the script will 500!

  136.                  */

  137.                 while (list($EncEmail) = $DB->next_record()) {

  138.                     if (trim(

  139.                         strtolower($_REQUEST['email'])

  140.                     ) === strtolower(Crypto::decrypt($EncEmail))) {

  141.                         break; // $EncEmail is now the encrypted form of the given email from the database

  142.                     }

  143.                 }

  144. 

  145.                 $DB->query("

  146.                 SELECT

  147.                   `ID`,

  148.                   `Username`,

  149.                   `Email`

  150.                 FROM

  151.                   `users_main`

  152.                 WHERE

  153.                   `Email` = '$EncEmail'

  154.                 ");

  155. 

  156.                 list($UserID, $Username, $Email) = $DB->next_record();

  157.                 $Email = Crypto::decrypt($Email);

  158. 

  159.                 if ($UserID) {

  160.                     // Email exists in the database

  161.                     // Set ResetKey, send out email, and set $Sent to 1 to show success page

  162.                     Users::reset_password($UserID, $Username, $Email);

  163.                     $Sent = 1; // If $Sent is 1, recover_step1.php displays a success message

  164. 

  165.                     //Log out all of the users current sessions

  166.                     $Cache->delete_value("user_info_$UserID");

  167.                     $Cache->delete_value("user_info_heavy_$UserID");

  168.                     $Cache->delete_value("user_stats_$UserID");

  169.                     $Cache->delete_value("enabled_$UserID");

  170. 

  171.                     $DB->query("

  172.                     SELECT

  173.                       `SessionID`

  174.                     FROM

  175.                       `users_sessions`

  176.                     WHERE

  177.                       `UserID` = '$UserID'

  178.                     ");

  179. 

  180.                     while (list($SessionID) = $DB->next_record()) {

  181.                         $Cache->delete_value("session_$UserID"."_$SessionID");

  182.                     }

  183. 

  184.                     $DB->query("

  185.                     UPDATE

  186.                       `users_sessions`

  187.                     SET

  188.                       `Active` = 0

  189.                     WHERE

  190.                       `UserID` = '$UserID'

  191.                       AND `Active` = 1

  192.                     ");

  193.                 } else {

  194.                     $Err = 'There is no user with that email address.';

  195.                 }

  196.             }

  197.         } elseif (!empty($_SESSION['reseterr'])) {

  198.             // User has not entered email address, and there is an error set in session data

  199.             // This is typically because their key has expired.

  200.             // Stick the error into $Err so recover_step1.php can take care of it

  201.             $Err = $_SESSION['reseterr'];

  202.             unset($_SESSION['reseterr']);

  203.         }

  204. 

  205.         // Either a form for the user's email address, or a success message

  206.         require('recover_step1.php');

  207.     }

  208. } // End password recovery

  209. 

  210. elseif (isset($_REQUEST['act']) && $_REQUEST['act'] === 'newlocation') {

  211.     if (isset($_REQUEST['key'])) {

  212.         if ($ASNCache = $Cache->get_value('new_location_'.$_REQUEST['key'])) {

  213.             $Cache->cache_value('new_location_'.$ASNCache['UserID'].'_'.$ASNCache['ASN'], true);

  214.             require('newlocation.php');

  215.             error();

  216.         } else {

  217.             error(403);

  218.         }

  219.     } else {

  220.         error(403);

  221.     }

  222. } // End new location

  223. 

  224. // Normal login

  225. else {

  226.     $Validate->SetFields('username', true, 'regex', 'You did not enter a valid username', array('regex' => USERNAME_REGEX));

  227.     $Validate->SetFields('password', '1', 'string', 'You entered an invalid password', array('minlength' => '15', 'maxlength' => '307200'));

  228. 

  229.     list($Attempts, $Banned) = $Cache->get_value('login_attempts_'.db_string($_SERVER['REMOTE_ADDR']));

  230. 

  231.     // Function to log a user's login attempt

  232.     function log_attempt()

  233.     {

  234.         global $Cache, $Attempts;

  235.         $Attempts = ($Attempts ?? 0) + 1;

  236.         $Cache->cache_value('login_attempts_'.db_string($_SERVER['REMOTE_ADDR']), array($Attempts, ($Attempts > 5)), 60*60*$Attempts);

  237.         $AllAttempts = $Cache->get_value('login_attempts');

  238.         $AllAttempts[$_SERVER['REMOTE_ADDR']] = time()+(60*60*$Attempts);

  239.         foreach ($AllAttempts as $IP => $Time) {

  240.             if ($Time < time()) {

  241.                 unset($AllAttempts[$IP]);

  242.             }

  243.         }

  244.         $Cache->cache_value('login_attempts', $AllAttempts, 0);

  245.     }

  246. 

  247.     // If user has submitted form

  248.     if (isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password'])) {

  249.         if ($Banned) {

  250.             header("Location: login.php");

  251.             error();

  252.         }

  253.         $Err = $Validate->ValidateForm($_POST);

  254. 

  255.         if (!$Err) {

  256.             // Passes preliminary validation (username and password "look right")

  257.             $DB->query("

  258.             SELECT

  259.               ID,

  260.               PermissionID,

  261.               CustomPermissions,

  262.               PassHash,

  263.               TwoFactor,

  264.               Enabled

  265.             FROM users_main

  266.               WHERE Username = ?

  267.               AND Username != ''", $_POST['username']);

  268.             list($UserID, $PermissionID, $CustomPermissions, $PassHash, $TwoFactor, $Enabled) = $DB->next_record(MYSQLI_NUM, array(2));

  269.             if (!$Banned) {

  270.                 if ($UserID && Users::check_password($_POST['password'], $PassHash)) {

  271.                     // Update hash if better algorithm available

  272.                     if (password_needs_rehash($PassHash, PASSWORD_DEFAULT)) {

  273.                         $DB->query("

  274.                         UPDATE users_main

  275.                         SET PassHash = ?

  276.                           WHERE Username = ?", make_sec_hash($_POST['password']), $_POST['username']);

  277.                     }

  278. 

  279.                     if (empty($TwoFactor) || $TwoFA->verifyCode($TwoFactor, $_POST['twofa'])) {

  280.                         # todo: Make sure the type is (int)

  281.                         if ($Enabled === '1') {

  282. 

  283.                             $U2FRegs = [];

  284.                             $DB->query("

  285.                             SELECT KeyHandle, PublicKey, Certificate, Counter, Valid

  286.                             FROM u2f

  287.                               WHERE UserID = ?", $UserID);

  288.                             // Needs to be an array of objects, so we can't use to_array()

  289.                             while (list($KeyHandle, $PublicKey, $Certificate, $Counter, $Valid) = $DB->next_record()) {

  290.                                 $U2FRegs[] = (object)['keyHandle'=>$KeyHandle, 'publicKey'=>$PublicKey, 'certificate'=>$Certificate, 'counter'=>$Counter, 'valid'=>$Valid];

  291.                             }

  292. 

  293.                             if (sizeof($U2FRegs) > 0) {

  294.                                 // U2F is enabled for this account

  295.                                 if (isset($_POST['u2f-request']) && isset($_POST['u2f-response'])) {

  296.                                     // Data from the U2F login page is present. Verify it.

  297.                                     try {

  298.                                         $U2FReg = $U2F->doAuthenticate(json_decode($_POST['u2f-request']), $U2FRegs, json_decode($_POST['u2f-response']));

  299.                                         if ($U2FReg->valid != '1') {

  300.                                             error('Token disabled.');

  301.                                         }

  302.                                         $DB->query(

  303.                                             "UPDATE u2f

  304.                                 SET Counter = ?

  305.                                 WHERE KeyHandle = ?

  306.                                 AND UserID = ?",

  307.                                             $U2FReg->counter,

  308.                                             $U2FReg->keyHandle,

  309.                                             $UserID

  310.                                         );

  311.                                     } catch (Exception $e) {

  312.                                         $U2FErr = 'U2F key invalid. Error: '.($e->getMessage());

  313.                                         if ($e->getMessage() == 'Token disabled.') {

  314.                                             $U2FErr = 'This token was disabled due to suspected cloning. Contact staff for assistance';

  315.                                         }

  316.                                         if ($e->getMessage() == 'Counter too low.') {

  317.                                             $BadHandle = json_decode($_POST['u2f-response'], true)['keyHandle'];

  318.                                             $DB->query("UPDATE u2f

  319.                                   SET Valid = '0'

  320.                                   WHERE KeyHandle = ?

  321.                                   AND UserID = ?", $BadHandle, $UserID);

  322.                                             $U2FErr = 'U2F counter too low. This token has been disabled due to suspected cloning. Contact staff for assistance';

  323.                                         }

  324.                                     }

  325.                                 } else {

  326.                                     // Data from the U2F login page is not present. Go there

  327.                                     require('u2f.php');

  328.                                     error();

  329.                                 }

  330.                             }

  331. 

  332.                             if (sizeof($U2FRegs) == 0 || !isset($U2FErr)) {

  333.                                 $SessionID = Users::make_secret(64);

  334.                                 setcookie('session', $SessionID, (time()+60*60*24*365), '/', '', true, true);

  335.                                 setcookie('userid', $UserID, (time()+60*60*24*365), '/', '', true, true);

  336. 

  337.                                 $DB->query("

  338.                                 INSERT INTO users_sessions

  339.                                   (UserID, SessionID, KeepLogged, Browser, OperatingSystem, IP, LastUpdate, FullUA)

  340.                                 VALUES

  341.                                   ('$UserID', '".db_string($SessionID)."', '1', '$Browser', '$OperatingSystem', '".db_string(apcu_exists('DBKEY')?Crypto::encrypt($_SERVER['REMOTE_ADDR']):'0.0.0.0')."', NOW(), '".db_string($_SERVER['HTTP_USER_AGENT'])."')");

  342. 

  343.                                 $Cache->begin_transaction("users_sessions_$UserID");

  344.                                 $Cache->insert_front($SessionID, [

  345.                                   'SessionID' => $SessionID,

  346.                                   'Browser' => $Browser,

  347.                                   'OperatingSystem' => $OperatingSystem,

  348.                                   'IP' => (apcu_exists('DBKEY')?Crypto::encrypt($_SERVER['REMOTE_ADDR']):'0.0.0.0'),

  349.                                   'LastUpdate' => sqltime()

  350.                                 ]);

  351.                                 $Cache->commit_transaction(0);

  352. 

  353.                                 $Sql = "

  354.                                 UPDATE users_main

  355.                                 SET

  356.                                   LastLogin = NOW(),

  357.                                   LastAccess = NOW()

  358.                                   WHERE ID = '".db_string($UserID)."'";

  359. 

  360.                                 $DB->query($Sql);

  361. 

  362.                                 if (!empty($_COOKIE['redirect'])) {

  363.                                     $URL = $_COOKIE['redirect'];

  364.                                     setcookie('redirect', '', time() - 60 * 60 * 24, '/', '', false);

  365.                                     header("Location: $URL");

  366.                                     error();

  367.                                 } else {

  368.                                     header('Location: index.php');

  369.                                     error();

  370.                                 }

  371.                             } else {

  372.                                 log_attempt();

  373.                                 $Err = $U2FErr;

  374.                                 setcookie('keeplogged', '', time() + 60 * 60 * 24 * 365, '/', '', false);

  375.                             }

  376.                         } else {

  377.                             log_attempt();

  378.                             if ($Enabled == 2) {

  379. 

  380.                                 // Save the username in a cookie for the disabled page

  381.                                 setcookie('username', db_string($_POST['username']), time() + 60 * 60, '/', '', false);

  382.                                 header('Location: login.php?action=disabled');

  383.                             # todo: Make sure the type is (int)

  384.                             } elseif ($Enabled === '0') {

  385.                                 $Err = 'Your account has not been confirmed. Please check your email, including the spam folder';

  386.                             }

  387.                             setcookie('keeplogged', '', time() + 60 * 60 * 24 * 365, '/', '', false);

  388.                         }

  389.                     } else {

  390.                         log_attempt();

  391.                         $Err = 'Two-factor authentication failed';

  392.                         setcookie('keeplogged', '', time() + 60 * 60 * 24 * 365, '/', '', false);

  393.                     }

  394.                 } else {

  395.                     log_attempt();

  396.                     $Err = 'Your username or password was incorrect';

  397.                     setcookie('keeplogged', '', time() + 60 * 60 * 24 * 365, '/', '', false);

  398.                 }

  399.             } else {

  400.                 log_attempt();

  401.                 setcookie('keeplogged', '', time() + 60 * 60 * 24 * 365, '/', '', false);

  402.             }

  403.         } else {

  404.             log_attempt();

  405.             setcookie('keeplogged', '', time() + 60 * 60 * 24 * 365, '/', '', false);

  406.         }

  407.     }

  408.     require('sections/login/login.php');

  409. }