rendered paste body<?php
function phpbb_register($values){
$host_details = parse_url($values["url"]);
$host = $host_details["host"];
$phpbb_path = $host_details["path"];
if(!ereg("/$",$phpbb_path))
$phpbb_path.= "/";
$cookie_file = phpbb_cookie_file();
@unlink($cookie_file);
$result = phpbb_curl("http://".$host.$phpbb_path."ucp.php?mode=register",$cookie_file,"");
preg_match("/sid=([^\"]+)\"/",$result,$match);
$sid = $match[1];
$sid = substr($sid,0,strpos($sid,"&"));
preg_match("/name=\"form_token\" value=\"([^\"]+)\"/",$result,$match);
$form_token = $match[1];
preg_match("/name=\"creation_time\" value=\"([^\"]+)\"/",$result,$match);
$creation_time = $match[1];
//echo "Token:".$form_token."<br>SID:".$sid."<hr>";
//echo $result;
//run through again
$post_array = array(
"mode" => "register",
"agreed" => "true",
"form_token" => $form_token,
"creation_time" => $creation_time
);
while(list($key,$val) = each($post_array)){
$post_str.= $key."=".urlencode($val)."&";
}//while
$post_str = rtrim($post_str,"&");
$result = phpbb_curl("http://".$host.$phpbb_path."ucp.php?mode=register&sid=".$sid,$cookie_file,$post_str);
//echo "Token:".$form_token."<hr>";
//print_r($post_str);
///echo $result;
preg_match("/name=\"form_token\" value=\"([^\"]+)\"/",$result,$match);
$form_token = $match[1];
preg_match("/name=\"creation_time\" value=\"([^\"]+)\"/",$result,$match);
$creation_time = $match[1];
$phpbb_values = array(
"mode" => "register",
"agreed" => "true",
"coppa" => "0",
"username" => $values["username"],
"email" => $values["email"],
"email_confirm" => $values["email"],
"new_password" => $values["password"],
"password_confirm" => $values["password"],
"viewemail" => "0",
"hideonline" => "0",
"notifyreply" => "1",
"notifypm" => "1",
"popup_pm" => "1",
"attachsig" => "1",
"allowbbcode" => "1",
"allowhtml" => "1",
"allowsmilies" => "1",
"lang" => "en",
"style" => "1",
"tz" => "0",
"dateformat" => "D M d, Y g:i a",
"icq" => "",
"aim" => "",
"msn" => "",
"yim" => "",
"website" => "",
"location" => "",
"occupation" => "",
"interests" => "",
"signature" => "",
"change_lang" => "0",
"submit" => "1",
"form_token" => $form_token,
"creation_time" => $creation_time,
"sid" => $sid
);
while(list($key,$val) = each($phpbb_values)){
$post_string.= $key."=".urlencode($val)."&";
}//while
$post_string = rtrim($post_string,"&");
$result = phpbb_curl("http://".$host.$phpbb_path."ucp.php?mode=register&sid=".$sid,$cookie_file,$post_string);
//echo "Token:".$form_token."<hr>";
//echo $result;
@unlink($cookie_file);
return true;
}//phpbb_register
function phpbb_login($values){
$host_details = parse_url($values["url"]);
$host = $host_details["host"];
$cookie_url = eregi_replace("^www","",$host);
$phpbb_path = $host_details["path"];
if(!ereg("/$",$phpbb_path))
$phpbb_path.= "/";
$phpbb_values = array(
"username" => $values["username"],
"password" => $values["password"],
"redirect" => "",
"submit" => "1",
"login" => "1"
);
$phpbb_values["autologin"] = "1";
while(list($key,$val) = each($phpbb_values)){
$post_string.= $key."=".urlencode($val)."&";
}//while
$post_string = rtrim($post_string,"&");
$cookie_file = phpbb_cookie_file();
@unlink($cookie_file);
$line = phpbb_curl("http://".$host.$phpbb_path."ucp.php?mode=login",$cookie_file,$post_string,"",1);
$line = ereg_replace("\r","",$line);
$lines = explode("\n",$line);
$skip[0] = 1;
$skip[1] = 1;
foreach($lines as $header){
if(eregi("^Set-Cookie",$header)){
preg_match_all("/^Set-Cookie: ([^=]+)=([^;]+);/",$header,$matches);
$name = $matches[1][0];
$value = urldecode($matches[2][0]);
preg_match_all("/expires=([^;]+);/",$header,$matches);
$expire_string = $matches[1][0];
if($expire_string)
$expire = strtotime($expire_string);
else
$expire = 0;
if(strstr($name,"_sid") && $skip[0]){
$skip[0] = 0;
}//if
elseif(strstr($name,"_u") && $skip[1]){
$skip[1] = 0;
}//if
else{
load_cookie($name,$value,$expire,$cookie_url);
}//else
}//if
elseif(eregi("^Location",$header)){
$link = ereg_replace("Location: ","",$header);
$url = parse_url($link);
parse_str($url["query"],$phpbb_answer);
$session_id = $phpbb_answer["sid"];
load_cookie($sidset."_sid",$phpbb_answer["sid"],0);
}//elseif
}//foreach
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
$user_ip = phpbb_encode_ip($client_ip);
$conn = @mysql_connect($values["dbhost"],$values["dbuser"],$values["dbpass"],1);
@mysql_select_db($values["dbname"],$conn);
$sql_query = "UPDATE ".$values["dbprefix"]."sessions SET session_ip = '".$user_ip."'
WHERE session_id='".$session_id."'";
@mysql_query($sql_query,$conn);
@mysql_close($conn);
@unlink($cookie_file);
return true;
}//phpbb_login
function phpbb_logout($values){
$host_details = parse_url($values["url"]);
$host = $host_details["host"];
$phpbb_path = $host_details["path"];
if(!ereg("/$",$phpbb_path))
$phpbb_path.= "/";
$phpbb_values = array(
"submit" => "1",
"logout" => "true",
"sid" => $GLOBALS["Get"]->cookie("phpbb_sid")
);
while(list($key,$val) = each($phpbb_values)){
$post_string.= $key."=".urlencode($val)."&";
}//while
$post_string = rtrim($post_string,"&");
$fp = fsockopen ($host, 80, $errno, $errstr);
if($fp){
fputs($fp, "POST ".$phpbb_path."ucp.php?mode=logout HTTP/1.1\r\n");
fputs($fp, "Host: ".$host."\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: ".strlen($post_string)."\r\n");
while(list($key,$val) = each($_COOKIE)){
$cookies.= $key."=".urlencode($val)."; ";
}//while
$cookies = rtrim($cookies,'; ');
fputs($fp, "Cookie: ".$cookies."\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $post_string."\r\n\r\n");
$line = "";
while (!feof($fp)) {
$line.= fgets ($fp,1024);
}//while
fclose ($fp);
}//if
$line = ereg_replace("\r","",$line);
$lines = explode("\n",$line);
foreach($lines as $header){
if(eregi("^Set-Cookie",$header)){
preg_match_all("/^Set-Cookie: ([^=]+)=([^;]+);/",$header,$matches);
$name = $matches[1][0];
$value = urldecode($matches[2][0]);
preg_match_all("/expires=([^;]+);/",$header,$matches);
$expire_string = $matches[1][0];
if($expire_string)
$expire = strtotime($expire_string);
else
$expire = 0;
load_cookie($name,$value,$expire);
if(strstr($name,"_sid")){
load_cookie($name,"",time()-10);
}
}//if
}//foreach
return true;
}//phpbb_logout
function phpbb_account($values){
$conn = mysql_connect($values["dbhost"],$values["dbuser"],$values["dbpass"],1);
mysql_select_db($values["dbname"],$conn);
if($values["password"]){
$sql_query = "SELECT config_value FROM ".$values["dbprefix"]. "config WHERE config_name ='rand_seed'";
$res = mysql_query($sql_query,$conn);
if(!$res)
die(mysql_error($conn));
$rand_seed = mysql_result($res,0);
$passhash = phpbb_hash($values["password"],$rand_seed);
$sql_query = "UPDATE " .$values["dbprefix"]. "users SET `user_password`='".$passhash."', `user_passchg`=".time()."
WHERE username='".$values["username"]."'";
mysql_query($sql_query);
phpbb_logout($values);
phpbb_login($values);
}//if
if($values["email"]){
$sql_query = "UPDATE " .$values["dbprefix"]. "users SET `user_email`='".$values["email"]."', user_email_hash='".crc32($values["email"]) . strlen($values["email"])."'
WHERE username='".$values["username"]."'";
mysql_query($sql_query);
//echo $sql_query;exit;
}//if
mysql_close($conn);
return true;
}//phpbb_account
function phpbb_link($values){
return rtrim($values["url"],"/")."/index.php?sid=".$GLOBALS["Get"]->cookie("phpbb_sid");
}//phpbb_link
function phpbb_encode_ip($dotquad_ip){
$ip_sep = explode('.', $dotquad_ip);
return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}//phpbb_encode_ip
function phpbb_curl($url,$cookie_path="",$postfileds="",$referrer="",$header="",$follow=1){
$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
if($follow)
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
if($referrer!="")
curl_setopt($ch, CURLOPT_REFERER, $referrer);
if($cookie_path!=""){
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_path);
}//if
if($postfileds!=""){
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$postfileds);
}//if
if($header!="")
curl_setopt($ch, CURLOPT_HEADER, 1);
$result = curl_exec ($ch);
curl_close ($ch);
return $result;
}//phpbb_curl
function phpbb_cookie_file(){
mt_srand((double)microtime()*100000);
$fpath = DOC_ROOT."/temp";
$fname = hs_substr(md5(time().mt_rand(0,100)),0,15);
$cookie_file = $fpath."/".$fname.".txt";
return $cookie_file;
}//phpbb_cookie_file
function phpbb_hash($password,$rand_seed)
{
$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
$val = $rand_seed . microtime();
$val = md5($val);
$random_state = substr($val, 4, 16);
$random = '';
$count = 6;
if (($fh = @fopen('/dev/urandom', 'rb')))
{
$random = fread($fh, $count);
fclose($fh);
}
if (strlen($random) < $count)
{
$random = '';
for ($i = 0; $i < $count; $i += 16)
{
$val = $rand_seed . microtime();
$val = md5($val);
$random_state2 = substr($val, 4, 16);
$random_state = md5($random_state2 . $random_state);
$random .= pack('H*', md5($random_state));
}
$random = substr($random, 0, $count);
}
$hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);
if (strlen($hash) == 34)
{
return $hash;
}
return md5($password);
}
function _hash_gensalt_private($input, &$itoa64, $iteration_count_log2 = 6)
{
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
{
$iteration_count_log2 = 8;
}
$output = '$H$';
$output .= $itoa64[min($iteration_count_log2 + ((PHP_VERSION >= 5) ? 5 : 3), 30)];
$output .= _hash_encode64($input, 6, $itoa64);
return $output;
}
function _hash_crypt_private($password, $setting, &$itoa64)
{
$output = '*';
// Check for correct hash
if (substr($setting, 0, 3) != '$H$')
{
return $output;
}
$count_log2 = strpos($itoa64, $setting[3]);
if ($count_log2 < 7 || $count_log2 > 30)
{
return $output;
}
$count = 1 << $count_log2;
$salt = substr($setting, 4, 8);
if (strlen($salt) != 8)
{
return $output;
}
/**
* We're kind of forced to use MD5 here since it's the only
* cryptographic primitive available in all versions of PHP
* currently in use. To implement our own low-level crypto
* in PHP would result in much worse performance and
* consequently in lower iteration counts and hashes that are
* quicker to crack (by non-PHP code).
*/
if (PHP_VERSION >= 5)
{
$hash = md5($salt . $password, true);
do
{
$hash = md5($hash . $password, true);
}
while (--$count);
}
else
{
$hash = pack('H*', md5($salt . $password));
do
{
$hash = pack('H*', md5($hash . $password));
}
while (--$count);
}
$output = substr($setting, 0, 12);
$output .= _hash_encode64($hash, 16, $itoa64);
return $output;
}
function _hash_encode64($input, $count, &$itoa64)
{
$output = '';
$i = 0;
do
{
$value = ord($input[$i++]);
$output .= $itoa64[$value & 0x3f];
if ($i < $count)
{
$value |= ord($input[$i]) << 8;
}
$output .= $itoa64[($value >> 6) & 0x3f];
if ($i++ >= $count)
{
break;
}
if ($i < $count)
{
$value |= ord($input[$i]) << 16;
}
$output .= $itoa64[($value >> 12) & 0x3f];
if ($i++ >= $count)
{
break;
}
$output .= $itoa64[($value >> 18) & 0x3f];
}
while ($i < $count);
return $output;
}
function unique_id($extra = 'c')
{
global $config;
$val = $config['rand_seed'] . microtime();
$val = md5($val);
$config['rand_seed'] = md5($config['rand_seed'] . $val . $extra);
return substr($val, 4, 16);
}
?>