All pastes #1417890 Raw Edit

hs phpbb integration

public php v1 · immutable
#1417890 ·published 2009-05-10 01:20 UTC
rendered paste body
<?phpfunction phpbb_register($values){		$host_details = parse_url($values["url"]);	$host = $host_details["host"];	$phpbb_path = $host_details["path"];	if(!ereg("/$",$phpbb_path))		$phpbb_path.= "/";			$cookie_file = phpbb_cookie_file();		@unlink($cookie_file);			$result = phpbb_curl("http://".$host.$phpbb_path."ucp.php?mode=register",$cookie_file,"");	preg_match("/sid=([^\"]+)\"/",$result,$match);	$sid = $match[1];	$sid = substr($sid,0,strpos($sid,"&"));	preg_match("/name=\"form_token\" value=\"([^\"]+)\"/",$result,$match);	$form_token = $match[1];	preg_match("/name=\"creation_time\" value=\"([^\"]+)\"/",$result,$match);	$creation_time = $match[1];	//echo "Token:".$form_token."<br>SID:".$sid."<hr>";	//echo $result;	//run through again		$post_array = array(			"mode" => "register",			"agreed" => "true",			"form_token" => $form_token,			"creation_time" => $creation_time			);		while(list($key,$val) = each($post_array)){			$post_str.= $key."=".urlencode($val)."&";		}//while		$post_str = rtrim($post_str,"&");		$result = phpbb_curl("http://".$host.$phpbb_path."ucp.php?mode=register&sid=".$sid,$cookie_file,$post_str);		//echo "Token:".$form_token."<hr>";		//print_r($post_str);		///echo $result;		preg_match("/name=\"form_token\" value=\"([^\"]+)\"/",$result,$match);		$form_token = $match[1];		preg_match("/name=\"creation_time\" value=\"([^\"]+)\"/",$result,$match);		$creation_time = $match[1];		$phpbb_values = array(		"mode" => "register",		"agreed" => "true",		"coppa" => "0",					"username" => $values["username"],		"email" => $values["email"],		"email_confirm" => $values["email"],		"new_password" => $values["password"],		"password_confirm" => $values["password"],		"viewemail" => "0",		"hideonline" => "0",		"notifyreply" => "1",		"notifypm" => "1",		"popup_pm" => "1",		"attachsig" => "1",		"allowbbcode" => "1",		"allowhtml" => "1",		"allowsmilies" => "1",		"lang" => "en",		"style" => "1",		"tz" => "0",		"dateformat" => "D M d, Y g:i a",		"icq" => "",		"aim" => "",		"msn" => "",		"yim" => "",		"website" => "",		"location" => "",		"occupation" => "",		"interests" => "",		"signature" => "",		"change_lang" => "0",		"submit" => "1",		"form_token" => $form_token,		"creation_time" => $creation_time,		"sid" => $sid	);			while(list($key,$val) = each($phpbb_values)){		$post_string.= $key."=".urlencode($val)."&";	}//while	$post_string = rtrim($post_string,"&");		$result = phpbb_curl("http://".$host.$phpbb_path."ucp.php?mode=register&sid=".$sid,$cookie_file,$post_string);	//echo "Token:".$form_token."<hr>";	//echo $result;    	@unlink($cookie_file);    return true;	}//phpbb_registerfunction phpbb_login($values){		$host_details = parse_url($values["url"]);	$host = $host_details["host"];	$cookie_url = eregi_replace("^www","",$host);	$phpbb_path = $host_details["path"];	if(!ereg("/$",$phpbb_path))		$phpbb_path.= "/";	$phpbb_values = array(		"username" => $values["username"],		"password" => $values["password"],		"redirect" => "",		"submit" => "1",		"login" => "1"	);		$phpbb_values["autologin"] = "1";				while(list($key,$val) = each($phpbb_values)){		$post_string.= $key."=".urlencode($val)."&";	}//while	$post_string = rtrim($post_string,"&");		$cookie_file = phpbb_cookie_file();		@unlink($cookie_file);	$line = phpbb_curl("http://".$host.$phpbb_path."ucp.php?mode=login",$cookie_file,$post_string,"",1);	$line = ereg_replace("\r","",$line);	$lines = explode("\n",$line);	$skip[0] = 1;	$skip[1] = 1;	foreach($lines as $header){		if(eregi("^Set-Cookie",$header)){			preg_match_all("/^Set-Cookie: ([^=]+)=([^;]+);/",$header,$matches);			$name   = $matches[1][0];			$value  = urldecode($matches[2][0]);			preg_match_all("/expires=([^;]+);/",$header,$matches);			$expire_string = $matches[1][0];							if($expire_string)				$expire = strtotime($expire_string);			else				$expire = 0;			if(strstr($name,"_sid") && $skip[0]){				$skip[0] = 0;			}//if			elseif(strstr($name,"_u") && $skip[1]){				$skip[1] = 0;			}//if			else{							load_cookie($name,$value,$expire,$cookie_url);			}//else		}//if		elseif(eregi("^Location",$header)){			$link = ereg_replace("Location: ","",$header);			$url = parse_url($link);    							parse_str($url["query"],$phpbb_answer);			$session_id = $phpbb_answer["sid"];			load_cookie($sidset."_sid",$phpbb_answer["sid"],0);		}//elseif	}//foreach		$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );	$user_ip = phpbb_encode_ip($client_ip);		$conn = @mysql_connect($values["dbhost"],$values["dbuser"],$values["dbpass"],1);	@mysql_select_db($values["dbname"],$conn);		$sql_query = "UPDATE ".$values["dbprefix"]."sessions SET session_ip = '".$user_ip."'				  WHERE session_id='".$session_id."'";	@mysql_query($sql_query,$conn);	@mysql_close($conn);	@unlink($cookie_file);	return true;		}//phpbb_loginfunction phpbb_logout($values){		$host_details = parse_url($values["url"]);	$host = $host_details["host"];	$phpbb_path = $host_details["path"];	if(!ereg("/$",$phpbb_path))		$phpbb_path.= "/";	$phpbb_values = array(				"submit" => "1",		"logout" => "true",		"sid" => $GLOBALS["Get"]->cookie("phpbb_sid")	);				while(list($key,$val) = each($phpbb_values)){		$post_string.= $key."=".urlencode($val)."&";	}//while	$post_string = rtrim($post_string,"&");				$fp = fsockopen ($host, 80, $errno, $errstr);	if($fp){    fputs($fp, "POST ".$phpbb_path."ucp.php?mode=logout HTTP/1.1\r\n");     fputs($fp, "Host: ".$host."\r\n"); 	fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); 	fputs($fp, "Content-length: ".strlen($post_string)."\r\n");	while(list($key,$val) = each($_COOKIE)){		$cookies.= $key."=".urlencode($val)."; ";	}//while	$cookies = rtrim($cookies,'; ');	fputs($fp, "Cookie: ".$cookies."\n");	fputs($fp, "Connection: close\r\n\r\n"); 	fputs($fp, $post_string."\r\n\r\n");	$line = "";	while (!feof($fp)) {		$line.= fgets ($fp,1024);	}//while	fclose ($fp);	}//if    			$line = ereg_replace("\r","",$line);	$lines = explode("\n",$line);	foreach($lines as $header){		if(eregi("^Set-Cookie",$header)){			preg_match_all("/^Set-Cookie: ([^=]+)=([^;]+);/",$header,$matches);			$name   = $matches[1][0];			$value  = urldecode($matches[2][0]);			preg_match_all("/expires=([^;]+);/",$header,$matches);			$expire_string = $matches[1][0];			if($expire_string)				$expire = strtotime($expire_string);			else				$expire = 0;						load_cookie($name,$value,$expire);			if(strstr($name,"_sid")){				load_cookie($name,"",time()-10);			}		}//if	}//foreach		return true;	}//phpbb_logoutfunction phpbb_account($values){		$conn = mysql_connect($values["dbhost"],$values["dbuser"],$values["dbpass"],1);	mysql_select_db($values["dbname"],$conn);		if($values["password"]){		$sql_query = "SELECT config_value FROM ".$values["dbprefix"]. "config WHERE config_name ='rand_seed'";		$res = mysql_query($sql_query,$conn);		if(!$res)			die(mysql_error($conn));		$rand_seed = mysql_result($res,0);				$passhash = phpbb_hash($values["password"],$rand_seed);				$sql_query = "UPDATE " .$values["dbprefix"]. "users SET `user_password`='".$passhash."', `user_passchg`=".time()."					  WHERE username='".$values["username"]."'";		mysql_query($sql_query);				phpbb_logout($values);		phpbb_login($values);			}//if		if($values["email"]){		$sql_query = "UPDATE " .$values["dbprefix"]. "users SET `user_email`='".$values["email"]."', user_email_hash='".crc32($values["email"]) . strlen($values["email"])."'					  WHERE username='".$values["username"]."'";		mysql_query($sql_query);		//echo $sql_query;exit;	}//if		mysql_close($conn);		return true;	}//phpbb_accountfunction phpbb_link($values){		return rtrim($values["url"],"/")."/index.php?sid=".$GLOBALS["Get"]->cookie("phpbb_sid");	}//phpbb_linkfunction phpbb_encode_ip($dotquad_ip){		$ip_sep = explode('.', $dotquad_ip);	return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);	}//phpbb_encode_ipfunction phpbb_curl($url,$cookie_path="",$postfileds="",$referrer="",$header="",$follow=1){		$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";    $ch = curl_init();     curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);    curl_setopt($ch, CURLOPT_URL,$url);	curl_setopt($ch, CURLOPT_USERAGENT, $agent);    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);     if($follow)		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);	if($referrer!="")			curl_setopt($ch, CURLOPT_REFERER, $referrer);			if($cookie_path!=""){		curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_path);		curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_path);	}//if		if($postfileds!=""){		curl_setopt($ch, CURLOPT_POST, 1); 		curl_setopt($ch, CURLOPT_POSTFIELDS,$postfileds); 	}//if		if($header!="")		curl_setopt($ch, CURLOPT_HEADER, 1);	$result = curl_exec ($ch);	curl_close ($ch);		return $result;	}//phpbb_curlfunction phpbb_cookie_file(){		mt_srand((double)microtime()*100000);	$fpath = DOC_ROOT."/temp";	$fname = hs_substr(md5(time().mt_rand(0,100)),0,15);		$cookie_file = $fpath."/".$fname.".txt";		return $cookie_file;	}//phpbb_cookie_filefunction phpbb_hash($password,$rand_seed){	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';	$val = $rand_seed . microtime();	$val = md5($val);	$random_state = substr($val, 4, 16);	$random = '';	$count = 6;	if (($fh = @fopen('/dev/urandom', 'rb')))	{		$random = fread($fh, $count);		fclose($fh);	}	if (strlen($random) < $count)	{		$random = '';		for ($i = 0; $i < $count; $i += 16)		{			$val = $rand_seed . microtime();			$val = md5($val);			$random_state2 = substr($val, 4, 16);						$random_state = md5($random_state2 . $random_state);			$random .= pack('H*', md5($random_state));		}		$random = substr($random, 0, $count);	}	$hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);	if (strlen($hash) == 34)	{		return $hash;	}	return md5($password);}function _hash_gensalt_private($input, &$itoa64, $iteration_count_log2 = 6){	if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)	{		$iteration_count_log2 = 8;	}	$output = '$H$';	$output .= $itoa64[min($iteration_count_log2 + ((PHP_VERSION >= 5) ? 5 : 3), 30)];	$output .= _hash_encode64($input, 6, $itoa64);	return $output;}function _hash_crypt_private($password, $setting, &$itoa64){	$output = '*';	// Check for correct hash	if (substr($setting, 0, 3) != '$H$')	{		return $output;	}	$count_log2 = strpos($itoa64, $setting[3]);	if ($count_log2 < 7 || $count_log2 > 30)	{		return $output;	}	$count = 1 << $count_log2;	$salt = substr($setting, 4, 8);	if (strlen($salt) != 8)	{		return $output;	}	/**	* We're kind of forced to use MD5 here since it's the only	* cryptographic primitive available in all versions of PHP	* currently in use.  To implement our own low-level crypto	* in PHP would result in much worse performance and	* consequently in lower iteration counts and hashes that are	* quicker to crack (by non-PHP code).	*/	if (PHP_VERSION >= 5)	{		$hash = md5($salt . $password, true);		do		{			$hash = md5($hash . $password, true);		}		while (--$count);	}	else	{		$hash = pack('H*', md5($salt . $password));		do		{			$hash = pack('H*', md5($hash . $password));		}		while (--$count);	}	$output = substr($setting, 0, 12);	$output .= _hash_encode64($hash, 16, $itoa64);	return $output;}function _hash_encode64($input, $count, &$itoa64){	$output = '';	$i = 0;	do	{		$value = ord($input[$i++]);		$output .= $itoa64[$value & 0x3f];		if ($i < $count)		{			$value |= ord($input[$i]) << 8;		}		$output .= $itoa64[($value >> 6) & 0x3f];		if ($i++ >= $count)		{			break;		}		if ($i < $count)		{			$value |= ord($input[$i]) << 16;		}		$output .= $itoa64[($value >> 12) & 0x3f];				if ($i++ >= $count)		{			break;		}		$output .= $itoa64[($value >> 18) & 0x3f];	}	while ($i < $count);	return $output;}function unique_id($extra = 'c'){	global $config;	$val = $config['rand_seed'] . microtime();	$val = md5($val);	$config['rand_seed'] = md5($config['rand_seed'] . $val . $extra);	return substr($val, 4, 16);}?>