SignUp/config/config.php

149 lines
4.6 KiB
PHP
Raw Normal View History

2019-08-08 13:40:15 +00:00
<?php
/**
* /config/config.php
* @version 1.0
* @desc configuration file
* @author Fándly Gergő Zoltán
* @copy 2017 Fándly Gergő Zoltán
*/
/*
* Includes
*/
require_once("lib/loginManager/loginManager.php");
require_once("lib/defuse-crypto.phar");
require_once("lib/functions.php");
/*
* Load in config files
*/
$config=parse_ini_file("config.ini", true);
$config['cryptokey']=file_get_contents("cryptokey.cnf", true);
$config['allowlogin']=file_get_contents("allowlogin.cnf", true)=="1"?true:false;
$config['allowsignup']=file_get_contents("allowsignup.cnf", true)=="1"?true:false;
/*
* regionalization
*/
date_default_timezone_set($config['general']['timezone']);
mb_internal_encoding("UTF-8");
/*
* Load language file
*/
$lang=parse_ini_file("lang/".$config['language']['use']);
/*
* Set up database
*/
$db=new PDO($config['database']['type'].":host=".$config['database']['host'].";dbname=".$config['database']['name'].";charset=utf8", $config['database']['user'], $config['database']['password']);
/*
* Load Crypto key
*/
$crypto=\Defuse\Crypto\Key::loadFromAsciiSafeString($config['cryptokey']);
/*
* Byte Order Mark for exports
*/
$BOM=chr(239).chr(187).chr(191);
/*
* DEBUG
*/
if($config['general']['debug']){
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
ini_set("display_errors", true);
}
/*
* Versioning
*/
const VERSION="2.0";
/*
* Set up loginManager
*/
//build needed classes
class handler implements lmHandler{
public function handle($state, $target=0){
global $db;
switch($state){
case lmStates::LOGIN_FAILED:
functions::setError(1);
header("Location: ".explode("?", $_SERVER['REQUEST_URI'])[0]);
break;
case lmStates::LOGIN_OK:
$sql=$db->prepare("SELECT id, name, class, accesslevel, except_signup FROM users WHERE id=:id");
$sql->execute(array(":id"=>$target));
$res=$sql->fetch(PDO::FETCH_ASSOC);
$_SESSION['id']=$res['id'];
$_SESSION['name']=$res['name'];
$_SESSION['class']=$res['class'];
$_SESSION['accesslevel']=$res['accesslevel'];
$_SESSION['except_signup']=$res['except_signup'];
header("Location: ".explode("?", $_SERVER['REQUEST_URI'])[0]);
break;
case lmStates::CAPTCHA_FAILED:
functions::setError(2);
header("Location: ".explode("?", $_SERVER['REQUEST_URI'])[0]);
break;
case lmStates::BANNED:
functions::setError(3);
header("Location: ".explode("?", $_SERVER['REQUEST_URI'])[0]);
break;
case lmStates::FORGET_DONE:
functions::setMessage(1);
header("Location: ".explode("?", $_SERVER['REQUEST_URI'])[0]);
break;
case lmStates::LOGOUT_DONE:
functions::setMessage(2);
header("Location: ".explode("?", $_SERVER['REQUEST_URI'])[0]);
break;
}
return;
}
}
class password implements lmPassword{
public function verifyPassword($cleartext, $database){
global $crypto;
if($database==""){
return false;
}
if($cleartext==\Defuse\Crypto\Crypto::decrypt($database, $crypto)){
return true;
}
else{
return false;
}
}
}
class twoFactor implements lmTwoFactor{
public function secondFactor($uid){
global $config, $db;
$sql=$db->prepare("SELECT accesslevel, except_login FROM users WHERE id=:id");
$sql->execute(array(":id"=>$uid));
$res=$sql->fetch(PDO::FETCH_ASSOC);
if(($config['allowlogin']=="1" || $res['accesslevel']>0 || $res['except_login']==1) && $res['except_login']!=2){
return true;
}
else{
functions::setError(4);
header("Location: ./");
die();
return false;
}
}
}
//build the class
$lm=new loginManager(new lmConfig($db, $config['login']['session_lifetime'], $config['login']['captcha_enable'], $config['login']['captcha_after'], $config['login']['captcha_sitekey'], $config['login']['captcha_secretkey'], $config['login']['ban_enable'], $config['login']['ban_after'], $config['login']['ban_time'], $config['login']['look'], $config['login']['remember_enable'], $config['login']['remember_time'], lmStates::AUTH_ID), new handler(), new password(), new twoFactor());
/*
* init LM
*/
$lm->init();