From 3b38696c0ae126301f2a8c359bf5ed23df91439c Mon Sep 17 00:00:00 2001 From: flashwave Date: Sat, 18 Apr 2015 11:35:16 +0000 Subject: [PATCH] Sock Chat auth file --- _developer_data/Sakura.php | 83 +++++++++++++++++-- _sakura/sakura.php | 5 +- _sakura/templates/yuuno/global/header.tpl | 12 +-- _sakura/templates/yuuno/main/index.tpl | 19 ++++- .../yuuno/main/legacypasswordchange.tpl | 29 +++++++ content/.htaccess | 78 ++++++++--------- content/data/yuuno/css/yuuno.css | 20 +++-- content/index.php | 2 - main/authenticate.php | 9 ++ 9 files changed, 195 insertions(+), 62 deletions(-) create mode 100644 _sakura/templates/yuuno/main/legacypasswordchange.tpl delete mode 100644 content/index.php diff --git a/_developer_data/Sakura.php b/_developer_data/Sakura.php index e0f8869..4b2d411 100644 --- a/_developer_data/Sakura.php +++ b/_developer_data/Sakura.php @@ -13,14 +13,16 @@ $sockSakuraPath = ''; // Filesystem path to the _sakura folder WITHOUT an ending require_once $sockSakuraPath .'/sakura.php'; use sockchat\Auth; +use Sakura\Session; +use Sakura\Users; if(Auth::getPageType() == AUTH_FETCH) { // Check if user is logged into the Sakura backend if not deny - if(/* Login check */) { + if(Users::checkLogin()) { // If so append the required arguments and accept - Auth::AppendArguments([/* User ID */, /* Session ID */]); + Auth::AppendArguments([Session::$userId, Session::$sessionId]); Auth::Accept(); } else @@ -28,15 +30,84 @@ if(Auth::getPageType() == AUTH_FETCH) { } else { + // Get arguments + $uid = $_GET['arg1']; + $sid = $_GET['arg2']; + // Check if session is active else deny - if(/* Check if session is active */) { + if(Session::checkSession($uid, $sid)) { + + // Get user and rank data + $user = Users::getUser($uid); + $rank = Users::getRank($user['rank_main']); + + // Deny group and user id 0 + if($user['id'] == 0 || $rank['id'] == 0) { + + Auth::Deny(); + Auth::Serve(); + exit; + + } Auth::SetUserData( - /* User ID */, - /* Username */, - /* User colour */ + $user['id'], + $user['username'], + $rank['colour'] ); + switch($rank['id']) { + + default: // Fallback + case 2: // Regular User + Auth::SetCommonPermissions( + 0, + USER_NORMAL, + LOGS_DISABLED, + NICK_DISABLED, + CHANNEL_CREATE_DISABLED + ); + break; + + case 6: // Bot + case 8: // Tenshi + case 9: // Alumni + Auth::SetCommonPermissions( + 1, + USER_NORMAL, + LOGS_ENABLED, + NICK_ENABLED, + CHANNEL_CREATE_TEMP + ); + break; + + case 3: // Site Moderator + case 5: // Developer + case 6: // Chat Moderator + Auth::SetCommonPermissions( + ($rank['id'] == 2 ? 3 : 2), // Site moderators are 3, rest is 2 + USER_MODERATOR, + LOGS_ENABLED, + NICK_ENABLED, + CHANNEL_CREATE_TEMP + ); + break; + + case 4: // Administrator + Auth::SetCommonPermissions( + 4, + USER_MODERATOR, + LOGS_ENABLED, + NICK_ENABLED, + CHANNEL_CREATE_PERM + ); + break; + + + } + + Auth::Accept(); + } else Auth::Deny(); diff --git a/_sakura/sakura.php b/_sakura/sakura.php index 70ba4ae..993e8ec 100644 --- a/_sakura/sakura.php +++ b/_sakura/sakura.php @@ -63,6 +63,9 @@ $renderData = array( 'time' => \time() ], 'user' => [ - 'checklogin' => Users::checkLogin() + 'checklogin' => Users::checkLogin(), + 'session' => Session::$sessionId, + 'data' => ($_init_udata = Users::getUser(Session::$userId)), + 'rank' => Users::getRank($_init_udata['rank_main']) ] ); diff --git a/_sakura/templates/yuuno/global/header.tpl b/_sakura/templates/yuuno/global/header.tpl index 064d67d..86105aa 100644 --- a/_sakura/templates/yuuno/global/header.tpl +++ b/_sakura/templates/yuuno/global/header.tpl @@ -50,16 +50,18 @@
diff --git a/_sakura/templates/yuuno/main/index.tpl b/_sakura/templates/yuuno/main/index.tpl index 4cec37e..1856c73 100644 --- a/_sakura/templates/yuuno/main/index.tpl +++ b/_sakura/templates/yuuno/main/index.tpl @@ -1,10 +1,21 @@ {% include 'global/header.tpl' %}
-
Welcome!
- Welcome to Flashii! This is a site for a bunch of friends to hang out, nothing special. Anyone is pretty much welcome to register so why not have a go? - Register! - Login + {% if user.checklogin %} +
Hi, {{ user.data.username }}!
+ + +
+ {% else %} +
Welcome!
+ Welcome to Flashii! This is a site for a bunch of friends to hang out, nothing special. Anyone is pretty much welcome to register so why not have a go? + Register! + Login + {% endif %}
Stats
We have {{ stats.userCount }}, {{ stats.newestUser.username }} is the newest user, diff --git a/_sakura/templates/yuuno/main/legacypasswordchange.tpl b/_sakura/templates/yuuno/main/legacypasswordchange.tpl new file mode 100644 index 0000000..dd9b0ef --- /dev/null +++ b/_sakura/templates/yuuno/main/legacypasswordchange.tpl @@ -0,0 +1,29 @@ +{% include 'global/header.tpl' %} +
+
Changing Password
+
+ Because of a change in the way Flashii handles authentication you are required to change your password. +
+
+ + + + +
+

Old Password

+
+
+
+

New Password

+
+
+
+

Verify Password

+
+
+
+ +
+
+
+{% include 'global/footer.tpl' %} diff --git a/content/.htaccess b/content/.htaccess index 1d5e274..6dd4ca5 100644 --- a/content/.htaccess +++ b/content/.htaccess @@ -1,39 +1,39 @@ -AddType application/vnd.ms-fontobject .eot -AddType font/ttf .ttf -AddType font/otf .otf -AddType font/woff .woff - - - - Header set Access-Control-Allow-Origin "*" - - - - - Header set Cache-Control "max-age=0, must-revalidate" - - -Options -Indexes - -RewriteEngine On - -# -#RewriteCond %{HTTP_REFERER} !^$ -#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC] -#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC] -#RewriteRule .*\.(jpe?g|gif|bmp|png|swf)$ http://i.imgur.com/Bv0MKtu.gif [L] -# -#RewriteCond %{HTTP_REFERER} !^$ -#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC] -#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC] -#RewriteRule .*\.(wav|mp3)$ http://chat.flashii.net/sandstorm.mp3 [L] -# -#RewriteCond %{HTTP_REFERER} !^$ -#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC] -#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC] -#RewriteRule .*\.(ogg)$ http://chat.flashii.net/sandstorm.ogg [L] -# - -ErrorDocument 403 /index.php -ErrorDocument 404 /index.php -ErrorDocument 500 /index.php +AddType application/vnd.ms-fontobject .eot +AddType font/ttf .ttf +AddType font/otf .otf +AddType font/woff .woff + + + + Header set Access-Control-Allow-Origin "*" + + + + + Header set Cache-Control "max-age=0, must-revalidate" + + +Options -Indexes + +RewriteEngine On + +# +#RewriteCond %{HTTP_REFERER} !^$ +#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC] +#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC] +#RewriteRule .*\.(jpe?g|gif|bmp|png|swf)$ http://i.imgur.com/Bv0MKtu.gif [L] +# +#RewriteCond %{HTTP_REFERER} !^$ +#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC] +#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC] +#RewriteRule .*\.(wav|mp3)$ http://chat.flashii.net/sandstorm.mp3 [L] +# +#RewriteCond %{HTTP_REFERER} !^$ +#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC] +#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC] +#RewriteRule .*\.(ogg)$ http://chat.flashii.net/sandstorm.ogg [L] +# + +ErrorDocument 403 "403" +ErrorDocument 404 "404" +ErrorDocument 500 "500" diff --git a/content/data/yuuno/css/yuuno.css b/content/data/yuuno/css/yuuno.css index 332e298..565ad9e 100644 --- a/content/data/yuuno/css/yuuno.css +++ b/content/data/yuuno/css/yuuno.css @@ -1042,7 +1042,9 @@ h1.stylised { } /* Input buttons styling */ -input[type="submit"].inputStyling, input[type="button"].inputStyling { +input[type="submit"].inputStyling, +input[type="button"].inputStyling, +input[type="reset"].inputStyling { padding: 3px 10px; cursor: pointer; border: 0; @@ -1056,23 +1058,31 @@ input[type="submit"].inputStyling, input[type="button"].inputStyling { font-size: 22px; min-width: 120px; } -input[type="submit"].inputStyling.small, input[type="button"].inputStyling.small { +input[type="submit"].inputStyling.small, +input[type="button"].inputStyling.small, +input[type="reset"].inputStyling.small { padding: 0 4px 1px; margin: -2px 0 0; font-size: 16px; border-radius: 0; min-width: 80px !important; } -input[type="submit"].inputStyling:hover, input[type="button"].inputStyling:hover { +input[type="submit"].inputStyling:hover, +input[type="button"].inputStyling:hover, +input[type="reset"].inputStyling:hover { box-shadow: inset #222 0 0 3px; text-shadow: #F1F1F1 0 0 5px; } -input[type="submit"].inputStyling:active, input[type="button"].inputStyling:active { +input[type="submit"].inputStyling:active, +input[type="button"].inputStyling:active, +input[type="reset"].inputStyling:active { box-shadow: inset #222 0 0 5px; text-shadow: #F1F1F1 0 0 3px; transition: text-shadow .2s, box-shadow .2s; } -input[type="text"].inputStyling, input[type="password"].inputStyling , input[type="date"].inputStyling { +input[type="text"].inputStyling, +input[type="password"].inputStyling , +input[type="date"].inputStyling { padding: 3px 4px; border: 1px solid #CCC; box-shadow: inset #DDD 0 0 5px; diff --git a/content/index.php b/content/index.php deleted file mode 100644 index a06a0d2..0000000 --- a/content/index.php +++ /dev/null @@ -1,2 +0,0 @@ -