WebSVN – personal-webbase – Blame – /trunk/modules/net2ftp/includes/system_session_handler.inc.php

Rev	Author	Line No.	Line
1	daniel-mar	1	<?php
		2
		3	if (!defined('WBLEGAL')) die('Kann nicht ohne Personal WebBase ausgeführt werden.');
		4
		5	// Personal WebBase-Spezifischer Session-Abschnitt
		6
		7	// http://de3.php.net/md5: Alexander Valyalkin
		8
		9	function get_rnd_iv($iv_len)
		10	{
		11	$iv = '';
		12	while ($iv_len-- > 0) {
		13	$iv .= chr(mt_rand() & 0xff);
		14	}
		15	return $iv;
		16	}
		17
		18	function wb_encrypt($plain_text, $password, $iv_len = 16)
		19	{
		20	$plain_text .= "\x13";
		21	$n = strlen($plain_text);
		22	if ($n % 16) $plain_text .= str_repeat("\0", 16 - ($n % 16));
		23	$i = 0;
		24	$enc_text = get_rnd_iv($iv_len);
		25	$iv = substr($password ^ $enc_text, 0, 512);
		26	while ($i < $n) {
		27	$block = substr($plain_text, $i, 16) ^ pack('H*', md5($iv));
		28	$enc_text .= $block;
		29	$iv = substr($block . $iv, 0, 512) ^ $password;
		30	$i += 16;
		31	}
		32	return base64_encode($enc_text);
		33	}
		34
		35	function wb_decrypt($enc_text, $password, $iv_len = 16)
		36	{
		37	$enc_text = base64_decode($enc_text);
		38	$n = strlen($enc_text);
		39	$i = $iv_len;
		40	$plain_text = '';
		41	$iv = substr($password ^ substr($enc_text, 0, $iv_len), 0, 512);
		42	while ($i < $n) {
		43	$block = substr($enc_text, $i, 16);
		44	$plain_text .= $block ^ pack('H*', md5($iv));
		45	$iv = substr($block . $iv, 0, 512) ^ $password;
		46	$i += 16;
		47	}
		48	return preg_replace('/\\x13\\x00*$/', '', $plain_text);
		49	}
		50
		51	global $WBConfig;
		52
		53	if ($WBConfig->getLockFlag())
		54	{
		55	die('<h1>Personal WebBase ist gesperrt</h1>Die Variable "$lock" in "includes/config.inc.php" steht auf 1 bzw. true. Setzen Sie diese Variable erst auf 0, wenn das Hochladen der Dateien beim Installations- bzw. Updateprozess beendet ist. Wenn Sie Personal WebBase freigeben, bevor der Upload abgeschlossen ist, kann es zu einer Beschädigung der Kundendatenbank kommen!');
		56	}
		57
		58	//@ini_set('session.auto_start', 0);
		59	@ini_set('session.cache_expire', 180);
		60	@ini_set('session.use_trans_sid', 0);
		61	@ini_set('session.use_cookies', 1);
		62	@ini_set('session.use_only_cookies', 1);
		63	@ini_set('session.cookie_secure', $WBConfig->getForceSSLFlag());
		64	@ini_set('session.cookie_lifetime', 0);
		65	@ini_set('session.gc_maxlifetime', 1440);
		66	@ini_set('session.bug_compat_42', 0);
		67	@ini_set('session.bug_compat_warn', 1);
		68	if (version_compare(PHP_VERSION, '5.0.0', 'ge') && substr(PHP_OS, 0, 3) != 'WIN')
		69	{
		70	@ini_set('session.hash_function', 1);
		71	@ini_set('session.hash_bits_per_character', 6);
		72	}
		73	@ini_set('session.save_handler', 'user');
		74	// @ini_set('session.save_path', '../../../includes/session/');
		75	// @ini_set('arg_separator.output', '&');
		76	// @ini_set('url_rewriter.tags', 'a=href,area=href,frame=src,input=src,fieldset=');
		77
		78	$wb_session_name = 'webbase';
		79
		80	@session_unset();
		81	@session_destroy();
		82
		83	// wb_newdatabasetable('sessions', $m2, 'session_id', "varchar(255) NOT NULL",
		84	// 'last_updated', "datetime NOT NULL",
		85	// 'data_value', "text");
		86
		87	function sessao_open($aSavaPath, $aSessionName)
		88	{
		89	sessao_gc( ini_get('session.gc_maxlifetime') );
		90	return True;
		91	}
		92
		93	function sessao_close()
		94	{
		95	return True;
		96	}
		97
		98	function sessao_read( $aKey )
		99	{
		100	global $WBConfig;
		101
		102	$wb_conn = @mysql_connect($WBConfig->getMySQLServer(), $WBConfig->getMySQLUsername(), $WBConfig->getMySQLPassword());
		103	$wb_selc = @mysql_select_db($WBConfig->getMySQLDatabase(), $wb_conn);
		104
		105	$busca = mysql_query("SELECT `data_value` FROM `".$WBConfig->getMySQLPrefix()."sessions` WHERE `session_id` = '".mysql_real_escape_string($aKey)."'");
		106	if (mysql_num_rows($busca) == 0)
		107	{
		108	mysql_query("INSERT INTO `".$WBConfig->getMySQLPrefix()."sessions` (`session_id`, `last_updated`, `data_value`) VALUES ('".mysql_real_escape_string($aKey)."', NOW(), '')");
		109
		110	@mysql_close($wb_conn);
		111
		112	return '';
		113	}
		114	else
		115	{
		116	$r = mysql_fetch_array($busca);
		117
		118	@mysql_close($wb_conn);
		119
		120	return wb_decrypt($r['data_value'], $WBConfig->getMySQLUsername().':'.$WBConfig->getMySQLPassword());
		121	}
		122	}
		123
		124	function sessao_write( $aKey, $aVal )
		125	{
		126	global $WBConfig;
		127
		128	$wb_conn = @mysql_connect($WBConfig->getMySQLServer(), $WBConfig->getMySQLUsername(), $WBConfig->getMySQLPassword());
		129	$wb_selc = @mysql_select_db($WBConfig->getMySQLDatabase(), $wb_conn);
		130
		131	mysql_query("UPDATE `".$WBConfig->getMySQLPrefix()."sessions` SET `data_value` = '".wb_encrypt($aVal, $WBConfig->getMySQLUsername().':'.$WBConfig->getMySQLPassword())."', `last_updated` = NOW() WHERE `session_id` = '".mysql_real_escape_string($aKey)."'");
		132
		133	@mysql_close($wb_conn);
		134
		135	return True;
		136	}
		137
		138	function sessao_destroy( $aKey )
		139	{
		140	global $WBConfig;
		141
		142	$wb_conn = @mysql_connect($WBConfig->getMySQLServer(), $WBConfig->getMySQLUsername(), $WBConfig->getMySQLPassword());
		143	$wb_selc = @mysql_select_db($WBConfig->getMySQLDatabase(), $wb_conn);
		144
		145	mysql_query("DELETE FROM `".$WBConfig->getMySQLPrefix()."sessions` WHERE `session_id` = '".mysql_real_escape_string($aKey)."'");
		146	if (mysql_affected_rows() > 0)
		147	mysql_query("OPTIMIZE TABLE `".$WBConfig->getMySQLPrefix()."sessions`");
		148
		149	@mysql_close($wb_conn);
		150
		151	return True;
		152	}
		153
		154	function sessao_gc( $aMaxLifeTime )
		155	{
		156	global $WBConfig;
		157
		158	$wb_conn = @mysql_connect($WBConfig->getMySQLServer(), $WBConfig->getMySQLUsername(), $WBConfig->getMySQLPassword());
		159	$wb_selc = @mysql_select_db($WBConfig->getMySQLDatabase(), $wb_conn);
		160
		161	mysql_query("DELETE FROM `".$WBConfig->getMySQLPrefix()."sessions` WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`last_updated`) > ".mysql_real_escape_string($aMaxLifeTime));
		162	if (mysql_affected_rows() > 0)
		163	mysql_query("OPTIMIZE TABLE `".$WBConfig->getMySQLPrefix()."sessions`");
		164
		165	@mysql_close($wb_conn);
		166
		167	return True;
		168	}
		169
		170	@session_set_save_handler("sessao_open", "sessao_close", "sessao_read", "sessao_write", "sessao_destroy", "sessao_gc");
		171
		172	if (isset($_COOKIE[$wb_session_name])) @session_id($_COOKIE[$wb_session_name]);
		173	@session_name($wb_session_name);
		174	@session_start();
		175
		176	if ((!isset($_SESSION['wb_user_type'])) \|\| ((isset($_SESSION['wb_user_type'])) && ($_SESSION['wb_user_type'] == '')))
		177	{
		178	die('<script language="JavaScript">
		179	<!--
		180	alert("Sie sind nicht mehr in Personal WebBase eingeloggt!");
		181	parent.window.close();
		182	// -->
		183	</script>');
		184
		185	}
		186
		187	if (version_compare(PHP_VERSION, '5.1.2', 'lt') && isset($_COOKIE[$session_name]) && eregi("\r\|\n", $_COOKIE[$session_name]))
		188	{
		189	die('Angriff');
		190	}
		191
		192	// http://lists.phpbar.de/pipermail/php/Week-of-Mon-20040322/007749.html
		193	// Entnommen von functions.inc.php
		194
		195	function fetchip()
		196	{
		197	$client_ip = (isset($_SERVER['HTTP_CLIENT_IP'])) ? $_SERVER['HTTP_CLIENT_IP'] : '';
		198	$x_forwarded_for = (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : '';
		199	$remote_addr = (isset($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : '';
		200
		201	if (!empty($client_ip))
		202	{
		203	$ip_expl = explode('.',$client_ip);
		204	$referer = explode('.',$remote_addr);
		205	if($referer[0] != $ip_expl[0])
		206	{
		207	$ip=array_reverse($ip_expl);
		208	$return=implode('.',$ip);
		209	}
		210	else
		211	{
		212	$return = $client_ip;
		213	}
		214	}
		215	else if (!empty($x_forwarded_for))
		216	{
		217	if(strstr($x_forwarded_for,','))
		218	{
		219	$ip_expl = explode(',',$x_forwarded_for);
		220	$return = end($ip_expl);
		221	}
		222	else
		223	{
		224	$return = $x_forwarded_for;
		225	}
		226	}
		227	else
		228	{
		229	$return = $remote_addr;
		230	}
		231	unset ($client_ip, $x_forwarded_for, $remote_addr, $ip_expl);
		232	return $return;
		233	}
		234
		235	$usedns = TRUE;
		236
		237	$useragent = $_SERVER['HTTP_USER_AGENT'];
		238	$host = fetchip();
		239
		240	if ($usedns) // <- war im Originalen $global['dns']... was soll das sein?!
		241	$dns = @gethostbyaddr($host);
		242	else
		243	$dns = $host;
		244
		245	if ((isset($_SESSION['session_secured'])) && ($_SESSION['session_secured']))
		246	{
		247	if (
		248	(($_SESSION['host'] != $host) && !$usedns)
		249	\|\| ($_SESSION['dns'] != $dns)
		250	\|\| ($_SESSION['useragent'] != $useragent)
		251	) {
		252	session_regenerate_id();
		253	session_unset();
		254	}
		255	} else {
		256	$_SESSION['host'] = $host;
		257	$_SESSION['dns'] = $dns;
		258	$_SESSION['useragent'] = $useragent;
		259	$_SESSION['session_secured'] = 1;
		260	}
		261
		262	// Ende Personal WebBase-Abschnitt
		263
		264	?>

Subversion Repositories personal-webbase

personal-webbase/trunk/modules/net2ftp/includes/system_session_handler.inc.php – Rev 1