TCExam文件代码注释分析(shard/code/tce_authorization.php)此版本为:12.0.012
TCExam 预先设定了用户有10个级别:
0 = anonymous user (unregistered).匿名、未注册者、游客
1 = basic user (registered);已注册会员
2-9 = configurable/custom levels;自定义级别
10 = administrator 管理员
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
|
<?php
/**
* 检查用户授权级别
* 这个脚本处理用户的会话
* TCExam 预先设定了用户有10个级别:
* 0 = anonymous user (unregistered).匿名、未注册者、游客
* 1 = basic user (registered);已注册会员
* 2-9 = configurable/custom levels;自定义级别
* 10 = administrator 管理员
*/
require_once
(
'../config/tce_config.php'
);
require_once
(
'../../shared/code/tce_functions_authorization.php'
);
require_once
(
'../../shared/code/tce_functions_session.php'
);
require_once
(
'../../shared/code/tce_functions_otp.php'
);
$logged
= false;
//用户没有登录
$PHPSESSIDSQL
= F_escape_sql(
$PHPSESSID
);
//对当前用户活动号(字符串)进行安全过滤
$session_hash
= getPasswordHash(
$PHPSESSID
.getClientFingerprint());
$sqls
=
'SELECT * FROM '
.K_TABLE_SESSIONS.
' WHERE cpsession_id=\''
.
$PHPSESSIDSQL
.
'\''
;
if
(
$rs
= F_db_query(
$sqls
,
$db
)){
if
(
$ms
= F_db_fetch_array(
$rs
)){
//如果当前活动用户session已存在
session_decode(
$ms
[
'cpsession_data'
]);
//session_decode()函数可将 Session 资料解码。成功则返回 true 值。解码会话数据
if
(K_CHECK_SESSION_FINGERPRINT AND ((!isset(
$_SESSION
[
'session_hash'
])) OR (
$_SESSION
[
'session_hash'
] !=
$session_hash
))){
session_regenerate_id();
//用于更改当前session_id的值,并保留session数组中的值。session_regenerate_id()有一个参数,默认为false。如果设置为true,则更变当前session_id的值,并清空当前session数组。
F_login_form();
//显示登录页面
exit
();
}
$expiry
=
date
(K_TIMESTAMP_FORMAT, (time() + K_SESSION_LIFE));
//修改当前活动用户session有效期时间
$sqlx
=
'UPDATE '
.K_TABLE_SESSIONS.
' SET cpsession_expiry=\''
.
$expiry
.
'\' WHERE cpsession_id=\''
.
$PHPSESSIDSQL
.
'\''
;
if
(!
$rx
= F_db_query(
$sqlx
,
$db
)) {
F_display_db_error();
}
}
else
{
//如果在数据库找到与$PHPSESSIDSQL一样的活动用户session,就新建一个匿名活动用户session
$_SESSION
[
'session_hash'
] =
$session_hash
;
$_SESSION
[
'session_user_id'
] = 1;
$_SESSION
[
'session_user_name'
] =
'- ['
.
substr
(
$PHPSESSID
, 12, 8).
']'
;
$_SESSION
[
'session_user_ip'
] = getNormalizedIP(
$_SERVER
[
'REMOTE_ADDR'
]);
$_SESSION
[
'session_user_level'
] = 0;
$_SESSION
[
'session_user_firstname'
] =
''
;
$_SESSION
[
'session_user_lastname'
] =
''
;
$_SESSION
[
'session_test_login'
] =
''
;
// read client cookie
if
(isset(
$_COOKIE
[
'LastVisit'
])) {
$_SESSION
[
'session_last_visit'
] =
intval
(
$_COOKIE
[
'LastVisit'
]);
}
else
{
$_SESSION
[
'session_last_visit'
] = 0;
}
// set client cookie 设置用户客户端cookie
$cookie_now_time
= time();
// note: while time() function returns a 32 bit integer, it works fine until year 2038.
$cookie_expire_time
=
$cookie_now_time
+ K_COOKIE_EXPIRE;
//cookie有效期
setcookie(
'LastVisit'
,
$cookie_now_time
,
$cookie_expire_time
, K_COOKIE_PATH, K_COOKIE_DOMAIN, K_COOKIE_SECURE);
setcookie(
'PHPSESSID'
,
$PHPSESSID
,
$cookie_expire_time
, K_COOKIE_PATH, K_COOKIE_DOMAIN, K_COOKIE_SECURE);
if
(isset(
$_REQUEST
[
'logout'
])) {
//用户注销退出时
$_SESSION
[
'logout'
] = true;
if
(
strlen
(K_LOGOUT_URL) > 0) {
$htmlredir
=
'<'
.
'?xml version="1.0" encoding="'
.
$l
[
'a_meta_charset'
].
'"?'
.
'>'
.K_NEWLINE;
$htmlredir
.=
'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">'
.K_NEWLINE;
$htmlredir
.=
'<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'
.
$l
[
'a_meta_language'
].
'" lang="'
.
$l
[
'a_meta_language'
].
'" dir="'
.
$l
[
'a_meta_dir'
].
'">'
.K_NEWLINE;
$htmlredir
.=
'<head>'
.K_NEWLINE;
$htmlredir
.=
'<title>LOGOUT</title>'
.K_NEWLINE;
$htmlredir
.=
'<meta http-equiv="refresh" content="0;url='
.K_LOGOUT_URL.
'" />'
.K_NEWLINE;
$htmlredir
.=
'</head>'
.K_NEWLINE;
$htmlredir
.=
'<body>'
.K_NEWLINE;
$htmlredir
.=
'<a href="'
.K_LOGOUT_URL.
'">LOGOUT...</a>'
.K_NEWLINE;
$htmlredir
.=
'</body>'
.K_NEWLINE;
$htmlredir
.=
'</html>'
.K_NEWLINE;
header(
'Location: '
.K_LOGOUT_URL);
echo
$htmlredir
;
exit
;
}
}
}
}
else
{
F_display_db_error();
}
// 用户登录
require_once
(
'../../shared/code/tce_altauth.php'
);
$altusr
= F_altLogin();
//直接输入账号密码 进入:5) RADIUS里面==>如果用户提交的账号密码正确,返回此用户信息,数组形式。
if
(isset(
$_POST
[
'logaction'
]) AND (
$_POST
[
'logaction'
] ==
'login'
) AND isset(
$_POST
[
'xuser_name'
]) AND isset(
$_POST
[
'xuser_password'
])) {
//如果登录框已点击提交
// check login attempt from the current client device to avoid brute force attack
$bruteforce
= true;
$fingerprintkey
= md5(getClientFingerprint());
$sqlt
=
'SELECT * FROM '
.K_TABLE_SESSIONS.
' WHERE cpsession_id=\''
.
$fingerprintkey
.
'\' LIMIT 1'
;
if
(
$rt
= F_db_query(
$sqlt
,
$db
)){
if
(
$mt
= F_db_fetch_array(
$rt
)) {
if
(
strtotime
(
$mt
[
'cpsession_expiry'
]) < time()) {
//检查用户活动session有效期
$bruteforce
= false;
}
$wait
=
intval
(
$mt
[
'cpsession_data'
]);
if
(
$wait
< K_SECONDS_IN_HOUR) {
$wait
*= K_BRUTE_FORCE_DELAY_RATIO;
}
$sqlup
=
'UPDATE '
.K_TABLE_SESSIONS.' SET
cpsession_expiry=\
''
.
date
(K_TIMESTAMP_FORMAT, (time() +
$wait
)).'\',
cpsession_data=\
''
.
$wait
.'\'
WHERE cpsession_id=\
''
.
$fingerprintkey
.
'\''
;
if
(!F_db_query(
$sqlup
,
$db
)) {
F_display_db_error();
}
}
else
{
$wait
= 1;
//要等待的秒数
$sqls
=
'INSERT INTO '
.K_TABLE_SESSIONS.' (
cpsession_id,
cpsession_expiry,
cpsession_data
) VALUES (
\
''
.
$fingerprintkey
.'\',
\
''
.
date
(K_TIMESTAMP_FORMAT, (time() +
$wait
)).'\',
\
''
.
$wait
.'\'
)';
if
(!F_db_query(
$sqls
,
$db
)) {
F_display_db_error();
}
$bruteforce
= false;
}
}
if
(
$bruteforce
) {
F_print_error(
'WARNING'
,
$l
[
'm_login_brute_force'
].
' '
.
$wait
);
}
else
{
$xuser_password
= getPasswordHash(
$_POST
[
'xuser_password'
]);
//对用户输入密码进行编码
$otp
= false;
if
(K_OTP_LOGIN){
//如果这里K_OTP_LOGIN设置为true,就表示需要用密码进行一次登录验证
$mtime
= microtime(true);
if
((isset(
$_POST
[
'xuser_otpcode'
])) AND !
empty
(
$_POST
[
'xuser_otpcode'
])
AND ((
$_POST
[
'xuser_otpcode'
] == F_getOTP(
$m
[
'user_otpkey'
],
$mtime
))
OR (
$_POST
[
'xuser_otpcode'
] == F_getOTP(
$m
[
'user_otpkey'
], (
$mtime
- 30)))
OR (
$_POST
[
'xuser_otpcode'
] == F_getOTP(
$m
[
'user_otpkey'
], (
$mtime
+ 30))))) {
// check if this OTP token has been alredy used
$sqlt
=
'SELECT cpsession_id FROM '
.K_TABLE_SESSIONS.
' WHERE cpsession_id=\''
.
$_POST
[
'xuser_otpcode'
].
'\' LIMIT 1'
;
if
(
$rt
= F_db_query(
$sqlt
,
$db
)) {
if
(!F_db_fetch_array(
$rt
)) {
// Store this token on the session table to mark it as invalid for 5 minute (300 seconds)
$sqltu
=
'INSERT INTO '
.K_TABLE_SESSIONS.' (
cpsession_id,
cpsession_expiry,
cpsession_data
) VALUES (
\
''
.
$_POST
[
'xuser_otpcode'
].'\',
\
''
.
date
(K_TIMESTAMP_FORMAT, (time() + 300)).'\',
\'300\'
)';
if
(!F_db_query(
$sqltu
,
$db
)) {
F_display_db_error();
}
$otp
= true;
}
}
}
}
if
(!K_OTP_LOGIN OR
$otp
){
//验证提交数据是否正确
$sql
=
'SELECT * FROM '
.K_TABLE_USERS.
' WHERE user_name=\''
.F_escape_sql(
$_POST
[
'xuser_name'
]).
'\' AND user_password=\''
.
$xuser_password
.
'\''
;
if
(
$r
= F_db_query(
$sql
,
$db
)){
if
(
$m
= F_db_fetch_array(
$r
)) {
//输入正确
$_SESSION
[
'session_user_id'
] =
$m
[
'user_id'
];
$_SESSION
[
'session_user_name'
] =
$m
[
'user_name'
];
$_SESSION
[
'session_user_ip'
] = getNormalizedIP(
$_SERVER
[
'REMOTE_ADDR'
]);
$_SESSION
[
'session_user_level'
] =
$m
[
'user_level'
];
$_SESSION
[
'session_user_firstname'
] = urlencode(
$m
[
'user_firstname'
]);
$_SESSION
[
'session_user_lastname'
] = urlencode(
$m
[
'user_lastname'
]);
$_SESSION
[
'session_test_login'
] =
''
;
if
(isset(
$_COOKIE
[
'LastVisit'
])) {
$_SESSION
[
'session_last_visit'
] =
intval
(
$_COOKIE
[
'LastVisit'
]);
}
else
{
$_SESSION
[
'session_last_visit'
] = 0;
}
$logged
= true;
if
(K_USER_GROUP_RSYNC AND (
$altusr
!== false)){
F_syncUserGroups(
$_SESSION
[
'session_user_id'
],
$altusr
[
'usrgrp_group_id'
]);
//同步用户的用户组
}
}
elseif
(!F_check_unique(K_TABLE_USERS,
'user_name=\''
.F_escape_sql(
$_POST
[
'xuser_name'
]).
'\''
)){
//用户名存在但密码错误
if
(
$altusr
!== false){
//这里已经验证返回正确的,但是密码不一样,那就同步更新下密码
$sqlu
=
'UPDATE '
.K_TABLE_USERS.' SET
user_password=\
''
.
$xuser_password
.'\'
WHERE user_name=\
''
.F_escape_sql(
$_POST
[
'xuser_name'
]).
'\''
;
if
(!
$ru
= F_db_query(
$sqlu
,
$db
)){
F_display_db_error();
}
$sqld
=
'SELECT * FROM '
.K_TABLE_USERS.
' WHERE user_name=\''
.F_escape_sql(
$_POST
[
'xuser_name'
]).
'\' AND user_password=\''
.
$xuser_password
.
'\''
;
if
(
$rd
= F_db_query(
$sqld
,
$db
)) {
//重新获取用户信息,并设置session
if
(
$md
= F_db_fetch_array(
$rd
)) {
$_SESSION
[
'session_user_id'
] =
$md
[
'user_id'
];
$_SESSION
[
'session_user_name'
] =
$md
[
'user_name'
];
$_SESSION
[
'session_user_ip'
] = getNormalizedIP(
$_SERVER
[
'REMOTE_ADDR'
]);
$_SESSION
[
'session_user_level'
] =
$md
[
'user_level'
];
$_SESSION
[
'session_user_firstname'
] = urlencode(
$md
[
'user_firstname'
]);
$_SESSION
[
'session_user_lastname'
] = urlencode(
$md
[
'user_lastname'
]);
$_SESSION
[
'session_last_visit'
] = 0;
$_SESSION
[
'session_test_login'
] =
''
;
$logged
= true;
if
(K_USER_GROUP_RSYNC){
F_syncUserGroups(
$_SESSION
[
'session_user_id'
],
$altusr
[
'usrgrp_group_id'
]);
}
}
}
else
{
F_display_db_error();
}
}
else
{
F_print_error(
'WARNING'
,
$l
[
'm_login_wrong'
]);
//提交数据有误,登录验证失败
}
}
else
{
// this user do not exist on TCExam database
if
(
$altusr
!== false) {
// replicate external user account on TCExam local database
$sql
=
'INSERT INTO '
.K_TABLE_USERS.' (
user_regdate,
user_ip,
user_name,
user_email,
user_password,
user_regnumber,
user_firstname,
user_lastname,
user_birthdate,
user_birthplace,
user_ssn,
user_level
) VALUES (
\
''
.F_escape_sql(
date
(K_TIMESTAMP_FORMAT)).'\',
\
''
.F_escape_sql(getNormalizedIP(
$_SERVER
[
'REMOTE_ADDR'
])).'\',
\
''
.F_escape_sql(
$_POST
[
'xuser_name'
]).'\',
'.F_empty_to_null($altusr['
user_email
']).'
,
\
''
.getPasswordHash(
$_POST
[
'xuser_password'
]).'\',
'.F_empty_to_null($altusr['
user_regnumber
']).'
,
'.F_empty_to_null($altusr['
user_firstname
']).'
,
'.F_empty_to_null($altusr['
user_lastname
']).'
,
'.F_empty_to_null($altusr['
user_birthdate
']).'
,
'.F_empty_to_null($altusr['
user_birthplace
']).'
,
'.F_empty_to_null($altusr['
user_ssn
']).'
,
\
''
.
intval
(
$altusr
[
'user_level'
]).'\'
)';
if
(!
$r
= F_db_query(
$sql
,
$db
)) {
F_display_db_error();
}
else
{
$user_id
= F_db_insert_id(
$db
, K_TABLE_USERS,
'user_id'
);
// sets some user's session data
$_SESSION
[
'session_user_id'
] =
$user_id
;
$_SESSION
[
'session_user_name'
] = F_escape_sql(
$_POST
[
'xuser_name'
]);
$_SESSION
[
'session_user_ip'
] = getNormalizedIP(
$_SERVER
[
'REMOTE_ADDR'
]);
$_SESSION
[
'session_user_level'
] =
intval
(
$altusr
[
'user_level'
]);
$_SESSION
[
'session_user_firstname'
] = urlencode(
$altusr
[
'user_firstname'
]);
$_SESSION
[
'session_user_lastname'
] = urlencode(
$altusr
[
'user_lastname'
]);
$_SESSION
[
'session_last_visit'
] = 0;
$_SESSION
[
'session_test_login'
] =
''
;
$logged
= true;
// sync user groups
F_syncUserGroups(
$_SESSION
[
'session_user_id'
],
$altusr
[
'usrgrp_group_id'
]);
}
}
else
{
$login_error
= true;
}
}
}
else
{
F_display_db_error();
//验证提交数据错误
}
}
else
{
$login_error
= true;
}
}
}
if
(!isset(
$pagelevel
)){
$pagelevel
= 0;
//设置首页的默认级别
}
if
(
$pagelevel
) {
if
(
$_SESSION
[
'session_user_level'
] <
$pagelevel
){
//检查用户级别
F_login_form();
//【【【【【【【【【【【【【显示登录页面】】】】】】】】】】】】首先进入这里显示
}
}
if
(
$logged
){
//如果用户只是登录,重新加载页面
$htmlredir
=
'<'
.
'?xml version="1.0" encoding="'
.
$l
[
'a_meta_charset'
].
'"?'
.
'>'
.K_NEWLINE;
$htmlredir
.=
'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">'
.K_NEWLINE;
$htmlredir
.=
'<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'
.
$l
[
'a_meta_language'
].
'" lang="'
.
$l
[
'a_meta_language'
].
'" dir="'
.
$l
[
'a_meta_dir'
].
'">'
.K_NEWLINE;
$htmlredir
.=
'<head>'
.K_NEWLINE;
$htmlredir
.=
'<title>ENTER</title>'
.K_NEWLINE;
$htmlredir
.=
'<meta http-equiv="refresh" content="0" />'
.K_NEWLINE;
//reload page
$htmlredir
.=
'</head>'
.K_NEWLINE;
$htmlredir
.=
'<body>'
.K_NEWLINE;
$htmlredir
.=
'<a href="'
.
$_SERVER
[
'SCRIPT_NAME'
].
'">ENTER</a>'
.K_NEWLINE;
$htmlredir
.=
'</body>'
.K_NEWLINE;
$htmlredir
.=
'</html>'
.K_NEWLINE;
switch
(K_REDIRECT_LOGIN_MODE) {
case
1: {
// relative redirect
header(
'Location: '
.
$_SERVER
[
'SCRIPT_NAME'
]);
break
;
}
case
2: {
// absolute redirect
header(
'Location: '
.K_PATH_HOST.
$_SERVER
[
'SCRIPT_NAME'
]);
break
;
}
case
3: {
// html redirect
echo
$htmlredir
;
break
;
}
case
4:
default
: {
// full redirect
header(
'Location: '
.K_PATH_HOST.
$_SERVER
[
'SCRIPT_NAME'
]);
echo
$htmlredir
;
break
;
}
}
exit
;
}
if
(isset(
$_POST
[
'testpswaction'
]) AND (
$_POST
[
'testpswaction'
] ==
'login'
) AND isset(
$_POST
[
'xtest_password'
]) AND isset(
$_POST
[
'testid'
])) {
require_once
(
'../../shared/code/tce_functions_test.php'
);
$tph
= F_getTestPassword(
$_POST
[
'testid'
]);
if
(getPasswordHash(
$_POST
[
'xtest_password'
]) ==
$tph
) {
// test password is correct, save status on a session variable
$_SESSION
[
'session_test_login'
] = getPasswordHash(
$tph
.
$_POST
[
'testid'
].
$_SESSION
[
'session_user_id'
].
$_SESSION
[
'session_user_ip'
]);
}
else
{
F_print_error(
'WARNING'
,
$l
[
'm_wrong_test_password'
]);
}
}
|
本文转自许琴 51CTO博客,原文链接:http://blog.51cto.com/xuqin/1205721,如需转载请自行联系原作者
