summaryrefslogtreecommitdiffstats
path: root/web/lib/acctfuncs.inc.php
AgeCommit message (Collapse)AuthorFilesLines
2014-12-27Add support for adding SSH public keys to profilesLukas Fleischer1-7/+71
Users can now add an SSH public key on the account edit page. This will later be used to authenticate users via SSH. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-13Avoid double slashes in notification email bodyLukas Fleischer1-1/+1
Refactor some of the URI generation code to avoid double slashes in absolute URIs. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-11-21Remove duplicate slash in the password reset URLLukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-24Use an INI-style configuration fileLukas Fleischer1-35/+31
Replace web/lib/config.inc.php with an INI-style configuration file. This allows us to get rid of several globals and makes it easier to use the same configuration file in external scripts. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-10Use proper email address in send_resetkey()Lukas Fleischer1-1/+1
Fixes FS#41860. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-06Add PCRE_DOLLAR_ENDONLY to preg_match()Lukas Fleischer1-1/+1
When using preg_match() to check for a match that starts at the beginning of the string and ends at the last character of the string, we do not want to allow an additional newline character to sneak in. Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY modifier prevents users from registering with user names that end with a newline character. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-02Count users in "Trusted User & Developer" group as TUBalló György1-2/+2
This reflects the changes in 3610f3c. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Suppress PHP notice in process_account_form()Lukas Fleischer1-3/+6
Add a check to remove a notice which is displayed after registration since commit 03c6304 (Rework permission handling, 2014-07-15). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Do not allow regular users to edit all accountsLukas Fleischer1-1/+1
Fixes a regression introduced in 03c6304 (Rework permission handling, 2014-07-15). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Clean up user references in user_delete()Lukas Fleischer1-0/+35
Explicitly clean up all references before deleting a user. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-15Add a new user group "Trusted User & Developer"Lukas Fleischer1-1/+5
This group has full permissions on everything. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-15Disallow privileged users to use invalid user namesLukas Fleischer1-22/+1
Prevent Trusted Users and developers from accidentally using a name that contains invalid characters. Also, remove user_is_privileged() which is no longer needed after this change. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-15Rework permission handlingLukas Fleischer1-26/+11
Add a new function has_credential() that checks whether the currently logged in user is allowed to perform a given action. Moving all permission handling to this central place makes adding new user groups and adjusting permissions much more convenient. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-06-05acctfuncs.inc.php: Fix indentationLukas Fleischer1-2/+3
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-06-05acctfuncs.inc.php: Reduce nesting in several functionsLukas Fleischer1-257/+264
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-06-05Do not return "None" in user functionsLukas Fleischer1-1/+1
Return null instead of the string "None" in username_from_id(), uid_from_email() and uid_from_username(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-05-30Accept upper case letters in valid_username()Lukas Fleischer1-1/+1
In commit 0722f46 (Simplify valid_user() and valid_username(), 2014-02-06), the conversion to lower case letters was unintentionally removed and in consequence, names with upper case letters have been rejected since then. Instead of reintroducing the conversion, add the "i" modifier to the regular expression validating the name to do case-insensitive pattern matching. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-05-22acctfuncs.inc.php: Fix typoLukas Fleischer1-1/+1
Replace a misplaced semicolon with the concatenation operator. This makes the AUR insert proper Reply-to and From headers again when sending password reset emails on registration. Fixes a regression introduced in 94a4f59 (Set Content-type header when sending UTF-8 mails, 2014-02-10). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-05-22Use aur.archlinux.org in sender email addressesLukas Fleischer1-2/+2
Consistently use the following headers in notification emails: Reply-to: noreply@aur.archlinux.org From: notify@aur.achlinux.org Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-05-22Be friendly to newly registered usersLukas Fleischer1-3/+5
Use "Welcome to the Arch User Repository" instead of "AUR Password Reset" as subject for the initial password reset email. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-10Set Content-type header when sending UTF-8 mailsLukas Fleischer1-1/+3
Fixes FS#38568. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-10Use CRLF to separate headers in mail()Lukas Fleischer1-1/+4
This is the correct delimiter for mail headers according to the PHP documentation and RFC 2822. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-09Remove LastVoted columnLukas Fleischer1-3/+0
This has been introduced by commit aae43d9 (started working on package comments, 2005-03-05) but it seems to be of no practical use. Remove the field to save some space. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-06Simplify valid_user() and valid_username()Lukas Fleischer1-17/+10
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-06acctfuncs.inc.php: Fix comment styleLukas Fleischer1-36/+28
* Use C-style comments (/* */) instead of #. * Remove some superfluous comments and slightly reword others. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-01Sort last TU votes by vote and by user nameLukas Fleischer1-1/+1
Instead of using a random secondary order, sort by the ID of the last vote first, then by user name. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-20acctfuncs.inc.php: Allow translation of missing stringscanyonknight1-2/+2
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-28Only include current TUs in the last votes listLukas Fleischer1-3/+4
Do not show users that took part in past TU votes but no longer have TU powers. Also, fix the sorting column while we're touching these lines. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27Exclude running votes from "Last Votes by TU"Lukas Fleischer1-1/+4
Showing running votes potentially allows for tracking votes and associating yes/no/abstain votes with specific TUs. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-26Add "Last Votes by TU" listLukas Fleischer1-0/+19
This shows a list of all Trusted Users and the vote ID of the last proposal each of the TUs voted on. This list is sorted by vote ID. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-22Add a vote type to the TU proposal formLukas Fleischer1-3/+4
There are only four valid reasons for starting a TU vote, so instead of letting the user choose a vote length, let her pick a reason and set vote length and quorum based on that selection. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-22Store the number of TUs when starting a voteLukas Fleischer1-2/+8
This will be used for automated calculation of vote participation later. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-22Allow for setting an account's inactivity statusLukas Fleischer1-6/+22
This adds a field to the users table and corresponding fields to the account edit and display forms that allow for setting an (in-)activity status. This might turn out to be useful if a user is on vacation and can not respond to update/orphan/deletion requests. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-04-24Remove superfluous search wrapper functioncanyonknight1-10/+0
The search_accounts_form() wrapper function doesn't have any arguments and only makes it unclear what is happening within account.php Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-25Show hint if password is empty during loginLukas Fleischer1-2/+31
A user might have an empty password due to two reasons: * The user just created an account and needs to set an initial password. * The password has been reset by the administrator. In both cases, the user might be confused as to why the login does not work. Add a message that helps users debug the issue in both cases. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-24Implement IP banning for user registration and user logincanyonknight1-1/+34
Adds a new is_ipbanned() function to determine whether the user attempting to login or register for an account has their IP address listed in the "Bans" table. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-21Save last login IP addressLukas Fleischer1-1/+2
Save the IP address used for the last login in the "Users" table. This makes it a bit easier to create IP ban lists for spammers without looking at web server logs. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-21process_account_form(): Highlight errorsLukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-19process_account_form(): Allow using empty passwordsLukas Fleischer1-13/+25
If an empty password is passed during account registration, login for the new user is disabled and a reset key is sent to the new user's e-mail address so that they can set an initial password manually. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-19Move reset key submission to a separate functionLukas Fleischer1-0/+26
This allows for reusing reset key submission for other things, such as sending an initial password reset code during account registration. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-02-10Remove checks before calling connection methodcanyonknight1-73/+24
Large amount of boilerplate code that checks if a database connection exists is useless now that the new connection method automatically does the same check. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-02-10Remove documentation references to database parametercanyonknight1-24/+0
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-02-10Remove unnecessary database connection parameter from all functionscanyonknight1-29/+29
All functions now have a database connection method that will use the same database connection. This imitates the functionality of passing a database connection as an argument and makes it redundant. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-02-10Add database wrapper class and new connection methodcanyonknight1-24/+24
Uses the Singleton pattern to ensure all queries use the same database connection that is released upon script completion. All database connections should now be called with DB::connect() and not db_connect(). Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-01-30acctfuncs.inc.php: Change wording of account editing messagecanyonknight1-1/+1
An error message is printed when the number of affected rows is 0 for an edited account. A count of 0 doesn't imply an error, only that no changes were made in the database. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-01-30Clear a user's active sessions following account suspensioncanyonknight1-0/+19
A suspended user can stay in active sessions. Introduce new function delete_user_sessions to remove all open sessions for a specific user. Allows suspensions to take effect immediately. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-01-30acctfuncs.inc.php: Change return type of valid_username functioncanyonknight1-6/+5
The function is only determining whether a username is valid, so it makes more sense to simply return a boolean value. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-11-29Fix account privilege escalation vulnerabilitycanyonknight1-2/+2
A check is only done to verify a Trusted User isn't promoting their account. An attacker can send tampered account type POST data to change their "User" level account to a "Developer" account. Add check so that all users cannot increase their own account permissions. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-11-29Fix account editing and hijacking vulnerabilitycanyonknight1-0/+29
Checks are in place to avoid users getting account editing forms they shouldn't have access to. The appropriate checks before editing the account in the backend are not in place. This vulnerability allows a user to craft malicious POST data to edit other user accounts, thereby allowing account hijacking. Add a new flexible function can_edit_account() to determine if a user has appropriate permissions. Run the permission check before processing any account information in the backend. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-08Refactor TU voters listLukas Fleischer1-3/+3
* Change voters_list() to return an array of voters instead of generating HTML code in the library call. * Change the template to generate HTML code for the list of voters instead of displaying the library's return value. * Use HTML lists. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>