]>
jfr.im git - irc/unrealircd/unrealircd-webpanel.git/blob - plugins/sql_auth/sql_auth.php
3 require_once "SQL/sql.php";
4 require_once "SQL/user.php";
5 require_once "SQL/settings.php";
9 public $name = "SQLAuth";
10 public $author = "Valware";
11 public $version = "1.0";
12 public $description = "Provides a User Auth and Management Panel with an SQL backend";
14 function __construct()
16 self
::create_tables();
17 Hook
::func(HOOKTYPE_NAVBAR
, 'sql_auth::add_navbar');
18 Hook
::func(HOOKTYPE_PRE_HEADER
, 'sql_auth::session_start');
19 Hook
::func(HOOKTYPE_OVERVIEW_CARD
, 'sql_auth::add_overview_card');
21 if (defined('SQL_DEFAULT_USER')) // we've got a default account
23 $lkup = new SQLA_User(SQL_DEFAULT_USER
['username']);
25 if (!$lkup->id
) // doesn't exist, add it with full privileges
27 create_new_user(["user_name" => SQL_DEFAULT_USER
['username'], "user_pass" => SQL_DEFAULT_USER
['password']]);
32 public static function add_navbar(&$pages)
34 if (!unreal_get_current_user()->id
)
39 $pages["Panel Access"] = "plugins/sql_auth/";
40 if (isset($_SESSION['id']))
42 $pages["Logout"] = "plugins/sql_auth/login.php?logout=true";
46 public static function session_start($n)
49 if (!isset($_SESSION['id']) || empty($_SESSION))
51 $tok = split($_SERVER['SCRIPT_FILENAME'], "/");
52 if ($check = security_check() && $tok[count($tok) - 1] !== "error.php") {
53 header("Location: " . BASE_URL
. "plugins/sql_auth/error.php");
57 header("Location: ".BASE_URL
."plugins/sql_auth/login.php");
62 if (!unreal_get_current_user()->id
) // user no longer exists
65 header("Location: ".BASE_URL
."plugins/sql_auth/login.php");
73 * Create the tables we'll be using in the SQLdb
76 public static function create_tables()
79 $conn->query("CREATE TABLE IF NOT EXISTS " . SQL_PREFIX
. "users (
80 user_id int AUTO_INCREMENT NOT NULL,
81 user_name VARCHAR(255) NOT NULL,
82 user_pass VARCHAR(255) NOT NULL,
84 user_fname VARCHAR(255),
85 user_lname VARCHAR(255),
86 user_bio VARCHAR(255),
90 $conn->query("CREATE TABLE IF NOT EXISTS " . SQL_PREFIX
. "user_meta (
91 meta_id int AUTO_INCREMENT NOT NULL,
93 meta_key VARCHAR(255) NOT NULL,
94 meta_value VARCHAR(255),
97 $conn->query("CREATE TABLE IF NOT EXISTS " . SQL_PREFIX
. "auth_settings (
98 id int AUTO_INCREMENT NOT NULL,
99 setting_key VARCHAR(255) NOT NULL,
100 setting_value VARCHAR(255),
107 * Summary of add_overview_card
108 * @param mixed $stats
111 public static function add_overview_card(object &$stats) : void
113 $num_of_panel_admins = sqlnew()->query("SELECT COUNT(*) FROM " . SQL_PREFIX
. "users")->fetchColumn();
116 <div
class="container mt-5">
119 <div
class="col-sm-3">
120 <div
class="card text-center">
121 <div
class="card-header bg-success text-white">
124 <i
class="fa fa-lock-open fa-3x"></i
>
127 <h3
class="display-4"><?php
echo $num_of_panel_admins; ?></h3
>
131 <div
class="card-body">
136 <div
class="col"> <a
class="btn btn-primary" href
="<?php echo BASE_URL; ?>plugins/sql_auth/">View
</a
></div
>
149 function security_check()
151 $ip = $_SERVER['REMOTE_ADDR'];
152 if (dnsbl_check($ip))
155 else if (fail2ban_check($ip))
161 function dnsbl_check($ip)
163 $dnsbl_lookup = DNSBL
;
165 // clear variable just in case
168 // if the IP was not given because you're an idiot, stop processing
169 if (!$ip) { return; }
171 // get the first two segments of the IPv4
172 $because = split($ip, "."); // why you
173 $you = $because[1]; // gotta play
174 $want = $because[2]; // that song
175 $to = $you.".".$want."."; // so loud?
177 // exempt local connections because sometimes they get a false positive
178 if ($to == "192.168." || $to == "127.0.") { return NULL; }
180 // you spin my IP right round, right round, to check the records baby, right round-round-round
181 $reverse_ip = glue(array_reverse(split($ip, ".")), ".");
184 foreach ($dnsbl_lookup as $host) {
187 if (checkdnsrr($reverse_ip . "." . $host . ".", "A")) {
194 // if it was safe, return NOTHING
199 // else, you guessed it, return where it was listed
205 function fail2ban_check($ip)