preparation for 4.0 trunk: move whole scripts just under trunk directory

[nucleus-jp/nucleus-jp-ancient.git] / utf8 / nucleus / plugins / NP_SecurityEnforcer.php

diff --git a/utf8/nucleus/plugins/NP_SecurityEnforcer.php b/utf8/nucleus/plugins/NP_SecurityEnforcer.php
deleted file mode 100644 (file)
index db1c1b7..0000000
--- a/utf8/nucleus/plugins/NP_SecurityEnforcer.php
+++ /dev/null
@@ -1,253 +0,0 @@
-<?php
-/**
- * Attach plugin for Nucleus CMS
- * Version 0.9.5 (1.0 RC) for PHP5
- * Written by Cacher, Jan.16, 2011
- * Original code was written by Frank Truscott, Nov. 01, 2009
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 3
- * of the License, or (at your option) any later version.
- */
-
-class NP_SecurityEnforcer extends NucleusPlugin {
-       public function getName()                       { return 'SecurityEnforcer'; }
-       public function getAuthor()             { return 'Frank Truscott + Cacher';     }
-       public function getURL()                        { return 'http://revcetera.com/ftruscot';       }
-       public function getVersion()            { return '1.02JP'; }
-       public function getDescription()        { return _SECURITYENFORCER_DESCRIPTION;}
-       public function getTableList()  { return array(sql_table('plug_securityenforcer')); }
-       public function hasAdminArea()  { return 1; }
-       public function getMinNucleusVersion()  { return 350; }
-       public function supportsFeature($feature)       { return in_array ($feature, array ('SqlTablePrefix', 'SqlApi'));}
-       public function getEventList()  { return array('QuickMenu','PrePasswordSet','CustomLogin','LoginSuccess','LoginFailed','PostRegister','PrePluginOptionsEdit'); }
-       
-       public function install() {
-               global $CONF;
-               $this->createOption('quickmenu', '_SECURITYENFORCER_OPT_QUICKMENU', 'yesno', 'yes');
-               $this->createOption('del_uninstall_data', '_SECURITYENFORCER_OPT_DEL_UNINSTALL_DATA', 'yesno','no');
-               $this->createOption('enable_security', '_SECURITYENFORCER_OPT_ENABLE', 'yesno','yes');
-               $this->createOption('pwd_min_length', '_SECURITYENFORCER_OPT_PWD_MIN_LENGTH', 'text','8');
-               //$this->createOption('pwd_complexity', _SECURITYENFORCER_OPT_PWD_COMPLEXITY, 'select','0',_SECURITYENFORCER_OPT_SELECT_OFF_COMP.'|0|'._SECURITYENFORCER_OPT_SELECT_ONE_COMP.'|1|'._SECURITYENFORCER_OPT_SELECT_TWO_COMP.'|2|'._SECURITYENFORCER_OPT_SELECT_THREE_COMP.'|3|'._SECURITYENFORCER_OPT_SELECT_FOUR_COMP.'|4');
-               $this->createOption('pwd_complexity', '_SECURITYENFORCER_OPT_PWD_COMPLEXITY', 'select','0','_SECURITYENFORCER_OPT_SELECT');
-               $this->createOption('max_failed_login', '_SECURITYENFORCER_OPT_MAX_FAILED_LOGIN', 'text', '5');
-               $this->createOption('login_lockout', '_SECURITYENFORCER_OPT_LOGIN_LOCKOUT', 'text', '15');
-               
-               $query = "CREATE TABLE IF NOT EXISTS ". sql_table('plug_securityenforcer').
-                                       " ( 
-                                       `login` varchar(255),
-                                       `fails` int(11) NOT NULL default '0',                                     
-                                       `lastfail` bigint NOT NULL default '0',
-                                       KEY `login` (`login`)) TYPE=MyISAM";
-               sql_query($query);
-               return;
-       }
-       
-       public function unInstall() {
-               if ($this->getOption('del_uninstall_data') == 'yes')    {
-                       sql_query('DROP TABLE '.sql_table('plug_securityenforcer'));
-               }
-               return;
-       }
-       
-       public function init() {
-               $language = preg_replace( '#\\\\|/#', '', getLanguageName());
-               if (file_exists($this->getDirectory().$language.'.php')){
-                       include_once($this->getDirectory().$language.'.php');
-               } else {
-                       include_once($this->getDirectory().'english.php');
-               }
-               
-               $this->enable_security = $this->getOption('enable_security');
-               $this->pwd_min_length = intval($this->getOption('pwd_min_length'));
-               $this->pwd_complexity = intval($this->getOption('pwd_complexity'));
-               $this->max_failed_login = intval($this->getOption('max_failed_login'));
-               $this->login_lockout = intval($this->getOption('login_lockout'));
-               return;
-       }
-       
-       public function event_QuickMenu(&$data) {
-               global $member;
-               if ($this->getOption('quickmenu') != 'yes' || !$member->isAdmin()) {
-                       return;
-               }
-               if (!($member->isLoggedIn())) {
-                       return;
-               }
-               array_push($data['options'],
-               array('title' => 'Security Enforcer',
-                       'url' => $this->getAdminURL(),
-                       'tooltip' => _SECURITYENFORCER_ADMIN_TOOLTIP)
-               );
-               return;
-       }
-       
-       public function event_PrePasswordSet(&$data) {
-               if ($this->enable_security == 'yes') {
-                       $password = $data['password'];
-                       if (postVar('action') == 'changemembersettings'){
-                               $emptyAllowed = true;
-                       } else {
-                               $emptyAllowed = false;
-                       }
-                       if ((!$emptyAllowed)||$password) {
-                               $message = $this->_validate_and_messsage($password,$this->pwd_min_length, $this->pwd_complexity);
-                               if ($message) {
-                                       $data['errormessage'] = _SECURITYENFORCER_INSUFFICIENT_COMPLEXITY . $message. "<br /><br />\n";
-                                       $data['valid'] = false;
-                               }
-                       }
-               }
-               return;
-       }
-       
-       public function event_PostRegister(&$data) {
-               if ($this->enable_security == 'yes') {
-                       $password = postVar('password');
-                       if(postVar('action') == 'memberadd'){
-                               $message = $this->_validate_and_messsage($password,$this->pwd_min_length, $this->pwd_complexity);
-                               if ($message) {
-                                       $errormessage = _SECURITYENFORCER_ACCOUNT_CREATED. $message. "<br /><br />\n";
-                                       global $admin;
-                                       $admin->error($errormessage);
-                               }
-                       }
-               }
-               return;
-       }
-       
-       public function event_CustomLogin(&$data) {
-               if ($this->enable_security == 'yes' && $this->max_failed_login > 0) {
-                       global $_SERVER;
-                       $login = $data['login'];
-                       $ip = $_SERVER['REMOTE_ADDR'];
-                       sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE lastfail < ".(time() - ($this->login_lockout * 60)));
-                       $query = "SELECT fails as result FROM ".sql_table('plug_securityenforcer')." ";
-                       $query .= "WHERE login='".sql_real_escape_string($login)."'";
-                       $flogin = quickQuery($query); 
-                       $query = "SELECT fails as result FROM ".sql_table('plug_securityenforcer')." ";
-                       $query .= "WHERE login='".sql_real_escape_string($ip)."'";
-                       $fip = quickQuery($query); 
-                       if ($flogin >= $this->max_failed_login || $fip >= $this->max_failed_login) {
-                               $data['success'] = 0;
-                               $data['allowlocal'] = 0;
-                               $info = sprintf(_SECURITYENFORCER_LOGIN_DISALLOWED, htmlspecialchars($login), htmlspecialchars($ip));
-                               ACTIONLOG::add(INFO, $info);
-                       }
-               }
-               return;
-       }
-       
-       public function event_LoginSuccess(&$data) {
-               if ($this->enable_security == 'yes' && $this->max_failed_login > 0) {
-                       global $_SERVER;
-                       $login = $data['username'];
-                       $ip = $_SERVER['REMOTE_ADDR'];
-                       sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE login='".sql_real_escape_string($login)."'");
-                       sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE login='".sql_real_escape_string($ip)."'");
-               }
-               return;
-       }
-       
-       function event_LoginFailed(&$data) {
-               if ($this->enable_security == 'yes' && $this->max_failed_login > 0) {
-                       global $_SERVER;
-                       $login = $data['username'];
-                       $ip = $_SERVER['REMOTE_ADDR'];
-                       $lres = sql_query("SELECT * FROM ".sql_table('plug_securityenforcer')." WHERE login='".sql_real_escape_string($login)."'");
-                       if (sql_num_rows($lres)) {
-                               sql_query("UPDATE ".sql_table('plug_securityenforcer')." SET fails=fails+1, lastfail=".time()." WHERE login='".sql_real_escape_string($login)."'");
-                       }
-                       else {
-                               sql_query("INSERT INTO ".sql_table('plug_securityenforcer')." (login,fails,lastfail) VALUES ('".sql_real_escape_string($login)."',1,".time().")");
-                       }
-                       $lres = sql_query("SELECT * FROM ".sql_table('plug_securityenforcer')." WHERE login='".sql_real_escape_string($ip)."'");
-                       if (sql_num_rows($lres)) {
-                               sql_query("UPDATE ".sql_table('plug_securityenforcer')." SET fails=fails+1, lastfail=".time()." WHERE login='".sql_real_escape_string($ip)."'");
-                       }
-                       else {
-                               sql_query("INSERT INTO ".sql_table('plug_securityenforcer')." (login,fails,lastfail) VALUES ('".sql_real_escape_string($ip)."',1,".time().")");
-                       }
-               }
-               return;
-       }
-       
-       public function event_PrePluginOptionsEdit($data) {
-               if ($data['plugid'] === $this->getID()) {
-                       foreach($data['options'] as $key => $value){
-                               if (defined($value['description'])) {
-                                       $data['options'][$key]['description'] = constant($value['description']);
-                               }
-                               if (!strcmp($value['type'], 'select') && defined($value['typeinfo'])) {
-                                       $data['options'][$key]['typeinfo'] = constant($value['typeinfo']);
-                               }
-                       }
-               }
-               return;
-       }
-       
-       /* Helper Functions */
-       
-       private function _validate_passwd($passwd,$minlength = 6,$complexity = 0) {
-               $minlength = intval($minlength);
-               $complexity = intval($complexity);
-               
-               if ($minlength < 6 ) {
-                       $minlength = 6;
-               }
-               if (strlen($passwd) < $minlength) {
-                       return false;
-               }
-               
-               if ($complexity > 4) $complexity = 4;
-               $ucchars = "[A-Z]";
-               $lcchars = "[a-z]";
-               $numchars = "[0-9]";
-               $ochars = "[-~!@#$%^&*()_+=,.<>?:;|]";
-               $chartypes = array($ucchars, $lcchars, $numchars, $ochars);
-               $tot = array(0,0,0,0);
-               $i = 0;
-               foreach ($chartypes as $value) {
-                       $tot[$i] = preg_match("/".$value."/", $passwd);
-                       $i = $i + 1;
-               }
-
-               if (array_sum($tot) >= $complexity) {
-                       return true;
-               }
-               else return false;
-       }
-       
-       private function _validate_and_messsage($passwd,$minlength = 6,$complexity = 0) {
-               $minlength = intval($minlength);
-               $complexity = intval($complexity);
-
-               if ($minlength < 6 ) {
-                       $minlength = 6;
-               }
-               if (strlen($passwd) < $minlength) {
-                       $message = _SECURITYENFORCER_MIN_PWD_LENGTH . $this->pwd_min_length;
-               }
-
-               if ($complexity > 4) {
-                       $complexity = 4;
-               }
-               $ucchars = "[A-Z]";
-               $lcchars = "[a-z]";
-               $numchars = "[0-9]";
-               $ochars = "[-~!@#$%^&*()_+=,.<>?:;|]";
-               $chartypes = array($ucchars, $lcchars, $numchars, $ochars);
-               $tot = array(0,0,0,0);
-               $i = 0;
-               foreach ($chartypes as $value) {
-                       $tot[$i] = preg_match("/".$value."/", $passwd);
-                       $i = $i + 1;
-               }
-
-               if (array_sum($tot) < $complexity) {
-                       $message .= _SECURITYENFORCER_PWD_COMPLEXITY . $this->pwd_complexity;
-               }
-               return $message;
-       }
-}