<?php
/*************************
  Coppermine Photo Gallery
  ************************
  Copyright (c) 2003-2016 Coppermine Dev Team
  v1.0 originally written by Gregory Demar

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License version 3
  as published by the Free Software Foundation.

  ********************************************
  Coppermine version: 1.6.03
  $HeadURL$
**********************************************/

if (!defined('IN_COPPERMINE')) die('Not in Coppermine...');

if (isset($bridge_lookup)) {
	$default_bridge_data[$bridge_lookup] = array(
		'full_name' => 'Invision Community 4.x',
		'short_name' => 'invisionboard40',
		'support_url' => 'https://invisioncommunity.com/forums/',
		'full_forum_url_default' => 'http://www.yoursite.com/board',
		'full_forum_url_used' => 'mandatory,not_empty,no_trailing_slash',
		'relative_path_to_config_file_default' => '../board/',
		'relative_path_to_config_file_used' => 'lookfor,conf_global.php',
		'use_post_based_groups_default' => '0',
		'use_post_based_groups_used' => 'radio,1,0'
	);
} else {

	// Switch that allows overriding the bridge manager with hard-coded values
	define('USE_BRIDGEMGR', 1);

	require_once 'bridge/udb_base.inc.php';

	class cpg_udb extends core_udb
	{

		function __construct()
		{
			global $BRIDGE;

			if (!USE_BRIDGEMGR) {
				$this->boardurl = 'http://localhost/ipb';
				require_once '../ipb/conf_global.php';
				$this->use_post_based_groups = 0;
			} else {
				require_once $BRIDGE['relative_path_to_config_file'] . '/conf_global.php';
				$this->boardurl = $INFO['base_url'];
				$this->use_post_based_groups = $BRIDGE['use_post_based_groups'];
			}

			// Database connection settings
			$this->db = array(
				'name'		=> $INFO['sql_database'],
				'host'		=> $INFO['sql_host'] ? $INFO['sql_host'] : 'localhost',
				'user'		=> $INFO['sql_user'],
				'password'	=> $INFO['sql_pass'],
				'prefix'	=> $INFO['sql_tbl_prefix']
			);

			// Board table names
			$this->table = array(
				'users'		=> 'core_members',
				'groups'	=> 'core_groups',
				'sessions'	=> 'core_sessions'
			);

			// Derived full table names
			$this->usertable		= '`' . $this->db['name'] . '`.' . $this->db['prefix'] . $this->table['users'];
			$this->groupstable		= '`' . $this->db['name'] . '`.' . $this->db['prefix'] . $this->table['groups'];
			$this->sessionstable	= '`' . $this->db['name'] . '`.' . $this->db['prefix'] . $this->table['sessions'];

			// Table field names
			$this->field = array(
				'username'				=> 'name', // name of 'username' field in users table
				'user_id'				=> 'member_id', // name of 'id' field in users table
				'password'				=> 'members_pass_hash', // name of 'password' field in users table
				'email'					=> 'email', // name of 'email' field in users table
				'regdate'				=> 'joined', // name of 'registered' field in users table
				'location'				=> "''", // name of 'location' field in users table
				'website'				=> "''", // name of 'website' field in users table
				'usertbl_group_id'		=> 'member_group_id', // name of 'group id' field in users table
				'grouptbl_group_id'		=> 'g_id', // name of 'group id' field in groups table
				'grouptbl_group_name'	=> 'g_title' // name of 'group name' field in groups table
			);

			// Pages to redirect to
			$this->page = array(
				'register'			=> '/index.php?app=core&module=global&section=register',
				'editusers'			=> '/admin/index.php',
				'edituserprofile'	=> '/index.php?showuser='
			);

			// Group ids - admin and guest only.
			$this->admingroups	= array($INFO['admin_group']);
			$this->guestgroup	= $this->use_post_based_groups ? $INFO['guest_group']: 3;

			// Connect to db
			$this->connect();
		}

		// definition of how to extract id, pass from session cookie
		function session_extraction()
		{
			$superCage = Inspekt::makeSuperCage();

			if ($superCage->cookie->keyExists('ips4_IPSSessionFront')) {

				$session_id = $superCage->cookie->getEscaped('ips4_IPSSessionFront');

				$sql = "SELECT s.member_id, members_pass_hash, members_pass_salt FROM {$this->sessionstable} AS s INNER JOIN {$this->usertable} AS u ON s.member_id = u.member_id WHERE s.id = '$session_id'";

				$result = $this->query($sql);

				if (cpg_db_num_rows($result)) {
					$row =cpg_db_fetch_row($result);
					$result->free();
					return $row;
				}
			} else {
				return false;
			}
		}

		// definition of how to extract an id and password hash from a cookie
		function cookie_extraction()
		{
			$superCage = Inspekt::makeSuperCage();
			$id = 0;
			$pass = '';

			if ($superCage->cookie->keyExists('ips4_member_id') && $superCage->cookie->keyExists('ips4_login_key')) {
				$id = $superCage->cookie->getInt('ips4_member_id');
				$pass = substr($superCage->cookie->getEscaped('ips4_login_key'), 0, 32);
			}

			return ($id) ? array($id, $pass) : false;
		}

		// definition of actions required to convert a password from user database form to cookie form
		function udb_hash_db($password)
		{
			return $password; // unused
		}

		function login_page()
		{
			$this->redirect('index.php?app=core&module=system&controller=login&ref='.base64_encode('/cpg16/index.php'));
		}

		function logout_page()
		{
			$uid = USER_ID;
			$sql = "SELECT email,joined FROM {$this->usertable} WHERE member_id = {$uid}";
			$result = $this->query($sql);
			list($mail,$joined) = cpg_db_fetch_row($result);

			$superCage = Inspekt::makeSuperCage();
			$sessid = $superCage->cookie->getEscaped('ips4_IPSSessionFront');

			$csrf = md5( "{$mail}& " . $joined . '&' . $sessid );

			$this->redirect('index.php?app=core&module=system&controller=login&do=logout&csrfKey='.$csrf);
		}
	}

	// and go !
	$cpg_udb = new cpg_udb;
}
//EOF