From 2fc6ac5be5a5193a0d23c81cf0655e99777e0d1e 2017-06-21 01:29:45
From: DarkMorford <DarkMorford@Gmail.com>
Date: 2017-06-21 01:29:45
Subject: [PATCH] Rework login function to use DBAL.

---

diff --git a/include/admin.inc.php b/include/admin.inc.php
index 5e6e1db..5c9a453 100644
--- a/include/admin.inc.php
+++ b/include/admin.inc.php
@@ -1,8 +1,8 @@
 <?php
 
 /* Megatokyo Website Administration */
-
 require_once('../LocalSettings.php');
+require(__DIR__ . '/../vendor/autoload.php');
 
 // Core lib
 require_once('html.php');
@@ -29,6 +29,18 @@ require_once('rss.php');
 
 require_once('twitteroauth/twitteroauth.php');
 
+// Initialize a connection to the database
+$dbConfig = new \Doctrine\DBAL\Configuration();
+$dbParams = array(
+	'dbname'   => DB_NAME,
+	'user'     => DB_WRITE_USER,
+	'password' => DB_WRITE_PASS,
+	'host'     => DB_SERVER,
+	'driver'   => 'mysqli',
+	'charset'  => 'utf8mb4'
+);
+$dbConnection = \Doctrine\DBAL\DriverManager::getConnection($dbParams, $dbConfig);
+
 $mtdb = new MysqlStore();
 $mtdb->connect( DB_SERVER, DB_WRITE_USER, DB_WRITE_PASS, DB_NAME );
 
@@ -46,15 +58,16 @@ function mt_hash_password($password) {
 	return sha1($password);
 }
 
-// Remove invalid characters from username. Permit only alpha, underscore, period, at, hypen
+// Remove invalid characters from username. Permit only alpha, underscore, period, at, hyphen
 function sanitize_username( $username ) {
 	return preg_replace('|[^a-z_.@-]|i', '', $username);
 }
 
 // Attempt to login with a username and password. If from cookies, set already_hashed = true.
 function mt_login($username, $password, $already_hashed = false) {
-	global $error,$mtdb;
+	global $error,$mtdb,$dbConnection;
 
+	// Fail login if either user or pass is blank
 	if ( '' == $username )
 		return false;
 
@@ -64,8 +77,12 @@ function mt_login($username, $password, $already_hashed = false) {
 	}
 
 	$username = sanitize_username( $username );
+	
+	// Get user info from the database
+	$sql = 'SELECT * FROM contributor WHERE name LIKE ?';
+	$stmt = $dbConnection->executeQuery($sql, array($username));
+	$login = $stmt->fetch(PDO::FETCH_OBJ);
 
-	$login = $mtdb->getRow( 'SELECT id,name,email,nameplate,default_image,default_link,password FROM contributor WHERE name = "' . mysqli_real_escape_string($mtdb->link, $username) . '"');
 	if (!$login) {
 		$error = ('<strong>ERROR</strong>: Invalid username or password.');
 		adminlog("Failed login attempt from ".$_SERVER['REMOTE_ADDR']." for $username.", MTS_LOGIN, MTA_CHANGE);
@@ -142,5 +159,4 @@ function nocache_headers() {
 	@ header('Pragma: no-cache');
 }
 
-
 ?>