Update of /cvsroot/phpwiki/phpwiki/lib/plugin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4802 Modified Files: _AuthInfo.php Log Message: security fixes (unknown why and where these get defined) Index: _AuthInfo.php =================================================================== RCS file: /cvsroot/phpwiki/phpwiki/lib/plugin/_AuthInfo.php,v retrieving revision 1.17 retrieving revision 1.18 diff -u -2 -b -p -d -r1.17 -r1.18 --- _AuthInfo.php 21 Oct 2004 21:00:59 -0000 1.17 +++ _AuthInfo.php 27 Mar 2005 19:46:12 -0000 1.18 @@ -53,5 +53,5 @@ extends WikiPlugin extract($args); if (empty($userid) or $userid == $request->_user->UserName()) { - $user = & $request->_user; + $user =& $request->_user; $userid = $user->UserName(); } else { @@ -98,5 +98,5 @@ extends WikiPlugin $table->pushContent($this->_showhash("\$DBAuthParams[]", $DBAuthParams)); $html->pushContent($table); - $html->pushContent(HTML(HTML::h3(fmt("Personal Auth Settings for '%s'",$userid)))); + $html->pushContent(HTML(HTML::h3(fmt("Personal Auth Settings for '%s'", $userid)))); if (!$user) { $html->pushContent(HTML::p(fmt("No userid"))); @@ -107,6 +107,9 @@ extends WikiPlugin //$table->pushContent(HTML::tr(HTML::td(array('colspan' => 2)))); $userdata = obj2hash($user); + // FIXME: only on sf.net/demo site + if (!empty($userdata['_dbi'])) unset($userdata['_dbi']); + if (!empty($userdata['_request'])) unset($userdata['_request']); $table->pushContent($this->_showhash("User: Object of ".get_class($user), $userdata)); - if (1 or ENABLE_USER_NEW) { + if (ENABLE_USER_NEW) { $group = &$request->getGroup(); $groups = $group->getAllGroupsIn(); @@ -199,4 +202,7 @@ extends WikiPlugin // $Log$ +// Revision 1.18 2005年03月27日 19:46:12 rurban +// security fixes (unknown why and where these get defined) +// // Revision 1.17 2004年10月21日 21:00:59 rurban // fix recursion bug for old WikiUser: