Revision: 6868 http://phpwiki.svn.sourceforge.net/phpwiki/?rev=6868&view=rev Author: rurban Date: 2009年06月04日 11:30:51 +0000 (2009年6月04日) Log Message: ----------- Placeholder for Facebook (almost working) and OpenID auth Added Paths: ----------- trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/OpenID.php Added: trunk/lib/WikiUser/Facebook.php =================================================================== --- trunk/lib/WikiUser/Facebook.php (rev 0) +++ trunk/lib/WikiUser/Facebook.php 2009年06月04日 11:30:51 UTC (rev 6868) @@ -0,0 +1,64 @@ +<?php //-*-php-*- +rcs_id('$Id: Facebook.php 6184 2008年08月22日 10:33:41Z vargenau $'); +/* Copyright (C) 2009 Reini Urban + * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) + * + * From http://developeronline.blogspot.com/2008/10/using-perl-against-facebook-part-i.html: + * GET 'http://www.facebook.com/login.php', and rest our virtual browser there to collect the cookies + * POST to 'https://login.facebook.com/login.php' with the proper parameters + */ + +// requires the openssl extension +require_once("lib/HttpClient.php"); + +class _FacebookPassUser +extends _PassUser { + /** + * Preferences are handled in _PassUser + */ + function checkPass($password) { + $userid = $this->_userid; + if (!loadPhpExtension('openssl')) { + trigger_error(_("The PECL openssl extension cannot be loaded"), + E_USER_WARNING); + return $this->_tryNextUser(); + } + $web = new HttpClient("www.facebook.com", 80); + if (DEBUG & _DEBUG_LOGIN) $web->setDebug(true); + // collect cookies from http://www.facebook.com/login.php + $firstlogin = $web->get("/login.php"); + if (!$firstlogin) { + trigger_error(_("Facebook connect failed with %d %s", $this->status, $this->errormsg), + E_USER_WARNING); + } + // Switch from http to https://login.facebook.com/login.php + $web->post = 443; + if (!$web->post("/login.php", array('user'=>$userid, 'pass'=>$password))) { + trigger_error(_("Facebook login failed with %d %s", $this->status, $this->errormsg), + E_USER_WARNING); + } + $this->_authmethod = 'Facebook'; + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => $retval", + E_USER_WARNING); + if ($retval) { + $this->_level = WIKIAUTH_USER; + } else { + $this->_level = WIKIAUTH_ANON; + } + return $this->_level; + } + + function userExists() { + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::userExists => true (dummy)", E_USER_WARNING); + return true; + } +} + +// Local Variables: +// mode: php +// tab-width: 8 +// c-basic-offset: 4 +// c-hanging-comment-ender-p: nil +// indent-tabs-mode: nil +// End: +?> \ No newline at end of file Property changes on: trunk/lib/WikiUser/Facebook.php ___________________________________________________________________ Added: svn:executable + * Added: trunk/lib/WikiUser/OpenID.php =================================================================== --- trunk/lib/WikiUser/OpenID.php (rev 0) +++ trunk/lib/WikiUser/OpenID.php 2009年06月04日 11:30:51 UTC (rev 6868) @@ -0,0 +1,48 @@ +<?php //-*-php-*- +rcs_id('$Id: OpenID.php,v 1.1 2006年12月24日 13:35:43 rurban Exp $'); +/* Copyright (C) 2007 ReiniUrban + * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) + * + * See http://openid.net/specs/openid-authentication-1_1.html + */ + +class _OpenIDPassUser +extends _PassUser +/** + * Preferences are handled in _PassUser + */ +{ + // This can only be called from _PassUser, because the parent class + // sets the pref methods, before this class is initialized. + function _OpenIDPassUser($UserName='', $prefs=false, $file='') { + if (!$this->_prefs and isa($this, "_OpenIDPassUser")) { + if ($prefs) $this->_prefs = $prefs; + if (!isset($this->_prefs->_method)) + _PassUser::_PassUser($UserName); + } + $this->_userid = $UserName; + return $this; + } + + function userExists() { + if (!$this->isValidName($this->_userid)) { + return $this->_tryNextUser(); + } + $this->_authmethod = 'OpenID'; + // check the prefs for emailVerified + if ($this->_prefs->get('emailVerified')) + return true; + return $this->_tryNextUser(); + } +} + +// $Log: OpenID.php,v $ + +// Local Variables: +// mode: php +// tab-width: 8 +// c-basic-offset: 4 +// c-hanging-comment-ender-p: nil +// indent-tabs-mode: nil +// End: +?> \ No newline at end of file Property changes on: trunk/lib/WikiUser/OpenID.php ___________________________________________________________________ Added: svn:executable + * This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 6885 http://phpwiki.svn.sourceforge.net/phpwiki/?rev=6885&view=rev Author: vargenau Date: 2009年06月04日 12:36:36 +0000 (2009年6月04日) Log Message: ----------- svn propset svn:keywords Id Modified Paths: -------------- trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/OpenID.php Property Changed: ---------------- trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/OpenID.php Modified: trunk/lib/WikiUser/Facebook.php =================================================================== --- trunk/lib/WikiUser/Facebook.php 2009年06月04日 12:22:40 UTC (rev 6884) +++ trunk/lib/WikiUser/Facebook.php 2009年06月04日 12:36:36 UTC (rev 6885) @@ -1,5 +1,5 @@ <?php //-*-php-*- -rcs_id('$Id: Facebook.php 6184 2008年08月22日 10:33:41Z vargenau $'); +rcs_id('$Id$'); /* Copyright (C) 2009 Reini Urban * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) * Property changes on: trunk/lib/WikiUser/Facebook.php ___________________________________________________________________ Deleted: svn:executable - * Added: svn:keywords + Id Modified: trunk/lib/WikiUser/OpenID.php =================================================================== --- trunk/lib/WikiUser/OpenID.php 2009年06月04日 12:22:40 UTC (rev 6884) +++ trunk/lib/WikiUser/OpenID.php 2009年06月04日 12:36:36 UTC (rev 6885) @@ -1,5 +1,5 @@ <?php //-*-php-*- -rcs_id('$Id: OpenID.php,v 1.1 2006年12月24日 13:35:43 rurban Exp $'); +rcs_id('$Id$'); /* Copyright (C) 2007 ReiniUrban * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) * Property changes on: trunk/lib/WikiUser/OpenID.php ___________________________________________________________________ Deleted: svn:executable - * Added: svn:keywords + Id This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 7301 http://phpwiki.svn.sourceforge.net/phpwiki/?rev=7301&view=rev Author: vargenau Date: 2010年03月04日 10:30:39 +0000 (2010年3月04日) Log Message: ----------- Replace tabs by spaces; remove EOL spaces Modified Paths: -------------- trunk/lib/WikiUser/AdoDb.php trunk/lib/WikiUser/BogoLogin.php trunk/lib/WikiUser/Db.php trunk/lib/WikiUser/EMailConfirm.php trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/File.php trunk/lib/WikiUser/Forbidden.php trunk/lib/WikiUser/GForge.php trunk/lib/WikiUser/HttpAuth.php trunk/lib/WikiUser/HttpAuthUpper.php trunk/lib/WikiUser/IMAP.php trunk/lib/WikiUser/LDAP.php trunk/lib/WikiUser/LdapUpper.php trunk/lib/WikiUser/OpenID.php trunk/lib/WikiUser/POP3.php trunk/lib/WikiUser/PdoDb.php trunk/lib/WikiUser/PearDb.php trunk/lib/WikiUser/PersonalPage.php trunk/lib/WikiUser/Session.php Modified: trunk/lib/WikiUser/AdoDb.php =================================================================== --- trunk/lib/WikiUser/AdoDb.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/AdoDb.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -12,7 +12,7 @@ * ADODB methods * Simple sprintf, no prepare. * - * Warning: Since we use FETCH_MODE_ASSOC (string hash) and not the also faster + * Warning: Since we use FETCH_MODE_ASSOC (string hash) and not the also faster * FETCH_MODE_ROW (numeric), we have to use the correct aliases in auth_* sql statements! * * TODO: Change FETCH_MODE in adodb WikiDB sublasses. @@ -78,28 +78,28 @@ if (!$id_only and isset($this->_prefs->_update)) { $this->getAuthDbh(); $dbh = &$this->_auth_dbi; - // check if the user already exists (not needed with mysql REPLACE) - $rs = $dbh->Execute(sprintf($this->_prefs->_select, $dbh->qstr($this->_userid))); - if ($rs->EOF) { - $rs->Close(); - $prefs_blob = false; - } else { - $prefs_blob = @$rs->fields['prefs']; - $rs->Close(); - } - if ($prefs_blob) { - $db_result = $dbh->Execute(sprintf($this->_prefs->_update, - $dbh->qstr($packed), - $dbh->qstr($this->_userid))); - } else { - // Otherwise, insert a record for them and set it to the defaults. - $dbi = $request->getDbh(); - $this->_prefs->_insert = $this->prepare($dbi->getAuthParam('pref_insert'), - array("pref_blob", "userid")); - $db_result = $dbh->Execute(sprintf($this->_prefs->_insert, - $dbh->qstr($packed), - $dbh->qstr($this->_userid))); - } + // check if the user already exists (not needed with mysql REPLACE) + $rs = $dbh->Execute(sprintf($this->_prefs->_select, $dbh->qstr($this->_userid))); + if ($rs->EOF) { + $rs->Close(); + $prefs_blob = false; + } else { + $prefs_blob = @$rs->fields['prefs']; + $rs->Close(); + } + if ($prefs_blob) { + $db_result = $dbh->Execute(sprintf($this->_prefs->_update, + $dbh->qstr($packed), + $dbh->qstr($this->_userid))); + } else { + // Otherwise, insert a record for them and set it to the defaults. + $dbi = $request->getDbh(); + $this->_prefs->_insert = $this->prepare($dbi->getAuthParam('pref_insert'), + array("pref_blob", "userid")); + $db_result = $dbh->Execute(sprintf($this->_prefs->_insert, + $dbh->qstr($packed), + $dbh->qstr($this->_userid))); + } $db_result->Close(); // delete pageprefs: if ($this->_HomePagehandle and $this->_HomePagehandle->get('pref')) @@ -113,7 +113,7 @@ } return 0; } - + function userExists() { $this->getAuthDbh(); $dbh = &$this->_auth_dbi; @@ -126,11 +126,11 @@ $dbi =& $GLOBALS['request']->_dbi; // Prepare the configured auth statements if ($dbi->getAuthParam('auth_check') and empty($this->_authselect)) { - $this->_authselect = $this->prepare($dbi->getAuthParam('auth_check'), + $this->_authselect = $this->prepare($dbi->getAuthParam('auth_check'), array("password", "userid")); } //NOTE: for auth_crypt_method='crypt' no special auth_user_exists is needed - if ( !$dbi->getAuthParam('auth_user_exists') + if ( !$dbi->getAuthParam('auth_user_exists') and $this->_auth_crypt_method == 'crypt' and $this->_authselect) { @@ -146,7 +146,7 @@ if (! $dbi->getAuthParam('auth_user_exists')) trigger_error(fmt("%s is missing", 'DBAUTH_AUTH_USER_EXISTS'), E_USER_WARNING); - $this->_authcheck = $this->prepare($dbi->getAuthParam('auth_user_exists'), + $this->_authcheck = $this->prepare($dbi->getAuthParam('auth_user_exists'), 'userid'); $rs = $dbh->Execute(sprintf($this->_authcheck, $dbh->qstr($this->_userid))); if (!$rs->EOF) { @@ -157,16 +157,16 @@ } } // User does not exist yet. - // Maybe the user is allowed to create himself. Generally not wanted in - // external databases, but maybe wanted for the wiki database, for performance + // Maybe the user is allowed to create himself. Generally not wanted in + // external databases, but maybe wanted for the wiki database, for performance // reasons if (empty($this->_authcreate) and $dbi->getAuthParam('auth_create')) { $this->_authcreate = $this->prepare($dbi->getAuthParam('auth_create'), array("password", "userid")); } - if (!empty($this->_authcreate) and + if (!empty($this->_authcreate) and isset($GLOBALS['HTTP_POST_VARS']['auth']) and - isset($GLOBALS['HTTP_POST_VARS']['auth']['passwd'])) + isset($GLOBALS['HTTP_POST_VARS']['auth']['passwd'])) { $passwd = $GLOBALS['HTTP_POST_VARS']['auth']['passwd']; $dbh->Execute(sprintf($this->_authcreate, @@ -174,7 +174,7 @@ $dbh->qstr($this->_userid))); return true; } - + return $this->_tryNextUser(); } @@ -205,8 +205,8 @@ E_USER_WARNING); //NOTE: for auth_crypt_method='crypt' defined('ENCRYPTED_PASSWD',true) must be set if ($this->_auth_crypt_method == 'crypt') { - $rs = $dbh->Execute(sprintf($this->_authselect, - $dbh->qstr($this->_userid))); + $rs = $dbh->Execute(sprintf($this->_authselect, + $dbh->qstr($this->_userid))); if (!$rs->EOF) { $stored_password = $rs->fields['password']; $rs->Close(); @@ -233,7 +233,7 @@ $result = !empty($okay); } - if ($result) { + if ($result) { $this->_level = WIKIAUTH_USER; return $this->_level; } elseif (USER_AUTH_POLICY === 'strict') { Modified: trunk/lib/WikiUser/BogoLogin.php =================================================================== --- trunk/lib/WikiUser/BogoLogin.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/BogoLogin.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -4,13 +4,13 @@ * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) */ -/** Without stored password. A _BogoLoginPassUser with password +/** Without stored password. A _BogoLoginPassUser with password * is automatically upgraded to a PersonalPagePassUser. */ class _BogoLoginPassUser extends _PassUser { var $_authmethod = 'BogoLogin'; - + function userExists() { if (isWikiWord($this->_userid)) { $this->_level = WIKIAUTH_BOGO; Modified: trunk/lib/WikiUser/Db.php =================================================================== --- trunk/lib/WikiUser/Db.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/Db.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -13,15 +13,15 @@ * libnss-mysql. * * We support only the SQL and ADODB backends. - * The other WikiDB backends (flat, cvs, dba, ...) should be used for pages, - * not for auth stuff. If one would like to use e.g. dba for auth, he should - * use PearDB (SQL) with the right $DBAuthParam['auth_dsn']. - * (Not supported yet, since we require SQL. SQLite would make since when + * The other WikiDB backends (flat, cvs, dba, ...) should be used for pages, + * not for auth stuff. If one would like to use e.g. dba for auth, he should + * use PearDB (SQL) with the right $DBAuthParam['auth_dsn']. + * (Not supported yet, since we require SQL. SQLite would make since when * it will come to PHP) * * @tables: user, pref * - * Preferences are handled in the parent class _PassUser, because the + * Preferences are handled in the parent class _PassUser, because the * previous classes may also use DB pref_select and pref_update. * * Flat files auth is handled by the auth method "File". @@ -31,7 +31,7 @@ { var $_authselect, $_authupdate, $_authcreate; - // This can only be called from _PassUser, because the parent class + // This can only be called from _PassUser, because the parent class // sets the auth_dbi and pref methods, before this class is initialized. function _DbPassUser($UserName='',$prefs=false) { if (!$this->_prefs) { @@ -81,7 +81,7 @@ return false; } - /* Since we properly quote the username, we allow most chars here. + /* Since we properly quote the username, we allow most chars here. Just " ; and ' is forbidden, max length: 48 as defined in the schema. */ function isValidName ($userid = false) { Modified: trunk/lib/WikiUser/EMailConfirm.php =================================================================== --- trunk/lib/WikiUser/EMailConfirm.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/EMailConfirm.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -7,7 +7,7 @@ class _EMailConfirmPassUser extends _PassUser /** - * Unconfirmed users have ANON access, + * Unconfirmed users have ANON access, * confirmed users are equal to passusers WIKIAUTH_USER. * * Users give their email at registration, phpwiki sends a link per email, @@ -16,7 +16,7 @@ * Preferences are handled in _PassUser */ { - // This can only be called from _PassUser, because the parent class + // This can only be called from _PassUser, because the parent class // sets the pref methods, before this class is initialized. function _EMailConfirmPassUser($UserName='', $prefs=false, $file='') { if (!$this->_prefs and isa($this, "_EMailPassUser")) { Modified: trunk/lib/WikiUser/Facebook.php =================================================================== --- trunk/lib/WikiUser/Facebook.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/Facebook.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -26,12 +26,12 @@ $web = new HttpClient("www.facebook.com", 80); if (DEBUG & _DEBUG_LOGIN) $web->setDebug(true); // collect cookies from http://www.facebook.com/login.php - $web->persist_cookies = true; + $web->persist_cookies = true; $web->cookie_host = 'www.facebook.com'; $firstlogin = $web->get("/login.php"); if (!$firstlogin) { if (DEBUG & (_DEBUG_LOGIN | _DEBUG_VERBOSE)) - trigger_error(sprintf(_("Facebook connect failed with %d %s"), + trigger_error(sprintf(_("Facebook connect failed with %d %s"), $web->status, $web->errormsg), E_USER_WARNING); } @@ -45,7 +45,7 @@ E_USER_WARNING); } $this->_authmethod = 'Facebook'; - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => $retval", + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => $retval", E_USER_WARNING); if ($retval) { $this->_level = WIKIAUTH_USER; @@ -62,8 +62,8 @@ E_USER_WARNING); return $this->_tryNextUser(); } - if (DEBUG & _DEBUG_LOGIN) - trigger_error(get_class($this)."::userExists => true (dummy)", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) + trigger_error(get_class($this)."::userExists => true (dummy)", E_USER_WARNING); return true; } } Modified: trunk/lib/WikiUser/File.php =================================================================== --- trunk/lib/WikiUser/File.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/File.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -15,7 +15,7 @@ { var $_file, $_may_change; - // This can only be called from _PassUser, because the parent class + // This can only be called from _PassUser, because the parent class // sets the pref methods, before this class is initialized. function _FilePassUser($UserName='', $prefs=false, $file='') { if (!$this->_prefs and isa($this, "_FilePassUser")) { @@ -29,7 +29,7 @@ if (empty($file) and defined('AUTH_USER_FILE')) $file = AUTH_USER_FILE; // same style as in main.php - include_once(dirname(__FILE__)."/../pear/File_Passwd.php"); + include_once(dirname(__FILE__)."/../pear/File_Passwd.php"); // "__PHP_Incomplete_Class" if (!empty($file) or empty($this->_file) or !isa($this->_file, "File_Passwd")) $this->_file = new File_Passwd($file, false, $file.'.lock'); @@ -37,7 +37,7 @@ return false; return $this; } - + function mayChangePass() { return $this->_may_change; } @@ -49,7 +49,7 @@ $this->_authmethod = 'File'; if (isset($this->_file->users[$this->_userid])) return true; - + return $this->_tryNextUser(); } @@ -69,7 +69,7 @@ $this->_level = WIKIAUTH_ADMIN; return $this->_level; } - + return $this->_tryNextPass($submitted_password); } @@ -78,7 +78,7 @@ return false; } if ($this->_may_change) { - $this->_file = new File_Passwd($this->_file->filename, true, + $this->_file = new File_Passwd($this->_file->filename, true, $this->_file->filename.'.lock'); $result = $this->_file->modUser($this->_userid, $submitted_password); $this->_file->close(); Modified: trunk/lib/WikiUser/Forbidden.php =================================================================== --- trunk/lib/WikiUser/Forbidden.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/Forbidden.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -4,8 +4,8 @@ * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) */ -/** - * The PassUser name gets created automatically. +/** + * The PassUser name gets created automatically. * That's why this class is empty, but must exist. */ class _ForbiddenPassUser Modified: trunk/lib/WikiUser/GForge.php =================================================================== --- trunk/lib/WikiUser/GForge.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/GForge.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -4,30 +4,30 @@ * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) */ -/** Call the gforge functions to get the username - * +/** Call the gforge functions to get the username + * */ class _GForgePassUser extends _PassUser { var $_is_external = 0; - + function _GForgePassUser($UserName='',$prefs=false) { - if ($prefs) $this->_prefs = $prefs; + if ($prefs) $this->_prefs = $prefs; if (!isset($this->_prefs->_method)) _PassUser::_PassUser($UserName); if ($UserName) $this->_userid = $UserName; $this->_authmethod = 'GForge'; - - // Is this double check really needed? + + // Is this double check really needed? // It is not expensive so we keep it for now. if ($this->userExists()) return $this; - else + else return $GLOBALS['ForbiddenUser']; } function userExists() { - global $group_id; + global $group_id; // Mapping (phpWiki vs GForge) performed is: // ANON for non logged or non member @@ -37,7 +37,7 @@ // Get project object (if error => ANON) $project =& group_get_object($group_id); - + if (!$project || !is_object($project)) { $this->_level = WIKIAUTH_ANON; return false; @@ -56,7 +56,7 @@ $member = $perm->isMember(); } - if ($member) { + if ($member) { $this->_userid = $user->getRealName(); $this->_is_external = $user->getIsExternal(); if ($perm->isAdmin()) { @@ -67,12 +67,12 @@ return $this; } } - $this->_level = WIKIAUTH_ANON; - return false; + $this->_level = WIKIAUTH_ANON; + return false; } function checkPass($submitted_password) { - return $this->userExists() + return $this->userExists() ? ($this->isAdmin() ? WIKIAUTH_ADMIN : WIKIAUTH_USER) : WIKIAUTH_ANON; } Modified: trunk/lib/WikiUser/HttpAuth.php =================================================================== --- trunk/lib/WikiUser/HttpAuth.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/HttpAuth.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -6,12 +6,12 @@ /** * We have two possibilities here. - * 1) The webserver location is already HTTP protected. Usually Basic, but also + * 1) The webserver location is already HTTP protected. Usually Basic, but also * NTLM or Digest. Then just use this username and do nothing. * 2) The webserver location is not protected, so we enforce basic HTTP Protection * by sending a 401 error and let the client display the login dialog. * This makes only sense if HttpAuth is the last method in USER_AUTH_ORDER, - * since the other methods cannot be transparently called after this enforced + * since the other methods cannot be transparently called after this enforced * external dialog. * Try the available auth methods (most likely Bogo) and sent this header back. * header('Authorization: Basic '.base64_encode("$userid:$passwd")."\r\n"; @@ -25,8 +25,8 @@ _PassUser::_PassUser($UserName); if ($UserName) $this->_userid = $UserName; $this->_authmethod = 'HttpAuth'; - - // Is this double check really needed? + + // Is this double check really needed? // It is not expensive so we keep it for now. if ($this->userExists()) { return $this; @@ -38,8 +38,8 @@ // FIXME! This doesn't work yet! // Allow httpauth by other method: Admin for now only function _fake_auth($userid, $passwd) { - return false; - + return false; + header('WWW-Authenticate: Basic realm="'.WIKI_NAME.'"'); header("Authorization: Basic ".base64_encode($userid.":".$passwd)); if (!isset($_SERVER)) @@ -53,14 +53,14 @@ function logout() { if (!isset($_SERVER)) $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; - // Maybe we should random the realm to really force a logout. + // Maybe we should random the realm to really force a logout. // But the next login will fail. // better_srand(); $realm = microtime().rand(); // TODO: On AUTH_TYPE=NTLM this will fail. Only Basic supported so far. header('WWW-Authenticate: Basic realm="'.WIKI_NAME.'"'); if (strstr(php_sapi_name(), 'apache')) - header('HTTP/1.0 401 Unauthorized'); - else + header('HTTP/1.0 401 Unauthorized'); + else header("Status: 401 Access Denied"); //IIS and CGI need that unset($GLOBALS['REMOTE_USER']); unset($_SERVER['PHP_AUTH_USER']); @@ -70,30 +70,30 @@ function _http_username() { if (!isset($_SERVER)) $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; - if (!empty($_SERVER['PHP_AUTH_USER'])) - return $_SERVER['PHP_AUTH_USER']; - if (!empty($_SERVER['REMOTE_USER'])) - return $_SERVER['REMOTE_USER']; + if (!empty($_SERVER['PHP_AUTH_USER'])) + return $_SERVER['PHP_AUTH_USER']; + if (!empty($_SERVER['REMOTE_USER'])) + return $_SERVER['REMOTE_USER']; if (!empty($GLOBALS['HTTP_ENV_VARS']['REMOTE_USER'])) - return $GLOBALS['HTTP_ENV_VARS']['REMOTE_USER']; - if (!empty($GLOBALS['REMOTE_USER'])) - return $GLOBALS['REMOTE_USER']; - // IIS + Basic - if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { - list($userid, $passwd) = explode(':', + return $GLOBALS['HTTP_ENV_VARS']['REMOTE_USER']; + if (!empty($GLOBALS['REMOTE_USER'])) + return $GLOBALS['REMOTE_USER']; + // IIS + Basic + if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { + list($userid, $passwd) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); return $userid; - } - return ''; + } + return ''; } - + // force http auth authorization function userExists() { if (!isset($_SERVER)) $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; $username = $this->_http_username(); - if (strstr($username, "\\") - and isset($_SERVER['AUTH_TYPE']) + if (strstr($username, "\\") + and isset($_SERVER['AUTH_TYPE']) and $_SERVER['AUTH_TYPE'] == 'NTLM') { // allow domain\user, change userid to domain/user @@ -103,7 +103,7 @@ } // FIXME: if AUTH_TYPE = NTLM there's a domain\\name <> domain\name mismatch if (empty($username) - or strtolower($username) != strtolower($this->_userid)) + or strtolower($username) != strtolower($this->_userid)) { $this->logout(); $user = $GLOBALS['ForbiddenUser']; @@ -113,17 +113,17 @@ //exit; } $this->_userid = $username; - // we should check if he is a member of admin, + // we should check if he is a member of admin, // because HttpAuth has its own logic. $this->_level = WIKIAUTH_USER; if ($this->isAdmin()) $this->_level = WIKIAUTH_ADMIN; return $this; } - + // ignore password, this is checked by the webservers http auth. function checkPass($submitted_password) { - return $this->userExists() + return $this->userExists() ? ($this->isAdmin() ? WIKIAUTH_ADMIN : WIKIAUTH_USER) : WIKIAUTH_ANON; } Modified: trunk/lib/WikiUser/HttpAuthUpper.php =================================================================== --- trunk/lib/WikiUser/HttpAuthUpper.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/HttpAuthUpper.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -6,13 +6,13 @@ /** * We have two possibilities here: - * 1) The webserver location is already HTTP protected. - * Usually Basic by some auth module (ldap, mysql, ...), but also NTLM or Digest. + * 1) The webserver location is already HTTP protected. + * Usually Basic by some auth module (ldap, mysql, ...), but also NTLM or Digest. * Then just use this username and do nothing. * 2) The webserver location is not protected, so we enforce basic HTTP Protection * by sending a 401 error and let the client display the login dialog. * This makes only sense if HttpAuth is the last method in USER_AUTH_ORDER, - * since the other methods cannot be transparently called after this enforced + * since the other methods cannot be transparently called after this enforced * external dialog. * Try the available auth methods (most likely Bogo) and sent this header back. * header('Authorization: Basic '.base64_encode("$userid:$passwd")."\r\n"; @@ -24,11 +24,11 @@ if ($prefs) $this->_prefs = $prefs; if (!isset($this->_prefs->_method)) _PassUser::_PassUser($UserName); - if ($UserName) + if ($UserName) $this->_userid = $UserName; $this->_authmethod = 'HttpAuthUpper'; - - // Is this double check really needed? + + // Is this double check really needed? // It is not expensive so we keep it for now. if ($this->userExists()) { return $this; @@ -40,8 +40,8 @@ // FIXME! This doesn't work yet! // Allow httpauth by other method: Admin for now only function _fake_auth($userid, $passwd) { - return false; - + return false; + header('WWW-Authenticate: Basic realm="'.WIKI_NAME.'"'); header("Authorization: Basic ".base64_encode($userid.":".$passwd)); if (!isset($_SERVER)) @@ -55,14 +55,14 @@ function logout() { if (!isset($_SERVER)) $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; - // Maybe we should random the realm to really force a logout. + // Maybe we should random the realm to really force a logout. // But the next login will fail. // better_srand(); $realm = microtime().rand(); // TODO: On AUTH_TYPE=NTLM this will fail. Only Basic supported so far. header('WWW-Authenticate: Basic realm="'.WIKI_NAME.'"'); if (strstr(php_sapi_name(), 'apache')) - header('HTTP/1.0 401 Unauthorized'); - else + header('HTTP/1.0 401 Unauthorized'); + else header("Status: 401 Access Denied"); //IIS and CGI need that unset($GLOBALS['REMOTE_USER']); unset($_SERVER['PHP_AUTH_USER']); @@ -72,38 +72,38 @@ function _http_username() { if (!isset($_SERVER)) $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; - if (!empty($_SERVER['PHP_AUTH_USER'])) - return $_SERVER['PHP_AUTH_USER']; - if (!empty($_SERVER['REMOTE_USER'])) - return $_SERVER['REMOTE_USER']; + if (!empty($_SERVER['PHP_AUTH_USER'])) + return $_SERVER['PHP_AUTH_USER']; + if (!empty($_SERVER['REMOTE_USER'])) + return $_SERVER['REMOTE_USER']; if (!empty($GLOBALS['HTTP_ENV_VARS']['REMOTE_USER'])) - return $GLOBALS['HTTP_ENV_VARS']['REMOTE_USER']; - if (!empty($GLOBALS['REMOTE_USER'])) - return $GLOBALS['REMOTE_USER']; - // IIS + Basic - if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { - list($userid, $passwd) = explode(':', + return $GLOBALS['HTTP_ENV_VARS']['REMOTE_USER']; + if (!empty($GLOBALS['REMOTE_USER'])) + return $GLOBALS['REMOTE_USER']; + // IIS + Basic + if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { + list($userid, $passwd) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); return $userid; - } - return ''; + } + return ''; } // special: force upcase username function UserName() { if (!empty($this->_userid)) { - $this->_userid = strtoupper($this->_userid); + $this->_userid = strtoupper($this->_userid); return strtoupper($this->_userid); - } + } } - + // force http auth authorization function userExists() { if (!isset($_SERVER)) $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; $username = strtoupper($this->_http_username()); - if (strstr($username, "\\") - and isset($_SERVER['AUTH_TYPE']) + if (strstr($username, "\\") + and isset($_SERVER['AUTH_TYPE']) and $_SERVER['AUTH_TYPE'] == 'NTLM') { // allow domain\user, change userid to domain/user @@ -113,7 +113,7 @@ } // FIXME: if AUTH_TYPE = NTLM there's a domain\\name <> domain\name mismatch if (empty($username) - or strtolower($username) != strtolower($this->_userid)) + or strtolower($username) != strtolower($this->_userid)) { $this->logout(); $user = $GLOBALS['ForbiddenUser']; @@ -123,17 +123,17 @@ //exit; } $this->_userid = strtoupper($username); - // we should check if he is a member of admin, + // we should check if he is a member of admin, // because HttpAuth has its own logic. $this->_level = WIKIAUTH_USER; if ($this->isAdmin()) $this->_level = WIKIAUTH_ADMIN; return $this; } - + // ignore password, this is checked by the webservers http auth. function checkPass($submitted_password) { - return $this->userExists() + return $this->userExists() ? ($this->isAdmin() ? WIKIAUTH_ADMIN : WIKIAUTH_USER) : WIKIAUTH_ANON; } Modified: trunk/lib/WikiUser/IMAP.php =================================================================== --- trunk/lib/WikiUser/IMAP.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/IMAP.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -14,12 +14,12 @@ { function checkPass($submitted_password) { if (!$this->isValidName()) { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => failed isValidName", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => failed isValidName", E_USER_WARNING); trigger_error(_("Invalid username."),E_USER_WARNING); return $this->_tryNextPass($submitted_password); } if (!$this->_checkPassLength($submitted_password)) { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => failed checkPassLength", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => failed checkPassLength", E_USER_WARNING); return WIKIAUTH_FORBIDDEN; } $userid = $this->_userid; @@ -28,16 +28,16 @@ if ($mbox) { imap_close($mbox); $this->_authmethod = 'IMAP'; - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => ok", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => ok", E_USER_WARNING); $this->_level = WIKIAUTH_USER; return $this->_level; } else { if ($submitted_password != "") { // if LENGTH 0 is allowed - trigger_error(_("Unable to connect to IMAP server "). IMAP_AUTH_HOST, + trigger_error(_("Unable to connect to IMAP server "). IMAP_AUTH_HOST, E_USER_WARNING); } } - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => wrong", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => wrong", E_USER_WARNING); return $this->_tryNextPass($submitted_password); } @@ -47,15 +47,15 @@ return true; if ($this->checkPass($this->_prefs->get('passwd'))) { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::userExists => true (pass ok)", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::userExists => true (pass ok)", E_USER_WARNING); return true; - } - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::userExists => false (pass wrong)", E_USER_WARNING); + } + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::userExists => false (pass wrong)", E_USER_WARNING); return $this->_tryNextUser(); } function mayChangePass() { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::mayChangePass => false", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::mayChangePass => false", E_USER_WARNING); return false; } } Modified: trunk/lib/WikiUser/LDAP.php =================================================================== --- trunk/lib/WikiUser/LDAP.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/LDAP.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -29,15 +29,15 @@ if (LDAP_AUTH_USER) if (LDAP_AUTH_PASSWORD) // Windows Active Directory Server is strict - $r = ldap_bind($this->_ldap, LDAP_AUTH_USER, LDAP_AUTH_PASSWORD); + $r = ldap_bind($this->_ldap, LDAP_AUTH_USER, LDAP_AUTH_PASSWORD); else - $r = ldap_bind($this->_ldap, LDAP_AUTH_USER); + $r = ldap_bind($this->_ldap, LDAP_AUTH_USER); else $r = true; // anonymous bind allowed if (!$r) { $this->_free(); trigger_error(sprintf(_("Unable to bind LDAP server %s using %s %s"), - LDAP_AUTH_HOST, LDAP_AUTH_USER, LDAP_AUTH_PASSWORD), + LDAP_AUTH_HOST, LDAP_AUTH_USER, LDAP_AUTH_PASSWORD), E_USER_WARNING); return false; } @@ -47,7 +47,7 @@ } } - /** + /** * free and close the bound ressources */ function _free() { @@ -58,7 +58,7 @@ } /** - * LDAP names allow all chars but "*", "(", ")", "\", "NUL". + * LDAP names allow all chars but "*", "(", ")", "\", "NUL". * " should be quoted as \" * Quoting is done by \xx (two-digit hexcode). "*" <=> "2円a" * Non-ascii chars must be converted to utf-8. @@ -67,15 +67,15 @@ * @see http://www.faqs.org/rfcs/rfc4514.html LDAP String Representation of Distinguished Names */ function _stringEscape($name) { - $name = strtr(utf8_encode($name), - array("*" => "\2円a", - "?" => "\3円f", - "(" => "\28円", - ")" => "\29円", - "\\" => "\5円c", - '"' => '\"', - "0円" => "\00円")); - return $name; + $name = strtr(utf8_encode($name), + array("*" => "\2円a", + "?" => "\3円f", + "(" => "\28円", + ")" => "\29円", + "\\" => "\5円c", + '"' => '\"', + "0円" => "\00円")); + return $name; } /** @@ -84,7 +84,7 @@ */ function isValidName ($userid = false) { if (!$userid) $userid = $this->_userid; - // We are more restrictive here, but must allow explitly utf-8 + // We are more restrictive here, but must allow explitly utf-8 return preg_match("/^[\-\w_\.@ ]+$/u", $userid) and strlen($userid) < 64; } @@ -98,20 +98,20 @@ * @see http://www.faqs.org/rfcs/rfc4514.html LDAP String Representation of Distinguished Names */ function _searchparam($userid) { - $euserid = $this->_stringEscape($userid); - // Need to set the right root search information. See config/config.ini - if (LDAP_SEARCH_FILTER) { - $st_search = str_replace("\$userid", $euserid, LDAP_SEARCH_FILTER); - } else { - $st_search = LDAP_SEARCH_FIELD - ? LDAP_SEARCH_FIELD."=$euserid" - : "uid=$euserid"; - } - return $st_search; + $euserid = $this->_stringEscape($userid); + // Need to set the right root search information. See config/config.ini + if (LDAP_SEARCH_FILTER) { + $st_search = str_replace("\$userid", $euserid, LDAP_SEARCH_FILTER); + } else { + $st_search = LDAP_SEARCH_FIELD + ? LDAP_SEARCH_FIELD."=$euserid" + : "uid=$euserid"; + } + return $st_search; } /** - * Passwords must not be escaped, but sent as "stringprep"'ed utf-8. + * Passwords must not be escaped, but sent as "stringprep"'ed utf-8. * * @see http://www.faqs.org/rfcs/rfc4514.html LDAP String Representation of Distinguished Names * @see http://www.faqs.org/rfcs/rfc3454.html stringprep @@ -119,7 +119,7 @@ function checkPass($submitted_password) { $this->_authmethod = 'LDAP'; - $this->_userid = trim($this->_userid); + $this->_userid = trim($this->_userid); $userid = $this->_userid; if (!$this->isValidName()) { trigger_error(_("Invalid username."), E_USER_WARNING); @@ -130,32 +130,32 @@ $this->_free(); return WIKIAUTH_FORBIDDEN; } - // A LDAP speciality: Empty passwords are always true for ldap_bind !!! - // So we have to disallow this regardless of PASSWORD_LENGTH_MINIMUM = 0 + // A LDAP speciality: Empty passwords are always true for ldap_bind !!! + // So we have to disallow this regardless of PASSWORD_LENGTH_MINIMUM = 0 if (strlen($submitted_password) == 0) { trigger_error(_("Empty password not allowed for LDAP"), E_USER_WARNING); $this->_free(); - return $this->_tryNextPass($submitted_password); - //return WIKIAUTH_FORBIDDEN; + return $this->_tryNextPass($submitted_password); + //return WIKIAUTH_FORBIDDEN; } /*if (strstr($userid,'*')) { // should be safely escaped now - trigger_error(fmt("Invalid username '%s' for LDAP Auth", $userid), + trigger_error(fmt("Invalid username '%s' for LDAP Auth", $userid), E_USER_WARNING); return WIKIAUTH_FORBIDDEN; - }*/ + }*/ if ($ldap = $this->_init()) { - $st_search = $this->_searchparam($userid); + $st_search = $this->_searchparam($userid); if (!$this->_sr = ldap_search($ldap, LDAP_BASE_DN, $st_search)) { - trigger_error(_("Could not search in LDAP"), E_USER_WARNING); - $this->_free(); + trigger_error(_("Could not search in LDAP"), E_USER_WARNING); + $this->_free(); return $this->_tryNextPass($submitted_password); } - $info = ldap_get_entries($ldap, $this->_sr); + $info = ldap_get_entries($ldap, $this->_sr); if (empty($info["count"])) { - if (DEBUG) - trigger_error(_("User not found in LDAP"), E_USER_WARNING); - $this->_free(); + if (DEBUG) + trigger_error(_("User not found in LDAP"), E_USER_WARNING); + $this->_free(); return $this->_tryNextPass($submitted_password); } // There may be more hits with this userid. @@ -163,69 +163,69 @@ for ($i = 0; $i < $info["count"]; $i++) { $dn = $info[$i]["dn"]; // The password must be converted to utf-8, but unescaped. - // On wrong password the ldap server will return: + // On wrong password the ldap server will return: // "Unable to bind to server: Server is unwilling to perform" // The @ catches this error message. - // If CHARSET=utf-8 the form should have already converted it to utf-8. + // If CHARSET=utf-8 the form should have already converted it to utf-8. if ($r = @ldap_bind($ldap, $dn, $submitted_password)) { // ldap_bind will return TRUE if everything matches - // Optionally get the mail from LDAP - if (!empty($info[$i]["mail"][0])) { - $this->_prefs->_prefs['email']->default_value = $info[$i]["mail"][0]; - } - $this->_free(); + // Optionally get the mail from LDAP + if (!empty($info[$i]["mail"][0])) { + $this->_prefs->_prefs['email']->default_value = $info[$i]["mail"][0]; + } + $this->_free(); $this->_level = WIKIAUTH_USER; return $this->_level; } else { - // Try again, this time explicitly - if ($r = @ldap_bind($ldap, $dn, utf8_encode($submitted_password))) { - if (!empty($info[$i]["mail"][0])) { - $this->_prefs->_prefs['email']->default_value = $info[$i]["mail"][0]; - } - $this->_free(); - $this->_level = WIKIAUTH_USER; - return $this->_level; - } - } + // Try again, this time explicitly + if ($r = @ldap_bind($ldap, $dn, utf8_encode($submitted_password))) { + if (!empty($info[$i]["mail"][0])) { + $this->_prefs->_prefs['email']->default_value = $info[$i]["mail"][0]; + } + $this->_free(); + $this->_level = WIKIAUTH_USER; + return $this->_level; + } + } } - if (DEBUG) - trigger_error(_("Wrong password: ") . - str_repeat("*", strlen($submitted_password)), - E_USER_WARNING); + if (DEBUG) + trigger_error(_("Wrong password: ") . + str_repeat("*", strlen($submitted_password)), + E_USER_WARNING); $this->_free(); } else { $this->_free(); - trigger_error(fmt("Could not connect to LDAP host %s", LDAP_AUTH_HOST), E_USER_WARNING); - } + trigger_error(fmt("Could not connect to LDAP host %s", LDAP_AUTH_HOST), E_USER_WARNING); + } return $this->_tryNextPass($submitted_password); } function userExists() { - $this->_userid = trim($this->_userid); + $this->_userid = trim($this->_userid); $userid = $this->_userid; if (strstr($userid, '*')) { trigger_error(fmt("Invalid username '%s' for LDAP Auth", $userid), E_USER_WARNING); return false; - } + } if ($ldap = $this->_init()) { // Need to set the right root search information. see ../index.php - $st_search = $this->_searchparam($userid); + $st_search = $this->_searchparam($userid); if (!$this->_sr = ldap_search($ldap, LDAP_BASE_DN, $st_search)) { - $this->_free(); - return $this->_tryNextUser(); + $this->_free(); + return $this->_tryNextUser(); } - $info = ldap_get_entries($ldap, $this->_sr); + $info = ldap_get_entries($ldap, $this->_sr); if ($info["count"] > 0) { - $this->_free(); - UpgradeUser($GLOBALS['ForbiddenUser'], $this); + $this->_free(); + UpgradeUser($GLOBALS['ForbiddenUser'], $this); return true; } } - $this->_free(); + $this->_free(); return $this->_tryNextUser(); } Modified: trunk/lib/WikiUser/LdapUpper.php =================================================================== --- trunk/lib/WikiUser/LdapUpper.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/LdapUpper.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -16,22 +16,22 @@ { function checkPass($submitted_password) { - return parent::checkPass($submitted_password); + return parent::checkPass($submitted_password); } function UserName() { if (!empty($this->_userid)) { - $this->_userid = trim(strtoupper($this->_userid)); - if (!empty($this->_HomePagehandle) and is_object($this->_HomePagehandle)) - $this->_HomePagehandle->_pagename = $this->_userid; + $this->_userid = trim(strtoupper($this->_userid)); + if (!empty($this->_HomePagehandle) and is_object($this->_HomePagehandle)) + $this->_HomePagehandle->_pagename = $this->_userid; return strtoupper($this->_userid); - } + } } function userExists() { - // lowercase check and uppercase visibility - $this->_userid = trim(strtoupper($this->_userid)); - return parent::userExists(); + // lowercase check and uppercase visibility + $this->_userid = trim(strtoupper($this->_userid)); + return parent::userExists(); } } Modified: trunk/lib/WikiUser/OpenID.php =================================================================== --- trunk/lib/WikiUser/OpenID.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/OpenID.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -12,7 +12,7 @@ * Preferences are handled in _PassUser */ { - // This can only be called from _PassUser, because the parent class + // This can only be called from _PassUser, because the parent class // sets the pref methods, before this class is initialized. function _OpenIDPassUser($UserName='', $prefs=false, $file='') { if (!$this->_prefs and isa($this, "_OpenIDPassUser")) { Modified: trunk/lib/WikiUser/POP3.php =================================================================== --- trunk/lib/WikiUser/POP3.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/POP3.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -15,11 +15,11 @@ function checkPass($submitted_password) { if (!$this->isValidName()) { trigger_error(_("Invalid username."), E_USER_WARNING); - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => failed isValidName", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => failed isValidName", E_USER_WARNING); return $this->_tryNextPass($submitted_password); } if (!$this->_checkPassLength($submitted_password)) { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => failed checkPassLength", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => failed checkPassLength", E_USER_WARNING); return WIKIAUTH_FORBIDDEN; } $userid = $this->_userid; @@ -62,7 +62,7 @@ E_USER_WARNING); } $this->_authmethod = 'POP3'; - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => $retval", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => $retval", E_USER_WARNING); if ($retval) { $this->_level = WIKIAUTH_USER; } else { @@ -72,7 +72,7 @@ } function __userExists() { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::userExists => true (dummy)", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::userExists => true (dummy)", E_USER_WARNING); return true; } } Modified: trunk/lib/WikiUser/PdoDb.php =================================================================== --- trunk/lib/WikiUser/PdoDb.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/PdoDb.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -31,14 +31,14 @@ return false; } $this->_userid = $UserName; - // make use of session data. generally we only initialize this every time, + // make use of session data. generally we only initialize this every time, // but do auth checks only once $this->_auth_crypt_method = $GLOBALS['request']->_dbi->getAuthParam('auth_crypt_method'); return $this; } function getPreferences() { - // override the generic slow method here for efficiency and not to + // override the generic slow method here for efficiency and not to // clutter the homepage metadata with prefs. _AnonUser::getPreferences(); $this->getAuthDbh(); @@ -47,7 +47,7 @@ $db_result = $dbh->query(sprintf($this->_prefs->_select, $dbh->quote($this->_userid))); // patched by fre...@pa... $prefs = $db_result->fetch(PDO_FETCH_BOTH); - $prefs_blob = @$prefs["prefs"]; + $prefs_blob = @$prefs["prefs"]; if ($restored_from_db = $this->_prefs->retrieve($prefs_blob)) { $updated = $this->_prefs->updatePrefs($restored_from_db); //$this->_prefs = new UserPreferences($restored_from_db); @@ -116,7 +116,7 @@ } } //NOTE: for auth_crypt_method='crypt' no special auth_user_exists is needed - if ( !$dbi->getAuthParam('auth_user_exists') + if ( !$dbi->getAuthParam('auth_user_exists') and $this->_auth_crypt_method == 'crypt' and $this->_authselect) { @@ -142,8 +142,8 @@ return true; } // User does not exist yet. - // Maybe the user is allowed to create himself. Generally not wanted in - // external databases, but maybe wanted for the wiki database, for performance + // Maybe the user is allowed to create himself. Generally not wanted in + // external databases, but maybe wanted for the wiki database, for performance // reasons if (empty($this->_authcreate) and $dbi->getAuthParam('auth_create')) { try { @@ -154,9 +154,9 @@ return false; } } - if (!empty($this->_authcreate) and + if (!empty($this->_authcreate) and isset($GLOBALS['HTTP_POST_VARS']['auth']) and - isset($GLOBALS['HTTP_POST_VARS']['auth']['passwd'])) + isset($GLOBALS['HTTP_POST_VARS']['auth']['passwd'])) { $passwd = $GLOBALS['HTTP_POST_VARS']['auth']['passwd']; try { @@ -173,7 +173,7 @@ } return $this->_tryNextUser(); } - + function checkPass($submitted_password) { //global $DBAuthParams; $this->getAuthDbh(); Modified: trunk/lib/WikiUser/PearDb.php =================================================================== --- trunk/lib/WikiUser/PearDb.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/PearDb.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -28,14 +28,14 @@ return false; } $this->_userid = $UserName; - // make use of session data. generally we only initialize this every time, + // make use of session data. generally we only initialize this every time, // but do auth checks only once $this->_auth_crypt_method = $GLOBALS['request']->_dbi->getAuthParam('auth_crypt_method'); return $this; } function getPreferences() { - // override the generic slow method here for efficiency and not to + // override the generic slow method here for efficiency and not to // clutter the homepage metadata with prefs. _AnonUser::getPreferences(); $this->getAuthDbh(); @@ -44,7 +44,7 @@ $db_result = $dbh->query(sprintf($this->_prefs->_select, $dbh->quote($this->_userid))); // patched by fre...@pa... $prefs = $db_result->fetchRow(); - $prefs_blob = @$prefs["prefs"]; + $prefs_blob = @$prefs["prefs"]; if ($restored_from_db = $this->_prefs->retrieve($prefs_blob)) { $updated = $this->_prefs->updatePrefs($restored_from_db); //$this->_prefs = new UserPreferences($restored_from_db); @@ -74,25 +74,25 @@ $packed = $this->_prefs->store(); if (!$id_only and isset($this->_prefs->_update)) { $dbh = &$this->_auth_dbi; - // check if the user already exists (not needed with mysql REPLACE) - $db_result = $dbh->query(sprintf($this->_prefs->_select, - $dbh->quote($this->_userid))); - $prefs = $db_result->fetchRow(); - $prefs_blob = @$prefs["prefs"]; - // If there are prefs for the user, update them. - if($prefs_blob != "" ){ - $dbh->simpleQuery(sprintf($this->_prefs->_update, - $dbh->quote($packed), - $dbh->quote($this->_userid))); - } else { - // Otherwise, insert a record for them and set it to the defaults. - // jo...@de... - $dbi = $GLOBALS['request']->getDbh(); - $this->_prefs->_insert = $this->prepare($dbi->getAuthParam('pref_insert'), - array("pref_blob", "userid")); - $dbh->simpleQuery(sprintf($this->_prefs->_insert, - $dbh->quote($packed), $dbh->quote($this->_userid))); - } + // check if the user already exists (not needed with mysql REPLACE) + $db_result = $dbh->query(sprintf($this->_prefs->_select, + $dbh->quote($this->_userid))); + $prefs = $db_result->fetchRow(); + $prefs_blob = @$prefs["prefs"]; + // If there are prefs for the user, update them. + if($prefs_blob != "" ){ + $dbh->simpleQuery(sprintf($this->_prefs->_update, + $dbh->quote($packed), + $dbh->quote($this->_userid))); + } else { + // Otherwise, insert a record for them and set it to the defaults. + // jo...@de... + $dbi = $GLOBALS['request']->getDbh(); + $this->_prefs->_insert = $this->prepare($dbi->getAuthParam('pref_insert'), + array("pref_blob", "userid")); + $dbh->simpleQuery(sprintf($this->_prefs->_insert, + $dbh->quote($packed), $dbh->quote($this->_userid))); + } //delete pageprefs: if ($this->_HomePagehandle and $this->_HomePagehandle->get('pref')) $this->_HomePagehandle->set('pref', ''); @@ -120,13 +120,13 @@ $dbi =& $GLOBALS['request']->_dbi; // Prepare the configured auth statements if ($dbi->getAuthParam('auth_check') and empty($this->_authselect)) { - $this->_authselect = $this->prepare($dbi->getAuthParam('auth_check'), + $this->_authselect = $this->prepare($dbi->getAuthParam('auth_check'), array("password", "userid")); } //NOTE: for auth_crypt_method='crypt' no special auth_user_exists is needed - if (!$dbi->getAuthParam('auth_user_exists') - and $this->_auth_crypt_method == 'crypt' - and $this->_authselect) + if (!$dbi->getAuthParam('auth_user_exists') + and $this->_auth_crypt_method == 'crypt' + and $this->_authselect) { $rs = $dbh->query(sprintf($this->_authselect, $dbh->quote($this->_userid))); if ($rs->numRows()) @@ -142,16 +142,16 @@ return true; } // User does not exist yet. - // Maybe the user is allowed to create himself. Generally not wanted in - // external databases, but maybe wanted for the wiki database, for performance + // Maybe the user is allowed to create himself. Generally not wanted in + // external databases, but maybe wanted for the wiki database, for performance // reasons if (empty($this->_authcreate) and $dbi->getAuthParam('auth_create')) { $this->_authcreate = $this->prepare($dbi->getAuthParam('auth_create'), array("password", "userid")); } - if (!empty($this->_authcreate) and + if (!empty($this->_authcreate) and isset($GLOBALS['HTTP_POST_VARS']['auth']) and - isset($GLOBALS['HTTP_POST_VARS']['auth']['passwd'])) + isset($GLOBALS['HTTP_POST_VARS']['auth']['passwd'])) { $passwd = $GLOBALS['HTTP_POST_VARS']['auth']['passwd']; $dbh->simpleQuery(sprintf($this->_authcreate, @@ -161,7 +161,7 @@ } return $this->_tryNextUser(); } - + function checkPass($submitted_password) { //global $DBAuthParams; $this->getAuthDbh(); Modified: trunk/lib/WikiUser/PersonalPage.php =================================================================== --- trunk/lib/WikiUser/PersonalPage.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/PersonalPage.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -13,7 +13,7 @@ { var $_authmethod = 'PersonalPage'; - /* Very loose checking, since we properly quote the PageName. + /* Very loose checking, since we properly quote the PageName. Just trim spaces, ... See lib/stdlib.php */ function isValidName ($userid = false) { @@ -27,14 +27,14 @@ } /** A PersonalPagePassUser requires PASSWORD_LENGTH_MINIMUM. - * BUT if the user already has a homepage with an empty password + * BUT if the user already has a homepage with an empty password * stored, allow login but warn him to change it. */ function checkPass($submitted_password) { if ($this->userExists()) { $stored_password = $this->_prefs->get('passwd'); if (empty($stored_password)) { - if (PASSWORD_LENGTH_MINIMUM > 0) { + if (PASSWORD_LENGTH_MINIMUM > 0) { trigger_error(sprintf( _("PersonalPage login method:")."\n". _("You stored an empty password in your '%s' page.")."\n". @@ -42,8 +42,8 @@ _("Please set a password in UserPreferences."), $this->_userid), E_USER_WARNING); $this->_level = WIKIAUTH_BOGO; - } else { - if (!empty($submitted_password)) + } else { + if (!empty($submitted_password)) trigger_error(sprintf( _("PersonalPage login method:")."\n". _("You stored an empty password in your '%s' page.")."\n". @@ -51,7 +51,7 @@ _("Please set a password in UserPreferences."), $this->_userid), E_USER_WARNING); $this->_level = WIKIAUTH_USER; - } + } return $this->_level; } if ($this->_checkPass($submitted_password, $stored_password)) Modified: trunk/lib/WikiUser/Session.php =================================================================== --- trunk/lib/WikiUser/Session.php 2010年02月10日 13:43:16 UTC (rev 7300) +++ trunk/lib/WikiUser/Session.php 2010年03月04日 10:30:39 UTC (rev 7301) @@ -4,9 +4,9 @@ * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) */ -/** +/** * Support reuse of existing user session from another application. - * You have to define which session variable holds the userid, and + * You have to define which session variable holds the userid, and * at what level is that user then. 1: BogoUser, 2: PassUser * define('AUTH_SESS_USER','userid'); * define('AUTH_SESS_LEVEL',2); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 7505 http://phpwiki.svn.sourceforge.net/phpwiki/?rev=7505&view=rev Author: rurban Date: 2010年06月09日 08:47:52 +0000 (2010年6月09日) Log Message: ----------- unify PECL error message add more OpenID fragments from Zend Modified Paths: -------------- trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/OpenID.php Modified: trunk/lib/WikiUser/Facebook.php =================================================================== --- trunk/lib/WikiUser/Facebook.php 2010年06月09日 08:46:45 UTC (rev 7504) +++ trunk/lib/WikiUser/Facebook.php 2010年06月09日 08:47:52 UTC (rev 7505) @@ -19,8 +19,10 @@ function checkPass($password) { $userid = $this->_userid; if (!loadPhpExtension('openssl')) { - trigger_error(_("The PECL openssl extension cannot be loaded. Facebook AUTH ignored."), - E_USER_WARNING); + trigger_error( + (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") + . sprintf(_(" %s AUTH ignored."), 'Facebook'), + E_USER_WARNING); return $this->_tryNextUser(); } $web = new HttpClient("www.facebook.com", 80); @@ -58,8 +60,10 @@ // TODO: msearch facebook for the username function userExists() { if (!loadPhpExtension('openssl')) { - trigger_error(_("The PECL openssl extension cannot be loaded. Facebook AUTH ignored."), - E_USER_WARNING); + trigger_error( + (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") + . sprintf(_(" %s AUTH ignored."), 'Facebook'), + E_USER_WARNING); return $this->_tryNextUser(); } if (DEBUG & _DEBUG_LOGIN) Modified: trunk/lib/WikiUser/OpenID.php =================================================================== --- trunk/lib/WikiUser/OpenID.php 2010年06月09日 08:46:45 UTC (rev 7504) +++ trunk/lib/WikiUser/OpenID.php 2010年06月09日 08:47:52 UTC (rev 7505) @@ -1,36 +1,229 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2007,2009 ReiniUrban +/* Copyright (C) 2010 ReiniUrban + * Zend_OpenId_Consumer parts from Zend licensed under + * http://framework.zend.com/license/new-bsd * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) * + * This is not yet finished. We do not want to use zend extensions. + * * See http://openid.net/specs/openid-authentication-1_1.html */ +// requires the openssl extension +require_once("lib/HttpClient.php"); + class _OpenIDPassUser extends _PassUser /** * Preferences are handled in _PassUser */ { - // This can only be called from _PassUser, because the parent class - // sets the pref methods, before this class is initialized. - function _OpenIDPassUser($UserName='', $prefs=false, $file='') { - if (!$this->_prefs and isa($this, "_OpenIDPassUser")) { - if ($prefs) $this->_prefs = $prefs; - if (!isset($this->_prefs->_method)) - _PassUser::_PassUser($UserName); + /** + * Verifies authentication response from OpenID server. + * + * This is the second step of OpenID authentication process. + * The function returns true on successful authentication and false on + * failure. + * + * @param array $params HTTP query data from OpenID server + * @param string &$identity this argument is set to end-user's claimed + * identifier or OpenID provider local identifier. + * @param mixed $extensions extension object or array of extensions objects + * @return bool + */ + function verify($params, &$identity = "", $extensions = null) { + $version = 1.1; + $this->_setError(""); + if (isset($params['openid_ns']) && + $params['openid_ns'] == $NS_2_0) { // global session var + $version = 2.0; } - $this->_userid = $UserName; - return $this; + if (isset($params["openid_claimed_id"])) { + $identity = $params["openid_claimed_id"]; + } else if (isset($params["openid_identity"])){ + $identity = $params["openid_identity"]; + } else { + $identity = ""; + } + + if ($version < 2.0 && !isset($params["openid_claimed_id"])) { + global $request; + $session = $request->getSessionVar('openid'); + if (!$session) { + $request->setSessionVar('openid', array()); + } + if ($session['identity'] == $identity) { + $identity = $session['claimed_id']; + } + } + if (empty($params['openid_return_to'])) { + $this->_setError("Missing openid.return_to"); + return false; + } + if (empty($params['openid_signed'])) { + $this->_setError("Missing openid.signed"); + return false; + } + if (empty($params['openid_sig'])) { + $this->_setError("Missing openid.sig"); + return false; + } + if (empty($params['openid_mode'])) { + $this->_setError("Missing openid.mode"); + return false; + } + if ($params['openid_mode'] != 'id_res') { + $this->_setError("Wrong openid.mode '".$params['openid_mode']."' != 'id_res'"); + return false; + } + if (empty($params['openid_assoc_handle'])) { + $this->_setError("Missing openid.assoc_handle"); + return false; + } } + + /** + * Performs check of OpenID identity. + * + * This is the first step of OpenID authentication process. + * On success the function does not return (it does HTTP redirection to + * server and exits). On failure it returns false. + * + * @param bool $immediate enables or disables interaction with user + * @param string $id OpenID identity + * @param string $returnTo HTTP URL to redirect response from server to + * @param string $root HTTP URL to identify consumer on server + * @param mixed $extensions extension object or array of extensions objects + * @param Zend_Controller_Response_Abstract $response an optional response + * object to perform HTTP or HTML form redirection + * @return bool + */ + function _checkId($immediate, $id, $returnTo=null, $root=null, + $extensions=null, $response = null) { + $this->_setError(''); + /*if (!Zend_OpenId::normalize($id)) { + $this->_setError("Normalisation failed"); + return false; + }*/ + $claimedId = $id; + + if (!$this->_discovery($id, $server, $version)) { + $this->_setError("Discovery failed"); + return false; + } + if (!$this->_associate($server, $version)) { + $this->_setError("Association failed"); + return false; + } + if (!$this->_getAssociation( + $server, + $handle, + $macFunc, + $secret, + $expires)) { + /* Use dumb mode */ + unset($handle); + unset($macFunc); + unset($secret); + unset($expires); + } + + $params = array(); + if ($version >= 2.0) { + //$params['openid.ns'] = Zend_OpenId::NS_2_0; + } + + $params['openid.mode'] = $immediate ? + 'checkid_immediate' : 'checkid_setup'; + + $params['openid.identity'] = $id; + + $params['openid.claimed_id'] = $claimedId; + + if ($version <= 2.0) { + global $request; + $session = $request->getSessionVar('openid'); + $request->setSessionVar('identity', $id); + $request->setSessionVar('claimed_id', $claimedId); + } + + if (isset($handle)) { + $params['openid.assoc_handle'] = $handle; + } + + //$params['openid.return_to'] = Zend_OpenId::absoluteUrl($returnTo); + + // See lib/WikiUser/FaceBook.php how to handle http requests + $web = new HttpClient("$server", 80); + if (DEBUG & _DEBUG_LOGIN) $web->setDebug(true); + + if (empty($root)) { + //$root = Zend_OpenId::selfUrl(); + if ($root[strlen($root)-1] != '/') { + $root = dirname($root); + } + } + if ($version >= 2.0) { + $params['openid.realm'] = $root; + } else { + $params['openid.trust_root'] = $root; + } + + /*if (!Zend_OpenId_Extension::forAll($extensions, 'prepareRequest', $params)) { + $this->_setError("Extension::prepareRequest failure"); + return false; + } + */ + + //Zend_OpenId::redirect($server, $params, $response); + return true; + } + + function _setError($message) { + $this->_error = $message; + } + + function checkPass($password) { + $userid = $this->_userid; + if (!loadPhpExtension('openssl')) { + trigger_error( + (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") + . sprintf(_(" %s AUTH ignored."), 'OpenID'), + E_USER_WARNING); + return $this->_tryNextUser(); + } + + $retval = $this->_checkId(false, $id, $returnTo, $root, $extensions, $response); + $this->_authmethod = 'OpenID'; + if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this)."::checkPass => $retval", + E_USER_WARNING); + if ($retval) { + $this->_level = WIKIAUTH_USER; + } else { + $this->_level = WIKIAUTH_ANON; + } + return $this->_level; + } + + /* do nothing. the login/redirect is done in checkPass */ function userExists() { if (!$this->isValidName($this->_userid)) { return $this->_tryNextUser(); } - $this->_authmethod = 'OpenID'; - return $this->_tryNextUser(); + if (!loadPhpExtension('openssl')) { + trigger_error + (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") + . sprintf(_(" %s AUTH ignored."), 'OpenID'), + E_USER_WARNING); + return $this->_tryNextUser(); + } + if (DEBUG & _DEBUG_LOGIN) + trigger_error(get_class($this)."::userExists => true (dummy)", E_USER_WARNING); + return true; } + // no quotes and shorter than 128 function isValidName() { if (!$this->_userid) return false; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 7513 http://phpwiki.svn.sourceforge.net/phpwiki/?rev=7513&view=rev Author: vargenau Date: 2010年06月09日 15:17:58 +0000 (2010年6月09日) Log Message: ----------- Fix syntax errors Modified Paths: -------------- trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/OpenID.php Modified: trunk/lib/WikiUser/Facebook.php =================================================================== --- trunk/lib/WikiUser/Facebook.php 2010年06月09日 12:26:11 UTC (rev 7512) +++ trunk/lib/WikiUser/Facebook.php 2010年06月09日 15:17:58 UTC (rev 7513) @@ -20,7 +20,7 @@ $userid = $this->_userid; if (!loadPhpExtension('openssl')) { trigger_error( - (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") + sprintf(_("The PECL %s extension cannot be loaded."), "openssl") . sprintf(_(" %s AUTH ignored."), 'Facebook'), E_USER_WARNING); return $this->_tryNextUser(); @@ -61,7 +61,7 @@ function userExists() { if (!loadPhpExtension('openssl')) { trigger_error( - (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") + sprintf(_("The PECL %s extension cannot be loaded."), "openssl") . sprintf(_(" %s AUTH ignored."), 'Facebook'), E_USER_WARNING); return $this->_tryNextUser(); Modified: trunk/lib/WikiUser/OpenID.php =================================================================== --- trunk/lib/WikiUser/OpenID.php 2010年06月09日 12:26:11 UTC (rev 7512) +++ trunk/lib/WikiUser/OpenID.php 2010年06月09日 15:17:58 UTC (rev 7513) @@ -189,7 +189,7 @@ $userid = $this->_userid; if (!loadPhpExtension('openssl')) { trigger_error( - (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") + sprintf(_("The PECL %s extension cannot be loaded."), "openssl") . sprintf(_(" %s AUTH ignored."), 'OpenID'), E_USER_WARNING); return $this->_tryNextUser(); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 7640 http://phpwiki.svn.sourceforge.net/phpwiki/?rev=7640&view=rev Author: vargenau Date: 2010年08月11日 12:33:25 +0000 (2010年8月11日) Log Message: ----------- Add file header Modified Paths: -------------- trunk/lib/WikiUser/AdoDb.php trunk/lib/WikiUser/BogoLogin.php trunk/lib/WikiUser/Db.php trunk/lib/WikiUser/EMailConfirm.php trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/File.php trunk/lib/WikiUser/Forbidden.php trunk/lib/WikiUser/GForge.php trunk/lib/WikiUser/HttpAuth.php trunk/lib/WikiUser/HttpAuthUpper.php trunk/lib/WikiUser/IMAP.php trunk/lib/WikiUser/LDAP.php trunk/lib/WikiUser/LdapUpper.php trunk/lib/WikiUser/OpenID.php trunk/lib/WikiUser/POP3.php trunk/lib/WikiUser/PdoDb.php trunk/lib/WikiUser/PearDb.php trunk/lib/WikiUser/PersonalPage.php trunk/lib/WikiUser/Session.php Modified: trunk/lib/WikiUser/AdoDb.php =================================================================== --- trunk/lib/WikiUser/AdoDb.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/AdoDb.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ include_once("lib/WikiUser/Db.php"); Modified: trunk/lib/WikiUser/BogoLogin.php =================================================================== --- trunk/lib/WikiUser/BogoLogin.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/BogoLogin.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** Without stored password. A _BogoLoginPassUser with password Modified: trunk/lib/WikiUser/Db.php =================================================================== --- trunk/lib/WikiUser/Db.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/Db.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** Modified: trunk/lib/WikiUser/EMailConfirm.php =================================================================== --- trunk/lib/WikiUser/EMailConfirm.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/EMailConfirm.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2006 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2006 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ class _EMailConfirmPassUser Modified: trunk/lib/WikiUser/Facebook.php =================================================================== --- trunk/lib/WikiUser/Facebook.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/Facebook.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,8 +1,24 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2009 Reini Urban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2009 Reini Urban * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * * From http://developeronline.blogspot.com/2008/10/using-perl-against-facebook-part-i.html: * GET 'http://www.facebook.com/login.php', and rest our virtual browser there to collect the cookies * POST to 'https://login.facebook.com/login.php' with the proper parameters @@ -79,4 +95,4 @@ // c-hanging-comment-ender-p: nil // indent-tabs-mode: nil // End: -?> \ No newline at end of file +?> Modified: trunk/lib/WikiUser/File.php =================================================================== --- trunk/lib/WikiUser/File.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/File.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ class _FilePassUser Modified: trunk/lib/WikiUser/Forbidden.php =================================================================== --- trunk/lib/WikiUser/Forbidden.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/Forbidden.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** Modified: trunk/lib/WikiUser/GForge.php =================================================================== --- trunk/lib/WikiUser/GForge.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/GForge.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2006 Alain Peyrat - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2006 Alain Peyrat + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** Call the gforge functions to get the username Modified: trunk/lib/WikiUser/HttpAuth.php =================================================================== --- trunk/lib/WikiUser/HttpAuth.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/HttpAuth.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** Modified: trunk/lib/WikiUser/HttpAuthUpper.php =================================================================== --- trunk/lib/WikiUser/HttpAuthUpper.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/HttpAuthUpper.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004,2007 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004,2007 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** Modified: trunk/lib/WikiUser/IMAP.php =================================================================== --- trunk/lib/WikiUser/IMAP.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/IMAP.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 $ThePhpWikiProgrammingTeam - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 $ThePhpWikiProgrammingTeam + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ class _IMAPPassUser Modified: trunk/lib/WikiUser/LDAP.php =================================================================== --- trunk/lib/WikiUser/LDAP.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/LDAP.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004,2007 $ThePhpWikiProgrammingTeam - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004,2007 $ThePhpWikiProgrammingTeam + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ class _LDAPPassUser Modified: trunk/lib/WikiUser/LdapUpper.php =================================================================== --- trunk/lib/WikiUser/LdapUpper.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/LdapUpper.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2007,2009 Reini Urban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2007,2009 Reini Urban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ include_once("lib/WikiUser/LDAP.php"); Modified: trunk/lib/WikiUser/OpenID.php =================================================================== --- trunk/lib/WikiUser/OpenID.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/OpenID.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,10 +1,26 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2010 ReiniUrban - * Zend_OpenId_Consumer parts from Zend licensed under +/* + * Copyright (C) 2010 ReiniUrban + * Zend_OpenId_Consumer parts from Zend licensed under * http://framework.zend.com/license/new-bsd - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * * This is not yet finished. We do not want to use zend extensions. * * See http://openid.net/specs/openid-authentication-1_1.html @@ -30,7 +46,7 @@ * @param string &$identity this argument is set to end-user's claimed * identifier or OpenID provider local identifier. * @param mixed $extensions extension object or array of extensions objects - * @return bool + * @return bool */ function verify($params, &$identity = "", $extensions = null) { $version = 1.1; @@ -82,7 +98,7 @@ return false; } } - + /** * Performs check of OpenID identity. * @@ -135,7 +151,7 @@ //$params['openid.ns'] = Zend_OpenId::NS_2_0; } - $params['openid.mode'] = $immediate ? + $params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup'; $params['openid.identity'] = $id; @@ -214,7 +230,7 @@ } if (!loadPhpExtension('openssl')) { trigger_error - (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") + (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") . sprintf(_(" %s AUTH ignored."), 'OpenID'), E_USER_WARNING); return $this->_tryNextUser(); @@ -238,4 +254,4 @@ // c-hanging-comment-ender-p: nil // indent-tabs-mode: nil // End: -?> \ No newline at end of file +?> Modified: trunk/lib/WikiUser/POP3.php =================================================================== --- trunk/lib/WikiUser/POP3.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/POP3.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 $ThePhpWikiProgrammingTeam - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 $ThePhpWikiProgrammingTeam + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ require_once("lib/WikiUser/IMAP.php"); Modified: trunk/lib/WikiUser/PdoDb.php =================================================================== --- trunk/lib/WikiUser/PdoDb.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/PdoDb.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004, 2005 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004, 2005 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ include_once("lib/WikiUser/Db.php"); Modified: trunk/lib/WikiUser/PearDb.php =================================================================== --- trunk/lib/WikiUser/PearDb.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/PearDb.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ include_once("lib/WikiUser/Db.php"); Modified: trunk/lib/WikiUser/PersonalPage.php =================================================================== --- trunk/lib/WikiUser/PersonalPage.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/PersonalPage.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** Modified: trunk/lib/WikiUser/Session.php =================================================================== --- trunk/lib/WikiUser/Session.php 2010年08月11日 12:15:16 UTC (rev 7639) +++ trunk/lib/WikiUser/Session.php 2010年08月11日 12:33:25 UTC (rev 7640) @@ -1,7 +1,23 @@ <?php //-*-php-*- // rcs_id('$Id$'); -/* Copyright (C) 2004 ReiniUrban - * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2) +/* + * Copyright (C) 2004 ReiniUrban + * + * This file is part of PhpWiki. + * + * PhpWiki is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * PhpWiki is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with PhpWiki; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 8332 http://phpwiki.svn.sourceforge.net/phpwiki/?rev=8332&view=rev Author: vargenau Date: 2012年09月30日 18:19:24 +0000 (2012年9月30日) Log Message: ----------- Remove svn:keywords Property Changed: ---------------- trunk/lib/WikiUser/AdoDb.php trunk/lib/WikiUser/BogoLogin.php trunk/lib/WikiUser/Db.php trunk/lib/WikiUser/EMailConfirm.php trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/File.php trunk/lib/WikiUser/Forbidden.php trunk/lib/WikiUser/FusionForge.php trunk/lib/WikiUser/HttpAuth.php trunk/lib/WikiUser/HttpAuthUpper.php trunk/lib/WikiUser/IMAP.php trunk/lib/WikiUser/LDAP.php trunk/lib/WikiUser/LdapUpper.php trunk/lib/WikiUser/OpenID.php trunk/lib/WikiUser/POP3.php trunk/lib/WikiUser/PdoDb.php trunk/lib/WikiUser/PearDb.php trunk/lib/WikiUser/PersonalPage.php trunk/lib/WikiUser/Session.php Property changes on: trunk/lib/WikiUser/AdoDb.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/BogoLogin.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/Db.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/EMailConfirm.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/Facebook.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/File.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/Forbidden.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/FusionForge.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/HttpAuth.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/HttpAuthUpper.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/IMAP.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/LDAP.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/LdapUpper.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/OpenID.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/POP3.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/PdoDb.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/PearDb.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/PersonalPage.php ___________________________________________________________________ Deleted: svn:keywords - Id Property changes on: trunk/lib/WikiUser/Session.php ___________________________________________________________________ Deleted: svn:keywords - Id This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 8597 http://phpwiki.svn.sourceforge.net/phpwiki/?rev=8597&view=rev Author: vargenau Date: 2012年12月04日 13:12:41 +0000 (2012年12月04日) Log Message: ----------- Use smart quotes Modified Paths: -------------- trunk/lib/WikiUser/AdoDb.php trunk/lib/WikiUser/LDAP.php trunk/lib/WikiUser/PdoDb.php trunk/lib/WikiUser/PearDb.php trunk/lib/WikiUser/PersonalPage.php Modified: trunk/lib/WikiUser/AdoDb.php =================================================================== --- trunk/lib/WikiUser/AdoDb.php 2012年12月04日 13:03:14 UTC (rev 8596) +++ trunk/lib/WikiUser/AdoDb.php 2012年12月04日 13:12:41 UTC (rev 8597) @@ -222,7 +222,7 @@ if (!isset($this->_authselect)) $this->userExists(); if (!isset($this->_authselect)) - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != '%s'", + trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", 'DBAUTH_AUTH_CHECK', 'ADODB'), E_USER_WARNING); //NOTE: for auth_crypt_method='crypt' defined('ENCRYPTED_PASSWD',true) must be set @@ -280,7 +280,7 @@ array("password", "userid")); } if (!isset($this->_authupdate)) { - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != '%s'", + trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", 'DBAUTH_AUTH_UPDATE', 'ADODB'), E_USER_WARNING); return false; Modified: trunk/lib/WikiUser/LDAP.php =================================================================== --- trunk/lib/WikiUser/LDAP.php 2012年12月04日 13:03:14 UTC (rev 8596) +++ trunk/lib/WikiUser/LDAP.php 2012年12月04日 13:12:41 UTC (rev 8597) @@ -161,7 +161,7 @@ //return WIKIAUTH_FORBIDDEN; } /*if (strstr($userid,'*')) { // should be safely escaped now - trigger_error(fmt("Invalid username '%s' for LDAP Auth", $userid), + trigger_error(fmt("Invalid username "%s" for LDAP Auth", $userid), E_USER_WARNING); return WIKIAUTH_FORBIDDEN; }*/ @@ -229,7 +229,7 @@ $this->_userid = trim($this->_userid); $userid = $this->_userid; if (strstr($userid, '*')) { - trigger_error(fmt("Invalid username '%s' for LDAP Auth", $userid), + trigger_error(fmt("Invalid username "%s" for LDAP Auth", $userid), E_USER_WARNING); return false; } Modified: trunk/lib/WikiUser/PdoDb.php =================================================================== --- trunk/lib/WikiUser/PdoDb.php 2012年12月04日 13:03:14 UTC (rev 8596) +++ trunk/lib/WikiUser/PdoDb.php 2012年12月04日 13:12:41 UTC (rev 8597) @@ -205,7 +205,7 @@ if (!isset($this->_authselect)) $this->userExists(); if (!isset($this->_authselect)) - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != '%s'", + trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", 'DBAUTH_AUTH_CHECK', 'SQL'), E_USER_WARNING); @@ -269,7 +269,7 @@ } } if (empty($this->_authupdate)) { - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != '%s'", + trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", 'DBAUTH_AUTH_UPDATE', 'SQL'), E_USER_WARNING); return false; Modified: trunk/lib/WikiUser/PearDb.php =================================================================== --- trunk/lib/WikiUser/PearDb.php 2012年12月04日 13:03:14 UTC (rev 8596) +++ trunk/lib/WikiUser/PearDb.php 2012年12月04日 13:12:41 UTC (rev 8597) @@ -199,7 +199,7 @@ if (!isset($this->_authselect)) $this->userExists(); if (!isset($this->_authselect)) - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != '%s'", + trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", 'DBAUTH_AUTH_CHECK', 'SQL'), E_USER_WARNING); @@ -245,7 +245,7 @@ array("password", "userid")); } if (empty($this->_authupdate)) { - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != '%s'", + trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", 'DBAUTH_AUTH_UPDATE', 'SQL'), E_USER_WARNING); return false; Modified: trunk/lib/WikiUser/PersonalPage.php =================================================================== --- trunk/lib/WikiUser/PersonalPage.php 2012年12月04日 13:03:14 UTC (rev 8596) +++ trunk/lib/WikiUser/PersonalPage.php 2012年12月04日 13:12:41 UTC (rev 8597) @@ -56,7 +56,7 @@ if (PASSWORD_LENGTH_MINIMUM > 0) { trigger_error(sprintf( _("PersonalPage login method:") . "\n" . - _("You stored an empty password in your '%s' page.") . "\n" . + _("You stored an empty password in your "%s" page.") . "\n" . _("Your access permissions are only for a BogoUser.") . "\n" . _("Please set a password in UserPreferences."), $this->_userid), E_USER_WARNING); @@ -65,7 +65,7 @@ if (!empty($submitted_password)) trigger_error(sprintf( _("PersonalPage login method:") . "\n" . - _("You stored an empty password in your '%s' page.") . "\n" . + _("You stored an empty password in your "%s" page.") . "\n" . _("Given password ignored.") . "\n" . _("Please set a password in UserPreferences."), $this->_userid), E_USER_WARNING); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 8687 http://phpwiki.svn.sourceforge.net/phpwiki/?rev=8687&view=rev Author: vargenau Date: 2012年12月27日 11:00:27 +0000 (2012年12月27日) Log Message: ----------- Remove unused variable Modified Paths: -------------- trunk/lib/WikiUser/AdoDb.php trunk/lib/WikiUser/BogoLogin.php trunk/lib/WikiUser/OpenID.php trunk/lib/WikiUser/POP3.php trunk/lib/WikiUser/PdoDb.php trunk/lib/WikiUser/PearDb.php Modified: trunk/lib/WikiUser/AdoDb.php =================================================================== --- trunk/lib/WikiUser/AdoDb.php 2012年12月27日 10:59:14 UTC (rev 8686) +++ trunk/lib/WikiUser/AdoDb.php 2012年12月27日 11:00:27 UTC (rev 8687) @@ -70,8 +70,7 @@ $prefs_blob = @$rs->fields['prefs']; $rs->Close(); if ($restored_from_db = $this->_prefs->retrieve($prefs_blob)) { - $updated = $this->_prefs->updatePrefs($restored_from_db); - //$this->_prefs = new UserPreferences($restored_from_db); + $this->_prefs->updatePrefs($restored_from_db); return $this->_prefs; } } @@ -80,8 +79,7 @@ if ($restored_from_page = $this->_prefs->retrieve ($this->_HomePagehandle->get('pref')) ) { - $updated = $this->_prefs->updatePrefs($restored_from_page); - //$this->_prefs = new UserPreferences($restored_from_page); + $this->_prefs->updatePrefs($restored_from_page); return $this->_prefs; } } Modified: trunk/lib/WikiUser/BogoLogin.php =================================================================== --- trunk/lib/WikiUser/BogoLogin.php 2012年12月27日 10:59:14 UTC (rev 8686) +++ trunk/lib/WikiUser/BogoLogin.php 2012年12月27日 11:00:27 UTC (rev 8687) @@ -48,7 +48,7 @@ if (isset($this->_prefs->_method) and $this->_prefs->_method == 'HomePage') { $user = new _PersonalPagePassUser($this->_userid, $this->_prefs); if ($user->checkPass($submitted_password)) { - $user = UpgradeUser($this, $user); + UpgradeUser($this, $user); $this->_level = WIKIAUTH_USER; return $this->_level; } else { Modified: trunk/lib/WikiUser/OpenID.php =================================================================== --- trunk/lib/WikiUser/OpenID.php 2012年12月27日 10:59:14 UTC (rev 8686) +++ trunk/lib/WikiUser/OpenID.php 2012年12月27日 11:00:27 UTC (rev 8687) @@ -208,7 +208,6 @@ function checkPass($password) { - $userid = $this->_userid; if (!loadPhpExtension('openssl')) { trigger_error( sprintf(_("The PECL %s extension cannot be loaded."), "openssl") Modified: trunk/lib/WikiUser/POP3.php =================================================================== --- trunk/lib/WikiUser/POP3.php 2012年12月27日 10:59:14 UTC (rev 8686) +++ trunk/lib/WikiUser/POP3.php 2012年12月27日 11:00:27 UTC (rev 8687) @@ -73,7 +73,7 @@ // quit the connection fputs($fp, "quit\n"); // Get the sayonara message - $line = fgets($fp, 1024); + fgets($fp, 1024); fclose($fp); } else { trigger_error(_("Couldn't connect to %s", "POP3_AUTH_HOST " . $host . ':' . $port), Modified: trunk/lib/WikiUser/PdoDb.php =================================================================== --- trunk/lib/WikiUser/PdoDb.php 2012年12月27日 10:59:14 UTC (rev 8686) +++ trunk/lib/WikiUser/PdoDb.php 2012年12月27日 11:00:27 UTC (rev 8687) @@ -67,8 +67,7 @@ $prefs = $db_result->fetch(PDO_FETCH_BOTH); $prefs_blob = @$prefs["prefs"]; if ($restored_from_db = $this->_prefs->retrieve($prefs_blob)) { - $updated = $this->_prefs->updatePrefs($restored_from_db); - //$this->_prefs = new UserPreferences($restored_from_db); + $this->_prefs->updatePrefs($restored_from_db); return $this->_prefs; } } @@ -76,8 +75,7 @@ if ($restored_from_page = $this->_prefs->retrieve ($this->_HomePagehandle->get('pref')) ) { - $updated = $this->_prefs->updatePrefs($restored_from_page); - //$this->_prefs = new UserPreferences($restored_from_page); + $this->_prefs->updatePrefs($restored_from_page); return $this->_prefs; } } @@ -210,7 +208,6 @@ E_USER_WARNING); //NOTE: for auth_crypt_method='crypt' defined('ENCRYPTED_PASSWD',true) must be set - $dbh = &$this->_auth_dbi; if ($this->_auth_crypt_method == 'crypt') { try { $this->_authselect->bindParam("userid", $this->_userid, PDO_PARAM_STR, 48); Modified: trunk/lib/WikiUser/PearDb.php =================================================================== --- trunk/lib/WikiUser/PearDb.php 2012年12月27日 10:59:14 UTC (rev 8686) +++ trunk/lib/WikiUser/PearDb.php 2012年12月27日 11:00:27 UTC (rev 8687) @@ -65,8 +65,7 @@ $prefs = $db_result->fetchRow(); $prefs_blob = @$prefs["prefs"]; if ($restored_from_db = $this->_prefs->retrieve($prefs_blob)) { - $updated = $this->_prefs->updatePrefs($restored_from_db); - //$this->_prefs = new UserPreferences($restored_from_db); + $this->_prefs->updatePrefs($restored_from_db); return $this->_prefs; } } @@ -74,8 +73,7 @@ if ($restored_from_page = $this->_prefs->retrieve ($this->_HomePagehandle->get('pref')) ) { - $updated = $this->_prefs->updatePrefs($restored_from_page); - //$this->_prefs = new UserPreferences($restored_from_page); + $this->_prefs->updatePrefs($restored_from_page); return $this->_prefs; } } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 9183 http://sourceforge.net/p/phpwiki/code/9183 Author: vargenau Date: 2014年10月03日 15:22:05 +0000 (2014年10月03日) Log Message: ----------- function crypt exists Modified Paths: -------------- trunk/lib/WikiUser/AdoDb.php trunk/lib/WikiUser/PdoDb.php trunk/lib/WikiUser/PearDb.php Modified: trunk/lib/WikiUser/AdoDb.php =================================================================== --- trunk/lib/WikiUser/AdoDb.php 2014年10月03日 15:20:42 UTC (rev 9182) +++ trunk/lib/WikiUser/AdoDb.php 2014年10月03日 15:22:05 UTC (rev 9183) @@ -285,8 +285,7 @@ } if ($this->_auth_crypt_method == 'crypt') { - if (function_exists('crypt')) - $submitted_password = crypt($submitted_password); + $submitted_password = crypt($submitted_password); } $rs = $dbh->Execute(sprintf($this->_authupdate, $dbh->qstr($submitted_password), Modified: trunk/lib/WikiUser/PdoDb.php =================================================================== --- trunk/lib/WikiUser/PdoDb.php 2014年10月03日 15:20:42 UTC (rev 9182) +++ trunk/lib/WikiUser/PdoDb.php 2014年10月03日 15:22:05 UTC (rev 9183) @@ -273,8 +273,7 @@ } if ($this->_auth_crypt_method == 'crypt') { - if (function_exists('crypt')) - $submitted_password = crypt($submitted_password); + $submitted_password = crypt($submitted_password); } try { $this->_authupdate->bindParam("password", $submitted_password, PDO::PARAM_STR, 48); Modified: trunk/lib/WikiUser/PearDb.php =================================================================== --- trunk/lib/WikiUser/PearDb.php 2014年10月03日 15:20:42 UTC (rev 9182) +++ trunk/lib/WikiUser/PearDb.php 2014年10月03日 15:22:05 UTC (rev 9183) @@ -250,8 +250,7 @@ } if ($this->_auth_crypt_method == 'crypt') { - if (function_exists('crypt')) - $submitted_password = crypt($submitted_password); + $submitted_password = crypt($submitted_password); } $dbh->simpleQuery(sprintf($this->_authupdate, $dbh->quote($submitted_password), $dbh->quote($this->_userid))); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 11012 http://sourceforge.net/p/phpwiki/code/11012 Author: vargenau Date: 2022年03月24日 13:44:55 +0000 (2022年3月24日) Log Message: ----------- run php-cs-fixer Modified Paths: -------------- trunk/lib/WikiUser/BogoLogin.php trunk/lib/WikiUser/Db.php trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/File.php trunk/lib/WikiUser/Forbidden.php trunk/lib/WikiUser/FusionForge.php trunk/lib/WikiUser/HttpAuth.php trunk/lib/WikiUser/HttpAuthUpper.php trunk/lib/WikiUser/IMAP.php trunk/lib/WikiUser/LDAP.php trunk/lib/WikiUser/LdapUpper.php trunk/lib/WikiUser/OpenID.php trunk/lib/WikiUser/POP3.php trunk/lib/WikiUser/PdoDb.php trunk/lib/WikiUser/PearDb.php trunk/lib/WikiUser/PersonalPage.php trunk/lib/WikiUser/Session.php Modified: trunk/lib/WikiUser/BogoLogin.php =================================================================== --- trunk/lib/WikiUser/BogoLogin.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/BogoLogin.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -27,10 +27,9 @@ */ class _BogoLoginPassUser extends _PassUser { - public $_authmethod = 'BogoLogin'; - function userExists() + public function userExists() { if (isWikiWord($this->_userid)) { $this->_level = WIKIAUTH_BOGO; @@ -44,7 +43,7 @@ /** A BogoLoginUser requires no password at all * But if there's one stored, we override it with the PersonalPagePassUser instead */ - function checkPass($submitted_password) + public function checkPass($submitted_password) { if ($this->_prefs->get('passwd')) { if (isset($this->_prefs->_method) and $this->_prefs->_method == 'HomePage') { Modified: trunk/lib/WikiUser/Db.php =================================================================== --- trunk/lib/WikiUser/Db.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/Db.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -44,14 +44,15 @@ * * Flat files auth is handled by the auth method "File". */ -class _DbPassUser - extends _PassUser +class _DbPassUser extends _PassUser { - public $_authselect, $_authupdate, $_authcreate; + public $_authselect; + public $_authupdate; + public $_authcreate; // This can only be called from _PassUser, because the parent class // sets the auth_dbi and pref methods, before this class is initialized. - function __construct($UserName = '', $prefs = false) + public function __construct($UserName = '', $prefs = false) { /** * @var WikiRequest $request @@ -59,11 +60,13 @@ global $request; if (!$this->_prefs) { - if ($prefs) $this->_prefs = $prefs; + if ($prefs) { + $this->_prefs = $prefs; + } } - if (!isset($this->_prefs->_method)) + if (!isset($this->_prefs->_method)) { parent::__construct($UserName); - elseif (!$this->isValidName($UserName)) { + } elseif (!$this->isValidName($UserName)) { trigger_error(_("Invalid username."), E_USER_WARNING); return false; } @@ -85,17 +88,22 @@ /* Since we properly quote the username, we allow most chars here. Just " ; and ' is forbidden, max length: 48 as defined in the schema. */ - function isValidName($userid = false) + public function isValidName($userid = false) { - if (!$userid) $userid = $this->_userid; - if (strcspn($userid, ";'\"") != strlen($userid)) return false; - if (strlen($userid) > 48) return false; + if (!$userid) { + $userid = $this->_userid; + } + if (strcspn($userid, ";'\"") != strlen($userid)) { + return false; + } + if (strlen($userid) > 48) { + return false; + } return true; } - function mayChangePass() + public function mayChangePass() { return !isset($this->_authupdate); } - } Modified: trunk/lib/WikiUser/Facebook.php =================================================================== --- trunk/lib/WikiUser/Facebook.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/Facebook.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -29,13 +29,12 @@ // requires the openssl extension require_once 'lib/HttpClient.php'; -class _FacebookPassUser - extends _PassUser +class _FacebookPassUser extends _PassUser { /** * Preferences are handled in _PassUser */ - function checkPass($password) + public function checkPass($password) { $userid = $this->_userid; if (!loadPhpExtension('openssl')) { @@ -42,33 +41,52 @@ trigger_error( sprintf(_("The PECL %s extension cannot be loaded."), "openssl") . sprintf(_(" %s AUTH ignored."), 'Facebook'), - E_USER_WARNING); + E_USER_WARNING + ); return $this->_tryNextUser(); } $web = new HttpClient("www.facebook.com", 80); - if (DEBUG & _DEBUG_LOGIN) $web->setDebug(true); + if (DEBUG & _DEBUG_LOGIN) { + $web->setDebug(true); + } // collect cookies from http://www.facebook.com/login.php $web->persist_cookies = true; $web->cookie_host = 'www.facebook.com'; $firstlogin = $web->get("/login.php"); if (!$firstlogin) { - if (DEBUG & (_DEBUG_LOGIN | _DEBUG_VERBOSE)) - trigger_error(sprintf(_("Facebook connect failed with %d %s"), - $web->status, $web->errormsg), - E_USER_WARNING); + if (DEBUG & (_DEBUG_LOGIN | _DEBUG_VERBOSE)) { + trigger_error( + sprintf( + _("Facebook connect failed with %d %s"), + $web->status, + $web->errormsg + ), + E_USER_WARNING + ); + } } // Switch from http to https://login.facebook.com/login.php $web->port = 443; $web->host = 'login.facebook.com'; if (!($retval = $web->post("/login.php", array('user' => $userid, 'pass' => $password)))) { - if (DEBUG & (_DEBUG_LOGIN | _DEBUG_VERBOSE)) - trigger_error(sprintf(_("Facebook login failed with %d %s"), - $web->status, $web->errormsg), - E_USER_WARNING); + if (DEBUG & (_DEBUG_LOGIN | _DEBUG_VERBOSE)) { + trigger_error( + sprintf( + _("Facebook login failed with %d %s"), + $web->status, + $web->errormsg + ), + E_USER_WARNING + ); + } } $this->_authmethod = 'Facebook'; - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::checkPass => $retval", - E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error( + get_class($this) . "::checkPass => $retval", + E_USER_WARNING + ); + } if ($retval) { $this->_level = WIKIAUTH_USER; } else { @@ -78,17 +96,19 @@ } // TODO: msearch facebook for the username - function userExists() + public function userExists() { if (!loadPhpExtension('openssl')) { trigger_error( sprintf(_("The PECL %s extension cannot be loaded."), "openssl") . sprintf(_(" %s AUTH ignored."), 'Facebook'), - E_USER_WARNING); + E_USER_WARNING + ); return $this->_tryNextUser(); } - if (DEBUG & _DEBUG_LOGIN) + if (DEBUG & _DEBUG_LOGIN) { trigger_error(get_class($this) . "::userExists => true (dummy)", E_USER_WARNING); + } return true; } } Modified: trunk/lib/WikiUser/File.php =================================================================== --- trunk/lib/WikiUser/File.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/File.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -24,8 +24,7 @@ include_once 'lib/pear/File_Passwd.php'; -class _FilePassUser - extends _PassUser +class _FilePassUser extends _PassUser /** * Check users defined in a .htaccess style file * username:crypt\n... @@ -33,22 +32,27 @@ * Preferences are handled in _PassUser */ { - public $_file, $_may_change; + public $_file; + public $_may_change; // This can only be called from _PassUser, because the parent class // sets the pref methods, before this class is initialized. - function __construct($UserName = '', $prefs = false, $file = '') + public function __construct($UserName = '', $prefs = false, $file = '') { if (!$this->_prefs and is_a($this, "_FilePassUser")) { - if ($prefs) $this->_prefs = $prefs; - if (!isset($this->_prefs->_method)) + if ($prefs) { + $this->_prefs = $prefs; + } + if (!isset($this->_prefs->_method)) { parent::__construct($UserName); + } } $this->_userid = $UserName; // read the .htaccess style file. $this->_may_change = defined('AUTH_USER_FILE_STORABLE') && AUTH_USER_FILE_STORABLE; - if (empty($file) and defined('AUTH_USER_FILE')) + if (empty($file) and defined('AUTH_USER_FILE')) { $file = AUTH_USER_FILE; + } if (empty($file)) { return; } @@ -57,24 +61,25 @@ } } - function mayChangePass() + public function mayChangePass() { return $this->_may_change; } - function userExists() + public function userExists() { if (!$this->isValidName()) { return $this->_tryNextUser(); } $this->_authmethod = 'File'; - if (isset($this->_file->users[$this->_userid])) + if (isset($this->_file->users[$this->_userid])) { return true; + } return $this->_tryNextUser(); } - function checkPass($submitted_password) + public function checkPass($submitted_password) { if (!$this->isValidName()) { trigger_error(_("Invalid username."), E_USER_WARNING); @@ -86,8 +91,9 @@ if ($this->_file->verifyPassword($this->_userid, $submitted_password)) { $this->_authmethod = 'File'; $this->_level = WIKIAUTH_USER; - if ($this->isAdmin()) // member of the Administrators group + if ($this->isAdmin()) { // member of the Administrators group $this->_level = WIKIAUTH_ADMIN; + } return $this->_level; } @@ -94,14 +100,17 @@ return $this->_tryNextPass($submitted_password); } - function storePass($submitted_password) + public function storePass($submitted_password) { if (!$this->isValidName()) { return false; } if ($this->_may_change) { - $this->_file = new File_Passwd($this->_file->filename, true, - $this->_file->filename . '.lock'); + $this->_file = new File_Passwd( + $this->_file->filename, + true, + $this->_file->filename . '.lock' + ); $result = $this->_file->modUser($this->_userid, $submitted_password); $this->_file->close(); $this->_file = new File_Passwd($this->_file->filename, false); Modified: trunk/lib/WikiUser/Forbidden.php =================================================================== --- trunk/lib/WikiUser/Forbidden.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/Forbidden.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -27,10 +27,9 @@ * That's why this class is empty, but must exist. */ -class _ForbiddenPassUser - extends _ForbiddenUser +class _ForbiddenPassUser extends _ForbiddenUser { - function dummy() + public function dummy() { return; } Modified: trunk/lib/WikiUser/FusionForge.php =================================================================== --- trunk/lib/WikiUser/FusionForge.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/FusionForge.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -26,19 +26,21 @@ * */ -class _FusionForgePassUser - extends _PassUser +class _FusionForgePassUser extends _PassUser { - public $_is_external = 0; - function __construct($UserName = '', $prefs = false) + public function __construct($UserName = '', $prefs = false) { - if ($prefs) $this->_prefs = $prefs; - if (!isset($this->_prefs->_method)) + if ($prefs) { + $this->_prefs = $prefs; + } + if (!isset($this->_prefs->_method)) { parent::__construct($UserName); - if ($UserName) + } + if ($UserName) { $this->_userid = $UserName; + } $this->_authmethod = 'FusionForge'; // Is this double check really needed? @@ -50,7 +52,7 @@ } } - function userExists() + public function userExists() { global $group_id; @@ -96,7 +98,7 @@ return false; } - function checkPass($submitted_password) + public function checkPass($submitted_password) { return $this->userExists() ? ($this->isAdmin() ? WIKIAUTH_ADMIN : WIKIAUTH_USER) @@ -103,7 +105,7 @@ : WIKIAUTH_ANON; } - function mayChangePass() + public function mayChangePass() { return false; } Modified: trunk/lib/WikiUser/HttpAuth.php =================================================================== --- trunk/lib/WikiUser/HttpAuth.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/HttpAuth.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -35,16 +35,19 @@ * header('Authorization: Basic '.base64_encode("$userid:$passwd")."\r\n"; */ -class _HttpAuthPassUser - extends _PassUser +class _HttpAuthPassUser extends _PassUser { - function __construct($UserName = '', $prefs = false) + public function __construct($UserName = '', $prefs = false) { - if ($prefs) $this->_prefs = $prefs; - if (!isset($this->_prefs->_method)) + if ($prefs) { + $this->_prefs = $prefs; + } + if (!isset($this->_prefs->_method)) { parent::__construct($UserName); - if ($UserName) + } + if ($UserName) { $this->_userid = $UserName; + } $this->_authmethod = 'HttpAuth'; // Is this double check really needed? @@ -58,7 +61,7 @@ // FIXME! This doesn't work yet! // Allow httpauth by other method: Admin for now only - function _fake_auth($userid, $passwd) + public function _fake_auth($userid, $passwd) { return false; @@ -74,39 +77,48 @@ */ } - function logout() + public function logout() { - if (!isset($_SERVER)) + if (!isset($_SERVER)) { $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; + } // Maybe we should random the realm to really force a logout. // But the next login will fail. // TODO: On AUTH_TYPE=NTLM this will fail. Only Basic supported so far. header('WWW-Authenticate: Basic realm="' . WIKI_NAME . '"'); - if (strstr(php_sapi_name(), 'apache')) + if (strstr(php_sapi_name(), 'apache')) { header('HTTP/1.0 401 Unauthorized'); - else - header("Status: 401 Access Denied"); //IIS and CGI need that + } else { + header("Status: 401 Access Denied"); + } //IIS and CGI need that unset($GLOBALS['REMOTE_USER']); unset($_SERVER['PHP_AUTH_USER']); unset($_SERVER['PHP_AUTH_PW']); } - function _http_username() + public function _http_username() { - if (!isset($_SERVER)) + if (!isset($_SERVER)) { $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; - if (!empty($_SERVER['PHP_AUTH_USER'])) + } + if (!empty($_SERVER['PHP_AUTH_USER'])) { return $_SERVER['PHP_AUTH_USER']; - if (!empty($_SERVER['REMOTE_USER'])) + } + if (!empty($_SERVER['REMOTE_USER'])) { return $_SERVER['REMOTE_USER']; - if (!empty($GLOBALS['HTTP_ENV_VARS']['REMOTE_USER'])) + } + if (!empty($GLOBALS['HTTP_ENV_VARS']['REMOTE_USER'])) { return $GLOBALS['HTTP_ENV_VARS']['REMOTE_USER']; - if (!empty($GLOBALS['REMOTE_USER'])) + } + if (!empty($GLOBALS['REMOTE_USER'])) { return $GLOBALS['REMOTE_USER']; + } // IIS + Basic if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { - list($userid, $passwd) = explode(':', - base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); + list($userid, $passwd) = explode( + ':', + base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)) + ); return $userid; } return ''; @@ -113,10 +125,11 @@ } // force http auth authorization - function userExists() + public function userExists() { - if (!isset($_SERVER)) + if (!isset($_SERVER)) { $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; + } $username = $this->_http_username(); if (strstr($username, "\\") and isset($_SERVER['AUTH_TYPE']) @@ -142,13 +155,14 @@ // we should check if he is a member of admin, // because HttpAuth has its own logic. $this->_level = WIKIAUTH_USER; - if ($this->isAdmin()) + if ($this->isAdmin()) { $this->_level = WIKIAUTH_ADMIN; + } return $this; } // ignore password, this is checked by the webservers http auth. - function checkPass($submitted_password) + public function checkPass($submitted_password) { return $this->userExists() ? ($this->isAdmin() ? WIKIAUTH_ADMIN : WIKIAUTH_USER) @@ -155,7 +169,7 @@ : WIKIAUTH_ANON; } - function mayChangePass() + public function mayChangePass() { return false; } Modified: trunk/lib/WikiUser/HttpAuthUpper.php =================================================================== --- trunk/lib/WikiUser/HttpAuthUpper.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/HttpAuthUpper.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -36,16 +36,19 @@ * header('Authorization: Basic '.base64_encode("$userid:$passwd")."\r\n"; */ -class _HttpAuthUpperPassUser - extends _PassUser +class _HttpAuthUpperPassUser extends _PassUser { - function __construct($UserName = '', $prefs = false) + public function __construct($UserName = '', $prefs = false) { - if ($prefs) $this->_prefs = $prefs; - if (!isset($this->_prefs->_method)) + if ($prefs) { + $this->_prefs = $prefs; + } + if (!isset($this->_prefs->_method)) { parent::__construct($UserName); - if ($UserName) + } + if ($UserName) { $this->_userid = $UserName; + } $this->_authmethod = 'HttpAuthUpper'; // Is this double check really needed? @@ -59,7 +62,7 @@ // FIXME! This doesn't work yet! // Allow httpauth by other method: Admin for now only - function _fake_auth($userid, $passwd) + public function _fake_auth($userid, $passwd) { return false; @@ -75,39 +78,48 @@ */ } - function logout() + public function logout() { - if (!isset($_SERVER)) + if (!isset($_SERVER)) { $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; + } // Maybe we should random the realm to really force a logout. // But the next login will fail. // TODO: On AUTH_TYPE=NTLM this will fail. Only Basic supported so far. header('WWW-Authenticate: Basic realm="' . WIKI_NAME . '"'); - if (strstr(php_sapi_name(), 'apache')) + if (strstr(php_sapi_name(), 'apache')) { header('HTTP/1.0 401 Unauthorized'); - else - header("Status: 401 Access Denied"); //IIS and CGI need that + } else { + header("Status: 401 Access Denied"); + } //IIS and CGI need that unset($GLOBALS['REMOTE_USER']); unset($_SERVER['PHP_AUTH_USER']); unset($_SERVER['PHP_AUTH_PW']); } - function _http_username() + public function _http_username() { - if (!isset($_SERVER)) + if (!isset($_SERVER)) { $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; - if (!empty($_SERVER['PHP_AUTH_USER'])) + } + if (!empty($_SERVER['PHP_AUTH_USER'])) { return $_SERVER['PHP_AUTH_USER']; - if (!empty($_SERVER['REMOTE_USER'])) + } + if (!empty($_SERVER['REMOTE_USER'])) { return $_SERVER['REMOTE_USER']; - if (!empty($GLOBALS['HTTP_ENV_VARS']['REMOTE_USER'])) + } + if (!empty($GLOBALS['HTTP_ENV_VARS']['REMOTE_USER'])) { return $GLOBALS['HTTP_ENV_VARS']['REMOTE_USER']; - if (!empty($GLOBALS['REMOTE_USER'])) + } + if (!empty($GLOBALS['REMOTE_USER'])) { return $GLOBALS['REMOTE_USER']; + } // IIS + Basic if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { - list($userid, $passwd) = explode(':', - base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); + list($userid, $passwd) = explode( + ':', + base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)) + ); return $userid; } return ''; @@ -114,7 +126,7 @@ } // special: force upcase username - function UserName() + public function UserName() { if (!empty($this->_userid)) { $this->_userid = strtoupper($this->_userid); @@ -124,10 +136,11 @@ } // force http auth authorization - function userExists() + public function userExists() { - if (!isset($_SERVER)) + if (!isset($_SERVER)) { $_SERVER =& $GLOBALS['HTTP_SERVER_VARS']; + } $username = strtoupper($this->_http_username()); if (strstr($username, "\\") and isset($_SERVER['AUTH_TYPE']) @@ -153,13 +166,14 @@ // we should check if he is a member of admin, // because HttpAuth has its own logic. $this->_level = WIKIAUTH_USER; - if ($this->isAdmin()) + if ($this->isAdmin()) { $this->_level = WIKIAUTH_ADMIN; + } return $this; } // ignore password, this is checked by the webservers http auth. - function checkPass($submitted_password) + public function checkPass($submitted_password) { return $this->userExists() ? ($this->isAdmin() ? WIKIAUTH_ADMIN : WIKIAUTH_USER) @@ -166,7 +180,7 @@ : WIKIAUTH_ANON; } - function mayChangePass() + public function mayChangePass() { return false; } Modified: trunk/lib/WikiUser/IMAP.php =================================================================== --- trunk/lib/WikiUser/IMAP.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/IMAP.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -22,8 +22,7 @@ * */ -class _IMAPPassUser - extends _PassUser +class _IMAPPassUser extends _PassUser /** * Define the var IMAP_AUTH_HOST in config/config.ini (with port probably) * @@ -30,39 +29,53 @@ * Preferences are handled in _PassUser */ { - function checkPass($submitted_password) + public function checkPass($submitted_password) { if (!$this->isValidName()) { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::checkPass => failed isValidName", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error(get_class($this) . "::checkPass => failed isValidName", E_USER_WARNING); + } trigger_error(_("Invalid username."), E_USER_WARNING); return $this->_tryNextPass($submitted_password); } if (!$this->_checkPassLength($submitted_password)) { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::checkPass => failed checkPassLength", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error(get_class($this) . "::checkPass => failed checkPassLength", E_USER_WARNING); + } return WIKIAUTH_FORBIDDEN; } $userid = $this->_userid; - $mbox = @imap_open("{" . IMAP_AUTH_HOST . "}", - $userid, $submitted_password, OP_HALFOPEN); + $mbox = @imap_open( + "{" . IMAP_AUTH_HOST . "}", + $userid, + $submitted_password, + OP_HALFOPEN + ); if ($mbox) { imap_close($mbox); $this->_authmethod = 'IMAP'; - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::checkPass => ok", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error(get_class($this) . "::checkPass => ok", E_USER_WARNING); + } $this->_level = WIKIAUTH_USER; return $this->_level; } else { if ($submitted_password != "") { // if LENGTH 0 is allowed - trigger_error(_("Unable to connect to IMAP server ") . IMAP_AUTH_HOST, - E_USER_WARNING); + trigger_error( + _("Unable to connect to IMAP server ") . IMAP_AUTH_HOST, + E_USER_WARNING + ); } } - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::checkPass => wrong", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error(get_class($this) . "::checkPass => wrong", E_USER_WARNING); + } return $this->_tryNextPass($submitted_password); } //CHECKME: this will not be okay for the auth policy strict - function userExists() + public function userExists() { return true; @@ -76,9 +89,11 @@ */ } - function mayChangePass() + public function mayChangePass() { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::mayChangePass => false", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error(get_class($this) . "::mayChangePass => false", E_USER_WARNING); + } return false; } } Modified: trunk/lib/WikiUser/LDAP.php =================================================================== --- trunk/lib/WikiUser/LDAP.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/LDAP.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -22,8 +22,7 @@ * */ -class _LDAPPassUser - extends _PassUser +class _LDAPPassUser extends _PassUser /** * Define the vars LDAP_AUTH_HOST and LDAP_BASE_DN in config/config.ini * @@ -34,7 +33,7 @@ * ->_init() * connect and bind to the LDAP host */ - function _init() + public function _init() { if ($this->_ldap = ldap_connect(LDAP_AUTH_HOST)) { // must be a valid LDAP server! global $LDAP_SET_OPTION; @@ -45,19 +44,27 @@ ldap_set_option($this->_ldap, $key, $value); } } - if (LDAP_AUTH_USER) - if (LDAP_AUTH_PASSWORD) + if (LDAP_AUTH_USER) { + if (LDAP_AUTH_PASSWORD) { // Windows Active Directory Server is strict $r = ldap_bind($this->_ldap, LDAP_AUTH_USER, LDAP_AUTH_PASSWORD); - else + } else { $r = ldap_bind($this->_ldap, LDAP_AUTH_USER); - else - $r = true; // anonymous bind allowed + } + } else { + $r = true; + } // anonymous bind allowed if (!$r) { $this->_free(); - trigger_error(sprintf(_("Unable to bind LDAP server %s using %s %s"), - LDAP_AUTH_HOST, LDAP_AUTH_USER, LDAP_AUTH_PASSWORD), - E_USER_WARNING); + trigger_error( + sprintf( + _("Unable to bind LDAP server %s using %s %s"), + LDAP_AUTH_HOST, + LDAP_AUTH_USER, + LDAP_AUTH_PASSWORD + ), + E_USER_WARNING + ); return false; } return $this->_ldap; @@ -69,10 +76,14 @@ /** * free and close the bound ressources */ - function _free() + public function _free() { - if (isset($this->_sr) and is_resource($this->_sr)) ldap_free_result($this->_sr); - if (isset($this->_ldap) and is_resource($this->_ldap)) ldap_close($this->_ldap); + if (isset($this->_sr) and is_resource($this->_sr)) { + ldap_free_result($this->_sr); + } + if (isset($this->_ldap) and is_resource($this->_ldap)) { + ldap_close($this->_ldap); + } unset($this->_sr); unset($this->_ldap); } @@ -88,7 +99,8 @@ */ private function _stringEscape($name) { - return strtr(utf8_encode($name), + return strtr( + utf8_encode($name), array("*" => "\2円a", "?" => "\3円f", "(" => "\28円", @@ -95,7 +107,8 @@ ")" => "\29円", "\\" => "\5円c", '"' => '\"', - "0円" => "\00円")); + "0円" => "\00円") + ); } /** @@ -102,9 +115,11 @@ * LDAP names may contain every utf-8 character. However we restrict them a bit for convenience. * @see _stringEscape() */ - function isValidName($userid = false) + public function isValidName($userid = false) { - if (!$userid) $userid = $this->_userid; + if (!$userid) { + $userid = $this->_userid; + } // We are more restrictive here, but must allow explitly utf-8 return preg_match("/^[\-\w_\.@ ]+$/u", $userid) and strlen($userid) < 64; } @@ -137,9 +152,8 @@ * @see http://www.faqs.org/rfcs/rfc4514.html LDAP String Representation of Distinguished Names * @see http://www.faqs.org/rfcs/rfc3454.html stringprep */ - function checkPass($submitted_password) + public function checkPass($submitted_password) { - $this->_authmethod = 'LDAP'; $this->_userid = trim($this->_userid); $userid = $this->_userid; @@ -175,8 +189,9 @@ } $info = ldap_get_entries($ldap, $this->_sr); if (empty($info["count"])) { - if (DEBUG) + if (DEBUG) { trigger_error(_("User not found in LDAP"), E_USER_WARNING); + } $this->_free(); return $this->_tryNextPass($submitted_password); } @@ -209,10 +224,13 @@ } } } - if (DEBUG) - trigger_error(_("Wrong password: ") . + if (DEBUG) { + trigger_error( + _("Wrong password: ") . str_repeat("*", strlen($submitted_password)), - E_USER_WARNING); + E_USER_WARNING + ); + } $this->_free(); } else { $this->_free(); @@ -223,13 +241,15 @@ } - function userExists() + public function userExists() { $this->_userid = trim($this->_userid); $userid = $this->_userid; if (strstr($userid, '*')) { - trigger_error(fmt("Invalid username "%s" for LDAP Auth", $userid), - E_USER_WARNING); + trigger_error( + fmt("Invalid username "%s" for LDAP Auth", $userid), + E_USER_WARNING + ); return false; } if ($ldap = $this->_init()) { @@ -251,9 +271,8 @@ return $this->_tryNextUser(); } - function mayChangePass() + public function mayChangePass() { return false; } - } Modified: trunk/lib/WikiUser/LdapUpper.php =================================================================== --- trunk/lib/WikiUser/LdapUpper.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/LdapUpper.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -29,21 +29,21 @@ * Define the vars LDAP_AUTH_HOST, LDAP_BASE_DN, LDAP_SEARCH_FILTER in config/config.ini * Preferences are handled in _PassUser */ -class _LdapUpperPassUser - extends _LDAPPassUser +class _LdapUpperPassUser extends _LDAPPassUser { - function UserName() + public function UserName() { if (!empty($this->_userid)) { $this->_userid = trim(strtoupper($this->_userid)); - if (!empty($this->_HomePagehandle) and is_object($this->_HomePagehandle)) + if (!empty($this->_HomePagehandle) and is_object($this->_HomePagehandle)) { $this->_HomePagehandle->_pagename = $this->_userid; + } return strtoupper($this->_userid); } return ''; } - function userExists() + public function userExists() { // lowercase check and uppercase visibility $this->_userid = trim(strtoupper($this->_userid)); Modified: trunk/lib/WikiUser/OpenID.php =================================================================== --- trunk/lib/WikiUser/OpenID.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/OpenID.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -31,8 +31,7 @@ // requires the openssl extension require_once 'lib/HttpClient.php'; -class _OpenIDPassUser - extends _PassUser +class _OpenIDPassUser extends _PassUser /** * Preferences are handled in _PassUser */ @@ -50,7 +49,7 @@ * @param mixed $extensions extension object or array of extensions objects * @return bool */ - function verify($params, &$identity = "", $extensions = null) + public function verify($params, &$identity = "", $extensions = null) { $version = 1.1; $this->_setError(""); @@ -119,8 +118,14 @@ * object to perform HTTP or HTML form redirection * @return bool */ - function _checkId($immediate, $id, $returnTo = null, $root = null, - $extensions = null, $response = null) + public function _checkId( + $immediate, + $id, + $returnTo = null, + $root = null, + $extensions = null, + $response = null + ) { $this->_setError(''); @@ -143,7 +148,8 @@ $handle, $macFunc, $secret, - $expires) + $expires + ) ) { /* Use dumb mode */ unset($handle); @@ -179,7 +185,9 @@ // See lib/WikiUser/FaceBook.php how to handle http requests $web = new HttpClient("$server", 80); - if (DEBUG & _DEBUG_LOGIN) $web->setDebug(true); + if (DEBUG & _DEBUG_LOGIN) { + $web->setDebug(true); + } if (empty($root)) { //$root = Zend_OpenId::selfUrl(); @@ -203,25 +211,30 @@ return true; } - function _setError($message) + public function _setError($message) { $this->_error = $message; } - function checkPass($password) + public function checkPass($password) { if (!loadPhpExtension('openssl')) { trigger_error( sprintf(_("The PECL %s extension cannot be loaded."), "openssl") . sprintf(_(" %s AUTH ignored."), 'OpenID'), - E_USER_WARNING); + E_USER_WARNING + ); return $this->_tryNextUser(); } $retval = $this->_checkId(false, $id, $returnTo, $root, $extensions, $response); $this->_authmethod = 'OpenID'; - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::checkPass => $retval", - E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error( + get_class($this) . "::checkPass => $retval", + E_USER_WARNING + ); + } if ($retval) { $this->_level = WIKIAUTH_USER; } else { @@ -231,27 +244,31 @@ } /* do nothing. the login/redirect is done in checkPass */ - function userExists() + public function userExists() { if (!$this->isValidName($this->_userid)) { return $this->_tryNextUser(); } if (!loadPhpExtension('openssl')) { - trigger_error - (sprintf(_("The PECL %s extension cannot be loaded."), "openssl") + trigger_error( + sprintf(_("The PECL %s extension cannot be loaded."), "openssl") . sprintf(_(" %s AUTH ignored."), 'OpenID'), - E_USER_WARNING); + E_USER_WARNING + ); return $this->_tryNextUser(); } - if (DEBUG & _DEBUG_LOGIN) + if (DEBUG & _DEBUG_LOGIN) { trigger_error(get_class($this) . "::userExists => true (dummy)", E_USER_WARNING); + } return true; } // no quotes and shorter than 128 - function isValidName($userid = false) + public function isValidName($userid = false) { - if (!$this->_userid) return false; + if (!$this->_userid) { + return false; + } return !preg_match('/[\"\']/', $this->_userid) and strlen($this->_userid) < 128; } } Modified: trunk/lib/WikiUser/POP3.php =================================================================== --- trunk/lib/WikiUser/POP3.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/POP3.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -24,30 +24,33 @@ require_once 'lib/WikiUser/IMAP.php'; -class _POP3PassUser - extends _IMAPPassUser +class _POP3PassUser extends _IMAPPassUser { /** * Define the var POP3_AUTH_HOST in config/config.ini * Preferences are handled in _PassUser */ - function checkPass($submitted_password) + public function checkPass($submitted_password) { if (!$this->isValidName()) { trigger_error(_("Invalid username."), E_USER_WARNING); - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::checkPass => failed isValidName", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error(get_class($this) . "::checkPass => failed isValidName", E_USER_WARNING); + } return $this->_tryNextPass($submitted_password); } if (!$this->_checkPassLength($submitted_password)) { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::checkPass => failed checkPassLength", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error(get_class($this) . "::checkPass => failed checkPassLength", E_USER_WARNING); + } return WIKIAUTH_FORBIDDEN; } $userid = $this->_userid; $pass = $submitted_password; $host = defined('POP3_AUTH_HOST') ? POP3_AUTH_HOST : 'localhost:110'; - if (defined('POP3_AUTH_PORT')) + if (defined('POP3_AUTH_PORT')) { $port = POP3_AUTH_PORT; - elseif (strstr($host, ':')) { + } elseif (strstr($host, ':')) { list(, $port) = explode(':', $host); } else { $port = 110; @@ -78,11 +81,15 @@ fgets($fp, 1024); fclose($fp); } else { - trigger_error(sprintf(_("Couldn't connect to %s"), "POP3_AUTH_HOST " . $host . ':' . $port), - E_USER_WARNING); + trigger_error( + sprintf(_("Couldn't connect to %s"), "POP3_AUTH_HOST " . $host . ':' . $port), + E_USER_WARNING + ); } $this->_authmethod = 'POP3'; - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::checkPass => $retval", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error(get_class($this) . "::checkPass => $retval", E_USER_WARNING); + } if ($retval) { $this->_level = WIKIAUTH_USER; } else { @@ -91,9 +98,11 @@ return $this->_level; } - function __userExists() + public function __userExists() { - if (DEBUG & _DEBUG_LOGIN) trigger_error(get_class($this) . "::userExists => true (dummy)", E_USER_WARNING); + if (DEBUG & _DEBUG_LOGIN) { + trigger_error(get_class($this) . "::userExists => true (dummy)", E_USER_WARNING); + } return true; } } Modified: trunk/lib/WikiUser/PdoDb.php =================================================================== --- trunk/lib/WikiUser/PdoDb.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/PdoDb.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -24,8 +24,7 @@ include_once 'lib/WikiUser/Db.php'; -class _PdoDbPassUser - extends _DbPassUser +class _PdoDbPassUser extends _DbPassUser /** * PDO DB methods (PHP5) * prepare, bind, execute. @@ -37,7 +36,7 @@ { public $_authmethod = 'PDODb'; - function __construct($UserName = '', $prefs = false) + public function __construct($UserName = '', $prefs = false) { /** * @var WikiRequest $request @@ -62,7 +61,7 @@ return $this; } - function userExists() + public function userExists() { /** * @var WikiRequest $request @@ -99,17 +98,22 @@ trigger_error("SQL Error: " . $e->getMessage(), E_USER_WARNING); return false; } - if ($this->_authselect->fetchColumn()) + if ($this->_authselect->fetchColumn()) { return true; + } } else { - if (!$dbi->getAuthParam('auth_user_exists')) - trigger_error(fmt("%s is missing", 'DBAUTH_AUTH_USER_EXISTS'), - E_USER_WARNING); + if (!$dbi->getAuthParam('auth_user_exists')) { + trigger_error( + fmt("%s is missing", 'DBAUTH_AUTH_USER_EXISTS'), + E_USER_WARNING + ); + } $this->_authcheck = $dbh->prepare($dbi->getAuthParam('auth_check')); $this->_authcheck->bindParam("userid", $this->_userid, PDO::PARAM_STR, 48); $this->_authcheck->execute(); - if ($this->_authcheck->fetchColumn()) + if ($this->_authcheck->fetchColumn()) { return true; + } } // User does not exist yet. // Maybe the user is allowed to create himself. Generally not wanted in @@ -136,13 +140,14 @@ trigger_error("SQL Error: " . $e->getMessage(), E_USER_WARNING); return false; } - if ($rs) + if ($rs) { return true; + } } return $this->_tryNextUser(); } - function checkPass($submitted_password) + public function checkPass($submitted_password) { //global $DBAuthParams; $this->getAuthDbh(); @@ -155,12 +160,19 @@ if (!$this->_checkPassLength($submitted_password)) { return WIKIAUTH_FORBIDDEN; } - if (!isset($this->_authselect)) + if (!isset($this->_authselect)) { $this->userExists(); - if (!isset($this->_authselect)) - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", - 'DBAUTH_AUTH_CHECK', 'SQL'), - E_USER_WARNING); + } + if (!isset($this->_authselect)) { + trigger_error( + fmt( + "Either %s is missing or DATABASE_TYPE != "%s"", + 'DBAUTH_AUTH_CHECK', + 'SQL' + ), + E_USER_WARNING + ); + } //NOTE: for auth_crypt_method='crypt' defined('ENCRYPTED_PASSWD',true) must be set if ($this->_auth_crypt_method == 'crypt') { @@ -199,7 +211,7 @@ } } - function mayChangePass() + public function mayChangePass() { /** * @var WikiRequest $request @@ -209,7 +221,7 @@ return $request->_dbi->getAuthParam('auth_update'); } - function storePass($submitted_password) + public function storePass($submitted_password) { /** * @var WikiRequest $request @@ -231,9 +243,14 @@ } } if (empty($this->_authupdate)) { - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", - 'DBAUTH_AUTH_UPDATE', 'SQL'), - E_USER_WARNING); + trigger_error( + fmt( + "Either %s is missing or DATABASE_TYPE != "%s"", + 'DBAUTH_AUTH_UPDATE', + 'SQL' + ), + E_USER_WARNING + ); return false; } Modified: trunk/lib/WikiUser/PearDb.php =================================================================== --- trunk/lib/WikiUser/PearDb.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/PearDb.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -24,8 +24,7 @@ include_once 'lib/WikiUser/Db.php'; -class _PearDbPassUser - extends _DbPassUser +class _PearDbPassUser extends _DbPassUser /** * Pear DB methods * Now optimized not to use prepare, ...query(sprintf($sql,quote())) instead. @@ -36,7 +35,7 @@ { public $_authmethod = 'PearDb'; - function __construct($UserName = '', $prefs = false) + public function __construct($UserName = '', $prefs = false) { /** * @var WikiRequest $request @@ -61,7 +60,7 @@ return $this; } - function userExists() + public function userExists() { /** * @var WikiRequest $request @@ -80,8 +79,10 @@ $dbi =& $request->_dbi; // Prepare the configured auth statements if ($dbi->getAuthParam('auth_check') and empty($this->_authselect)) { - $this->_authselect = $this->prepare($dbi->getAuthParam('auth_check'), - array("password", "userid")); + $this->_authselect = $this->prepare( + $dbi->getAuthParam('auth_check'), + array("password", "userid") + ); } //NOTE: for auth_crypt_method='crypt' no special auth_user_exists is needed if (!$dbi->getAuthParam('auth_user_exists') @@ -89,16 +90,21 @@ and $this->_authselect ) { $rs = $dbh->query(sprintf($this->_authselect, $dbh->quote($this->_userid))); - if ($rs->numRows()) + if ($rs->numRows()) { return true; + } } else { - if (!$dbi->getAuthParam('auth_user_exists')) - trigger_error(fmt("%s is missing", 'DBAUTH_AUTH_USER_EXISTS'), - E_USER_WARNING); + if (!$dbi->getAuthParam('auth_user_exists')) { + trigger_error( + fmt("%s is missing", 'DBAUTH_AUTH_USER_EXISTS'), + E_USER_WARNING + ); + } $this->_authcheck = $this->prepare($dbi->getAuthParam('auth_user_exists'), "userid"); $rs = $dbh->query(sprintf($this->_authcheck, $dbh->quote($this->_userid))); - if ($rs->numRows()) + if ($rs->numRows()) { return true; + } } // User does not exist yet. // Maybe the user is allowed to create himself. Generally not wanted in @@ -105,8 +111,10 @@ // external databases, but maybe wanted for the wiki database, for performance // reasons if (empty($this->_authcreate) and $dbi->getAuthParam('auth_create')) { - $this->_authcreate = $this->prepare($dbi->getAuthParam('auth_create'), - array("password", "userid")); + $this->_authcreate = $this->prepare( + $dbi->getAuthParam('auth_create'), + array("password", "userid") + ); } if (!empty($this->_authcreate) and isset($GLOBALS['HTTP_POST_VARS']['auth']) and @@ -113,15 +121,17 @@ isset($GLOBALS['HTTP_POST_VARS']['auth']['passwd']) ) { $passwd = $GLOBALS['HTTP_POST_VARS']['auth']['passwd']; - $dbh->simpleQuery(sprintf($this->_authcreate, + $dbh->simpleQuery(sprintf( + $this->_authcreate, $dbh->quote($passwd), - $dbh->quote($this->_userid))); + $dbh->quote($this->_userid) + )); return true; } return $this->_tryNextUser(); } - function checkPass($submitted_password) + public function checkPass($submitted_password) { //global $DBAuthParams; $this->getAuthDbh(); @@ -134,12 +144,19 @@ if (!$this->_checkPassLength($submitted_password)) { return WIKIAUTH_FORBIDDEN; } - if (!isset($this->_authselect)) + if (!isset($this->_authselect)) { $this->userExists(); - if (!isset($this->_authselect)) - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", - 'DBAUTH_AUTH_CHECK', 'SQL'), - E_USER_WARNING); + } + if (!isset($this->_authselect)) { + trigger_error( + fmt( + "Either %s is missing or DATABASE_TYPE != "%s"", + 'DBAUTH_AUTH_CHECK', + 'SQL' + ), + E_USER_WARNING + ); + } //NOTE: for auth_crypt_method='crypt' defined('ENCRYPTED_PASSWD',true) must be set $dbh = &$this->_auth_dbi; @@ -148,9 +165,11 @@ $result = $this->_checkPass($submitted_password, $stored_password); } else { // be position independent - $okay = $dbh->getOne(sprintf($this->_authselect, + $okay = $dbh->getOne(sprintf( + $this->_authselect, $dbh->quote($submitted_password), - $dbh->quote($this->_userid))); + $dbh->quote($this->_userid) + )); $result = !empty($okay); } @@ -165,7 +184,7 @@ } } - function mayChangePass() + public function mayChangePass() { /** * @var WikiRequest $request @@ -175,7 +194,7 @@ return $request->_dbi->getAuthParam('auth_update'); } - function storePass($submitted_password) + public function storePass($submitted_password) { /** * @var WikiRequest $request @@ -189,13 +208,20 @@ $dbh = &$this->_auth_dbi; $dbi =& $request->_dbi; if ($dbi->getAuthParam('auth_update') and empty($this->_authupdate)) { - $this->_authupdate = $this->prepare($dbi->getAuthParam('auth_update'), - array("password", "userid")); + $this->_authupdate = $this->prepare( + $dbi->getAuthParam('auth_update'), + array("password", "userid") + ); } if (empty($this->_authupdate)) { - trigger_error(fmt("Either %s is missing or DATABASE_TYPE != "%s"", - 'DBAUTH_AUTH_UPDATE', 'SQL'), - E_USER_WARNING); + trigger_error( + fmt( + "Either %s is missing or DATABASE_TYPE != "%s"", + 'DBAUTH_AUTH_UPDATE', + 'SQL' + ), + E_USER_WARNING + ); return false; } @@ -202,8 +228,11 @@ if ($this->_auth_crypt_method == 'crypt') { $submitted_password = crypt($submitted_password); } - $dbh->simpleQuery(sprintf($this->_authupdate, - $dbh->quote($submitted_password), $dbh->quote($this->_userid))); + $dbh->simpleQuery(sprintf( + $this->_authupdate, + $dbh->quote($submitted_password), + $dbh->quote($this->_userid) + )); return true; } } Modified: trunk/lib/WikiUser/PersonalPage.php =================================================================== --- trunk/lib/WikiUser/PersonalPage.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/PersonalPage.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -26,8 +26,7 @@ * This class is only to simplify the auth method dispatcher. * It inherits almost all all methods from _PassUser. */ -class _PersonalPagePassUser - extends _PassUser +class _PersonalPagePassUser extends _PassUser { public $_authmethod = 'PersonalPage'; @@ -34,14 +33,16 @@ /* Very loose checking, since we properly quote the PageName. Just trim spaces, ... See lib/stdlib.php */ - function isValidName($userid = false) + public function isValidName($userid = false) { - if (!$userid) $userid = $this->_userid; + if (!$userid) { + $userid = $this->_userid; + } $WikiPageName = new WikiPageName($userid); return $WikiPageName->isValid() and ($userid === $WikiPageName->name); } - function userExists() + public function userExists() { return $this->_HomePagehandle and $this->_HomePagehandle->exists(); } @@ -50,7 +51,7 @@ * BUT if the user already has a homepage with an empty password * stored, allow login but warn him to change it. */ - function checkPass($submitted_password) + public function checkPass($submitted_password) { if ($this->userExists()) { $stored_password = $this->_prefs->get('passwd'); @@ -61,22 +62,26 @@ _("You stored an empty password in your "%s" page.") . "\n" . _("Your access permissions are only for a BogoUser.") . "\n" . _("Please set a password in UserPreferences."), - $this->_userid), E_USER_WARNING); + $this->_userid + ), E_USER_WARNING); $this->_level = WIKIAUTH_BOGO; } else { - if (!empty($submitted_password)) + if (!empty($submitted_password)) { trigger_error(sprintf( _("PersonalPage login method:") . "\n" . _("You stored an empty password in your "%s" page.") . "\n" . _("Given password ignored.") . "\n" . _("Please set a password in UserPreferences."), - $this->_userid), E_USER_WARNING); + $this->_userid + ), E_USER_WARNING); + } $this->_level = WIKIAUTH_USER; } return $this->_level; } - if ($this->_checkPass($submitted_password, $stored_password)) + if ($this->_checkPass($submitted_password, $stored_password)) { return ($this->_level = WIKIAUTH_USER); + } return _PassUser::checkPass($submitted_password); } else { return WIKIAUTH_ANON; Modified: trunk/lib/WikiUser/Session.php =================================================================== --- trunk/lib/WikiUser/Session.php 2022年03月24日 13:43:02 UTC (rev 11011) +++ trunk/lib/WikiUser/Session.php 2022年03月24日 13:44:55 UTC (rev 11012) @@ -30,16 +30,18 @@ * define('AUTH_SESS_LEVEL',2); */ -class _SessionPassUser - extends _PassUser +class _SessionPassUser extends _PassUser { - function __construct($UserName = '', $prefs = false) + public function __construct($UserName = '', $prefs = false) { - if ($prefs) $this->_prefs = $prefs; + if ($prefs) { + $this->_prefs = $prefs; + } if (!defined("AUTH_SESS_USER") or !defined("AUTH_SESS_LEVEL")) { trigger_error( "AUTH_SESS_USER or AUTH_SESS_LEVEL is not defined for the SessionPassUser method", - E_USER_ERROR); + E_USER_ERROR + ); exit; } $sess =& $GLOBALS['HTTP_SESSION_VARS']; @@ -59,23 +61,24 @@ } else { $this->_userid = $sess[AUTH_SESS_USER]; } - if (!isset($this->_prefs->_method)) + if (!isset($this->_prefs->_method)) { parent::__construct($this->_userid); + } $this->_level = AUTH_SESS_LEVEL; $this->_authmethod = 'Session'; } - function userExists() + public function userExists() { return !empty($this->_userid); } - function checkPass($submitted_password) + public function checkPass($submitted_password) { return $this->userExists() and $this->_level > -1; } - function mayChangePass() + public function mayChangePass() { return false; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 11050 http://sourceforge.net/p/phpwiki/code/11050 Author: vargenau Date: 2023年07月14日 10:03:49 +0000 (2023年7月14日) Log Message: ----------- lib/WikiUser: PHP 7: add types for function arguments and return Modified Paths: -------------- trunk/lib/WikiUser/BogoLogin.php trunk/lib/WikiUser/Db.php trunk/lib/WikiUser/Facebook.php trunk/lib/WikiUser/File.php trunk/lib/WikiUser/FusionForge.php trunk/lib/WikiUser/HttpAuth.php trunk/lib/WikiUser/HttpAuthUpper.php trunk/lib/WikiUser/IMAP.php trunk/lib/WikiUser/LDAP.php trunk/lib/WikiUser/LdapUpper.php trunk/lib/WikiUser/OpenID.php trunk/lib/WikiUser/POP3.php trunk/lib/WikiUser/PdoDb.php trunk/lib/WikiUser/PearDb.php trunk/lib/WikiUser/PersonalPage.php trunk/lib/WikiUser/Session.php Modified: trunk/lib/WikiUser/BogoLogin.php =================================================================== --- trunk/lib/WikiUser/BogoLogin.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/BogoLogin.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -29,7 +29,7 @@ { public $_authmethod = 'BogoLogin'; - public function userExists() + public function userExists(): bool { if (isWikiWord($this->_userid)) { $this->_level = WIKIAUTH_BOGO; Modified: trunk/lib/WikiUser/Db.php =================================================================== --- trunk/lib/WikiUser/Db.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/Db.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -88,7 +88,7 @@ /* Since we properly quote the username, we allow most chars here. Just " ; and ' is forbidden, max length: 48 as defined in the schema. */ - public function isValidName($userid = false) + public function isValidName($userid = false): bool { if (!$userid) { $userid = $this->_userid; @@ -102,7 +102,7 @@ return true; } - public function mayChangePass() + public function mayChangePass(): bool { return !isset($this->_authupdate); } Modified: trunk/lib/WikiUser/Facebook.php =================================================================== --- trunk/lib/WikiUser/Facebook.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/Facebook.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -96,7 +96,7 @@ } // TODO: msearch facebook for the username - public function userExists() + public function userExists(): bool { if (!loadPhpExtension('openssl')) { trigger_error( Modified: trunk/lib/WikiUser/File.php =================================================================== --- trunk/lib/WikiUser/File.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/File.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -61,12 +61,12 @@ } } - public function mayChangePass() + public function mayChangePass(): bool { return $this->_may_change; } - public function userExists() + public function userExists(): bool { if (!$this->isValidName()) { return $this->_tryNextUser(); Modified: trunk/lib/WikiUser/FusionForge.php =================================================================== --- trunk/lib/WikiUser/FusionForge.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/FusionForge.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -105,7 +105,7 @@ : WIKIAUTH_ANON; } - public function mayChangePass() + public function mayChangePass(): bool { return false; } Modified: trunk/lib/WikiUser/HttpAuth.php =================================================================== --- trunk/lib/WikiUser/HttpAuth.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/HttpAuth.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -61,7 +61,7 @@ // FIXME! This doesn't work yet! // Allow httpauth by other method: Admin for now only - public function _fake_auth($userid, $passwd) + public function _fake_auth($userid, $passwd): bool { return false; @@ -169,7 +169,7 @@ : WIKIAUTH_ANON; } - public function mayChangePass() + public function mayChangePass(): bool { return false; } Modified: trunk/lib/WikiUser/HttpAuthUpper.php =================================================================== --- trunk/lib/WikiUser/HttpAuthUpper.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/HttpAuthUpper.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -62,7 +62,7 @@ // FIXME! This doesn't work yet! // Allow httpauth by other method: Admin for now only - public function _fake_auth($userid, $passwd) + public function _fake_auth($userid, $passwd): bool { return false; @@ -180,7 +180,7 @@ : WIKIAUTH_ANON; } - public function mayChangePass() + public function mayChangePass(): bool { return false; } Modified: trunk/lib/WikiUser/IMAP.php =================================================================== --- trunk/lib/WikiUser/IMAP.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/IMAP.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -75,7 +75,7 @@ } //CHECKME: this will not be okay for the auth policy strict - public function userExists() + public function userExists(): bool { return true; @@ -89,7 +89,7 @@ */ } - public function mayChangePass() + public function mayChangePass(): bool { if (DEBUG & _DEBUG_LOGIN) { trigger_error(get_class($this) . "::mayChangePass => false", E_USER_WARNING); Modified: trunk/lib/WikiUser/LDAP.php =================================================================== --- trunk/lib/WikiUser/LDAP.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/LDAP.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -97,7 +97,7 @@ * * @see http://www.faqs.org/rfcs/rfc4514.html LDAP String Representation of Distinguished Names */ - private function _stringEscape($name) + private function _stringEscape($name): string { return strtr( utf8_encode($name), @@ -115,7 +115,7 @@ * LDAP names may contain every utf-8 character. However we restrict them a bit for convenience. * @see _stringEscape() */ - public function isValidName($userid = false) + public function isValidName($userid = false): bool { if (!$userid) { $userid = $this->_userid; @@ -132,7 +132,7 @@ * @return string The 3rd argument to ldap_search() * @see http://www.faqs.org/rfcs/rfc4514.html LDAP String Representation of Distinguished Names */ - private function _searchparam($userid) + private function _searchparam(string $userid): string { $euserid = $this->_stringEscape($userid); // Need to set the right root search information. See config/config.ini @@ -241,7 +241,7 @@ } - public function userExists() + public function userExists(): bool { $this->_userid = trim($this->_userid); $userid = $this->_userid; @@ -271,7 +271,7 @@ return $this->_tryNextUser(); } - public function mayChangePass() + public function mayChangePass(): bool { return false; } Modified: trunk/lib/WikiUser/LdapUpper.php =================================================================== --- trunk/lib/WikiUser/LdapUpper.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/LdapUpper.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -43,7 +43,7 @@ return ''; } - public function userExists() + public function userExists(): bool { // lowercase check and uppercase visibility $this->_userid = trim(strtoupper($this->_userid)); Modified: trunk/lib/WikiUser/OpenID.php =================================================================== --- trunk/lib/WikiUser/OpenID.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/OpenID.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -49,7 +49,7 @@ * @param mixed $extensions extension object or array of extensions objects * @return bool */ - public function verify($params, &$identity = "", $extensions = null) + public function verify(array $params, string &$identity = "", $extensions = null): bool { $version = 1.1; $this->_setError(""); @@ -119,13 +119,13 @@ * @return bool */ public function _checkId( - $immediate, - $id, - $returnTo = null, - $root = null, - $extensions = null, - $response = null - ) + bool $immediate, + string $id, + string $returnTo = null, + string $root = null, + $extensions = null, + $response = null + ): bool { $this->_setError(''); @@ -244,7 +244,7 @@ } /* do nothing. the login/redirect is done in checkPass */ - public function userExists() + public function userExists(): bool { if (!$this->isValidName($this->_userid)) { return $this->_tryNextUser(); @@ -264,7 +264,7 @@ } // no quotes and shorter than 128 - public function isValidName($userid = false) + public function isValidName($userid = false): bool { if (!$this->_userid) { return false; Modified: trunk/lib/WikiUser/POP3.php =================================================================== --- trunk/lib/WikiUser/POP3.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/POP3.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -98,7 +98,7 @@ return $this->_level; } - public function __userExists() + public function __userExists(): bool { if (DEBUG & _DEBUG_LOGIN) { trigger_error(get_class($this) . "::userExists => true (dummy)", E_USER_WARNING); Modified: trunk/lib/WikiUser/PdoDb.php =================================================================== --- trunk/lib/WikiUser/PdoDb.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/PdoDb.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -61,7 +61,7 @@ return $this; } - public function userExists() + public function userExists(): bool { /** * @var WikiRequest $request @@ -211,7 +211,7 @@ } } - public function mayChangePass() + public function mayChangePass(): bool { /** * @var WikiRequest $request @@ -221,7 +221,7 @@ return $request->_dbi->getAuthParam('auth_update'); } - public function storePass($submitted_password) + public function storePass($submitted_password): bool { /** * @var WikiRequest $request Modified: trunk/lib/WikiUser/PearDb.php =================================================================== --- trunk/lib/WikiUser/PearDb.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/PearDb.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -60,7 +60,7 @@ return $this; } - public function userExists() + public function userExists(): bool { /** * @var WikiRequest $request @@ -184,7 +184,7 @@ } } - public function mayChangePass() + public function mayChangePass(): bool { /** * @var WikiRequest $request @@ -194,7 +194,7 @@ return $request->_dbi->getAuthParam('auth_update'); } - public function storePass($submitted_password) + public function storePass($submitted_password): bool { /** * @var WikiRequest $request Modified: trunk/lib/WikiUser/PersonalPage.php =================================================================== --- trunk/lib/WikiUser/PersonalPage.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/PersonalPage.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -33,7 +33,7 @@ /* Very loose checking, since we properly quote the PageName. Just trim spaces, ... See lib/stdlib.php */ - public function isValidName($userid = false) + public function isValidName($userid = false): bool { if (!$userid) { $userid = $this->_userid; @@ -42,7 +42,7 @@ return $WikiPageName->isValid() and ($userid === $WikiPageName->name); } - public function userExists() + public function userExists(): bool { return $this->_HomePagehandle and $this->_HomePagehandle->exists(); } Modified: trunk/lib/WikiUser/Session.php =================================================================== --- trunk/lib/WikiUser/Session.php 2023年07月14日 09:44:40 UTC (rev 11049) +++ trunk/lib/WikiUser/Session.php 2023年07月14日 10:03:49 UTC (rev 11050) @@ -68,17 +68,17 @@ $this->_authmethod = 'Session'; } - public function userExists() + public function userExists(): bool { return !empty($this->_userid); } - public function checkPass($submitted_password) + public function checkPass($submitted_password): bool { return $this->userExists() and $this->_level > -1; } - public function mayChangePass() + public function mayChangePass(): bool { return false; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
Revision: 11075 http://sourceforge.net/p/phpwiki/code/11075 Author: vargenau Date: 2024年01月24日 12:07:18 +0000 (2024年1月24日) Log Message: ----------- make function _fake_auth static (patch by Christof Meerwald) Modified Paths: -------------- trunk/lib/WikiUser/HttpAuth.php trunk/lib/WikiUser/HttpAuthUpper.php Modified: trunk/lib/WikiUser/HttpAuth.php =================================================================== --- trunk/lib/WikiUser/HttpAuth.php 2024年01月24日 12:00:19 UTC (rev 11074) +++ trunk/lib/WikiUser/HttpAuth.php 2024年01月24日 12:07:18 UTC (rev 11075) @@ -61,7 +61,7 @@ // FIXME! This doesn't work yet! // Allow httpauth by other method: Admin for now only - public function _fake_auth($userid, $passwd) + public static function _fake_auth($userid, $passwd) { return false; Modified: trunk/lib/WikiUser/HttpAuthUpper.php =================================================================== --- trunk/lib/WikiUser/HttpAuthUpper.php 2024年01月24日 12:00:19 UTC (rev 11074) +++ trunk/lib/WikiUser/HttpAuthUpper.php 2024年01月24日 12:07:18 UTC (rev 11075) @@ -62,7 +62,7 @@ // FIXME! This doesn't work yet! // Allow httpauth by other method: Admin for now only - public function _fake_auth($userid, $passwd) + public static function _fake_auth($userid, $passwd) { return false; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.