diff options
| author | Andreas Gohr <gohr@cosmocode.de> | 2019-10-10 09:55:14 +0200 |
|---|---|---|
| committer | Andreas Gohr <gohr@cosmocode.de> | 2019-10-10 09:55:14 +0200 |
| commit | 31a58aba4c24b34c34ad5764d1a35b7c398c3a2c (patch) | |
| tree | 7f4d1546fbb69863a7d366fc1ff647f784853b68 /lib/plugins/authplain/auth.php | |
| parent | af7ba5aa0bd10fc0ad9ef983006305b4c5a8ed42 (diff) | |
| parent | c0c77cd20b23921c9e893bb70b99f38be153875a (diff) | |
| download | dokuwiki-31a58aba4c24b34c34ad5764d1a35b7c398c3a2c.tar.gz dokuwiki-31a58aba4c24b34c34ad5764d1a35b7c398c3a2c.zip | |
Merge branch 'psr2'
* psr2: (160 commits)
fixed merge error
Moved parts of the Asian word handling to its own class
ignore snake_case error of substr_replace
fixed some line length errors
ignore PSR2 in the old form class
fix PSR2 error in switch statement
replaced deprecated utf8 functions
formatting cleanup
mark old utf8 functions deprecated
some more PSR2 cleanup
Some cleanup for the UTF-8 stuff
Moved all utf8 methods to their own namespaced classes
Create separate table files for UTF-8 handling
Ignore mixed concerns in loader
Use type safe comparisons in loader
Remove obsolete include
adjust phpcs exclude patterns for new plugin classes
🚚 Move Subscription class to deprecated.php
♻️ Split up ChangesSubscriptionSender into multiple classes
Minor optimizations in PluginController
...
Diffstat (limited to 'lib/plugins/authplain/auth.php')
| -rw-r--r-- | lib/plugins/authplain/auth.php | 183 |
1 files changed, 105 insertions, 78 deletions
diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index ac1c5d5da..421af8847 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -1,6 +1,4 @@ <?php -// must be run within Dokuwiki -if(!defined('DOKU_INC')) die(); /** * Plaintext authentication backend @@ -10,15 +8,16 @@ if(!defined('DOKU_INC')) die(); * @author Chris Smith <chris@jalakai.co.uk> * @author Jan Schumann <js@schumann-it.com> */ -class auth_plugin_authplain extends DokuWiki_Auth_Plugin { +class auth_plugin_authplain extends DokuWiki_Auth_Plugin +{ /** @var array user cache */ protected $users = null; /** @var array filter pattern */ - protected $_pattern = array(); + protected $pattern = array(); /** @var bool safe version of preg_split */ - protected $_pregsplit_safe = false; + protected $pregsplit_safe = false; /** * Constructor @@ -28,14 +27,15 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * * @author Christopher Smith <chris@jalakai.co.uk> */ - public function __construct() { + public function __construct() + { parent::__construct(); global $config_cascade; - if(!@is_readable($config_cascade['plainauth.users']['default'])) { + if (!@is_readable($config_cascade['plainauth.users']['default'])) { $this->success = false; } else { - if(@is_writable($config_cascade['plainauth.users']['default'])) { + if (@is_writable($config_cascade['plainauth.users']['default'])) { $this->cando['addUser'] = true; $this->cando['delUser'] = true; $this->cando['modLogin'] = true; @@ -49,7 +49,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { $this->cando['getGroups'] = true; } - $this->_pregsplit_safe = version_compare(PCRE_VERSION,'6.7','>='); + $this->pregsplit_safe = version_compare(PCRE_VERSION, '6.7', '>='); } /** @@ -63,9 +63,10 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param string $pass * @return bool */ - public function checkPass($user, $pass) { + public function checkPass($user, $pass) + { $userinfo = $this->getUserData($user); - if($userinfo === false) return false; + if ($userinfo === false) return false; return auth_verifyPassword($pass, $this->users[$user]['pass']); } @@ -85,8 +86,9 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param bool $requireGroups (optional) ignored by this plugin, grps info always supplied * @return array|false */ - public function getUserData($user, $requireGroups=true) { - if($this->users === null) $this->_loadUserData(); + public function getUserData($user, $requireGroups = true) + { + if ($this->users === null) $this->loadUserData(); return isset($this->users[$user]) ? $this->users[$user] : false; } @@ -102,7 +104,8 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param array $grps list of groups the user is in * @return string */ - protected function _createUserLine($user, $pass, $name, $mail, $grps) { + protected function createUserLine($user, $pass, $name, $mail, $grps) + { $groups = join(',', $grps); $userline = array($user, $pass, $name, $mail, $groups); $userline = str_replace('\\', '\\\\', $userline); // escape \ as \\ @@ -130,12 +133,13 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param array $grps * @return bool|null|string */ - public function createUser($user, $pwd, $name, $mail, $grps = null) { + public function createUser($user, $pwd, $name, $mail, $grps = null) + { global $conf; global $config_cascade; // user mustn't already exist - if($this->getUserData($user) !== false) { + if ($this->getUserData($user) !== false) { msg($this->getLang('userexists'), -1); return false; } @@ -143,12 +147,12 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { $pass = auth_cryptPassword($pwd); // set default group if no groups specified - if(!is_array($grps)) $grps = array($conf['defaultgroup']); + if (!is_array($grps)) $grps = array($conf['defaultgroup']); // prepare user line - $userline = $this->_createUserLine($user, $pass, $name, $mail, $grps); + $userline = $this->createUserLine($user, $pass, $name, $mail, $grps); - if(!io_saveFile($config_cascade['plainauth.users']['default'], $userline, true)) { + if (!io_saveFile($config_cascade['plainauth.users']['default'], $userline, true)) { msg($this->getLang('writefail'), -1); return null; } @@ -165,38 +169,45 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param array $changes array of field/value pairs to be changed (password will be clear text) * @return bool */ - public function modifyUser($user, $changes) { + public function modifyUser($user, $changes) + { global $ACT; global $config_cascade; // sanity checks, user must already exist and there must be something to change - if(($userinfo = $this->getUserData($user)) === false) { + if (($userinfo = $this->getUserData($user)) === false) { msg($this->getLang('usernotexists'), -1); return false; } // don't modify protected users - if(!empty($userinfo['protected'])) { + if (!empty($userinfo['protected'])) { msg(sprintf($this->getLang('protected'), hsc($user)), -1); return false; } - if(!is_array($changes) || !count($changes)) return true; + if (!is_array($changes) || !count($changes)) return true; // update userinfo with new data, remembering to encrypt any password $newuser = $user; - foreach($changes as $field => $value) { - if($field == 'user') { + foreach ($changes as $field => $value) { + if ($field == 'user') { $newuser = $value; continue; } - if($field == 'pass') $value = auth_cryptPassword($value); + if ($field == 'pass') $value = auth_cryptPassword($value); $userinfo[$field] = $value; } - $userline = $this->_createUserLine($newuser, $userinfo['pass'], $userinfo['name'], $userinfo['mail'], $userinfo['grps']); + $userline = $this->createUserLine( + $newuser, + $userinfo['pass'], + $userinfo['name'], + $userinfo['mail'], + $userinfo['grps'] + ); - if(!io_replaceInFile($config_cascade['plainauth.users']['default'], '/^'.$user.':/', $userline, true)) { + if (!io_replaceInFile($config_cascade['plainauth.users']['default'], '/^'.$user.':/', $userline, true)) { msg('There was an error modifying your user data. You may need to register again.', -1); // FIXME, io functions should be fail-safe so existing data isn't lost $ACT = 'register'; @@ -214,24 +225,25 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param array $users array of users to be deleted * @return int the number of users deleted */ - public function deleteUsers($users) { + public function deleteUsers($users) + { global $config_cascade; - if(!is_array($users) || empty($users)) return 0; + if (!is_array($users) || empty($users)) return 0; - if($this->users === null) $this->_loadUserData(); + if ($this->users === null) $this->loadUserData(); $deleted = array(); - foreach($users as $user) { + foreach ($users as $user) { // don't delete protected users - if(!empty($this->users[$user]['protected'])) { + if (!empty($this->users[$user]['protected'])) { msg(sprintf($this->getLang('protected'), hsc($user)), -1); continue; } - if(isset($this->users[$user])) $deleted[] = preg_quote($user, '/'); + if (isset($this->users[$user])) $deleted[] = preg_quote($user, '/'); } - if(empty($deleted)) return 0; + if (empty($deleted)) return 0; $pattern = '/^('.join('|', $deleted).'):/'; if (!io_deleteFromFile($config_cascade['plainauth.users']['default'], $pattern, true)) { @@ -241,7 +253,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { // reload the user list and count the difference $count = count($this->users); - $this->_loadUserData(); + $this->loadUserData(); $count -= count($this->users); return $count; } @@ -254,17 +266,18 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param array $filter * @return int */ - public function getUserCount($filter = array()) { + public function getUserCount($filter = array()) + { - if($this->users === null) $this->_loadUserData(); + if ($this->users === null) $this->loadUserData(); - if(!count($filter)) return count($this->users); + if (!count($filter)) return count($this->users); $count = 0; - $this->_constructPattern($filter); + $this->constructPattern($filter); - foreach($this->users as $user => $info) { - $count += $this->_filter($user, $info); + foreach ($this->users as $user => $info) { + $count += $this->filter($user, $info); } return $count; @@ -280,23 +293,24 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param array $filter array of field/pattern pairs * @return array userinfo (refer getUserData for internal userinfo details) */ - public function retrieveUsers($start = 0, $limit = 0, $filter = array()) { + public function retrieveUsers($start = 0, $limit = 0, $filter = array()) + { - if($this->users === null) $this->_loadUserData(); + if ($this->users === null) $this->loadUserData(); ksort($this->users); $i = 0; $count = 0; $out = array(); - $this->_constructPattern($filter); + $this->constructPattern($filter); - foreach($this->users as $user => $info) { - if($this->_filter($user, $info)) { - if($i >= $start) { + foreach ($this->users as $user => $info) { + if ($this->filter($user, $info)) { + if ($i >= $start) { $out[$user] = $info; $count++; - if(($limit > 0) && ($count >= $limit)) break; + if (($limit > 0) && ($count >= $limit)) break; } $i++; } @@ -317,7 +331,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { { $groups = []; - if ($this->users === null) $this->_loadUserData(); + if ($this->users === null) $this->loadUserData(); foreach($this->users as $user => $info) { $groups = array_merge($groups, array_diff($info['grps'], $groups)); } @@ -334,7 +348,8 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param string $user * @return string */ - public function cleanUser($user) { + public function cleanUser($user) + { global $conf; return cleanID(str_replace(':', $conf['sepchar'], $user)); } @@ -345,7 +360,8 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param string $group * @return string */ - public function cleanGroup($group) { + public function cleanGroup($group) + { global $conf; return cleanID(str_replace(':', $conf['sepchar'], $group)); } @@ -357,15 +373,16 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * * @author Andreas Gohr <andi@splitbrain.org> */ - protected function _loadUserData() { + protected function loadUserData() + { global $config_cascade; - $this->users = $this->_readUserFile($config_cascade['plainauth.users']['default']); + $this->users = $this->readUserFile($config_cascade['plainauth.users']['default']); // support protected users - if(!empty($config_cascade['plainauth.users']['protected'])) { - $protected = $this->_readUserFile($config_cascade['plainauth.users']['protected']); - foreach(array_keys($protected) as $key) { + if (!empty($config_cascade['plainauth.users']['protected'])) { + $protected = $this->readUserFile($config_cascade['plainauth.users']['protected']); + foreach (array_keys($protected) as $key) { $protected[$key]['protected'] = true; } $this->users = array_merge($this->users, $protected); @@ -380,17 +397,18 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param string $file the file to load data from * @return array */ - protected function _readUserFile($file) { + protected function readUserFile($file) + { $users = array(); - if(!file_exists($file)) return $users; + if (!file_exists($file)) return $users; $lines = file($file); - foreach($lines as $line) { + foreach ($lines as $line) { $line = preg_replace('/#.*$/', '', $line); //ignore comments $line = trim($line); - if(empty($line)) continue; + if (empty($line)) continue; - $row = $this->_splitUserData($line); + $row = $this->splitUserData($line); $row = str_replace('\\:', ':', $row); $row = str_replace('\\\\', '\\', $row); @@ -404,22 +422,29 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { return $users; } - protected function _splitUserData($line){ + /** + * Get the user line split into it's parts + * + * @param string $line + * @return string[] + */ + protected function splitUserData($line) + { // due to a bug in PCRE 6.6, preg_split will fail with the regex we use here // refer github issues 877 & 885 - if ($this->_pregsplit_safe){ + if ($this->pregsplit_safe) { return preg_split('/(?<![^\\\\]\\\\)\:/', $line, 5); // allow for : escaped as \: } $row = array(); $piece = ''; $len = strlen($line); - for($i=0; $i<$len; $i++){ - if ($line[$i]=='\\'){ + for ($i=0; $i<$len; $i++) { + if ($line[$i]=='\\') { $piece .= $line[$i]; $i++; if ($i>=$len) break; - } else if ($line[$i]==':'){ + } elseif ($line[$i]==':') { $row[] = $piece; $piece = ''; continue; @@ -440,14 +465,15 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @param array $info User's userinfo array * @return bool */ - protected function _filter($user, $info) { - foreach($this->_pattern as $item => $pattern) { - if($item == 'user') { - if(!preg_match($pattern, $user)) return false; - } else if($item == 'grps') { - if(!count(preg_grep($pattern, $info['grps']))) return false; + protected function filter($user, $info) + { + foreach ($this->pattern as $item => $pattern) { + if ($item == 'user') { + if (!preg_match($pattern, $user)) return false; + } elseif ($item == 'grps') { + if (!count(preg_grep($pattern, $info['grps']))) return false; } else { - if(!preg_match($pattern, $info[$item])) return false; + if (!preg_match($pattern, $info[$item])) return false; } } return true; @@ -458,10 +484,11 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * * @param array $filter */ - protected function _constructPattern($filter) { - $this->_pattern = array(); - foreach($filter as $item => $pattern) { - $this->_pattern[$item] = '/'.str_replace('/', '\/', $pattern).'/i'; // allow regex characters + protected function constructPattern($filter) + { + $this->pattern = array(); + foreach ($filter as $item => $pattern) { + $this->pattern[$item] = '/'.str_replace('/', '\/', $pattern).'/i'; // allow regex characters } } } |