From abffaebebd89736a043671d7518c3c6e3b9a9224 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 4 Aug 2009 11:13:47 -0400 Subject: event for determining if an action is a login action --- index.php | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index a73983b59..372a8536e 100644 --- a/index.php +++ b/index.php @@ -105,6 +105,20 @@ function checkMirror($action_obj) } } +function isLoginAction($action) +{ + static $loginActions = array('login', 'openidlogin', 'finishopenidlogin', + 'recoverpassword', 'api', 'doc', 'register'); + + $login = null; + + if (Event::handle('LoginAction', array($action, &$login))) { + $login = in_array($action, $loginActions); + } + + return $login; +} + function main() { // quick check for fancy URL auto-detection support in installer. @@ -164,8 +178,7 @@ function main() // parts of the site, redirect to login if (!$user && common_config('site', 'private') && - !in_array($action, array('login', 'openidlogin', 'finishopenidlogin', - 'recoverpassword', 'api', 'doc', 'register')) && + !isLoginAction($action) && !preg_match('/rss$/', $action)) { common_redirect(common_local_url('login')); return; -- cgit v1.2.3-54-g00ecf From 628a9371082531908a023618ad4216a2f254f481 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 4 Aug 2009 11:16:43 -0400 Subject: say that it's OK to do OpenID login in private mode --- index.php | 3 +-- plugins/OpenID/OpenIDPlugin.php | 13 +++++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 372a8536e..c1245136e 100644 --- a/index.php +++ b/index.php @@ -107,8 +107,7 @@ function checkMirror($action_obj) function isLoginAction($action) { - static $loginActions = array('login', 'openidlogin', 'finishopenidlogin', - 'recoverpassword', 'api', 'doc', 'register'); + static $loginActions = array('login', 'recoverpassword', 'api', 'doc', 'register'); $login = null; diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index 199b1b351..fb6bc5cf8 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -129,4 +129,17 @@ class OpenIDPlugin extends Plugin return true; } } + + function onLoginAction($action, &$login) + { + switch ($action) + { + case 'openidlogin': + case 'finishopenidlogin': + $login = true; + return false; + default: + return true; + } + } } -- cgit v1.2.3-54-g00ecf From acd9e7c05610ce2e5ddc582b8ec7c58991b7a21e Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Sun, 13 Sep 2009 20:15:21 +1200 Subject: added most of the required doxygen --- index.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'index.php') diff --git a/index.php b/index.php index e2296549f..83c14c495 100644 --- a/index.php +++ b/index.php @@ -15,6 +15,10 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . + * + * @category StatusNet + * @package StatusNet + * @license GNU Affero General Public License http://www.gnu.org/licenses/ */ define('INSTALLDIR', dirname(__FILE__)); -- cgit v1.2.3-54-g00ecf From a2f4fe7fc80fa851dd9293d64c4727d4bb233b90 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Sun, 13 Sep 2009 20:16:07 +1200 Subject: fixed up if statements --- index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 83c14c495..8f2a7cf7f 100644 --- a/index.php +++ b/index.php @@ -49,11 +49,11 @@ function handleError($error) } $logmsg = "PEAR error: " . $error->getMessage(); - if(common_config('site', 'logdebug')) { + if (common_config('site', 'logdebug')) { $logmsg .= " : ". $error->getDebugInfo(); } common_log(LOG_ERR, $logmsg); - if(common_config('site', 'logdebug')) { + if (common_config('site', 'logdebug')) { $bt = $error->getBacktrace(); foreach ($bt as $line) { common_log(LOG_ERR, $line); -- cgit v1.2.3-54-g00ecf From 738b6d1690ad595b85657fa282132459865fed93 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Sun, 13 Sep 2009 20:31:19 +1200 Subject: lotsa of multiline if statements and function calls changed style to meat pear code style --- index.php | 54 ++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 34 insertions(+), 20 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 8f2a7cf7f..71de39324 100644 --- a/index.php +++ b/index.php @@ -33,7 +33,8 @@ $action = null; function getPath($req) { if ((common_config('site', 'fancy') || !array_key_exists('PATH_INFO', $_SERVER)) - && array_key_exists('p', $req)) { + && array_key_exists('p', $req) + ) { return $req['p']; } else if (array_key_exists('PATH_INFO', $_SERVER)) { return $_SERVER['PATH_INFO']; @@ -59,18 +60,25 @@ function handleError($error) common_log(LOG_ERR, $line); } } - if ($error instanceof DB_DataObject_Error || - $error instanceof DB_Error) { - $msg = sprintf(_('The database for %s isn\'t responding correctly, '. - 'so the site won\'t work properly. '. - 'The site admins probably know about the problem, '. - 'but you can contact them at %s to make sure. '. - 'Otherwise, wait a few minutes and try again.'), - common_config('site', 'name'), - common_config('site', 'email')); + if ($error instanceof DB_DataObject_Error + || $error instanceof DB_Error + ) { + $msg = sprintf( + _( + 'The database for %s isn\'t responding correctly, '. + 'so the site won\'t work properly. '. + 'The site admins probably know about the problem, '. + 'but you can contact them at %s to make sure. '. + 'Otherwise, wait a few minutes and try again.' + ), + common_config('site', 'name'), + common_config('site', 'email') + ); } else { - $msg = _('An important error occured, probably related to email setup. '. - 'Check logfiles for more info..'); + $msg = _( + 'An important error occured, probably related to email setup. '. + 'Check logfiles for more info..' + ); } $dac = new DBErrorAction($msg, 500); @@ -131,10 +139,11 @@ function main() $_lighty_url = @parse_url($_lighty_url); if ($_lighty_url['path'] != '/index.php' && $_lighty_url['path'] != '/') { - $_lighty_path = preg_replace('/^'.preg_quote(common_config('site','path')).'\//', '', substr($_lighty_url['path'], 1)); + $_lighty_path = preg_replace('/^'.preg_quote(common_config('site', 'path')).'\//', '', substr($_lighty_url['path'], 1)); $_SERVER['QUERY_STRING'] = 'p='.$_lighty_path; - if ($_lighty_url['query']) + if ($_lighty_url['query']) { $_SERVER['QUERY_STRING'] .= '&'.$_lighty_url['query']; + } parse_str($_lighty_url['query'], $_lighty_query); foreach ($_lighty_query as $key => $val) { $_GET[$key] = $_REQUEST[$key] = $val; @@ -145,7 +154,7 @@ function main() $_SERVER['REDIRECT_URL'] = preg_replace("/\?.+$/", "", $_SERVER['REQUEST_URI']); // quick check for fancy URL auto-detection support in installer. - if (isset($_SERVER['REDIRECT_URL']) && (preg_replace("/^\/$/","",(dirname($_SERVER['REQUEST_URI']))) . '/check-fancy') === $_SERVER['REDIRECT_URL']) { + if (isset($_SERVER['REDIRECT_URL']) && (preg_replace("/^\/$/", "", (dirname($_SERVER['REQUEST_URI']))) . '/check-fancy') === $_SERVER['REDIRECT_URL']) { die("Fancy URL support detection succeeded. We suggest you enable this to get fancy (pretty) URLs."); } global $user, $action; @@ -153,8 +162,12 @@ function main() Snapshot::check(); if (!_have_config()) { - $msg = sprintf(_("No configuration file found. Try running ". - "the installation program first.")); + $msg = sprintf( + _( + "No configuration file found. Try running ". + "the installation program first." + ) + ); $sac = new ServerErrorAction($msg); $sac->showPage(); return; @@ -200,9 +213,10 @@ function main() // If the site is private, and they're not on one of the "public" // parts of the site, redirect to login - if (!$user && common_config('site', 'private') && - !isLoginAction($action) && - !preg_match('/rss$/', $action)) { + if (!$user && common_config('site', 'private') + && !isLoginAction($action) + && !preg_match('/rss$/', $action) + ) { common_redirect(common_local_url('login')); return; } -- cgit v1.2.3-54-g00ecf From 87c59fe8734479046c8433f74787f615484b3df7 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Sun, 13 Sep 2009 20:32:58 +1200 Subject: fixed indentation for the pear code styles --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 71de39324..b8d9c7c69 100644 --- a/index.php +++ b/index.php @@ -34,7 +34,7 @@ function getPath($req) { if ((common_config('site', 'fancy') || !array_key_exists('PATH_INFO', $_SERVER)) && array_key_exists('p', $req) - ) { + ) { return $req['p']; } else if (array_key_exists('PATH_INFO', $_SERVER)) { return $_SERVER['PATH_INFO']; -- cgit v1.2.3-54-g00ecf From 5ca90e2c8cbc76693cf0f2278d14f2a35da7e34e Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Mon, 14 Sep 2009 19:19:11 +1200 Subject: pulled @author from git logs Conflicts: install.php --- index.php | 14 ++++++++++++++ install.php | 21 ++++++++++++++++----- 2 files changed, 30 insertions(+), 5 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index b8d9c7c69..a1d983dce 100644 --- a/index.php +++ b/index.php @@ -19,6 +19,20 @@ * @category StatusNet * @package StatusNet * @license GNU Affero General Public License http://www.gnu.org/licenses/ + * @author Brenda Wallace + * @author Christopher Vollick + * @author CiaranG + * @author Craig Andrews + * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou + * @author Gina Haeussge + * @author Jeffery To + * @author Mike Cochrane + * @author Robin Millette + * @author Sarven Capadisli + * @author Tom Adams */ define('INSTALLDIR', dirname(__FILE__)); diff --git a/install.php b/install.php index dea03fc5e..07a7bfaaf 100644 --- a/install.php +++ b/install.php @@ -18,12 +18,22 @@ * * @category Installation * @package Installation - * @license GNU Affero General Public License http://www.gnu.org/licenses/ * + * @author Adrian Lang + * @author Brenda Wallace + * @author Brett Taylor + * @author Brion Vibber + * @author CiaranG + * @author Craig Andrews + * @author Eric Helgeson + * @author Evan Prodromou + * @author Evan Prodromou + * @author Robin Millette + * @author Sarven Capadisli + * @author Tom Adams + * @license GNU Affero General Public License http://www.gnu.org/licenses/ */ - - define('INSTALLDIR', dirname(__FILE__)); $external_libraries=array( @@ -281,6 +291,7 @@ function checkPrereqs() $missingExtensions[] = $info['check_module']; } } + if (count($missingExtensions) == count($dbModules)) { $req = implode(', ', $missingExtensions); printf('

Cannot find mysql or pgsql extension. You need one or the other: %s

', $req); @@ -682,7 +693,7 @@ function writeConf($sitename, $server, $path, $fancy, $db) * * @return boolean - indicating success or failure */ -function runDbScript($filename, $conn, $type = 'mysql') +function runDbScript($filename, $conn, $type = 'mysqli') { $sql = trim(file_get_contents($filename)); $stmts = explode(';', $sql); @@ -693,7 +704,7 @@ function runDbScript($filename, $conn, $type = 'mysql') } // FIXME: use PEAR::DB or PDO instead of our own switch switch ($type) { - case 'mysql': + case 'mysqli': $res = mysql_query($stmt, $conn); if ($res === false) { $error = mysql_error(); -- cgit v1.2.3-54-g00ecf From 6f531745ca21e7b5460be90890c55b1934a45f15 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 15 Sep 2009 22:28:59 -0400 Subject: change all evans to evan@status.net --- actions/all.php | 6 +++--- actions/api.php | 6 +++--- actions/finishremotesubscribe.php | 2 +- actions/updateprofile.php | 2 +- index.php | 6 +++--- install.php | 2 +- lib/httpclient.php | 6 +++--- 7 files changed, 15 insertions(+), 15 deletions(-) (limited to 'index.php') diff --git a/actions/all.php b/actions/all.php index e56e10c21..5ffc7e9bd 100644 --- a/actions/all.php +++ b/actions/all.php @@ -18,15 +18,15 @@ * * @category Actions * @package Actions - * @author Evan Prodromou - * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou * @author Mike Cochrane * @author Robin Millette * @author Adrian Lang * @author Meitar Moscovitz * @author Sarven Capadisli * @author Craig Andrews - * @author Evan Prodromou + * @author Evan Prodromou * @author Evan Prodromou * @author Jeffery To * @author Zach Copley diff --git a/actions/api.php b/actions/api.php index 9b5f54807..06fdbfb44 100644 --- a/actions/api.php +++ b/actions/api.php @@ -18,8 +18,8 @@ * * @category Actions * @package Actions - * @author Evan Prodromou - * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou * @author Brenda Wallace * @author Jeffery To * @author Robin Millette @@ -27,7 +27,7 @@ * @author Christopher Vollick * @author CiaranG * @author Craig Andrews - * @author Evan Prodromou + * @author Evan Prodromou * @author Evan Prodromou * @author Gina Haeussge * @author Mike Cochrane diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index 44abbfceb..5f6807d10 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -41,7 +41,7 @@ require_once INSTALLDIR.'/lib/omb.php'; * * @category Action * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @author Robin Millette * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://laconi.ca/ diff --git a/actions/updateprofile.php b/actions/updateprofile.php index 7f7dd75fe..d9cc7f7f3 100644 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@ -38,7 +38,7 @@ require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; * * @category Action * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @author Robin Millette * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://laconi.ca/ diff --git a/index.php b/index.php index a1d983dce..4e6c09379 100644 --- a/index.php +++ b/index.php @@ -23,9 +23,9 @@ * @author Christopher Vollick * @author CiaranG * @author Craig Andrews - * @author Evan Prodromou - * @author Evan Prodromou - * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou * @author Evan Prodromou * @author Gina Haeussge * @author Jeffery To diff --git a/install.php b/install.php index 54ae0cd5e..24ad3eb24 100644 --- a/install.php +++ b/install.php @@ -26,7 +26,7 @@ * @author CiaranG * @author Craig Andrews * @author Eric Helgeson - * @author Evan Prodromou + * @author Evan Prodromou * @author Evan Prodromou * @author Robin Millette * @author Sarven Capadisli diff --git a/lib/httpclient.php b/lib/httpclient.php index 9b0bb6f3a..005971153 100644 --- a/lib/httpclient.php +++ b/lib/httpclient.php @@ -21,7 +21,7 @@ * * @category Action * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @copyright 2009 Control Yourself, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://laconi.ca/ @@ -40,7 +40,7 @@ if (!defined('STATUSNET')) { * * @category HTTP * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://laconi.ca/ */ @@ -61,7 +61,7 @@ class HTTPResponse * * @category HTTP * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://laconi.ca/ */ -- cgit v1.2.3-54-g00ecf From 1618d515e6d96c8c0458295282de89dfae790e00 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 15 Sep 2009 22:30:52 -0400 Subject: dedupe evans --- actions/all.php | 9 +++------ actions/api.php | 15 ++++++--------- index.php | 21 +++++++++------------ install.php | 1 - 4 files changed, 18 insertions(+), 28 deletions(-) (limited to 'index.php') diff --git a/actions/all.php b/actions/all.php index 5ffc7e9bd..22da3cd68 100644 --- a/actions/all.php +++ b/actions/all.php @@ -15,19 +15,16 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . - * + * * @category Actions * @package Actions * @author Evan Prodromou - * @author Evan Prodromou * @author Mike Cochrane * @author Robin Millette * @author Adrian Lang * @author Meitar Moscovitz * @author Sarven Capadisli * @author Craig Andrews - * @author Evan Prodromou - * @author Evan Prodromou * @author Jeffery To * @author Zach Copley * @author csarven @@ -35,8 +32,8 @@ * @link http://status.net */ -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); } require_once INSTALLDIR.'/lib/personalgroupnav.php'; diff --git a/actions/api.php b/actions/api.php index 06fdbfb44..243ae4c62 100644 --- a/actions/api.php +++ b/actions/api.php @@ -15,11 +15,10 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . - * + * * @category Actions * @package Actions * @author Evan Prodromou - * @author Evan Prodromou * @author Brenda Wallace * @author Jeffery To * @author Robin Millette @@ -27,8 +26,6 @@ * @author Christopher Vollick * @author CiaranG * @author Craig Andrews - * @author Evan Prodromou - * @author Evan Prodromou * @author Gina Haeussge * @author Mike Cochrane * @author Sarven Capadisli @@ -36,8 +33,8 @@ * @link http://status.net */ -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); } class ApiAction extends Action @@ -205,9 +202,9 @@ class ApiAction extends Action $user_id = $this->arg('user_id'); $screen_name = $this->arg('screen_name'); - if (empty($this->api_arg) - && empty($id) - && empty($user_id) + if (empty($this->api_arg) + && empty($id) + && empty($user_id) && empty($screen_name) ) { return true; diff --git a/index.php b/index.php index 4e6c09379..fb3758590 100644 --- a/index.php +++ b/index.php @@ -15,23 +15,20 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . - * + * * @category StatusNet * @package StatusNet * @license GNU Affero General Public License http://www.gnu.org/licenses/ - * @author Brenda Wallace - * @author Christopher Vollick + * @author Brenda Wallace + * @author Christopher Vollick * @author CiaranG - * @author Craig Andrews - * @author Evan Prodromou - * @author Evan Prodromou - * @author Evan Prodromou + * @author Craig Andrews * @author Evan Prodromou - * @author Gina Haeussge + * @author Gina Haeussge * @author Jeffery To * @author Mike Cochrane * @author Robin Millette - * @author Sarven Capadisli + * @author Sarven Capadisli * @author Tom Adams */ @@ -74,7 +71,7 @@ function handleError($error) common_log(LOG_ERR, $line); } } - if ($error instanceof DB_DataObject_Error + if ($error instanceof DB_DataObject_Error || $error instanceof DB_Error ) { $msg = sprintf( @@ -227,8 +224,8 @@ function main() // If the site is private, and they're not on one of the "public" // parts of the site, redirect to login - if (!$user && common_config('site', 'private') - && !isLoginAction($action) + if (!$user && common_config('site', 'private') + && !isLoginAction($action) && !preg_match('/rss$/', $action) ) { common_redirect(common_local_url('login')); diff --git a/install.php b/install.php index 24ad3eb24..4398757de 100644 --- a/install.php +++ b/install.php @@ -27,7 +27,6 @@ * @author Craig Andrews * @author Eric Helgeson * @author Evan Prodromou - * @author Evan Prodromou * @author Robin Millette * @author Sarven Capadisli * @author Tom Adams -- cgit v1.2.3-54-g00ecf From 83b09164573ede90d87a7038a56f651a5f82b9f1 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Wed, 16 Sep 2009 11:14:26 +0200 Subject: Updated csarven emails to csarven@status.net and removed dupes --- actions/all.php | 3 +-- actions/api.php | 2 +- index.php | 2 +- install.php | 2 +- theme/readme.txt | 2 +- 5 files changed, 5 insertions(+), 6 deletions(-) (limited to 'index.php') diff --git a/actions/all.php b/actions/all.php index 22da3cd68..f1786462e 100644 --- a/actions/all.php +++ b/actions/all.php @@ -23,11 +23,10 @@ * @author Robin Millette * @author Adrian Lang * @author Meitar Moscovitz - * @author Sarven Capadisli + * @author Sarven Capadisli * @author Craig Andrews * @author Jeffery To * @author Zach Copley - * @author csarven * @license GNU Affero General Public License http://www.gnu.org/licenses/ * @link http://status.net */ diff --git a/actions/api.php b/actions/api.php index 243ae4c62..d570bb017 100644 --- a/actions/api.php +++ b/actions/api.php @@ -28,7 +28,7 @@ * @author Craig Andrews * @author Gina Haeussge * @author Mike Cochrane - * @author Sarven Capadisli + * @author Sarven Capadisli * @license GNU Affero General Public License http://www.gnu.org/licenses/ * @link http://status.net */ diff --git a/index.php b/index.php index fb3758590..d5174c2b7 100644 --- a/index.php +++ b/index.php @@ -28,7 +28,7 @@ * @author Jeffery To * @author Mike Cochrane * @author Robin Millette - * @author Sarven Capadisli + * @author Sarven Capadisli * @author Tom Adams */ diff --git a/install.php b/install.php index 4398757de..81241315e 100644 --- a/install.php +++ b/install.php @@ -28,7 +28,7 @@ * @author Eric Helgeson * @author Evan Prodromou * @author Robin Millette - * @author Sarven Capadisli + * @author Sarven Capadisli * @author Tom Adams * @license GNU Affero General Public License http://www.gnu.org/licenses/ */ diff --git a/theme/readme.txt b/theme/readme.txt index 151b1fb71..d030f2db4 100644 --- a/theme/readme.txt +++ b/theme/readme.txt @@ -1,7 +1,7 @@ /** Howto: create a statusnet theme * * @package StatusNet - * @author Sarven Capadisli + * @author Sarven Capadisli * @copyright 2009 Control Yourself, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://laconi.ca/ -- cgit v1.2.3-54-g00ecf From 39aa9b3a9f6a27738ad1cd330c471ae388b11088 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Thu, 17 Sep 2009 20:15:15 +1200 Subject: fixed up space on @author tags --- index.php | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index d5174c2b7..208259eb6 100644 --- a/index.php +++ b/index.php @@ -19,17 +19,20 @@ * @category StatusNet * @package StatusNet * @license GNU Affero General Public License http://www.gnu.org/licenses/ - * @author Brenda Wallace - * @author Christopher Vollick - * @author CiaranG - * @author Craig Andrews - * @author Evan Prodromou - * @author Gina Haeussge - * @author Jeffery To - * @author Mike Cochrane - * @author Robin Millette - * @author Sarven Capadisli - * @author Tom Adams + * @author Brenda Wallace + * @author Christopher Vollick + * @author CiaranG + * @author Craig Andrews + * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou + * @author Gina Haeussge + * @author Jeffery To + * @author Mike Cochrane + * @author Robin Millette + * @author Sarven Capadisli + * @author Tom Adams */ define('INSTALLDIR', dirname(__FILE__)); -- cgit v1.2.3-54-g00ecf From e9bdc696516b007b94e9557ba98d5e96779fb0e0 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Sat, 19 Sep 2009 12:28:08 +1200 Subject: @author tags updated -- only one entry per name now --- index.php | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 208259eb6..8ff67d19d 100644 --- a/index.php +++ b/index.php @@ -18,21 +18,19 @@ * * @category StatusNet * @package StatusNet - * @license GNU Affero General Public License http://www.gnu.org/licenses/ - * @author Brenda Wallace - * @author Christopher Vollick + * @author Brenda Wallace + * @author Christopher Vollick * @author CiaranG - * @author Craig Andrews + * @author Craig Andrews * @author Evan Prodromou - * @author Evan Prodromou - * @author Evan Prodromou - * @author Evan Prodromou - * @author Gina Haeussge + * @author Gina Haeussge * @author Jeffery To * @author Mike Cochrane * @author Robin Millette - * @author Sarven Capadisli + * @author Sarven Capadisli * @author Tom Adams + * + * @license GNU Affero General Public License http://www.gnu.org/licenses/ */ define('INSTALLDIR', dirname(__FILE__)); -- cgit v1.2.3-54-g00ecf From 852f0c59a448b3c0dc07a928924cce6ce3399e70 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Sat, 3 Oct 2009 17:40:53 +1300 Subject: added doxygen --- index.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'index.php') diff --git a/index.php b/index.php index 51e30f578..a4d1fcf4d 100644 --- a/index.php +++ b/index.php @@ -61,6 +61,9 @@ function getPath($req) } } +/** + * logs and then displays error messages + */ function handleError($error) { if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) { -- cgit v1.2.3-54-g00ecf From 00c0becd56c1185f26524828be4722ffd8f05712 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Sat, 3 Oct 2009 17:48:38 +1300 Subject: more doxygen --- index.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'index.php') diff --git a/index.php b/index.php index a4d1fcf4d..644812bd5 100644 --- a/index.php +++ b/index.php @@ -63,6 +63,8 @@ function getPath($req) /** * logs and then displays error messages + * + * @return void */ function handleError($error) { -- cgit v1.2.3-54-g00ecf From cdbf7b1da522ea42c0cdc62b59e07a8499bf7972 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 30 Oct 2009 13:48:18 -0400 Subject: Allow non-users to view the site's xrds when the site is private. Getting to closer to allow OpenID login on private sites. --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 644812bd5..3acdba375 100644 --- a/index.php +++ b/index.php @@ -143,7 +143,7 @@ function checkMirror($action_obj, $args) function isLoginAction($action) { - static $loginActions = array('login', 'recoverpassword', 'api', 'doc', 'register'); + static $loginActions = array('login', 'recoverpassword', 'api', 'doc', 'register', 'publicxrds'); $login = null; -- cgit v1.2.3-54-g00ecf From fbeae998840fb58ac2fbb8779f14eb2abe74cd08 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 4 Nov 2009 21:33:59 -0800 Subject: Allow all API calls, even if the site is configured as private. The API Actions will decide whether something requires auth or a redirect. --- index.php | 1 + 1 file changed, 1 insertion(+) (limited to 'index.php') diff --git a/index.php b/index.php index 3acdba375..577b491ed 100644 --- a/index.php +++ b/index.php @@ -239,6 +239,7 @@ function main() if (!$user && common_config('site', 'private') && !isLoginAction($action) && !preg_match('/rss$/', $action) + && !preg_match('/^Api/', $action) ) { common_redirect(common_local_url('login')); return; -- cgit v1.2.3-54-g00ecf From 1845c8c77305e6b3bb64e07aeda4614ccbd09cb2 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 5 Nov 2009 16:39:57 -0500 Subject: Added an AutoRegister event LDAP plugin can do autoregistration --- EVENTS.txt | 4 ++++ index.php | 1 + lib/util.php | 45 ++++++++++++++++++++++++++++++++------------- plugins/Ldap/LdapPlugin.php | 37 +++++++++++++++++++++++++++++++++++++ plugins/Ldap/README | 7 +++++++ plugins/Ldap/ldap.php | 34 ++++++++++++++++++---------------- 6 files changed, 99 insertions(+), 29 deletions(-) (limited to 'index.php') diff --git a/EVENTS.txt b/EVENTS.txt index 7be611c71..c52f0e312 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -479,3 +479,7 @@ CheckPassword: Check a username/password - $nickname: The nickname to check - $password: The password to check - &$authenticated: set to true to indicate authentication succeeded. + +AutoRegister: Register a new user with the given nickname. Should insert a new User and Profile into the database. +- $nickname: The nickname to register + diff --git a/index.php b/index.php index 577b491ed..b1e4f651e 100644 --- a/index.php +++ b/index.php @@ -68,6 +68,7 @@ function getPath($req) */ function handleError($error) { +//error_log(print_r($error,1)); if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) { return; } diff --git a/lib/util.php b/lib/util.php index 46aa7f901..a4865c46c 100644 --- a/lib/util.php +++ b/lib/util.php @@ -119,22 +119,41 @@ function common_munge_password($password, $id) // check if a username exists and has matching password function common_check_user($nickname, $password) { - // NEVER allow blank passwords, even if they match the DB - if (mb_strlen($password) == 0) { - return false; - } + $authenticated = false; + $eventResult = Event::handle('CheckPassword', array($nickname, $password, &$authenticated)); $user = User::staticGet('nickname', $nickname); if (is_null($user) || $user === false) { - return false; + //user does not exist + if($authenticated){ + //a handler said these are valid credentials, so see if a plugin wants to auto register the user + if(Event::handle('AutoRegister', array($nickname))){ + //no handler registered the user + return false; + }else{ + $user = User::staticGet('nickname', $nickname); + if (is_null($user) || $user === false) { + common_log(LOG_WARNING, "A plugin handled the AutoRegister event, but did not actually register the user, nickname: $nickname"); + return false; + }else{ + return $user; + } + } + }else{ + //no handler indicated the credentials were valid, and we know their not valid because the user isn't in the database + return false; + } } else { - $authenticated = false; - Event::handle('CheckPassword', array($nickname, $password, &$authenticated)); - if(! $authenticated){ - //no handler asserted the user, so check ourselves - if (0 == strcmp(common_munge_password($password, $user->id), - $user->password)) { - //internal checking passed - $authenticated = true; + if($eventResult && ! $authenticated){ + //no handler was authoritative + if (mb_strlen($password) == 0) { + // NEVER allow blank passwords, even if they match the DB + return false; + }else{ + if (0 == strcmp(common_munge_password($password, $user->id), + $user->password)) { + //internal checking passed + $authenticated = true; + } } } if($authenticated){ diff --git a/plugins/Ldap/LdapPlugin.php b/plugins/Ldap/LdapPlugin.php index ec2b7977d..8c2d45b85 100644 --- a/plugins/Ldap/LdapPlugin.php +++ b/plugins/Ldap/LdapPlugin.php @@ -46,6 +46,43 @@ class LdapPlugin extends Plugin { if(ldap_check_password($nickname, $password)){ $authenticated = true; + //stop handling of other events, because we have an answer + return false; + } + if(common_config('ldap','authoritative')){ + //a false return stops handler processing + return false; + } + } + + function onAutoRegister($nickname) + { + $user = User::staticGet('nickname', $nickname); + if (! is_null($user) && $user !== false) { + common_log(LOG_WARNING, "An attempt was made to autoregister an existing user with nickname: $nickname"); + return; + } + + $attributes=array(); + $config_attributes = array('nickname','email','fullname','homepage','location'); + foreach($config_attributes as $config_attribute){ + $value = common_config('ldap', $config_attribute.'_attribute'); + if($value!==false){ + array_push($attributes,$value); + } + } + $entry = ldap_get_user($nickname,$attributes); + if($entry){ + $registration_data = array(); + foreach($config_attributes as $config_attribute){ + $value = common_config('ldap', $config_attribute.'_attribute'); + if($value!==false){ + $registration_data[$config_attribute]=$entry->getValue($value,'single'); + } + } + //error_log(print_r($registration_data,1)); + $user = User::register($registration_data); + //prevent other handlers from running, as we have registered the user return false; } } diff --git a/plugins/Ldap/README b/plugins/Ldap/README index 8a5095a5d..617738e0b 100644 --- a/plugins/Ldap/README +++ b/plugins/Ldap/README @@ -11,6 +11,13 @@ $config['ldap']['basedn'] $config['ldap']['host'] $config['ldap']['nickname_attribute'] Set this to the name of the ldap attribute that holds the username. For example, on Microsoft's Active Directory, this should be set to 'sAMAccountName' +$config['ldap']['nickname_email'] Set this to the name of the ldap attribute that holds the user's email address. For example, on Microsoft's Active Directory, this should be set to 'mail' +$config['ldap']['nickname_fullname'] Set this to the name of the ldap attribute that holds the user's full name. For example, on Microsoft's Active Directory, this should be set to 'displayName' +$config['ldap']['nickname_homepage'] Set this to the name of the ldap attribute that holds the the url of the user's home page. +$config['ldap']['nickname_location'] Set this to the name of the ldap attribute that holds the user's location. + +$config['ldap']['authoritative'] Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database) +$config['ldap']['autoregister'] Set to true if users should be automatically created when they attempt to login Finally, add "addPlugin('ldap');" to the bottom of your config.php diff --git a/plugins/Ldap/ldap.php b/plugins/Ldap/ldap.php index fcb84610a..d92a058fb 100644 --- a/plugins/Ldap/ldap.php +++ b/plugins/Ldap/ldap.php @@ -38,19 +38,20 @@ function ldap_get_config(){ function ldap_get_connection($config = null){ if($config == null){ - static $ldap = null; - if($ldap!=null){ - return $ldap; - } $config = ldap_get_config(); } - $ldap = Net_LDAP2::connect($config); - if (PEAR::isError($ldap)) { - common_log(LOG_WARNING, 'Could not connect to LDAP server: '.$ldap->getMessage()); + + //cannot use Net_LDAP2::connect() as StatusNet uses + //PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'handleError'); + //PEAR handling can be overridden on instance objects, so we do that. + $ldap = new Net_LDAP2($config); + $ldap->setErrorHandling(PEAR_ERROR_RETURN); + $err=$ldap->bind(); + if (Net_LDAP2::isError($err)) { + common_log(LOG_WARNING, 'Could not connect to LDAP server: '.$err->getMessage()); return false; - }else{ - return $ldap; } + return $ldap; } function ldap_check_password($username, $password){ @@ -58,12 +59,12 @@ function ldap_check_password($username, $password){ if(!$ldap){ return false; } - $dn = ldap_get_user_dn($username); - if(!$dn){ + $entry = ldap_get_user($username); + if(!$entry){ return false; }else{ $config = ldap_get_config(); - $config['binddn']=$dn; + $config['binddn']=$entry->dn(); $config['bindpw']=$password; if(ldap_get_connection($config)){ return true; @@ -74,17 +75,18 @@ function ldap_check_password($username, $password){ } /** - * get an LDAP user's DN given the user's username + * get an LDAP entry for a user with a given username * * @param string $username + * $param array $attributes LDAP attributes to retrieve * @return string DN */ -function ldap_get_user_dn($username){ +function ldap_get_user($username,$attributes=array()){ $ldap = ldap_get_connection(); $filter = Net_LDAP2_Filter::create(common_config('ldap','nickname_attribute'), 'equals', $username); $options = array( 'scope' => 'sub', - 'attributes' => array() + 'attributes' => $attributes ); $search = $ldap->search(null,$filter,$options); @@ -97,7 +99,7 @@ function ldap_get_user_dn($username){ return false; }else if($search->count()==1){ $entry = $search->shiftEntry(); - return $entry->dn(); + return $entry; }else{ common_log(LOG_WARNING, 'Found ' . $search->count() . ' ldap user with the username: ' . $username); return false; -- cgit v1.2.3-54-g00ecf From ed690615de8f6433a1a4d9a8fc7c28385af47d8a Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 12 Nov 2009 20:12:00 -0500 Subject: Added a User_username table that links the external username with a StatusNet user_id Added EmailAuthenticationPlugin Added ReverseUsernameAuthenticationPlugin Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static --- EVENTS.txt | 4 +- actions/passwordsettings.php | 4 +- classes/User.php | 16 +- classes/statusnet.ini | 10 ++ index.php | 1 - lib/util.php | 1 + plugins/Authentication/AuthenticationPlugin.php | 177 ++++++++++++++------- plugins/Authentication/User_username.php | 25 +++ .../EmailAuthenticationPlugin.php | 54 +++++++ plugins/EmailAuthentication/README | 7 + .../LdapAuthenticationPlugin.php | 56 +++---- plugins/LdapAuthentication/README | 5 +- plugins/ReverseUsernameAuthentication/README | 26 +++ .../ReverseUsernameAuthenticationPlugin.php | 58 +++++++ 14 files changed, 349 insertions(+), 95 deletions(-) create mode 100644 plugins/Authentication/User_username.php create mode 100644 plugins/EmailAuthentication/EmailAuthenticationPlugin.php create mode 100644 plugins/EmailAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php (limited to 'index.php') diff --git a/EVENTS.txt b/EVENTS.txt index 3acff277b..c788a9215 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -528,12 +528,12 @@ EndCheckPassword: After checking a username/password pair - $authenticatedUser: User object if credentials match a user, else null. StartChangePassword: Before changing a password -- $nickname: user's nickname +- $user: user - $oldpassword: the user's old password - $newpassword: the desired new password EndChangePassword: After changing a password -- $nickname: user's nickname +- $user: user UserDeleteRelated: Specify additional tables to delete entries from when deleting users - $user: User object diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php index 9e79501e2..11d7bf785 100644 --- a/actions/passwordsettings.php +++ b/actions/passwordsettings.php @@ -170,7 +170,7 @@ class PasswordsettingsAction extends AccountSettingsAction } $success = false; - if(! Event::handle('StartChangePassword', array($user->nickname, $oldpassword, $newpassword))){ + if(! Event::handle('StartChangePassword', array($user, $oldpassword, $newpassword))){ //no handler changed the password, so change the password internally $original = clone($user); @@ -186,7 +186,7 @@ class PasswordsettingsAction extends AccountSettingsAction $this->serverError(_('Can\'t save new password.')); return; } - Event::handle('EndChangePassword', array($nickname)); + Event::handle('EndChangePassword', array($user)); } $this->showForm(_('Password saved.'), true); diff --git a/classes/User.php b/classes/User.php index 9b90ce61b..9f1ee53f4 100644 --- a/classes/User.php +++ b/classes/User.php @@ -114,7 +114,7 @@ class User extends Memcached_DataObject return $result; } - function allowed_nickname($nickname) + static function allowed_nickname($nickname) { // XXX: should already be validated for size, content, etc. $blacklist = common_config('nickname', 'blacklist'); @@ -190,7 +190,17 @@ class User extends Memcached_DataObject $profile->query('BEGIN'); + if(!empty($email)) + { + $email = common_canonical_email($email); + } + + $nickname = common_canonical_nickname($nickname); $profile->nickname = $nickname; + if(! User::allowed_nickname($nickname)){ + common_log(LOG_WARNING, sprintf("Attempted to register a nickname that is not allowed: %s", $profile->nickname), + __FILE__); + } $profile->profileurl = common_profile_url($nickname); if (!empty($fullname)) { @@ -242,6 +252,10 @@ class User extends Memcached_DataObject } } + if(isset($email_confirmed) && $email_confirmed) { + $user->email = $email; + } + // This flag is ignored but still set to 1 $user->inboxed = 1; diff --git a/classes/statusnet.ini b/classes/statusnet.ini index 912d05cdf..19ab7bf97 100644 --- a/classes/statusnet.ini +++ b/classes/statusnet.ini @@ -566,3 +566,13 @@ modified = 384 user_id = K token = K +[user_username] +user_id = 129 +provider_name = 130 +username = 130 +created = 142 +modified = 384 + +[user_username__keys] +provider_name = K +username = K diff --git a/index.php b/index.php index b1e4f651e..577b491ed 100644 --- a/index.php +++ b/index.php @@ -68,7 +68,6 @@ function getPath($req) */ function handleError($error) { -//error_log(print_r($error,1)); if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) { return; } diff --git a/lib/util.php b/lib/util.php index 68f3520db..4b2a25ead 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1058,6 +1058,7 @@ function common_log($priority, $msg, $filename=null) } } else { common_ensure_syslog(); + error_log($msg); syslog($priority, $msg); } } diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index e3e55fea6..99b61b808 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -48,20 +48,20 @@ abstract class AuthenticationPlugin extends Plugin //should accounts be automatically created after a successful login attempt? public $autoregistration = false; - //can the user change their email address - public $email_changeable=true; - //can the user change their email address public $password_changeable=true; + //unique name for this authentication provider + public $provider_name; + //------------Auth plugin should implement some (or all) of these methods------------\\ /** * Check if a nickname/password combination is valid - * @param nickname + * @param username * @param password * @return boolean true if the credentials are valid, false if they are invalid. */ - function checkPassword($nickname, $password) + function checkPassword($username, $password) { return false; } @@ -69,88 +69,116 @@ abstract class AuthenticationPlugin extends Plugin /** * Automatically register a user when they attempt to login with valid credentials. * User::register($data) is a very useful method for this implementation - * @param nickname - * @return boolean true if the user was created, false if autoregistration is not allowed, null if this plugin is not responsible for this nickname + * @param username + * @return boolean true if the user was created, false if not */ - function autoRegister($nickname) + function autoRegister($username) { - return null; + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); } /** * Change a user's password * The old password has been verified to be valid by this plugin before this call is made - * @param nickname + * @param username * @param oldpassword * @param newpassword - * @return boolean true if the password was changed, false if password changing failed for some reason, null if this plugin is not responsible for this nickname + * @return boolean true if the password was changed, false if password changing failed for some reason */ - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { - return null; - } - - /** - * Can a user change this field in his own profile? - * @param nickname - * @param field - * @return boolean true if the field can be changed, false if not allowed to change it, null if this plugin is not responsible for this nickname - */ - function canUserChangeField($nickname, $field) - { - return null; + return false; } //------------Below are the methods that connect StatusNet to the implementing Auth plugin------------\\ - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + if(!isset($this->provider_name)){ + throw new Exception("must specify a provider_name for this authentication provider"); + } } - + function onStartCheckPassword($nickname, $password, &$authenticatedUser){ - if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $password); + //map the nickname to a username + $user_username = new User_username(); + $user_username->username=$nickname; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $username = $user_username->username; + $authenticated = $this->checkPassword($username, $password); if($authenticated){ - $authenticatedUser = User::staticGet('nickname', $nickname); - if(!$authenticatedUser && $this->autoregistration){ - if($this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('id', $user_username->user_id); + return false; + } + }else{ + $user = User::staticGet('nickname', $nickname); + if($user){ + //make sure a different provider isn't handling this nickname + $user_username = new User_username(); + $user_username->username=$nickname; + if(!$user_username->find()){ + //no other provider claims this username, so it's safe for us to handle it + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated){ $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; } } - return false; }else{ - if($this->authoritative){ - return false; + if($this->autoregistration){ + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated && $this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; + } } } - //we're not authoritative, so let other handlers try + } + if($this->authoritative){ + return false; }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing is not allowed')); - } + //we're not authoritative, so let other handlers try + return; } } - function onStartChangePassword($nickname,$oldpassword,$newpassword) + function onStartChangePassword($user,$oldpassword,$newpassword) { if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $oldpassword); - if($authenticated){ - $result = $this->changePassword($nickname,$oldpassword,$newpassword); - if($result){ - //stop handling of other handlers, because what was requested was done - return false; - }else{ - throw new Exception(_('Password changing failed')); - } - }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing failed')); + $user_username = new User_username(); + $user_username->user_id=$user->id; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $authenticated = $this->checkPassword($user_username->username, $oldpassword); + if($authenticated){ + $result = $this->changePassword($user_username->username,$oldpassword,$newpassword); + if($result){ + //stop handling of other handlers, because what was requested was done + return false; + }else{ + throw new Exception(_('Password changing failed')); + } }else{ - //let another handler try - return null; + if($this->authoritative){ + //since we're authoritative, no other plugin could do this + throw new Exception(_('Password changing failed')); + }else{ + //let another handler try + return null; + } } } }else{ @@ -164,9 +192,42 @@ abstract class AuthenticationPlugin extends Plugin function onStartAccountSettingsPasswordMenuItem($widget) { if($this->authoritative && !$this->password_changeable){ - //since we're authoritative, no other plugin could change passwords, so do render the menu item + //since we're authoritative, no other plugin could change passwords, so do not render the menu item + return false; + } + } + + function onAutoload($cls) + { + switch ($cls) + { + case 'User_username': + require_once(INSTALLDIR.'/plugins/Authentication/User_username.php'); return false; + default: + return true; } } + + function onCheckSchema() { + $schema = Schema::get(); + $schema->ensureTable('user_username', + array(new ColumnDef('provider_name', 'varchar', + '255', false, 'PRI'), + new ColumnDef('username', 'varchar', + '255', false, 'PRI'), + new ColumnDef('user_id', 'integer', + null, false), + new ColumnDef('created', 'datetime', + null, false), + new ColumnDef('modified', 'timestamp'))); + return true; + } + + function onUserDeleteRelated($user, &$tables) + { + $tables[] = 'User_username'; + return true; + } } diff --git a/plugins/Authentication/User_username.php b/plugins/Authentication/User_username.php new file mode 100644 index 000000000..79adeb189 --- /dev/null +++ b/plugins/Authentication/User_username.php @@ -0,0 +1,25 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +class EmailAuthenticationPlugin extends Plugin +{ + //---interface implementation---// + + function onStartCheckPassword($nickname, $password, &$authenticatedUser) + { + if(strpos($nickname, '@')) + { + $user = User::staticGet('email',$nickname); + if($user && isset($user->email)) + { + if(common_check_user($user->nickname,$password)) + { + $authenticatedUser = $user; + return false; + } + } + } + } +} + diff --git a/plugins/EmailAuthentication/README b/plugins/EmailAuthentication/README new file mode 100644 index 000000000..320815689 --- /dev/null +++ b/plugins/EmailAuthentication/README @@ -0,0 +1,7 @@ +The Email Authentication plugin allows users to login using their email address. + +The provided email address is used to lookup the user's nickname, then that nickname and the provided password is checked. + +Installation +============ +add "addPlugin('emailAuthentication');" to the bottom of your config.php diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index ded5cf299..865154730 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -48,20 +48,31 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin public $scope=null; public $attributes=array(); - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->host)){ + throw new Exception("must specify a host"); + } + if(!isset($this->basedn)){ + throw new Exception("must specify a basedn"); + } + if(!isset($this->attributes['nickname'])){ + throw new Exception("must specify a nickname attribute"); + } + if(!isset($this->attributes['username'])){ + throw new Exception("must specify a username attribute"); + } } //---interface implementation---// - function checkPassword($nickname, $password) + function checkPassword($username, $password) { $ldap = $this->ldap_get_connection(); if(!$ldap){ return false; } - $entry = $this->ldap_get_user($nickname); + $entry = $this->ldap_get_user($username); if(!$entry){ return false; }else{ @@ -76,48 +87,33 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin } } - function autoRegister($nickname) + function autoRegister($username) { - $entry = $this->ldap_get_user($nickname,$this->attributes); + $entry = $this->ldap_get_user($username,$this->attributes); if($entry){ $registration_data = array(); foreach($this->attributes as $sn_attribute=>$ldap_attribute){ - if($sn_attribute=='email'){ - $registration_data[$sn_attribute]=common_canonical_email($entry->getValue($ldap_attribute,'single')); - }else if($sn_attribute=='nickname'){ - $registration_data[$sn_attribute]=common_canonical_nickname($entry->getValue($ldap_attribute,'single')); - }else{ - $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); - } + $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); + } + if(isset($registration_data['email']) && !empty($registration_data['email'])){ + $registration_data['email_confirmed']=true; } //set the database saved password to a random string. $registration_data['password']=common_good_rand(16); - $user = User::register($registration_data); - return true; + return User::register($registration_data); }else{ //user isn't in ldap, so we cannot register him - return null; + return false; } } - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { //TODO implement this throw new Exception(_('Sorry, changing LDAP passwords is not supported at this time')); return false; } - - function canUserChangeField($nickname, $field) - { - switch($field) - { - case 'password': - case 'nickname': - case 'email': - return false; - } - } //---utility functions---// function ldap_get_config(){ @@ -159,7 +155,7 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin */ function ldap_get_user($username,$attributes=array()){ $ldap = $this->ldap_get_connection(); - $filter = Net_LDAP2_Filter::create($this->attributes['nickname'], 'equals', $username); + $filter = Net_LDAP2_Filter::create($this->attributes['username'], 'equals', $username); $options = array( 'scope' => 'sub', 'attributes' => $attributes diff --git a/plugins/LdapAuthentication/README b/plugins/LdapAuthentication/README index 03647e7c7..b10a1eb93 100644 --- a/plugins/LdapAuthentication/README +++ b/plugins/LdapAuthentication/README @@ -6,7 +6,8 @@ add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'valu Settings ======== -authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database). +provider_name*: a unique name for this authentication provider. +authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check any other plugins or the internal password database). autoregistration (false): Set to true if users should be automatically created when they attempt to login. email_changeable (true): Are users allowed to change their email address? (true or false) password_changeable (true): Are users allowed to change their passwords? (true or false) @@ -23,6 +24,7 @@ filter: Default search filter. See http://pear.php.net/manual/en/package.network scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name + username* nickname* email fullname @@ -37,6 +39,7 @@ Example Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory. addPlugin('ldapAuthentication', array( + 'provider_name'=>'Example', 'authoritative'=>true, 'autoregistration'=>true, 'binddn'=>'username', diff --git a/plugins/ReverseUsernameAuthentication/README b/plugins/ReverseUsernameAuthentication/README new file mode 100644 index 000000000..e9160ed9b --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/README @@ -0,0 +1,26 @@ +The Reverse Username Authentication plugin allows for StatusNet to handle authentication by checking if the provided password is the same as the reverse of the username. + +THIS PLUGIN IS FOR TESTING PURPOSES ONLY + +Installation +============ +add "addPlugin('reverseUsernameAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php + +Settings +======== +provider_name*: a unique name for this authentication provider. +password_changeable*: must be set to false. This plugin does not support changing passwords. +authoritative (false): Set to true if this plugin's responses are authoritative (meaning if this fails, do check any other plugins or the internal password database). +autoregistration (false): Set to true if users should be automatically created when they attempt to login. + +* required +default values are in (parenthesis) + +Example +======= +addPlugin('reverseUsernameAuthentication', array( + 'provider_name'=>'Example', + 'password_changeable'=>false, + 'authoritative'=>true, + 'autoregistration'=>true +)); diff --git a/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php new file mode 100644 index 000000000..d48283b2e --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php @@ -0,0 +1,58 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/plugins/Authentication/AuthenticationPlugin.php'; + +class ReverseUsernameAuthenticationPlugin extends AuthenticationPlugin +{ + //---interface implementation---// + + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->password_changeable) && $this->password_changeable){ + throw new Exception("password_changeable cannot be set to true. This plugin does not support changing passwords."); + } + } + + function checkPassword($username, $password) + { + return $username == strrev($password); + } + + function autoRegister($username) + { + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); + } +} -- cgit v1.2.3-54-g00ecf From 3d6a55a49f298b83d4f0cdfe2f14ea201f45a565 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 17 Nov 2009 09:07:44 -0800 Subject: Fix ticket 1816: Database errors recorded as "Array" PEAR error backtrace lines are now correctly formatted as strings in debug log, roughly as debug_print_backtrace() does (but with argument values swapped out for types to avoid being overly verbose). Todo: exceptions and PEAR error objects should log backtraces the same way; right now it doesn't look like exceptions get backtraces logged. Todo: At one line per line, it's potentially tough to figure out what backtrace goes with what event if traffic is heavy; even if not heavy it's awkward to jump back into a log file after grepping to find the backtrace. Consider using a random per-event ID which can go in the log output -- bonus points for exposing the error ID to users so ops can track down actual error details in logs from a user report. --- index.php | 41 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 577b491ed..997ee6197 100644 --- a/index.php +++ b/index.php @@ -76,11 +76,16 @@ function handleError($error) if (common_config('site', 'logdebug')) { $logmsg .= " : ". $error->getDebugInfo(); } + // DB queries often end up with a lot of newlines; merge to a single line + // for easier grepability... + $logmsg = str_replace("\n", " ", $logmsg); common_log(LOG_ERR, $logmsg); + + // @fixme backtrace output should be consistent with exception handling if (common_config('site', 'logdebug')) { $bt = $error->getBacktrace(); - foreach ($bt as $line) { - common_log(LOG_ERR, $line); + foreach ($bt as $n => $line) { + common_log(LOG_ERR, formatBacktraceLine($n, $line)); } } if ($error instanceof DB_DataObject_Error @@ -109,6 +114,38 @@ function handleError($error) exit(-1); } +/** + * Format a backtrace line for debug output roughly like debug_print_backtrace() does. + * Exceptions already have this built in, but PEAR error objects just give us the array. + * + * @param int $n line number + * @param array $line per-frame array item from debug_backtrace() + * @return string + */ +function formatBacktraceLine($n, $line) +{ + $out = "#$n "; + if (isset($line['class'])) $out .= $line['class']; + if (isset($line['type'])) $out .= $line['type']; + if (isset($line['function'])) $out .= $line['function']; + $out .= '('; + if (isset($line['args'])) { + $args = array(); + foreach ($line['args'] as $arg) { + // debug_print_backtrace seems to use var_export + // but this gets *very* verbose! + $args[] = gettype($arg); + } + $out .= implode(',', $args); + } + $out .= ')'; + $out .= ' called at ['; + if (isset($line['file'])) $out .= $line['file']; + if (isset($line['line'])) $out .= ':' . $line['line']; + $out .= ']'; + return $out; +} + function checkMirror($action_obj, $args) { global $config; -- cgit v1.2.3-54-g00ecf