From 088081675fb7d5250a9b9dfe5015de0822cb5ac2 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 9 Nov 2009 20:01:46 +0100 Subject: Revert "Remove more contractions" This reverts commit 5ab709b73977131813884558bf56d97172a7aa26. Missed this one yesterday... --- lib/util.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'lib/util.php') diff --git a/lib/util.php b/lib/util.php index b4f5af1af..a4865c46c 100644 --- a/lib/util.php +++ b/lib/util.php @@ -62,7 +62,7 @@ function common_init_language() $locale_set = common_init_locale($language); setlocale(LC_CTYPE, 'C'); - // So we do not have to make people install the gettext locales + // So we don't have to make people install the gettext locales $path = common_config('site','locale_path'); bindtextdomain("statusnet", $path); bind_textdomain_codeset("statusnet", "UTF-8"); @@ -139,7 +139,7 @@ function common_check_user($nickname, $password) } } }else{ - //no handler indicated the credentials were valid, and we know their not valid because the user is not in the database + //no handler indicated the credentials were valid, and we know their not valid because the user isn't in the database return false; } } else { @@ -396,7 +396,7 @@ function common_current_user() } // Logins that are 'remembered' aren't 'real' -- they're subject to -// cookie-stealing. So, we do not let them do certain things. New reg, +// cookie-stealing. So, we don't let them do certain things. New reg, // OpenID, and password logins _are_ real. function common_real_login($real=true) @@ -1147,7 +1147,7 @@ function common_accept_to_prefs($accept, $def = '*/*') $parts = explode(',', $accept); foreach($parts as $part) { - // FIXME: does not deal with params like 'text/html; level=1' + // FIXME: doesn't deal with params like 'text/html; level=1' @list($value, $qpart) = explode(';', trim($part)); $match = array(); if(!isset($qpart)) { @@ -1346,7 +1346,7 @@ function common_error_handler($errno, $errstr, $errfile, $errline, $errcontext) } // FIXME: show error page if we're on the Web - /* Do not execute PHP internal error handler */ + /* Don't execute PHP internal error handler */ return true; } @@ -1448,7 +1448,7 @@ function common_shorten_url($long_url) } global $_shorteners; if (!isset($_shorteners[$svc])) { - //the user selected service does not exist, so default to ur1.ca + //the user selected service doesn't exist, so default to ur1.ca $svc = 'ur1.ca'; } if (!isset($_shorteners[$svc])) { -- cgit v1.2.3-54-g00ecf From 8d5c2b3129a1d7cefd78e311d5cbbe9ab426bb72 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 10 Nov 2009 14:06:30 -0500 Subject: fixup output of object attributes in db error code --- lib/util.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'lib/util.php') diff --git a/lib/util.php b/lib/util.php index b4f5af1af..0ed0688eb 100644 --- a/lib/util.php +++ b/lib/util.php @@ -57,11 +57,11 @@ function common_init_language() // we can set in another locale that may not be set up // (say, ga_ES for Galego/Galician) it seems to take it. common_init_locale("en_US"); - + $language = common_language(); $locale_set = common_init_locale($language); setlocale(LC_CTYPE, 'C'); - + // So we do not have to make people install the gettext locales $path = common_config('site','locale_path'); bindtextdomain("statusnet", $path); @@ -1112,7 +1112,11 @@ function common_log_objstring(&$object) $arr = $object->toArray(); $fields = array(); foreach ($arr as $k => $v) { - $fields[] = "$k='$v'"; + if (is_object($v)) { + $fields[] = "$k='".get_class($v)."'"; + } else { + $fields[] = "$k='$v'"; + } } $objstring = $object->tableName() . '[' . implode(',', $fields) . ']'; return $objstring; -- cgit v1.2.3-54-g00ecf From 923fa068a684a7e3b712714cda0cb75ffa58bd78 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 10 Nov 2009 14:45:19 -0500 Subject: change credential check to work more like other events --- EVENTS.txt | 10 ++++++---- lib/util.php | 47 +++++++++++------------------------------------ 2 files changed, 17 insertions(+), 40 deletions(-) (limited to 'lib/util.php') diff --git a/EVENTS.txt b/EVENTS.txt index af686b9cd..ced130f5f 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -481,13 +481,15 @@ EndPublicXRDS: End XRDS output (right before the closing XRDS tag) - $action: the current action - &$xrdsoutputter - XRDSOutputter object to write to -CheckPassword: Check a username/password +StartCheckPassword: Check a username/password - $nickname: The nickname to check - $password: The password to check -- &$authenticated: set to true to indicate authentication succeeded. +- &$authenticatedUser: set to User object if credentials match a user. -AutoRegister: Register a new user with the given nickname. Should insert a new User and Profile into the database. -- $nickname: The nickname to register +EndCheckPassword: After checking a username/password pair +- $nickname: The nickname that was checked +- $password: The password that was checked +- $authenticatedUser: User object if credentials match a user, else null. ChangePassword: Handle a password change request - $nickname: user's nickname diff --git a/lib/util.php b/lib/util.php index 65bc6544d..81160d052 100644 --- a/lib/util.php +++ b/lib/util.php @@ -116,51 +116,26 @@ function common_munge_password($password, $id) } // check if a username exists and has matching password + function common_check_user($nickname, $password) { - $authenticated = false; - $eventResult = Event::handle('CheckPassword', array($nickname, $password, &$authenticated)); - $user = User::staticGet('nickname', $nickname); - if (is_null($user) || $user === false) { - //user does not exist - if($authenticated){ - //a handler said these are valid credentials, so see if a plugin wants to auto register the user - if(Event::handle('AutoRegister', array($nickname))){ - //no handler registered the user - return false; - }else{ - $user = User::staticGet('nickname', $nickname); - if (is_null($user) || $user === false) { - common_log(LOG_WARNING, "A plugin handled the AutoRegister event, but did not actually register the user, nickname: $nickname"); - return false; - }else{ - return $user; - } - } - }else{ - //no handler indicated the credentials were valid, and we know their not valid because the user isn't in the database - return false; - } - } else { - if($eventResult && ! $authenticated){ - //no handler was authoritative - if (mb_strlen($password) == 0) { - // NEVER allow blank passwords, even if they match the DB - return false; - }else{ + $authenticatedUser = false; + + if (Event::handle('StartCheckPassword', array($nickname, $password, &$authenticatedUser))) { + $user = User::staticGet('nickname', $nickname); + if (!empty($user)) { + if (!empty($password)) { // never allow login with blank password if (0 == strcmp(common_munge_password($password, $user->id), $user->password)) { //internal checking passed - $authenticated = true; + $authenticatedUser =& $user; } } } - if($authenticated){ - return $user; - } else { - return false; - } + Event::handle('EndCheckPassword', array($nickname, $password, $authenticatedUser)); } + + return $authenticatedUser; } // is the current user logged in? -- cgit v1.2.3-54-g00ecf