diff options
| author | Christopher Smith <chris@jalakai.co.uk> | 2013-04-07 12:18:55 -0700 |
|---|---|---|
| committer | Christopher Smith <chris@jalakai.co.uk> | 2013-04-07 12:18:55 -0700 |
| commit | 33f1e87c050a2dd2dc2b06de5d9050b16bd1f0c0 (patch) | |
| tree | 2501f235a901cf81ccc0f35faa41885601f07517 | |
| parent | 0a820853f3a80ea553e4e7355e1ddb345ab542f5 (diff) | |
| parent | 677274500465d1bf8bde7d755c5a8bf107411e4f (diff) | |
| download | rpg-33f1e87c050a2dd2dc2b06de5d9050b16bd1f0c0.tar.gz rpg-33f1e87c050a2dd2dc2b06de5d9050b16bd1f0c0.tar.bz2 | |
Merge pull request #199 from splitbrain/authcomp
backward compatibility for old authtype settings
| -rw-r--r-- | inc/auth.php | 13 | ||||
| -rw-r--r-- | inc/html.php | 8 | ||||
| -rw-r--r-- | inc/infoutils.php | 46 |
3 files changed, 58 insertions, 9 deletions
diff --git a/inc/auth.php b/inc/auth.php index 68b6b438d..9f180fc94 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -48,10 +48,15 @@ function auth_setup() { // try to load auth backend from plugins foreach ($plugin_controller->getList('auth') as $plugin) { - if ($conf['authtype'] === $plugin) { - $auth = $plugin_controller->load('auth', $plugin); - break; - } + if ($conf['authtype'] === $plugin) { + $auth = $plugin_controller->load('auth', $plugin); + break; + } elseif ('auth' . $conf['authtype'] === $plugin) { + // matches old auth backends (pre-Weatherwax) + $auth = $plugin_controller->load('auth', $plugin); + msg('Your authtype setting is deprecated. You must set $conf[\'authconfig\'] = ' . "auth" . $conf['authtype'] + . ' in your config (see <a href="https://www.dokuwiki.org/auth">Authentication Backends</a>)',-1,'','',MSG_ADMINS_ONLY); + } } if(!isset($auth) || !$auth){ diff --git a/inc/html.php b/inc/html.php index 59415f7da..fb39fcb3c 100644 --- a/inc/html.php +++ b/inc/html.php @@ -1297,9 +1297,11 @@ function html_msgarea(){ foreach($MSG as $msg){ $hash = md5($msg['msg']); if(isset($shown[$hash])) continue; // skip double messages - print '<div class="'.$msg['lvl'].'">'; - print $msg['msg']; - print '</div>'; + if(info_msg_allowed($msg)){ + print '<div class="'.$msg['lvl'].'">'; + print $msg['msg']; + print '</div>'; + } $shown[$hash] = 1; } diff --git a/inc/infoutils.php b/inc/infoutils.php index 92607e4fa..9fe5ee689 100644 --- a/inc/infoutils.php +++ b/inc/infoutils.php @@ -269,7 +269,13 @@ function check(){ * @author Andreas Gohr <andi@splitbrain.org> * @see html_msgarea */ -function msg($message,$lvl=0,$line='',$file=''){ + +define('MSG_PUBLIC', 0); +define('MSG_USERS_ONLY', 1); +define('MSG_MANAGERS_ONLY',2); +define('MSG_ADMINS_ONLY',4); + +function msg($message,$lvl=0,$line='',$file='',$allow=MSG_PUBLIC){ global $MSG, $MSG_shown; $errors[-1] = 'error'; $errors[0] = 'info'; @@ -279,7 +285,7 @@ function msg($message,$lvl=0,$line='',$file=''){ if($line || $file) $message.=' ['.utf8_basename($file).':'.$line.']'; if(!isset($MSG)) $MSG = array(); - $MSG[]=array('lvl' => $errors[$lvl], 'msg' => $message); + $MSG[]=array('lvl' => $errors[$lvl], 'msg' => $message, 'allow' => $allow); if(isset($MSG_shown) || headers_sent()){ if(function_exists('html_msgarea')){ html_msgarea(); @@ -289,6 +295,42 @@ function msg($message,$lvl=0,$line='',$file=''){ unset($GLOBALS['MSG']); } } +/** + * Determine whether the current user is allowed to view the message + * in the $msg data structure + * + * @param $msg array dokuwiki msg structure + * msg => string, the message + * lvl => int, level of the message (see msg() function) + * allow => int, flag used to determine who is allowed to see the message + * see MSG_* constants + */ +function info_msg_allowed($msg){ + global $INFO, $auth; + + // is the message public? - everyone and anyone can see it + if (empty($msg['allow']) || ($msg['allow'] == MSG_PUBLIC)) return true; + + // restricted msg, but no authentication + if (empty($auth)) return false; + + switch ($msg['allow']){ + case MSG_USERS_ONLY: + return !empty($INFO['userinfo']); + + case MSG_MANAGERS_ONLY: + return $INFO['ismanager']; + + case MSG_ADMINS_ONLY: + return $INFO['isadmin']; + + default: + trigger_error('invalid msg allow restriction. msg="'.$msg['msg'].'" allow='.$msg['allow'].'"', E_USER_WARNING); + return $INFO['isadmin']; + } + + return false; +} /** * print debug messages |