summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnika Henke <anika@selfthinker.org>2010-06-27 13:58:29 +0100
committerAnika Henke <anika@selfthinker.org>2010-06-27 13:58:29 +0100
commitbf815306862aa34ee3bf304147a862efc52f9b63 (patch)
treeac4d12b386937105d150b0c76b41f8ed1ff0837c
parentef362bb863eb95d3968a3a1df35562914a1bbdef (diff)
parente6a6dbfe6cfcfaf3fb0992350ea7769faa762116 (diff)
downloadrpg-bf815306862aa34ee3bf304147a862efc52f9b63.tar.gz
rpg-bf815306862aa34ee3bf304147a862efc52f9b63.tar.bz2
Merge branch 'master' of github.com:splitbrain/dokuwiki
Diffstat
-rw-r--r--inc/auth.php5
-rw-r--r--inc/auth/plain.class.php26
-rw-r--r--inc/config_cascade.php57
-rw-r--r--inc/init.php44
-rw-r--r--inc/lang/en/lang.php1
-rw-r--r--inc/parser/parser.php4
-rw-r--r--lib/exe/mediamanager.php6
-rw-r--r--lib/plugins/acl/admin.php11
8 files changed, 93 insertions, 61 deletions
diff --git a/inc/auth.php b/inc/auth.php
index 6a4108a7c..49bb2d4d9 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -35,6 +35,7 @@ function auth_setup(){
global $auth;
global $AUTH_ACL;
global $lang;
+ global $config_cascade;
$AUTH_ACL = array();
if(!$conf['useacl']) return false;
@@ -102,8 +103,8 @@ function auth_setup(){
}
//load ACL into a global array XXX
- if(is_readable(DOKU_CONF.'acl.auth.php')){
- $AUTH_ACL = file(DOKU_CONF.'acl.auth.php');
+ if(is_readable($config_cascade['acl']['default'])){
+ $AUTH_ACL = file($config_cascade['acl']['default']);
//support user wildcard
if(isset($_SERVER['REMOTE_USER'])){
$AUTH_ACL = str_replace('%USER%',$_SERVER['REMOTE_USER'],$AUTH_ACL);
diff --git a/inc/auth/plain.class.php b/inc/auth/plain.class.php
index af4fadb36..ec9e52beb 100644
--- a/inc/auth/plain.class.php
+++ b/inc/auth/plain.class.php
@@ -7,8 +7,6 @@
* @author Chris Smith <chris@jalakai.co.uk>
*/
-define('AUTH_USERFILE',DOKU_CONF.'users.auth.php');
-
class auth_plain extends auth_basic {
var $users = null;
@@ -23,10 +21,12 @@ class auth_plain extends auth_basic {
* @author Christopher Smith <chris@jalakai.co.uk>
*/
function auth_plain() {
- if (!@is_readable(AUTH_USERFILE)){
+ global $config_cascade;
+
+ if (!@is_readable($config_cascade['plainauth.users']['default'])){
$this->success = false;
}else{
- if(@is_writable(AUTH_USERFILE)){
+ if(@is_writable($config_cascade['plainauth.users']['default'])){
$this->cando['addUser'] = true;
$this->cando['delUser'] = true;
$this->cando['modLogin'] = true;
@@ -89,6 +89,7 @@ class auth_plain extends auth_basic {
*/
function createUser($user,$pwd,$name,$mail,$grps=null){
global $conf;
+ global $config_cascade;
// user mustn't already exist
if ($this->getUserData($user) !== false) return false;
@@ -102,12 +103,13 @@ class auth_plain extends auth_basic {
$groups = join(',',$grps);
$userline = join(':',array($user,$pass,$name,$mail,$groups))."\n";
- if (io_saveFile(AUTH_USERFILE,$userline,true)) {
+ if (io_saveFile($config_cascade['plainauth.users']['default'],$userline,true)) {
$this->users[$user] = compact('pass','name','mail','grps');
return $pwd;
}
- msg('The '.AUTH_USERFILE.' file is not writable. Please inform the Wiki-Admin',-1);
+ msg('The '.$config_cascade['plainauth.users']['default'].
+ ' file is not writable. Please inform the Wiki-Admin',-1);
return null;
}
@@ -123,6 +125,7 @@ class auth_plain extends auth_basic {
global $conf;
global $ACT;
global $INFO;
+ global $config_cascade;
// sanity checks, user must already exist and there must be something to change
if (($userinfo = $this->getUserData($user)) === false) return false;
@@ -147,7 +150,7 @@ class auth_plain extends auth_basic {
return false;
}
- if (!io_saveFile(AUTH_USERFILE,$userline,true)) {
+ if (!io_saveFile($config_cascade['plainauth.users']['default'],$userline,true)) {
msg('There was an error modifying your user data. You should register again.',-1);
// FIXME, user has been deleted but not recreated, should force a logout and redirect to login page
$ACT == 'register';
@@ -166,6 +169,7 @@ class auth_plain extends auth_basic {
* @return int the number of users deleted
*/
function deleteUsers($users) {
+ global $config_cascade;
if (!is_array($users) || empty($users)) return 0;
@@ -180,7 +184,7 @@ class auth_plain extends auth_basic {
$pattern = '/^('.join('|',$deleted).'):/';
- if (io_deleteFromFile(AUTH_USERFILE,$pattern,true)) {
+ if (io_deleteFromFile($config_cascade['plainauth.users']['default'],$pattern,true)) {
foreach ($deleted as $user) unset($this->users[$user]);
return count($deleted);
}
@@ -271,11 +275,13 @@ class auth_plain extends auth_basic {
* @author Andreas Gohr <andi@splitbrain.org>
*/
function _loadUserData(){
+ global $config_cascade;
+
$this->users = array();
- if(!@file_exists(AUTH_USERFILE)) return;
+ if(!@file_exists($config_cascade['plainauth.users']['default'])) return;
- $lines = file(AUTH_USERFILE);
+ $lines = file($config_cascade['plainauth.users']['default']);
foreach($lines as $line){
$line = preg_replace('/#.*$/','',$line); //ignore comments
$line = trim($line);
diff --git a/inc/config_cascade.php b/inc/config_cascade.php
new file mode 100644
index 000000000..81c455dc3
--- /dev/null
+++ b/inc/config_cascade.php
@@ -0,0 +1,57 @@
+<?php
+/**
+ * The default config cascade
+ *
+ * This array configures the default locations of various files in the
+ * DokuWiki directory hierarchy. It can be overriden in inc/preload.php
+ */
+$config_cascade = array(
+ 'main' => array(
+ 'default' => array(DOKU_CONF.'dokuwiki.php'),
+ 'local' => array(DOKU_CONF.'local.php'),
+ 'protected' => array(DOKU_CONF.'local.protected.php'),
+ ),
+ 'acronyms' => array(
+ 'default' => array(DOKU_CONF.'acronyms.conf'),
+ 'local' => array(DOKU_CONF.'acronyms.local.conf'),
+ ),
+ 'entities' => array(
+ 'default' => array(DOKU_CONF.'entities.conf'),
+ 'local' => array(DOKU_CONF.'entities.local.conf'),
+ ),
+ 'interwiki' => array(
+ 'default' => array(DOKU_CONF.'interwiki.conf'),
+ 'local' => array(DOKU_CONF.'interwiki.local.conf'),
+ ),
+ 'license' => array(
+ 'default' => array(DOKU_CONF.'license.php'),
+ 'local' => array(DOKU_CONF.'license.local.php'),
+ ),
+ 'mediameta' => array(
+ 'default' => array(DOKU_CONF.'mediameta.php'),
+ 'local' => array(DOKU_CONF.'mediameta.local.php'),
+ ),
+ 'mime' => array(
+ 'default' => array(DOKU_CONF.'mime.conf'),
+ 'local' => array(DOKU_CONF.'mime.local.conf'),
+ ),
+ 'scheme' => array(
+ 'default' => array(DOKU_CONF.'scheme.conf'),
+ 'local' => array(DOKU_CONF.'scheme.local.conf'),
+ ),
+ 'smileys' => array(
+ 'default' => array(DOKU_CONF.'smileys.conf'),
+ 'local' => array(DOKU_CONF.'smileys.local.conf'),
+ ),
+ 'wordblock' => array(
+ 'default' => array(DOKU_CONF.'wordblock.conf'),
+ 'local' => array(DOKU_CONF.'wordblock.local.conf'),
+ ),
+ 'acl' => array(
+ 'default' => DOKU_CONF.'acl.auth.php',
+ ),
+ 'plainauth.users' => array(
+ 'default' => DOKU_CONF.'users.auth.php',
+ ),
+);
+
diff --git a/inc/init.php b/inc/init.php
index 9a3eaf9c9..b53167e3c 100644
--- a/inc/init.php
+++ b/inc/init.php
@@ -54,49 +54,7 @@ global $cache_metadata;
//set the configuration cascade - but only if its not already been set in preload.php
if (empty($config_cascade)) {
- $config_cascade = array(
- 'main' => array(
- 'default' => array(DOKU_CONF.'dokuwiki.php'),
- 'local' => array(DOKU_CONF.'local.php'),
- 'protected' => array(DOKU_CONF.'local.protected.php'),
- ),
- 'acronyms' => array(
- 'default' => array(DOKU_CONF.'acronyms.conf'),
- 'local' => array(DOKU_CONF.'acronyms.local.conf'),
- ),
- 'entities' => array(
- 'default' => array(DOKU_CONF.'entities.conf'),
- 'local' => array(DOKU_CONF.'entities.local.conf'),
- ),
- 'interwiki' => array(
- 'default' => array(DOKU_CONF.'interwiki.conf'),
- 'local' => array(DOKU_CONF.'interwiki.local.conf'),
- ),
- 'license' => array(
- 'default' => array(DOKU_CONF.'license.php'),
- 'local' => array(DOKU_CONF.'license.local.php'),
- ),
- 'mediameta' => array(
- 'default' => array(DOKU_CONF.'mediameta.php'),
- 'local' => array(DOKU_CONF.'mediameta.local.php'),
- ),
- 'mime' => array(
- 'default' => array(DOKU_CONF.'mime.conf'),
- 'local' => array(DOKU_CONF.'mime.local.conf'),
- ),
- 'scheme' => array(
- 'default' => array(DOKU_CONF.'scheme.conf'),
- 'local' => array(DOKU_CONF.'scheme.local.conf'),
- ),
- 'smileys' => array(
- 'default' => array(DOKU_CONF.'smileys.conf'),
- 'local' => array(DOKU_CONF.'smileys.local.conf'),
- ),
- 'wordblock' => array(
- 'default' => array(DOKU_CONF.'wordblock.conf'),
- 'local' => array(DOKU_CONF.'wordblock.local.conf'),
- ),
- );
+ include(DOKU_INC.'inc/config_cascade.php');
}
//prepare config array()
diff --git a/inc/lang/en/lang.php b/inc/lang/en/lang.php
index 1fddfe727..802a90360 100644
--- a/inc/lang/en/lang.php
+++ b/inc/lang/en/lang.php
@@ -119,6 +119,7 @@ $lang['deletefail'] = '"%s" couldn\'t be deleted - check permissions.';
$lang['mediainuse'] = 'The file "%s" hasn\'t been deleted - it is still in use.';
$lang['namespaces'] = 'Namespaces';
$lang['mediafiles'] = 'Available files in';
+$lang['accessdenied'] = 'You are not allowed to view this page.';
$lang['js']['searchmedia'] = 'Search for files';
$lang['js']['keepopen'] = 'Keep window open on selection';
diff --git a/inc/parser/parser.php b/inc/parser/parser.php
index 48facd6b5..435b8aa46 100644
--- a/inc/parser/parser.php
+++ b/inc/parser/parser.php
@@ -413,8 +413,8 @@ class Doku_Parser_Mode_listblock extends Doku_Parser_Mode {
}
function connectTo($mode) {
- $this->Lexer->addEntryPattern('\n {2,}[\-\*]',$mode,'listblock');
- $this->Lexer->addEntryPattern('\n\t{1,}[\-\*]',$mode,'listblock');
+ $this->Lexer->addEntryPattern('[ \t]*\n {2,}[\-\*]',$mode,'listblock');
+ $this->Lexer->addEntryPattern('[ \t]*\n\t{1,}[\-\*]',$mode,'listblock');
$this->Lexer->addPattern('\n {2,}[\-\*]','listblock');
$this->Lexer->addPattern('\n\t{1,}[\-\*]','listblock');
diff --git a/lib/exe/mediamanager.php b/lib/exe/mediamanager.php
index 1fe363985..c79a25c08 100644
--- a/lib/exe/mediamanager.php
+++ b/lib/exe/mediamanager.php
@@ -34,6 +34,12 @@
// check auth
$AUTH = auth_quickaclcheck("$NS:*");
+ // do not display the manager if user does not have read access
+ if($AUTH < AUTH_READ) {
+ header('HTTP/1.0 403 Forbidden');
+ die($lang['accessdenied']);
+ }
+
// create the given namespace (just for beautification)
if($AUTH >= AUTH_UPLOAD) { io_createNamespace("$NS:xxx", 'media'); }
diff --git a/lib/plugins/acl/admin.php b/lib/plugins/acl/admin.php
index 673ffbc96..84932f7ac 100644
--- a/lib/plugins/acl/admin.php
+++ b/lib/plugins/acl/admin.php
@@ -69,6 +69,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
global $AUTH_ACL;
global $ID;
global $auth;
+ global $config_cascade;
// fresh 1:1 copy without replacements
$AUTH_ACL = file(DOKU_CONF.'acl.auth.php');
@@ -161,11 +162,11 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
}
}
// save it
- io_saveFile(DOKU_CONF.'acl.auth.php', join('',$lines));
+ io_saveFile($config_cascade['acl']['default'], join('',$lines));
}
// reload ACL config
- $AUTH_ACL = file(DOKU_CONF.'acl.auth.php');
+ $AUTH_ACL = file($config_cascade['acl']['default']);
}
// initialize ACL array
@@ -696,7 +697,8 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
* @author Frank Schubert <frank@schokilade.de>
*/
function _acl_add($acl_scope, $acl_user, $acl_level){
- $acl_config = file_get_contents(DOKU_CONF.'acl.auth.php');
+ global $config_cascade;
+ $acl_config = file_get_contents($config_cascade['acl']['default']);
$acl_user = auth_nameencode($acl_user,true);
// max level for pagenames is edit
@@ -718,7 +720,8 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
* @author Frank Schubert <frank@schokilade.de>
*/
function _acl_del($acl_scope, $acl_user){
- $acl_config = file(DOKU_CONF.'acl.auth.php');
+ global $config_cascade;
+ $acl_config = file($config_cascade['acl']['default']);
$acl_user = auth_nameencode($acl_user,true);
$acl_pattern = '^'.preg_quote($acl_scope,'/').'\s+'.$acl_user.'\s+[0-8].*$';
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-11 12:04:29 +0000