diff options
author | Andreas Gohr <andi@splitbrain.org> | 2010-06-26 11:20:25 +0200 |
---|---|---|
committer | Andreas Gohr <andi@splitbrain.org> | 2010-06-26 11:20:25 +0200 |
commit | 80601d26897c5dced80645aaf904085aa08b7bb9 (patch) | |
tree | abf9b4df033a5032c5afbcc8c3c676a94260f6d4 /inc/auth.php | |
parent | 69266de50f71b3d43011378cf0b0e8b8185c3609 (diff) | |
download | rpg-80601d26897c5dced80645aaf904085aa08b7bb9.tar.gz rpg-80601d26897c5dced80645aaf904085aa08b7bb9.tar.bz2 |
fixed wildcard handling in ACL manager FS#1955
This patch also removes legacy support for @USER@. Only %USER% is valid
now.
Diffstat (limited to 'inc/auth.php')
-rw-r--r-- | inc/auth.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/inc/auth.php b/inc/auth.php index 70514316c..6a4108a7c 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -107,7 +107,6 @@ function auth_setup(){ //support user wildcard if(isset($_SERVER['REMOTE_USER'])){ $AUTH_ACL = str_replace('%USER%',$_SERVER['REMOTE_USER'],$AUTH_ACL); - $AUTH_ACL = str_replace('@USER@',$_SERVER['REMOTE_USER'],$AUTH_ACL); //legacy } } } @@ -569,6 +568,9 @@ function auth_nameencode($name,$skip_group=false){ $cache =& $cache_authname; $name = (string) $name; + // never encode wildcard FS#1955 + if($name == '%USER%') return $name; + if (!isset($cache[$name][$skip_group])) { if($skip_group && $name{0} =='@'){ $cache[$name][$skip_group] = '@'.preg_replace('/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/e', |