diff options
| -rw-r--r-- | conf/dokuwiki.php | 3 | ||||
| -rw-r--r-- | inc/actions.php | 18 | ||||
| -rw-r--r-- | inc/auth.php | 2 | ||||
| -rw-r--r-- | inc/confutils.php | 22 | ||||
| -rw-r--r-- | inc/html.php | 49 | ||||
| -rw-r--r-- | inc/template.php | 25 |
6 files changed, 65 insertions, 54 deletions
diff --git a/conf/dokuwiki.php b/conf/dokuwiki.php index ad99e5516..dbba11efc 100644 --- a/conf/dokuwiki.php +++ b/conf/dokuwiki.php @@ -53,14 +53,13 @@ $conf['mailguard'] = 'hex'; //obfuscate email addresses against sp /* Authentication Options - read http://www.splitbrain.org/dokuwiki/wiki:acl */ $conf['useacl'] = 0; //Use Access Control Lists to restrict access? -$conf['openregister']= 1; //Should users to be allowed to register? $conf['autopasswd'] = 1; //autogenerate passwords and email them to user -$conf['resendpasswd']= 0; //allow resend password function? $conf['authtype'] = 'plain'; //which authentication backend should be used $conf['passcrypt'] = 'smd5'; //Used crypt method (smd5,md5,sha1,ssha,crypt,mysql,my411) $conf['defaultgroup']= 'user'; //Default groups new Users are added to $conf['superuser'] = '!!not set!!'; //The admin can be user or @group $conf['profileconfirm'] = '1'; //Require current password to confirm changes to user profile +$conf['disableactions'] = 'resendpwd'; //comma separated list of actions to disable /* Advanced Options */ $conf['userewrite'] = 0; //this makes nice URLs: 0: off 1: .htaccess 2: internal diff --git a/inc/actions.php b/inc/actions.php index 194beaad3..51fb0a84a 100644 --- a/inc/actions.php +++ b/inc/actions.php @@ -155,6 +155,12 @@ function act_clean($act){ if($act == 'export_html') $act = 'export_xhtml'; if($act == 'export_htmlbody') $act = 'export_xhtmlbody'; + // check if action is disabled + if(!actionOK($act)){ + msg('Command disabled: '.htmlspecialchars($act),-1); + return 'show'; + } + //disable all acl related commands if ACL is disabled if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin', 'subscribe','unsubscribe','profile', @@ -198,17 +204,9 @@ function act_permcheck($act){ }elseif(in_array($act,array('login','search','recent','profile'))){ $permneed = AUTH_NONE; }elseif($act == 'register'){ - if ($conf['openregister']){ - $permneed = AUTH_NONE; - }else{ - $permneed = AUTH_ADMIN; - } + $permneed = AUTH_NONE; }elseif($act == 'resendpwd'){ - if ($conf['resendpasswd']) { - $permneed = AUTH_NONE; - }else{ - $permneed = AUTH_ADMIN+1; // shouldn't get here if $conf['resendpasswd'] is off - } + $permneed = AUTH_NONE; }elseif($act == 'admin'){ $permneed = AUTH_ADMIN; }else{ diff --git a/inc/auth.php b/inc/auth.php index 72c87552d..345a2ba67 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -581,7 +581,7 @@ function act_resendpwd(){ global $auth; if(!$_POST['save']) return false; - if(!$conf['resendpasswd']) return false; + if(!actionOK('resendpwd')) return false; // should not be able to get here without modPass being possible... if(!$auth->canDo('modPass')) { diff --git a/inc/confutils.php b/inc/confutils.php index b800f5f53..c668e8066 100644 --- a/inc/confutils.php +++ b/inc/confutils.php @@ -163,5 +163,27 @@ function confToHash($file,$lower=false) { return $conf; } +/** + * check if the given action was disabled in config + * + * @author Andreas Gohr <andi@splitbrain.org> + * @returns boolean true if enabled, false if disabled + */ +function actionOK($action){ + static $disabled = null; + if(is_null($disabled)){ + global $conf; + + // prepare disabled actions array and handle legacy options + $disabled = explode(',',$conf['disableactions']); + $disabled = array_map('trim',$disabled); + if(isset($conf['openregister']) && !$conf['openregister']) $disabled[] = 'register'; + if(isset($conf['resendpasswd']) && !$conf['resendpasswd']) $disabled[] = 'resendpwd'; + $disabled = array_unique($disabled); + } + + return !in_array($action,$disabled); +} + //Setup VIM: ex: et ts=2 enc=utf-8 : diff --git a/inc/html.php b/inc/html.php index 9bd926c03..2a02b8c34 100644 --- a/inc/html.php +++ b/inc/html.php @@ -75,14 +75,14 @@ function html_login(){ </fieldset> </form> <?php - if($auth->canDo('addUser') && $conf['openregister']){ + if($auth->canDo('addUser') && actionOK('register')){ print '<p>'; print $lang['reghere']; print ': <a href="'.wl($ID,'do=register').'" class="wikilink1">'.$lang['register'].'</a>'; print '</p>'; } - if ($auth->canDo('modPass') && $conf['resendpasswd']) { + if ($auth->canDo('modPass') && actionOK('resendpwd')) { print '<p>'; print $lang['pwdforget']; print ': <a href="'.wl($ID,'do=resendpwd').'" class="wikilink1">'.$lang['btn_resendpwd'].'</a>'; @@ -100,37 +100,6 @@ function html_login(){ } /** - * shows the edit/source/show/draft button dependent on current mode - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function html_editbutton(){ - global $ID; - global $REV; - global $ACT; - global $INFO; - - if($ACT == 'show' || $ACT == 'search'){ - if($INFO['writable']){ - if($INFO['draft']){ - $r = html_btn('draft',$ID,'e',array('do' => 'draft'),'post'); - }else{ - if($INFO['exists']){ - $r = html_btn('edit',$ID,'e',array('do' => 'edit','rev' => $REV),'post'); - }else{ - $r = html_btn('create',$ID,'e',array('do' => 'edit','rev' => $REV),'post'); - } - } - }else{ - $r = html_btn('source',$ID,'v',array('do' => 'edit','rev' => $REV),'post'); - } - }else{ - $r = html_btn('show',$ID,'v',array('do' => 'show')); - } - return $r; -} - -/** * prints a section editing button * used as a callback in html_secedit * @@ -1046,6 +1015,11 @@ function html_edit($text=null,$include='edit'){ //FIXME: include needed? if ($REV) print p_locale_xhtml('editrev'); print p_locale_xhtml($include); }else{ + // check pseudo action 'source' + if(!actionOK('source')){ + msg('Command disabled: source',-1); + return; + } print p_locale_xhtml('read'); $ro='readonly="readonly"'; } @@ -1057,8 +1031,8 @@ function html_edit($text=null,$include='edit'){ //FIXME: include needed? <div class="toolbar"> <div id="draft__status"><?php if($INFO['draft']) echo $lang['draftdate'].' '.date($conf['dformat']);?></div> - <div id="tool__bar"><a href="<?php echo DOKU_BASE?>lib/exe/mediamanager.php?ns=<?php echo $INFO['namespace']?>" - target="_blank"><?php echo $lang['mediaselect'] ?></a></div> + <div id="tool__bar"><?php if(!$ro){?><a href="<?php echo DOKU_BASE?>lib/exe/mediamanager.php?ns=<?php echo $INFO['namespace']?>" + target="_blank"><?php echo $lang['mediaselect'] ?></a><?php }?></div> <?php if($wr){?> <script type="text/javascript" charset="utf-8"> @@ -1237,11 +1211,6 @@ function html_admin(){ ptln(' <li><div class="li"><a href="'.wl($ID, 'do=admin&page='.$item['plugin']).'">'.$item['prompt'].'</a></div></li>'); } - // add in non-plugin functions - if (!$conf['openregister']){ - ptln('<li><div class="li"><a href="'.wl($ID,'do=register').'">'.$lang['admin_register'].'</a></div></li>'); - } - ptln('</ul>'); } diff --git a/inc/template.php b/inc/template.php index 277c06d8d..f9e69d340 100644 --- a/inc/template.php +++ b/inc/template.php @@ -296,9 +296,29 @@ function tpl_button($type){ global $conf; global $auth; + if(!actionOK($type)) return; + switch($type){ case 'edit': - print html_editbutton(); + #most complicated type - we need to decide on current action + if($ACT == 'show' || $ACT == 'search'){ + if($INFO['writable']){ + if($INFO['draft']){ + echo html_btn('draft',$ID,'e',array('do' => 'draft'),'post'); + }else{ + if($INFO['exists']){ + echo html_btn('edit',$ID,'e',array('do' => 'edit','rev' => $REV),'post'); + }else{ + echo html_btn('create',$ID,'e',array('do' => 'edit','rev' => $REV),'post'); + } + } + }else{ + if(!actionOK('source')) return false; //pseudo action + echo html_btn('source',$ID,'v',array('do' => 'edit','rev' => $REV),'post'); + } + }else{ + echo html_btn('show',$ID,'v',array('do' => 'show')); + } break; case 'history': print html_btn('revs',$ID,'o',array('do' => 'revisions')); @@ -386,6 +406,8 @@ function tpl_actionlink($type,$pre='',$suf=''){ global $lang; global $auth; + if(!actionOK($type)) return; + switch($type){ case 'edit': #most complicated type - we need to decide on current action @@ -401,6 +423,7 @@ function tpl_actionlink($type,$pre='',$suf=''){ 'class="action create" accesskey="e" rel="nofollow"'); } }else{ + if(!actionOK('source')) return false; //pseudo action tpl_link(wl($ID,'do=edit&rev='.$REV), $pre.$lang['btn_source'].$suf, 'class="action source" accesskey="v" rel="nofollow"'); |