diff options
| -rw-r--r-- | inc/auth.php | 15 | ||||
| -rw-r--r-- | inc/auth/ad.class.php | 14 | ||||
| -rw-r--r-- | inc/auth/plain.class.php | 10 | ||||
| -rw-r--r-- | lib/plugins/acl/admin.php | 5 |
4 files changed, 23 insertions, 21 deletions
diff --git a/inc/auth.php b/inc/auth.php index 6157ac892..5995459fe 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -335,6 +335,7 @@ function auth_logoff($keepbc=false){ function auth_ismanager($user=null,$groups=null,$adminonly=false){ global $conf; global $USERINFO; + global $auth; if(!$conf['useacl']) return false; if(is_null($user)) { @@ -344,7 +345,9 @@ function auth_ismanager($user=null,$groups=null,$adminonly=false){ $user = $_SERVER['REMOTE_USER']; } } + $user = $auth->cleanUser($user); if(is_null($groups)) $groups = (array) $USERINFO['grps']; + $groups = array_map(array($auth,'cleanGroup'),$groups); $user = auth_nameencode($user); // check username against superuser and manager @@ -433,6 +436,7 @@ function auth_quickaclcheck($id){ function auth_aclcheck($id,$user,$groups){ global $conf; global $AUTH_ACL; + global $auth; // if no ACL is used always return upload rights if(!$conf['useacl']) return AUTH_UPLOAD; @@ -443,6 +447,9 @@ function auth_aclcheck($id,$user,$groups){ //if user is superuser or in superusergroup return 255 (acl_admin) if(auth_isadmin($user,$groups)) { return AUTH_ADMIN; } + + $user = $auth->cleanUser($user); + $groups = array_map(array($auth,'cleanGroup'),(array)$groups); $user = auth_nameencode($user); //prepend groups with @ and nameencode @@ -593,6 +600,7 @@ function auth_sendPassword($user,$password){ global $auth; $hdrs = ''; + $user = $auth->cleanUser($user); $userinfo = $auth->getUserData($user); if(!$userinfo['mail']) return false; @@ -628,8 +636,8 @@ function register(){ if(!$auth->canDo('addUser')) return false; //clean username - $_POST['login'] = preg_replace('/.*:/','',$_POST['login']); - $_POST['login'] = cleanID($_POST['login']); + $_POST['login'] = trim($auth->cleanUser($_POST['login'])); + //clean fullname and email $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['fullname'])); $_POST['email'] = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['email'])); @@ -823,8 +831,7 @@ function act_resendpwd(){ msg($lang['resendpwdmissing'], -1); return false; } else { - $_POST['login'] = preg_replace('/.*:/','',$_POST['login']); - $user = cleanID($_POST['login']); + $user = trim($auth->cleanUser($_POST['login'])); } $userinfo = $auth->getUserData($user); diff --git a/inc/auth/ad.class.php b/inc/auth/ad.class.php index 4365e75dc..8eb8b06d8 100644 --- a/inc/auth/ad.class.php +++ b/inc/auth/ad.class.php @@ -138,15 +138,13 @@ class auth_ad extends auth_basic { $info['mail'] = $result[0]['mail'][0]; $info['uid'] = $result[0]['samaccountname'][0]; $info['dn'] = $result[0]['dn']; - if(!$info['mail']) $info['mail'] = cleanID($user).'@projektron.de'; - // handle ActiveDirectory memberOf $info['grps'] = $this->adldap->user_groups($user); if (is_array($info['grps'])) { foreach ($info['grps'] as $ndx => $group) { - $info['grps'][$ndx] = $this->_sanitizeGroupName($group); + $info['grps'][$ndx] = $this->cleanGroup($group); } } @@ -163,15 +161,21 @@ class auth_ad extends auth_basic { * * Removes backslashes ('\'), pound signs ('#'), and converts spaces to underscores. * - * @author James Van Lommel (jamesvl@gmail.com) + * @author James Van Lommel (jamesvl@gmail.com) */ - function _sanitizeGroupName($name) { + function cleanGroup($name) { $sName = str_replace('\\', '', $name); $sName = str_replace('#', '', $sName); $sName = preg_replace('[\s]', '_', $sName); return $sName; } + /** + * Sanitize user names + */ + function cleanUser($name) { + return $this->cleanGroup($name); + } /** * Initialize the AdLDAP library and connect to the server diff --git a/inc/auth/plain.class.php b/inc/auth/plain.class.php index 0ff18d58a..3983a7d44 100644 --- a/inc/auth/plain.class.php +++ b/inc/auth/plain.class.php @@ -12,16 +12,6 @@ require_once(DOKU_AUTH.'/basic.class.php'); define('AUTH_USERFILE',DOKU_CONF.'users.auth.php'); -// we only accept page ids for auth_plain -if(isset($_REQUEST['u'])) - $_REQUEST['u'] = cleanID($_REQUEST['u']); -if(isset($_REQUEST['acl_user'])) - $_REQUEST['acl_user'] = cleanID($_REQUEST['acl_user']); -// the same goes for password reset requests -if(isset($_POST['login'])){ - $_POST['login'] = cleanID($_POST['login']); -} - class auth_plain extends auth_basic { var $users = null; diff --git a/lib/plugins/acl/admin.php b/lib/plugins/acl/admin.php index 977bfc883..59671a0cb 100644 --- a/lib/plugins/acl/admin.php +++ b/lib/plugins/acl/admin.php @@ -62,6 +62,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { function handle() { global $AUTH_ACL; global $ID; + global $auth; // fresh 1:1 copy without replacements $AUTH_ACL = file(DOKU_CONF.'acl.auth.php'); @@ -76,9 +77,9 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { // user or group choosen? $who = trim($_REQUEST['acl_w']); if($_REQUEST['acl_t'] == '__g__' && $who){ - $this->who = '@'.ltrim($who,'@'); + $this->who = '@'.ltrim($auth->cleanGroup($who),'@'); }elseif($_REQUEST['acl_t'] == '__u__' && $who){ - $this->who = ltrim($who,'@'); + $this->who = ltrim($auth->cleanUser($who),'@'); }elseif($_REQUEST['acl_t'] && $_REQUEST['acl_t'] != '__u__' && $_REQUEST['acl_t'] != '__g__'){ |