diff options
Diffstat (limited to 'lib/exe')
| -rw-r--r-- | lib/exe/ajax.php | 114 | ||||
| -rw-r--r-- | lib/exe/css.php | 110 | ||||
| -rw-r--r-- | lib/exe/fetch.php | 10 | ||||
| -rw-r--r-- | lib/exe/js.php | 100 | ||||
| -rw-r--r-- | lib/exe/mediamanager.php | 24 | ||||
| -rw-r--r-- | lib/exe/multipleUpload.swf | bin | 64561 -> 0 bytes | |||
| -rw-r--r-- | lib/exe/xmlrpc.php | 51 |
7 files changed, 229 insertions, 180 deletions
diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index 1056a05f8..f8d62cb57 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -192,12 +192,10 @@ function ajax_medians(){ $data = array(); search($data,$conf['mediadir'],'search_index',array('nofiles' => true),$dir); - foreach($data as $item){ - $item['level'] = $lvl+1; - echo media_nstree_li($item); - echo media_nstree_item($item); - echo '</li>'; + foreach(array_keys($data) as $item){ + $data[$item]['level'] = $lvl+1; } + echo html_buildlist($data, 'idx', 'media_nstree_item', 'media_nstree_li'); } /** @@ -210,7 +208,101 @@ function ajax_medialist(){ global $NS; $NS = $_POST['ns']; - tpl_mediaContent(true); + if ($_POST['do'] == 'media') { + tpl_mediaFileList(); + } else { + tpl_mediaContent(true); + } +} + +/** + * Return the content of the right column + * (image details) for the Mediamanager + * + * @author Kate Arzamastseva <pshns@ukr.net> + */ +function ajax_mediadetails(){ + global $DEL, $NS, $IMG, $AUTH, $JUMPTO, $REV, $lang, $fullscreen, $conf; + $fullscreen = true; + require_once(DOKU_INC.'lib/exe/mediamanager.php'); + + if ($_REQUEST['image']) $image = cleanID($_REQUEST['image']); + if (isset($IMG)) $image = $IMG; + if (isset($JUMPTO)) $image = $JUMPTO; + if (isset($REV) && !$JUMPTO) $rev = $REV; + + html_msgarea(); + tpl_mediaFileDetails($image, $rev); +} + +/** + * Returns image diff representation for mediamanager + * @author Kate Arzamastseva <pshns@ukr.net> + */ +function ajax_mediadiff(){ + global $NS; + + if ($_REQUEST['image']) $image = cleanID($_REQUEST['image']); + $NS = $_POST['ns']; + $auth = auth_quickaclcheck("$ns:*"); + media_diff($image, $NS, $auth, true); +} + +function ajax_mediaupload(){ + global $NS, $MSG; + + if ($_FILES['qqfile']['tmp_name']) { + $id = ((empty($_POST['mediaid'])) ? $_FILES['qqfile']['name'] : $_POST['mediaid']); + } elseif (isset($_GET['qqfile'])) { + $id = $_GET['qqfile']; + } + + $id = cleanID($id, false, true); + + $NS = $_REQUEST['ns']; + $ns = $NS.':'.getNS($id); + + $AUTH = auth_quickaclcheck("$ns:*"); + if($AUTH >= AUTH_UPLOAD) { io_createNamespace("$ns:xxx", 'media'); } + + if ($_FILES['qqfile']['error']) unset($_FILES['qqfile']); + + if ($_FILES['qqfile']['tmp_name']) $res = media_upload($NS, $AUTH, $_FILES['qqfile']); + if (isset($_GET['qqfile'])) $res = media_upload_xhr($NS, $AUTH); + + if ($res) $result = array('success' => true, + 'link' => media_managerURL(array('ns' => $ns, 'image' => $NS.':'.$id), '&'), + 'id' => $NS.':'.$id, 'ns' => $NS); + + if (!$result) { + $error = ''; + if (isset($MSG)) { + foreach($MSG as $msg) $error .= $msg['msg']; + } + $result = array('error' => $msg['msg'], 'ns' => $NS); + } + $json = new JSON; + echo htmlspecialchars($json->encode($result), ENT_NOQUOTES); +} + +function dir_delete($path) { + if (!is_string($path) || $path == "") return false; + + if (is_dir($path) && !is_link($path)) { + if (!$dh = @opendir($path)) return false; + + while ($f = readdir($dh)) { + if ($f == '..' || $f == '.') continue; + dir_delete("$path/$f"); + } + + closedir($dh); + return @rmdir($path); + } else { + return @unlink($path); + } + + return false; } /** @@ -229,14 +321,10 @@ function ajax_index(){ $data = array(); search($data,$conf['datadir'],'search_index',array('ns' => $ns),$dir); - foreach($data as $item){ - $item['level'] = $lvl+1; - echo html_li_index($item); - echo '<div class="li">'; - echo html_list_index($item); - echo '</div>'; - echo '</li>'; + foreach(array_keys($data) as $item){ + $data[$item]['level'] = $lvl+1; } + echo html_buildlist($data, 'idx', 'html_list_index', 'html_li_index'); } /** diff --git a/lib/exe/css.php b/lib/exe/css.php index 03f900034..d54e2e46c 100644 --- a/lib/exe/css.php +++ b/lib/exe/css.php @@ -46,7 +46,7 @@ function css_out(){ } // The generated script depends on some dynamic options - $cache = getCacheName('styles'.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'].DOKU_BASE.$tplinc.$mediatype,'.css'); + $cache = new cache('styles'.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'].DOKU_BASE.$tplinc.$mediatype,'.css'); // load template styles $tplstyles = array(); @@ -62,6 +62,8 @@ function css_out(){ $files = array(); // load core styles $files[DOKU_INC.'lib/styles/'.$mediatype.'.css'] = DOKU_BASE.'lib/styles/'; + // load jQuery-UI theme + $files[DOKU_INC.'lib/scripts/jquery/jquery-ui-theme/smoothness.css'] = DOKU_BASE.'lib/scripts/jquery/jquery-ui-theme/'; // load plugin styles $files = array_merge($files, css_pluginstyles($mediatype)); // load template styles @@ -85,26 +87,14 @@ function css_out(){ } } - // check cache age & handle conditional request - header('Cache-Control: public, max-age=3600'); - header('Pragma: public'); - if(css_cacheok($cache,array_keys($files),$tplinc)){ - http_conditionalRequest(filemtime($cache)); - if($conf['allowdebug']) header("X-CacheUsed: $cache"); - - // finally send output - if ($conf['gzip_output'] && http_gzip_valid($cache)) { - header('Vary: Accept-Encoding'); - header('Content-Encoding: gzip'); - readfile($cache.".gz"); - } else { - if (!http_sendfile($cache)) readfile($cache); - } + $cache_files = array_merge(array_keys($files), getConfigFiles('main')); + $cache_files[] = $tplinc.'style.ini'; + $cache_files[] = __FILE__; - return; - } else { - http_conditionalRequest(time()); - } + // check cache age & handle conditional request + // This may exit if a cache can be used + http_cached($cache->cache, + $cache->useCache(array('files' => $cache_files))); // start output buffering and build the stylesheet ob_start(); @@ -133,45 +123,13 @@ function css_out(){ $css = css_compress($css); } - // save cache file - io_saveFile($cache,$css); - if(function_exists('gzopen')) io_saveFile("$cache.gz",$css); - - // finally send output - if ($conf['gzip_output']) { - header('Vary: Accept-Encoding'); - header('Content-Encoding: gzip'); - print gzencode($css,9,FORCE_GZIP); - } else { - print $css; + // embed small images right into the stylesheet + if($conf['cssdatauri']){ + $base = preg_quote(DOKU_BASE,'#'); + $css = preg_replace_callback('#(url\([ \'"]*)('.$base.')(.*?(?:\.(png|gif)))#i','css_datauri',$css); } -} - -/** - * Checks if a CSS Cache file still is valid - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function css_cacheok($cache,$files,$tplinc){ - global $config_cascade; - - if(isset($_REQUEST['purge'])) return false; //support purge request - - $ctime = @filemtime($cache); - if(!$ctime) return false; //There is no cache - - // some additional files to check - $files = array_merge($files, getConfigFiles('main')); - $files[] = $tplinc.'style.ini'; - $files[] = __FILE__; - // now walk the files - foreach($files as $file){ - if(@filemtime($file) > $ctime){ - return false; - } - } - return true; + http_cached_finish($cache->cache, $css); } /** @@ -231,7 +189,7 @@ function css_interwiki(){ function css_filetypes(){ // default style - echo 'a.mediafile {'; + echo '.mediafile {'; echo ' background: transparent url('.DOKU_BASE.'lib/images/fileicons/file.png) 0px 1px no-repeat;'; echo ' padding-left: 18px;'; echo ' padding-bottom: 1px;'; @@ -254,7 +212,7 @@ function css_filetypes(){ } foreach($exts as $ext=>$type){ $class = preg_replace('/[^_\-a-z0-9]+/','_',$ext); - echo "a.mf_$class {"; + echo ".mf_$class {"; echo ' background-image: url('.DOKU_BASE.'lib/images/fileicons/'.$ext.$type.')'; echo '}'; } @@ -269,11 +227,38 @@ function css_loadfile($file,$location=''){ $css = io_readFile($file); if(!$location) return $css; - $css = preg_replace('#(url\([ \'"]*)(?!/|http://|https://| |\'|")#','\\1'.$location,$css); - $css = preg_replace('#(@import\s+[\'"])(?!/|http://|https://)#', '\\1'.$location, $css); + $css = preg_replace('#(url\([ \'"]*)(?!/|data:|http://|https://| |\'|")#','\\1'.$location,$css); + $css = preg_replace('#(@import\s+[\'"])(?!/|data:|http://|https://)#', '\\1'.$location, $css); + return $css; } +/** + * Converte local image URLs to data URLs if the filesize is small + * + * Callback for preg_replace_callback + */ +function css_datauri($match){ + global $conf; + + $pre = unslash($match[1]); + $base = unslash($match[2]); + $url = unslash($match[3]); + $ext = unslash($match[4]); + + $local = DOKU_INC.$url; + $size = @filesize($local); + if($size && $size < $conf['cssdatauri']){ + $data = base64_encode(file_get_contents($local)); + } + if($data){ + $url = 'data:image/'.$ext.';base64,'.$data; + }else{ + $url = $base.$url; + } + return $pre.$url; +} + /** * Returns a list of possible Plugin Styles (no existance check here) @@ -334,7 +319,8 @@ function css_compress($css){ // strip whitespaces $css = preg_replace('![\r\n\t ]+!',' ',$css); - $css = preg_replace('/ ?([:;,{}\/]) ?/','\\1',$css); + $css = preg_replace('/ ?([;,{}\/]) ?/','\\1',$css); + $css = preg_replace('/ ?: /',':',$css); // shorten colors $css = preg_replace("/#([0-9a-fA-F]{1})\\1([0-9a-fA-F]{1})\\2([0-9a-fA-F]{1})\\3/", "#\\1\\2\\3",$css); diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 3ad4f1937..143d40f22 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -20,6 +20,10 @@ $CACHE = calc_cache($_REQUEST['cache']); $WIDTH = (int) $_REQUEST['w']; $HEIGHT = (int) $_REQUEST['h']; + $REV = (int) @$_REQUEST['rev']; + //sanitize revision + $REV = preg_replace('/[^0-9]/','',$REV); + list($EXT,$MIME,$DL) = mimetype($MEDIA,false); if($EXT === false){ $EXT = 'unknown'; @@ -28,7 +32,7 @@ } // check for permissions, preconditions and cache external files - list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE); + list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE, $REV); // prepare data for plugin events $data = array('media' => $MEDIA, @@ -147,7 +151,7 @@ function sendFile($file,$mime,$dl,$cache){ * @param $file reference to the file variable * @returns array(STATUS, STATUSMESSAGE) */ -function checkFileStatus(&$media, &$file) { +function checkFileStatus(&$media, &$file, $rev='') { global $MIME, $EXT, $CACHE; //media to local file @@ -172,7 +176,7 @@ function checkFileStatus(&$media, &$file) { if(auth_quickaclcheck(getNS($media).':X') < AUTH_READ){ return array( 403, 'Forbidden' ); } - $file = mediaFN($media); + $file = mediaFN($media, $rev); } //check file existance diff --git a/lib/exe/js.php b/lib/exe/js.php index b2ae3f7fe..b7f2fd222 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -32,27 +32,39 @@ function js_out(){ global $config_cascade; // The generated script depends on some dynamic options - $cache = getCacheName('scripts'.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'],'.js'); + $cache = new cache('scripts'.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'], + '.js'); + + // load minified version for some files + $min = $conf['compress'] ? '.min' : ''; // array of core files $files = array( + DOKU_INC."lib/scripts/jquery/jquery$min.js", + DOKU_INC.'lib/scripts/jquery/jquery.cookie.js', + DOKU_INC."lib/scripts/jquery/jquery-ui$min.js", + DOKU_INC."lib/scripts/fileuploader.js", + DOKU_INC."lib/scripts/fileuploaderextended.js", DOKU_INC.'lib/scripts/helpers.js', - DOKU_INC.'lib/scripts/events.js', DOKU_INC.'lib/scripts/delay.js', DOKU_INC.'lib/scripts/cookie.js', DOKU_INC.'lib/scripts/script.js', DOKU_INC.'lib/scripts/tw-sack.js', - DOKU_INC.'lib/scripts/ajax.js', + DOKU_INC.'lib/scripts/qsearch.js', + DOKU_INC.'lib/scripts/tree.js', DOKU_INC.'lib/scripts/index.js', DOKU_INC.'lib/scripts/drag.js', DOKU_INC.'lib/scripts/textselection.js', DOKU_INC.'lib/scripts/toolbar.js', DOKU_INC.'lib/scripts/edit.js', + DOKU_INC.'lib/scripts/editor.js', DOKU_INC.'lib/scripts/locktimer.js', DOKU_INC.'lib/scripts/linkwiz.js', DOKU_INC.'lib/scripts/media.js', - DOKU_INC.'lib/scripts/subscriptions.js', + DOKU_INC.'lib/scripts/compatibility.js', # disabled for FS#1958 DOKU_INC.'lib/scripts/hotkeys.js', + DOKU_INC.'lib/scripts/behaviour.js', + DOKU_INC.'lib/scripts/page.js', DOKU_TPLINC.'script.js', ); @@ -62,25 +74,13 @@ function js_out(){ $files[] = $config_cascade['userscript']['default']; } + $cache_files = array_merge($files, getConfigFiles('main')); + $cache_files[] = __FILE__; + // check cache age & handle conditional request - header('Cache-Control: public, max-age=3600'); - header('Pragma: public'); - if(js_cacheok($cache,$files)){ - http_conditionalRequest(filemtime($cache)); - if($conf['allowdebug']) header("X-CacheUsed: $cache"); - - // finally send output - if ($conf['gzip_output'] && http_gzip_valid($cache)) { - header('Vary: Accept-Encoding'); - header('Content-Encoding: gzip'); - readfile($cache.".gz"); - } else { - if (!http_sendfile($cache)) readfile($cache); - } - return; - } else { - http_conditionalRequest(time()); - } + // This may exit if a cache can be used + http_cached($cache->cache, + $cache->useCache(array('files' => $cache_files))); // start output buffering and build the script ob_start(); @@ -88,6 +88,7 @@ function js_out(){ // add some global variables print "var DOKU_BASE = '".DOKU_BASE."';"; print "var DOKU_TPL = '".DOKU_TPL."';"; + // FIXME: Move those to JSINFO print "var DOKU_UHN = ".((int) useHeading('navigation')).";"; print "var DOKU_UHC = ".((int) useHeading('content')).";"; @@ -106,17 +107,10 @@ function js_out(){ echo "\n\n/* XXXXXXXXXX end of " . str_replace(DOKU_INC, '', $file) . " XXXXXXXXXX */\n\n"; } - // init stuff - js_runonstart("addEvent(document,'click',closePopups)"); - js_runonstart('addTocToggle()'); - js_runonstart("initSizeCtl('size__ctl','wiki__text')"); - js_runonstart("initToolbar('tool__bar','wiki__text',toolbar)"); if($conf['locktime'] != 0){ - js_runonstart("locktimer.init(".($conf['locktime'] - 60).",'".js_escape($lang['willexpire'])."',".$conf['usedraft'].", 'wiki__text')"); + js_runonstart("dw_locktimer.init(".($conf['locktime'] - 60).",".$conf['usedraft'].")"); } - js_runonstart('scrollToMarker()'); - js_runonstart('focusMarker()'); // init hotkeys - must have been done after init of toolbar # disabled for FS#1958 js_runonstart('initializeHotkeys()'); @@ -131,18 +125,7 @@ function js_out(){ $js .= "\n"; // https://bugzilla.mozilla.org/show_bug.cgi?id=316033 - // save cache file - io_saveFile($cache,$js); - if(function_exists('gzopen')) io_saveFile("$cache.gz",$js); - - // finally send output - if ($conf['gzip_output']) { - header('Vary: Accept-Encoding'); - header('Content-Encoding: gzip'); - print gzencode($js,9,FORCE_GZIP); - } else { - print $js; - } + http_cached_finish($cache->cache, $js); } /** @@ -174,34 +157,7 @@ function js_load($file){ } $data = str_replace($match[0],$idata,$data); } - echo $data; -} - -/** - * Checks if a JavaScript Cache file still is valid - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function js_cacheok($cache,$files){ - if(isset($_REQUEST['purge'])) return false; //support purge request - - $ctime = @filemtime($cache); - if(!$ctime) return false; //There is no cache - - global $config_cascade; - - // some additional files to check - $files = array_merge($files, getConfigFiles('main')); - $files[] = $config_cascade['userscript']['default']; - $files[] = __FILE__; - - // now walk the files - foreach($files as $file){ - if(@filemtime($file) > $ctime){ - return false; - } - } - return true; + echo "$data\n"; } /** @@ -262,7 +218,7 @@ function js_escape($string){ * @author Andreas Gohr <andi@splitbrain.org> */ function js_runonstart($func){ - echo "addInitEvent(function(){ $func; });".NL; + echo "jQuery(function(){ $func; });".NL; } /** @@ -288,7 +244,7 @@ function js_compress($s){ // items that don't need spaces next to them $chars = "^&|!+\-*\/%=\?:;,{}()<>% \t\n\r'\"[]"; - $regex_starters = array("(", "=", "[", "," , ":"); + $regex_starters = array("(", "=", "[", "," , ":", "!"); $whitespaces_chars = array(" ", "\t", "\n", "\r", "\0", "\x0B"); diff --git a/lib/exe/mediamanager.php b/lib/exe/mediamanager.php index 02fde5a8d..5f09fe1f8 100644 --- a/lib/exe/mediamanager.php +++ b/lib/exe/mediamanager.php @@ -35,7 +35,7 @@ $AUTH = auth_quickaclcheck("$NS:*"); // do not display the manager if user does not have read access - if($AUTH < AUTH_READ) { + if($AUTH < AUTH_READ && !$fullscreen) { header('HTTP/1.0 403 Forbidden'); die($lang['accessdenied']); } @@ -76,10 +76,20 @@ } // handle meta saving - if($IMG && $_REQUEST['do']['save']){ + if($IMG && @array_key_exists('save', $_REQUEST['do'])){ $JUMPTO = media_metasave($IMG,$AUTH,$_REQUEST['meta']); } + if($IMG && ($_REQUEST['mediado'] == 'save' || @array_key_exists('save', $_REQUEST['mediado']))) { + $JUMPTO = media_metasave($IMG,$AUTH,$_REQUEST['meta']); + } + + if ($_REQUEST['rev'] && $conf['mediarevisions']) $REV = (int) $_REQUEST['rev']; + + if($_REQUEST['mediado'] == 'restore' && $conf['mediarevisions']){ + $JUMPTO = media_restore($_REQUEST['image'], $REV, $AUTH); + } + // handle deletion if($DEL) { $res = 0; @@ -88,7 +98,7 @@ } if ($res & DOKU_MEDIA_DELETED) { $msg = sprintf($lang['deletesucc'], noNS($DEL)); - if ($res & DOKU_MEDIA_EMPTY_NS) { + if ($res & DOKU_MEDIA_EMPTY_NS && !$fullscreen) { // current namespace was removed. redirecting to root ns passing msg along send_redirect(DOKU_URL.'lib/exe/mediamanager.php?msg1='. rawurlencode($msg).'&edid='.$_REQUEST['edid']); @@ -102,9 +112,11 @@ msg(sprintf($lang['deletefail'],noNS($DEL)),-1); } } - // finished - start output - header('Content-Type: text/html; charset=utf-8'); - include(template('mediamanager.php')); + + if (!$fullscreen) { + header('Content-Type: text/html; charset=utf-8'); + include(template('mediamanager.php')); + } /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */ diff --git a/lib/exe/multipleUpload.swf b/lib/exe/multipleUpload.swf Binary files differdeleted file mode 100644 index 888aab045..000000000 --- a/lib/exe/multipleUpload.swf +++ /dev/null diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 108dd8fd1..e5e3298ae 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -7,7 +7,7 @@ if(isset($HTTP_RAW_POST_DATA)) $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA); /** * Increased whenever the API is changed */ -define('DOKU_XMLRPC_API_VERSION',5); +define('DOKU_XMLRPC_API_VERSION', 6); require_once(DOKU_INC.'inc/init.php'); session_write_close(); //close session @@ -30,26 +30,9 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { global $USERINFO; if(!$conf['useacl']) return true; //no ACL - then no checks + if(trim($conf['xmlrpcuser']) == '') return true; //no restrictions - $allowed = explode(',',$conf['xmlrpcuser']); - $allowed = array_map('trim', $allowed); - $allowed = array_unique($allowed); - $allowed = array_filter($allowed); - - if(!count($allowed)) return true; //no restrictions - - $user = $_SERVER['REMOTE_USER']; - $groups = (array) $USERINFO['grps']; - - if(in_array($user,$allowed)) return true; //user explicitly mentioned - - //check group memberships - foreach($groups as $group){ - if(in_array('@'.$group,$allowed)) return true; - } - - //still here? no access! - return false; + return auth_isMember($conf['xmlrpcuser'],$_SERVER['REMOTE_USER'],(array) $USERINFO['grps']); } /** @@ -70,6 +53,11 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { */ function call($methodname, $args){ if(!in_array($methodname,$this->public_methods) && !$this->checkAuth()){ + if (!isset($_SERVER['REMOTE_USER'])) { + header('HTTP/1.1 401 Unauthorized'); + } else { + header('HTTP/1.1 403 Forbidden'); + } return new IXR_Error(-32603, 'server error. not authorized to call method "'.$methodname.'".'); } return parent::call($methodname, $args); @@ -596,8 +584,12 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { // save temporary file @unlink($ftmp); - $buff = base64_decode($file); - io_saveFile($ftmp, $buff); + if (preg_match('/^[A-Za-z0-9\+\/]*={0,2}$/', $file) === 1) { + // DEPRECATED: Double-decode file if it still looks like base64 + // after first decoding (which is done by the library) + $file = base64_decode($file); + } + io_saveFile($ftmp, $file); $res = media_save(array('name' => $ftmp), $id, $params['ow'], $auth, 'rename'); if (is_array($res)) { @@ -870,11 +862,22 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { global $auth; if(!$conf['useacl']) return 0; if(!$auth) return 0; + + @session_start(); // reopen session for login if($auth->canDo('external')){ - return $auth->trustExternal($user,$pass,false); + $ok = $auth->trustExternal($user,$pass,false); }else{ - return auth_login($user,$pass,false,true); + $evdata = array( + 'user' => $user, + 'password' => $pass, + 'sticky' => false, + 'silent' => true, + ); + $ok = trigger_event('AUTH_LOGIN_CHECK', $evdata, 'auth_login_wrapper'); } + session_write_close(); // we're done with the session + + return $ok; } |