From e71b0ef705b86bb653fcae43e6845acbe6fd7fd2 Mon Sep 17 00:00:00 2001 From: Guy Brand Date: Sun, 17 Mar 2013 19:22:37 +0100 Subject: backward compatibility for old authtype settings --- inc/auth.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/inc/auth.php b/inc/auth.php index 68b6b438d..0713ca6af 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -48,10 +48,15 @@ function auth_setup() { // try to load auth backend from plugins foreach ($plugin_controller->getList('auth') as $plugin) { - if ($conf['authtype'] === $plugin) { - $auth = $plugin_controller->load('auth', $plugin); - break; - } + if ($conf['authtype'] === $plugin) { + $auth = $plugin_controller->load('auth', $plugin); + break; + } elseif ('auth' . $conf['authtype'] === $plugin) { + // matches old auth backends (pre-Weatherwax) + $auth = $plugin_controller->load('auth', $plugin); + msg('Your authtype setting is deprecated. You must set $conf[\'authconfig\'] = ' . "auth" . $conf['authtype'] + . ' in your config (see Authentication Backends)',-1); + } } if(!isset($auth) || !$auth){ -- cgit v1.2.3 From d3bae4781025502fdfb729854e39f8b2072b8a37 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Mon, 1 Apr 2013 16:55:40 +0100 Subject: add capability to restrict recipients of dokuwiki 'msg' alerts. This is useful where message is added to the queue before authentication is initialized --- inc/html.php | 8 +++++--- inc/infoutils.php | 37 +++++++++++++++++++++++++++++++++++-- 2 files changed, 40 insertions(+), 5 deletions(-) diff --git a/inc/html.php b/inc/html.php index 59415f7da..09d1387bd 100644 --- a/inc/html.php +++ b/inc/html.php @@ -1297,9 +1297,11 @@ function html_msgarea(){ foreach($MSG as $msg){ $hash = md5($msg['msg']); if(isset($shown[$hash])) continue; // skip double messages - print '
'; - print $msg['msg']; - print '
'; + if(info_msg_canshow($msg)){ + print '
'; + print $msg['msg']; + print '
'; + } $shown[$hash] = 1; } diff --git a/inc/infoutils.php b/inc/infoutils.php index 92607e4fa..3d1326624 100644 --- a/inc/infoutils.php +++ b/inc/infoutils.php @@ -269,7 +269,13 @@ function check(){ * @author Andreas Gohr * @see html_msgarea */ -function msg($message,$lvl=0,$line='',$file=''){ + +define('MSG_PUBLIC', 0); +define('MSG_USERS_ONLY', 1); +define('MSG_MANAGERS_ONLY',2); +define('MSG_ADMINS_ONLY',4); + +function msg($message,$lvl=0,$line='',$file='',$show=MSG_PUBLIC){ global $MSG, $MSG_shown; $errors[-1] = 'error'; $errors[0] = 'info'; @@ -279,7 +285,7 @@ function msg($message,$lvl=0,$line='',$file=''){ if($line || $file) $message.=' ['.utf8_basename($file).':'.$line.']'; if(!isset($MSG)) $MSG = array(); - $MSG[]=array('lvl' => $errors[$lvl], 'msg' => $message); + $MSG[]=array('lvl' => $errors[$lvl], 'msg' => $message, 'show' => $show); if(isset($MSG_shown) || headers_sent()){ if(function_exists('html_msgarea')){ html_msgarea(); @@ -290,6 +296,33 @@ function msg($message,$lvl=0,$line='',$file=''){ } } +function info_msg_canshow($msg){ + global $INFO, $auth; + + // is the message public? - everyone and anyone can see it + if (empty($msg['show'])) return true; + + // restricted msg, but no authentication + if (empty($auth)) return false; + + switch ($msg['show']){ + case MSG_USERS_ONLY: + return !empty($INFO['userinfo']); + + case MSG_MANAGERS_ONLY: + return $INFO['ismanager']; + + case MSG_ADMINS_ONLY: + return $INFO['isadmin']; + + default: + trigger_error('invalid msg show restriction. msg="'.$msg['msg'].'" show='.$msg['show'].'"', E_USER_WARNING); + return $INFO['isadmin']; + } + + return false; +} + /** * print debug messages * -- cgit v1.2.3 From 0b2e0a720d550ed8e96ffcdc62cbbffe78d27c21 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Mon, 1 Apr 2013 17:03:25 +0100 Subject: restrict 'authtype deprecated' alert to superusers only --- inc/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/auth.php b/inc/auth.php index 0713ca6af..9f180fc94 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -55,7 +55,7 @@ function auth_setup() { // matches old auth backends (pre-Weatherwax) $auth = $plugin_controller->load('auth', $plugin); msg('Your authtype setting is deprecated. You must set $conf[\'authconfig\'] = ' . "auth" . $conf['authtype'] - . ' in your config (see Authentication Backends)',-1); + . ' in your config (see Authentication Backends)',-1,'','',MSG_ADMINS_ONLY); } } -- cgit v1.2.3 From 64cafb1fc08f57bf3d9960139f3fa30034432be9 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Mon, 1 Apr 2013 20:47:21 +0100 Subject: for completeness (& defensive coding), test ['show'] against MSG_PUBLIC in case its redefined to a non-zero value --- inc/infoutils.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/infoutils.php b/inc/infoutils.php index 3d1326624..da230da37 100644 --- a/inc/infoutils.php +++ b/inc/infoutils.php @@ -300,7 +300,7 @@ function info_msg_canshow($msg){ global $INFO, $auth; // is the message public? - everyone and anyone can see it - if (empty($msg['show'])) return true; + if (empty($msg['show']) || ($msg['show'] == MSG_PUBLIC)) return true; // restricted msg, but no authentication if (empty($auth)) return false; -- cgit v1.2.3 From f755f9abc6fe099a6bee2bdd4acda44baca5ea7a Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Sun, 7 Apr 2013 19:40:27 +0100 Subject: change nomenclature from 'show' to 'allow' (fn from canshow to allowed) --- inc/html.php | 2 +- inc/infoutils.php | 23 ++++++++++++++++------- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/inc/html.php b/inc/html.php index 09d1387bd..fb39fcb3c 100644 --- a/inc/html.php +++ b/inc/html.php @@ -1297,7 +1297,7 @@ function html_msgarea(){ foreach($MSG as $msg){ $hash = md5($msg['msg']); if(isset($shown[$hash])) continue; // skip double messages - if(info_msg_canshow($msg)){ + if(info_msg_allowed($msg)){ print '
'; print $msg['msg']; print '
'; diff --git a/inc/infoutils.php b/inc/infoutils.php index da230da37..9fe5ee689 100644 --- a/inc/infoutils.php +++ b/inc/infoutils.php @@ -275,7 +275,7 @@ define('MSG_USERS_ONLY', 1); define('MSG_MANAGERS_ONLY',2); define('MSG_ADMINS_ONLY',4); -function msg($message,$lvl=0,$line='',$file='',$show=MSG_PUBLIC){ +function msg($message,$lvl=0,$line='',$file='',$allow=MSG_PUBLIC){ global $MSG, $MSG_shown; $errors[-1] = 'error'; $errors[0] = 'info'; @@ -285,7 +285,7 @@ function msg($message,$lvl=0,$line='',$file='',$show=MSG_PUBLIC){ if($line || $file) $message.=' ['.utf8_basename($file).':'.$line.']'; if(!isset($MSG)) $MSG = array(); - $MSG[]=array('lvl' => $errors[$lvl], 'msg' => $message, 'show' => $show); + $MSG[]=array('lvl' => $errors[$lvl], 'msg' => $message, 'allow' => $allow); if(isset($MSG_shown) || headers_sent()){ if(function_exists('html_msgarea')){ html_msgarea(); @@ -295,17 +295,26 @@ function msg($message,$lvl=0,$line='',$file='',$show=MSG_PUBLIC){ unset($GLOBALS['MSG']); } } - -function info_msg_canshow($msg){ +/** + * Determine whether the current user is allowed to view the message + * in the $msg data structure + * + * @param $msg array dokuwiki msg structure + * msg => string, the message + * lvl => int, level of the message (see msg() function) + * allow => int, flag used to determine who is allowed to see the message + * see MSG_* constants + */ +function info_msg_allowed($msg){ global $INFO, $auth; // is the message public? - everyone and anyone can see it - if (empty($msg['show']) || ($msg['show'] == MSG_PUBLIC)) return true; + if (empty($msg['allow']) || ($msg['allow'] == MSG_PUBLIC)) return true; // restricted msg, but no authentication if (empty($auth)) return false; - switch ($msg['show']){ + switch ($msg['allow']){ case MSG_USERS_ONLY: return !empty($INFO['userinfo']); @@ -316,7 +325,7 @@ function info_msg_canshow($msg){ return $INFO['isadmin']; default: - trigger_error('invalid msg show restriction. msg="'.$msg['msg'].'" show='.$msg['show'].'"', E_USER_WARNING); + trigger_error('invalid msg allow restriction. msg="'.$msg['msg'].'" allow='.$msg['allow'].'"', E_USER_WARNING); return $INFO['isadmin']; } -- cgit v1.2.3