From 6c8c1f4632a82459236200e9264c40ecebd4b162 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Fri, 3 Oct 2014 17:41:14 +0100 Subject: Fix for issues 877 & 885 related to a bug in PCRE 6.6 --- lib/plugins/authplain/_test/escaping.test.php | 43 +++++++++++++++++++++++++-- lib/plugins/authplain/auth.php | 31 ++++++++++++++++++- 2 files changed, 70 insertions(+), 4 deletions(-) diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php index cd5294157..5a5f67c82 100644 --- a/lib/plugins/authplain/_test/escaping.test.php +++ b/lib/plugins/authplain/_test/escaping.test.php @@ -13,12 +13,12 @@ */ class helper_plugin_authplain_escaping_test extends DokuWikiTest { - protected $pluginsEnabled = array('authplain'); + protected $pluginsEnabled = array('authplainharness'); protected $auth; protected function reloadUsers() { /* auth caches data loaded from file, but recreated object forces reload */ - $this->auth = new auth_plugin_authplain(); + $this->auth = new auth_plugin_authplainharness(); } function setUp() { @@ -76,7 +76,44 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest { $this->assertEquals($saved['name'], $user['name']); $this->assertTrue($this->auth->checkPass("testuser", $user['pass'])); } + + // really only required for developers to ensure this plugin will + // work with systems running on PCRE 6.6 and lower. + public function testLineSplit(){ + $this->auth->setPregsplit_safe(false); + + $names = array( + 'plain', + 'ut-fठ8', + 'colon:', + 'backslash\\', + 'alltogether\\ठ:' + ); + $userpass = 'user:password_hash:'; + $other_user_data = ':email@address:group1,group2'; + + foreach ($names as $testname) { + $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname); // escape : & \ + $test_line = $userpass.$escaped.$other_user_data; + $result = $this->auth->splitUserData($test_line); + + $this->assertEquals($testname, $result[2]); + } + } } -?> \ No newline at end of file +class auth_plugin_authplainharness extends auth_plugin_authplain { + + public function setPregsplit_safe($bool) { + $this->_pregsplit_safe = $bool; + } + + public function getPregsplit_safe(){ + return $this->_pregsplit_safe; + } + + public function splitUserData($line){ + return $this->_splitUserData($line); + } +} \ No newline at end of file diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index b3ca988b9..ec5d16e9d 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -17,6 +17,9 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { /** @var array filter pattern */ protected $_pattern = array(); + /** @var bool safe version of preg_split */ + protected $_pregsplit_safe = false; + /** * Constructor * @@ -44,6 +47,8 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { $this->cando['getUsers'] = true; $this->cando['getUserCount'] = true; } + + $this->_pregsplit_safe = version_compare(PCRE_VERSION,'6.7','>='); } /** @@ -329,7 +334,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { if(empty($line)) continue; /* NB: preg_split can be deprecated/replaced with str_getcsv once dokuwiki is min php 5.3 */ - $row = preg_split('/(?_splitUserData($line); $row = str_replace('\\:', ':', $row); $row = str_replace('\\\\', '\\', $row); @@ -342,6 +347,30 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { } } + protected function _splitUserData($line){ + // due to a bug in PCRE 6.6, preg_split will fail with the regex we use here + // refer github issues 877 & 885 + if ($this->_pregsplit_safe){ + return preg_split('/(? Date: Sat, 4 Oct 2014 11:59:42 +0100 Subject: escaping backslash should be included in split items --- lib/plugins/authplain/_test/escaping.test.php | 2 +- lib/plugins/authplain/auth.php | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php index 5a5f67c82..cbfbbc587 100644 --- a/lib/plugins/authplain/_test/escaping.test.php +++ b/lib/plugins/authplain/_test/escaping.test.php @@ -97,7 +97,7 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest { $test_line = $userpass.$escaped.$other_user_data; $result = $this->auth->splitUserData($test_line); - $this->assertEquals($testname, $result[2]); + $this->assertEquals($escaped, $result[2]); } } diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index ec5d16e9d..3d303597c 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -356,9 +356,12 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { $row = array(); $piece = ''; - for($i=0; $i=$len) break; } else if ($line[$i]==':'){ $row[] = $piece; $piece = ''; -- cgit v1.2.3 From 19a24e58599401a7566e825bcbcde8894c7f843a Mon Sep 17 00:00:00 2001 From: Harald Hanche-Olsen Date: Sun, 5 Oct 2014 18:38:53 +0200 Subject: Fix brokan format string --- inc/lang/no/lang.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/lang/no/lang.php b/inc/lang/no/lang.php index 5e508617e..aeea982f2 100644 --- a/inc/lang/no/lang.php +++ b/inc/lang/no/lang.php @@ -116,7 +116,7 @@ $lang['searchmedia_in'] = 'Søk i %s'; $lang['txt_upload'] = 'Velg fil som skal lastes opp:'; $lang['txt_filename'] = 'Skriv inn wikinavn (alternativt):'; $lang['txt_overwrt'] = 'Overskriv eksisterende fil'; -$lang['maxuploadsize'] = 'Opplast maks % per fil.'; +$lang['maxuploadsize'] = 'Opplast maks %s per fil.'; $lang['lockedby'] = 'Låst av:'; $lang['lockexpire'] = 'Låsingen utløper:'; $lang['js']['willexpire'] = 'Din redigeringslås for dette dokumentet kommer snart til å utløpe.\nFor å unngå versjonskonflikter bør du forhåndsvise dokumentet ditt for å forlenge redigeringslåsen.'; -- cgit v1.2.3 From 60aca4b904310fc764389d058c23e7b978b513a3 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Mon, 6 Oct 2014 14:59:03 +0200 Subject: do not use Accept-Encoding in browser UID Since Chrome 37, they send differen accept encodings for POST and GET requests which will break BrowserUID checks as reported in cosmocode/dokuwiki-plugin-oauth/issues/3 See https://code.google.com/p/chromium/issues/detail?id=410559 for official bug report at Google --- inc/auth.php | 1 - 1 file changed, 1 deletion(-) diff --git a/inc/auth.php b/inc/auth.php index e938830ef..4b1e6ce31 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -335,7 +335,6 @@ function auth_browseruid() { $ip = clientIP(true); $uid = ''; $uid .= $INPUT->server->str('HTTP_USER_AGENT'); - $uid .= $INPUT->server->str('HTTP_ACCEPT_ENCODING'); $uid .= $INPUT->server->str('HTTP_ACCEPT_CHARSET'); $uid .= substr($ip, 0, strpos($ip, '.')); $uid = strtolower($uid); -- cgit v1.2.3 From 7172294d0cc39ec10ad431dfdd0dd20e15a4ba35 Mon Sep 17 00:00:00 2001 From: Guy Brand Date: Wed, 8 Oct 2014 09:56:30 +0200 Subject: Release preparation --- doku.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doku.php b/doku.php index 261ceaec2..71eee564e 100644 --- a/doku.php +++ b/doku.php @@ -9,7 +9,7 @@ */ // update message version -$updateVersion = 46; +$updateVersion = 46.1; // xdebug_start_profiling(); -- cgit v1.2.3