From b8983d3a45d16afc81d527fc2616f8c43bbf2c87 Mon Sep 17 00:00:00 2001 From: Matt Perry Date: Tue, 20 Aug 2013 21:18:30 -0700 Subject: Fix CodeSniffer violations Remove whitespace from end of lines to reduce the number of CodeSniffer violations. --- inc/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'inc/auth.php') diff --git a/inc/auth.php b/inc/auth.php index 1c0bf5b4f..696456cfc 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -1061,7 +1061,7 @@ function auth_deleteprofile(){ if(!$INPUT->post->bool('delete')) return false; if(!checkSecurityToken()) return false; - // action prevented or auth module disallows + // action prevented or auth module disallows if(!actionOK('profile_delete') || !$auth->canDo('delUser')) { msg($lang['profnodelete'], -1); return false; -- cgit v1.2.3 From 7ef8e99fe605c5da36ab6b5d317b22fcd17f665b Mon Sep 17 00:00:00 2001 From: Matt Perry Date: Thu, 22 Aug 2013 01:01:41 -0700 Subject: Fix CodeSniffer violations Change indentation to ensure code confirms to CodeSniffer rules. --- inc/auth.php | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'inc/auth.php') diff --git a/inc/auth.php b/inc/auth.php index 696456cfc..8be270bfc 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -48,15 +48,15 @@ function auth_setup() { // try to load auth backend from plugins foreach ($plugin_controller->getList('auth') as $plugin) { - if ($conf['authtype'] === $plugin) { - $auth = $plugin_controller->load('auth', $plugin); - break; - } elseif ('auth' . $conf['authtype'] === $plugin) { - // matches old auth backends (pre-Weatherwax) - $auth = $plugin_controller->load('auth', $plugin); - msg('Your authtype setting is deprecated. You must set $conf[\'authtype\'] = "auth' . $conf['authtype'] . '"' - . ' in your configuration (see Authentication Backends)',-1,'','',MSG_ADMINS_ONLY); - } + if ($conf['authtype'] === $plugin) { + $auth = $plugin_controller->load('auth', $plugin); + break; + } elseif ('auth' . $conf['authtype'] === $plugin) { + // matches old auth backends (pre-Weatherwax) + $auth = $plugin_controller->load('auth', $plugin); + msg('Your authtype setting is deprecated. You must set $conf[\'authtype\'] = "auth' . $conf['authtype'] . '"' + . ' in your configuration (see Authentication Backends)',-1,'','',MSG_ADMINS_ONLY); + } } if(!isset($auth) || !$auth){ @@ -65,10 +65,10 @@ function auth_setup() { } if ($auth->success == false) { - // degrade to unauthenticated user - unset($auth); - auth_logoff(); - msg($lang['authtempfail'], -1); + // degrade to unauthenticated user + unset($auth); + auth_logoff(); + msg($lang['authtempfail'], -1); return false; } -- cgit v1.2.3 From 2f7a0e94cadfbc1ece3bd1d3ff23483b845cd420 Mon Sep 17 00:00:00 2001 From: Matt Perry Date: Tue, 10 Sep 2013 22:17:43 -0700 Subject: Fix CodeSniffer whitespace violoations Removed extraneous whitespace to eliminate errors reported by the Squiz.WhiteSpace.SuperfluousWhitespace sniff. --- inc/auth.php | 1 - 1 file changed, 1 deletion(-) (limited to 'inc/auth.php') diff --git a/inc/auth.php b/inc/auth.php index 8be270bfc..36fc7d086 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -391,7 +391,6 @@ function auth_randombytes($length) { } } - // If no strong randoms available, try OS the specific ways if(!$strong) { // Unix/Linux platform -- cgit v1.2.3 From 30f6faf00624251f7ac69fc86e9f3c5a01ad5d90 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Wed, 16 Oct 2013 15:22:58 +0100 Subject: update for deprecated '/e' flag in preg_replace (php 5.5) --- inc/auth.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'inc/auth.php') diff --git a/inc/auth.php b/inc/auth.php index 36fc7d086..ac079c574 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -808,14 +808,14 @@ function auth_nameencode($name, $skip_group = false) { if(!isset($cache[$name][$skip_group])) { if($skip_group && $name{0} == '@') { - $cache[$name][$skip_group] = '@'.preg_replace( - '/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/e', - "'%'.dechex(ord(substr('\\1',-1)))", substr($name, 1) + $cache[$name][$skip_group] = '@'.preg_replace_callback( + '/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/', + 'auth_nameencode_callback', substr($name, 1) ); } else { - $cache[$name][$skip_group] = preg_replace( - '/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/e', - "'%'.dechex(ord(substr('\\1',-1)))", $name + $cache[$name][$skip_group] = preg_replace_callback( + '/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/', + 'auth_nameencode_callback', $name ); } } @@ -823,6 +823,10 @@ function auth_nameencode($name, $skip_group = false) { return $cache[$name][$skip_group]; } +function auth_nameencode_callback($matches) { + return '%'.dechex(ord(substr($matches[1],-1))); +} + /** * Create a pronouncable password * -- cgit v1.2.3 From 443e135d59e9d227eec818dabf9ee64d7a73d474 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Wed, 16 Oct 2013 22:04:01 +0100 Subject: replace boolean conditional checks on possibly uninitialized vars with \!empty/empty/isset as appropriate --- inc/auth.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'inc/auth.php') diff --git a/inc/auth.php b/inc/auth.php index ac079c574..0d42c8673 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -139,10 +139,10 @@ function auth_loadACL() { $out = array(); foreach($acl as $line) { $line = trim($line); - if($line{0} == '#') continue; + if(empty($line) || ($line{0} == '#')) continue; // skip blank lines & comments list($id,$rest) = preg_split('/\s+/',$line,2); - // substitue user wildcard first (its 1:1) + // substitute user wildcard first (its 1:1) if(strstr($line, '%USER%')){ // if user is not logged in, this ACL line is meaningless - skip it if (!isset($_SERVER['REMOTE_USER'])) continue; -- cgit v1.2.3 From 21c3090a76ebde3117ae1dcb9f503fe3a61c1c02 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Mon, 21 Oct 2013 23:32:15 +0100 Subject: replace \s, \S with [ \t], [^ \t] in regexs used with acls --- inc/auth.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'inc/auth.php') diff --git a/inc/auth.php b/inc/auth.php index 0d42c8673..b793f5d12 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -140,7 +140,7 @@ function auth_loadACL() { foreach($acl as $line) { $line = trim($line); if(empty($line) || ($line{0} == '#')) continue; // skip blank lines & comments - list($id,$rest) = preg_split('/\s+/',$line,2); + list($id,$rest) = preg_split('/[ \t]+/',$line,2); // substitute user wildcard first (its 1:1) if(strstr($line, '%USER%')){ @@ -716,11 +716,11 @@ function auth_aclcheck($id, $user, $groups) { } //check exact match first - $matches = preg_grep('/^'.preg_quote($id, '/').'\s+(\S+)\s+/u', $AUTH_ACL); + $matches = preg_grep('/^'.preg_quote($id, '/').'[ \t]+([^ \t]+)[ \t]+/', $AUTH_ACL); if(count($matches)) { foreach($matches as $match) { $match = preg_replace('/#.*$/', '', $match); //ignore comments - $acl = preg_split('/\s+/', $match); + $acl = preg_split('/[ \t]+/', $match); if(!$auth->isCaseSensitive() && $acl[1] !== '@ALL') { $acl[1] = utf8_strtolower($acl[1]); } @@ -746,11 +746,11 @@ function auth_aclcheck($id, $user, $groups) { } do { - $matches = preg_grep('/^'.preg_quote($path, '/').'\s+(\S+)\s+/u', $AUTH_ACL); + $matches = preg_grep('/^'.preg_quote($path, '/').'[ \t]+([^ \t]+)[ \t]+/', $AUTH_ACL); if(count($matches)) { foreach($matches as $match) { $match = preg_replace('/#.*$/', '', $match); //ignore comments - $acl = preg_split('/\s+/', $match); + $acl = preg_split('/[ \t]+/', $match); if(!$auth->isCaseSensitive() && $acl[1] !== '@ALL') { $acl[1] = utf8_strtolower($acl[1]); } -- cgit v1.2.3