From 6c2bb1005f9be48e398a5b41494d235d7061b7bb Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Thu, 2 Mar 2006 11:18:50 +0100
Subject: Allow non-ID names in ACLs

Some auth backends allow special chars like whitespaces in user and group
names. This made problems with the existing ACL checks and ACL manager.
This patch makes the ACL system work with these cases by (url)encoding all
special chars below 128.

darcs-hash:20060302101850-6e07b-14bda9dbdb3528904325419b35bb9eddb0d1dde3.gz
---
 inc/auth/plain.class.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'inc/auth')

diff --git a/inc/auth/plain.class.php b/inc/auth/plain.class.php
index 3ed014262..d3df1c0dd 100644
--- a/inc/auth/plain.class.php
+++ b/inc/auth/plain.class.php
@@ -15,6 +15,8 @@ define('AUTH_USERFILE',DOKU_CONF.'users.auth.php');
 // we only accept page ids for auth_plain
 if(isset($_REQUEST['u']))
   $_REQUEST['u'] = cleanID($_REQUEST['u']);
+if(isset($_REQUEST['acl_user']))
+  $_REQUEST['acl_user'] = cleanID($_REQUEST['acl_user']);
 
 class auth_plain extends auth_basic {
 
-- 
cgit v1.2.3