From b4245126d64b378a4cb90821718983e27e943ebc Mon Sep 17 00:00:00 2001 From: Jan Schumann Date: Tue, 3 Jan 2012 02:46:36 +0100 Subject: Load auth types from plugins in settings_authtype class --- lib/plugins/config/settings/extra.class.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/extra.class.php b/lib/plugins/config/settings/extra.class.php index b4e35b1cc..72b9755be 100644 --- a/lib/plugins/config/settings/extra.class.php +++ b/lib/plugins/config/settings/extra.class.php @@ -43,12 +43,19 @@ if (!class_exists('setting_authtype')) { class setting_authtype extends setting_multichoice { function initialize($default,$local,$protected) { + global $plugin_controller; // populate $this->_choices with a list of available auth mechanisms $authtypes = glob(DOKU_INC.'inc/auth/*.class.php'); $authtypes = preg_replace('#^.*/([^/]*)\.class\.php$#i','$1', $authtypes); $authtypes = array_diff($authtypes, array('basic')); - sort($authtypes); + + // retrive auth types provided by plugins + foreach ($plugin_controller->getList('auth') as $plugin) { + $authtypes = $plugin; + } + + $authtypes = array_unique($authtypes); $this->_choices = $authtypes; -- cgit v1.2.3 From 396b87bebcb14765849b43a259a2b6cf2aff98f3 Mon Sep 17 00:00:00 2001 From: Jan Schumann Date: Tue, 3 Jan 2012 03:31:54 +0100 Subject: Bugfix: auth types are now correcty added --- lib/plugins/config/settings/extra.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/extra.class.php b/lib/plugins/config/settings/extra.class.php index 72b9755be..cee3c6b20 100644 --- a/lib/plugins/config/settings/extra.class.php +++ b/lib/plugins/config/settings/extra.class.php @@ -52,7 +52,7 @@ if (!class_exists('setting_authtype')) { // retrive auth types provided by plugins foreach ($plugin_controller->getList('auth') as $plugin) { - $authtypes = $plugin; + $authtypes[] = $plugin; } $authtypes = array_unique($authtypes); -- cgit v1.2.3 From f4476bd9b5badd36cd0617d76538e47d9649986b Mon Sep 17 00:00:00 2001 From: Jan Schumann Date: Mon, 20 Feb 2012 19:51:26 +0100 Subject: Refactored auth system: All auth methods are now introduced as plugins. --- lib/plugins/config/settings/extra.class.php | 50 +++++++++++++++++++++++------ 1 file changed, 40 insertions(+), 10 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/extra.class.php b/lib/plugins/config/settings/extra.class.php index cee3c6b20..f6adf1c18 100644 --- a/lib/plugins/config/settings/extra.class.php +++ b/lib/plugins/config/settings/extra.class.php @@ -45,22 +45,52 @@ if (!class_exists('setting_authtype')) { function initialize($default,$local,$protected) { global $plugin_controller; - // populate $this->_choices with a list of available auth mechanisms - $authtypes = glob(DOKU_INC.'inc/auth/*.class.php'); - $authtypes = preg_replace('#^.*/([^/]*)\.class\.php$#i','$1', $authtypes); - $authtypes = array_diff($authtypes, array('basic')); - // retrive auth types provided by plugins foreach ($plugin_controller->getList('auth') as $plugin) { - $authtypes[] = $plugin; + $this->_choices[] = $plugin; } - $authtypes = array_unique($authtypes); - - $this->_choices = $authtypes; - parent::initialize($default,$local,$protected); } + + function update($input) { + global $plugin_controller; + + // is an update posible? + $mayUpdate = parent::update($input); + + // is it an auth plugin? + if (in_array($input, $plugin_controller->getList('auth'))) { + // reject disabled plugins + if ($plugin_controller->isdisabled($input)) { + $this->_error = true; + msg('Auth type ' . $input . ' is disabled.'); + return false; + } + + // load the plugin + $auth_plugin = $plugin_controller->load('auth', $input); + + // @TODO: throw an error in plugin controller instead of returning null + if (is_null($auth_plugin)) { + $this->_error = true; + msg('Cannot load Auth Plugin "' . $input . '"'); + return false; + } + + // verify proper instanciation (is this really a plugin?) @TODO use instanceof? impement interface? + if (is_object($auth_plugin) && !method_exists($auth_plugin, 'getPluginName')) { + $this->_error = true; + msg('Cannot create Auth Plugin "' . $input . '"'); + return false; + } + } + + msg('Successfully changed auth system. Please re-login.'); + auth_logoff(); + + return true; + } } } -- cgit v1.2.3 From 23e8f02b8aa3a74fed70f1a496bdb5423908133a Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 10 Nov 2012 16:11:30 +0100 Subject: added 'text' to config plugin for multi line text configs --- lib/plugins/config/settings/config.class.php | 33 ++++++++++++++++++++++--- lib/plugins/config/settings/config.metadata.php | 1 + 2 files changed, 31 insertions(+), 3 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 8c48018d7..9f98231e3 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -35,6 +35,7 @@ if (!class_exists('configuration')) { msg('No configuration metadata found at - '.htmlspecialchars($datafile),-1); return; } + $meta = array(); include($datafile); if (isset($config['varname'])) $this->_name = $config['varname']; @@ -68,6 +69,7 @@ if (!class_exists('configuration')) { $keys = array_merge(array_keys($this->_metadata),array_keys($default), array_keys($local), array_keys($protected)); $keys = array_unique($keys); + $param = null; foreach ($keys as $key) { if (isset($this->_metadata[$key])) { $class = $this->_metadata[$key][0]; @@ -425,11 +427,9 @@ if (!class_exists('setting')) { $out = ''; if ($fmt=='php') { - // translation string needs to be improved FIXME - $tr = array("\n"=>'\n', "\r"=>'\r', "\t"=>'\t', "\\" => '\\\\', "'" => '\\\''); $tr = array("\\" => '\\\\', "'" => '\\\''); - $out = '$'.$var."['".$this->_out_key()."'] = '".strtr($this->_local, $tr)."';\n"; + $out = '$'.$var."['".$this->_out_key()."'] = '".strtr( cleanText($this->_local), $tr)."';\n"; } return $out; @@ -494,6 +494,33 @@ if (!class_exists('setting_string')) { } } +if (!class_exists('setting_text')) { + class setting_text extends setting { + function html(&$plugin, $echo=false) { + $value = ''; + $disable = ''; + + if ($this->is_protected()) { + $value = $this->_protected; + $disable = 'disabled="disabled"'; + } else { + if ($echo && $this->_error) { + $value = $this->_input; + } else { + $value = is_null($this->_local) ? $this->_default : $this->_local; + } + } + + $key = htmlspecialchars($this->_key); + $value = formText($value); + + $label = ''; + $input = ''; + return array($label,$input); + } + } +} + if (!class_exists('setting_password')) { class setting_password extends setting_string { diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php index 3607f56c6..33ebb7fd8 100644 --- a/lib/plugins/config/settings/config.metadata.php +++ b/lib/plugins/config/settings/config.metadata.php @@ -15,6 +15,7 @@ * ------------------------------------------- * '' - default class ('setting'), textarea, minimal input validation, setting output in quotes * 'string' - single line text input, minimal input validation, setting output in quotes + * 'text' - multi line text input, minimal input validation, setting output in quotes * 'numeric' - text input, accepts numbers and arithmetic operators, setting output without quotes * if given the '_min' and '_max' parameters are used for validation * 'numericopt' - like above, but accepts empty values -- cgit v1.2.3 From 7e29378446eeb33892837048b31b4180e26ccd1f Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 10 Nov 2012 16:22:34 +0100 Subject: partial revert of 23e8f02b8aa3a74fed70f1a496bdb5423908133a okay. I can't read. we already had a multiline config. It's the default. So I reverted my change, except for making use of formText/cleanText for proper line ending handling and I added made focused textareas a bit larger. --- lib/plugins/config/settings/config.class.php | 29 +------------------------ lib/plugins/config/settings/config.metadata.php | 1 - 2 files changed, 1 insertion(+), 29 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 9f98231e3..e6d085bcb 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -409,7 +409,7 @@ if (!class_exists('setting')) { } $key = htmlspecialchars($this->_key); - $value = htmlspecialchars($value); + $value = formText($value); $label = ''; $input = ''; @@ -494,33 +494,6 @@ if (!class_exists('setting_string')) { } } -if (!class_exists('setting_text')) { - class setting_text extends setting { - function html(&$plugin, $echo=false) { - $value = ''; - $disable = ''; - - if ($this->is_protected()) { - $value = $this->_protected; - $disable = 'disabled="disabled"'; - } else { - if ($echo && $this->_error) { - $value = $this->_input; - } else { - $value = is_null($this->_local) ? $this->_default : $this->_local; - } - } - - $key = htmlspecialchars($this->_key); - $value = formText($value); - - $label = ''; - $input = ''; - return array($label,$input); - } - } -} - if (!class_exists('setting_password')) { class setting_password extends setting_string { diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php index 33ebb7fd8..3607f56c6 100644 --- a/lib/plugins/config/settings/config.metadata.php +++ b/lib/plugins/config/settings/config.metadata.php @@ -15,7 +15,6 @@ * ------------------------------------------- * '' - default class ('setting'), textarea, minimal input validation, setting output in quotes * 'string' - single line text input, minimal input validation, setting output in quotes - * 'text' - multi line text input, minimal input validation, setting output in quotes * 'numeric' - text input, accepts numbers and arithmetic operators, setting output without quotes * if given the '_min' and '_max' parameters are used for validation * 'numericopt' - like above, but accepts empty values -- cgit v1.2.3 From 3295f40a380553bb3f7f3018cee2e4462e0be417 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 10 Nov 2012 16:35:16 +0100 Subject: fixed saving in config plugin Saving worked, but did you log out everytime. Now it is checked if the auth mechanism was actually changed before assuming the login is invalid. --- lib/plugins/config/settings/extra.class.php | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/extra.class.php b/lib/plugins/config/settings/extra.class.php index f6adf1c18..6998e1fbf 100644 --- a/lib/plugins/config/settings/extra.class.php +++ b/lib/plugins/config/settings/extra.class.php @@ -64,7 +64,7 @@ if (!class_exists('setting_authtype')) { // reject disabled plugins if ($plugin_controller->isdisabled($input)) { $this->_error = true; - msg('Auth type ' . $input . ' is disabled.'); + msg('Auth type ' . $input . ' is disabled.', -1); return false; } @@ -74,21 +74,24 @@ if (!class_exists('setting_authtype')) { // @TODO: throw an error in plugin controller instead of returning null if (is_null($auth_plugin)) { $this->_error = true; - msg('Cannot load Auth Plugin "' . $input . '"'); + msg('Cannot load Auth Plugin "' . $input . '"', -1); return false; } // verify proper instanciation (is this really a plugin?) @TODO use instanceof? impement interface? if (is_object($auth_plugin) && !method_exists($auth_plugin, 'getPluginName')) { $this->_error = true; - msg('Cannot create Auth Plugin "' . $input . '"'); + msg('Cannot create Auth Plugin "' . $input . '"', -1); return false; } } - msg('Successfully changed auth system. Please re-login.'); - auth_logoff(); - + // did we change the auth type? logout + global $conf; + if($conf['authtype'] != $input) { + msg('Authentication system changed. Please re-login.'); + auth_logoff(); + } return true; } } -- cgit v1.2.3 From 89d02586756515c9fb68a348e99a787d95e999a2 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 10 Nov 2012 18:12:39 +0100 Subject: config manager: removed dead/commented code --- lib/plugins/config/settings/config.class.php | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 8c48018d7..ebf638526 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -45,14 +45,8 @@ if (!class_exists('configuration')) { $this->_local_files = $config_cascade['main']['local']; $this->_protected_files = $config_cascade['main']['protected']; -# if (isset($file['default'])) $this->_default_file = $file['default']; -# if (isset($file['local'])) $this->_local_file = $file['local']; -# if (isset($file['protected'])) $this->_protected_file = $file['protected']; - $this->locked = $this->_is_locked(); - $this->_metadata = array_merge($meta, $this->get_plugintpl_metadata($conf['template'])); - $this->retrieve_settings(); } @@ -147,7 +141,6 @@ if (!class_exists('configuration')) { if (!$file) return array(); $config = array(); -# $file = eval('return '.$file.';'); if ($this->_format == 'php') { @@ -195,9 +188,6 @@ if (!class_exists('configuration')) { function _out_footer() { $out = ''; if ($this->_format == 'php') { - # if ($this->_protected_file) { - # $out .= "\n@include(".$this->_protected_file.");\n"; - # } $out .= "\n// end auto-generated content\n"; } @@ -209,7 +199,6 @@ if (!class_exists('configuration')) { function _is_locked() { if (!$this->_local_files) return true; -# $local = eval('return '.$this->_local_file.';'); $local = $this->_local_files[0]; if (!is_writable(dirname($local))) return true; @@ -425,8 +414,6 @@ if (!class_exists('setting')) { $out = ''; if ($fmt=='php') { - // translation string needs to be improved FIXME - $tr = array("\n"=>'\n', "\r"=>'\r', "\t"=>'\t', "\\" => '\\\\', "'" => '\\\''); $tr = array("\\" => '\\\\', "'" => '\\\''); $out = '$'.$var."['".$this->_out_key()."'] = '".strtr($this->_local, $tr)."';\n"; -- cgit v1.2.3 From b8f41ef0bac4e82cb3b02cd318efaddbaaeb1a78 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 10 Nov 2012 18:13:09 +0100 Subject: config manager: let PHP parse the config file Until now, the config manager did read and parse the various PHP config files itself. This fails for more complex setups like arrays. I'm not really sure why this was done. This patch replaces the parsing with a simple include() call. Everything still seems to work. --- lib/plugins/config/settings/config.class.php | 25 +++---------------------- 1 file changed, 3 insertions(+), 22 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index ebf638526..722c8df7b 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -139,32 +139,13 @@ if (!class_exists('configuration')) { function _read_config($file) { if (!$file) return array(); + if (!file_exists($file)) return array(); $config = array(); if ($this->_format == 'php') { - - if(@file_exists($file)){ - $contents = @php_strip_whitespace($file); - }else{ - $contents = ''; - } - $pattern = '/\$'.$this->_name.'\[[\'"]([^=]+)[\'"]\] ?= ?(.*?);(?=[^;]*(?:\$'.$this->_name.'|$))/s'; - $matches=array(); - preg_match_all($pattern,$contents,$matches,PREG_SET_ORDER); - - for ($i=0; $i'\\','\\\''=>'\'','\\"'=>'"')); - - $config[$key] = $value; - } + include($file); + $config = ${$this->_name}; } return $config; -- cgit v1.2.3 From 60dd32d957e6c4ce2d969c45cc60497f55a39abe Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 10 Nov 2012 18:18:05 +0100 Subject: added 'array' type for config manager This allows to use simple arrays in the config file but have a comma separated list in the config manager. --- lib/plugins/config/settings/config.class.php | 104 ++++++++++++++++++++++++ lib/plugins/config/settings/config.metadata.php | 3 + 2 files changed, 107 insertions(+) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 722c8df7b..e4a638eb0 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -435,6 +435,110 @@ if (!class_exists('setting')) { } } + +if (!class_exists('setting_array')) { + class setting_array extends setting { + + /** + * Create an array from a string + * + * @param $string + * @return array + */ + protected function _from_string($string){ + $array = explode(',', $string); + $array = array_map('trim', $array); + $array = array_filter($array); + $array = array_unique($array); + return $array; + } + + /** + * Create a string from an array + * + * @param $array + * @return string + */ + protected function _from_array($array){ + return join(', ', (array) $array); + } + + /** + * update setting with user provided value $input + * if value fails error check, save it + * + * @param string $input + * @return bool true if changed, false otherwise (incl. on error) + */ + function update($input) { + if (is_null($input)) return false; + if ($this->is_protected()) return false; + + $input = $this->_from_string($input); + + $value = is_null($this->_local) ? $this->_default : $this->_local; + if ($value == $input) return false; + + foreach($input as $item){ + if ($this->_pattern && !preg_match($this->_pattern,$item)) { + $this->_error = true; + $this->_input = $input; + return false; + } + } + + $this->_local = $input; + return true; + } + + protected function _escape($string) { + $tr = array("\\" => '\\\\', "'" => '\\\''); + return "'".strtr( cleanText($string), $tr)."'"; + } + + /** + * generate string to save setting value to file according to $fmt + */ + function out($var, $fmt='php') { + + if ($this->is_protected()) return ''; + if (is_null($this->_local) || ($this->_default == $this->_local)) return ''; + + $out = ''; + + if ($fmt=='php') { + $vals = array_map(array($this, '_escape'), $this->_local); + $out = '$'.$var."['".$this->_out_key()."'] = array(".join(', ',$vals).");\n"; + } + + return $out; + } + + function html(&$plugin, $echo=false) { + $value = ''; + $disable = ''; + + if ($this->is_protected()) { + $value = $this->_protected; + $disable = 'disabled="disabled"'; + } else { + if ($echo && $this->_error) { + $value = $this->_input; + } else { + $value = is_null($this->_local) ? $this->_default : $this->_local; + } + } + + $key = htmlspecialchars($this->_key); + $value = htmlspecialchars($this->_from_array($value)); + + $label = ''; + $input = ''; + return array($label,$input); + } + } +} + if (!class_exists('setting_string')) { class setting_string extends setting { function html(&$plugin, $echo=false) { diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php index 3607f56c6..582452917 100644 --- a/lib/plugins/config/settings/config.metadata.php +++ b/lib/plugins/config/settings/config.metadata.php @@ -32,6 +32,9 @@ * separated list of checked choices * 'fieldset' - used to group configuration settings, but is not itself a setting. To make this clear in * the language files the keys for this type should start with '_'. + * 'array' - a simple (one dimensional) array of string values, shown as comma separated list in the + * config manager but saved as PHP array(). Values may not contain commas themselves. + * _pattern matching on the array values supported. * * Single Setting (source: settings/extra.class.php) * ------------------------------------------------- -- cgit v1.2.3 From d30b165d18ab3a6868d3b3e96e7bac782fb58441 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Fri, 16 Nov 2012 13:28:15 +0100 Subject: Revert "config manager: let PHP parse the config file" This reverts commit b8f41ef0bac4e82cb3b02cd318efaddbaaeb1a78. We had good reasons for parsing the file ourselves. For example to keep expressions like 7*60*60*24 intact. --- lib/plugins/config/settings/config.class.php | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index e4a638eb0..e71a7e5f9 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -139,13 +139,32 @@ if (!class_exists('configuration')) { function _read_config($file) { if (!$file) return array(); - if (!file_exists($file)) return array(); $config = array(); if ($this->_format == 'php') { - include($file); - $config = ${$this->_name}; + + if(@file_exists($file)){ + $contents = @php_strip_whitespace($file); + }else{ + $contents = ''; + } + $pattern = '/\$'.$this->_name.'\[[\'"]([^=]+)[\'"]\] ?= ?(.*?);(?=[^;]*(?:\$'.$this->_name.'|$))/s'; + $matches=array(); + preg_match_all($pattern,$contents,$matches,PREG_SET_ORDER); + + for ($i=0; $i'\\','\\\''=>'\'','\\"'=>'"')); + + $config[$key] = $value; + } } return $config; -- cgit v1.2.3 From cba21baacb4880eefd35279b0589e035c5a5c78e Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Fri, 16 Nov 2012 13:59:17 +0100 Subject: started to add some unit tests to config manager Parsing the config file should be completely tested before we can rely on it and safely extend it. This just adds the first very basic tests. --- lib/plugins/config/settings/config.class.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index e71a7e5f9..5a2aa2980 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -6,6 +6,9 @@ * @author Ben Coburn */ + +if(!defined('CM_KEYMARKER')) define('CM_KEYMARKER','____'); + if (!class_exists('configuration')) { class configuration { -- cgit v1.2.3 From 741c52751f7b22a3167d9475b2adb1a79f5eeea6 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Wed, 16 Jan 2013 13:41:42 +0100 Subject: parse arrays from config file --- lib/plugins/config/settings/config.class.php | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 5a2aa2980..7f15df6fb 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -157,14 +157,31 @@ if (!class_exists('configuration')) { preg_match_all($pattern,$contents,$matches,PREG_SET_ORDER); for ($i=0; $i'\\','\\\''=>'\'','\\"'=>'"')); + + // handle arrays + if(preg_match('/array ?\((.*)\)/', $value, $match)){ + $arr = explode(',', $match[1]); + + // remove quotes from quoted strings & unescape escaped data + $len = count($arr); + for($j=0; $j<$len; $j++){ + $arr[$j] = preg_replace('/^(\'|")(.*)(?'\\','\\\''=>'\'','\\"'=>'"')); + } + + $value = $arr; + }else{ + // remove quotes from quoted strings & unescape escaped data + $value = preg_replace('/^(\'|")(.*)(?'\\','\\\''=>'\'','\\"'=>'"')); + } $config[$key] = $value; } -- cgit v1.2.3 From d12150d88f5fe8d5718313ab6c14ab8c907c61ff Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Wed, 16 Jan 2013 13:59:41 +0100 Subject: fixed problems with spaced arrays --- lib/plugins/config/settings/config.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 7f15df6fb..7ff310b20 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -166,12 +166,13 @@ if (!class_exists('configuration')) { // handle arrays - if(preg_match('/array ?\((.*)\)/', $value, $match)){ + if(preg_match('/^array ?\((.*)\)/', $value, $match)){ $arr = explode(',', $match[1]); // remove quotes from quoted strings & unescape escaped data $len = count($arr); for($j=0; $j<$len; $j++){ + $arr[$j] = trim($arr[$j]); $arr[$j] = preg_replace('/^(\'|")(.*)(?'\\','\\\''=>'\'','\\"'=>'"')); } -- cgit v1.2.3 From e0e514e1850d0f52a3fdeeee54712050fd0fe5c7 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Thu, 31 Jan 2013 16:28:25 +0100 Subject: touch the config on save, even if no changes were made --- lib/plugins/config/settings/config.class.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index a30a0605b..334e617dd 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -130,6 +130,15 @@ if (!class_exists('configuration')) { return true; } + /** + * Update last modified time stamp of the config file + */ + function touch_settings(){ + if ($this->locked) return false; + $file = end($this->_local_files); + return @touch($file); + } + function _read_config_group($files) { $config = array(); foreach ($files as $file) { -- cgit v1.2.3 From a9b6a8b59a0be9ff45f5675c3b032ad8d2afd6eb Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 16 Feb 2013 14:37:12 +0100 Subject: allow richer email addresses in notify and registernotify FS#2689 This deprecates the "richemail" config class --- lib/plugins/config/settings/config.class.php | 85 +++++++++++-------------- lib/plugins/config/settings/config.metadata.php | 8 +-- 2 files changed, 41 insertions(+), 52 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 16be9a689..5b81be782 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -79,7 +79,7 @@ if (!class_exists('configuration')) { array_shift($param); } else { $class = 'setting_undefined'; - $param = NULL; + $param = null; } if (!in_array($class, $no_default_check) && !isset($default[$key])) { @@ -353,13 +353,13 @@ if (!class_exists('setting')) { class setting { var $_key = ''; - var $_default = NULL; - var $_local = NULL; - var $_protected = NULL; + var $_default = null; + var $_local = null; + var $_protected = null; var $_pattern = ''; var $_error = false; // only used by those classes which error check - var $_input = NULL; // only used by those classes which error check + var $_input = null; // only used by those classes which error check var $_cautionList = array( 'basedir' => 'danger', 'baseurl' => 'danger', 'savedir' => 'danger', 'cookiedir' => 'danger', 'useacl' => 'danger', 'authtype' => 'danger', 'superuser' => 'danger', 'userewrite' => 'danger', @@ -367,7 +367,7 @@ if (!class_exists('setting')) { 'allowdebug' => 'security', 'htmlok' => 'security', 'phpok' => 'security', 'iexssprotect' => 'security', 'xmlrpc' => 'security', 'fullpath' => 'security' ); - function setting($key, $params=NULL) { + function setting($key, $params=null) { $this->_key = $key; if (is_array($params)) { @@ -656,6 +656,7 @@ if (!class_exists('setting_email')) { class setting_email extends setting_string { var $_pattern = SETTING_EMAIL_PATTERN; // no longer required, retained for backward compatibility - FIXME, may not be necessary var $_multiple = false; + var $_placeholders = false; /** * update setting with user provided value $input @@ -669,15 +670,36 @@ if (!class_exists('setting_email')) { $value = is_null($this->_local) ? $this->_default : $this->_local; if ($value == $input) return false; + if($input === ''){ + $this->_local = $input; + return true; + } + $mail = $input; + + if($this->_placeholders){ + // replace variables with pseudo values + $mail = str_replace('@USER@','joe',$mail); + $mail = str_replace('@NAME@','Joe Schmoe',$mail); + $mail = str_replace('@MAIL@','joe@example.com',$mail); + } + // multiple mail addresses? if ($this->_multiple) { - $mails = array_filter(array_map('trim', explode(',', $input))); + $mails = array_filter(array_map('trim', explode(',', $mail))); } else { - $mails = array($input); + $mails = array($mail); } + // check them all foreach ($mails as $mail) { - if (!mail_isvalid($mail)) { + // only check the address part + if(preg_match('#(.*?)<(.*?)>#', $mail, $matches)){ + $addr = $matches[2]; + }else{ + $addr = $mail; + } + + if (!mail_isvalid($addr)) { $this->_error = true; $this->_input = $input; return false; @@ -690,46 +712,15 @@ if (!class_exists('setting_email')) { } } +/** + * @deprecated 2013-02-16 + */ if (!class_exists('setting_richemail')) { class setting_richemail extends setting_email { - - /** - * update setting with user provided value $input - * if value fails error check, save it - * - * @return boolean true if changed, false otherwise (incl. on error) - */ - function update($input) { - if (is_null($input)) return false; - if ($this->is_protected()) return false; - - $value = is_null($this->_local) ? $this->_default : $this->_local; - if ($value == $input) return false; - - // replace variables with pseudo values - $test = $input; - $test = str_replace('@USER@','joe',$test); - $test = str_replace('@NAME@','Joe Schmoe',$test); - $test = str_replace('@MAIL@','joe@example.com',$test); - - // now only check the address part - if(preg_match('#(.*?)<(.*?)>#',$test,$matches)){ - $text = trim($matches[1]); - $addr = $matches[2]; - }else{ - $addr = $test; - } - - if ($test !== '' && !mail_isvalid($addr)) { - $this->_error = true; - $this->_input = $input; - return false; - } - - $this->_local = $input; - return true; - } - + function update($input) { + $this->_placeholders = true; + return parent::update($input); + } } } diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php index 585015085..663eab9dd 100644 --- a/lib/plugins/config/settings/config.metadata.php +++ b/lib/plugins/config/settings/config.metadata.php @@ -20,9 +20,7 @@ * 'numericopt' - like above, but accepts empty values * 'onoff' - checkbox input, setting output 0|1 * 'multichoice' - select input (single choice), setting output with quotes, required _choices parameter - * 'email' - text input, input must conform to email address format, setting output in quotes - * 'richemail' - text input, input must conform to email address format but accepts variables and - * emails with a real name prepended (when email address is given in <>) + * 'email' - text input, input must conform to email address format * 'password' - password input, minimal input validation, setting output text in quotes, maybe encoded * according to the _code parameter * 'dirchoice' - as multichoice, selection choices based on folders found at location specified in _dir @@ -177,8 +175,8 @@ $meta['_notifications'] = array('fieldset'); $meta['subscribers'] = array('onoff'); $meta['subscribe_time'] = array('numeric'); $meta['notify'] = array('email', '_multiple' => true); -$meta['registernotify'] = array('email'); -$meta['mailfrom'] = array('richemail'); +$meta['registernotify'] = array('email', '_multiple' => true); +$meta['mailfrom'] = array('email', '_placeholders' => true); $meta['mailprefix'] = array('string'); $meta['htmlmail'] = array('onoff'); -- cgit v1.2.3 From 87bba75a4043643511c89cb89ef9cf11e59fbf2c Mon Sep 17 00:00:00 2001 From: Tom N Harris Date: Sat, 16 Feb 2013 12:53:24 -0500 Subject: Add django compatible hashes to the config options. --- lib/plugins/config/settings/config.metadata.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php index 663eab9dd..bdbc4311f 100644 --- a/lib/plugins/config/settings/config.metadata.php +++ b/lib/plugins/config/settings/config.metadata.php @@ -127,7 +127,7 @@ $meta['_authentication'] = array('fieldset'); $meta['useacl'] = array('onoff'); $meta['autopasswd'] = array('onoff'); $meta['authtype'] = array('authtype'); -$meta['passcrypt'] = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','lsmd5','crypt','mysql','my411','kmd5','pmd5','hmd5','mediawiki','bcrypt','sha512')); +$meta['passcrypt'] = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','lsmd5','crypt','mysql','my411','kmd5','pmd5','hmd5','mediawiki','bcrypt','djangomd5','djangosha1','sha512')); $meta['defaultgroup']= array('string'); $meta['superuser'] = array('string'); $meta['manager'] = array('string'); -- cgit v1.2.3 From a0e625181ad2e2369e8db0e5691f7356363776d0 Mon Sep 17 00:00:00 2001 From: Klap-in Date: Sat, 16 Feb 2013 23:03:01 +0100 Subject: separate default settings from non-existing settings setting type read from metadata eqaul to empty string is default 'setting' class (a textarea), everything else should be a existing class otherwise 'setting_no_class' is loaded --- lib/plugins/config/settings/config.class.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 16be9a689..a3cfae9f8 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -70,9 +70,14 @@ if (!class_exists('configuration')) { foreach ($keys as $key) { if (isset($this->_metadata[$key])) { $class = $this->_metadata[$key][0]; - $class = ($class && class_exists('setting_'.$class)) ? 'setting_'.$class : 'setting'; - if ($class=='setting') { - $this->setting[] = new setting_no_class($key,$param); + + if($class && class_exists('setting_'.$class)){ + $class = 'setting_'.$class; + } else { + if($class != '') { + $this->setting[] = new setting_no_class($key,$param); + } + $class = 'setting'; } $param = $this->_metadata[$key]; -- cgit v1.2.3 From 0fc50f81064736071e053d874b60a990fd1af8c2 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Sun, 17 Feb 2013 15:47:42 +0000 Subject: add property to show disabled plugins, set it to false (to hide by default) --- lib/plugins/config/settings/config.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 5b81be782..46e27654b 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -20,6 +20,7 @@ if (!class_exists('configuration')) { var $_metadata = array(); // holds metadata describing the settings var $setting = array(); // array of setting objects var $locked = false; // configuration is considered locked if it can't be updated + var $show_disabled_plugins = false; // configuration filenames var $_default_files = array(); @@ -262,7 +263,7 @@ if (!class_exists('configuration')) { function get_plugin_list() { if (is_null($this->_plugin_list)) { - $list = plugin_list('',true); // all plugins, including disabled ones + $list = plugin_list('',$this->show_disabled_plugins); // remove this plugin from the list $idx = array_search('config',$list); -- cgit v1.2.3 From aae735fc981470a44856ec34a838c4910ac68062 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Sun, 17 Feb 2013 16:54:23 +0000 Subject: tidy up authtype setting class (incl. fix issue with auth change/logoff occurring when only one auth plugin is enabled and other settings are updated) --- lib/plugins/config/settings/extra.class.php | 74 +++++++++++++---------------- 1 file changed, 34 insertions(+), 40 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/extra.class.php b/lib/plugins/config/settings/extra.class.php index 6998e1fbf..e4b97eb01 100644 --- a/lib/plugins/config/settings/extra.class.php +++ b/lib/plugins/config/settings/extra.class.php @@ -43,56 +43,50 @@ if (!class_exists('setting_authtype')) { class setting_authtype extends setting_multichoice { function initialize($default,$local,$protected) { - global $plugin_controller; + global $plugin_controller; - // retrive auth types provided by plugins - foreach ($plugin_controller->getList('auth') as $plugin) { - $this->_choices[] = $plugin; - } + // retrieve auth types provided by plugins + foreach ($plugin_controller->getList('auth') as $plugin) { + $this->_choices[] = $plugin; + } - parent::initialize($default,$local,$protected); + parent::initialize($default,$local,$protected); } function update($input) { - global $plugin_controller; - - // is an update posible? - $mayUpdate = parent::update($input); - - // is it an auth plugin? - if (in_array($input, $plugin_controller->getList('auth'))) { - // reject disabled plugins - if ($plugin_controller->isdisabled($input)) { - $this->_error = true; - msg('Auth type ' . $input . ' is disabled.', -1); - return false; - } - - // load the plugin - $auth_plugin = $plugin_controller->load('auth', $input); - - // @TODO: throw an error in plugin controller instead of returning null - if (is_null($auth_plugin)) { - $this->_error = true; - msg('Cannot load Auth Plugin "' . $input . '"', -1); - return false; - } - - // verify proper instanciation (is this really a plugin?) @TODO use instanceof? impement interface? - if (is_object($auth_plugin) && !method_exists($auth_plugin, 'getPluginName')) { - $this->_error = true; - msg('Cannot create Auth Plugin "' . $input . '"', -1); - return false; - } - } + global $plugin_controller; + + // is an update possible/requested? + $local = $this->_local; // save this, parent::update() may change it + if (!parent::update($input)) return false; // nothing changed or an error caught by parent + $this->_local = $local; // restore original, more error checking to come + + // attempt to load the plugin + $auth_plugin = $plugin_controller->load('auth', $input); + + // @TODO: throw an error in plugin controller instead of returning null + if (is_null($auth_plugin)) { + $this->_error = true; + msg('Cannot load Auth Plugin "' . $input . '"', -1); + return false; + } + + // verify proper instantiation (is this really a plugin?) @TODO use instanceof? implement interface? + if (is_object($auth_plugin) && !method_exists($auth_plugin, 'getPluginName')) { + $this->_error = true; + msg('Cannot create Auth Plugin "' . $input . '"', -1); + return false; + } // did we change the auth type? logout global $conf; if($conf['authtype'] != $input) { - msg('Authentication system changed. Please re-login.'); - auth_logoff(); + msg('Authentication system changed. Please re-login.'); + auth_logoff(); } - return true; + + $this->_local = $input; + return true; } } } -- cgit v1.2.3 From 22b77eded0c1fe0f6866972d97895a9e9dc26a1f Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Sun, 17 Feb 2013 16:55:12 +0000 Subject: improve comments on settings::update() method --- lib/plugins/config/settings/config.class.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index 46e27654b..8be53b145 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -388,10 +388,12 @@ if (!class_exists('setting')) { } /** - * update setting with user provided value $input - * if value fails error check, save it + * update changed setting with user provided value $input + * - if changed value fails error check, save it to $this->_input (to allow echoing later) + * - if changed value passes error check, set $this->_local to the new value * - * @return boolean true if changed, false otherwise (incl. on error) + * @param mixed $input the new value + * @return boolean true if changed, false otherwise (incl. on error) */ function update($input) { if (is_null($input)) return false; -- cgit v1.2.3 From c33b315b06b3a52a61cb1ecc2b3beadd4ecd0311 Mon Sep 17 00:00:00 2001 From: Anika Henke Date: Mon, 18 Feb 2013 01:08:40 +0000 Subject: removed a bunch of functions which were deprecated in 2005/2006 --- lib/plugins/config/settings/config.metadata.php | 8 -------- 1 file changed, 8 deletions(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php index bdbc4311f..22e76a013 100644 --- a/lib/plugins/config/settings/config.metadata.php +++ b/lib/plugins/config/settings/config.metadata.php @@ -70,14 +70,6 @@ $config['varname'] = 'conf'; // name of the config variable, sans $ // this value can be overriden when calling save_settings() method $config['heading'] = 'Dokuwiki\'s Main Configuration File - Local Settings'; -/* DEPRECATED -// ---------------[ setting files ]-------------------------------------- -// these values can be string expressions, they will be eval'd before use -$file['local'] = "DOKU_CONF.'local.php'"; // mandatory (file doesn't have to exist) -$file['default'] = "DOKU_CONF.'dokuwiki.php'"; // optional -$file['protected'] = "DOKU_CONF.'local.protected.php'"; // optional - */ - // test value (FIXME, remove before publishing) //$meta['test'] = array('multichoice','_choices' => array('')); -- cgit v1.2.3 From e0d6578c4fcc8130316f82645446333b06849a0e Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Mon, 18 Feb 2013 17:32:13 +0000 Subject: fix security caution for 'remote' setting (was 'xmlrpc') --- lib/plugins/config/settings/config.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/plugins/config/settings') diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php index e5e09d8f8..8eb99284d 100644 --- a/lib/plugins/config/settings/config.class.php +++ b/lib/plugins/config/settings/config.class.php @@ -370,7 +370,7 @@ if (!class_exists('setting')) { var $_cautionList = array( 'basedir' => 'danger', 'baseurl' => 'danger', 'savedir' => 'danger', 'cookiedir' => 'danger', 'useacl' => 'danger', 'authtype' => 'danger', 'superuser' => 'danger', 'userewrite' => 'danger', 'start' => 'warning', 'camelcase' => 'warning', 'deaccent' => 'warning', 'sepchar' => 'warning', 'compression' => 'warning', 'xsendfile' => 'warning', 'renderer_xhtml' => 'warning', 'fnencode' => 'warning', - 'allowdebug' => 'security', 'htmlok' => 'security', 'phpok' => 'security', 'iexssprotect' => 'security', 'xmlrpc' => 'security', 'fullpath' => 'security' + 'allowdebug' => 'security', 'htmlok' => 'security', 'phpok' => 'security', 'iexssprotect' => 'security', 'remote' => 'security', 'fullpath' => 'security' ); function setting($key, $params=null) { -- cgit v1.2.3