MDL-8590 auth cleanup - part 6

TheVirtualLtd · Feb 21, 2007 · 430759a · 430759a
1 parent 7ee8146
commit 430759a
Show file tree

Hide file tree

Showing 14 changed files with 86 additions and 73 deletions.
diff --git a/auth/cas/auth.php b/auth/cas/auth.php
@@ -219,7 +219,7 @@ function is_internal() {
      * @return bool
      */
     function can_change_password() {
-        return false;
+        return !empty($this->config->changepasswordurl);
     }
 
     /**
@@ -235,10 +235,10 @@ function config_form($config, $err, $user_fields) {
     }
 
     /**
-     * Returns the URL for changing the user's pw, or false if the default can
+     * Returns the URL for changing the user's pw, or empty if the default can
      * be used.
      *
-     * @return bool
+     * @return string
      */
     function change_password_url() {
         return $this->config->changepasswordurl;

diff --git a/auth/db/auth.php b/auth/db/auth.php
@@ -591,17 +591,23 @@ function is_internal() {
      * @return bool
      */
     function can_change_password() {
-        return ($this->config->passtype === 'internal');
+        return ($this->config->passtype == 'internal' or !empty($this->config->changepasswordurl));
     }
 
     /**
-     * Returns the URL for changing the user's pw, or false if the default can
+     * Returns the URL for changing the user's pw, or empty if the default can
      * be used.
      *
-     * @return bool
+     * @return string
      */
     function change_password_url() {
-        return $this->config->changepasswordurl;
+        if ($this->config->passtype == 'internal') {
+            // standard form
+            return '';
+        } else {
+            // use custom url
+            return $this->config->changepasswordurl;
+        }
     }
 
     /**

diff --git a/auth/email/auth.php b/auth/email/auth.php
@@ -74,7 +74,7 @@ function user_update_password($user, $newpassword) {
         return update_internal_user_password($user, $newpassword);
     }
 
-    /*
+    /**
      * Sign up a new user ready for confirmation.
      */
     function user_signup($user, $notify = true) {
@@ -93,7 +93,7 @@ function user_signup($user, $notify = true) {
         }
     }
 
-    /*
+    /**
      * Confirm the new user as registered.
      */
     function user_confirm($username, $confirmsecret) {
@@ -135,13 +135,22 @@ function can_change_password() {
     }
 
     /**
-     * Returns the URL for changing the user's pw, or false if the default can
+     * Returns the URL for changing the user's pw, or empty if the default can
      * be used.
      *
-     * @return bool
+     * @return mixed
      */
     function change_password_url() {
-        return false;
+        return ''; // use dafult internal method
+    }
+
+    /**
+     * Returns true if plugin allows resetting of internal password.
+     *
+     * @return bool
+     */
+    function can_reset_password() {
+        return true;
     }
 
     /**

diff --git a/auth/imap/auth.php b/auth/imap/auth.php
@@ -37,8 +37,8 @@ function auth_plugin_imap() {
      * Returns true if the username and password work and false if they are
      * wrong or don't exist.
      *
-     * @param string $username The username
-     * @param string $password The password
+     * @param string $username The username (with system magic quotes)
+     * @param string $password The password (with system magic quotes)
      * @return bool Authentication success or failure.
      */
     function user_login ($username, $password) {
@@ -71,7 +71,7 @@ function user_login ($username, $password) {
             }
 
             error_reporting(0);
-            $connection = imap_open($host, $username, $password, OP_HALFOPEN);
+            $connection = imap_open($host, stripslashes($username), stripslashes($password), OP_HALFOPEN);
             error_reporting($CFG->debug);
 
             if ($connection) {
@@ -99,18 +99,17 @@ function is_internal() {
      * @return bool
      */
     function can_change_password() {
-        return false;
+        return !empty($this->config->changepasswordurl);
     }
 
     /**
-     * Returns the URL for changing the user's pw, or false if the default can
+     * Returns the URL for changing the user's pw, or empty if the default can
      * be used.
      *
-     * @return bool
+     * @return string
      */
     function change_password_url() {
-        return $CFG->changepasswordurl; // TODO: will this be global?
-        //return $this->config->changepasswordurl;
+        return $this->config->changepasswordurl;
     }
 
     /**

diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php
@@ -48,9 +48,12 @@ function auth_plugin_ldap() {
             }
         }
         //hack prefix to objectclass
-        if ('objectClass=' != substr($this->config->objectclass, 0, 12)) {
-           $this->config->objectclass = 'objectClass='.$this->config->objectclass;
+        if (empty($this->config->objectclass)) {        // Can't send empty filter
+            $this->config->objectclass='objectClass=*';
+        } else if (strpos($this->config->objectclass, 'objectClass=') !== 0) {
+            $this->config->objectclass = 'objectClass='.$this->config->objectclass;
         }
+
     }
 
     /**
@@ -135,10 +138,6 @@ function get_userinfo($username) {
 
         $user_dn = $this->ldap_find_userdn($ldapconnection, $extusername);
 
-        if (empty($this->config->objectclass)) {        // Can't send empty filter
-            $this->config->objectclass="objectClass=*";
-        }
-
         if (!$user_info_result = ldap_read($ldapconnection, $user_dn, $this->config->objectclass, $search_attribs)) {
             return false; // error!
         }
@@ -387,10 +386,6 @@ function sync_users ($bulk_insert_records = 1000, $do_updates = true) {
         //// get user's list from ldap to sql in a scalable fashion
         ////
         // prepare some data we'll need
-        if (! empty($this->config->objectclass)) {
-            $this->config->objectclass="objectClass=*";
-        }
-
         $filter = "(&(".$this->config->user_attribute."=*)(".$this->config->objectclass."))";
 
         $contexts = explode(";",$this->config->contexts);
@@ -1500,11 +1495,11 @@ function is_internal() {
      * @return bool
      */
     function can_change_password() {
-        return true;
+        return !empty($this->config->stdchangepassword) or !empty($this->config->changepasswordurl);
     }
 
     /**
-     * Returns the URL for changing the user's pw, or false if the default can
+     * Returns the URL for changing the user's pw, or empty if the default can
      * be used.
      *
      * @return string url
@@ -1513,7 +1508,7 @@ function change_password_url() {
         if (empty($this->config->stdchangepassword)) {
             return $this->config->changepasswordurl;
         } else {
-            return false;
+            return '';
         }
     }
 

diff --git a/auth/manual/auth.php b/auth/manual/auth.php
@@ -87,13 +87,22 @@ function can_change_password() {
     }
 
     /**
-     * Returns the URL for changing the user's pw, or false if the default can
+     * Returns the URL for changing the user's pw, or empty if the default can
      * be used.
      *
-     * @return bool
+     * @return string
      */
     function change_password_url() {
-        return false;
+        return '';
+    }
+
+    /**
+     * Returns true if plugin allows resetting of internal password.
+     *
+     * @return bool
+     */
+    function can_reset_password() {
+        return true;
     }
 
     /**

diff --git a/auth/mnet/auth.php b/auth/mnet/auth.php
@@ -609,17 +609,18 @@ function is_internal() {
      * @return bool
      */
     function can_change_password() {
+        //TODO: it should be able to redirect, right?
         return false;
     }
 
     /**
      * Returns the URL for changing the user's pw, or false if the default can
      * be used.
      *
-     * @return bool
+     * @return string
      */
     function change_password_url() {
-        return false;
+        return '';
     }
 
     /**

diff --git a/auth/nntp/auth.php b/auth/nntp/auth.php
@@ -37,8 +37,8 @@ function auth_plugin_nntp() {
      * Returns true if the username and password work and false if they are
      * wrong or don't exist.
      *
-     * @param string $username The username
-     * @param string $password The password
+     * @param string $username The username (with system magic quotes)
+     * @param string $password The password (with system magic quotes)
      * @return bool Authentication success or failure.
      */
     function user_login ($username, $password) {
@@ -55,7 +55,7 @@ function user_login ($username, $password) {
             $host = '{' . trim($host) . ':' . $this->config->port . '/nntp}';
 
             error_reporting(0);
-            $connection = imap_open($host, $username, $password, OP_HALFOPEN);
+            $connection = imap_open($host, stripslashes($username), stripslashes($password), OP_HALFOPEN);
             error_reporting($CFG->debug);
 
             if ($connection) {

diff --git a/auth/nologin/auth.php b/auth/nologin/auth.php
@@ -63,16 +63,6 @@ function can_change_password() {
         return false;
     }
 
-    /**
-     * Returns the URL for changing the user's pw, or false if the default can
-     * be used.
-     *
-     * @return bool
-     */
-    function change_password_url() {
-        return false;
-    }
-
     /**
      * Prints a form for configuring this authentication plugin.
      *

diff --git a/auth/none/auth.php b/auth/none/auth.php
@@ -87,13 +87,22 @@ function can_change_password() {
     }
 
     /**
-     * Returns the URL for changing the user's pw, or false if the default can
+     * Returns the URL for changing the user's pw, or empty if the default can
      * be used.
      *
-     * @return bool
+     * @return string
      */
     function change_password_url() {
-        return false;
+        return '';
+    }
+
+    /**
+     * Returns true if plugin allows resetting of internal password.
+     *
+     * @return bool
+     */
+    function can_reset_password() {
+        return true;
     }
 
     /**

diff --git a/auth/pam/auth.php b/auth/pam/auth.php
@@ -57,8 +57,8 @@ function auth_plugin_pam() {
      * Returns true if the username and password work and false if they are
      * wrong or don't exist.
      *
-     * @param string $username The username
-     * @param string $password The password
+     * @param string $username The username (with system magic quotes)
+     * @param string $password The password (with system magic quotes)
      * @return bool Authentication success or failure.
      */
     function user_login ($username, $password) {
@@ -70,7 +70,7 @@ function user_login ($username, $password) {
 
         // call_time_pass_reference of errormessage is deprecated - throws warnings in multiauth
         //if (pam_auth($username, $password, &$errormessage)) {
-        if (pam_auth($username, $password)) {
+        if (pam_auth(stripslashes($username), strislashes($password))) {
             return true;
         }
         else {

diff --git a/auth/pop3/auth.php b/auth/pop3/auth.php
@@ -37,8 +37,8 @@ function auth_plugin_pop3() {
      * Returns true if the username and password work and false if they are
      * wrong or don't exist.
      *
-     * @param string $username The username
-     * @param string $password The password
+     * @param string $username The username (with system magic quotes)
+     * @param string $password The password (with system magic quotes)
      * @return bool Authentication success or failure.
      */
     function user_login($username, $password) {
@@ -72,7 +72,7 @@ function user_login($username, $password) {
             }
 
             error_reporting(0);
-            $connection = imap_open($host, $username, $password);
+            $connection = imap_open($host, stripslashes($username), stripslashes($password));
             error_reporting($CFG->debug);
 
             if ($connection) {
@@ -99,7 +99,7 @@ function is_internal() {
      * @return bool
      */
     function can_change_password() {
-        return false;
+        return !empty($this->config->changepasswordurl);
     }
 
     /**
@@ -109,8 +109,7 @@ function can_change_password() {
      * @return bool
      */
     function change_password_url() {
-        return $CFG->changepasswordurl; // TODO: will this be global?
-        //return $this->config->changepasswordurl;
+        return $this->config->changepasswordurl;
     }
 
     /**

diff --git a/auth/radius/auth.php b/auth/radius/auth.php
@@ -38,8 +38,8 @@ function auth_plugin_radius() {
      * Returns true if the username and password work and false if they are
      * wrong or don't exist.
      *
-     * @param string $username The username
-     * @param string $password The password
+     * @param string $username The username (with system magic quotes)
+     * @param string $password The password (with system magic quotes)
      * @return bool Authentication success or failure.
      */
     function user_login ($username, $password) {
@@ -52,7 +52,7 @@ function user_login ($username, $password) {
         // printf("nasport: $this->config->nasport <br/>");
         // printf("secret: $this->config->secret <br/>");
 
-        $rauth = new Auth_RADIUS_PAP($username, $password);
+        $rauth = new Auth_RADIUS_PAP(stripslashes($username), stripslashes($password));
         $rauth->addServer($this->config->host, $this->config->nasport, $this->config->secret);
 
         if (!$rauth->start()) {