From 430759a5fe05944a7b0a9a7c847237c5994ed36b Mon Sep 17 00:00:00 2001 From: skodak Date: Wed, 21 Feb 2007 21:42:10 +0000 Subject: [PATCH] MDL-8590 auth cleanup - part 6 --- auth/cas/auth.php | 6 +++--- auth/db/auth.php | 14 ++++++++++---- auth/email/auth.php | 19 ++++++++++++++----- auth/imap/auth.php | 15 +++++++-------- auth/ldap/auth.php | 21 ++++++++------------- auth/manual/auth.php | 15 ++++++++++++--- auth/mnet/auth.php | 5 +++-- auth/nntp/auth.php | 6 +++--- auth/nologin/auth.php | 10 ---------- auth/none/auth.php | 15 ++++++++++++--- auth/pam/auth.php | 6 +++--- auth/pop3/auth.php | 11 +++++------ auth/radius/auth.php | 6 +++--- auth/shibboleth/auth.php | 10 +++------- 14 files changed, 86 insertions(+), 73 deletions(-) diff --git a/auth/cas/auth.php b/auth/cas/auth.php index af55197908..61ac669cea 100644 --- a/auth/cas/auth.php +++ b/auth/cas/auth.php @@ -219,7 +219,7 @@ class auth_plugin_cas { * @return bool */ function can_change_password() { - return false; + return !empty($this->config->changepasswordurl); } /** @@ -235,10 +235,10 @@ class auth_plugin_cas { } /** - * Returns the URL for changing the user's pw, or false if the default can + * Returns the URL for changing the user's pw, or empty if the default can * be used. * - * @return bool + * @return string */ function change_password_url() { return $this->config->changepasswordurl; diff --git a/auth/db/auth.php b/auth/db/auth.php index 27f0574187..a13744b149 100644 --- a/auth/db/auth.php +++ b/auth/db/auth.php @@ -591,17 +591,23 @@ class auth_plugin_db { * @return bool */ function can_change_password() { - return ($this->config->passtype === 'internal'); + return ($this->config->passtype == 'internal' or !empty($this->config->changepasswordurl)); } /** - * Returns the URL for changing the user's pw, or false if the default can + * Returns the URL for changing the user's pw, or empty if the default can * be used. * - * @return bool + * @return string */ function change_password_url() { - return $this->config->changepasswordurl; + if ($this->config->passtype == 'internal') { + // standard form + return ''; + } else { + // use custom url + return $this->config->changepasswordurl; + } } /** diff --git a/auth/email/auth.php b/auth/email/auth.php index 140fc2195b..6c2191a62b 100644 --- a/auth/email/auth.php +++ b/auth/email/auth.php @@ -74,7 +74,7 @@ class auth_plugin_email { return update_internal_user_password($user, $newpassword); } - /* + /** * Sign up a new user ready for confirmation. */ function user_signup($user, $notify = true) { @@ -93,7 +93,7 @@ class auth_plugin_email { } } - /* + /** * Confirm the new user as registered. */ function user_confirm($username, $confirmsecret) { @@ -135,13 +135,22 @@ class auth_plugin_email { } /** - * Returns the URL for changing the user's pw, or false if the default can + * Returns the URL for changing the user's pw, or empty if the default can * be used. * - * @return bool + * @return mixed */ function change_password_url() { - return false; + return ''; // use dafult internal method + } + + /** + * Returns true if plugin allows resetting of internal password. + * + * @return bool + */ + function can_reset_password() { + return true; } /** diff --git a/auth/imap/auth.php b/auth/imap/auth.php index 448c3ad13f..3c1c0f7e22 100644 --- a/auth/imap/auth.php +++ b/auth/imap/auth.php @@ -37,8 +37,8 @@ class auth_plugin_imap { * Returns true if the username and password work and false if they are * wrong or don't exist. * - * @param string $username The username - * @param string $password The password + * @param string $username The username (with system magic quotes) + * @param string $password The password (with system magic quotes) * @return bool Authentication success or failure. */ function user_login ($username, $password) { @@ -71,7 +71,7 @@ class auth_plugin_imap { } error_reporting(0); - $connection = imap_open($host, $username, $password, OP_HALFOPEN); + $connection = imap_open($host, stripslashes($username), stripslashes($password), OP_HALFOPEN); error_reporting($CFG->debug); if ($connection) { @@ -99,18 +99,17 @@ class auth_plugin_imap { * @return bool */ function can_change_password() { - return false; + return !empty($this->config->changepasswordurl); } /** - * Returns the URL for changing the user's pw, or false if the default can + * Returns the URL for changing the user's pw, or empty if the default can * be used. * - * @return bool + * @return string */ function change_password_url() { - return $CFG->changepasswordurl; // TODO: will this be global? - //return $this->config->changepasswordurl; + return $this->config->changepasswordurl; } /** diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php index daf3c7ce06..96d9327052 100644 --- a/auth/ldap/auth.php +++ b/auth/ldap/auth.php @@ -48,9 +48,12 @@ class auth_plugin_ldap { } } //hack prefix to objectclass - if ('objectClass=' != substr($this->config->objectclass, 0, 12)) { - $this->config->objectclass = 'objectClass='.$this->config->objectclass; + if (empty($this->config->objectclass)) { // Can't send empty filter + $this->config->objectclass='objectClass=*'; + } else if (strpos($this->config->objectclass, 'objectClass=') !== 0) { + $this->config->objectclass = 'objectClass='.$this->config->objectclass; } + } /** @@ -135,10 +138,6 @@ class auth_plugin_ldap { $user_dn = $this->ldap_find_userdn($ldapconnection, $extusername); - if (empty($this->config->objectclass)) { // Can't send empty filter - $this->config->objectclass="objectClass=*"; - } - if (!$user_info_result = ldap_read($ldapconnection, $user_dn, $this->config->objectclass, $search_attribs)) { return false; // error! } @@ -387,10 +386,6 @@ class auth_plugin_ldap { //// get user's list from ldap to sql in a scalable fashion //// // prepare some data we'll need - if (! empty($this->config->objectclass)) { - $this->config->objectclass="objectClass=*"; - } - $filter = "(&(".$this->config->user_attribute."=*)(".$this->config->objectclass."))"; $contexts = explode(";",$this->config->contexts); @@ -1500,11 +1495,11 @@ class auth_plugin_ldap { * @return bool */ function can_change_password() { - return true; + return !empty($this->config->stdchangepassword) or !empty($this->config->changepasswordurl); } /** - * Returns the URL for changing the user's pw, or false if the default can + * Returns the URL for changing the user's pw, or empty if the default can * be used. * * @return string url @@ -1513,7 +1508,7 @@ class auth_plugin_ldap { if (empty($this->config->stdchangepassword)) { return $this->config->changepasswordurl; } else { - return false; + return ''; } } diff --git a/auth/manual/auth.php b/auth/manual/auth.php index cd867f4003..d8bd41fe3f 100644 --- a/auth/manual/auth.php +++ b/auth/manual/auth.php @@ -87,13 +87,22 @@ class auth_plugin_manual } /** - * Returns the URL for changing the user's pw, or false if the default can + * Returns the URL for changing the user's pw, or empty if the default can * be used. * - * @return bool + * @return string */ function change_password_url() { - return false; + return ''; + } + + /** + * Returns true if plugin allows resetting of internal password. + * + * @return bool + */ + function can_reset_password() { + return true; } /** diff --git a/auth/mnet/auth.php b/auth/mnet/auth.php index 2d672b8dde..9c8c07a394 100644 --- a/auth/mnet/auth.php +++ b/auth/mnet/auth.php @@ -609,6 +609,7 @@ class auth_plugin_mnet * @return bool */ function can_change_password() { + //TODO: it should be able to redirect, right? return false; } @@ -616,10 +617,10 @@ class auth_plugin_mnet * Returns the URL for changing the user's pw, or false if the default can * be used. * - * @return bool + * @return string */ function change_password_url() { - return false; + return ''; } /** diff --git a/auth/nntp/auth.php b/auth/nntp/auth.php index 1cb5d376fc..9e236ee68d 100644 --- a/auth/nntp/auth.php +++ b/auth/nntp/auth.php @@ -37,8 +37,8 @@ class auth_plugin_nntp { * Returns true if the username and password work and false if they are * wrong or don't exist. * - * @param string $username The username - * @param string $password The password + * @param string $username The username (with system magic quotes) + * @param string $password The password (with system magic quotes) * @return bool Authentication success or failure. */ function user_login ($username, $password) { @@ -55,7 +55,7 @@ class auth_plugin_nntp { $host = '{' . trim($host) . ':' . $this->config->port . '/nntp}'; error_reporting(0); - $connection = imap_open($host, $username, $password, OP_HALFOPEN); + $connection = imap_open($host, stripslashes($username), stripslashes($password), OP_HALFOPEN); error_reporting($CFG->debug); if ($connection) { diff --git a/auth/nologin/auth.php b/auth/nologin/auth.php index 1ff8341094..baf9206228 100644 --- a/auth/nologin/auth.php +++ b/auth/nologin/auth.php @@ -63,16 +63,6 @@ class auth_plugin_nologin { return false; } - /** - * Returns the URL for changing the user's pw, or false if the default can - * be used. - * - * @return bool - */ - function change_password_url() { - return false; - } - /** * Prints a form for configuring this authentication plugin. * diff --git a/auth/none/auth.php b/auth/none/auth.php index 57c2b2a2f4..f7b8f0a9cb 100644 --- a/auth/none/auth.php +++ b/auth/none/auth.php @@ -87,13 +87,22 @@ class auth_plugin_none { } /** - * Returns the URL for changing the user's pw, or false if the default can + * Returns the URL for changing the user's pw, or empty if the default can * be used. * - * @return bool + * @return string */ function change_password_url() { - return false; + return ''; + } + + /** + * Returns true if plugin allows resetting of internal password. + * + * @return bool + */ + function can_reset_password() { + return true; } /** diff --git a/auth/pam/auth.php b/auth/pam/auth.php index 45ac727b1c..28d3c75034 100644 --- a/auth/pam/auth.php +++ b/auth/pam/auth.php @@ -57,8 +57,8 @@ class auth_plugin_pam { * Returns true if the username and password work and false if they are * wrong or don't exist. * - * @param string $username The username - * @param string $password The password + * @param string $username The username (with system magic quotes) + * @param string $password The password (with system magic quotes) * @return bool Authentication success or failure. */ function user_login ($username, $password) { @@ -70,7 +70,7 @@ class auth_plugin_pam { // call_time_pass_reference of errormessage is deprecated - throws warnings in multiauth //if (pam_auth($username, $password, &$errormessage)) { - if (pam_auth($username, $password)) { + if (pam_auth(stripslashes($username), strislashes($password))) { return true; } else { diff --git a/auth/pop3/auth.php b/auth/pop3/auth.php index 7927b06c06..431d20796a 100644 --- a/auth/pop3/auth.php +++ b/auth/pop3/auth.php @@ -37,8 +37,8 @@ class auth_plugin_pop3 { * Returns true if the username and password work and false if they are * wrong or don't exist. * - * @param string $username The username - * @param string $password The password + * @param string $username The username (with system magic quotes) + * @param string $password The password (with system magic quotes) * @return bool Authentication success or failure. */ function user_login($username, $password) { @@ -72,7 +72,7 @@ class auth_plugin_pop3 { } error_reporting(0); - $connection = imap_open($host, $username, $password); + $connection = imap_open($host, stripslashes($username), stripslashes($password)); error_reporting($CFG->debug); if ($connection) { @@ -99,7 +99,7 @@ class auth_plugin_pop3 { * @return bool */ function can_change_password() { - return false; + return !empty($this->config->changepasswordurl); } /** @@ -109,8 +109,7 @@ class auth_plugin_pop3 { * @return bool */ function change_password_url() { - return $CFG->changepasswordurl; // TODO: will this be global? - //return $this->config->changepasswordurl; + return $this->config->changepasswordurl; } /** diff --git a/auth/radius/auth.php b/auth/radius/auth.php index 1f30f0f1b4..7f1776aeaf 100644 --- a/auth/radius/auth.php +++ b/auth/radius/auth.php @@ -38,8 +38,8 @@ class auth_plugin_radius { * Returns true if the username and password work and false if they are * wrong or don't exist. * - * @param string $username The username - * @param string $password The password + * @param string $username The username (with system magic quotes) + * @param string $password The password (with system magic quotes) * @return bool Authentication success or failure. */ function user_login ($username, $password) { @@ -52,7 +52,7 @@ class auth_plugin_radius { // printf("nasport: $this->config->nasport
"); // printf("secret: $this->config->secret
"); - $rauth = new Auth_RADIUS_PAP($username, $password); + $rauth = new Auth_RADIUS_PAP(stripslashes($username), stripslashes($password)); $rauth->addServer($this->config->host, $this->config->nasport, $this->config->secret); if (!$rauth->start()) { diff --git a/auth/shibboleth/auth.php b/auth/shibboleth/auth.php index 7450f7a828..eb759428de 100644 --- a/auth/shibboleth/auth.php +++ b/auth/shibboleth/auth.php @@ -43,8 +43,8 @@ class auth_plugin_shibboleth { * Returns true if the username and password work and false if they are * wrong or don't exist. * - * @param string $username The username - * @param string $password The password + * @param string $username The username (with system magic quotes) + * @param string $password The password (with system magic quotes) * @return bool Authentication success or failure. */ function user_login($username, $password) { @@ -78,11 +78,7 @@ class auth_plugin_shibboleth { $search_attribs = array(); foreach ($attrmap as $key=>$value) { - if (!empty($CFG->unicodedb)) { - $result[$key] = $this->get_first_string($_SERVER[$value]); - } else { - $result[$key] = $this->get_first_string(utf8_decode($_SERVER[$value])); - } + $result[$key] = $this->get_first_string($_SERVER[$value]); } // Provide an API to modify the information to fit the Moodle internal -- 2.39.5