diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2006-06-16 16:54:51 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2006-06-16 16:54:51 +0000 |
| commit | b0c3e3958220c04cbb4f25f0c24b53b65a34e360 (patch) | |
| tree | 6c23cb4352a297b4dade2b3a1aa6706b89a53c82 /phpBB/includes/auth | |
| parent | a3c9182e0f9efeb193f5ef682d1945382f234eb3 (diff) | |
| download | forums-b0c3e3958220c04cbb4f25f0c24b53b65a34e360.tar forums-b0c3e3958220c04cbb4f25f0c24b53b65a34e360.tar.gz forums-b0c3e3958220c04cbb4f25f0c24b53b65a34e360.tar.bz2 forums-b0c3e3958220c04cbb4f25f0c24b53b65a34e360.tar.xz forums-b0c3e3958220c04cbb4f25f0c24b53b65a34e360.zip | |
- removed db cache (might re-appear, but for now we do not see the need for it)
- all changes to styles/subsilver/template are purely cosmetic (no functional changes)
- cosmetics
- bugfixes
- add index to modules table
- use modules ordering code for forums too
git-svn-id: file:///svn/phpbb/trunk@6073 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/auth')
| -rw-r--r-- | phpBB/includes/auth/auth_apache.php | 11 | ||||
| -rw-r--r-- | phpBB/includes/auth/auth_db.php | 12 | ||||
| -rw-r--r-- | phpBB/includes/auth/auth_ldap.php | 15 |
3 files changed, 22 insertions, 16 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index ac362bdeb0..410bf1abdb 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -28,7 +28,7 @@ function login_apache(&$username, &$password) $php_auth_user = $_SERVER['PHP_AUTH_USER']; $php_auth_pw = $_SERVER['PHP_AUTH_PW']; - if ((!empty($php_auth_user)) && (!empty($php_auth_pw))) + if (!empty($php_auth_user) && !empty($php_auth_pw)) { $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " @@ -85,16 +85,17 @@ function autologin_apache() $php_auth_user = $_SERVER['PHP_AUTH_USER']; $php_auth_pw = $_SERVER['PHP_AUTH_PW']; - if ((!empty($php_auth_user)) && (!empty($php_auth_pw))) + if (!empty($php_auth_user) && !empty($php_auth_pw)) { $sql = 'SELECT * FROM ' . USERS_TABLE . " WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if ($row = $db->sql_fetchrow($result)) + if ($row) { - $db->sql_freeresult($result); return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row; } } @@ -109,7 +110,7 @@ function autologin_apache() */ function validate_session_apache(&$user) { - return ($_SERVER['PHP_AUTH_USER'] == $user['username']) ? true : false; + return ($_SERVER['PHP_AUTH_USER'] === $user['username']) ? true : false; } ?>
\ No newline at end of file diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php index 071b61fdfe..55465ab762 100644 --- a/phpBB/includes/auth/auth_db.php +++ b/phpBB/includes/auth/auth_db.php @@ -103,7 +103,10 @@ function login_db(&$username, &$password) if (md5($password) == $row['user_password']) { // Successful, reset login attempts (the user passed all stages) - $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_attempts = 0 WHERE user_id = ' . $row['user_id']); + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = 0 + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); // User inactive... if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) @@ -124,8 +127,11 @@ function login_db(&$username, &$password) } // Password incorrect - increase login attempts - $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_attempts = user_login_attempts + 1 WHERE user_id = ' . $row['user_id']); - + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = user_login_attempts + 1 + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); + // Give status about wrong password... return array( 'status' => LOGIN_ERROR_PASSWORD, diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index e6d783313f..e9b87bcf44 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -20,13 +20,15 @@ */ /** +* Connect to ldap server * Only allow changing authentication to ldap if we can connect to the ldap server +* Called in acp_board while setting authentication plugins */ function init_ldap() { global $config, $user; - if (!extension_loaded('ldap')) + if (!@extension_loaded('ldap')) { return $user->lang['LDAP_NO_LDAP_EXTENSION']; } @@ -38,13 +40,10 @@ function init_ldap() @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); - // We'll get a notice here that we don't want, if we cannot connect to the server. // ldap_connect only checks whether the specified server is valid, so the connection might still fail - ob_start(); - $search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $user->data['username'], array($config['ldap_uid'])); - if (ob_get_clean()) + if ($search === false) { return $user->lang['LDAP_NO_SERVER_CONNECTION']; } @@ -68,7 +67,7 @@ function login_ldap(&$username, &$password) { global $db, $config; - if (!extension_loaded('ldap')) + if (!@extension_loaded('ldap')) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -115,7 +114,7 @@ function login_ldap(&$username, &$password) 'user_row' => $row, ); } - + // Successful login... set user_login_attempts to zero... return array( 'status' => LOGIN_SUCCESS, @@ -155,7 +154,7 @@ function admin_ldap(&$new) global $user; /** - * @todo Using same approach with cfg_build_template? + * @todo Using same approach as with cfg_build_template? */ $tpl = ' |