From 433de350c0fa2e1e09c23e6f5f29f118222d2df8 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 20 Jun 2009 18:45:16 +0000 Subject: - [Feature] New "Newly Registered Users" group for assigning permissions to newly registered users. They will be removed from this group once they reach a defineable amount of posts. - [Feature] Ability to define if the "Newly Registered Users" group will be assigned as the default group to newly registered users. As a coincidence also Bug #46535 got fixed. Additionally the error message displayed with trigger_error() if accessing the private message tab in the ucp is now displayed inline in addition to a slightly different message for newly registered users to let them know that access permissions may be lifted over time. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9636 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 1 + 1 file changed, 1 insertion(+) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index d49662fb2d..11c62ad0bc 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -227,6 +227,7 @@ function login_ldap(&$username, &$password) 'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, 'user_ip' => $user->ip, + 'user_new' => ($config['new_member_post_limit']) ? 1 : 0, ); unset($ldap_result); -- cgit v1.2.1 From 5f6db9584c4b2594c437a07c0ecd60390ff39d5e Mon Sep 17 00:00:00 2001 From: Chris Smith Date: Fri, 17 Jul 2009 13:21:03 +0000 Subject: Correct escaping/unescaping in the LDAP authentication plugin. #48175 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9769 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 11c62ad0bc..b70e644b14 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -63,9 +63,11 @@ function init_ldap() // ldap_connect only checks whether the specified server is valid, so the connection might still fail $search = @ldap_search( $ldap, - $config['ldap_base_dn'], + htmlspecialchars_decode($config['ldap_base_dn']), ldap_user_filter($user->data['username']), - (empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']), + (empty($config['ldap_email'])) ? + array(htmlspecialchars_decode($config['ldap_uid'])) : + array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), 0, 1 ); @@ -85,7 +87,7 @@ function init_ldap() return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); } - if (!empty($config['ldap_email']) && !isset($result[0][$config['ldap_email']])) + if (!empty($config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($config['ldap_email'])])) { return $user->lang['LDAP_NO_EMAIL']; } @@ -152,7 +154,7 @@ function login_ldap(&$username, &$password) if ($config['ldap_user'] || $config['ldap_password']) { - if (!@ldap_bind($ldap, $config['ldap_user'], htmlspecialchars_decode($config['ldap_password']))) + if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) { return $user->lang['LDAP_NO_SERVER_CONNECTION']; } @@ -160,9 +162,11 @@ function login_ldap(&$username, &$password) $search = @ldap_search( $ldap, - $config['ldap_base_dn'], + htmlspecialchars_decode($config['ldap_base_dn']), ldap_user_filter($username), - (empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']), + (empty($config['ldap_email'])) ? + array(htmlspecialchars_decode($config['ldap_uid'])) : + array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), 0, 1 ); @@ -223,7 +227,7 @@ function login_ldap(&$username, &$password) $ldap_user_row = array( 'username' => $username, 'user_password' => phpbb_hash($password), - 'user_email' => (!empty($config['ldap_email'])) ? $ldap_result[0][$config['ldap_email']][0] : '', + 'user_email' => (!empty($config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($config['ldap_email'])][0]) : '', 'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, 'user_ip' => $user->ip, -- cgit v1.2.1 From 94e29c3c170a1fd1e6c2794090232220ecb2d5f4 Mon Sep 17 00:00:00 2001 From: Chris Smith Date: Sat, 18 Jul 2009 21:20:20 +0000 Subject: Fix #45315 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9783 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index b70e644b14..a6092baba5 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -281,7 +281,8 @@ function ldap_user_filter($username) $filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')'; if ($config['ldap_user_filter']) { - $filter = "(&$filter({$config['ldap_user_filter']}))"; + $_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})"; + $filter = "(&{$filter}{$_filter})"; } return $filter; } -- cgit v1.2.1