From 6df6eb0e601d459544b0cbcee063cf19c01bb37d Mon Sep 17 00:00:00 2001
From: Meik Sievertsen <acydburn@phpbb.com>
Date: Sat, 1 Jul 2006 19:11:52 +0000
Subject: - add additional auth check to the permission roles modules - added
new function to return globally used expressions
(get_preg_expression($mode)). This should be very helpful in getting wide
spread similar checks (regular expressions) to one place reducing the risk of
forgetting to change every location if you fix one. ;) We will add additional
ones later, at the moment only the email check is retrieved... - added
"active module" var to the module class returning the current active module -
changed call to image magick - add administrator to global moderators group
by default - extend auth_option column a little bit - other bugfixes
git-svn-id: file:///svn/phpbb/trunk@6135 89ea8834-ac86-4346-8a33-228a782c2dd0
---
phpBB/includes/functions.php | 38 +++++++++++++++++++++++++++++---------
1 file changed, 29 insertions(+), 9 deletions(-)
(limited to 'phpBB/includes/functions.php')
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 0ed9e924ea..4f62fa3100 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -1515,7 +1515,11 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
if ($admin && !$auth->acl_get('a_'))
{
// Not authd
- add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
+ // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions
+ if ($user->data['is_registered'])
+ {
+ add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
+ }
trigger_error('NO_AUTH_ADMIN');
}
@@ -1548,7 +1552,12 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
}
else
{
- add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
+ // Only log the failed attempt if a real user tried to.
+ // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions
+ if ($user->data['is_registered'])
+ {
+ add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
+ }
}
}
@@ -1566,12 +1575,6 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
trigger_error($message . '<br /><br />' . sprintf($l_redirect, '<a href="' . $redirect . '">', '</a>'));
}
- // The user wanted to re-authenticate, but something failed - log this
- if ($admin)
- {
- add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
- }
-
// Something failed, determine what...
if ($result['status'] == LOGIN_BREAK)
{
@@ -1950,7 +1953,7 @@ function make_clickable($text, $server_url = false)
$magic_url_replace[] = "'\$1<!-- w --><a href=\"http://\$2\" target=\"_blank\">' . ((strlen('\$2') > 55) ? substr(str_replace('&', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&', '&', '\$2'), -10) : '\$2') . '</a><!-- w -->'";
// matches an email@domain type address at the start of a line, or after a space or after what might be a BBCode.
- $magic_url_match[] = '#(^|[\n ]|\()([a-z0-9&\-_.]+?@[\w\-]+\.(?:[\w\-\.]+\.)?[\w]+)#ie';
+ $magic_url_match[] = '/(^|[\n ]|\()(' . get_preg_expression('email') . ')/ie';
$magic_url_replace[] = "'\$1<!-- e --><a href=\"mailto:\$2\">' . ((strlen('\$2') > 55) ? substr('\$2', 0, 39) . ' ... ' . substr('\$2', -10) : '\$2') . '</a><!-- e -->'";
}
@@ -2254,6 +2257,23 @@ function get_backtrace()
return $output;
}
+/**
+* This function returns a regular expression pattern for commonly used expressions
+* Use with / as delimiter
+* mode can be: email|
+*/
+function get_preg_expression($mode)
+{
+ switch ($mode)
+ {
+ case 'email':
+ return '[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+';
+ break;
+ }
+
+ return '';
+}
+
// Handler, header and footer
/**
--
cgit v1.2.1