xingcheng
/
FreshRSS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix calls to FreshRSS_Configuration

Browse Source 
Replaced by a get_user_configuration() function in lib_rss.
This function register a new configuration based on the given username
and return the corresponding configuration.

See https://github.com/FreshRSS/FreshRSS/issues/730
pull/749/head
Marien Fressinaud 10 years ago
parent 17a280230f
commit dd41642ce6
3 changed files with 37 additions and 21 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 33
      app/Controllers/authController.php
  2. 2
      app/Controllers/javascriptController.php
  3. 23
      lib/lib_rss.php

33
app/Controllers/authController.php
Unescape View File

@ -121,12 +121,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
$username = Minz_Request::param('username', ''); $username = Minz_Request::param('username', '');
$challenge = Minz_Request::param('challenge', ''); $challenge = Minz_Request::param('challenge', '');
// TODO #730: change the way to get the configuration $conf = get_user_configuration($username);
try { if (is_null($conf)) {
$conf = new FreshRSS_Configuration($username);
} catch(Minz_Exception $e) {
// $username is not a valid user, nor the configuration file!
Minz_Log::warning('Login failure: ' . $e->getMessage());
Minz_Request::bad(_t('feedback.auth.login.invalid'), Minz_Request::bad(_t('feedback.auth.login.invalid'),
array('c' => 'auth', 'a' => 'login')); array('c' => 'auth', 'a' => 'login'));
} }
@ -167,12 +163,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
return; return;
} }
// TODO #730: change the way to get the configuration $conf = get_user_configuration($username);
try { if (is_null($conf)) {
$conf = new FreshRSS_Configuration($username);
} catch(Minz_Exception $e) {
// $username is not a valid user, nor the configuration file!
Minz_Log::warning('Login failure: ' . $e->getMessage());
return; return;
} }
@ -240,14 +232,12 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
$persona_file = DATA_PATH . '/persona/' . $email . '.txt'; $persona_file = DATA_PATH . '/persona/' . $email . '.txt';
if (($current_user = @file_get_contents($persona_file)) !== false) { if (($current_user = @file_get_contents($persona_file)) !== false) {
$current_user = trim($current_user); $current_user = trim($current_user);
// TODO #730: change the way to get the configuration $conf = get_user_configuration($current_user);
try { if (!is_null($conf)) {
$conf = new FreshRSS_Configuration($current_user);
$login_ok = strcasecmp($email, $conf->mail_login) === 0; $login_ok = strcasecmp($email, $conf->mail_login) === 0;
} catch (Minz_Exception $e) { } else {
//Permission denied or conf file does not exist
$reason = 'Invalid configuration for user ' . $reason = 'Invalid configuration for user ' .
'[' . $current_user . '] ' . $e->getMessage(); '[' . $current_user . ']';
} }
} }
} else { } else {
@ -309,8 +299,11 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
return; return;
} }
// TODO #730 $conf = get_user_configuration(FreshRSS_Context::$system_conf->default_user);
$conf = new FreshRSS_Configuration(FreshRSS_Context::$system_conf->default_user); if (is_null($conf)) {
return;
}
// Admin user must have set its master password. // Admin user must have set its master password.
if (!$conf->passwordHash) { if (!$conf->passwordHash) {
$this->view->message = array( $this->view->message = array(

2
app/Controllers/javascriptController.php
Unescape View File

@ -29,7 +29,7 @@ class FreshRSS_javascript_Controller extends Minz_ActionController {
if (ctype_alnum($user)) { if (ctype_alnum($user)) {
try { try {
$salt = FreshRSS_Context::$system_conf->salt; $salt = FreshRSS_Context::$system_conf->salt;
$conf = new FreshRSS_Configuration($user); $conf = get_user_configuration($user);
$s = $conf->passwordHash; $s = $conf->passwordHash;
if (strlen($s) >= 60) { if (strlen($s) >= 60) {
$this->view->salt1 = substr($s, 0, 29); //CRYPT_BLOWFISH Salt: "$2a$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z". $this->view->salt1 = substr($s, 0, 29); //CRYPT_BLOWFISH Salt: "$2a$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z".

23
lib/lib_rss.php
Unescape View File

@ -237,6 +237,29 @@ function listUsers() {
return $final_list; return $final_list;
} }
/**
* Register and return the configuration for a given user.
*
* Note this function has been created to generate temporary configuration
* objects. If you need a long-time configuration, please don't use this function.
*
* @param $username the name of the user of which we want the configuration.
* @return a Minz_Configuration object, null if the configuration cannot be loaded.
*/
function get_user_configuration($username) {
$namespace = time() . '_user_' . $username;
try {
Minz_Configuration::register($namespace,
join_path(USERS_PATH, $username, 'config.php'),
join_path(USERS_PATH, '_', 'config.default.php'));
return Minz_Configuration::get($namespace);
} catch(Minz_ConfigurationException $e) {
return null;
}
}
function httpAuthUser() { function httpAuthUser() {
return isset($_SERVER['REMOTE_USER']) ? $_SERVER['REMOTE_USER'] : ''; return isset($_SERVER['REMOTE_USER']) ? $_SERVER['REMOTE_USER'] : '';
} }

Write Preview
Loading…
Cancel
Save