Update of /cvsroot/phpicalendar/phpicalendar/functions
In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv3514/functions
Modified Files:
calendar_functions.php init.inc.php
Log Message:
obfuscate list_webcals links to hide user:pass (bug 1819552)
Index: calendar_functions.php
===================================================================
RCS file: /cvsroot/phpicalendar/phpicalendar/functions/calendar_functions.php,v
retrieving revision 1.31
retrieving revision 1.32
diff -C2 -d -r1.31 -r1.32
*** calendar_functions.php 28 Dec 2008 10:50:58 -0000 1.31
--- calendar_functions.php 28 Dec 2008 11:55:43 -0000 1.32
***************
*** 185,189 ****
// $cals = The calendars (entire path, e.g. from availableCalendars).
function display_ical_list($cals, $pick=FALSE) {
! global $cal, $current_view, $getdate, $lang, $calendar_lang, $all_cal_comb_lang, $cal_filelist, $cal_displaynames, $phpiCal_config;
// Print each calendar option.
$return = '';
--- 185,189 ----
// $cals = The calendars (entire path, e.g. from availableCalendars).
function display_ical_list($cals, $pick=FALSE) {
! global $cal, $current_view, $getdate, $lang, $calendar_lang, $all_cal_comb_lang, $cal_filelist, $cal_displaynames, $list_webcals, $phpiCal_config;
// Print each calendar option.
$return = '';
***************
*** 194,198 ****
// and remove the .ics suffix.
$cal_displayname_tmp = getCalendarName($cal_tmp);
! $cal_displayname_tmp = str_replace("32", " ", $cal_displayname_tmp);
#overwrite the display name if we already have a real name
if (is_numeric(array_search($cal_tmp, $cal_filelist))){
--- 194,198 ----
// and remove the .ics suffix.
$cal_displayname_tmp = getCalendarName($cal_tmp);
! #$cal_displayname_tmp = str_replace("32", " ", $cal_displayname_tmp);
#overwrite the display name if we already have a real name
if (is_numeric(array_search($cal_tmp, $cal_filelist))){
***************
*** 200,206 ****
}else{
# pull the name from the $cal_tmp file
! $cal_tmp = str_replace('webcal://','http://',$cal_tmp);
! $ifile = @fopen($cal_tmp, "r");
if ($ifile == FALSE) exit(error($lang['l_error_cantopen'], $cal_tmp));
while (!feof($ifile)) {
--- 200,206 ----
}else{
# pull the name from the $cal_tmp file
! $cal_tmp2 = str_replace('webcal://','http://',$cal_tmp);
! $ifile = @fopen($cal_tmp2, "r");
if ($ifile == FALSE) exit(error($lang['l_error_cantopen'], $cal_tmp));
while (!feof($ifile)) {
***************
*** 242,246 ****
// Encode the calendar path.
$cal_encoded_tmp = urlencode($cal_tmp);
!
// Display the option.
//
--- 242,248 ----
// Encode the calendar path.
$cal_encoded_tmp = urlencode($cal_tmp);
! if(in_array($cal_tmp, $list_webcals)){
! $cal_encoded_tmp = md5($phpiCal_config->salt.$cal_tmp);;
! }
// Display the option.
//
Index: init.inc.php
===================================================================
RCS file: /cvsroot/phpicalendar/phpicalendar/functions/init.inc.php,v
retrieving revision 1.117
retrieving revision 1.118
diff -C2 -d -r1.117 -r1.118
*** init.inc.php 28 Dec 2008 10:50:58 -0000 1.117
--- init.inc.php 28 Dec 2008 11:55:43 -0000 1.118
***************
*** 67,70 ****
--- 67,74 ----
$local_cals = array();
foreach ($cal_filenames as $cal_filename) {
+ # substitute for md5-obscured list_webcals
+ foreach ($list_webcals as $tmp_cal){
+ if($cal_filename == md5($phpiCal_config->salt.$tmp_cal)) $cal_filename = $tmp_cal;
+ }
// If the calendar identifier begins with a web protocol, this is a web
// calendar.
***************
*** 108,112 ****
$cal_httpsPrefix = str_replace('webcal://','https://',$web_cal);
$cal_httpsPrefix = str_replace('http://','https://',$web_cal);
- $web_cal = $cal_httpPrefix;
// We can only include this web calendar if we allow all web calendars
--- 112,115 ----
***************
*** 126,129 ****
--- 129,136 ----
// FIXME
+ echo "$web_cal<br>";
+ if(in_array($web_cal, $list_webcals)){
+ $web_cal = md5($phpiCal_config->salt.$web_cal);
+ }
$cals[] = urlencode($web_cal);
//$filename = $cal_filename;
***************
*** 131,134 ****
--- 138,142 ----
// Add the webcal to the available calendars.
+ $web_cal = $cal_httpPrefix;
$cal_filelist[] = $web_cal;
}
|
