[phpwiki-checkins] SF.net SVN: phpwiki:[11156] trunk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 11156
          http://sourceforge.net/p/phpwiki/code/11156
Author:   carstenklapp
Date:     2025-02-21 01:50:21 +0000 (Fri, 21 Feb 2025)
Log Message:
-----------
Rolled back unfished crypt changes. Merged in user submitted patch, fixed some lines not being commented out in output. Fixed numeric values not being commented out when equal to default.

Modified Paths:
--------------
    trunk/config/config-default.ini
    trunk/configurator.php

Modified: trunk/config/config-default.ini
===================================================================

--- trunk/config/config-default.ini	2025-02-20 00:31:17 UTC (rev 11155)
+++ trunk/config/config-default.ini	2025-02-21 01:50:21 UTC (rev 11156)
@@ -113,5 +113,3 @@
 PLUGIN_CACHED_USECACHE = true
 PLUGIN_CACHED_FORCE_SYNCMAP = true
 PLUGIN_CACHED_IMGTYPES = "png|gif|gd|gd2|jpeg|wbmp|xbm|xpm"
-ADMIN_USER = "AdminUser"
-ADMIN_PASSWD = "password"

Modified: trunk/configurator.php
===================================================================
--- trunk/configurator.php	2025-02-20 00:31:17 UTC (rev 11155)
+++ trunk/configurator.php	2025-02-21 01:50:21 UTC (rev 11156)
@@ -1,4 +1,7 @@
 <?php
+// defining these 2 here is a temporary fix
+if (!defined('ADMIN_USER')) define('ADMIN_USER', '');
+if (!defined('ADMIN_PASSWD')) define('ADMIN_PASSWD', '');
 /**
  * Copyright © 2002,2003,2005,2008-2010 $ThePhpWikiProgrammingTeam
  * Copyright © 2002 Martin Geisler <gim...@gi...>
@@ -172,15 +175,8 @@
     }
     // check password
     if (ENCRYPTED_PASSWD) {
-        if (!function_exists('DEBUGpassword_hash')) {
-            if (crypt($admin_pw, ADMIN_PASSWD) != ADMIN_PASSWD) {
-                _http_logout();
-            }
-        } else {
-            $verified=password_verify($admin_pw, ADMIN_PASSWD);
-            if (!$verified) {
-                _http_logout();
-            }
+        if (crypt($admin_pw, ADMIN_PASSWD) != ADMIN_PASSWD) {
+            _http_logout();
         }
     } elseif ($admin_pw != ADMIN_PASSWD) {
         _http_logout();
@@ -617,7 +613,8 @@
     new numeric_define_optional('MINOR_EDIT_TIMEOUT', MINOR_EDIT_TIMEOUT);
 
 $properties["Disabled Actions"] =
-    new array_define('DISABLED_ACTIONS', array("dumpserial", "loadfile"), "Actions listed in this array will not be allowed.  The complete list
+    new array_define('DISABLED_ACTIONS', array("dumpserial", "loadfile"), "
+Actions listed in this array will not be allowed.  The complete list
 of actions can be found in lib/main.php with the function
 getActionDescription.
 
@@ -872,7 +869,7 @@
     );
 
 $properties["dba timeout"] =
-    new numeric_define("DATABASE_TIMEOUT", DATABASE_TIMEOUT, "
+    new numeric_define_optional("DATABASE_TIMEOUT", DATABASE_TIMEOUT, "
 Recommended values are 10-20 seconds. The more load the server has, the higher the timeout.");
 
 $properties["DATABASE_OPTIMISE_FREQUENCY"] =
@@ -966,7 +963,7 @@
     new boolean_define('ENABLE_AUTH_OPENID');
 
 $properties["PASSWORD_LENGTH_MINIMUM"] =
-    new numeric_define('PASSWORD_LENGTH_MINIMUM', PASSWORD_LENGTH_MINIMUM);
+    new numeric_define_optional('PASSWORD_LENGTH_MINIMUM', PASSWORD_LENGTH_MINIMUM);
 
 $properties["USER_AUTH_POLICY"] =
     new _define_selection(
@@ -1468,19 +1465,8 @@
 $properties["Data Path"] =
     new _define_commented_optional('DATA_PATH', dirname($scriptname));
 
-
-    if (defined('PHPWIKI_DIR')) {
-        $phpwiki_dir = PHPWIKI_DIR;
-    } else {
-        if (substr(PHP_OS, 0, 3) == 'WIN') {
-            $phpwiki_dir = dirname(__FILE__);
-            $phpwiki_dir = strtr($phpwiki_dir, '\\', '/');
-        } else {
-            $phpwiki_dir = dirname(__FILE__);
-        }
-    }
 $properties["PhpWiki Install Directory"] =
-    new _define_commented_optional('PHPWIKI_DIR', $phpwiki_dir);
+    new _define_commented_optional('PHPWIKI_DIR', dirname(__FILE__));
 
 $properties["Use PATH_INFO"] =
     new _define_selection_optional_commented(
@@ -1535,11 +1521,7 @@
 $upload_data_path = defined('UPLOAD_DATA_PATH') ? UPLOAD_DATA_PATH : getUploadDataPath();
 new _define_optional('UPLOAD_DATA_PATH', $temp);
 
-$temp = !empty($_ENV['TEMP']) ? $_ENV['TEMP'] : "/tmp";//fixme: check for existing TEMP_DIR constant
-
-if (substr(PHP_OS, 0, 3) == 'WIN') {
-    $temp = strtr($temp, '\\', '/');
-}
+$temp = !empty($_ENV['TEMP']) ? $_ENV['TEMP'] : "/tmp";
 $properties["TEMP_DIR"] =
     new _define_optional('TEMP_DIR', $temp);
 
@@ -1547,7 +1529,10 @@
     new _define_commented_optional(
         'ALLOWED_LOAD',
         '/tmp',
-        ';List of directories from which it is allowed to load pages. Directories are separated with ":"'
+        '
+List of directories from which it is allowed to load pages. Directories
+are separated with ":"
+'
     );
 
 ///////////////////
@@ -2016,6 +2001,21 @@
 
 class numeric_define_optional extends numeric_define
 {
+/////////////////
+    public function _get_config_line($posted_value)
+    {
+        $n = "";
+        if ($this->description) {
+            $n = "\n";
+        }
+        if ($posted_value == $this->default_value) {
+            return "$n;" . $this->_config_format($posted_value);
+        } elseif ($posted_value == '') {
+            return "$n;" . $this->_config_format('0');
+        } else {
+            return "$n" . $this->_config_format($posted_value);
+        }
+    }
 }
 
 class numeric_define_commented extends numeric_define
@@ -2093,15 +2093,6 @@
             $p .= "\n;ENCRYPTED_PASSWD = true";
             return $p;
         } else {
-            // generate an encrypted password
-            $crypt_pass = $this->__makeencrypted($posted_value);
-            $p = "$n" . $this->_config_format($crypt_pass);
-            return $p . "\nENCRYPTED_PASSWD = true";
-        }
-    }
-    private function __makeencrypted($password)
-    {
-        if (!function_exists('DEBUGpassword_hash')) {
             $salt_length = max(
                 CRYPT_SALT_LENGTH,
                 2 * CRYPT_STD_DES,
@@ -2110,14 +2101,11 @@
                 16 * CRYPT_BLOWFISH
             );
             // generate an encrypted password
-            $crypt_pass = crypt($password, rand_ascii($salt_length));
-            return $crypt_pass;
-        } else {
-            $crypt_pass = password_hash($password, PASSWORD_DEFAULT);
-            return $crypt_pass;
+            $crypt_pass = crypt($posted_value, rand_ascii($salt_length));
+            $p = "$n" . $this->_config_format($crypt_pass);
+            return $p . "\nENCRYPTED_PASSWD = true";
         }
     }
-
 }
 
 class _define_password_optional extends _define_password
@@ -2571,17 +2559,20 @@
 
     $config .= $end;
 
-    $new_filename='';
-    // We first check if the config-file exists.
-    if (file_exists($fs_config_file)) {
-        // We make a backup copy of the file
-        $new_filename = preg_replace('/\.ini$/', '-' . time() . '.ini', $fs_config_file);
-        if (copy($fs_config_file, $new_filename)) {
-            $fp = fopen($fs_config_file, 'w');
+    $new_filename = '';
+    if (is_writable(dirname($fs_config_file))) {
+        // We first check if the config-file exists.
+        if (file_exists($fs_config_file)) {
+            // We make a backup copy of the file
+            $new_filename = preg_replace('/\.ini$/', '-' . time() . '.ini', $fs_config_file);
+            if (@copy($fs_config_file, $new_filename)) {
+                $fp = @fopen($fs_config_file, 'w');
+            }
+        } else {
+            $fp = @fopen($fs_config_file, 'w');
         }
     } else {
-        $fp = fopen($fs_config_file, 'w');
-
+        $fp = false;
     }
 
     if ($fp) {

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



