From: <car...@us...> - 2025-02-21 01:50:24
|
Revision: 11156 http://sourceforge.net/p/phpwiki/code/11156 Author: carstenklapp Date: 2025-02-21 01:50:21 +0000 (Fri, 21 Feb 2025) Log Message: ----------- Rolled back unfished crypt changes. Merged in user submitted patch, fixed some lines not being commented out in output. Fixed numeric values not being commented out when equal to default. Modified Paths: -------------- trunk/config/config-default.ini trunk/configurator.php Modified: trunk/config/config-default.ini =================================================================== --- trunk/config/config-default.ini 2025-02-20 00:31:17 UTC (rev 11155) +++ trunk/config/config-default.ini 2025-02-21 01:50:21 UTC (rev 11156) @@ -113,5 +113,3 @@ PLUGIN_CACHED_USECACHE = true PLUGIN_CACHED_FORCE_SYNCMAP = true PLUGIN_CACHED_IMGTYPES = "png|gif|gd|gd2|jpeg|wbmp|xbm|xpm" -ADMIN_USER = "AdminUser" -ADMIN_PASSWD = "password" Modified: trunk/configurator.php =================================================================== --- trunk/configurator.php 2025-02-20 00:31:17 UTC (rev 11155) +++ trunk/configurator.php 2025-02-21 01:50:21 UTC (rev 11156) @@ -1,4 +1,7 @@ <?php +// defining these 2 here is a temporary fix +if (!defined('ADMIN_USER')) define('ADMIN_USER', ''); +if (!defined('ADMIN_PASSWD')) define('ADMIN_PASSWD', ''); /** * Copyright © 2002,2003,2005,2008-2010 $ThePhpWikiProgrammingTeam * Copyright © 2002 Martin Geisler <gim...@gi...> @@ -172,15 +175,8 @@ } // check password if (ENCRYPTED_PASSWD) { - if (!function_exists('DEBUGpassword_hash')) { - if (crypt($admin_pw, ADMIN_PASSWD) != ADMIN_PASSWD) { - _http_logout(); - } - } else { - $verified=password_verify($admin_pw, ADMIN_PASSWD); - if (!$verified) { - _http_logout(); - } + if (crypt($admin_pw, ADMIN_PASSWD) != ADMIN_PASSWD) { + _http_logout(); } } elseif ($admin_pw != ADMIN_PASSWD) { _http_logout(); @@ -617,7 +613,8 @@ new numeric_define_optional('MINOR_EDIT_TIMEOUT', MINOR_EDIT_TIMEOUT); $properties["Disabled Actions"] = - new array_define('DISABLED_ACTIONS', array("dumpserial", "loadfile"), "Actions listed in this array will not be allowed. The complete list + new array_define('DISABLED_ACTIONS', array("dumpserial", "loadfile"), " +Actions listed in this array will not be allowed. The complete list of actions can be found in lib/main.php with the function getActionDescription. @@ -872,7 +869,7 @@ ); $properties["dba timeout"] = - new numeric_define("DATABASE_TIMEOUT", DATABASE_TIMEOUT, " + new numeric_define_optional("DATABASE_TIMEOUT", DATABASE_TIMEOUT, " Recommended values are 10-20 seconds. The more load the server has, the higher the timeout."); $properties["DATABASE_OPTIMISE_FREQUENCY"] = @@ -966,7 +963,7 @@ new boolean_define('ENABLE_AUTH_OPENID'); $properties["PASSWORD_LENGTH_MINIMUM"] = - new numeric_define('PASSWORD_LENGTH_MINIMUM', PASSWORD_LENGTH_MINIMUM); + new numeric_define_optional('PASSWORD_LENGTH_MINIMUM', PASSWORD_LENGTH_MINIMUM); $properties["USER_AUTH_POLICY"] = new _define_selection( @@ -1468,19 +1465,8 @@ $properties["Data Path"] = new _define_commented_optional('DATA_PATH', dirname($scriptname)); - - if (defined('PHPWIKI_DIR')) { - $phpwiki_dir = PHPWIKI_DIR; - } else { - if (substr(PHP_OS, 0, 3) == 'WIN') { - $phpwiki_dir = dirname(__FILE__); - $phpwiki_dir = strtr($phpwiki_dir, '\\', '/'); - } else { - $phpwiki_dir = dirname(__FILE__); - } - } $properties["PhpWiki Install Directory"] = - new _define_commented_optional('PHPWIKI_DIR', $phpwiki_dir); + new _define_commented_optional('PHPWIKI_DIR', dirname(__FILE__)); $properties["Use PATH_INFO"] = new _define_selection_optional_commented( @@ -1535,11 +1521,7 @@ $upload_data_path = defined('UPLOAD_DATA_PATH') ? UPLOAD_DATA_PATH : getUploadDataPath(); new _define_optional('UPLOAD_DATA_PATH', $temp); -$temp = !empty($_ENV['TEMP']) ? $_ENV['TEMP'] : "/tmp";//fixme: check for existing TEMP_DIR constant - -if (substr(PHP_OS, 0, 3) == 'WIN') { - $temp = strtr($temp, '\\', '/'); -} +$temp = !empty($_ENV['TEMP']) ? $_ENV['TEMP'] : "/tmp"; $properties["TEMP_DIR"] = new _define_optional('TEMP_DIR', $temp); @@ -1547,7 +1529,10 @@ new _define_commented_optional( 'ALLOWED_LOAD', '/tmp', - ';List of directories from which it is allowed to load pages. Directories are separated with ":"' + ' +List of directories from which it is allowed to load pages. Directories +are separated with ":" +' ); /////////////////// @@ -2016,6 +2001,21 @@ class numeric_define_optional extends numeric_define { +///////////////// + public function _get_config_line($posted_value) + { + $n = ""; + if ($this->description) { + $n = "\n"; + } + if ($posted_value == $this->default_value) { + return "$n;" . $this->_config_format($posted_value); + } elseif ($posted_value == '') { + return "$n;" . $this->_config_format('0'); + } else { + return "$n" . $this->_config_format($posted_value); + } + } } class numeric_define_commented extends numeric_define @@ -2093,15 +2093,6 @@ $p .= "\n;ENCRYPTED_PASSWD = true"; return $p; } else { - // generate an encrypted password - $crypt_pass = $this->__makeencrypted($posted_value); - $p = "$n" . $this->_config_format($crypt_pass); - return $p . "\nENCRYPTED_PASSWD = true"; - } - } - private function __makeencrypted($password) - { - if (!function_exists('DEBUGpassword_hash')) { $salt_length = max( CRYPT_SALT_LENGTH, 2 * CRYPT_STD_DES, @@ -2110,14 +2101,11 @@ 16 * CRYPT_BLOWFISH ); // generate an encrypted password - $crypt_pass = crypt($password, rand_ascii($salt_length)); - return $crypt_pass; - } else { - $crypt_pass = password_hash($password, PASSWORD_DEFAULT); - return $crypt_pass; + $crypt_pass = crypt($posted_value, rand_ascii($salt_length)); + $p = "$n" . $this->_config_format($crypt_pass); + return $p . "\nENCRYPTED_PASSWD = true"; } } - } class _define_password_optional extends _define_password @@ -2571,17 +2559,20 @@ $config .= $end; - $new_filename=''; - // We first check if the config-file exists. - if (file_exists($fs_config_file)) { - // We make a backup copy of the file - $new_filename = preg_replace('/\.ini$/', '-' . time() . '.ini', $fs_config_file); - if (copy($fs_config_file, $new_filename)) { - $fp = fopen($fs_config_file, 'w'); + $new_filename = ''; + if (is_writable(dirname($fs_config_file))) { + // We first check if the config-file exists. + if (file_exists($fs_config_file)) { + // We make a backup copy of the file + $new_filename = preg_replace('/\.ini$/', '-' . time() . '.ini', $fs_config_file); + if (@copy($fs_config_file, $new_filename)) { + $fp = @fopen($fs_config_file, 'w'); + } + } else { + $fp = @fopen($fs_config_file, 'w'); } } else { - $fp = fopen($fs_config_file, 'w'); - + $fp = false; } if ($fp) { This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |