gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-09 13:06:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-4.3.x' into seeddms-5.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2016-08-10 08:38:33 +02:00
commit 79e7a2babe
6 changed files with 65 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG
View File

@ -50,6 +50,8 @@
- make UserView look similar to UserList - make UserView look similar to UserList
- log correct ip even after a reverse proxy (Closes #206) - log correct ip even after a reverse proxy (Closes #206)
- fix sql error in table creation if sql mode is set to STRICT_TRANS_TABLE - fix sql error in table creation if sql mode is set to STRICT_TRANS_TABLE
- menu entry 'Clear clipboard' will call ajax function and no longer
redirects to new page
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Changes in version 4.3.27 Changes in version 4.3.27

8
op/op.Ajax.php
View File

@ -223,6 +223,14 @@ switch($command) {
} }
break; /* }}} */ break; /* }}} */
case 'clearclipboard': /* {{{ */
if($user) {
$session->clearClipboard();
header('Content-Type: application/json');
echo json_encode(array('success'=>true, 'message'=>getMLText('splash_cleared_clipboard')));
}
break; /* }}} */
case 'movefolder': /* {{{ */ case 'movefolder': /* {{{ */
if($user) { if($user) {
if(!checkFormKey('movefolder', 'GET')) { if(!checkFormKey('movefolder', 'GET')) {

2
op/op.CreateDump.php
View File

@ -32,7 +32,7 @@ if (!$user->isAdmin()) {
} }
$v = new SeedDMS_Version; $v = new SeedDMS_Version;
$dump_name = $settings->_contentDir.date('Y-m-d\TH:i:s')."_".$v->_number.".sql"; $dump_name = $settings->_contentDir.date('Y-m-d\TH-i-s')."_".$v->_number.".sql";
if(!$dms->createDump($dump_name)) if(!$dms->createDump($dump_name))
UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));

58
op/op.Login.php
View File

@ -31,12 +31,12 @@ include("../inc/inc.ClassController.php");
include $settings->_rootDir . "languages/" . $settings->_language . "/lang.inc"; include $settings->_rootDir . "languages/" . $settings->_language . "/lang.inc";
function _printMessage($heading, $message) { function _printMessage($heading, $message) { /* {{{ */
global $dms, $theme; global $dms, $theme;
$view = UI::factory($theme, 'ErrorDlg', array('dms'=>$dms)); $view = UI::factory($theme, 'ErrorDlg', array('dms'=>$dms));
$view->exitError($heading, $message, true); $view->exitError($heading, $message, true);
return; return;
} } /* }}} */
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1]); $controller = Controller::factory($tmp[1]);
@ -63,6 +63,7 @@ if(isset($_POST['pwd'])) {
} }
} }
/* The password may only be empty if the guest user tries to log in */
if($settings->_enableGuestLogin && (int) $settings->_guestID) { if($settings->_enableGuestLogin && (int) $settings->_guestID) {
$guestUser = $dms->getUser((int) $settings->_guestID); $guestUser = $dms->getUser((int) $settings->_guestID);
if ((!isset($pwd) || strlen($pwd)==0) && ($login != $guestUser->getLogin())) { if ((!isset($pwd) || strlen($pwd)==0) && ($login != $guestUser->getLogin())) {
@ -87,8 +88,8 @@ if(isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
} }
} }
if (is_bool($user)) { /* Authenticate against LDAP server {{{ */
if (isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) { if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
if (isset($settings->_ldapPort) && is_int($settings->_ldapPort)) { if (isset($settings->_ldapPort) && is_int($settings->_ldapPort)) {
$ds = ldap_connect($settings->_ldapHost, $settings->_ldapPort); $ds = ldap_connect($settings->_ldapHost, $settings->_ldapPort);
} else { } else {
@ -152,11 +153,11 @@ if (isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
/* No do the actual authentication of the user */ /* No do the actual authentication of the user */
$bind = @ldap_bind($ds, $dn, $pwd); $bind = @ldap_bind($ds, $dn, $pwd);
$user = $dms->getUserByLogin($login);
if ($bind) { if ($bind) {
// Successfully authenticated. Now check to see if the user exists within // Successfully authenticated. Now check to see if the user exists within
// the database. If not, add them in if _restricted is not set, // the database. If not, add them in if _restricted is not set,
// but do not add their password. // but do not add their password.
$user = $dms->getUserByLogin($login);
if (is_bool($user) && !$settings->_restricted) { if (is_bool($user) && !$settings->_restricted) {
// Retrieve the user's LDAP information. // Retrieve the user's LDAP information.
if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) { if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
@ -172,46 +173,52 @@ if (isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
} }
} }
} }
if (!is_bool($user)) { } elseif($user) {
$userid = $user->getID(); $userid = $user->getID();
if($settings->_loginFailure) {
$failures = $user->addLoginFailure();
if($failures >= $settings->_loginFailure)
$user->setDisabled(true);
} }
$user = false;
} }
ldap_close($ds); ldap_close($ds);
} }
} } /* }}} */
}
if (is_bool($user)) { /* Authenticate against SeedDMS database {{{ */
else {
// //
// LDAP Authentication did not succeed or is not configured. Try internal // LDAP Authentication did not succeed or is not configured. Try internal
// authentication system. // authentication system.
// //
// Try to find user with given login. // Try to find user with given login.
$user = $dms->getUserByLogin($login); if($user = $dms->getUserByLogin($login)) {
if (!$user) { $userid = $user->getID();
_printMessage(getMLText("login_error_title"), getMLText("login_error_text"));
exit;
}
$userid = $user->getID();
if (($userid == $settings->_guestID) && (!$settings->_enableGuestLogin)) {
_printMessage(getMLText("login_error_title"), getMLText("guest_login_disabled"));
exit;
}
// Check if password matches (if not a guest user) // Check if password matches (if not a guest user)
// Assume that the password has been sent via HTTP POST. It would be careless // Assume that the password has been sent via HTTP POST. It would be careless
// (and dangerous) for passwords to be sent via GET. // (and dangerous) for passwords to be sent via GET.
if (($userid != $settings->_guestID) && (md5($pwd) != $user->getPwd()) || ($userid == $settings->_guestID) && $user->getPwd() && (md5($pwd) != $user->getPwd())) { if (($userid != $settings->_guestID) && (md5($pwd) != $user->getPwd()) || ($userid == $settings->_guestID) && $user->getPwd() && (md5($pwd) != $user->getPwd())) {
_printMessage(getMLText("login_error_title"), getMLText("login_error_text"));
/* if counting of login failures is turned on, then increment its value */ /* if counting of login failures is turned on, then increment its value */
if($settings->_loginFailure) { if($settings->_loginFailure) {
$failures = $user->addLoginFailure(); $failures = $user->addLoginFailure();
if($failures >= $settings->_loginFailure) if($failures >= $settings->_loginFailure)
$user->setDisabled(true); $user->setDisabled(true);
} }
$user = false;
}
}
} /* }}} */
if(!$user) {
_printMessage(getMLText("login_error_title"), getMLText("login_error_text"));
exit;
}
if (($userid == $settings->_guestID) && (!$settings->_enableGuestLogin)) {
_printMessage(getMLText("login_error_title"), getMLText("guest_login_disabled"));
exit; exit;
} }
@ -231,8 +238,6 @@ if (is_bool($user)) {
/* Clear login failures if login was successful */ /* Clear login failures if login was successful */
$user->clearLoginFailures(); $user->clearLoginFailures();
}
// Capture the user's language and theme settings. // Capture the user's language and theme settings.
if (isset($_REQUEST["lang"]) && strlen($_REQUEST["lang"])>0 && is_numeric(array_search($_REQUEST["lang"],getLanguages())) ) { if (isset($_REQUEST["lang"]) && strlen($_REQUEST["lang"])>0 && is_numeric(array_search($_REQUEST["lang"],getLanguages())) ) {
$lang = $_REQUEST["lang"]; $lang = $_REQUEST["lang"];
@ -327,7 +332,4 @@ else {
header("Location: ".$settings->_httpRoot.(isset($settings->_siteDefaultPage) && strlen($settings->_siteDefaultPage)>0 ? $settings->_siteDefaultPage : "out/out.ViewFolder.php?folderid=".($user->getHomeFolder() ? $user->getHomeFolder() : $settings->_rootFolderID))); header("Location: ".$settings->_httpRoot.(isset($settings->_siteDefaultPage) && strlen($settings->_siteDefaultPage)>0 ? $settings->_siteDefaultPage : "out/out.ViewFolder.php?folderid=".($user->getHomeFolder() ? $user->getHomeFolder() : $settings->_rootFolderID)));
} }
//_printMessage(getMLText("login_ok"),
// "<p><a href='".$settings->_httpRoot.(isset($settings->_siteDefaultPage) && strlen($settings->_siteDefaultPage)>0 ? $settings->_siteDefaultPage : "out/out.ViewFolder.php")."'>".getMLText("continue")."</a></p>");
?> ?>

24
styles/bootstrap/application.js
View File

@ -375,8 +375,28 @@ $(document).ready( function() {
url: url, url: url,
dataType: 'json', dataType: 'json',
success: function(data){ success: function(data){
for (var i = 0; i < data.length; i++) { if(data.success) {
noty({text: data[i].text, type: data[i].type}); if(element.data('param1') == 'command=clearclipboard') {
$("#main-clipboard").html('Loading').load('../op/op.Ajax.php?command=view&view=mainclipboard')
$("#menu-clipboard").html('Loading').load('../op/op.Ajax.php?command=view&view=menuclipboard')
}
noty({
text: data.message,
type: 'success',
dismissQueue: true,
layout: 'topRight',
theme: 'defaultTheme',
timeout: 1500,
});
} else {
noty({
text: data.message,
type: 'error',
dismissQueue: true,
layout: 'topRight',
theme: 'defaultTheme',
timeout: 3500,
});
} }
} }
}); });

3
views/bootstrap/class.Bootstrap.php
View File

@ -240,7 +240,8 @@ $(document).ready(function () {
if(isset($this->params['folder']) && $this->params['folder']->getAccessMode($this->params['user']) >= M_READWRITE) { if(isset($this->params['folder']) && $this->params['folder']->getAccessMode($this->params['user']) >= M_READWRITE) {
$content .= " <li><a href=\"../op/op.MoveClipboard.php?targetid=".$this->params['folder']->getID()."&refferer=".urlencode($this->params['refferer'])."\">".getMLText("move_clipboard")."</a></li>\n"; $content .= " <li><a href=\"../op/op.MoveClipboard.php?targetid=".$this->params['folder']->getID()."&refferer=".urlencode($this->params['refferer'])."\">".getMLText("move_clipboard")."</a></li>\n";
} }
$content .= " <li><a href=\"../op/op.ClearClipboard.php?refferer=".urlencode($this->params['refferer'])."\">".getMLText("clear_clipboard")."</a></li>\n"; // $content .= " <li><a href=\"../op/op.ClearClipboard.php?refferer=".urlencode($this->params['refferer'])."\">".getMLText("clear_clipboard")."</a><a class=\"ajax-click\" data-href=\"../op/op.Ajax.php\" data-param1=\"command=clearclipboard\">kkk</a> </li>\n";
$content .= " <li><a class=\"ajax-click\" data-href=\"../op/op.Ajax.php\" data-param1=\"command=clearclipboard\">".getMLText("clear_clipboard")."</a></li>\n";
$content .= " </ul>\n"; $content .= " </ul>\n";
$content .= " </li>\n"; $content .= " </li>\n";
$content .= " </ul>\n"; $content .= " </ul>\n";