EGroupware /
egroupware
@@ -41,7 +41,7 @@ discard block |
||
| 41 | 41 | * @param string $primary ='ldap' |
| 42 | 42 | * @param string $fallback ='sql' |
| 43 | 43 | */ |
| 44 | - function __construct($primary='ldap',$fallback='sql') |
|
| 44 | + function __construct($primary = 'ldap', $fallback = 'sql') |
|
| 45 | 45 | { |
| 46 | 46 | $this->primary_backend = Api\Auth::backend(str_replace('auth_', '', $primary)); |
| 47 | 47 | |
@@ -55,26 +55,26 @@ discard block |
||
| 55 | 55 | * @param string $passwd corresponding password |
| 56 | 56 | * @return boolean true if successful authenticated, false otherwise |
| 57 | 57 | */ |
| 58 | - function authenticate($username, $passwd, $passwd_type='text') |
|
| 58 | + function authenticate($username, $passwd, $passwd_type = 'text') |
|
| 59 | 59 | { |
| 60 | 60 | if ($this->primary_backend->authenticate($username, $passwd, $passwd_type)) |
| 61 | 61 | { |
| 62 | - Api\Cache::setInstance(__CLASS__,'backend_used-'.$username,'primary'); |
|
| 62 | + Api\Cache::setInstance(__CLASS__, 'backend_used-'.$username, 'primary'); |
|
| 63 | 63 | // check if fallback has correct password, if not update it |
| 64 | 64 | if (($account_id = $GLOBALS['egw']->accounts->name2id($username)) && |
| 65 | - !$this->fallback_backend->authenticate($username,$passwd, $passwd_type)) |
|
| 65 | + !$this->fallback_backend->authenticate($username, $passwd, $passwd_type)) |
|
| 66 | 66 | { |
| 67 | 67 | $backup_currentapp = $GLOBALS['egw_info']['flags']['currentapp']; |
| 68 | - $GLOBALS['egw_info']['flags']['currentapp'] = 'admin'; // otherwise |
|
| 68 | + $GLOBALS['egw_info']['flags']['currentapp'] = 'admin'; // otherwise |
|
| 69 | 69 | $this->fallback_backend->change_password('', $passwd, $account_id); |
| 70 | 70 | $GLOBALS['egw_info']['flags']['currentapp'] = $backup_currentapp; |
| 71 | 71 | //error_log(__METHOD__."('$username', \$passwd) updated password for #$account_id on fallback ".($ret ? 'successfull' : 'failed!')); |
| 72 | 72 | } |
| 73 | 73 | return true; |
| 74 | 74 | } |
| 75 | - if ($this->fallback_backend->authenticate($username,$passwd, $passwd_type)) |
|
| 75 | + if ($this->fallback_backend->authenticate($username, $passwd, $passwd_type)) |
|
| 76 | 76 | { |
| 77 | - Api\Cache::setInstance(__CLASS__,'backend_used-'.$username,'fallback'); |
|
| 77 | + Api\Cache::setInstance(__CLASS__, 'backend_used-'.$username, 'fallback'); |
|
| 78 | 78 | return true; |
| 79 | 79 | } |
| 80 | 80 | return false; |
@@ -91,9 +91,9 @@ discard block |
||
| 91 | 91 | * @param int $account_id account id of user whose passwd should be changed |
| 92 | 92 | * @return boolean true if password successful changed, false otherwise |
| 93 | 93 | */ |
| 94 | - function change_password($old_passwd, $new_passwd, $account_id=0) |
|
| 94 | + function change_password($old_passwd, $new_passwd, $account_id = 0) |
|
| 95 | 95 | { |
| 96 | - if(!$account_id || $GLOBALS['egw_info']['flags']['currentapp'] == 'login') |
|
| 96 | + if (!$account_id || $GLOBALS['egw_info']['flags']['currentapp'] == 'login') |
|
| 97 | 97 | { |
| 98 | 98 | $account_id = $GLOBALS['egw_info']['user']['account_id']; |
| 99 | 99 | $username = $GLOBALS['egw_info']['user']['account_lid']; |
@@ -102,7 +102,7 @@ discard block |
||
| 102 | 102 | { |
| 103 | 103 | $username = $GLOBALS['egw']->accounts->id2name($account_id); |
| 104 | 104 | } |
| 105 | - if (Api\Cache::getInstance(__CLASS__,'backend_used-'.$username) == 'primary') |
|
| 105 | + if (Api\Cache::getInstance(__CLASS__, 'backend_used-'.$username) == 'primary') |
|
| 106 | 106 | { |
| 107 | 107 | if (($ret = $this->primary_backend->change_password($old_passwd, $new_passwd, $account_id))) |
| 108 | 108 | { |
@@ -126,14 +126,14 @@ discard block |
||
| 126 | 126 | */ |
| 127 | 127 | function getLastPwdChange($username) |
| 128 | 128 | { |
| 129 | - if (Api\Cache::getInstance(__CLASS__,'backend_used-'.$username) == 'primary') |
|
| 129 | + if (Api\Cache::getInstance(__CLASS__, 'backend_used-'.$username) == 'primary') |
|
| 130 | 130 | { |
| 131 | - if (method_exists($this->primary_backend,'getLastPwdChange')) |
|
| 131 | + if (method_exists($this->primary_backend, 'getLastPwdChange')) |
|
| 132 | 132 | { |
| 133 | 133 | return $this->primary_backend->getLastPwdChange($username); |
| 134 | 134 | } |
| 135 | 135 | } |
| 136 | - if (method_exists($this->fallback_backend,'getLastPwdChange')) |
|
| 136 | + if (method_exists($this->fallback_backend, 'getLastPwdChange')) |
|
| 137 | 137 | { |
| 138 | 138 | return $this->fallback_backend->getLastPwdChange($username); |
| 139 | 139 | } |
@@ -148,9 +148,9 @@ discard block |
||
| 148 | 148 | * @param int $lastpwdchange must be a unixtimestamp |
| 149 | 149 | * @return boolean true if account_lastpwd_change successful changed, false otherwise |
| 150 | 150 | */ |
| 151 | - function setLastPwdChange($account_id=0, $passwd=NULL, $lastpwdchange=NULL) |
|
| 151 | + function setLastPwdChange($account_id = 0, $passwd = NULL, $lastpwdchange = NULL) |
|
| 152 | 152 | { |
| 153 | - if(!$account_id || $GLOBALS['egw_info']['flags']['currentapp'] == 'login') |
|
| 153 | + if (!$account_id || $GLOBALS['egw_info']['flags']['currentapp'] == 'login') |
|
| 154 | 154 | { |
| 155 | 155 | $account_id = $GLOBALS['egw_info']['user']['account_id']; |
| 156 | 156 | $username = $GLOBALS['egw_info']['user']['account_lid']; |
@@ -159,14 +159,14 @@ discard block |
||
| 159 | 159 | { |
| 160 | 160 | $username = $GLOBALS['egw']->accounts->id2name($account_id); |
| 161 | 161 | } |
| 162 | - if (Api\Cache::getInstance(__CLASS__,'backend_used-'.$username) == 'primary') |
|
| 162 | + if (Api\Cache::getInstance(__CLASS__, 'backend_used-'.$username) == 'primary') |
|
| 163 | 163 | { |
| 164 | - if (method_exists($this->primary_backend,'setLastPwdChange')) |
|
| 164 | + if (method_exists($this->primary_backend, 'setLastPwdChange')) |
|
| 165 | 165 | { |
| 166 | 166 | return $this->primary_backend->setLastPwdChange($username); |
| 167 | 167 | } |
| 168 | 168 | } |
| 169 | - if (method_exists($this->fallback_backend,'setLastPwdChange')) |
|
| 169 | + if (method_exists($this->fallback_backend, 'setLastPwdChange')) |
|
| 170 | 170 | { |
| 171 | 171 | return $this->fallback_backend->setLastPwdChange($account_id, $passwd, $lastpwdchange); |
| 172 | 172 | } |
@@ -29,21 +29,21 @@ discard block |
||
| 29 | 29 | * @param string $passwd_type ='text' 'text' for cleartext passwords (default) |
| 30 | 30 | * @return boolean true if successful authenticated, false otherwise |
| 31 | 31 | */ |
| 32 | - function authenticate($username, $passwd, $passwd_type='text') |
|
| 32 | + function authenticate($username, $passwd, $passwd_type = 'text') |
|
| 33 | 33 | { |
| 34 | - unset($passwd_type); // not used but required by interface |
|
| 34 | + unset($passwd_type); // not used but required by interface |
|
| 35 | 35 | |
| 36 | 36 | $local_debug = False; |
| 37 | 37 | |
| 38 | - if($local_debug) |
|
| 38 | + if ($local_debug) |
|
| 39 | 39 | { |
| 40 | 40 | echo "<b>Debug SQL: uid - $username passwd - $passwd</b>"; |
| 41 | 41 | } |
| 42 | - if (!($row = $this->db->select($this->table,'account_lid,account_pwd',array( |
|
| 42 | + if (!($row = $this->db->select($this->table, 'account_lid,account_pwd', array( |
|
| 43 | 43 | 'account_lid' => $username, |
| 44 | 44 | 'account_status' => 'A', |
| 45 | 45 | 'account_type' => 'u', |
| 46 | - ),__LINE__,__FILE__)->fetch()) || $GLOBALS['egw_info']['server']['case_sensitive_username'] && $row['account_lid'] != $username) |
|
| 46 | + ), __LINE__, __FILE__)->fetch()) || $GLOBALS['egw_info']['server']['case_sensitive_username'] && $row['account_lid'] != $username) |
|
| 47 | 47 | { |
| 48 | 48 | return false; |
| 49 | 49 | } |
@@ -51,7 +51,7 @@ discard block |
||
| 51 | 51 | # Apache + mod_ssl provide the data in the environment |
| 52 | 52 | # Certificate (chain) verification occurs inside mod_ssl |
| 53 | 53 | # see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6 |
| 54 | - if(!isset($_SERVER['SSL_CLIENT_S_DN'])) |
|
| 54 | + if (!isset($_SERVER['SSL_CLIENT_S_DN'])) |
|
| 55 | 55 | { |
| 56 | 56 | # if we're not doing SSL authentication, behave like auth_sql |
| 57 | 57 | return Api\Auth::compare_password($passwd, $row['account_pwd'], 'md5', strtolower($username)); |
@@ -67,9 +67,9 @@ discard block |
||
| 67 | 67 | * @param int $account_id =0 account id of user whose passwd should be changed |
| 68 | 68 | * @return boolean true if password successful changed, false otherwise |
| 69 | 69 | */ |
| 70 | - function change_password($old_passwd, $new_passwd, $account_id=0) |
|
| 70 | + function change_password($old_passwd, $new_passwd, $account_id = 0) |
|
| 71 | 71 | { |
| 72 | - unset($old_passwd, $new_passwd, $account_id); // not used but required by interface |
|
| 72 | + unset($old_passwd, $new_passwd, $account_id); // not used but required by interface |
|
| 73 | 73 | |
| 74 | 74 | // deny password changes. |
| 75 | 75 | return False; |
@@ -30,9 +30,9 @@ discard block |
||
| 30 | 30 | * @param string $passwd_type ='text' 'text' for cleartext passwords (default) |
| 31 | 31 | * @return boolean true if successful authenticated, false otherwise |
| 32 | 32 | */ |
| 33 | - function authenticate($username, $passwd, $passwd_type='text') |
|
| 33 | + function authenticate($username, $passwd, $passwd_type = 'text') |
|
| 34 | 34 | { |
| 35 | - unset($passwd_type); // not used but required by interface |
|
| 35 | + unset($passwd_type); // not used but required by interface |
|
| 36 | 36 | |
| 37 | 37 | if (pam_auth($username, get_magic_quotes_gpc() ? stripslashes($passwd) : $passwd)) |
| 38 | 38 | { |
@@ -40,12 +40,12 @@ discard block |
||
| 40 | 40 | if (!$GLOBALS['egw']->accounts->name2id($username) && |
| 41 | 41 | function_exists('posix_getpwnam') && ($data = posix_getpwnam($username))) |
| 42 | 42 | { |
| 43 | - list($fullname) = explode(',',$data['gecos']); |
|
| 44 | - $parts = explode(' ',$fullname); |
|
| 43 | + list($fullname) = explode(',', $data['gecos']); |
|
| 44 | + $parts = explode(' ', $fullname); |
|
| 45 | 45 | if (count($parts) > 1) |
| 46 | 46 | { |
| 47 | 47 | $lastname = array_pop($parts); |
| 48 | - $firstname = implode(' ',$parts); |
|
| 48 | + $firstname = implode(' ', $parts); |
|
| 49 | 49 | $email = Api\Accounts::email($firstname, $lastname, $username); |
| 50 | 50 | |
| 51 | 51 | $GLOBALS['auto_create_acct'] = array( |
@@ -69,9 +69,9 @@ discard block |
||
| 69 | 69 | * @param int $account_id =0 account id of user whose passwd should be changed |
| 70 | 70 | * @return boolean true if password successful changed, false otherwise |
| 71 | 71 | */ |
| 72 | - function change_password($old_passwd, $new_passwd, $account_id=0) |
|
| 72 | + function change_password($old_passwd, $new_passwd, $account_id = 0) |
|
| 73 | 73 | { |
| 74 | - unset($old_passwd, $new_passwd, $account_id); // not used but required by interface |
|
| 74 | + unset($old_passwd, $new_passwd, $account_id); // not used but required by interface |
|
| 75 | 75 | |
| 76 | 76 | // deny password changes. |
| 77 | 77 | return False; |
@@ -34,14 +34,14 @@ discard block |
||
| 34 | 34 | * @param string $passwd_type ='text' 'text' for cleartext passwords (default) |
| 35 | 35 | * @return boolean true if successful authenticated, false otherwise |
| 36 | 36 | */ |
| 37 | - function authenticate($username, $passwd, $passwd_type='text') |
|
| 37 | + function authenticate($username, $passwd, $passwd_type = 'text') |
|
| 38 | 38 | { |
| 39 | - unset($passwd_type); // not used but required by function signature |
|
| 39 | + unset($passwd_type); // not used but required by function signature |
|
| 40 | 40 | |
| 41 | 41 | switch ($GLOBALS['egw_info']['server']['mail_login_type']) |
| 42 | 42 | { |
| 43 | 43 | case 'vmailmgr': |
| 44 | - $username = $username . '@' . $GLOBALS['egw_info']['server']['mail_suffix']; |
|
| 44 | + $username = $username.'@'.$GLOBALS['egw_info']['server']['mail_suffix']; |
|
| 45 | 45 | break; |
| 46 | 46 | case 'email': |
| 47 | 47 | $username = $GLOBALS['egw']->accounts->id2name($username, 'account_email'); |
@@ -68,7 +68,7 @@ discard block |
||
| 68 | 68 | $mailauth = true; |
| 69 | 69 | $imap->logout(); |
| 70 | 70 | } |
| 71 | - catch(Horde_Imap_Client_Exception $e) { |
|
| 71 | + catch (Horde_Imap_Client_Exception $e) { |
|
| 72 | 72 | // throw everything but authentication failed as exception |
| 73 | 73 | if ($e->getCode() != Horde_Imap_Client_Exception::LOGIN_AUTHENTICATIONFAILED) throw $e; |
| 74 | 74 | |
@@ -85,19 +85,19 @@ discard block |
||
| 85 | 85 | case 'imap': |
| 86 | 86 | default: |
| 87 | 87 | if (!isset($port)) $port = 143; |
| 88 | - $mailauth = imap_open('{'.$host.':'.$port.'/imap/novalidate-cert}INBOX', $username , $passwd); |
|
| 88 | + $mailauth = imap_open('{'.$host.':'.$port.'/imap/novalidate-cert}INBOX', $username, $passwd); |
|
| 89 | 89 | break; |
| 90 | 90 | case 'imaps': |
| 91 | 91 | if (!isset($port)) $port = 993; |
| 92 | - $mailauth = imap_open('{'.$host.'/imap/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd); |
|
| 92 | + $mailauth = imap_open('{'.$host.'/imap/ssl/novalidate-cert:'.$port.'}INBOX', $username, $passwd); |
|
| 93 | 93 | break; |
| 94 | 94 | case 'pop3': |
| 95 | 95 | if (!isset($port)) $port = 110; |
| 96 | - $mailauth = imap_open('{'.$host.'/pop3/novalidate-cert:'.$port.'}INBOX', $username , $passwd); |
|
| 96 | + $mailauth = imap_open('{'.$host.'/pop3/novalidate-cert:'.$port.'}INBOX', $username, $passwd); |
|
| 97 | 97 | break; |
| 98 | 98 | case 'pop3s': |
| 99 | 99 | if (!isset($port)) $port = 995; |
| 100 | - $mailauth = imap_open('{'.$host.'/pop3/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd); |
|
| 100 | + $mailauth = imap_open('{'.$host.'/pop3/ssl/novalidate-cert:'.$port.'}INBOX', $username, $passwd); |
|
| 101 | 101 | break; |
| 102 | 102 | } |
| 103 | 103 | if ($mailauth) imap_close($mailauth); |
@@ -113,9 +113,9 @@ discard block |
||
| 113 | 113 | * @param int $account_id =0 account id of user whose passwd should be changed |
| 114 | 114 | * @return boolean true if password successful changed, false otherwise |
| 115 | 115 | */ |
| 116 | - function change_password($old_passwd, $new_passwd, $account_id=0) |
|
| 116 | + function change_password($old_passwd, $new_passwd, $account_id = 0) |
|
| 117 | 117 | { |
| 118 | - unset($old_passwd, $new_passwd, $account_id); // not used but required by function sigature |
|
| 118 | + unset($old_passwd, $new_passwd, $account_id); // not used but required by function sigature |
|
| 119 | 119 | |
| 120 | 120 | return False; |
| 121 | 121 | } |
@@ -70,7 +70,10 @@ discard block |
||
| 70 | 70 | } |
| 71 | 71 | catch(Horde_Imap_Client_Exception $e) { |
| 72 | 72 | // throw everything but authentication failed as exception |
| 73 | - if ($e->getCode() != Horde_Imap_Client_Exception::LOGIN_AUTHENTICATIONFAILED) throw $e; |
|
| 73 | + if ($e->getCode() != Horde_Imap_Client_Exception::LOGIN_AUTHENTICATIONFAILED) |
|
| 74 | + { |
|
| 75 | + throw $e; |
|
| 76 | + } |
|
| 74 | 77 | |
| 75 | 78 | $mailauth = false; |
| 76 | 79 | } |
@@ -84,23 +87,38 @@ discard block |
||
| 84 | 87 | { |
| 85 | 88 | case 'imap': |
| 86 | 89 | default: |
| 87 | - if (!isset($port)) $port = 143; |
|
| 90 | + if (!isset($port)) |
|
| 91 | + { |
|
| 92 | + $port = 143; |
|
| 93 | + } |
|
| 88 | 94 | $mailauth = imap_open('{'.$host.':'.$port.'/imap/novalidate-cert}INBOX', $username , $passwd); |
| 89 | 95 | break; |
| 90 | 96 | case 'imaps': |
| 91 | - if (!isset($port)) $port = 993; |
|
| 97 | + if (!isset($port)) |
|
| 98 | + { |
|
| 99 | + $port = 993; |
|
| 100 | + } |
|
| 92 | 101 | $mailauth = imap_open('{'.$host.'/imap/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd); |
| 93 | 102 | break; |
| 94 | 103 | case 'pop3': |
| 95 | - if (!isset($port)) $port = 110; |
|
| 104 | + if (!isset($port)) |
|
| 105 | + { |
|
| 106 | + $port = 110; |
|
| 107 | + } |
|
| 96 | 108 | $mailauth = imap_open('{'.$host.'/pop3/novalidate-cert:'.$port.'}INBOX', $username , $passwd); |
| 97 | 109 | break; |
| 98 | 110 | case 'pop3s': |
| 99 | - if (!isset($port)) $port = 995; |
|
| 111 | + if (!isset($port)) |
|
| 112 | + { |
|
| 113 | + $port = 995; |
|
| 114 | + } |
|
| 100 | 115 | $mailauth = imap_open('{'.$host.'/pop3/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd); |
| 101 | 116 | break; |
| 102 | 117 | } |
| 103 | - if ($mailauth) imap_close($mailauth); |
|
| 118 | + if ($mailauth) |
|
| 119 | + { |
|
| 120 | + imap_close($mailauth); |
|
| 121 | + } |
|
| 104 | 122 | } |
| 105 | 123 | return !!$mailauth; |
| 106 | 124 | } |
@@ -25,7 +25,7 @@ discard block |
||
| 25 | 25 | * @param string $passwd_type ='text' 'text' for cleartext passwords (default) |
| 26 | 26 | * @return boolean true if successful authenticated, false otherwise |
| 27 | 27 | */ |
| 28 | - function authenticate($username, $passwd, $passwd_type='text'); |
|
| 28 | + function authenticate($username, $passwd, $passwd_type = 'text'); |
|
| 29 | 29 | |
| 30 | 30 | /** |
| 31 | 31 | * changes password in sql datababse |
@@ -36,5 +36,5 @@ discard block |
||
| 36 | 36 | * @throws Exception to give a verbose error, why changing password failed |
| 37 | 37 | * @return boolean true if password successful changed, false otherwise |
| 38 | 38 | */ |
| 39 | - function change_password($old_passwd, $new_passwd, $account_id=0); |
|
| 39 | + function change_password($old_passwd, $new_passwd, $account_id = 0); |
|
| 40 | 40 | } |
@@ -29,18 +29,18 @@ discard block |
||
| 29 | 29 | * @param string $passwd_type ='text' 'text' for cleartext passwords (default) |
| 30 | 30 | * @return boolean true if successful authenticated, false otherwise |
| 31 | 31 | */ |
| 32 | - function authenticate($username, $passwd, $passwd_type='text') |
|
| 32 | + function authenticate($username, $passwd, $passwd_type = 'text') |
|
| 33 | 33 | { |
| 34 | 34 | /* if program goes here, authenticate is, normaly, already verified by CAS */ |
| 35 | 35 | if ($GLOBALS['egw_info']['server']['account_repository'] != 'ldap' && |
| 36 | 36 | $GLOBALS['egw_info']['server']['account_repository'] != 'ldsq') /* For anonymous LDAP connection */ |
| 37 | 37 | { |
| 38 | - if (!($id = $GLOBALS['egw']->accounts->name2id($username,'account_lid','u')) && |
|
| 38 | + if (!($id = $GLOBALS['egw']->accounts->name2id($username, 'account_lid', 'u')) && |
|
| 39 | 39 | $GLOBALS['egw_info']['server']['auto_create_acct']) |
| 40 | 40 | { |
| 41 | 41 | // create a global array with all availible info about that account |
| 42 | 42 | $GLOBALS['auto_create_acct'] = array(); |
| 43 | - foreach(array( |
|
| 43 | + foreach (array( |
|
| 44 | 44 | 'givenname' => 'firstname', |
| 45 | 45 | 'sn' => 'lastname', |
| 46 | 46 | 'uidnumber' => 'id', |
@@ -48,11 +48,11 @@ discard block |
||
| 48 | 48 | 'gidnumber' => 'primary_group', |
| 49 | 49 | ) as $ldap_name => $acct_name) |
| 50 | 50 | { |
| 51 | - $GLOBALS['auto_create_acct'][$acct_name] = Api\Translation::convert($allValues[0][$ldap_name][0],'utf-8'); |
|
| 51 | + $GLOBALS['auto_create_acct'][$acct_name] = Api\Translation::convert($allValues[0][$ldap_name][0], 'utf-8'); |
|
| 52 | 52 | } |
| 53 | 53 | return True; |
| 54 | 54 | } |
| 55 | - return $id && $GLOBALS['egw']->accounts->id2name($id,'account_status') == 'A' && phpCAS::checkAuthentication(); |
|
| 55 | + return $id && $GLOBALS['egw']->accounts->id2name($id, 'account_status') == 'A' && phpCAS::checkAuthentication(); |
|
| 56 | 56 | } |
| 57 | 57 | return phpCAS::checkAuthentication(); |
| 58 | 58 | } |
@@ -65,7 +65,7 @@ discard block |
||
| 65 | 65 | * @param int $account_id =0 account id of user whose passwd should be changed |
| 66 | 66 | * @return boolean true if password successful changed, false otherwise |
| 67 | 67 | */ |
| 68 | - function change_password($old_passwd, $new_passwd, $account_id=0) |
|
| 68 | + function change_password($old_passwd, $new_passwd, $account_id = 0) |
|
| 69 | 69 | { |
| 70 | 70 | /* Not allowed */ |
| 71 | 71 | return false; |
@@ -33,13 +33,16 @@ |
||
| 33 | 33 | { |
| 34 | 34 | /* if program goes here, authenticate is, normaly, already verified by CAS */ |
| 35 | 35 | if ($GLOBALS['egw_info']['server']['account_repository'] != 'ldap' && |
| 36 | - $GLOBALS['egw_info']['server']['account_repository'] != 'ldsq') /* For anonymous LDAP connection */ |
|
| 36 | + $GLOBALS['egw_info']['server']['account_repository'] != 'ldsq') |
|
| 37 | + { |
|
| 38 | + /* For anonymous LDAP connection */ |
|
| 37 | 39 | { |
| 38 | 40 | if (!($id = $GLOBALS['egw']->accounts->name2id($username,'account_lid','u')) && |
| 39 | 41 | $GLOBALS['egw_info']['server']['auto_create_acct']) |
| 40 | 42 | { |
| 41 | 43 | // create a global array with all availible info about that account |
| 42 | 44 | $GLOBALS['auto_create_acct'] = array(); |
| 45 | + } |
|
| 43 | 46 | foreach(array( |
| 44 | 47 | 'givenname' => 'firstname', |
| 45 | 48 | 'sn' => 'lastname', |
@@ -43,29 +43,29 @@ discard block |
||
| 43 | 43 | * @param string $_passwd corresponding password |
| 44 | 44 | * @return boolean true if successful authenticated, false otherwise |
| 45 | 45 | */ |
| 46 | - function authenticate($_username, $_passwd, $passwd_type='text') |
|
| 46 | + function authenticate($_username, $_passwd, $passwd_type = 'text') |
|
| 47 | 47 | { |
| 48 | - unset($passwd_type); // not used by required by function signature |
|
| 48 | + unset($passwd_type); // not used by required by function signature |
|
| 49 | 49 | |
| 50 | 50 | // allow non-ascii in username & password |
| 51 | - $username = Api\Translation::convert($_username,Api\Translation::charset(),'utf-8'); |
|
| 51 | + $username = Api\Translation::convert($_username, Api\Translation::charset(), 'utf-8'); |
|
| 52 | 52 | // harden ldap auth, by removing \000 bytes, causing passwords to be not empty by php, but empty to c libaries |
| 53 | - $passwd = str_replace("\000", '', Api\Translation::convert($_passwd,Api\Translation::charset(),'utf-8')); |
|
| 53 | + $passwd = str_replace("\000", '', Api\Translation::convert($_passwd, Api\Translation::charset(), 'utf-8')); |
|
| 54 | 54 | |
| 55 | 55 | // Login with the LDAP Admin. User to find the User DN. |
| 56 | 56 | try { |
| 57 | 57 | $ldap = Api\Ldap::factory(); |
| 58 | 58 | } |
| 59 | - catch(Api\Exception\NoPermission $e) |
|
| 59 | + catch (Api\Exception\NoPermission $e) |
|
| 60 | 60 | { |
| 61 | 61 | unset($e); |
| 62 | 62 | if ($this->debug) error_log(__METHOD__."('$username',\$password) can NOT bind with ldap_root_dn to search!"); |
| 63 | 63 | return False; |
| 64 | 64 | } |
| 65 | 65 | /* find the dn for this uid, the uid is not always in the dn */ |
| 66 | - $attributes = array('uid','dn','givenName','sn','mail','uidNumber','shadowExpire','homeDirectory'); |
|
| 66 | + $attributes = array('uid', 'dn', 'givenName', 'sn', 'mail', 'uidNumber', 'shadowExpire', 'homeDirectory'); |
|
| 67 | 67 | |
| 68 | - $filter = str_replace(array('%user','%domain'),array(Api\Ldap::quote($username),$GLOBALS['egw_info']['user']['domain']), |
|
| 68 | + $filter = str_replace(array('%user', '%domain'), array(Api\Ldap::quote($username), $GLOBALS['egw_info']['user']['domain']), |
|
| 69 | 69 | $GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)'); |
| 70 | 70 | |
| 71 | 71 | if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap') |
@@ -84,10 +84,10 @@ discard block |
||
| 84 | 84 | return false; |
| 85 | 85 | } |
| 86 | 86 | if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap' && |
| 87 | - isset($allValues[0]['shadowexpire']) && $allValues[0]['shadowexpire'][0]*24*3600 < time()) |
|
| 87 | + isset($allValues[0]['shadowexpire']) && $allValues[0]['shadowexpire'][0] * 24 * 3600 < time()) |
|
| 88 | 88 | { |
| 89 | 89 | if ($this->debug) error_log(__METHOD__."('$username',\$password) account is expired!"); |
| 90 | - return false; // account is expired |
|
| 90 | + return false; // account is expired |
|
| 91 | 91 | } |
| 92 | 92 | $userDN = $allValues[0]['dn']; |
| 93 | 93 | |
@@ -103,13 +103,13 @@ discard block |
||
| 103 | 103 | { |
| 104 | 104 | $GLOBALS['auto_create_acct']['homedirectory'] = $allValues[0]['homedirectory'][0]; |
| 105 | 105 | } |
| 106 | - if (!($id = $GLOBALS['egw']->accounts->name2id($username,'account_lid','u'))) |
|
| 106 | + if (!($id = $GLOBALS['egw']->accounts->name2id($username, 'account_lid', 'u'))) |
|
| 107 | 107 | { |
| 108 | 108 | // account does NOT exist, check if we should create it |
| 109 | 109 | if ($GLOBALS['egw_info']['server']['auto_create_acct']) |
| 110 | 110 | { |
| 111 | 111 | // create a global array with all availible info about that account |
| 112 | - foreach(array( |
|
| 112 | + foreach (array( |
|
| 113 | 113 | 'givenname' => 'firstname', |
| 114 | 114 | 'sn' => 'lastname', |
| 115 | 115 | 'uidnumber' => 'account_id', |
@@ -117,7 +117,7 @@ discard block |
||
| 117 | 117 | ) as $ldap_name => $acct_name) |
| 118 | 118 | { |
| 119 | 119 | $GLOBALS['auto_create_acct'][$acct_name] = |
| 120 | - Api\Translation::convert($allValues[0][$ldap_name][0],'utf-8'); |
|
| 120 | + Api\Translation::convert($allValues[0][$ldap_name][0], 'utf-8'); |
|
| 121 | 121 | } |
| 122 | 122 | $ret = true; |
| 123 | 123 | } |
@@ -130,7 +130,7 @@ discard block |
||
| 130 | 130 | // account exists, check if it is acctive |
| 131 | 131 | else |
| 132 | 132 | { |
| 133 | - $ret = $GLOBALS['egw']->accounts->id2name($id,'account_status') == 'A'; |
|
| 133 | + $ret = $GLOBALS['egw']->accounts->id2name($id, 'account_status') == 'A'; |
|
| 134 | 134 | |
| 135 | 135 | if ($this->debug && !$ret) error_log(__METHOD__."('$username',\$password) account NOT active!"); |
| 136 | 136 | } |
@@ -141,12 +141,12 @@ discard block |
||
| 141 | 141 | { |
| 142 | 142 | $matches = null; |
| 143 | 143 | // try to query password from ldap server (might fail because of ACL) and check if we need to migrate the hash |
| 144 | - if (($sri = ldap_search($ldap, $userDN,"(objectclass=*)", array('userPassword'))) && |
|
| 144 | + if (($sri = ldap_search($ldap, $userDN, "(objectclass=*)", array('userPassword'))) && |
|
| 145 | 145 | ($values = ldap_get_entries($ldap, $sri)) && isset($values[0]['userpassword'][0]) && |
| 146 | - ($type = preg_match('/^{(.+)}/',$values[0]['userpassword'][0],$matches) ? strtolower($matches[1]) : 'plain') && |
|
| 146 | + ($type = preg_match('/^{(.+)}/', $values[0]['userpassword'][0], $matches) ? strtolower($matches[1]) : 'plain') && |
|
| 147 | 147 | // for crypt use Api\Auth::crypt_compare to detect correct sub-type, strlen("{crypt}")=7 |
| 148 | 148 | ($type != 'crypt' || Api\Auth::crypt_compare($passwd, substr($values[0]['userpassword'][0], 7), $type)) && |
| 149 | - in_array($type, explode(',',strtolower($GLOBALS['egw_info']['server']['pwd_migration_types'])))) |
|
| 149 | + in_array($type, explode(',', strtolower($GLOBALS['egw_info']['server']['pwd_migration_types'])))) |
|
| 150 | 150 | { |
| 151 | 151 | $this->change_password($passwd, $passwd, $allValues[0]['uidnumber'][0], false); |
| 152 | 152 | } |
@@ -168,7 +168,7 @@ discard block |
||
| 168 | 168 | function getLastPwdChange($_username) |
| 169 | 169 | { |
| 170 | 170 | // allow non-ascii in username & password |
| 171 | - $username = Api\Translation::convert($_username,Api\Translation::charset(),'utf-8'); |
|
| 171 | + $username = Api\Translation::convert($_username, Api\Translation::charset(), 'utf-8'); |
|
| 172 | 172 | |
| 173 | 173 | // Login with the LDAP Admin. User to find the User DN. |
| 174 | 174 | try { |
@@ -180,9 +180,9 @@ discard block |
||
| 180 | 180 | return false; |
| 181 | 181 | } |
| 182 | 182 | /* find the dn for this uid, the uid is not always in the dn */ |
| 183 | - $attributes = array('uid','dn','shadowexpire','shadowlastchange'); |
|
| 183 | + $attributes = array('uid', 'dn', 'shadowexpire', 'shadowlastchange'); |
|
| 184 | 184 | |
| 185 | - $filter = str_replace(array('%user','%domain'),array(Api\Ldap::quote($username),$GLOBALS['egw_info']['user']['domain']), |
|
| 185 | + $filter = str_replace(array('%user', '%domain'), array(Api\Ldap::quote($username), $GLOBALS['egw_info']['user']['domain']), |
|
| 186 | 186 | $GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)'); |
| 187 | 187 | |
| 188 | 188 | if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap') |
@@ -206,12 +206,12 @@ discard block |
||
| 206 | 206 | return false; |
| 207 | 207 | } |
| 208 | 208 | if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap' && |
| 209 | - isset($allValues[0]['shadowexpire']) && $allValues[0]['shadowexpire'][0]*24*3600 < time()) |
|
| 209 | + isset($allValues[0]['shadowexpire']) && $allValues[0]['shadowexpire'][0] * 24 * 3600 < time()) |
|
| 210 | 210 | { |
| 211 | 211 | if ($this->debug) error_log(__METHOD__."('$username',\$password) account is expired!"); |
| 212 | - return false; // account is expired |
|
| 212 | + return false; // account is expired |
|
| 213 | 213 | } |
| 214 | - return $allValues[0]['shadowlastchange'][0]*24*3600; |
|
| 214 | + return $allValues[0]['shadowlastchange'][0] * 24 * 3600; |
|
| 215 | 215 | } |
| 216 | 216 | if ($this->debug) error_log(__METHOD__."('$username') dn not found or password wrong!"); |
| 217 | 217 | // dn not found or password wrong |
@@ -226,11 +226,11 @@ discard block |
||
| 226 | 226 | * @param int $lastpwdchange must be a unixtimestamp |
| 227 | 227 | * @return boolean true if account_lastpwd_change successful changed, false otherwise |
| 228 | 228 | */ |
| 229 | - function setLastPwdChange($account_id=0, $passwd=NULL, $lastpwdchange=NULL) |
|
| 229 | + function setLastPwdChange($account_id = 0, $passwd = NULL, $lastpwdchange = NULL) |
|
| 230 | 230 | { |
| 231 | 231 | $admin = True; |
| 232 | 232 | // Don't allow password changes for other accounts when using XML-RPC |
| 233 | - if(!$account_id || $GLOBALS['egw_info']['flags']['currentapp'] == 'login') |
|
| 233 | + if (!$account_id || $GLOBALS['egw_info']['flags']['currentapp'] == 'login') |
|
| 234 | 234 | { |
| 235 | 235 | $admin = False; |
| 236 | 236 | $username = $GLOBALS['egw_info']['user']['account_lid']; |
@@ -238,22 +238,22 @@ discard block |
||
| 238 | 238 | else |
| 239 | 239 | { |
| 240 | 240 | $username = Api\Translation::convert($GLOBALS['egw']->accounts->id2name($account_id), |
| 241 | - Api\Translation::charset(),'utf-8'); |
|
| 241 | + Api\Translation::charset(), 'utf-8'); |
|
| 242 | 242 | } |
| 243 | 243 | //echo "<p>auth_Api\Ldap::change_password('$old_passwd','$new_passwd',$account_id) username='$username'</p>\n"; |
| 244 | 244 | |
| 245 | - $filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['egw_info']['user']['domain']), |
|
| 245 | + $filter = str_replace(array('%user', '%domain'), array($username, $GLOBALS['egw_info']['user']['domain']), |
|
| 246 | 246 | $GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)'); |
| 247 | 247 | |
| 248 | 248 | $ds = Api\Ldap::factory(); |
| 249 | 249 | $sri = ldap_search($ds, $GLOBALS['egw_info']['server']['ldap_context'], $filter); |
| 250 | 250 | $allValues = ldap_get_entries($ds, $sri); |
| 251 | 251 | |
| 252 | - $entry['shadowlastchange'] = (is_null($lastpwdchange) || $lastpwdchange<0 ? round((time()-date('Z')) / (24*3600)):$lastpwdchange); |
|
| 252 | + $entry['shadowlastchange'] = (is_null($lastpwdchange) || $lastpwdchange < 0 ? round((time() - date('Z')) / (24 * 3600)) : $lastpwdchange); |
|
| 253 | 253 | |
| 254 | 254 | $dn = $allValues[0]['dn']; |
| 255 | 255 | |
| 256 | - if(!$admin && $passwd) // if old password given (not called by admin) --> bind as that user to change the pw |
|
| 256 | + if (!$admin && $passwd) // if old password given (not called by admin) --> bind as that user to change the pw |
|
| 257 | 257 | { |
| 258 | 258 | $ds = Api\Ldap::factory('', $dn, $passwd); |
| 259 | 259 | } |
@@ -262,7 +262,7 @@ discard block |
||
| 262 | 262 | return false; |
| 263 | 263 | } |
| 264 | 264 | // using time() is sufficient to represent the current time, we do not need the timestamp written to the storage |
| 265 | - if (!$admin) Api\Cache::setSession('phpgwapi','auth_alpwchange_val',(is_null($lastpwdchange) || $lastpwdchange<0 ? time():$lastpwdchange)); |
|
| 265 | + if (!$admin) Api\Cache::setSession('phpgwapi', 'auth_alpwchange_val', (is_null($lastpwdchange) || $lastpwdchange < 0 ? time() : $lastpwdchange)); |
|
| 266 | 266 | return true; |
| 267 | 267 | } |
| 268 | 268 | |
@@ -278,7 +278,7 @@ discard block |
||
| 278 | 278 | * @param boolean $update_lastchange =true |
| 279 | 279 | * @return boolean true if password successful changed, false otherwise |
| 280 | 280 | */ |
| 281 | - function change_password($old_passwd, $new_passwd, $account_id=0, $update_lastchange=true) |
|
| 281 | + function change_password($old_passwd, $new_passwd, $account_id = 0, $update_lastchange = true) |
|
| 282 | 282 | { |
| 283 | 283 | if (!$account_id) |
| 284 | 284 | { |
@@ -287,11 +287,11 @@ discard block |
||
| 287 | 287 | else |
| 288 | 288 | { |
| 289 | 289 | $username = Api\Translation::convert($GLOBALS['egw']->accounts->id2name($account_id), |
| 290 | - Api\Translation::charset(),'utf-8'); |
|
| 290 | + Api\Translation::charset(), 'utf-8'); |
|
| 291 | 291 | } |
| 292 | 292 | if ($this->debug) error_log(__METHOD__."('$old_passwd','$new_passwd',$account_id, $update_lastchange) username='$username'"); |
| 293 | 293 | |
| 294 | - $filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['egw_info']['user']['domain']), |
|
| 294 | + $filter = str_replace(array('%user', '%domain'), array($username, $GLOBALS['egw_info']['user']['domain']), |
|
| 295 | 295 | $GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)'); |
| 296 | 296 | |
| 297 | 297 | $ds = $ds_admin = Api\Ldap::factory(); |
@@ -301,19 +301,19 @@ discard block |
||
| 301 | 301 | $entry['userpassword'] = Api\Auth::encrypt_password($new_passwd); |
| 302 | 302 | if ($update_lastchange) |
| 303 | 303 | { |
| 304 | - $entry['shadowlastchange'] = round((time()-date('Z')) / (24*3600)); |
|
| 304 | + $entry['shadowlastchange'] = round((time() - date('Z')) / (24 * 3600)); |
|
| 305 | 305 | } |
| 306 | 306 | |
| 307 | 307 | $dn = $allValues[0]['dn']; |
| 308 | 308 | |
| 309 | - if($old_passwd) // if old password given (not called by admin) --> bind as that user to change the pw |
|
| 309 | + if ($old_passwd) // if old password given (not called by admin) --> bind as that user to change the pw |
|
| 310 | 310 | { |
| 311 | 311 | try { |
| 312 | - $ds = Api\Ldap\factory('',$dn,$old_passwd); |
|
| 312 | + $ds = Api\Ldap\factory('', $dn, $old_passwd); |
|
| 313 | 313 | } |
| 314 | 314 | catch (Api\Exception\NoPermission $e) { |
| 315 | 315 | unset($e); |
| 316 | - return false; // wrong old user password |
|
| 316 | + return false; // wrong old user password |
|
| 317 | 317 | } |
| 318 | 318 | } |
| 319 | 319 | // try changing password bind as user or as admin, to cater for all sorts of ldap configuration |
@@ -322,10 +322,10 @@ discard block |
||
| 322 | 322 | { |
| 323 | 323 | return false; |
| 324 | 324 | } |
| 325 | - if($old_passwd) // if old password given (not called by admin) update the password in the session |
|
| 325 | + if ($old_passwd) // if old password given (not called by admin) update the password in the session |
|
| 326 | 326 | { |
| 327 | 327 | // using time() is sufficient to represent the current time, we do not need the timestamp written to the storage |
| 328 | - Api\Cache::setSession('phpgwapi','auth_alpwchange_val',time()); |
|
| 328 | + Api\Cache::setSession('phpgwapi', 'auth_alpwchange_val', time()); |
|
| 329 | 329 | } |
| 330 | 330 | return $entry['userpassword']; |
| 331 | 331 | } |
@@ -59,7 +59,10 @@ discard block |
||
| 59 | 59 | catch(Api\Exception\NoPermission $e) |
| 60 | 60 | { |
| 61 | 61 | unset($e); |
| 62 | - if ($this->debug) error_log(__METHOD__."('$username',\$password) can NOT bind with ldap_root_dn to search!"); |
|
| 62 | + if ($this->debug) |
|
| 63 | + { |
|
| 64 | + error_log(__METHOD__."('$username',\$password) can NOT bind with ldap_root_dn to search!"); |
|
| 65 | + } |
|
| 63 | 66 | return False; |
| 64 | 67 | } |
| 65 | 68 | /* find the dn for this uid, the uid is not always in the dn */ |
@@ -80,13 +83,19 @@ discard block |
||
| 80 | 83 | if ($GLOBALS['egw_info']['server']['case_sensitive_username'] == true && |
| 81 | 84 | $allValues[0]['uid'][0] != $username) |
| 82 | 85 | { |
| 83 | - if ($this->debug) error_log(__METHOD__."('$username',\$password) wrong case in username!"); |
|
| 86 | + if ($this->debug) |
|
| 87 | + { |
|
| 88 | + error_log(__METHOD__."('$username',\$password) wrong case in username!"); |
|
| 89 | + } |
|
| 84 | 90 | return false; |
| 85 | 91 | } |
| 86 | 92 | if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap' && |
| 87 | 93 | isset($allValues[0]['shadowexpire']) && $allValues[0]['shadowexpire'][0]*24*3600 < time()) |
| 88 | 94 | { |
| 89 | - if ($this->debug) error_log(__METHOD__."('$username',\$password) account is expired!"); |
|
| 95 | + if ($this->debug) |
|
| 96 | + { |
|
| 97 | + error_log(__METHOD__."('$username',\$password) account is expired!"); |
|
| 98 | + } |
|
| 90 | 99 | return false; // account is expired |
| 91 | 100 | } |
| 92 | 101 | $userDN = $allValues[0]['dn']; |
@@ -124,7 +133,10 @@ discard block |
||
| 124 | 133 | else |
| 125 | 134 | { |
| 126 | 135 | $ret = false; |
| 127 | - if ($this->debug) error_log(__METHOD__."('$username',\$password) bind as user failed!"); |
|
| 136 | + if ($this->debug) |
|
| 137 | + { |
|
| 138 | + error_log(__METHOD__."('$username',\$password) bind as user failed!"); |
|
| 139 | + } |
|
| 128 | 140 | } |
| 129 | 141 | } |
| 130 | 142 | // account exists, check if it is acctive |
@@ -132,7 +144,10 @@ discard block |
||
| 132 | 144 | { |
| 133 | 145 | $ret = $GLOBALS['egw']->accounts->id2name($id,'account_status') == 'A'; |
| 134 | 146 | |
| 135 | - if ($this->debug && !$ret) error_log(__METHOD__."('$username',\$password) account NOT active!"); |
|
| 147 | + if ($this->debug && !$ret) |
|
| 148 | + { |
|
| 149 | + error_log(__METHOD__."('$username',\$password) account NOT active!"); |
|
| 150 | + } |
|
| 136 | 151 | } |
| 137 | 152 | } |
| 138 | 153 | // account-repository is ldap --> check if passwd hash migration is enabled |
@@ -154,7 +169,10 @@ discard block |
||
| 154 | 169 | return $ret; |
| 155 | 170 | } |
| 156 | 171 | } |
| 157 | - if ($this->debug) error_log(__METHOD__."('$_username', '$_passwd') dn not found or password wrong!"); |
|
| 172 | + if ($this->debug) |
|
| 173 | + { |
|
| 174 | + error_log(__METHOD__."('$_username', '$_passwd') dn not found or password wrong!"); |
|
| 175 | + } |
|
| 158 | 176 | // dn not found or password wrong |
| 159 | 177 | return False; |
| 160 | 178 | } |
@@ -176,7 +194,10 @@ discard block |
||
| 176 | 194 | } |
| 177 | 195 | catch (Api\Exception\NoPermission $ex) { |
| 178 | 196 | unset($ex); |
| 179 | - if ($this->debug) error_log(__METHOD__."('$username') can NOT bind with ldap_root_dn to search!"); |
|
| 197 | + if ($this->debug) |
|
| 198 | + { |
|
| 199 | + error_log(__METHOD__."('$username') can NOT bind with ldap_root_dn to search!"); |
|
| 200 | + } |
|
| 180 | 201 | return false; |
| 181 | 202 | } |
| 182 | 203 | /* find the dn for this uid, the uid is not always in the dn */ |
@@ -196,24 +217,36 @@ discard block |
||
| 196 | 217 | { |
| 197 | 218 | if (!isset($allValues[0]['shadowlastchange'])) |
| 198 | 219 | { |
| 199 | - if ($this->debug) error_log(__METHOD__."('$username') no shadowlastchange attribute!"); |
|
| 220 | + if ($this->debug) |
|
| 221 | + { |
|
| 222 | + error_log(__METHOD__."('$username') no shadowlastchange attribute!"); |
|
| 223 | + } |
|
| 200 | 224 | return false; |
| 201 | 225 | } |
| 202 | 226 | if ($GLOBALS['egw_info']['server']['case_sensitive_username'] == true && |
| 203 | 227 | $allValues[0]['uid'][0] != $username) |
| 204 | 228 | { |
| 205 | - if ($this->debug) error_log(__METHOD__."('$username') wrong case in username!"); |
|
| 229 | + if ($this->debug) |
|
| 230 | + { |
|
| 231 | + error_log(__METHOD__."('$username') wrong case in username!"); |
|
| 232 | + } |
|
| 206 | 233 | return false; |
| 207 | 234 | } |
| 208 | 235 | if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap' && |
| 209 | 236 | isset($allValues[0]['shadowexpire']) && $allValues[0]['shadowexpire'][0]*24*3600 < time()) |
| 210 | 237 | { |
| 211 | - if ($this->debug) error_log(__METHOD__."('$username',\$password) account is expired!"); |
|
| 238 | + if ($this->debug) |
|
| 239 | + { |
|
| 240 | + error_log(__METHOD__."('$username',\$password) account is expired!"); |
|
| 241 | + } |
|
| 212 | 242 | return false; // account is expired |
| 213 | 243 | } |
| 214 | 244 | return $allValues[0]['shadowlastchange'][0]*24*3600; |
| 215 | 245 | } |
| 216 | - if ($this->debug) error_log(__METHOD__."('$username') dn not found or password wrong!"); |
|
| 246 | + if ($this->debug) |
|
| 247 | + { |
|
| 248 | + error_log(__METHOD__."('$username') dn not found or password wrong!"); |
|
| 249 | + } |
|
| 217 | 250 | // dn not found or password wrong |
| 218 | 251 | return false; |
| 219 | 252 | } |
@@ -253,16 +286,22 @@ discard block |
||
| 253 | 286 | |
| 254 | 287 | $dn = $allValues[0]['dn']; |
| 255 | 288 | |
| 256 | - if(!$admin && $passwd) // if old password given (not called by admin) --> bind as that user to change the pw |
|
| 289 | + if(!$admin && $passwd) |
|
| 290 | + { |
|
| 291 | + // if old password given (not called by admin) --> bind as that user to change the pw |
|
| 257 | 292 | { |
| 258 | 293 | $ds = Api\Ldap::factory('', $dn, $passwd); |
| 259 | 294 | } |
| 295 | + } |
|
| 260 | 296 | if (!@ldap_modify($ds, $dn, $entry)) |
| 261 | 297 | { |
| 262 | 298 | return false; |
| 263 | 299 | } |
| 264 | 300 | // using time() is sufficient to represent the current time, we do not need the timestamp written to the storage |
| 265 | - if (!$admin) Api\Cache::setSession('phpgwapi','auth_alpwchange_val',(is_null($lastpwdchange) || $lastpwdchange<0 ? time():$lastpwdchange)); |
|
| 301 | + if (!$admin) |
|
| 302 | + { |
|
| 303 | + Api\Cache::setSession('phpgwapi','auth_alpwchange_val',(is_null($lastpwdchange) || $lastpwdchange<0 ? time():$lastpwdchange)); |
|
| 304 | + } |
|
| 266 | 305 | return true; |
| 267 | 306 | } |
| 268 | 307 | |
@@ -289,7 +328,10 @@ discard block |
||
| 289 | 328 | $username = Api\Translation::convert($GLOBALS['egw']->accounts->id2name($account_id), |
| 290 | 329 | Api\Translation::charset(),'utf-8'); |
| 291 | 330 | } |
| 292 | - if ($this->debug) error_log(__METHOD__."('$old_passwd','$new_passwd',$account_id, $update_lastchange) username='$username'"); |
|
| 331 | + if ($this->debug) |
|
| 332 | + { |
|
| 333 | + error_log(__METHOD__."('$old_passwd','$new_passwd',$account_id, $update_lastchange) username='$username'"); |
|
| 334 | + } |
|
| 293 | 335 | |
| 294 | 336 | $filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['egw_info']['user']['domain']), |
| 295 | 337 | $GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)'); |
@@ -306,10 +348,13 @@ discard block |
||
| 306 | 348 | |
| 307 | 349 | $dn = $allValues[0]['dn']; |
| 308 | 350 | |
| 309 | - if($old_passwd) // if old password given (not called by admin) --> bind as that user to change the pw |
|
| 351 | + if($old_passwd) |
|
| 352 | + { |
|
| 353 | + // if old password given (not called by admin) --> bind as that user to change the pw |
|
| 310 | 354 | { |
| 311 | 355 | try { |
| 312 | 356 | $ds = Api\Ldap\factory('',$dn,$old_passwd); |
| 357 | + } |
|
| 313 | 358 | } |
| 314 | 359 | catch (Api\Exception\NoPermission $e) { |
| 315 | 360 | unset($e); |
@@ -322,11 +367,14 @@ discard block |
||
| 322 | 367 | { |
| 323 | 368 | return false; |
| 324 | 369 | } |
| 325 | - if($old_passwd) // if old password given (not called by admin) update the password in the session |
|
| 370 | + if($old_passwd) |
|
| 371 | + { |
|
| 372 | + // if old password given (not called by admin) update the password in the session |
|
| 326 | 373 | { |
| 327 | 374 | // using time() is sufficient to represent the current time, we do not need the timestamp written to the storage |
| 328 | 375 | Api\Cache::setSession('phpgwapi','auth_alpwchange_val',time()); |
| 329 | 376 | } |
| 377 | + } |
|
| 330 | 378 | return $entry['userpassword']; |
| 331 | 379 | } |
| 332 | 380 | } |
@@ -52,7 +52,7 @@ discard block |
||
| 52 | 52 | * @param string $passwd_type ='text' 'text' for cleartext passwords (default) |
| 53 | 53 | * @return boolean true if successful authenticated, false otherwise |
| 54 | 54 | */ |
| 55 | - function authenticate($username, $passwd, $passwd_type='text') |
|
| 55 | + function authenticate($username, $passwd, $passwd_type = 'text') |
|
| 56 | 56 | { |
| 57 | 57 | /* normal web form login */ |
| 58 | 58 | $where = array( |
@@ -65,26 +65,26 @@ discard block |
||
| 65 | 65 | $where[] = 'account_lid '.$this->db->capabilities[Api\Db::CAPABILITY_CASE_INSENSITIV_LIKE].' '.$this->db->quote($username); |
| 66 | 66 | unset($where['account_lid']); |
| 67 | 67 | } |
| 68 | - if($passwd_type == 'text') |
|
| 68 | + if ($passwd_type == 'text') |
|
| 69 | 69 | { |
| 70 | - if (!($row = $this->db->select($this->table,'account_lid,account_pwd,account_lastlogin,account_id',$where,__LINE__,__FILE__)->fetch()) || |
|
| 70 | + if (!($row = $this->db->select($this->table, 'account_lid,account_pwd,account_lastlogin,account_id', $where, __LINE__, __FILE__)->fetch()) || |
|
| 71 | 71 | empty($row['account_pwd']) || |
| 72 | 72 | $GLOBALS['egw_info']['server']['case_sensitive_username'] && $row['account_lid'] != $username) |
| 73 | 73 | { |
| 74 | 74 | return false; |
| 75 | 75 | } |
| 76 | 76 | $type = null; |
| 77 | - if(!($match = Api\Auth::compare_password($passwd, $row['account_pwd'], $this->type, strtolower($username), $type)) || |
|
| 78 | - $type != $this->type && in_array($type, explode(',',strtolower($GLOBALS['egw_info']['server']['pwd_migration_types'])))) |
|
| 77 | + if (!($match = Api\Auth::compare_password($passwd, $row['account_pwd'], $this->type, strtolower($username), $type)) || |
|
| 78 | + $type != $this->type && in_array($type, explode(',', strtolower($GLOBALS['egw_info']['server']['pwd_migration_types'])))) |
|
| 79 | 79 | { |
| 80 | 80 | // do we have to migrate an old password ? |
| 81 | - if($GLOBALS['egw_info']['server']['pwd_migration_allowed'] && !empty($GLOBALS['egw_info']['server']['pwd_migration_types'])) |
|
| 81 | + if ($GLOBALS['egw_info']['server']['pwd_migration_allowed'] && !empty($GLOBALS['egw_info']['server']['pwd_migration_types'])) |
|
| 82 | 82 | { |
| 83 | 83 | if (!$match) |
| 84 | 84 | { |
| 85 | - foreach(explode(',', $GLOBALS['egw_info']['server']['pwd_migration_types']) as $type) |
|
| 85 | + foreach (explode(',', $GLOBALS['egw_info']['server']['pwd_migration_types']) as $type) |
|
| 86 | 86 | { |
| 87 | - if(($match = Api\Auth::compare_password($passwd,$row['account_pwd'],$type,strtolower($username)))) |
|
| 87 | + if (($match = Api\Auth::compare_password($passwd, $row['account_pwd'], $type, strtolower($username)))) |
|
| 88 | 88 | { |
| 89 | 89 | break; |
| 90 | 90 | } |
@@ -93,7 +93,7 @@ discard block |
||
| 93 | 93 | if ($match) |
| 94 | 94 | { |
| 95 | 95 | $encrypted_passwd = Api\Auth::encrypt_sql($passwd); |
| 96 | - $this->_update_passwd($encrypted_passwd,$passwd,$row['account_id'],false,true); |
|
| 96 | + $this->_update_passwd($encrypted_passwd, $passwd, $row['account_id'], false, true); |
|
| 97 | 97 | } |
| 98 | 98 | } |
| 99 | 99 | if (!$match) return false; |
@@ -103,7 +103,7 @@ discard block |
||
| 103 | 103 | else |
| 104 | 104 | { |
| 105 | 105 | $where['account_pwd'] = $passwd; |
| 106 | - if (!($row = $this->db->select($this->table,'account_lid,account_lastlogin',$where,__LINE__,__FILE__)->fetch()) || |
|
| 106 | + if (!($row = $this->db->select($this->table, 'account_lid,account_lastlogin', $where, __LINE__, __FILE__)->fetch()) || |
|
| 107 | 107 | $GLOBALS['egw_info']['server']['case_sensitive_username'] && $row['account_lid'] != $username) |
| 108 | 108 | { |
| 109 | 109 | return false; |
@@ -134,7 +134,7 @@ discard block |
||
| 134 | 134 | $where[] = 'account_lid '.$this->db->capabilities[Api\Db::CAPABILITY_CASE_INSENSITIV_LIKE].' '.$this->db->quote($username); |
| 135 | 135 | unset($where['account_lid']); |
| 136 | 136 | } |
| 137 | - if (!($row = $this->db->select($this->table,'account_lid,account_lastpwd_change',$where,__LINE__,__FILE__)->fetch()) || |
|
| 137 | + if (!($row = $this->db->select($this->table, 'account_lid,account_lastpwd_change', $where, __LINE__, __FILE__)->fetch()) || |
|
| 138 | 138 | $GLOBALS['egw_info']['server']['case_sensitive_username'] && $row['account_lid'] != $username) |
| 139 | 139 | { |
| 140 | 140 | return false; |
@@ -153,11 +153,11 @@ discard block |
||
| 153 | 153 | * @param int $_lastpwdchange =null must be a unixtimestamp |
| 154 | 154 | * @return boolean true if account_lastpwd_change successful changed, false otherwise |
| 155 | 155 | */ |
| 156 | - function setLastPwdChange($account_id=0, $passwd=NULL, $_lastpwdchange=NULL) |
|
| 156 | + function setLastPwdChange($account_id = 0, $passwd = NULL, $_lastpwdchange = NULL) |
|
| 157 | 157 | { |
| 158 | 158 | $admin = True; |
| 159 | 159 | // Don't allow password changes for other accounts when using XML-RPC |
| 160 | - if(!$account_id || $GLOBALS['egw_info']['flags']['currentapp'] == 'login') |
|
| 160 | + if (!$account_id || $GLOBALS['egw_info']['flags']['currentapp'] == 'login') |
|
| 161 | 161 | { |
| 162 | 162 | $admin = False; |
| 163 | 163 | $account_id = $GLOBALS['egw_info']['user']['account_id']; |
@@ -168,27 +168,27 @@ discard block |
||
| 168 | 168 | $username = $GLOBALS['egw']->accounts->id2name($account_id); |
| 169 | 169 | } |
| 170 | 170 | |
| 171 | - if (($pw = $this->db->select($this->table,'account_pwd',array( |
|
| 171 | + if (($pw = $this->db->select($this->table, 'account_pwd', array( |
|
| 172 | 172 | 'account_id' => $account_id, |
| 173 | 173 | 'account_type' => 'u', |
| 174 | 174 | 'account_status' => 'A', |
| 175 | - ),__LINE__,__FILE__)->fetchColumn()) === false) |
|
| 175 | + ), __LINE__, __FILE__)->fetchColumn()) === false) |
|
| 176 | 176 | { |
| 177 | - return false; // account not found |
|
| 177 | + return false; // account not found |
|
| 178 | 178 | } |
| 179 | 179 | // Check the passwd to make sure this is legal |
| 180 | - if(!$admin && !Api\Auth::compare_password($passwd,$pw,$this->type,strtolower($username))) |
|
| 180 | + if (!$admin && !Api\Auth::compare_password($passwd, $pw, $this->type, strtolower($username))) |
|
| 181 | 181 | { |
| 182 | 182 | return false; |
| 183 | 183 | } |
| 184 | 184 | $lastpwdchange = (is_null($_lastpwdchange) || $_lastpwdchange < 0 ? time() : $_lastpwdchange); |
| 185 | - $this->db->update($this->table,array( |
|
| 185 | + $this->db->update($this->table, array( |
|
| 186 | 186 | 'account_lastpwd_change' => $lastpwdchange, |
| 187 | - ),array( |
|
| 187 | + ), array( |
|
| 188 | 188 | 'account_id' => $account_id, |
| 189 | - ),__LINE__,__FILE__); |
|
| 189 | + ), __LINE__, __FILE__); |
|
| 190 | 190 | |
| 191 | - if(!$this->db->affected_rows()) return false; |
|
| 191 | + if (!$this->db->affected_rows()) return false; |
|
| 192 | 192 | if (!$admin) Api\Cache::setSession('phpgwapi', 'auth_alpwchange_val', $lastpwdchange); |
| 193 | 193 | return true; |
| 194 | 194 | } |
@@ -201,11 +201,11 @@ discard block |
||
| 201 | 201 | * @param int $account_id account id of user whose passwd should be changed |
| 202 | 202 | * @return boolean true if password successful changed, false otherwise |
| 203 | 203 | */ |
| 204 | - function change_password($old_passwd, $new_passwd, $account_id=0) |
|
| 204 | + function change_password($old_passwd, $new_passwd, $account_id = 0) |
|
| 205 | 205 | { |
| 206 | 206 | $admin = True; |
| 207 | 207 | // Don't allow password changes for other accounts when using XML-RPC |
| 208 | - if(!$account_id) |
|
| 208 | + if (!$account_id) |
|
| 209 | 209 | { |
| 210 | 210 | $admin = False; |
| 211 | 211 | $account_id = $GLOBALS['egw_info']['user']['account_id']; |
@@ -216,21 +216,21 @@ discard block |
||
| 216 | 216 | $username = $GLOBALS['egw']->accounts->id2name($account_id); |
| 217 | 217 | } |
| 218 | 218 | |
| 219 | - if (($pw = $this->db->select($this->table,'account_pwd',array( |
|
| 219 | + if (($pw = $this->db->select($this->table, 'account_pwd', array( |
|
| 220 | 220 | 'account_id' => $account_id, |
| 221 | 221 | 'account_type' => 'u', |
| 222 | - ),__LINE__,__FILE__)->fetchColumn()) === false) |
|
| 222 | + ), __LINE__, __FILE__)->fetchColumn()) === false) |
|
| 223 | 223 | { |
| 224 | - return false; // account not found |
|
| 224 | + return false; // account not found |
|
| 225 | 225 | } |
| 226 | 226 | // Check the old_passwd to make sure this is legal |
| 227 | - if(!$admin && !Api\Auth::compare_password($old_passwd,$pw,$this->type,strtolower($username))) |
|
| 227 | + if (!$admin && !Api\Auth::compare_password($old_passwd, $pw, $this->type, strtolower($username))) |
|
| 228 | 228 | { |
| 229 | 229 | return false; |
| 230 | 230 | } |
| 231 | 231 | |
| 232 | 232 | // old password ok, or admin called the function from the admin application (no old passwd available). |
| 233 | - return $this->_update_passwd(Api\Auth::encrypt_sql($new_passwd),$new_passwd,$account_id,$admin); |
|
| 233 | + return $this->_update_passwd(Api\Auth::encrypt_sql($new_passwd), $new_passwd, $account_id, $admin); |
|
| 234 | 234 | } |
| 235 | 235 | |
| 236 | 236 | /** |
@@ -243,23 +243,23 @@ discard block |
||
| 243 | 243 | * @param boolean $update_lastpw_change =true |
| 244 | 244 | * @return boolean true if password successful changed, false otherwise |
| 245 | 245 | */ |
| 246 | - private function _update_passwd($encrypted_passwd,$new_passwd,$account_id,$admin=false,$update_lastpw_change=true) |
|
| 246 | + private function _update_passwd($encrypted_passwd, $new_passwd, $account_id, $admin = false, $update_lastpw_change = true) |
|
| 247 | 247 | { |
| 248 | - unset($new_passwd); // not used, but required by function signature |
|
| 248 | + unset($new_passwd); // not used, but required by function signature |
|
| 249 | 249 | |
| 250 | 250 | $update = array('account_pwd' => $encrypted_passwd); |
| 251 | 251 | if ($update_lastpw_change) $update['account_lastpwd_change'] = time(); |
| 252 | 252 | |
| 253 | - if (!$this->db->update($this->table,$update,array( |
|
| 253 | + if (!$this->db->update($this->table, $update, array( |
|
| 254 | 254 | 'account_id' => $account_id, |
| 255 | - ),__LINE__,__FILE__)) |
|
| 255 | + ), __LINE__, __FILE__)) |
|
| 256 | 256 | { |
| 257 | 257 | return false; |
| 258 | 258 | } |
| 259 | 259 | |
| 260 | - if(!$admin) |
|
| 260 | + if (!$admin) |
|
| 261 | 261 | { |
| 262 | - Api\Cache::setSession('phpgwapi','auth_alpwchange_val',$update['account_lastpwd_change']); |
|
| 262 | + Api\Cache::setSession('phpgwapi', 'auth_alpwchange_val', $update['account_lastpwd_change']); |
|
| 263 | 263 | } |
| 264 | 264 | return true; |
| 265 | 265 | } |
@@ -60,9 +60,12 @@ discard block |
||
| 60 | 60 | 'account_type' => 'u', |
| 61 | 61 | 'account_status' => 'A' |
| 62 | 62 | ); |
| 63 | - if (!$GLOBALS['egw_info']['server']['case_sensitive_username']) // = is case sensitiv eg. on postgres, but not on mysql! |
|
| 63 | + if (!$GLOBALS['egw_info']['server']['case_sensitive_username']) |
|
| 64 | + { |
|
| 65 | + // = is case sensitiv eg. on postgres, but not on mysql! |
|
| 64 | 66 | { |
| 65 | 67 | $where[] = 'account_lid '.$this->db->capabilities[Api\Db::CAPABILITY_CASE_INSENSITIV_LIKE].' '.$this->db->quote($username); |
| 68 | + } |
|
| 66 | 69 | unset($where['account_lid']); |
| 67 | 70 | } |
| 68 | 71 | if($passwd_type == 'text') |
@@ -96,7 +99,10 @@ discard block |
||
| 96 | 99 | $this->_update_passwd($encrypted_passwd,$passwd,$row['account_id'],false,true); |
| 97 | 100 | } |
| 98 | 101 | } |
| 99 | - if (!$match) return false; |
|
| 102 | + if (!$match) |
|
| 103 | + { |
|
| 104 | + return false; |
|
| 105 | + } |
|
| 100 | 106 | } |
| 101 | 107 | } |
| 102 | 108 | /* Auth via crypted password. NOTE: mail needs cleartext password to authenticate against mailserver! */ |
@@ -129,9 +135,12 @@ discard block |
||
| 129 | 135 | 'account_type' => 'u', |
| 130 | 136 | 'account_status' => 'A' |
| 131 | 137 | ); |
| 132 | - if (!$GLOBALS['egw_info']['server']['case_sensitive_username']) // = is case sensitiv eg. on postgres, but not on mysql! |
|
| 138 | + if (!$GLOBALS['egw_info']['server']['case_sensitive_username']) |
|
| 139 | + { |
|
| 140 | + // = is case sensitiv eg. on postgres, but not on mysql! |
|
| 133 | 141 | { |
| 134 | 142 | $where[] = 'account_lid '.$this->db->capabilities[Api\Db::CAPABILITY_CASE_INSENSITIV_LIKE].' '.$this->db->quote($username); |
| 143 | + } |
|
| 135 | 144 | unset($where['account_lid']); |
| 136 | 145 | } |
| 137 | 146 | if (!($row = $this->db->select($this->table,'account_lid,account_lastpwd_change',$where,__LINE__,__FILE__)->fetch()) || |
@@ -188,8 +197,14 @@ discard block |
||
| 188 | 197 | 'account_id' => $account_id, |
| 189 | 198 | ),__LINE__,__FILE__); |
| 190 | 199 | |
| 191 | - if(!$this->db->affected_rows()) return false; |
|
| 192 | - if (!$admin) Api\Cache::setSession('phpgwapi', 'auth_alpwchange_val', $lastpwdchange); |
|
| 200 | + if(!$this->db->affected_rows()) |
|
| 201 | + { |
|
| 202 | + return false; |
|
| 203 | + } |
|
| 204 | + if (!$admin) |
|
| 205 | + { |
|
| 206 | + Api\Cache::setSession('phpgwapi', 'auth_alpwchange_val', $lastpwdchange); |
|
| 207 | + } |
|
| 193 | 208 | return true; |
| 194 | 209 | } |
| 195 | 210 | |
@@ -248,7 +263,10 @@ discard block |
||
| 248 | 263 | unset($new_passwd); // not used, but required by function signature |
| 249 | 264 | |
| 250 | 265 | $update = array('account_pwd' => $encrypted_passwd); |
| 251 | - if ($update_lastpw_change) $update['account_lastpwd_change'] = time(); |
|
| 266 | + if ($update_lastpw_change) |
|
| 267 | + { |
|
| 268 | + $update['account_lastpwd_change'] = time(); |
|
| 269 | + } |
|
| 252 | 270 | |
| 253 | 271 | if (!$this->db->update($this->table,$update,array( |
| 254 | 272 | 'account_id' => $account_id, |
@@ -119,7 +119,7 @@ discard block |
||
| 119 | 119 | $j = 0; |
| 120 | 120 | // Add newline |
| 121 | 121 | if ($i !== $len-1){ |
| 122 | - echo "\n"; |
|
| 122 | + echo "\n"; |
|
| 123 | 123 | } |
| 124 | 124 | } |
| 125 | 125 | } |
@@ -544,12 +544,12 @@ discard block |
||
| 544 | 544 | if(!empty($v[4])){ // + input text box |
| 545 | 545 | echo '<input type="radio" name="h', $k, '" value="', $j, '"', (((isset($_POST['h'. $k]) && $_POST['h'. $k] == $j) or (!isset($_POST['h'. $k]) && $j == $v[1])) ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
| 546 | 546 | if(!is_array($v[4])){ |
| 547 | - echo $v[6], ': <input type="text" size="', $v[4], '" name="h', $k. $j, '" value="', htmlspecialchars(isset($_POST['h'. $k. $j][0]) ? $_POST['h'. $k. $j] : $v[5]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 547 | + echo $v[6], ': <input type="text" size="', $v[4], '" name="h', $k. $j, '" value="', htmlspecialchars(isset($_POST['h'. $k. $j][0]) ? $_POST['h'. $k. $j] : $v[5]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 548 | 548 | } |
| 549 | 549 | else{ |
| 550 | - foreach($v[4] as $z){ |
|
| 551 | - echo ' ', $z[3], ': <input type="text" size="', $z[0], '" name="h', $k. $j. $z[1], '" value="', htmlspecialchars(isset($_POST['h'. $k. $j. $z[1]][0]) ? $_POST['h'. $k. $j. $z[1]] : $z[2]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 552 | - } |
|
| 550 | + foreach($v[4] as $z){ |
|
| 551 | + echo ' ', $z[3], ': <input type="text" size="', $z[0], '" name="h', $k. $j. $z[1], '" value="', htmlspecialchars(isset($_POST['h'. $k. $j. $z[1]][0]) ? $_POST['h'. $k. $j. $z[1]] : $z[2]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 552 | + } |
|
| 553 | 553 | } |
| 554 | 554 | } |
| 555 | 555 | } |
@@ -22,7 +22,7 @@ discard block |
||
| 22 | 22 | $_slife = 30; // session life in min. |
| 23 | 23 | |
| 24 | 24 | // errors |
| 25 | -error_reporting(E_ALL | (defined('E_STRICT') ? E_STRICT : 0)); |
|
| 25 | +error_reporting(E_ALL|(defined('E_STRICT') ? E_STRICT : 0)); |
|
| 26 | 26 | ini_set('display_errors', $_errs); |
| 27 | 27 | |
| 28 | 28 | // session |
@@ -33,60 +33,60 @@ discard block |
||
| 33 | 33 | ini_set('session.use_only_cookies', 1); |
| 34 | 34 | ini_set('session.cookie_lifetime', 0); |
| 35 | 35 | session_start(); |
| 36 | -if(!isset($_SESSION['token'])){ |
|
| 36 | +if (!isset($_SESSION['token'])) { |
|
| 37 | 37 | $_SESSION['token'] = md5(uniqid(rand(), 1)); |
| 38 | 38 | } |
| 39 | 39 | |
| 40 | 40 | // slashes |
| 41 | -if(get_magic_quotes_gpc()){ |
|
| 42 | - foreach($_POST as $k => $v){ |
|
| 41 | +if (get_magic_quotes_gpc()) { |
|
| 42 | + foreach ($_POST as $k => $v) { |
|
| 43 | 43 | $_POST[$k] = stripslashes($v); |
| 44 | 44 | } |
| 45 | 45 | ini_set('magic_quotes_gpc', 0); |
| 46 | 46 | } |
| 47 | -if(get_magic_quotes_runtime()){ |
|
| 47 | +if (get_magic_quotes_runtime()) { |
|
| 48 | 48 | set_magic_quotes_runtime(0); |
| 49 | 49 | } |
| 50 | 50 | |
| 51 | 51 | $_POST['enc'] = (isset($_POST['enc']) and preg_match('`^[-\w]+$`', $_POST['enc'])) ? $_POST['enc'] : 'utf-8'; |
| 52 | 52 | |
| 53 | 53 | // token for anti-CSRF |
| 54 | -if(count($_POST)){ |
|
| 55 | - if((empty($_GET['pre']) and ((!empty($_POST['token']) and !empty($_SESSION['token']) and $_POST['token'] != $_SESSION['token']) or empty($_POST[$_sid]) or $_POST[$_sid] != session_id() or empty($_COOKIE[$_sid]) or $_COOKIE[$_sid] != session_id())) or ($_POST[$_sid] != session_id())){ |
|
| 54 | +if (count($_POST)) { |
|
| 55 | + if ((empty($_GET['pre']) and ((!empty($_POST['token']) and !empty($_SESSION['token']) and $_POST['token'] != $_SESSION['token']) or empty($_POST[$_sid]) or $_POST[$_sid] != session_id() or empty($_COOKIE[$_sid]) or $_COOKIE[$_sid] != session_id())) or ($_POST[$_sid] != session_id())) { |
|
| 56 | 56 | $_POST = array('enc'=>'utf-8'); |
| 57 | 57 | } |
| 58 | 58 | } |
| 59 | -if(empty($_GET['pre'])){ |
|
| 59 | +if (empty($_GET['pre'])) { |
|
| 60 | 60 | $_SESSION['token'] = md5(uniqid(rand(), 1)); |
| 61 | 61 | $token = $_SESSION['token']; |
| 62 | 62 | session_regenerate_id(1); |
| 63 | 63 | } |
| 64 | 64 | |
| 65 | 65 | // compress |
| 66 | -if(function_exists('gzencode') && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && preg_match('`gzip|deflate`i', $_SERVER['HTTP_ACCEPT_ENCODING']) && !ini_get('zlib.output_compression')){ |
|
| 66 | +if (function_exists('gzencode') && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && preg_match('`gzip|deflate`i', $_SERVER['HTTP_ACCEPT_ENCODING']) && !ini_get('zlib.output_compression')) { |
|
| 67 | 67 | ob_start('ob_gzhandler'); |
| 68 | 68 | } |
| 69 | 69 | |
| 70 | 70 | // HTM for unprocessed |
| 71 | -if(isset($_POST['inputH'])){ |
|
| 71 | +if (isset($_POST['inputH'])) { |
|
| 72 | 72 | echo '<html><head><title>htmLawed test: HTML view of unprocessed input</title></head><body style="margin:0; padding: 0;"><p style="background-color: black; color: white; padding: 2px;"> Rendering of unprocessed input without an HTML doctype or charset declaration <small><a style="color: white; text-decoration: none;" href="1" onclick="javascript:window.close(this); return false;">close window</a> | <a style="color: white; text-decoration: none;" href="htmLawedTest.php" onclick="javascript: window.open(\'htmLawedTest.php\', \'hlmain\'); window.close(this); return false;">htmLawed test page</a></small></p><div>', $_POST['inputH'], '</div></body></html>'; |
| 73 | 73 | exit; |
| 74 | 74 | } |
| 75 | 75 | |
| 76 | 76 | // main |
| 77 | -$_POST['text'] = isset($_POST['text']) ? $_POST['text'] : 'text to process; < '. $_limit. ' characters'. ($_hlimit ? ' (for binary hexdump view, < '. $_hlimit. ')' : ''); |
|
| 77 | +$_POST['text'] = isset($_POST['text']) ? $_POST['text'] : 'text to process; < '.$_limit.' characters'.($_hlimit ? ' (for binary hexdump view, < '.$_hlimit.')' : ''); |
|
| 78 | 78 | $do = (!empty($_POST[$_sid]) && isset($_POST['text'][0]) && !isset($_POST['text'][$_limit])) ? 1 : 0; |
| 79 | 79 | $limit_exceeded = isset($_POST['text'][$_limit]) ? 1 : 0; |
| 80 | 80 | $pre_mem = memory_get_usage(); |
| 81 | 81 | $validation = (!empty($_POST[$_sid]) and isset($_POST['w3c_validate'][0])) ? 1 : 0; |
| 82 | 82 | include './htmLawed.php'; |
| 83 | 83 | |
| 84 | -function format($t){ |
|
| 85 | - $t = "\n". str_replace(array("\t", "\r\n", "\r", '&', '<', '>', "\n"), array(' ', "\n", "\n", '&', '<', '>', "<span class=\"newline\">¬</span><br />\n"), $t); |
|
| 84 | +function format($t) { |
|
| 85 | + $t = "\n".str_replace(array("\t", "\r\n", "\r", '&', '<', '>', "\n"), array(' ', "\n", "\n", '&', '<', '>', "<span class=\"newline\">¬</span><br />\n"), $t); |
|
| 86 | 86 | return str_replace(array('<br />', "\n ", ' '), array("\n<br />\n", "\n ", ' '), $t); |
| 87 | 87 | } |
| 88 | 88 | |
| 89 | -function hexdump($d){ |
|
| 89 | +function hexdump($d) { |
|
| 90 | 90 | // Mainly by Aidan Lister <[email protected]>, Peter Waller <[email protected]> |
| 91 | 91 | $hexi = ''; |
| 92 | 92 | $ascii = ''; |
@@ -94,23 +94,23 @@ discard block |
||
| 94 | 94 | echo '<pre>'; |
| 95 | 95 | $offset = 0; |
| 96 | 96 | $len = strlen($d); |
| 97 | - for($i=$j=0; $i<$len; $i++) |
|
| 97 | + for ($i = $j = 0; $i < $len; $i++) |
|
| 98 | 98 | { |
| 99 | 99 | // Convert to hexidecimal |
| 100 | 100 | $hexi .= sprintf("%02X ", ord($d[$i])); |
| 101 | 101 | // Replace non-viewable bytes with '.' |
| 102 | - if(ord($d[$i]) >= 32){ |
|
| 102 | + if (ord($d[$i]) >= 32) { |
|
| 103 | 103 | $ascii .= htmlspecialchars($d[$i]); |
| 104 | - }else{ |
|
| 104 | + } else { |
|
| 105 | 105 | $ascii .= '.'; |
| 106 | 106 | } |
| 107 | 107 | // Add extra column spacing |
| 108 | - if($j == 7){ |
|
| 108 | + if ($j == 7) { |
|
| 109 | 109 | $hexi .= ' '; |
| 110 | 110 | $ascii .= ' '; |
| 111 | 111 | } |
| 112 | 112 | // Add row |
| 113 | - if(++$j == 16 || $i == $len-1){ |
|
| 113 | + if (++$j == 16 || $i == $len - 1) { |
|
| 114 | 114 | // Join the hexi / ascii output |
| 115 | 115 | echo sprintf("%04X %-49s %s", $offset, $hexi, $ascii); |
| 116 | 116 | // Reset vars |
@@ -118,7 +118,7 @@ discard block |
||
| 118 | 118 | $offset += 16; |
| 119 | 119 | $j = 0; |
| 120 | 120 | // Add newline |
| 121 | - if ($i !== $len-1){ |
|
| 121 | + if ($i !== $len - 1) { |
|
| 122 | 122 | echo "\n"; |
| 123 | 123 | } |
| 124 | 124 | } |
@@ -135,7 +135,7 @@ discard block |
||
| 135 | 135 | <html lang="en" xml:lang="en"> |
| 136 | 136 | <head> |
| 137 | 137 | <meta http-equiv="content-type" content="text/html; charset=utf-8" /> |
| 138 | -<meta name="description" content="htmLawed <?php echo hl_version();?> test page" /> |
|
| 138 | +<meta name="description" content="htmLawed <?php echo hl_version(); ?> test page" /> |
|
| 139 | 139 | <style type="text/css"><!--/*--><![CDATA[/*><!--*/ |
| 140 | 140 | a, a.resizer{text-decoration:none;} |
| 141 | 141 | a:hover, a.resizer:hover{color:red;} |
@@ -169,7 +169,7 @@ discard block |
||
| 169 | 169 | <script type="text/javascript"><!--//--><![CDATA[//><!-- |
| 170 | 170 | window.name = 'hlmain'; |
| 171 | 171 | function hl(i){ |
| 172 | - <?php if(!$_hilite){echo 'return;'; }?> |
|
| 172 | + <?php if (!$_hilite) {echo 'return;'; }?> |
|
| 173 | 173 | var e = document.getElementById(i); |
| 174 | 174 | if(!e){return;} |
| 175 | 175 | run(e, '</[a-z1-6]+>', 'ctag'); |
@@ -432,27 +432,27 @@ discard block |
||
| 432 | 432 | var dmp = new diff_match_patch(); function diffLaunch(){var text1 = document.getElementById('text').value; var text2 = document.getElementById('text2').value; dmp.Diff_Timeout = 0; dmp.Diff_EditCost = 4; var d = dmp.diff_main(text1, text2); var ds = dmp.diff_prettyHtml(d); document.getElementById('diff').innerHTML = ds; |
| 433 | 433 | } |
| 434 | 434 | //--><!]]></script> |
| 435 | -<title>htmLawed (<?php echo hl_version();?>) test</title> |
|
| 435 | +<title>htmLawed (<?php echo hl_version(); ?>) test</title> |
|
| 436 | 436 | </head> |
| 437 | 437 | <body> |
| 438 | 438 | <div id="topmost"> |
| 439 | 439 | |
| 440 | -<h5 style="float: left; display: inline; margin-top: 0; margin-bottom: 5px;"><a href="http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/index.php" title="htmLawed home">HTM<big><big>L</big></big>AWED</a> <?php echo hl_version();?> <a href="htmLawedTest.php" title="test home">TEST</a></h5> |
|
| 440 | +<h5 style="float: left; display: inline; margin-top: 0; margin-bottom: 5px;"><a href="http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/index.php" title="htmLawed home">HTM<big><big>L</big></big>AWED</a> <?php echo hl_version(); ?> <a href="htmLawedTest.php" title="test home">TEST</a></h5> |
|
| 441 | 441 | <span style="float: right;" class="help"><a href="htmLawed_README.htm"><span class="notice">htm</span></a> / <a href="htmLawed_README.txt"><span class="notice">txt</span></a> documentation</span><br style="clear:both;" /> |
| 442 | 442 | |
| 443 | -<a href="htmLawedTest.php" title="[toggle visibility] type or copy-paste" onclick="javascript:toggle('inputF'); return false;"><span class="notice">Input »</span> <span class="help" title="limit lower with multibyte characters<?php echo (($_hlimit < $_limit && $_hlimit)? '; limit is '. $_hlimit. ' for viewing binaries' : ''); ?>"><small>(max. <?php echo htmlspecialchars($_limit);?> chars)</small></span></a> |
|
| 443 | +<a href="htmLawedTest.php" title="[toggle visibility] type or copy-paste" onclick="javascript:toggle('inputF'); return false;"><span class="notice">Input »</span> <span class="help" title="limit lower with multibyte characters<?php echo (($_hlimit < $_limit && $_hlimit) ? '; limit is '.$_hlimit.' for viewing binaries' : ''); ?>"><small>(max. <?php echo htmlspecialchars($_limit); ?> chars)</small></span></a> |
|
| 444 | 444 | |
| 445 | 445 | <form id="testform" name="testform" action="htmLawedTest.php" method="post" accept-charset="<?php echo htmlspecialchars($_POST['enc']); ?>" style="padding:0; margin: 0; display:inline;"> |
| 446 | 446 | |
| 447 | 447 | <div id="inputF" style="display: block;"> |
| 448 | 448 | |
| 449 | 449 | <input type="hidden" name="token" id="token" value="<?php echo $token; ?>" /> |
| 450 | -<div><textarea id="text" class="textarea" name="text" rows="5" cols="100" style="width: 100%;"><?php echo htmlspecialchars($_POST['text']);?></textarea></div> |
|
| 450 | +<div><textarea id="text" class="textarea" name="text" rows="5" cols="100" style="width: 100%;"><?php echo htmlspecialchars($_POST['text']); ?></textarea></div> |
|
| 451 | 451 | <input type="submit" id="submitF" name="submitF" value="Process" style="float:left;" title="filter using htmLawed" onclick="javascript: sndProc(); return false;" onkeypress="javascript: sndProc(); return false;" /> |
| 452 | 452 | |
| 453 | 453 | <?php |
| 454 | -if($do){ |
|
| 455 | - if($validation){ |
|
| 454 | +if ($do) { |
|
| 455 | + if ($validation) { |
|
| 456 | 456 | echo '<input type="hidden" value="1" name="w3c_validate" id="w3c_validate" />'; |
| 457 | 457 | } |
| 458 | 458 | ?> |
@@ -461,7 +461,7 @@ discard block |
||
| 461 | 461 | <button type="button" onclick="javascript:document.getElementById('text').focus();document.getElementById('text').select()" title="select all to copy" style="float:right;">Select all</button> |
| 462 | 462 | |
| 463 | 463 | <?php |
| 464 | -if($_w3c_validate && $validation){ |
|
| 464 | +if ($_w3c_validate && $validation) { |
|
| 465 | 465 | ?> |
| 466 | 466 | |
| 467 | 467 | <button type="button" title="HTML 4.01 W3C online validation" style="float: right;" onclick="javascript: sndValidn('text', 'html401'); return false;" onkeypress="javascript: sndValidn('text', 'html401'); return false;">Check HTML</button> |
@@ -470,8 +470,8 @@ discard block |
||
| 470 | 470 | <?php |
| 471 | 471 | } |
| 472 | 472 | } |
| 473 | -else{ |
|
| 474 | - if($_w3c_validate){ |
|
| 473 | +else { |
|
| 474 | + if ($_w3c_validate) { |
|
| 475 | 475 | echo '<span style="float: right;" class="help" title="for direct submission of input or output code to W3C validator for (X)HTML validation"><span style="font-size: 85%;"> Validator tools: </span><input type="checkbox" value="1" name="w3c_validate" id="w3c_validate" style="vertical-align: middle;"', ($validation ? ' checked="checked"' : ''), ' /></span>'; |
| 476 | 476 | } |
| 477 | 477 | } |
@@ -483,7 +483,7 @@ discard block |
||
| 483 | 483 | <br style="clear:both;" /> |
| 484 | 484 | |
| 485 | 485 | <?php |
| 486 | -if($limit_exceeded){ |
|
| 486 | +if ($limit_exceeded) { |
|
| 487 | 487 | echo '<br /><strong>Input text is too long!</strong><br />'; |
| 488 | 488 | } |
| 489 | 489 | ?> |
@@ -531,32 +531,32 @@ discard block |
||
| 531 | 531 | 'valid_xhtml'=>array('2', 'nil', 'auto-set various parameters for most valid XHTML', 'nil'), |
| 532 | 532 | 'xml:lang'=>array('3', 'nil', 'auto-add <em>xml:lang</em> attribute', '0'), |
| 533 | 533 | ); |
| 534 | -foreach($cfg as $k=>$v){ |
|
| 534 | +foreach ($cfg as $k=>$v) { |
|
| 535 | 535 | echo '<li>', $k, ': '; |
| 536 | - if(!empty($v[0])){ // input radio |
|
| 536 | + if (!empty($v[0])) { // input radio |
|
| 537 | 537 | $j = $v[3]; |
| 538 | - for($i = $j-1; ++$i < $v[0]+$v[3];++$j){ |
|
| 539 | - echo '<input type="radio" name="h', $k, '" value="', $i, '"', (!isset($_POST['h'. $k]) ? ($v[1] == $i ? ' checked="checked"' : '') : ($_POST['h'. $k] == $i ? ' checked="checked"' : '')), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />', $i, ' '; |
|
| 538 | + for ($i = $j - 1; ++$i < $v[0] + $v[3]; ++$j) { |
|
| 539 | + echo '<input type="radio" name="h', $k, '" value="', $i, '"', (!isset($_POST['h'.$k]) ? ($v[1] == $i ? ' checked="checked"' : '') : ($_POST['h'.$k] == $i ? ' checked="checked"' : '')), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />', $i, ' '; |
|
| 540 | 540 | } |
| 541 | - if($v[1] == 'nil'){ |
|
| 542 | - echo '<input type="radio" name="h', $k, '" value="nil"', ((!isset($_POST['h'. $k]) or $_POST['h'. $k] == 'nil') ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />not set '; |
|
| 541 | + if ($v[1] == 'nil') { |
|
| 542 | + echo '<input type="radio" name="h', $k, '" value="nil"', ((!isset($_POST['h'.$k]) or $_POST['h'.$k] == 'nil') ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />not set '; |
|
| 543 | 543 | } |
| 544 | - if(!empty($v[4])){ // + input text box |
|
| 545 | - echo '<input type="radio" name="h', $k, '" value="', $j, '"', (((isset($_POST['h'. $k]) && $_POST['h'. $k] == $j) or (!isset($_POST['h'. $k]) && $j == $v[1])) ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 546 | - if(!is_array($v[4])){ |
|
| 547 | - echo $v[6], ': <input type="text" size="', $v[4], '" name="h', $k. $j, '" value="', htmlspecialchars(isset($_POST['h'. $k. $j][0]) ? $_POST['h'. $k. $j] : $v[5]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 544 | + if (!empty($v[4])) { // + input text box |
|
| 545 | + echo '<input type="radio" name="h', $k, '" value="', $j, '"', (((isset($_POST['h'.$k]) && $_POST['h'.$k] == $j) or (!isset($_POST['h'.$k]) && $j == $v[1])) ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 546 | + if (!is_array($v[4])) { |
|
| 547 | + echo $v[6], ': <input type="text" size="', $v[4], '" name="h', $k.$j, '" value="', htmlspecialchars(isset($_POST['h'.$k.$j][0]) ? $_POST['h'.$k.$j] : $v[5]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 548 | 548 | } |
| 549 | - else{ |
|
| 550 | - foreach($v[4] as $z){ |
|
| 551 | - echo ' ', $z[3], ': <input type="text" size="', $z[0], '" name="h', $k. $j. $z[1], '" value="', htmlspecialchars(isset($_POST['h'. $k. $j. $z[1]][0]) ? $_POST['h'. $k. $j. $z[1]] : $z[2]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 549 | + else { |
|
| 550 | + foreach ($v[4] as $z) { |
|
| 551 | + echo ' ', $z[3], ': <input type="text" size="', $z[0], '" name="h', $k.$j.$z[1], '" value="', htmlspecialchars(isset($_POST['h'.$k.$j.$z[1]][0]) ? $_POST['h'.$k.$j.$z[1]] : $z[2]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 552 | 552 | } |
| 553 | 553 | } |
| 554 | 554 | } |
| 555 | 555 | } |
| 556 | - elseif(ctype_digit($v[3])){ // input text |
|
| 557 | - echo '<input type="text" size="', $v[3], '" name="h', $k, '" value="', htmlspecialchars(isset($_POST['h'. $k][0]) ? $_POST['h'. $k] : $v[1]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 556 | + elseif (ctype_digit($v[3])) { // input text |
|
| 557 | + echo '<input type="text" size="', $v[3], '" name="h', $k, '" value="', htmlspecialchars(isset($_POST['h'.$k][0]) ? $_POST['h'.$k] : $v[1]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
|
| 558 | 558 | } |
| 559 | - else{} // text-area |
|
| 559 | + else {} // text-area |
|
| 560 | 560 | echo ' <span class="help">', $v[2], '</span></li>'; |
| 561 | 561 | } |
| 562 | 562 | echo '</ul></td></tr><tr><td><span style="vertical-align: top;" class="help" title="$spec argument: element-specific attribute rules">Spec:</span></td><td><textarea name="spec" id="spec" cols="70" rows="3" style="width:80%;">', htmlspecialchars((isset($_POST['spec']) ? $_POST['spec'] : '')), '</textarea></td></tr></table>'; |
@@ -566,31 +566,31 @@ discard block |
||
| 566 | 566 | </form> |
| 567 | 567 | |
| 568 | 568 | <?php |
| 569 | -if($do){ |
|
| 569 | +if ($do) { |
|
| 570 | 570 | $cfg = array(); |
| 571 | - foreach($_POST as $k=>$v){ |
|
| 572 | - if($k[0] == 'h' && $v != 'nil'){ |
|
| 571 | + foreach ($_POST as $k=>$v) { |
|
| 572 | + if ($k[0] == 'h' && $v != 'nil') { |
|
| 573 | 573 | $cfg[substr($k, 1)] = $v; |
| 574 | 574 | } |
| 575 | 575 | } |
| 576 | 576 | |
| 577 | - if(isset($cfg['anti_link_spam']) && $cfg['anti_link_spam'] && (!empty($cfg['anti_link_spam11']) or !empty($cfg['anti_link_spam12']))){ |
|
| 577 | + if (isset($cfg['anti_link_spam']) && $cfg['anti_link_spam'] && (!empty($cfg['anti_link_spam11']) or !empty($cfg['anti_link_spam12']))) { |
|
| 578 | 578 | $cfg['anti_link_spam'] = array($cfg['anti_link_spam11'], $cfg['anti_link_spam12']); |
| 579 | 579 | } |
| 580 | 580 | unset($cfg['anti_link_spam11'], $cfg['anti_link_spam12']); |
| 581 | - if(isset($cfg['anti_mail_spam']) && $cfg['anti_mail_spam'] == 1){ |
|
| 581 | + if (isset($cfg['anti_mail_spam']) && $cfg['anti_mail_spam'] == 1) { |
|
| 582 | 582 | $cfg['anti_mail_spam'] = isset($cfg['anti_mail_spam1'][0]) ? $cfg['anti_mail_spam1'] : 0; |
| 583 | 583 | } |
| 584 | 584 | unset($cfg['anti_mail_spam11']); |
| 585 | - if(isset($cfg['deny_attribute']) && $cfg['deny_attribute'] == 1){ |
|
| 585 | + if (isset($cfg['deny_attribute']) && $cfg['deny_attribute'] == 1) { |
|
| 586 | 586 | $cfg['deny_attribute'] = isset($cfg['deny_attribute1'][0]) ? $cfg['deny_attribute1'] : 0; |
| 587 | 587 | } |
| 588 | 588 | unset($cfg['deny_attribute1']); |
| 589 | - if(isset($cfg['tidy']) && $cfg['tidy'] == 2){ |
|
| 589 | + if (isset($cfg['tidy']) && $cfg['tidy'] == 2) { |
|
| 590 | 590 | $cfg['tidy'] = isset($cfg['tidy2'][0]) ? $cfg['tidy2'] : 0; |
| 591 | 591 | } |
| 592 | 592 | unset($cfg['tidy2']); |
| 593 | - if(isset($cfg['unique_ids']) && $cfg['unique_ids'] == 2){ |
|
| 593 | + if (isset($cfg['unique_ids']) && $cfg['unique_ids'] == 2) { |
|
| 594 | 594 | $cfg['unique_ids'] = isset($cfg['unique_ids2'][0]) ? $cfg['unique_ids2'] : 1; |
| 595 | 595 | } |
| 596 | 596 | unset($cfg['unique_ids2']); |
@@ -600,8 +600,8 @@ discard block |
||
| 600 | 600 | $st = microtime(); |
| 601 | 601 | $out = htmLawed($_POST['text'], $cfg, $_POST['spec']); |
| 602 | 602 | $et = microtime(); |
| 603 | - echo '<br /><a href="htmLawedTest.php" title="[toggle visibility] syntax-highlighted" onclick="javascript:toggle(\'inputR\'); return false;"><span class="notice">Input code »</span></a> <span class="help" title="tags estimated as half of total > and < chars; values may be inaccurate for non-ASCII text"><small><big>', strlen($_POST['text']), '</big> chars, ~<big>', ($tag = round((substr_count($_POST['text'], '>') + substr_count($_POST['text'], '<'))/2)), '</big> tag', ($tag > 1 ? 's' : ''), '</small> </span><div id="inputR" style="display: none;">', format($_POST['text']), '</div><script type="text/javascript">hl(\'inputR\');</script>', (!isset($_POST['text'][$_hlimit]) ? ' <a href="htmLawedTest.php" title="[toggle visibility] hexdump; non-viewable characters like line-returns are shown as dots" onclick="javascript:toggle(\'inputD\'); return false;"><span class="notice">Input binary » </span></a><div id="inputD" style="display: none;">'. hexdump($_POST['text']). '</div>' : ''), ' <a href="htmLawedTest.php" title="[toggle visibility] finalized internal settings as interpreted by htmLawed; for developers" onclick="javascript:toggle(\'settingF\'); return false;"><span class="notice">Finalized internal settings » </span></a> <div id="settingF" style="display: none;">$config: ', str_replace(array(' ', "\t", ' '), array(' ', ' ', ' '), nl2br(htmlspecialchars(print_r($GLOBALS['hlcfg']['config'], true)))), '<br />$spec: ', str_replace(array(' ', "\t", ' '), array(' ', ' ', ' '), nl2br(htmlspecialchars(print_r($GLOBALS['hlcfg']['spec'], true)))), '</div><script type="text/javascript">hl(\'settingF\');</script>', '<br /><a href="htmLawedTest.php" title="[toggle visibility] suitable for copy-paste" onclick="javascript:toggle(\'outputF\'); return false;"><span class="notice">Output »</span></a> <span class="help" title="approx., server-specific value excluding the \'include()\' call"><small>htmLawed processing time <big>', number_format(((substr($et,0,9)) + (substr($et,-10)) - (substr($st,0,9)) - (substr($st,-10))),4), '</big> s</small></span>', (($mem = memory_get_peak_usage()) !== false ? '<span class="help"><small>, peak memory usage <big>'. round(($mem-$pre_mem)/1048576, 2). '</big> <small>MB</small>' : ''), '</small></span><div id="outputF" style="display: block;"><div><textarea id="text2" class="textarea" name="text2" rows="5" cols="100" style="width: 100%;">', htmlspecialchars($out), '</textarea></div><button type="button" onclick="javascript:document.getElementById(\'text2\').focus();document.getElementById(\'text2\').select()" title="select all to copy" style="float:right;">Select all</button>'; |
|
| 604 | - if($_w3c_validate && $validation) |
|
| 603 | + echo '<br /><a href="htmLawedTest.php" title="[toggle visibility] syntax-highlighted" onclick="javascript:toggle(\'inputR\'); return false;"><span class="notice">Input code »</span></a> <span class="help" title="tags estimated as half of total > and < chars; values may be inaccurate for non-ASCII text"><small><big>', strlen($_POST['text']), '</big> chars, ~<big>', ($tag = round((substr_count($_POST['text'], '>') + substr_count($_POST['text'], '<')) / 2)), '</big> tag', ($tag > 1 ? 's' : ''), '</small> </span><div id="inputR" style="display: none;">', format($_POST['text']), '</div><script type="text/javascript">hl(\'inputR\');</script>', (!isset($_POST['text'][$_hlimit]) ? ' <a href="htmLawedTest.php" title="[toggle visibility] hexdump; non-viewable characters like line-returns are shown as dots" onclick="javascript:toggle(\'inputD\'); return false;"><span class="notice">Input binary » </span></a><div id="inputD" style="display: none;">'.hexdump($_POST['text']).'</div>' : ''), ' <a href="htmLawedTest.php" title="[toggle visibility] finalized internal settings as interpreted by htmLawed; for developers" onclick="javascript:toggle(\'settingF\'); return false;"><span class="notice">Finalized internal settings » </span></a> <div id="settingF" style="display: none;">$config: ', str_replace(array(' ', "\t", ' '), array(' ', ' ', ' '), nl2br(htmlspecialchars(print_r($GLOBALS['hlcfg']['config'], true)))), '<br />$spec: ', str_replace(array(' ', "\t", ' '), array(' ', ' ', ' '), nl2br(htmlspecialchars(print_r($GLOBALS['hlcfg']['spec'], true)))), '</div><script type="text/javascript">hl(\'settingF\');</script>', '<br /><a href="htmLawedTest.php" title="[toggle visibility] suitable for copy-paste" onclick="javascript:toggle(\'outputF\'); return false;"><span class="notice">Output »</span></a> <span class="help" title="approx., server-specific value excluding the \'include()\' call"><small>htmLawed processing time <big>', number_format(((substr($et, 0, 9)) + (substr($et, -10)) - (substr($st, 0, 9)) - (substr($st, -10))), 4), '</big> s</small></span>', (($mem = memory_get_peak_usage()) !== false ? '<span class="help"><small>, peak memory usage <big>'.round(($mem - $pre_mem) / 1048576, 2).'</big> <small>MB</small>' : ''), '</small></span><div id="outputF" style="display: block;"><div><textarea id="text2" class="textarea" name="text2" rows="5" cols="100" style="width: 100%;">', htmlspecialchars($out), '</textarea></div><button type="button" onclick="javascript:document.getElementById(\'text2\').focus();document.getElementById(\'text2\').select()" title="select all to copy" style="float:right;">Select all</button>'; |
|
| 604 | + if ($_w3c_validate && $validation) |
|
| 605 | 605 | { |
| 606 | 606 | ?> |
| 607 | 607 | |
@@ -610,9 +610,9 @@ discard block |
||
| 610 | 610 | |
| 611 | 611 | <?php |
| 612 | 612 | } |
| 613 | - echo '</div><br /><a href="htmLawedTest.php" title="[toggle visibility] syntax-highlighted" onclick="javascript:toggle(\'outputR\'); return false;"><span class="notice">Output code »</span></a><div id="outputR" style="display: block;">', format($out), '</div><script type="text/javascript">hl(\'outputR\');</script>', (!isset($_POST['text'][$_hlimit]) ? ' <a href="htmLawedTest.php" title="[toggle visibility] hexdump; non-viewable characters like line-returns are shown as dots" onclick="javascript:toggle(\'outputD\'); return false;"><span class="notice">Output binary »</span></a><div id="outputD" style="display: none;">'. hexdump($out). '</div>' : ''), ' <a href="htmLawedTest.php" title="[toggle visibility] inline output-input diff; might not be perfectly accurate, semantically or otherwise " onclick="javascript:toggle(\'diff\'); diffLaunch(); return false;"><span class="notice">Diff »</span></a> <div id="diff" style="display: none;"></div><br /><a href="htmLawedTest.php" title="[toggle visibility] XHTML 1 Transitional doctype" onclick="javascript:toggle(\'outputH\'); return false;"><span class="notice">Output rendered »</span></a><div id="outputH" style="display: block;">', $out, '</div>'; |
|
| 613 | + echo '</div><br /><a href="htmLawedTest.php" title="[toggle visibility] syntax-highlighted" onclick="javascript:toggle(\'outputR\'); return false;"><span class="notice">Output code »</span></a><div id="outputR" style="display: block;">', format($out), '</div><script type="text/javascript">hl(\'outputR\');</script>', (!isset($_POST['text'][$_hlimit]) ? ' <a href="htmLawedTest.php" title="[toggle visibility] hexdump; non-viewable characters like line-returns are shown as dots" onclick="javascript:toggle(\'outputD\'); return false;"><span class="notice">Output binary »</span></a><div id="outputD" style="display: none;">'.hexdump($out).'</div>' : ''), ' <a href="htmLawedTest.php" title="[toggle visibility] inline output-input diff; might not be perfectly accurate, semantically or otherwise " onclick="javascript:toggle(\'diff\'); diffLaunch(); return false;"><span class="notice">Diff »</span></a> <div id="diff" style="display: none;"></div><br /><a href="htmLawedTest.php" title="[toggle visibility] XHTML 1 Transitional doctype" onclick="javascript:toggle(\'outputH\'); return false;"><span class="notice">Output rendered »</span></a><div id="outputH" style="display: block;">', $out, '</div>'; |
|
| 614 | 614 | } |
| 615 | -else{ |
|
| 615 | +else { |
|
| 616 | 616 | ?> |
| 617 | 617 | |
| 618 | 618 | <br /> |
@@ -630,7 +630,7 @@ discard block |
||
| 630 | 630 | <br /><br />Hovering the mouse over some of the text can provide additional information in some browsers.</small> |
| 631 | 631 | |
| 632 | 632 | <?php |
| 633 | -if($_w3c_validate){ |
|
| 633 | +if ($_w3c_validate) { |
|
| 634 | 634 | ?> |
| 635 | 635 | |
| 636 | 636 | <small><br /><br />Because of character-encoding issues, the W3C validator (anyway not perfect) may reject validation requests or invalidate otherwise-valid code, esp. if text was copy-pasted in the input box. Local applications like the <em>HTML Validator</em> Firefox browser add-on may be useful in such cases.</small> |
@@ -33,42 +33,51 @@ discard block |
||
| 33 | 33 | ini_set('session.use_only_cookies', 1); |
| 34 | 34 | ini_set('session.cookie_lifetime', 0); |
| 35 | 35 | session_start(); |
| 36 | -if(!isset($_SESSION['token'])){ |
|
| 36 | +if(!isset($_SESSION['token'])) |
|
| 37 | +{ |
|
| 37 | 38 | $_SESSION['token'] = md5(uniqid(rand(), 1)); |
| 38 | 39 | } |
| 39 | 40 | |
| 40 | 41 | // slashes |
| 41 | -if(get_magic_quotes_gpc()){ |
|
| 42 | - foreach($_POST as $k => $v){ |
|
| 42 | +if(get_magic_quotes_gpc()) |
|
| 43 | +{ |
|
| 44 | + foreach($_POST as $k => $v) |
|
| 45 | + { |
|
| 43 | 46 | $_POST[$k] = stripslashes($v); |
| 44 | 47 | } |
| 45 | 48 | ini_set('magic_quotes_gpc', 0); |
| 46 | 49 | } |
| 47 | -if(get_magic_quotes_runtime()){ |
|
| 50 | +if(get_magic_quotes_runtime()) |
|
| 51 | +{ |
|
| 48 | 52 | set_magic_quotes_runtime(0); |
| 49 | 53 | } |
| 50 | 54 | |
| 51 | 55 | $_POST['enc'] = (isset($_POST['enc']) and preg_match('`^[-\w]+$`', $_POST['enc'])) ? $_POST['enc'] : 'utf-8'; |
| 52 | 56 | |
| 53 | 57 | // token for anti-CSRF |
| 54 | -if(count($_POST)){ |
|
| 55 | - if((empty($_GET['pre']) and ((!empty($_POST['token']) and !empty($_SESSION['token']) and $_POST['token'] != $_SESSION['token']) or empty($_POST[$_sid]) or $_POST[$_sid] != session_id() or empty($_COOKIE[$_sid]) or $_COOKIE[$_sid] != session_id())) or ($_POST[$_sid] != session_id())){ |
|
| 58 | +if(count($_POST)) |
|
| 59 | +{ |
|
| 60 | + if((empty($_GET['pre']) and ((!empty($_POST['token']) and !empty($_SESSION['token']) and $_POST['token'] != $_SESSION['token']) or empty($_POST[$_sid]) or $_POST[$_sid] != session_id() or empty($_COOKIE[$_sid]) or $_COOKIE[$_sid] != session_id())) or ($_POST[$_sid] != session_id())) |
|
| 61 | + { |
|
| 56 | 62 | $_POST = array('enc'=>'utf-8'); |
| 57 | 63 | } |
| 58 | 64 | } |
| 59 | -if(empty($_GET['pre'])){ |
|
| 65 | +if(empty($_GET['pre'])) |
|
| 66 | +{ |
|
| 60 | 67 | $_SESSION['token'] = md5(uniqid(rand(), 1)); |
| 61 | 68 | $token = $_SESSION['token']; |
| 62 | 69 | session_regenerate_id(1); |
| 63 | 70 | } |
| 64 | 71 | |
| 65 | 72 | // compress |
| 66 | -if(function_exists('gzencode') && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && preg_match('`gzip|deflate`i', $_SERVER['HTTP_ACCEPT_ENCODING']) && !ini_get('zlib.output_compression')){ |
|
| 73 | +if(function_exists('gzencode') && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && preg_match('`gzip|deflate`i', $_SERVER['HTTP_ACCEPT_ENCODING']) && !ini_get('zlib.output_compression')) |
|
| 74 | +{ |
|
| 67 | 75 | ob_start('ob_gzhandler'); |
| 68 | 76 | } |
| 69 | 77 | |
| 70 | 78 | // HTM for unprocessed |
| 71 | -if(isset($_POST['inputH'])){ |
|
| 79 | +if(isset($_POST['inputH'])) |
|
| 80 | +{ |
|
| 72 | 81 | echo '<html><head><title>htmLawed test: HTML view of unprocessed input</title></head><body style="margin:0; padding: 0;"><p style="background-color: black; color: white; padding: 2px;"> Rendering of unprocessed input without an HTML doctype or charset declaration <small><a style="color: white; text-decoration: none;" href="1" onclick="javascript:window.close(this); return false;">close window</a> | <a style="color: white; text-decoration: none;" href="htmLawedTest.php" onclick="javascript: window.open(\'htmLawedTest.php\', \'hlmain\'); window.close(this); return false;">htmLawed test page</a></small></p><div>', $_POST['inputH'], '</div></body></html>'; |
| 73 | 82 | exit; |
| 74 | 83 | } |
@@ -81,12 +90,14 @@ discard block |
||
| 81 | 90 | $validation = (!empty($_POST[$_sid]) and isset($_POST['w3c_validate'][0])) ? 1 : 0; |
| 82 | 91 | include './htmLawed.php'; |
| 83 | 92 | |
| 84 | -function format($t){ |
|
| 93 | +function format($t) |
|
| 94 | +{ |
|
| 85 | 95 | $t = "\n". str_replace(array("\t", "\r\n", "\r", '&', '<', '>', "\n"), array(' ', "\n", "\n", '&', '<', '>', "<span class=\"newline\">¬</span><br />\n"), $t); |
| 86 | 96 | return str_replace(array('<br />', "\n ", ' '), array("\n<br />\n", "\n ", ' '), $t); |
| 87 | 97 | } |
| 88 | 98 | |
| 89 | -function hexdump($d){ |
|
| 99 | +function hexdump($d) |
|
| 100 | +{ |
|
| 90 | 101 | // Mainly by Aidan Lister <[email protected]>, Peter Waller <[email protected]> |
| 91 | 102 | $hexi = ''; |
| 92 | 103 | $ascii = ''; |
@@ -99,18 +110,23 @@ discard block |
||
| 99 | 110 | // Convert to hexidecimal |
| 100 | 111 | $hexi .= sprintf("%02X ", ord($d[$i])); |
| 101 | 112 | // Replace non-viewable bytes with '.' |
| 102 | - if(ord($d[$i]) >= 32){ |
|
| 113 | + if(ord($d[$i]) >= 32) |
|
| 114 | + { |
|
| 103 | 115 | $ascii .= htmlspecialchars($d[$i]); |
| 104 | - }else{ |
|
| 116 | + } |
|
| 117 | + else |
|
| 118 | + { |
|
| 105 | 119 | $ascii .= '.'; |
| 106 | 120 | } |
| 107 | 121 | // Add extra column spacing |
| 108 | - if($j == 7){ |
|
| 122 | + if($j == 7) |
|
| 123 | + { |
|
| 109 | 124 | $hexi .= ' '; |
| 110 | 125 | $ascii .= ' '; |
| 111 | 126 | } |
| 112 | 127 | // Add row |
| 113 | - if(++$j == 16 || $i == $len-1){ |
|
| 128 | + if(++$j == 16 || $i == $len-1) |
|
| 129 | + { |
|
| 114 | 130 | // Join the hexi / ascii output |
| 115 | 131 | echo sprintf("%04X %-49s %s", $offset, $hexi, $ascii); |
| 116 | 132 | // Reset vars |
@@ -118,7 +134,8 @@ discard block |
||
| 118 | 134 | $offset += 16; |
| 119 | 135 | $j = 0; |
| 120 | 136 | // Add newline |
| 121 | - if ($i !== $len-1){ |
|
| 137 | + if ($i !== $len-1) |
|
| 138 | + { |
|
| 122 | 139 | echo "\n"; |
| 123 | 140 | } |
| 124 | 141 | } |
@@ -169,7 +186,9 @@ discard block |
||
| 169 | 186 | <script type="text/javascript"><!--//--><![CDATA[//><!-- |
| 170 | 187 | window.name = 'hlmain'; |
| 171 | 188 | function hl(i){ |
| 172 | - <?php if(!$_hilite){echo 'return;'; }?> |
|
| 189 | + <?php if(!$_hilite) |
|
| 190 | +{ |
|
| 191 | +echo 'return;'; }?> |
|
| 173 | 192 | var e = document.getElementById(i); |
| 174 | 193 | if(!e){return;} |
| 175 | 194 | run(e, '</[a-z1-6]+>', 'ctag'); |
@@ -451,8 +470,10 @@ discard block |
||
| 451 | 470 | <input type="submit" id="submitF" name="submitF" value="Process" style="float:left;" title="filter using htmLawed" onclick="javascript: sndProc(); return false;" onkeypress="javascript: sndProc(); return false;" /> |
| 452 | 471 | |
| 453 | 472 | <?php |
| 454 | -if($do){ |
|
| 455 | - if($validation){ |
|
| 473 | +if($do) |
|
| 474 | +{ |
|
| 475 | + if($validation) |
|
| 476 | + { |
|
| 456 | 477 | echo '<input type="hidden" value="1" name="w3c_validate" id="w3c_validate" />'; |
| 457 | 478 | } |
| 458 | 479 | ?> |
@@ -461,7 +482,8 @@ discard block |
||
| 461 | 482 | <button type="button" onclick="javascript:document.getElementById('text').focus();document.getElementById('text').select()" title="select all to copy" style="float:right;">Select all</button> |
| 462 | 483 | |
| 463 | 484 | <?php |
| 464 | -if($_w3c_validate && $validation){ |
|
| 485 | +if($_w3c_validate && $validation) |
|
| 486 | +{ |
|
| 465 | 487 | ?> |
| 466 | 488 | |
| 467 | 489 | <button type="button" title="HTML 4.01 W3C online validation" style="float: right;" onclick="javascript: sndValidn('text', 'html401'); return false;" onkeypress="javascript: sndValidn('text', 'html401'); return false;">Check HTML</button> |
@@ -470,8 +492,10 @@ discard block |
||
| 470 | 492 | <?php |
| 471 | 493 | } |
| 472 | 494 | } |
| 473 | -else{ |
|
| 474 | - if($_w3c_validate){ |
|
| 495 | +else |
|
| 496 | +{ |
|
| 497 | + if($_w3c_validate) |
|
| 498 | + { |
|
| 475 | 499 | echo '<span style="float: right;" class="help" title="for direct submission of input or output code to W3C validator for (X)HTML validation"><span style="font-size: 85%;"> Validator tools: </span><input type="checkbox" value="1" name="w3c_validate" id="w3c_validate" style="vertical-align: middle;"', ($validation ? ' checked="checked"' : ''), ' /></span>'; |
| 476 | 500 | } |
| 477 | 501 | } |
@@ -483,7 +507,8 @@ discard block |
||
| 483 | 507 | <br style="clear:both;" /> |
| 484 | 508 | |
| 485 | 509 | <?php |
| 486 | -if($limit_exceeded){ |
|
| 510 | +if($limit_exceeded) |
|
| 511 | +{ |
|
| 487 | 512 | echo '<br /><strong>Input text is too long!</strong><br />'; |
| 488 | 513 | } |
| 489 | 514 | ?> |
@@ -531,32 +556,46 @@ discard block |
||
| 531 | 556 | 'valid_xhtml'=>array('2', 'nil', 'auto-set various parameters for most valid XHTML', 'nil'), |
| 532 | 557 | 'xml:lang'=>array('3', 'nil', 'auto-add <em>xml:lang</em> attribute', '0'), |
| 533 | 558 | ); |
| 534 | -foreach($cfg as $k=>$v){ |
|
| 559 | +foreach($cfg as $k=>$v) |
|
| 560 | +{ |
|
| 535 | 561 | echo '<li>', $k, ': '; |
| 536 | - if(!empty($v[0])){ // input radio |
|
| 562 | + if(!empty($v[0])) |
|
| 563 | + { |
|
| 564 | +// input radio |
|
| 537 | 565 | $j = $v[3]; |
| 538 | - for($i = $j-1; ++$i < $v[0]+$v[3];++$j){ |
|
| 566 | + for($i = $j-1; ++$i < $v[0]+$v[3];++$j) |
|
| 567 | + { |
|
| 539 | 568 | echo '<input type="radio" name="h', $k, '" value="', $i, '"', (!isset($_POST['h'. $k]) ? ($v[1] == $i ? ' checked="checked"' : '') : ($_POST['h'. $k] == $i ? ' checked="checked"' : '')), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />', $i, ' '; |
| 540 | 569 | } |
| 541 | - if($v[1] == 'nil'){ |
|
| 570 | + if($v[1] == 'nil') |
|
| 571 | + { |
|
| 542 | 572 | echo '<input type="radio" name="h', $k, '" value="nil"', ((!isset($_POST['h'. $k]) or $_POST['h'. $k] == 'nil') ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />not set '; |
| 543 | 573 | } |
| 544 | - if(!empty($v[4])){ // + input text box |
|
| 574 | + if(!empty($v[4])) |
|
| 575 | + { |
|
| 576 | +// + input text box |
|
| 545 | 577 | echo '<input type="radio" name="h', $k, '" value="', $j, '"', (((isset($_POST['h'. $k]) && $_POST['h'. $k] == $j) or (!isset($_POST['h'. $k]) && $j == $v[1])) ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
| 546 | - if(!is_array($v[4])){ |
|
| 578 | + if(!is_array($v[4])) |
|
| 579 | + { |
|
| 547 | 580 | echo $v[6], ': <input type="text" size="', $v[4], '" name="h', $k. $j, '" value="', htmlspecialchars(isset($_POST['h'. $k. $j][0]) ? $_POST['h'. $k. $j] : $v[5]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
| 548 | 581 | } |
| 549 | - else{ |
|
| 550 | - foreach($v[4] as $z){ |
|
| 582 | + else |
|
| 583 | + { |
|
| 584 | + foreach($v[4] as $z) |
|
| 585 | + { |
|
| 551 | 586 | echo ' ', $z[3], ': <input type="text" size="', $z[0], '" name="h', $k. $j. $z[1], '" value="', htmlspecialchars(isset($_POST['h'. $k. $j. $z[1]][0]) ? $_POST['h'. $k. $j. $z[1]] : $z[2]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
| 552 | 587 | } |
| 553 | 588 | } |
| 554 | 589 | } |
| 555 | 590 | } |
| 556 | - elseif(ctype_digit($v[3])){ // input text |
|
| 591 | + elseif(ctype_digit($v[3])) |
|
| 592 | + { |
|
| 593 | +// input text |
|
| 557 | 594 | echo '<input type="text" size="', $v[3], '" name="h', $k, '" value="', htmlspecialchars(isset($_POST['h'. $k][0]) ? $_POST['h'. $k] : $v[1]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; |
| 558 | 595 | } |
| 559 | - else{} // text-area |
|
| 596 | + else |
|
| 597 | + { |
|
| 598 | +} // text-area |
|
| 560 | 599 | echo ' <span class="help">', $v[2], '</span></li>'; |
| 561 | 600 | } |
| 562 | 601 | echo '</ul></td></tr><tr><td><span style="vertical-align: top;" class="help" title="$spec argument: element-specific attribute rules">Spec:</span></td><td><textarea name="spec" id="spec" cols="70" rows="3" style="width:80%;">', htmlspecialchars((isset($_POST['spec']) ? $_POST['spec'] : '')), '</textarea></td></tr></table>'; |
@@ -566,31 +605,39 @@ discard block |
||
| 566 | 605 | </form> |
| 567 | 606 | |
| 568 | 607 | <?php |
| 569 | -if($do){ |
|
| 608 | +if($do) |
|
| 609 | +{ |
|
| 570 | 610 | $cfg = array(); |
| 571 | - foreach($_POST as $k=>$v){ |
|
| 572 | - if($k[0] == 'h' && $v != 'nil'){ |
|
| 611 | + foreach($_POST as $k=>$v) |
|
| 612 | + { |
|
| 613 | + if($k[0] == 'h' && $v != 'nil') |
|
| 614 | + { |
|
| 573 | 615 | $cfg[substr($k, 1)] = $v; |
| 574 | 616 | } |
| 575 | 617 | } |
| 576 | 618 | |
| 577 | - if(isset($cfg['anti_link_spam']) && $cfg['anti_link_spam'] && (!empty($cfg['anti_link_spam11']) or !empty($cfg['anti_link_spam12']))){ |
|
| 619 | + if(isset($cfg['anti_link_spam']) && $cfg['anti_link_spam'] && (!empty($cfg['anti_link_spam11']) or !empty($cfg['anti_link_spam12']))) |
|
| 620 | + { |
|
| 578 | 621 | $cfg['anti_link_spam'] = array($cfg['anti_link_spam11'], $cfg['anti_link_spam12']); |
| 579 | 622 | } |
| 580 | 623 | unset($cfg['anti_link_spam11'], $cfg['anti_link_spam12']); |
| 581 | - if(isset($cfg['anti_mail_spam']) && $cfg['anti_mail_spam'] == 1){ |
|
| 624 | + if(isset($cfg['anti_mail_spam']) && $cfg['anti_mail_spam'] == 1) |
|
| 625 | + { |
|
| 582 | 626 | $cfg['anti_mail_spam'] = isset($cfg['anti_mail_spam1'][0]) ? $cfg['anti_mail_spam1'] : 0; |
| 583 | 627 | } |
| 584 | 628 | unset($cfg['anti_mail_spam11']); |
| 585 | - if(isset($cfg['deny_attribute']) && $cfg['deny_attribute'] == 1){ |
|
| 629 | + if(isset($cfg['deny_attribute']) && $cfg['deny_attribute'] == 1) |
|
| 630 | + { |
|
| 586 | 631 | $cfg['deny_attribute'] = isset($cfg['deny_attribute1'][0]) ? $cfg['deny_attribute1'] : 0; |
| 587 | 632 | } |
| 588 | 633 | unset($cfg['deny_attribute1']); |
| 589 | - if(isset($cfg['tidy']) && $cfg['tidy'] == 2){ |
|
| 634 | + if(isset($cfg['tidy']) && $cfg['tidy'] == 2) |
|
| 635 | + { |
|
| 590 | 636 | $cfg['tidy'] = isset($cfg['tidy2'][0]) ? $cfg['tidy2'] : 0; |
| 591 | 637 | } |
| 592 | 638 | unset($cfg['tidy2']); |
| 593 | - if(isset($cfg['unique_ids']) && $cfg['unique_ids'] == 2){ |
|
| 639 | + if(isset($cfg['unique_ids']) && $cfg['unique_ids'] == 2) |
|
| 640 | + { |
|
| 594 | 641 | $cfg['unique_ids'] = isset($cfg['unique_ids2'][0]) ? $cfg['unique_ids2'] : 1; |
| 595 | 642 | } |
| 596 | 643 | unset($cfg['unique_ids2']); |
@@ -612,7 +659,8 @@ discard block |
||
| 612 | 659 | } |
| 613 | 660 | echo '</div><br /><a href="htmLawedTest.php" title="[toggle visibility] syntax-highlighted" onclick="javascript:toggle(\'outputR\'); return false;"><span class="notice">Output code »</span></a><div id="outputR" style="display: block;">', format($out), '</div><script type="text/javascript">hl(\'outputR\');</script>', (!isset($_POST['text'][$_hlimit]) ? ' <a href="htmLawedTest.php" title="[toggle visibility] hexdump; non-viewable characters like line-returns are shown as dots" onclick="javascript:toggle(\'outputD\'); return false;"><span class="notice">Output binary »</span></a><div id="outputD" style="display: none;">'. hexdump($out). '</div>' : ''), ' <a href="htmLawedTest.php" title="[toggle visibility] inline output-input diff; might not be perfectly accurate, semantically or otherwise " onclick="javascript:toggle(\'diff\'); diffLaunch(); return false;"><span class="notice">Diff »</span></a> <div id="diff" style="display: none;"></div><br /><a href="htmLawedTest.php" title="[toggle visibility] XHTML 1 Transitional doctype" onclick="javascript:toggle(\'outputH\'); return false;"><span class="notice">Output rendered »</span></a><div id="outputH" style="display: block;">', $out, '</div>'; |
| 614 | 661 | } |
| 615 | -else{ |
|
| 662 | +else |
|
| 663 | +{ |
|
| 616 | 664 | ?> |
| 617 | 665 | |
| 618 | 666 | <br /> |
@@ -630,7 +678,8 @@ discard block |
||
| 630 | 678 | <br /><br />Hovering the mouse over some of the text can provide additional information in some browsers.</small> |
| 631 | 679 | |
| 632 | 680 | <?php |
| 633 | -if($_w3c_validate){ |
|
| 681 | +if($_w3c_validate) |
|
| 682 | +{ |
|
| 634 | 683 | ?> |
| 635 | 684 | |
| 636 | 685 | <small><br /><br />Because of character-encoding issues, the W3C validator (anyway not perfect) may reject validation requests or invalidate otherwise-valid code, esp. if text was copy-pasted in the input box. Local applications like the <em>HTML Validator</em> Firefox browser add-on may be useful in such cases.</small> |
