Ignore:
Timestamp:
11/17/09 18:07:41 (10 years ago)
Author:
Eric
Message:

[Register_FluxBB]

  • Using sha1 hash instead of md5 for password hashing in FluxBB because FluxBB uses prior sha1 hash and md5 only in last sentence.
  • Escaping all characters in login names and be able to retreive them without slashes - FluxBB does not allow this so Piwigo's user names with escaped characters will not been escaped in FluxBB (ie : "it's" in Piwigo will be "It\'s" in FluxBB)
  • Code refactoring
  • Full HTML 4.0 for tpl
Location:
extensions/Register_FluxBB/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/Register_FluxBB/trunk/main.inc.php

    r3778 r4285  
    22/* 
    33Plugin Name: Register FluxBB 
    4 Version: 2.1.2 
     4Version: 2.1.3 
    55Description: Link user registration from Piwigo to FluxBB forum (registration, password changing, deletion) - Original Nicco's NBC_LinkUser2PunBB plugin upgraded to Piwigo / Liez l'inscription des utilisateurs de Piwigo avec votre forum FluxBB - Portage du plugin NBC_LinkUser2PunBB de Nicco vers Piwigo 
    66Plugin URI: http://phpwebgallery.net/ext/extension_view.php?eid=252 
     
    1919:: HISTORY 
    2020 
    21 2.0.0b                  - 23/11/08  - Initial release. Basic changes to be available for Piwigo 2.0RC4 
     212.0.0b          - 23/11/08  - Initial release. Basic changes to be available for Piwigo 2.0RC4 
    2222 
    23 2.0.1b                  - 24/11/08  - Small bug correction on submit button display 
     232.0.1b          - 24/11/08  - Small bug correction on submit button display 
    2424 
    25252.0.2                   - 19/02/09      - Language pack correction 
    2626 
    27272.1.0                   - 25/04/09  - Admin panel with tabsheets 
    28                                                         - Radio buttons functionnalities corrections (now radio buttons show the configuration saved in database) 
    29                                                         - Language files (fr - en) improvement 
     28                      - Radio buttons functionnalities corrections (now radio buttons show the configuration saved in database) 
     29                      - Language files (fr - en) improvement 
    3030 
    31312.1.1                   - 30/04/09      - Bug fixed on profile update 
    3232 
    33332.1.2                   - 22/08/09      - Compatibility bug fixed when used with DynamicRecentPeriod plugin 
     34 
     352.1.3     - 16/11/09  - Using sha1 hash instead of md5 for password hashing in FluxBB 
     36                      - Escaping all characters in login names and be able to retreive them without slashes - FluxBB does not allow this so Piwigo's user names with escaped characters will not been escaped in FluxBB (ie : "it's" in Piwigo will be "It\'s" in FluxBB) 
     37                      - Code refactoring 
     38                      - Full HTML 4.0 for tpl 
    3439 
    3540-------------------------------------------------------------------------------- 
     
    5257{ 
    5358  array_push($menu, array( 
    54       'NAME' => 'Register FluxBB', 
    55       'URL'  => get_admin_plugin_menu_link(Register_FluxBB_PATH.'admin/Register_FluxBB_admin.php'))); 
    56       return $menu; 
     59    'NAME' => 'Register FluxBB', 
     60    'URL'  => get_admin_plugin_menu_link(Register_FluxBB_PATH.'admin/Register_FluxBB_admin.php'))); 
     61  return $menu; 
    5762} 
    5863 
     
    6368function Register_FluxBB_Adduser($register_user) 
    6469{ 
    65         global $conf; 
     70  global $conf; 
    6671         
    6772  include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php'); 
    6873 
    69   FluxBB_Adduser($register_user['id'], $register_user['username'], $conf['pass_convert']($_POST['password']), $register_user['email']); 
     74  // Warning : FluxBB uses Sha1 hash instead of md5 for Piwigo ! 
     75  FluxBB_Adduser($register_user['id'], $register_user['username'], sha1($_POST['password']), $register_user['email']); 
    7076} 
    7177 
     
    7682function Register_FluxBB_Deluser($user_id) 
    7783{ 
    78         include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php'); 
     84  include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php'); 
    7985 
    8086  FluxBB_Deluser( FluxBB_Searchuser($user_id), true ); 
     
    99105      $int_pattern = '/^\d+$/'; 
    100106      if (empty($_POST['nb_image_line']) 
    101           or (!preg_match($int_pattern, $_POST['nb_image_line']))) 
     107        or (!preg_match($int_pattern, $_POST['nb_image_line']))) 
    102108      { 
    103109        $errors[] = l10n('nb_image_line_error'); 
     
    105111     
    106112      if (empty($_POST['nb_line_page']) 
    107           or (!preg_match($int_pattern, $_POST['nb_line_page']))) 
     113        or (!preg_match($int_pattern, $_POST['nb_line_page']))) 
    108114      { 
    109115        $errors[] = l10n('nb_line_page_error'); 
     
    111117     
    112118      if ($_POST['maxwidth'] != '' 
    113           and (!preg_match($int_pattern, $_POST['maxwidth']) 
    114                or $_POST['maxwidth'] < 50)) 
     119        and (!preg_match($int_pattern, $_POST['maxwidth']) 
     120        or $_POST['maxwidth'] < 50)) 
    115121      { 
    116122        $errors[] = l10n('maxwidth_error'); 
    117123      } 
     124 
    118125      if ($_POST['maxheight'] 
    119            and (!preg_match($int_pattern, $_POST['maxheight']) 
    120                  or $_POST['maxheight'] < 50)) 
     126        and (!preg_match($int_pattern, $_POST['maxheight']) 
     127        or $_POST['maxheight'] < 50)) 
    121128      { 
    122129        $errors[] = l10n('maxheight_error'); 
    123130      } 
    124         // periods must be integer values, they represents number of days 
    125         /* Commented to fix compatibility problem with Dynamic Recent Period Plugin */ 
    126         /* This don't impact the plugin functionnalities */ 
    127         /*if (!preg_match($int_pattern, $_POST['recent_period']) 
    128             or $_POST['recent_period'] <= 0) 
    129         { 
    130           $errors[] = l10n('periods_error') ; 
    131         }*/ 
    132      
     131 
    133132      if (isset($_POST['mail_address'])) 
    134133      { 
     
    151150        {// changing password requires old password 
    152151          $query = ' 
    153             SELECT '.$conf['user_fields']['password'].' AS password 
    154             FROM '.USERS_TABLE.' 
    155             WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\' 
    156           ;'; 
     152SELECT '.$conf['user_fields']['password'].' AS password 
     153FROM '.USERS_TABLE.' 
     154WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\' 
     155;'; 
     156 
    157157          list($current_password) = mysql_fetch_row(pwg_query($query)); 
    158158       
     
    166166      if (count($errors) == 0) 
    167167      { 
    168         include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php'); 
     168        include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php'); 
    169169       
    170170        $query = ' 
    171           SELECT '.$conf['user_fields']['username'].' AS username 
    172           FROM '.USERS_TABLE.' 
    173           WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\' 
    174         ;'; 
     171SELECT '.$conf['user_fields']['username'].' AS username 
     172FROM '.USERS_TABLE.' 
     173WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\' 
     174;'; 
     175 
    175176        list($username) = mysql_fetch_row(pwg_query($query)); 
    176177 
    177         FluxBB_Updateuser($user['id'], $username, $conf['pass_convert']($_POST['use_new_pwd']), $_POST['mail_address']); 
     178        FluxBB_Updateuser($user['id'], stripslashes($username), sha1($_POST['use_new_pwd']), $_POST['mail_address']); 
    178179      } 
    179180    } 
    180181  } 
    181182} 
    182  
    183183?> 
  • extensions/Register_FluxBB/trunk/maintain.inc.php

    r3738 r4285  
    1717 
    1818  $q = ' 
    19     INSERT INTO '.CONFIG_TABLE.' (param,value,comment) 
    20     VALUES ("Register_FluxBB","FluxBB_;PhpWebGallery;Guest;false;false;true","Parametres Register_FluxBB") 
    21   ;'; 
     19INSERT INTO '.CONFIG_TABLE.' (param,value,comment) 
     20VALUES ("Register_FluxBB","FluxBB_;PhpWebGallery;Guest;false;false;true","Parametres Register_FluxBB") 
     21;'; 
    2222     
    2323  pwg_query($q); 
    2424   
    25         $q = " 
    26     CREATE TABLE IF NOT EXISTS ".Register_FluxBB_ID_TABLE." ( 
    27       id_user_pwg smallint(5) NOT NULL default '0', 
    28       id_user_FluxBB int(10) NOT NULL default '0', 
    29       PRIMARY KEY  (id_user_pwg), 
    30       KEY id_user_pwg (id_user_pwg, id_user_FluxBB) 
    31     ) 
    32   ;"; 
     25  $q = " 
     26CREATE TABLE IF NOT EXISTS ".Register_FluxBB_ID_TABLE." ( 
     27  id_user_pwg smallint(5) NOT NULL default '0', 
     28  id_user_FluxBB int(10) NOT NULL default '0', 
     29PRIMARY KEY  (id_user_pwg), 
     30  KEY id_user_pwg (id_user_pwg, id_user_FluxBB) 
     31) 
     32;"; 
    3333 
    3434  pwg_query($q); 
     
    4848  { 
    4949    $q = ' 
    50       DELETE FROM '.CONFIG_TABLE.' 
    51       WHERE param="Register_FluxBB" LIMIT 1 
    52     ;'; 
     50DELETE FROM '.CONFIG_TABLE.' 
     51WHERE param="Register_FluxBB" LIMIT 1 
     52;'; 
    5353 
    5454    pwg_query($q); 
     
    5959 
    6060} 
    61  
    6261?> 
Note: See TracChangeset for help on using the changeset viewer.