Ignore:
Timestamp:
08/31/10 19:15:20 (9 years ago)
Author:
Eric
Message:

Bug 1825 fixed : Password corruption after Piwigo's profile page visit
New version 2.3.1 hard coded

File:
1 edited

Legend:

Unmodified
Added
Removed
  • extensions/Register_FluxBB/trunk/main.inc.php

    r6815 r6826  
    22/* 
    33Plugin Name: Register FluxBB 
    4 Version: 2.3.0 
     4Version: 2.3.1 
    55Description: Link user registration from Piwigo to FluxBB forum (registration, password changing, deletion) - Original Nicco's NBC_LinkUser2PunBB plugin upgraded to Piwigo / Liez l'inscription des utilisateurs de Piwigo avec votre forum FluxBB - Portage du plugin NBC_LinkUser2PunBB de Nicco vers Piwigo 
    66Plugin URI: http://phpwebgallery.net/ext/extension_view.php?eid=252 
     
    55552.2.4     - 22/08/10  - Bug 1812 fixed : Compliance with FluxBB 1.4 
    5656 
    57 2.3.0     - 01/09/10  - Bug 1434 fixed : Bridge between Register_FluxBB and UserAdvManager for new users validation 
     572.3.0     - 28/08/10  - Bug 1434 fixed : Bridge between Register_FluxBB and UserAdvManager for new users validation 
     58 
     592.3.1     - 31/08/10  - Bug 1825 fixed : Password corruption after Piwigo's profile page visit  
    5860-------------------------------------------------------------------------------- 
    5961*/ 
     
    109111 
    110112 
    111  
    112 add_event_handler('init', 'Register_FluxBB_InitPage'); 
    113   
    114 function Register_FluxBB_InitPage() 
    115 { 
    116   global $conf, $user ; 
    117   include_once (REGFLUXBB_PATH.'include/functions.inc.php'); 
    118  
    119 /* user update */ 
    120   if (script_basename() == 'profile') 
     113/* Profile management */ 
     114if (script_basename() == 'profile') 
     115{ 
     116  add_event_handler('loc_begin_profile', 'Register_FluxBB_InitPage', EVENT_HANDLER_PRIORITY_NEUTRAL, 2); 
     117 
     118  function Register_FluxBB_InitPage() 
    121119  { 
    122     if (isset($_POST['validate'])) 
    123     { 
    124       $errors = array(); 
    125  
    126       $int_pattern = '/^\d+$/'; 
    127       if (empty($_POST['nb_image_line']) 
    128         or (!preg_match($int_pattern, $_POST['nb_image_line']))) 
     120    global $conf, $user; 
     121    include_once (REGFLUXBB_PATH.'include/functions.inc.php'); 
     122     
     123    if (isset($_POST['validate']) and !is_admin()) 
     124    { 
     125    if (!empty($_POST['use_new_pwd'])) 
    129126      { 
    130         $errors[] = l10n('nb_image_line_error'); 
    131       } 
    132      
    133       if (empty($_POST['nb_line_page']) 
    134         or (!preg_match($int_pattern, $_POST['nb_line_page']))) 
    135       { 
    136         $errors[] = l10n('nb_line_page_error'); 
    137       } 
    138      
    139       if ($_POST['maxwidth'] != '' 
    140         and (!preg_match($int_pattern, $_POST['maxwidth']) 
    141         or $_POST['maxwidth'] < 50)) 
    142       { 
    143         $errors[] = l10n('maxwidth_error'); 
    144       } 
    145  
    146       if ($_POST['maxheight'] 
    147         and (!preg_match($int_pattern, $_POST['maxheight']) 
    148         or $_POST['maxheight'] < 50)) 
    149       { 
    150         $errors[] = l10n('maxheight_error'); 
    151       } 
    152  
    153       if (isset($_POST['mail_address'])) 
    154       { 
    155         $mail_error = validate_mail_address($user['id'],$_POST['mail_address']); 
    156         if (!empty($mail_error)) 
    157         { 
    158           $errors[] = $mail_error; 
    159         } 
    160       } 
    161      
    162       if (!empty($_POST['use_new_pwd'])) 
    163       { 
    164         // password must be the same as its confirmation 
    165         if ($_POST['use_new_pwd'] != $_POST['passwordConf']) 
    166         { 
    167           $errors[] = l10n('New password confirmation does not correspond'); 
    168         } 
    169      
    170         if ( !defined('IN_ADMIN') ) 
    171         {// changing password requires old password 
    172           $query = ' 
    173 SELECT '.$conf['user_fields']['password'].' AS password 
    174 FROM '.USERS_TABLE.' 
    175 WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\' 
    176 ;'; 
    177  
    178           list($current_password) = pwg_db_fetch_row(pwg_query($query)); 
    179        
    180           if ($conf['pass_convert']($_POST['password']) != $current_password) 
    181           { 
    182             $errors[] = l10n('Current password is wrong'); 
    183           } 
    184         } 
    185       } 
    186      
    187       if (count($errors) == 0) 
    188       { 
    189         include_once (REGFLUXBB_PATH.'include/functions.inc.php'); 
    190        
    191         $query = ' 
     127      $query = ' 
    192128SELECT '.$conf['user_fields']['username'].' AS username 
    193129FROM '.USERS_TABLE.' 
     
    195131;'; 
    196132 
    197         list($username) = pwg_db_fetch_row(pwg_query($query)); 
    198  
    199         FluxBB_Updateuser($user['id'], stripslashes($username), sha1($_POST['use_new_pwd']), $_POST['mail_address']); 
     133      list($username) = pwg_db_fetch_row(pwg_query($query)); 
     134 
     135      FluxBB_Updateuser($user['id'], stripslashes($username), sha1($_POST['use_new_pwd']), $_POST['mail_address']); 
    200136      } 
    201137    } 
     
    205141 
    206142/* Access validation in FluxBB when validated in Piwigo through UAM plugin */ 
    207 add_event_handler('login_success', 'UAM_Bridge'); 
     143add_event_handler('login_success', 'UAM_Bridge', EVENT_HANDLER_PRIORITY_NEUTRAL, 2); 
    208144 
    209145function UAM_Bridge() 
Note: See TracChangeset for help on using the changeset viewer.