Changeset 4285


Ignore:
Timestamp:
Nov 17, 2009, 6:07:41 PM (14 years ago)
Author:
Eric
Message:

[Register_FluxBB]

  • Using sha1 hash instead of md5 for password hashing in FluxBB because FluxBB uses prior sha1 hash and md5 only in last sentence.
  • Escaping all characters in login names and be able to retreive them without slashes - FluxBB does not allow this so Piwigo's user names with escaped characters will not been escaped in FluxBB (ie : "it's" in Piwigo will be "It\'s" in FluxBB)
  • Code refactoring
  • Full HTML 4.0 for tpl
Location:
extensions/Register_FluxBB/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/Register_FluxBB/trunk/main.inc.php

    r3778 r4285  
    22/*
    33Plugin Name: Register FluxBB
    4 Version: 2.1.2
     4Version: 2.1.3
    55Description: Link user registration from Piwigo to FluxBB forum (registration, password changing, deletion) - Original Nicco's NBC_LinkUser2PunBB plugin upgraded to Piwigo / Liez l'inscription des utilisateurs de Piwigo avec votre forum FluxBB - Portage du plugin NBC_LinkUser2PunBB de Nicco vers Piwigo
    66Plugin URI: http://phpwebgallery.net/ext/extension_view.php?eid=252
     
    1919:: HISTORY
    2020
    21 2.0.0b                  - 23/11/08  - Initial release. Basic changes to be available for Piwigo 2.0RC4
     212.0.0b          - 23/11/08  - Initial release. Basic changes to be available for Piwigo 2.0RC4
    2222
    23 2.0.1b                  - 24/11/08  - Small bug correction on submit button display
     232.0.1b          - 24/11/08  - Small bug correction on submit button display
    2424
    25252.0.2                   - 19/02/09      - Language pack correction
    2626
    27272.1.0                   - 25/04/09  - Admin panel with tabsheets
    28                                                         - Radio buttons functionnalities corrections (now radio buttons show the configuration saved in database)
    29                                                         - Language files (fr - en) improvement
     28                      - Radio buttons functionnalities corrections (now radio buttons show the configuration saved in database)
     29                      - Language files (fr - en) improvement
    3030
    31312.1.1                   - 30/04/09      - Bug fixed on profile update
    3232
    33332.1.2                   - 22/08/09      - Compatibility bug fixed when used with DynamicRecentPeriod plugin
     34
     352.1.3     - 16/11/09  - Using sha1 hash instead of md5 for password hashing in FluxBB
     36                      - Escaping all characters in login names and be able to retreive them without slashes - FluxBB does not allow this so Piwigo's user names with escaped characters will not been escaped in FluxBB (ie : "it's" in Piwigo will be "It\'s" in FluxBB)
     37                      - Code refactoring
     38                      - Full HTML 4.0 for tpl
    3439
    3540--------------------------------------------------------------------------------
     
    5257{
    5358  array_push($menu, array(
    54       'NAME' => 'Register FluxBB',
    55       'URL'  => get_admin_plugin_menu_link(Register_FluxBB_PATH.'admin/Register_FluxBB_admin.php')));
    56       return $menu;
     59    'NAME' => 'Register FluxBB',
     60    'URL'  => get_admin_plugin_menu_link(Register_FluxBB_PATH.'admin/Register_FluxBB_admin.php')));
     61  return $menu;
    5762}
    5863
     
    6368function Register_FluxBB_Adduser($register_user)
    6469{
    65         global $conf;
     70  global $conf;
    6671       
    6772  include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php');
    6873
    69   FluxBB_Adduser($register_user['id'], $register_user['username'], $conf['pass_convert']($_POST['password']), $register_user['email']);
     74  // Warning : FluxBB uses Sha1 hash instead of md5 for Piwigo !
     75  FluxBB_Adduser($register_user['id'], $register_user['username'], sha1($_POST['password']), $register_user['email']);
    7076}
    7177
     
    7682function Register_FluxBB_Deluser($user_id)
    7783{
    78         include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php');
     84  include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php');
    7985
    8086  FluxBB_Deluser( FluxBB_Searchuser($user_id), true );
     
    99105      $int_pattern = '/^\d+$/';
    100106      if (empty($_POST['nb_image_line'])
    101           or (!preg_match($int_pattern, $_POST['nb_image_line'])))
     107        or (!preg_match($int_pattern, $_POST['nb_image_line'])))
    102108      {
    103109        $errors[] = l10n('nb_image_line_error');
     
    105111   
    106112      if (empty($_POST['nb_line_page'])
    107           or (!preg_match($int_pattern, $_POST['nb_line_page'])))
     113        or (!preg_match($int_pattern, $_POST['nb_line_page'])))
    108114      {
    109115        $errors[] = l10n('nb_line_page_error');
     
    111117   
    112118      if ($_POST['maxwidth'] != ''
    113           and (!preg_match($int_pattern, $_POST['maxwidth'])
    114                or $_POST['maxwidth'] < 50))
     119        and (!preg_match($int_pattern, $_POST['maxwidth'])
     120        or $_POST['maxwidth'] < 50))
    115121      {
    116122        $errors[] = l10n('maxwidth_error');
    117123      }
     124
    118125      if ($_POST['maxheight']
    119            and (!preg_match($int_pattern, $_POST['maxheight'])
    120                  or $_POST['maxheight'] < 50))
     126        and (!preg_match($int_pattern, $_POST['maxheight'])
     127        or $_POST['maxheight'] < 50))
    121128      {
    122129        $errors[] = l10n('maxheight_error');
    123130      }
    124         // periods must be integer values, they represents number of days
    125         /* Commented to fix compatibility problem with Dynamic Recent Period Plugin */
    126         /* This don't impact the plugin functionnalities */
    127         /*if (!preg_match($int_pattern, $_POST['recent_period'])
    128             or $_POST['recent_period'] <= 0)
    129         {
    130           $errors[] = l10n('periods_error') ;
    131         }*/
    132    
     131
    133132      if (isset($_POST['mail_address']))
    134133      {
     
    151150        {// changing password requires old password
    152151          $query = '
    153             SELECT '.$conf['user_fields']['password'].' AS password
    154             FROM '.USERS_TABLE.'
    155             WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
    156           ;';
     152SELECT '.$conf['user_fields']['password'].' AS password
     153FROM '.USERS_TABLE.'
     154WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
     155;';
     156
    157157          list($current_password) = mysql_fetch_row(pwg_query($query));
    158158     
     
    166166      if (count($errors) == 0)
    167167      {
    168         include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php');
     168        include_once (Register_FluxBB_PATH.'include/functions_Register_FluxBB.inc.php');
    169169     
    170170        $query = '
    171           SELECT '.$conf['user_fields']['username'].' AS username
    172           FROM '.USERS_TABLE.'
    173           WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
    174         ;';
     171SELECT '.$conf['user_fields']['username'].' AS username
     172FROM '.USERS_TABLE.'
     173WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
     174;';
     175
    175176        list($username) = mysql_fetch_row(pwg_query($query));
    176177
    177         FluxBB_Updateuser($user['id'], $username, $conf['pass_convert']($_POST['use_new_pwd']), $_POST['mail_address']);
     178        FluxBB_Updateuser($user['id'], stripslashes($username), sha1($_POST['use_new_pwd']), $_POST['mail_address']);
    178179      }
    179180    }
    180181  }
    181182}
    182 
    183183?>
  • extensions/Register_FluxBB/trunk/maintain.inc.php

    r3738 r4285  
    1717
    1818  $q = '
    19     INSERT INTO '.CONFIG_TABLE.' (param,value,comment)
    20     VALUES ("Register_FluxBB","FluxBB_;PhpWebGallery;Guest;false;false;true","Parametres Register_FluxBB")
    21   ;';
     19INSERT INTO '.CONFIG_TABLE.' (param,value,comment)
     20VALUES ("Register_FluxBB","FluxBB_;PhpWebGallery;Guest;false;false;true","Parametres Register_FluxBB")
     21;';
    2222   
    2323  pwg_query($q);
    2424 
    25         $q = "
    26     CREATE TABLE IF NOT EXISTS ".Register_FluxBB_ID_TABLE." (
    27       id_user_pwg smallint(5) NOT NULL default '0',
    28       id_user_FluxBB int(10) NOT NULL default '0',
    29       PRIMARY KEY  (id_user_pwg),
    30       KEY id_user_pwg (id_user_pwg, id_user_FluxBB)
    31     )
    32   ;";
     25  $q = "
     26CREATE TABLE IF NOT EXISTS ".Register_FluxBB_ID_TABLE." (
     27  id_user_pwg smallint(5) NOT NULL default '0',
     28  id_user_FluxBB int(10) NOT NULL default '0',
     29PRIMARY KEY  (id_user_pwg),
     30  KEY id_user_pwg (id_user_pwg, id_user_FluxBB)
     31)
     32;";
    3333
    3434  pwg_query($q);
     
    4848  {
    4949    $q = '
    50       DELETE FROM '.CONFIG_TABLE.'
    51       WHERE param="Register_FluxBB" LIMIT 1
    52     ;';
     50DELETE FROM '.CONFIG_TABLE.'
     51WHERE param="Register_FluxBB" LIMIT 1
     52;';
    5353
    5454    pwg_query($q);
     
    5959
    6060}
    61 
    6261?>
Note: See TracChangeset for help on using the changeset viewer.