aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorm.fu <m_fu@310415.no-reply.drupal.org>2009-06-27 07:22:52 +0000
committerm.fu <m_fu@310415.no-reply.drupal.org>2009-06-27 07:22:52 +0000
commitd63946793686fa885c43dfb3dc791fcf7253300f (patch)
tree063ebb4f71561e4d5c8e34a41bace07375d1ab5e
parent2595209ce4f817b77a7948970392c91331c3c4e7 (diff)
downloaddrupal_htpasswdsync-d63946793686fa885c43dfb3dc791fcf7253300f.tar.gz
drupal_htpasswdsync-d63946793686fa885c43dfb3dc791fcf7253300f.tar.bz2
drupal_htpasswdsync-d63946793686fa885c43dfb3dc791fcf7253300f.zip
Fixed #503718 by m.fu : htpassword corruption when enabling/disabling user
Fixed #437904 by fasdalf@fasdalf.ru : group file not generated properly, now happen on after_update Fixed #437844 by fasdalf@fasdalf.ru : error when deleting one user Fixed #503726 by m.fu: group file no longer contain disabled users Added #503720 by m.fu : option to overwrite htpasswd Fixed #503724 by m.fu : validation of username, must be htpasswd compatible
-rw-r--r--CHANGELOG.txt12
-rw-r--r--HTPasswdSync.install12
-rw-r--r--HTPasswdSync.module169
3 files changed, 153 insertions, 40 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index f3f1beb..f48efeb 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,6 +1,16 @@
$Id$
-v1.1-Dev bug fix release
+v1.2 bug fix release
+Fixed #503718 by m.fu : htpassword corruption when enabling/disabling user
+Fixed #437904 by fasdalf@fasdalf.ru : group file not generated properly, now happen on
+ after_update
+Fixed #437844 by fasdalf@fasdalf.ru : error when deleting one user
+Fixed #503726 by m.fu: group file no longer contain disabled users
+Added #503720 by m.fu : option to overwrite htpasswd
+Fixed #503724 by m.fu : validation of username, must be htpasswd compatible
+
+
+v1.1 bug fix release
Fixed #409406 by fasdalf@fasdalf.ru : remove comma in htgroup file
Added #408798 by fasdalf@fasdalf.ru : request for windows support
windows does not support crypt password hash
diff --git a/HTPasswdSync.install b/HTPasswdSync.install
index a973a70..d8ac4ea 100644
--- a/HTPasswdSync.install
+++ b/HTPasswdSync.install
@@ -2,6 +2,15 @@
// $Id$
/*
* $Log$
+ * Revision 1.1.2.2 2009/06/27 07:22:52 mfu
+ * Fixed #503718 by m.fu : htpassword corruption when enabling/disabling user
+ * Fixed #437904 by fasdalf@fasdalf.ru : group file not generated properly,
+ * now happen on after_update
+ * Fixed #437844 by fasdalf@fasdalf.ru : error when deleting one user
+ * Fixed #503726 by m.fu: group file no longer contain disabled users
+ * Added #503720 by m.fu : option to overwrite htpasswd
+ * Fixed #503724 by m.fu : validation of username, must be htpasswd compatible
+ *
* Revision 1.1.2.1 2009/03/25 19:24:10 mfu
* Fixed #409406 by fasdalf@fasdalf.ru : remove comma in htgroup file
*
@@ -22,6 +31,9 @@ function htpasswdsync_uninstall() {
variable_del('htpasswdsync_htpasswd');
variable_del('htpasswdsync_htgroup');
variable_del('htpasswdsync_roles');
+ variable_del('htpasswdsync_hash');
+ variable_del('htpasswdsync_cron_time');
+ variable_del('htpasswdsync_overwrite');
}
function htpasswdsync_db_schema() {
diff --git a/HTPasswdSync.module b/HTPasswdSync.module
index d7cb615..61ad54d 100644
--- a/HTPasswdSync.module
+++ b/HTPasswdSync.module
@@ -2,6 +2,15 @@
// $Id$
/*
* $Log$
+ * Revision 1.1.2.3 2009/06/27 07:22:52 mfu
+ * Fixed #503718 by m.fu : htpassword corruption when enabling/disabling user
+ * Fixed #437904 by fasdalf@fasdalf.ru : group file not generated properly,
+ * now happen on after_update
+ * Fixed #437844 by fasdalf@fasdalf.ru : error when deleting one user
+ * Fixed #503726 by m.fu: group file no longer contain disabled users
+ * Added #503720 by m.fu : option to overwrite htpasswd
+ * Fixed #503724 by m.fu : validation of username, must be htpasswd compatible
+ *
* Revision 1.1.2.2 2009/03/26 22:15:29 mfu
* Added #408798 by fasdalf@fasdalf.ru : request for windows support
* windows does not support crypt password hash
@@ -13,6 +22,7 @@
*
*
*/
+
/* @file
* Synchronize users password and htpasswd file
@@ -80,7 +90,23 @@
function _htpasswdsync_hash() {
return variable_get('htpasswdsync_hash', 0);
}
-
+
+ /**
+ * return overwrite_htpasswd status
+ *
+ * returns if the htpasswd file shall be overwritten by drupal of not
+ * overwritting will erase all manual entered users.
+ * manual make the htpasswd grow and contain renamed users.
+ * it will do the same for the htgroup
+ *
+ * @return
+ * array of role id
+ */
+ function _htpasswdsync_overwrite() {
+ return variable_get('htpasswdsync_overwrite', true);
+ }
+
+
/**
* crypt password
*
@@ -162,7 +188,11 @@
$file = _htpasswdsync_grpfilename();
$groups = array();
- _htpasswdsync_read_htfile($groups, $file);
+
+ // if we overwrite, then why botter reading the previous file
+ if (! _htpasswdsync_overwrite()) {
+ _htpasswdsync_read_htfile($groups, $file);
+ }
foreach (_htpasswdsync_roles() as $rid) {
// get role name
@@ -173,7 +203,7 @@
$groups[$name] = "";
// add members to the group
- $res = db_query('SELECT name FROM {users} u, {users_roles} ur WHERE ur.rid = %d AND ur.uid = u.uid', $rid);
+ $res = db_query('SELECT name FROM {users} u, {users_roles} ur WHERE ur.rid = %d AND ur.uid = u.uid AND status = 1', $rid);
while ($r = db_fetch_object($res)) {
$groups[$name] .= " ". $r->name;
}
@@ -192,11 +222,15 @@
$file = _htpasswdsync_passfilename();
$passwords = array();
- _htpasswdsync_read_htfile($passwords, $file);
-
+
+ // if we overwrite, then why botter reading the previous file
+ if (! _htpasswdsync_overwrite()) {
+ _htpasswdsync_read_htfile($passwords, $file);
+ }
//get all users
- $res = db_query('SELECT username, passwd FROM {htpasswdsync_passwd}');
+ $res = db_query('SELECT username, passwd FROM {htpasswdsync_passwd}, {users} WHERE name=username and status = 1');
while ($r = db_fetch_object($res)) {
+ firep($r, "htpaswdsync_updatepasswd -- user/pass");
if ($r->passwd == "****DELETED") {
unset($passwords[$r->username]);
}
@@ -208,33 +242,55 @@
}
-/* update htpassword with the new password of the user
+/* update htpassword table with the new password of the user
*
+ * @param $edit
+ * fields that have been edited
* @param $account
* account of the user to update
* @return
*/
- function _htpasswdsync_update($account) {
-
- // read current file
- $f = _htpasswdsync_passfilename();
- $passwds = array();
- _htpasswdsync_read_htfile($passwds, $f);
-
- // update with the $account information received
- // password crypted with the standard crypt (not MD5) function
- $user = $account['name'];
- $pass = _htpasswdsync_crypt($account['pass']);
- $passwds[$user] = $pass;
-
- //save file
- _htpasswdsync_write_htfile($passwds, $f);
+ function _htpasswdsync_update($edit, $account) {
+
+ if (isset($edit["pass"])) {
+ // update with the $account information received
+ // password crypted with the standard crypt (not MD5) function
+ $user = $account->name;
+ $pass = _htpasswdsync_crypt($edit['pass']);
+ $passwds[$user] = $pass;
- //update table
- db_query("DELETE FROM {htpasswdsync_passwd} WHERE username = '%s'", $user);
- db_query("INSERT INTO {htpasswdsync_passwd} (username, passwd) VALUES('%s', '%s')", $user, $pass);
+ //update table
+ db_query("DELETE FROM {htpasswdsync_passwd} WHERE username = '%s'", $user);
+ db_query("INSERT INTO {htpasswdsync_passwd} (username, passwd) VALUES('%s', '%s')", $user, $pass);
+ _htpasswdsync_updatepasswd();
+ _htpasswdsync_updategroup();
+ }
+}
+
+/* update htpassword file with the new password of the user
+ *
+ * @param $account
+ * account of the user to update
+ * @return
+ */
+function _htpasswdsync_commit_to_htpasswd() {
+ // update passwd file with new status
+ _htpasswdsync_updatepasswd();
_htpasswdsync_updategroup();
}
+
+/* remove the one user for the htpassword file
+ *
+ * @param $username
+ * username of account to delete
+ * @return
+ */
+function _htpasswdsync_delete_user($username) {
+ firep ($username, "_htpasswdsync_delete_user(username)");
+ db_query("DELETE FROM {htpasswdsync_passwd} WHERE username = '%s'", $username);
+ db_query("INSERT INTO {htpasswdsync_passwd} (username, passwd) VALUES('%s', '%s')", $username, "****DELETED");
+}
+
/* remove the user for the htpassword file
*
@@ -243,23 +299,39 @@
* @return
*/
function _htpasswdsync_delete($account) {
- $f = _htpasswdsync_passfilename();
- $passwds = array();
- _htpasswdsync_read_htfile($passwds, $f);
-
- foreach ($account['accounts'] as $a) {
- $r = db_query("SELECT name FROM {users} WHERE uid = %d", $a);
- $user = db_fetch_object($r);
- unset($passwds[$user->name]);
- db_query("DELETE FROM {htpasswdsync_passwd} WHERE username = '%s'", $user->name);
- db_query("INSERT INTO {htpasswdsync_passwd} (username, passwd) VALUES('%s', '%s')", $user->name, "****DELETED");
+ firep ($account, "_htpasswdsync_delete(account)");
+
+ if (isset($account['accounts'])) {
+ foreach ($account['accounts'] as $a) {
+ $r = db_query("SELECT name FROM {users} WHERE uid = %d", $a);
+ $user = db_fetch_object($r);
+ _htpasswdsync_delete_user($user->name);
+ }
}
- _htpasswdsync_write_htfile($passwds, $f);
-
+ elseif (isset($account['_account'])) {
+ _htpasswdsync_delete_user($user->name);
+ }
+ _htpasswdsync_updatepasswd();
_htpasswdsync_updategroup();
}
/**
+* Validate user form input
+* here we refuse username with characters that are not supported
+* in htpasswd files
+* @param $edit field submited
+* @return none
+*/
+function _htpasswdsync_validate($edit) {
+ if (isset($edit['name'])) {
+ if (ereg('[ :\t]', $edit['name'])) {
+ form_set_error('htpasswdsync',
+ t('The username contains an illegal character, like &lt;space&gt;, :'));
+ }
+ }
+} // htpasswdsync_validate
+
+ /**
* Display help and module information
* @param path which path of the site we're displaying help
* @param arg array that holds the current path as would be returned from arg() function
@@ -287,15 +359,29 @@ function htpasswdsync_perm() {
* Implementation of hook_user()
*/
function htpasswdsync_user($op, &$edit, &$account, $category = NULL) {
+ firep($op, "htpaswdsync_user hook -- op");
+ firep($edit, "htpaswdsync_user hook -- edit");
+ firep($account, "htpaswdsync_user hook -- account");
+ #firep($_htpasswdsync_debugfile);
+ ## drupal_set_message('<pre>' . $op . '<br>' . print_r($edit, TRUE) . '<br>' . print_r($account, TRUE) . '</pre>');
+ ##drupal_set_message('<b>' . $op . '<b>');
+ ##db_query("INSERT INTO log (a) VALUES('%s')", $op);
+
switch ($op) {
case "delete":
_htpasswdsync_delete($edit);
break;
case "insert":
- _htpasswdsync_update($edit);
+ _htpasswdsync_update($edit, $account);
break;
case "update":
- _htpasswdsync_update($edit);
+ _htpasswdsync_update($edit, $account);
+ break;
+ case "after_update":
+ _htpasswdsync_commit_to_htpasswd();
+ break;
+ case "validate":
+ _htpasswdsync_validate($edit);
break;
}
} // function htpasswdsync_user()
@@ -336,6 +422,11 @@ function htpasswdsync_admin() {
'#default_value' => _htpasswdsync_roles(),
'#options' => user_roles(TRUE),
);
+ $form['htpasswdsync_overwrite'] = array(
+ '#type' => 'checkbox',
+ '#title' => t('is htpasswd file only managed by this module'),
+ '#default_value' => _htpasswdsync_overwrite(),
+ );
return system_settings_form($form);
}

© 2014-2024 Faster IT GmbH | imprint | privacy policy