History log of /dokuwiki/inc/auth.php (Results 76 – 100 of 324)
Revision Date Author Comments
# 1af2f135 06-Sep-2016 Andreas Gohr <gohr@cosmocode.de>

phpseclib is now namespaced
# 59752844 14-Jun-2016 Anders Sandblad <runeson@gmail.com>

Fixed broken links to php.net and redirecting pages to php.net
# c6c3f80e 26-May-2016 Andreas Gohr <andi@splitbrain.org>

Merge pull request #1504 from mape2k/authplain_fix_user_cache

Invalidate user session cache after profile data was changed (fix #1117)
# 955d4588 19-Apr-2016 Andreas Gohr <andi@splitbrain.org>

removed support for loading authplugins by old name #1535
# c276e9e8 15-Mar-2016 Marcel Pennewiss <github@pennewiss.de>

Invalidate user session cache after profile data was changed
# 8eca974c 27-Nov-2015 Andreas Gohr <andi@splitbrain.org>

remove unused token login. closes #1376

The token login was introduced for the flash uploader. Since it has been
removed there is no need for this code anymore.
# 37ff2261 12-Jun-2015 Sascha Klopp <klopp@rrzn.uni-hannover.de>

correctly handle usergroups array
# e6c4392f 07-May-2015 Patrick Brown <ptbrown@whoopdedo.org>

Fix scrutinizer issues with auth
# db9faf02 06-May-2015 Patrick Brown <ptbrown@whoopdedo.org>

Report more meaningful errors when an auth backend fails. closes #1093
# 79e79377 07-Jan-2015 Andreas Gohr <gohr@cosmocode.de>

Remove error supression for file_exists()

In an older version of PHP a file_exists() call would issue a warning
when the file did not exist. This was fixed in later PHP releases. Since
we require PH

Remove error supression for file_exists()

In an older version of PHP a file_exists() call would issue a warning
when the file did not exist. This was fixed in later PHP releases. Since
we require PHP 5.3 now, there's no need to supress any error here
anymore. This might even give a minor performance boost.

show more ...


# 8702de7f 09-Dec-2014 Gerrit Uitslag <klapinklapin@gmail.com>

Merge remote-tracking branch 'origin/master' into scrutinizerissues

Conflicts:
inc/media.php
inc/plugin.php
inc/template.php
lib/plugins/authplain/_test/escaping.test.php
lib/plugins/syntax.php
# 60aca4b9 06-Oct-2014 Andreas Gohr <gohr@cosmocode.de>

do not use Accept-Encoding in browser UID

Since Chrome 37, they send differen accept encodings for POST and GET
requests which will break BrowserUID checks as reported in
cosmocode/dokuwiki-plugin-o

do not use Accept-Encoding in browser UID

Since Chrome 37, they send differen accept encodings for POST and GET
requests which will break BrowserUID checks as reported in
cosmocode/dokuwiki-plugin-oauth/issues/3

See https://code.google.com/p/chromium/issues/detail?id=410559 for
official bug report at Google

show more ...


# 7e8500ee 02-Oct-2014 Gerrit Uitslag <klapinklapin@gmail.com>

PHPDocs and some improvements
# 42ea7f44 01-Oct-2014 Gerrit Uitslag <klapinklapin@gmail.com>

Many PHPDocs, some unused and dyn declared vars

many PHPDocs
some unused variables
some dynamically declared variables declared
# 59bc3b48 29-Sep-2014 Gerrit Uitslag <klapinklapin@gmail.com>

more scrutinizer issue improvements
# 3df1d4a6 27-Sep-2014 Andreas Gohr <andi@splitbrain.org>

Merge pull request #868 from splitbrain/authclean

clean user credentials from control chars
# 7b950f2d 26-Sep-2014 Andreas Gohr <andi@splitbrain.org>

Merge remote-tracking branch 'origin/auth_getUserData_improvements'

* origin/auth_getUserData_improvements:
KISS - remove class constants for REQUIRE_GROUPS & IGNORE_GROUPS and replace with boolea

Merge remote-tracking branch 'origin/auth_getUserData_improvements'

* origin/auth_getUserData_improvements:
KISS - remove class constants for REQUIRE_GROUPS & IGNORE_GROUPS and replace with boolean values
use $requireGroups constants in auth classes; comments; code improvements
fix comment errors, sp. & grammar
code styling - add missing braces
Allow user info to be retrieved without groups
Restore correct public interface of getUserData() for authldap plugin

Conflicts:
inc/common.php

show more ...


# 5e9e1054 26-Sep-2014 Andreas Gohr <andi@splitbrain.org>

do not allow empty passwords

When a username but no password is submitted, the login is denied right
away instead of relying on the backend to refuse the login.
# 395c2f0f 23-Sep-2014 Andreas Gohr <andi@splitbrain.org>

clean user credentials from control chars

This is to prevent zero byte attacks on external auth systems as
described in
http://www.freelists.org/post/dokuwiki/Fwd-Dokuwiki-maybe-security-issue-Null-

clean user credentials from control chars

This is to prevent zero byte attacks on external auth systems as
described in
http://www.freelists.org/post/dokuwiki/Fwd-Dokuwiki-maybe-security-issue-Null-byte-poisoning-in-LDAP-authentication

show more ...


# e5204a12 30-Jul-2014 Jurgen Hart <jhart@winterfell.schenkerit.com>

Added @ALL handeling in auth_isMember
# 49cd1ed0 26-Jul-2014 Andreas Gohr <andi@splitbrain.org>

fix AUTH_USER_CHANGE event in profile updates

the triggered event did not allow event handlers to change the passed
data
# 2dc9e900 04-May-2014 Christopher Smith <chris@jalakai.co.uk>

KISS - remove class constants for REQUIRE_GROUPS & IGNORE_GROUPS and replace with boolean values
# 2046a654 12-Mar-2014 Christopher Smith <chris@jalakai.co.uk>

Allow user info to be retrieved without groups

Some parts of dokuwiki (e.g. recent changes, old revisions) can
requests lots of user info (to provide editor names) without
requiring any group inform

Allow user info to be retrieved without groups

Some parts of dokuwiki (e.g. recent changes, old revisions) can
requests lots of user info (to provide editor names) without
requiring any group information.

This change also implements caching of user info by authmysql &
authpgsql plugins to avoid repeated querying of the DB to retrieve
the same user information.

show more ...


# 585bf44e 06-Mar-2014 Christopher Smith <chris@jalakai.co.uk>

amend $_SERVER to $INPUT->server
# f87b5dbb 05-Mar-2014 Christopher Smith <chris@jalakai.co.uk>

use isset() + ?: or error suppression where value may not be set

12345678910>>...13