run passcrypt when user does not exist #4491This will automatically use the configured password hashing method, thusmatching what existing users most likely have for their hash as well.
align urlref https://github.com/dokuwiki/dokuwiki/issues/4270- align url to standard prefix- realign spacing
Updated Lithuanian translation
correctly escape comments in user names. fixes #4099
translation update
code style: operator spacing
coding style: control flow whitespaces
Apply rector renames
Apply rector fixes to auth plugins
AuthPlain user parsing fix. #3833This removes workarounds we had for old PCRE versions. All modern PHPreleases should be workable with the Regex we have.If splitting the user line results in les
AuthPlain user parsing fix. #3833This removes workarounds we had for old PCRE versions. All modern PHPreleases should be workable with the Regex we have.If splitting the user line results in less than 5 results, we log anerror and pad the result for further use.
show more ...
authplain: properly clean user namesThe authplain module uses cleanID to clean usernames to make them validpagenames. However namespaces should not be used in usernames.For that cleanUser and cl
authplain: properly clean user namesThe authplain module uses cleanID to clean usernames to make them validpagenames. However namespaces should not be used in usernames.For that cleanUser and cleanGroup replaced columns in given names. Butdepending on the wiki configuration useslash, semicolons and slashes mayalso be used as namespace separators. cleanID would replace those withcolons, reintroducing colons into the names.The problem was reported in a forum post where spammers tried toregister http addresses as user names:https://forum.dokuwiki.org/d/19796-spammers-with-in-their-nameUsers with colons were correctly saved (the colon is escaped in the userfile) but could probably not login (unless using a slash or semicoloninstead of the colon). Since usernames are cleaned in many places inDokuWiki, such a logged in user was probably not recognized correctly.Because of the proper colon escaping when saving the user file, I don'tsee any security issue arising from this. Eg. it was not possible totrip up the user loading mechanism.Note: Previously created users containing colons can not be deleted viathe user manager, because displayed usernames are cleaned again, whichwill remove the colons.
add needed type hints for phpunit8This will break a lot of plugin tests, but can't be avoided
refresh user cache in plain auth on user modifyingWhen a user login was renamed, the user appeared twice. Once as the olduser and once as the new user.
Changes according to revisions in https://github.com/moisesbr-dw/dokuwiki/pull/2Many minor details and use of Sort::xyz() instead of intl_xyz() in files outside the "inc" folder.
Authorization plugins[enhancement] group sorting in authplain
123456