mirror of
https://github.com/phpbb/phpbb.git
synced 2025-07-28 12:30:42 +02:00
- add additional auth check to the permission roles modules
- added new function to return globally used expressions (get_preg_expression($mode)). This should be very helpful in getting wide spread similar checks (regular expressions) to one place reducing the risk of forgetting to change every location if you fix one. ;) We will add additional ones later, at the moment only the email check is retrieved... - added "active module" var to the module class returning the current active module - changed call to image magick - add administrator to global moderators group by default - extend auth_option column a little bit - other bugfixes git-svn-id: file:///svn/phpbb/trunk@6135 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
@@ -1515,7 +1515,11 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
|
||||
if ($admin && !$auth->acl_get('a_'))
|
||||
{
|
||||
// Not authd
|
||||
add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
|
||||
// anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions
|
||||
if ($user->data['is_registered'])
|
||||
{
|
||||
add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
|
||||
}
|
||||
trigger_error('NO_AUTH_ADMIN');
|
||||
}
|
||||
|
||||
@@ -1548,7 +1552,12 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
|
||||
}
|
||||
else
|
||||
{
|
||||
add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
|
||||
// Only log the failed attempt if a real user tried to.
|
||||
// anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions
|
||||
if ($user->data['is_registered'])
|
||||
{
|
||||
add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1566,12 +1575,6 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
|
||||
trigger_error($message . '<br /><br />' . sprintf($l_redirect, '<a href="' . $redirect . '">', '</a>'));
|
||||
}
|
||||
|
||||
// The user wanted to re-authenticate, but something failed - log this
|
||||
if ($admin)
|
||||
{
|
||||
add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
|
||||
}
|
||||
|
||||
// Something failed, determine what...
|
||||
if ($result['status'] == LOGIN_BREAK)
|
||||
{
|
||||
@@ -1950,7 +1953,7 @@ function make_clickable($text, $server_url = false)
|
||||
$magic_url_replace[] = "'\$1<!-- w --><a href=\"http://\$2\" target=\"_blank\">' . ((strlen('\$2') > 55) ? substr(str_replace('&', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&', '&', '\$2'), -10) : '\$2') . '</a><!-- w -->'";
|
||||
|
||||
// matches an email@domain type address at the start of a line, or after a space or after what might be a BBCode.
|
||||
$magic_url_match[] = '#(^|[\n ]|\()([a-z0-9&\-_.]+?@[\w\-]+\.(?:[\w\-\.]+\.)?[\w]+)#ie';
|
||||
$magic_url_match[] = '/(^|[\n ]|\()(' . get_preg_expression('email') . ')/ie';
|
||||
$magic_url_replace[] = "'\$1<!-- e --><a href=\"mailto:\$2\">' . ((strlen('\$2') > 55) ? substr('\$2', 0, 39) . ' ... ' . substr('\$2', -10) : '\$2') . '</a><!-- e -->'";
|
||||
}
|
||||
|
||||
@@ -2254,6 +2257,23 @@ function get_backtrace()
|
||||
return $output;
|
||||
}
|
||||
|
||||
/**
|
||||
* This function returns a regular expression pattern for commonly used expressions
|
||||
* Use with / as delimiter
|
||||
* mode can be: email|
|
||||
*/
|
||||
function get_preg_expression($mode)
|
||||
{
|
||||
switch ($mode)
|
||||
{
|
||||
case 'email':
|
||||
return '[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+';
|
||||
break;
|
||||
}
|
||||
|
||||
return '';
|
||||
}
|
||||
|
||||
// Handler, header and footer
|
||||
|
||||
/**
|
||||
|
Reference in New Issue
Block a user