From 5d85267e0f5eeba6d4d7bda46dbb6b476127647e Mon Sep 17 00:00:00 2001 From: Matt Visnovsky Date: Mon, 24 May 2021 15:23:26 -0600 Subject: [PATCH] YOURLS version 1.8.1 Updated so this plugin functions with latest YOURLS version --- plugin.php | 36 +++++++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/plugin.php b/plugin.php index 0848c10..ca7cb1e 100644 --- a/plugin.php +++ b/plugin.php @@ -56,8 +56,10 @@ function ldapauth_environment_check() { return true; } - -yourls_add_filter( 'is_valid_user', 'ldapauth_is_valid_user' ); +# Reroute login to yourls filter +# (see https://github.com/YOURLS/YOURLS/wiki/Advanced-Hook-Syntax) +//yourls_add_filter( 'is_valid_user', 'ldapauth_is_valid_user' ); +yourls_add_filter( 'shunt_is_valid_user', 'ldapauth_is_valid_user' ); function ldapauth_shuffle_assoc($list) { if (!is_array($list)) return $list; @@ -117,7 +119,7 @@ function ldapauth_get_ldap_connection() { // returns true/false function ldapauth_is_valid_user( $value ) { global $yourls_user_passwords; - + // Always check & set early if ( !ldapauth_environment_check() ) { die( 'Invalid configuration for YOURLS LDAP plugin. Check PHP error log.' ); @@ -141,6 +143,7 @@ function ldapauth_is_valid_user( $value ) { if (!defined(LDAPAUTH_USERCACHE_TYPE) && isset( $_SESSION['LDAPAUTH_AUTH_USER'] ) ) { // already authenticated... $username = $_SESSION['LDAPAUTH_AUTH_USER']; + // why is this checked here, but not before the cookie is set? if ( ldapauth_is_authorized_user( $username ) ) { if( !isset($yourls_user_passwords[$username]) ) { @@ -202,7 +205,7 @@ function ldapauth_is_valid_user( $value ) { if (empty($ldapSuccess)) { // we don't need to do this if we already bound using username and LDAPAUTH_BIND_WITH_USER_TEMPLATE $ldapSuccess = @ldap_bind($ldapConnection, $userDn, $_REQUEST['password']); } - + // success? if ($ldapSuccess) { @@ -240,6 +243,7 @@ function ldapauth_is_valid_user( $value ) { $_SESSION['LDAPAUTH_AUTH_USER'] = $username; } return true; + ldapauth_debug("User $username was successfully authenticated"); } else { error_log("No LDAP success"); } @@ -259,8 +263,8 @@ function ldapauth_is_authorized_user( $username ) { global $ldapauth_authorized_admins; if ( in_array( $username, $ldapauth_authorized_admins ) ) { return true; - } - + } + // not an admin user return false; } @@ -281,7 +285,7 @@ function ldapauth_logout_hook( $args ) { * their LDAP passwords */ -yourls_add_action ('plugins_loaded', 'ldapauth_merge_users'); +yourls_add_action('plugins_loaded', 'ldapauth_merge_users'); function ldapauth_merge_users() { global $yourls_user_passwords; if ( !ldapauth_environment_check() ) { @@ -289,7 +293,10 @@ function ldapauth_merge_users() { } if(LDAPAUTH_USERCACHE_TYPE==1 && false !== yourls_get_option('ldapauth_usercache')) { ldapauth_debug("Merging text file users and cached LDAP users"); + //print_r($yourls_user_passwords) . "
"; $yourls_user_passwords = array_merge($yourls_user_passwords, yourls_get_option('ldapauth_usercache')); + //print_r($yourls_user_passwords) . "
"; + //die('Paused'); } } /** @@ -297,7 +304,7 @@ function ldapauth_merge_users() { * Code reused from yourls_hash_passwords_now() */ function ldapauth_create_user( $user, $new_password ) { - $configdata = file_get_contents( YOURLS_CONFIGFILE ); + $configdata = htmlspecialchars(file_get_contents( YOURLS_CONFIGFILE )); if ( $configdata == FALSE ) { die('Couldn\'t read the config file'); } @@ -306,10 +313,17 @@ function ldapauth_create_user( $user, $new_password ) { die('Can\'t write to config file'); $pass_hash = ldapauth_hash_password($new_password); - $user_line = "\t'$user' => 'phpass:$pass_hash' /* Password encrypted by YOURLS */,"; + $user_line = "\t'$user' => 'phpass:$pass_hash' /* LDAP user added by plugin */,"; // Add the user on a new line after the start of the passwords array - $new_contents = preg_replace('/(yourls_user_passwords\s=\sarray\()/', '$0 ' . PHP_EOL . $user_line, $configdata, -1, $count); + $new_contents = preg_replace('/\$yourls_user_passwords\s=\s\[/', '$0 ' . PHP_EOL . $user_line, $configdata, -1, $count); + //echo YOURLS_CONFIGFILE . "
"; + //echo $configdata . "
"; + //echo $user_line . "
"; + //echo $user . "
"; + //echo htmlspecialchars_decode($new_contents) . "
"; + //echo $count . "
"; + //die('Paused'); if ($count === 0) { die('Couldn\'t add user, plugin may not be compatible with YourLS version'); @@ -317,7 +331,7 @@ function ldapauth_create_user( $user, $new_password ) { die('Added user more than once. Check config file.'); } - $success = file_put_contents( YOURLS_CONFIGFILE, $new_contents ); + $success = file_put_contents( YOURLS_CONFIGFILE, htmlspecialchars_decode($new_contents) ); if ( $success === false ) { die('Unable to save config file'); }