YOURLS version 1.8.1

Updated so this plugin functions with latest YOURLS version
This commit is contained in:
Matt Visnovsky 2021-05-24 15:23:26 -06:00
parent d60ea0e6aa
commit 5d85267e0f

View File

@ -56,8 +56,10 @@ function ldapauth_environment_check() {
return true; return true;
} }
# Reroute login to yourls filter
yourls_add_filter( 'is_valid_user', 'ldapauth_is_valid_user' ); # (see https://github.com/YOURLS/YOURLS/wiki/Advanced-Hook-Syntax)
//yourls_add_filter( 'is_valid_user', 'ldapauth_is_valid_user' );
yourls_add_filter( 'shunt_is_valid_user', 'ldapauth_is_valid_user' );
function ldapauth_shuffle_assoc($list) { function ldapauth_shuffle_assoc($list) {
if (!is_array($list)) return $list; if (!is_array($list)) return $list;
@ -141,6 +143,7 @@ function ldapauth_is_valid_user( $value ) {
if (!defined(LDAPAUTH_USERCACHE_TYPE) && isset( $_SESSION['LDAPAUTH_AUTH_USER'] ) ) { if (!defined(LDAPAUTH_USERCACHE_TYPE) && isset( $_SESSION['LDAPAUTH_AUTH_USER'] ) ) {
// already authenticated... // already authenticated...
$username = $_SESSION['LDAPAUTH_AUTH_USER']; $username = $_SESSION['LDAPAUTH_AUTH_USER'];
// why is this checked here, but not before the cookie is set? // why is this checked here, but not before the cookie is set?
if ( ldapauth_is_authorized_user( $username ) ) { if ( ldapauth_is_authorized_user( $username ) ) {
if( !isset($yourls_user_passwords[$username]) ) { if( !isset($yourls_user_passwords[$username]) ) {
@ -240,6 +243,7 @@ function ldapauth_is_valid_user( $value ) {
$_SESSION['LDAPAUTH_AUTH_USER'] = $username; $_SESSION['LDAPAUTH_AUTH_USER'] = $username;
} }
return true; return true;
ldapauth_debug("User $username was successfully authenticated");
} else { } else {
error_log("No LDAP success"); error_log("No LDAP success");
} }
@ -289,7 +293,10 @@ function ldapauth_merge_users() {
} }
if(LDAPAUTH_USERCACHE_TYPE==1 && false !== yourls_get_option('ldapauth_usercache')) { if(LDAPAUTH_USERCACHE_TYPE==1 && false !== yourls_get_option('ldapauth_usercache')) {
ldapauth_debug("Merging text file users and cached LDAP users"); ldapauth_debug("Merging text file users and cached LDAP users");
//print_r($yourls_user_passwords) . "<br>";
$yourls_user_passwords = array_merge($yourls_user_passwords, yourls_get_option('ldapauth_usercache')); $yourls_user_passwords = array_merge($yourls_user_passwords, yourls_get_option('ldapauth_usercache'));
//print_r($yourls_user_passwords) . "<br>";
//die('Paused');
} }
} }
/** /**
@ -297,7 +304,7 @@ function ldapauth_merge_users() {
* Code reused from yourls_hash_passwords_now() * Code reused from yourls_hash_passwords_now()
*/ */
function ldapauth_create_user( $user, $new_password ) { function ldapauth_create_user( $user, $new_password ) {
$configdata = file_get_contents( YOURLS_CONFIGFILE ); $configdata = htmlspecialchars(file_get_contents( YOURLS_CONFIGFILE ));
if ( $configdata == FALSE ) { if ( $configdata == FALSE ) {
die('Couldn\'t read the config file'); die('Couldn\'t read the config file');
} }
@ -306,10 +313,17 @@ function ldapauth_create_user( $user, $new_password ) {
die('Can\'t write to config file'); die('Can\'t write to config file');
$pass_hash = ldapauth_hash_password($new_password); $pass_hash = ldapauth_hash_password($new_password);
$user_line = "\t'$user' => 'phpass:$pass_hash' /* Password encrypted by YOURLS */,"; $user_line = "\t'$user' => 'phpass:$pass_hash' /* LDAP user added by plugin */,";
// Add the user on a new line after the start of the passwords array // Add the user on a new line after the start of the passwords array
$new_contents = preg_replace('/(yourls_user_passwords\s=\sarray\()/', '$0 ' . PHP_EOL . $user_line, $configdata, -1, $count); $new_contents = preg_replace('/\$yourls_user_passwords\s=\s\[/', '$0 ' . PHP_EOL . $user_line, $configdata, -1, $count);
//echo YOURLS_CONFIGFILE . "<br>";
//echo $configdata . "<br>";
//echo $user_line . "<br>";
//echo $user . "<br>";
//echo htmlspecialchars_decode($new_contents) . "<br>";
//echo $count . "<br>";
//die('Paused');
if ($count === 0) { if ($count === 0) {
die('Couldn\'t add user, plugin may not be compatible with YourLS version'); die('Couldn\'t add user, plugin may not be compatible with YourLS version');
@ -317,7 +331,7 @@ function ldapauth_create_user( $user, $new_password ) {
die('Added user more than once. Check config file.'); die('Added user more than once. Check config file.');
} }
$success = file_put_contents( YOURLS_CONFIGFILE, $new_contents ); $success = file_put_contents( YOURLS_CONFIGFILE, htmlspecialchars_decode($new_contents) );
if ( $success === false ) { if ( $success === false ) {
die('Unable to save config file'); die('Unable to save config file');
} }