FreeLists / dokuwiki / [dokuwiki] darcs patch: Switch the user to ssl when we do login and back when ...

[dokuwiki] || [Date Prev] [04-2006 Date Index] [Date Next] || [Thread Prev] [04-2006 Thread Index] [Thread Next]

[dokuwiki] darcs patch: Switch the user to ssl when we do login and back when ...

From: Troels Liebe Bentsen <tlb@xxxxxxxxxxx>
To: dokuwiki@xxxxxxxxxxxxx
Date: Sat, 8 Apr 2006 15:43:52 +0200 (CEST)

Sat Apr  8 15:38:32 CEST 2006  Troels Liebe Bentsen <tlb@xxxxxxxxxxx>
  * Switch the user to ssl when we do login and back when we are done. Can be 
set with a new $conf['loginssl'] switch.

New patches:

[Switch the user to ssl when we do login and back when we are done. Can be set 
with a new $conf['loginssl'] switch.
Troels Liebe Bentsen <tlb@xxxxxxxxxxx>**20060408133832] {
hunk ./conf/dokuwiki.php 64
+$conf['loginssl']       =  1;            //Use ssl when doing login by using 
https:// on the same server. 
hunk ./inc/actions.php 39
+  // We need to do a login, so switch to ssl
+  if($ACT == 'login' and !isset($_SERVER['HTTPS']) and $conf['loginssl'])
+    header("Location: 
https://".$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'].'?id='.$ID.'&do=login');
+
+
hunk ./inc/actions.php 310
-    return 'login';
+    return 'show';
hunk ./inc/auth.php 60
-      auth_login($_REQUEST['u'],$_REQUEST['p'],$_REQUEST['r']);
+      $authresult = auth_login($_REQUEST['u'],$_REQUEST['p'],$_REQUEST['r']);
hunk ./inc/auth.php 68
+    }
+    // Go back to un ssl'ed mode after login.
+    if($authresult and isset($_REQUEST['u']) and $conf['loginssl']) {
+        header("Location: 
http://".$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'].'?id='.$_REQUEST['id']);
}

Context:

[rewrite export URLs
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060405025621
 
 This patch rewrites export urls so that robots.txt can be used 
 to request that some (or all) export types are ignored by 
 robots when indexing the wiki. 
 
 For example:
 User-agent: *
 Disallow: _export/
 
 or for example:
 User-agent: *
 Disallow: _export/raw/
 
 Note: This rewriting is only done when $conf['userewrite'] is 
 set to '1' for using the rewrite rules from '.htaccess.dist'.
 
] 
[move hsc() & ptln() functions from template.php to common.php
chris@xxxxxxxxxxxxx**20060403202815] 
[more efficient mb_string checking in utf8.php
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060403194930] 
[better utf8_substr function
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060403192537] 
[moved toolbar out of form scope #757
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060331085543
 This ensures that the save button stays the default button of the
 form again.
] 
[fix for diff links in feed.php #761
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060331082125] 
[ldap auth fix #762
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060331081201] 
[fix for icons in mediamanager #771
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060331080812] 
[typo in dwpage.php help screen fixed
Andreas Abeck <andreas.abeck@xxxxxxxxxx>**20060331075506] 
[bt-br update
Frederico Goncalves Guimaraes <fgguimaraes@xxxxxxxxx>**20060331075028] 
[fix config plugin setting_numeric pattern
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060327200700
 The old pattern (left as a comment) allowed many PHP syntax errors 
 to be inserted into local.php for numeric values. This was breaking 
 the wiki... see bug #769. 
 
 This patch should eliminate the syntax errors by using a more restrictive 
 definition of numeric settings. 
] 
[update config plugin metadata
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060327181005] 
[fix config plugin function name _setup_localised_plugin_prompts
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060327152528] 
[GeShi update to 1.0.7.8
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060327133738] 
[plugin manager update / will now expire page, css & js caches after a plugin 
change
chris@xxxxxxxxxxxxx**20060326122952] 
[RSS update time and 304 Not Modified
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060324133315
   - Gives the wiki administrator control over how often the RSS feed is 
regenerated.
   - The RSS feed now handles conditional requests and returns HTTP '304 Not 
Modified' 
     responses when possible.
] 
[show page generation time
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060324032426] 
['Back to top' style bug fix
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060321020948
 Removes some link underlining that would appear around the 'Back to top' 
button.
] 
[changes to config plugin needed for template and plugin configuration
Esther Brunner <esther@xxxxxxxxxxxxx>**20060322140525] 
[functions for accessing template config variables
Esther Brunner <esther@xxxxxxxxxxxxx>**20060322140200] 
[methods for loading config variables in syntax and amin plugins
Esther Brunner <esther@xxxxxxxxxxxxx>**20060322110832] 
[Danish lang update
larsch8@xxxxxxxxxxxxx**20060321005453] 
[fixes spellchecker problem with apostrophe in links #753
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060317203643] 
[changes order of CSS loading #746
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060317185142
 This changes the order of how Stylesheets are loaded, loading template
 styles *after* the plugin styles to allow template authors to simply
 override those styles.
] 
[make sure the parser works if acronym file is missing #716
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060317182631
 Parser don't longer breaks if no smileys, acronyms or entities are configured
] 
[czech lang update
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060317181744] 
[dichotomic search for getRevisionInfo
Yann <yann.hamon@xxxxxxxxx>**20060317175725] 
[fixed bug where '304 Not Modified' worked every other time because cache 
headers were not sent
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060315120248] 
[Enable '304 Not Modified' responses for CSS and JS.
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060315115745] 
[refactored http_conditionalRequest($timestamp) to inc/pageutils.php
Ben Coburn <btcoburn@xxxxxxxxxxxxx>**20060315064506] 
[use 389 as standard port in ldap auth
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060314191118] 
[first piece of greek translation
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060314190620] 
[xhtml.php fix for recent <p>..</p> removal regex
chris@xxxxxxxxxxxxx**20060314152807] 
[usermanager minor changes: white space & comment improvement
chris@xxxxxxxxxxxxx**20060314122618] 
[user manager fix : gracefully handle an attempt to edit a non-existant user
chris@xxxxxxxxxxxxx**20060314104843] 
[experimental shadow effect for input controls
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060313221312
 This adds a shadow effect to input fields and buttons for the default
 template. It uses alphatransparency PNGs so it will may look bad for IE
 in some cases. I think it adds some nice 3D effect making inputs and
 buttons easily distictable without any complicated CSS markup.
] 
[Danish lang update
larsch8@xxxxxxxxxxxxx**20060312214049] 
[plugin manager upate: protect default plugins, add enable/disable functionality
chris@xxxxxxxxxxxxx**20060311192655] 
[empty paragraph fixup for XHTML renderer
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060311201015
 as discussed on the mailinglist
] 
[small css fix for usermanager
Anika Henke <a.c.henke@xxxxxxxx>**20060311194930] 
[Automatic draft saving
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060311200148
 DokuWiki now automatically creates a draft file of the currently edited
 page. In case of an editing interuption (eg. Browsercrash) the draftfile
 can be continued later.
] 
[enhanced clientIP() function
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060311185752
 The function now can optinally return a single IP address and tries
 to be clever about which one to choose if multiple were supplied
 through X-Forwarded-For headers
] 
[Fix toc indentation for toptoclevel > 1
jan@xxxxxxxxxxxxxxx**20060310155752] 
[LDAP URI support for parser
'Guy Brand <gb@xxxxxxxxxxxxxxxxx>'**20060311130311
 Add parser detection for LDAP URI scheme as specified in RFC 2255
] 
[TAG release 2006-03-09
Andreas Gohr <andi@xxxxxxxxxxxxxx>**20060309203051] 
Patch bundle hash:
ec57cc5011204123c8ec1eadd16d823c03f4d0bc

Follow-Ups:
- [dokuwiki] Re: darcs patch: Switch the user to ssl when we do login and back when ...
  - From: Andreas Gohr