From 1ede1ad838bc3cef9a74d85900a86f3080a8ad0d Mon Sep 17 00:00:00 2001
From: rurban <rurban@96ab9672-09ca-45d6-a79d-3d69d39ca109>
Date: Mon, 14 Feb 2005 12:28:27 +0000
Subject: [PATCH] fix policy strict. Thanks to Mikhail Vladimirov

git-svn-id: svn://svn.code.sf.net/p/phpwiki/code/trunk@4585 96ab9672-09ca-45d6-a79d-3d69d39ca109
---
 lib/WikiUser/AdoDb.php        |  8 +++++++-
 lib/WikiUser/BogoLogin.php    |  8 +++++++-
 lib/WikiUser/File.php         |  7 +++++--
 lib/WikiUser/PearDb.php       |  8 +++++++-
 lib/WikiUser/PersonalPage.php | 20 ++++++++++++--------
 5 files changed, 38 insertions(+), 13 deletions(-)

diff --git a/lib/WikiUser/AdoDb.php b/lib/WikiUser/AdoDb.php
index bb9a1b43e..fc8e3c32d 100644
--- a/lib/WikiUser/AdoDb.php
+++ b/lib/WikiUser/AdoDb.php
@@ -1,5 +1,5 @@
 <?php //-*-php-*-
-rcs_id('$Id: AdoDb.php,v 1.4 2004-12-26 17:11:15 rurban Exp $');
+rcs_id('$Id: AdoDb.php,v 1.5 2005-02-14 12:28:26 rurban Exp $');
 /* Copyright (C) 2004 ReiniUrban
  * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2)
  */
@@ -209,6 +209,9 @@ extends _DbPassUser
         if ($result) { 
             $this->_level = WIKIAUTH_USER;
             return $this->_level;
+        } elseif (USER_AUTH_POLICY === 'strict') {
+            $this->_level = WIKIAUTH_FORBIDDEN;
+            return $this->_level;
         } else {
             return $this->_tryNextPass($submitted_password);
         }
@@ -247,6 +250,9 @@ extends _DbPassUser
 }
 
 // $Log: not supported by cvs2svn $
+// Revision 1.4  2004/12/26 17:11:15  rurban
+// just copyright
+//
 // Revision 1.3  2004/12/20 16:05:01  rurban
 // gettext msg unification
 //
diff --git a/lib/WikiUser/BogoLogin.php b/lib/WikiUser/BogoLogin.php
index 6ee458bd4..16dcedec3 100644
--- a/lib/WikiUser/BogoLogin.php
+++ b/lib/WikiUser/BogoLogin.php
@@ -1,5 +1,5 @@
 <?php //-*-php-*-
-rcs_id('$Id: BogoLogin.php,v 1.4 2004-12-26 17:11:15 rurban Exp $');
+rcs_id('$Id: BogoLogin.php,v 1.5 2005-02-14 12:28:27 rurban Exp $');
 /* Copyright (C) 2004 ReiniUrban
  * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2)
  */
@@ -44,6 +44,9 @@ extends _PassUser
                 if ($this->_checkPass($submitted_password, $stored_password)) {
                     $this->_level = WIKIAUTH_USER;
                     return $this->_level;
+                } elseif (USER_AUTH_POLICY === 'strict') {
+                    $this->_level = WIKIAUTH_FORBIDDEN;
+                    return $this->_level;
                 } else {
                     return $this->_tryNextPass($submitted_password);
                 }
@@ -59,6 +62,9 @@ extends _PassUser
 }
 
 // $Log: not supported by cvs2svn $
+// Revision 1.4  2004/12/26 17:11:15  rurban
+// just copyright
+//
 // Revision 1.3  2004/11/06 03:07:03  rurban
 // make use of dumped static config state in config/config.php (if writable)
 //
diff --git a/lib/WikiUser/File.php b/lib/WikiUser/File.php
index 90fad6d67..4271c7179 100644
--- a/lib/WikiUser/File.php
+++ b/lib/WikiUser/File.php
@@ -1,5 +1,5 @@
 <?php //-*-php-*-
-rcs_id('$Id: File.php,v 1.4 2004-12-26 17:11:16 rurban Exp $');
+rcs_id('$Id: File.php,v 1.5 2005-02-14 12:28:27 rurban Exp $');
 /* Copyright (C) 2004 ReiniUrban
  * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2)
  */
@@ -80,7 +80,7 @@ extends _PassUser
         if ($this->_may_change) {
             $this->_file = new File_Passwd($this->_file->_filename, true, 
                                            $this->_file->_filename.'.lock');
-            $result = $this->_file->modUser($this->_userid,$submitted_password);
+            $result = $this->_file->modUser($this->_userid, $submitted_password);
             $this->_file->close();
             $this->_file = new File_Passwd($this->_file->_filename, false);
             return $result;
@@ -91,6 +91,9 @@ extends _PassUser
 }
 
 // $Log: not supported by cvs2svn $
+// Revision 1.4  2004/12/26 17:11:16  rurban
+// just copyright
+//
 // Revision 1.3  2004/12/20 16:05:01  rurban
 // gettext msg unification
 //
diff --git a/lib/WikiUser/PearDb.php b/lib/WikiUser/PearDb.php
index c00f25c4b..2d1f80c5a 100644
--- a/lib/WikiUser/PearDb.php
+++ b/lib/WikiUser/PearDb.php
@@ -1,5 +1,5 @@
 <?php //-*-php-*-
-rcs_id('$Id: PearDb.php,v 1.6 2005-01-06 15:44:22 rurban Exp $');
+rcs_id('$Id: PearDb.php,v 1.7 2005-02-14 12:28:27 rurban Exp $');
 /* Copyright (C) 2004 ReiniUrban
  * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2)
  */
@@ -179,6 +179,9 @@ extends _DbPassUser
         if ($result) {
             $this->_level = WIKIAUTH_USER;
             return $this->_level;
+        } elseif (USER_AUTH_POLICY === 'strict') {
+            $this->_level = WIKIAUTH_FORBIDDEN;
+            return $this->_level;
         } else {
             return $this->_tryNextPass($submitted_password);
         }
@@ -219,6 +222,9 @@ extends _DbPassUser
 }
 
 // $Log: not supported by cvs2svn $
+// Revision 1.6  2005/01/06 15:44:22  rurban
+// move password length checker to correct method. thanks to Charles Corrigan
+//
 // Revision 1.5  2004/12/26 17:11:17  rurban
 // just copyright
 //
diff --git a/lib/WikiUser/PersonalPage.php b/lib/WikiUser/PersonalPage.php
index 8b1ef91a1..bbc399324 100644
--- a/lib/WikiUser/PersonalPage.php
+++ b/lib/WikiUser/PersonalPage.php
@@ -1,5 +1,5 @@
 <?php //-*-php-*-
-rcs_id('$Id: PersonalPage.php,v 1.4 2004-12-26 17:11:17 rurban Exp $');
+rcs_id('$Id: PersonalPage.php,v 1.5 2005-02-14 12:28:27 rurban Exp $');
 /* Copyright (C) 2004 ReiniUrban
  * This file is part of PhpWiki. Terms and Conditions see LICENSE. (GPL2)
  */
@@ -27,18 +27,18 @@ extends _PassUser
             if (empty($stored_password)) {
             	if (PASSWORD_LENGTH_MINIMUM > 0) {
                   trigger_error(sprintf(
-                    _("PersonalPage login method:\n").
-                    _("You stored an empty password in your '%s' page.\n").
-                    _("Your access permissions are only for a BogoUser.\n").
+                    _("PersonalPage login method:")."\n".
+                    _("You stored an empty password in your '%s' page.")."\n".
+                    _("Your access permissions are only for a BogoUser.")."\n".
                     _("Please set a password in UserPreferences."),
                                         $this->_userid), E_USER_WARNING);
                   $this->_level = WIKIAUTH_BOGO;
             	} else {
             	  if (!empty($submitted_password))
                     trigger_error(sprintf(
-                      _("PersonalPage login method:\n").
-                      _("You stored an empty password in your '%s' page.\n").
-                      _("Given password ignored.\n").
+                      _("PersonalPage login method:")."\n".
+                      _("You stored an empty password in your '%s' page.")."\n".
+                      _("Given password ignored.")."\n".
                       _("Please set a password in UserPreferences."),
                                         $this->_userid), E_USER_WARNING);
                   $this->_level = WIKIAUTH_USER;
@@ -48,12 +48,16 @@ extends _PassUser
             if ($this->_checkPass($submitted_password, $stored_password))
                 return ($this->_level = WIKIAUTH_USER);
             return _PassUser::checkPass($submitted_password);
+        } else {
+            return WIKIAUTH_ANON;
         }
-        return WIKIAUTH_ANON;
     }
 }
 
 // $Log: not supported by cvs2svn $
+// Revision 1.4  2004/12/26 17:11:17  rurban
+// just copyright
+//
 // Revision 1.3  2004/11/05 22:09:39  rurban
 // empty passwd PersonalPage case
 //
-- 
2.45.0