2 rcs_id('$Id: WikiUser.php,v 1.48 2004-02-01 09:14:11 rurban Exp $');
4 // It is anticipated that when userid support is added to phpwiki,
5 // this object will hold much more information (e-mail,
6 // home(wiki)page, etc.) about the user.
8 // There seems to be no clean way to "log out" a user when using HTTP
9 // authentication. So we'll hack around this by storing the currently
10 // logged in username and other state information in a cookie.
12 // 2002-09-08 11:44:04 rurban
13 // Todo: Fix prefs cookie/session handling:
14 // _userid and _homepage cookie/session vars still hold the
16 // If no homepage, fallback to prefs in cookie as in 1.3.3.
18 define('WIKIAUTH_ANON', 0);
19 define('WIKIAUTH_BOGO', 1); // any valid WikiWord is enough
20 define('WIKIAUTH_USER', 2); // real auth from a database/file/server.
22 define('WIKIAUTH_ADMIN', 10);
23 define('WIKIAUTH_FORBIDDEN', 11); // Completely not allowed.
25 $UserPreferences = array(
26 'userid' => new _UserPreference(''), // really store this also?
27 'passwd' => new _UserPreference(''),
28 'email' => new _UserPreference(''),
29 'emailVerified' => new _UserPreference_bool(),
30 'notifyPages' => new _UserPreference(''),
31 'theme' => new _UserPreference_theme(THEME),
32 'lang' => new _UserPreference_language(DEFAULT_LANGUAGE),
33 'editWidth' => new _UserPreference_int(80, 30, 150),
34 'noLinkIcons' => new _UserPreference_bool(),
35 'editHeight' => new _UserPreference_int(22, 5, 80),
36 'timeOffset' => new _UserPreference_numeric(0, -26, 26),
37 'relativeDates' => new _UserPreference_bool()
40 function WikiUserClassname() {
44 function UpgradeUser ($olduser, $user) {
45 if (isa($user,'WikiUser') and isa($olduser,'WikiUser')) {
46 // populate the upgraded class with the values from the old object
47 foreach (get_object_vars($olduser) as $k => $v) {
50 $GLOBALS['request']->_user = $user;
63 var $_request, $_dbi, $_authdbi, $_homepage;
64 var $_authmethod = '', $_authhow = '';
69 * Populates the instance variables and calls $this->_ok()
70 * to ensure that the parameters are valid.
71 * @param mixed $userid String of username or WikiUser object.
72 * @param integer $authlevel Authorization level.
74 function WikiUser (&$request, $userid = false, $authlevel = false) {
75 $this->_request = &$request;
76 $this->_dbi = &$this->_request->getDbh();
78 if (isa($userid, 'WikiUser')) {
79 $this->_userid = $userid->_userid;
80 $this->_level = $userid->_level;
83 $this->_userid = $userid;
84 $this->_level = $authlevel;
87 // Paranoia: if state is at all inconsistent, log out...
88 $this->_userid = false;
89 $this->_level = false;
90 $this->_homepage = false;
91 $this->_authhow .= ' paranoia logout';
94 $this->_homepage = $this->_dbi->getPage($this->_userid);
99 * Get the string indicating how the user was authenticated.
101 * Get the string indicating how the user was authenticated.
102 * Does not seem to be set - jbw
103 * @return string The method of authentication.
105 function auth_how() {
106 return $this->_authhow;
112 * If the WikiUser object has a valid authorization level and the
113 * userid is a string returns true, else false.
114 * @return boolean If valid level and username string true, else false
117 if ((in_array($this->_level, array(WIKIAUTH_BOGO,
121 (is_string($this->_userid)))) {
127 function UserName() {
128 return $this->_userid;
132 return ( $this->isSignedIn()
134 : $this->_request->get('REMOTE_ADDR') ); // FIXME: globals
137 function getAuthenticatedId() {
138 return ( $this->isAuthenticated()
140 : $this->_request->get('REMOTE_ADDR') ); // FIXME: globals
143 function isSignedIn () {
144 return $this->_level >= WIKIAUTH_BOGO;
147 function isAuthenticated () {
148 return $this->_level >= WIKIAUTH_USER;
151 function isAdmin () {
152 return $this->_level == WIKIAUTH_ADMIN;
155 function hasAuthority ($require_level) {
156 return $this->_level >= $require_level;
159 function AuthCheck ($postargs) {
160 // Normalize args, and extract.
161 $keys = array('userid', 'passwd', 'require_level', 'login', 'logout',
163 foreach ($keys as $key)
164 $args[$key] = isset($postargs[$key]) ? $postargs[$key] : false;
166 $require_level = max(0, min(WIKIAUTH_ADMIN, (int)$require_level));
169 return new WikiUser($this->_request); // Log out
171 return false; // User hit cancel button.
172 elseif (!$login && !$userid)
173 return false; // Nothing to do?
175 $authlevel = $this->_pwcheck($userid, $passwd);
177 return _("Invalid password or userid.");
178 elseif ($authlevel < $require_level)
179 return _("Insufficient permissions.");
182 $user = new WikiUser($this->_request);
183 $user->_userid = $userid;
184 $user->_level = $authlevel;
188 function PrintLoginForm (&$request, $args, $fail_message = false,
189 $seperate_page = true) {
190 include_once('lib/Template.php');
191 // Call update_locale in case the system's default language is not 'en'.
192 // (We have no user pref for lang at this point yet, no one is logged in.)
193 update_locale(DEFAULT_LANGUAGE);
196 extract($args); // fixme
198 $require_level = max(0, min(WIKIAUTH_ADMIN, (int)$require_level));
200 $pagename = $request->getArg('pagename');
201 $login = new Template('login', $request,
202 compact('pagename', 'userid', 'require_level',
203 'fail_message', 'pass_required'));
204 if ($seperate_page) {
205 $top = new Template('html', $request,
206 array('TITLE' => _("Sign In")));
207 return $top->printExpansion($login);
216 function _pwcheck ($userid, $passwd) {
217 global $WikiNameRegexp;
219 if (!empty($userid) && $userid == ADMIN_USER) {
220 // $this->_authmethod = 'pagedata';
221 if (defined('ENCRYPTED_PASSWD') && ENCRYPTED_PASSWD)
223 && crypt($passwd, ADMIN_PASSWD) == ADMIN_PASSWD )
224 return WIKIAUTH_ADMIN;
227 if (!empty($passwd)) {
228 if ($passwd == ADMIN_PASSWD)
229 return WIKIAUTH_ADMIN;
231 // maybe we forgot to enable ENCRYPTED_PASSWD?
232 if ( function_exists('crypt')
233 && crypt($passwd, ADMIN_PASSWD) == ADMIN_PASSWD ) {
234 trigger_error(_("You forgot to set ENCRYPTED_PASSWD to true. Please update your /index.php"),
236 return WIKIAUTH_ADMIN;
242 // HTTP Authentication
243 elseif (ALLOW_HTTP_AUTH_LOGIN && !empty($PHP_AUTH_USER)) {
244 // if he ignored the password field, because he is already
245 // authenticated try the previously given password.
247 $passwd = $PHP_AUTH_PW;
250 // WikiDB_User DB/File Authentication from $DBAuthParams
251 // Check if we have the user. If not try other methods.
252 if (ALLOW_USER_LOGIN) { // && !empty($passwd)) {
253 $request = $this->_request;
254 // first check if the user is known
255 if ($this->exists($userid)) {
256 $this->_authmethod = 'pagedata';
257 return ($this->checkPassword($passwd)) ? WIKIAUTH_USER : false;
259 // else try others such as LDAP authentication:
260 if (ALLOW_LDAP_LOGIN && !empty($passwd)) {
261 if ($ldap = ldap_connect(LDAP_AUTH_HOST)) { // must be a valid LDAP server!
262 $r = @ldap_bind($ldap); // this is an anonymous bind
263 $st_search = "uid=$userid";
264 // Need to set the right root search information. see ../index.php
265 $sr = ldap_search($ldap, LDAP_BASE_DN,
267 $info = ldap_get_entries($ldap, $sr); // there may be more hits with this userid. try every
268 for ($i = 0; $i < $info["count"]; $i++) {
269 $dn = $info[$i]["dn"];
270 // The password is still plain text.
271 if ($r = @ldap_bind($ldap, $dn, $passwd)) {
272 // ldap_bind will return TRUE if everything matches
274 $this->_authmethod = 'LDAP';
275 return WIKIAUTH_USER;
279 trigger_error("Unable to connect to LDAP server "
280 . LDAP_AUTH_HOST, E_USER_WARNING);
283 // imap authentication. added by limako
284 if (ALLOW_IMAP_LOGIN && !empty($passwd)) {
285 $mbox = @imap_open( "{" . IMAP_AUTH_HOST . "}",
286 $userid, $passwd, OP_HALFOPEN );
289 $this->_authmethod = 'IMAP';
290 return WIKIAUTH_USER;
295 if ( ALLOW_BOGO_LOGIN
296 && preg_match('/\A' . $WikiNameRegexp . '\z/', $userid) ) {
297 $this->_authmethod = 'BOGO';
298 return WIKIAUTH_BOGO;
303 // Todo: try our WikiDB backends.
304 function getPreferences() {
305 // Restore saved preferences.
307 // I'd rather prefer only to store the UserId in the cookie or
308 // session, and get the preferences from the db or page.
309 if (!($prefs = $this->_request->getCookieVar('WIKI_PREFS2')))
310 $prefs = $this->_request->getSessionVar('wiki_prefs');
312 //if (!$this->_userid && !empty($GLOBALS['HTTP_COOKIE_VARS']['WIKI_ID'])) {
313 // $this->_userid = $GLOBALS['HTTP_COOKIE_VARS']['WIKI_ID'];
316 // before we get his prefs we should check if he is signed in
317 if (USE_PREFS_IN_PAGE && $this->homePage()) { // in page metadata
319 if ($pref = $this->_homepage->get('pref')) {
320 //trigger_error("pref=".$pref);//debugging
321 $prefs = unserialize($pref);
324 return new UserPreferences($prefs);
327 // No cookies anymore for all prefs, only the userid. PHP creates
328 // a session cookie in memory, which is much more efficient.
330 // Return the number of changed entries?
331 function setPreferences($prefs, $id_only = false) {
333 $this->_request->setSessionVar('wiki_prefs', $prefs);
334 // $this->_request->setCookieVar('WIKI_PREFS2', $this->_prefs, 365);
335 // simple unpacked cookie
336 if ($this->_userid) setcookie('WIKI_ID', $this->_userid, 365, '/');
338 // We must ensure that any password is encrypted.
339 // We don't need any plaintext password.
341 if ($this->isSignedIn()) {
342 if ($this->isAdmin())
343 $prefs->set('passwd', '');
344 // already stored in index.php, and it might be
345 // plaintext! well oh well
346 if ($homepage = $this->homePage()) {
347 // check for page revision 0
348 if (! $this->_dbi->isWikiPage($this->_userid)) {
349 trigger_error(_("Your home page has not been created yet so your preferences cannot not be saved."),
353 if ($this->isAdmin() || !$homepage->get('locked')) {
354 $homepage->set('pref', serialize($prefs->_prefs));
355 return sizeof($prefs->_prefs);
358 // An "empty" page could still be
359 // intentionally locked by admin to
360 // prevent its creation.
362 // FIXME: This permission situation should
363 // probably be handled by the DB backend,
364 // once the new WikiUser code has been
366 trigger_error(_("Your home page is locked so your preferences cannot not be saved.")
367 . " " . _("Please contact your PhpWiki administrator for assistance."),
372 trigger_error("No homepage for user found. Creating one...",
374 $this->createHomepage($prefs);
375 //$homepage->set('pref', serialize($prefs->_prefs));
376 return sizeof($prefs->_prefs);
379 trigger_error("you must be signed in", E_USER_WARNING);
385 // check for homepage with user flag.
386 // can be overriden from the auth backends
388 $homepage = $this->homePage();
389 return ($this->_userid && $homepage && $homepage->get('pref'));
392 // doesn't check for existance!!! hmm.
393 // how to store metadata in not existing pages? how about versions?
394 function homePage() {
397 if (!empty($this->_homepage)) {
398 return $this->_homepage;
400 $this->_homepage = $this->_dbi->getPage($this->_userid);
401 return $this->_homepage;
405 // create user by checking his homepage
406 function createUser ($pref, $createDefaultHomepage = true) {
409 if ($createDefaultHomepage) {
410 $this->createHomepage($pref);
413 include "lib/loadsave.php";
414 $pageinfo = array('pagedata' => array('pref' => serialize($pref->_pref)),
415 'versiondata' => array('author' => $this->_userid),
416 'pagename' => $this->_userid,
417 'content' => _('CategoryHomepage'));
418 SavePage ($this->_request, $pageinfo, false, false);
420 $this->setPreferences($pref);
423 // create user and default user homepage
424 function createHomepage ($pref) {
425 $pagename = $this->_userid;
426 include "lib/loadsave.php";
428 // create default homepage:
429 // properly expanded template and the pref metadata
430 $template = Template('homepage.tmpl', $this->_request);
431 $text = $template->getExpansion();
432 $pageinfo = array('pagedata' => array('pref' => serialize($pref->_pref)),
433 'versiondata' => array('author' => $this->_userid),
434 'pagename' => $pagename,
436 SavePage ($this->_request, $pageinfo, false, false);
439 $pagename = $this->_userid . SUBPAGE_SEPARATOR . _('Preferences');
440 if (! isWikiPage($pagename)) {
441 $pageinfo = array('pagedata' => array(),
442 'versiondata' => array('author' => $this->_userid),
443 'pagename' => $pagename,
444 'content' => "<?plugin Calender ?>\n");
445 SavePage ($this->_request, $pageinfo, false, false);
448 // create Preferences
449 $pagename = $this->_userid . SUBPAGE_SEPARATOR . _('Preferences');
450 if (! isWikiPage($pagename)) {
451 $pageinfo = array('pagedata' => array(),
452 'versiondata' => array('author' => $this->_userid),
453 'pagename' => $pagename,
454 'content' => "<?plugin UserPreferences ?>\n");
455 SavePage ($this->_request, $pageinfo, false, false);
459 function tryAuthBackends() {
460 return ''; // crypt('') will never be ''
463 // Auth backends must store the crypted password where?
464 // Not in the preferences.
465 function checkPassword($passwd) {
466 $prefs = $this->getPreferences();
467 $stored_passwd = $prefs->get('passwd'); // crypted
468 if (empty($prefs->_prefs['passwd'])) // not stored in the page
469 // allow empty passwords? At least store a '*' then.
470 // try other backend. hmm.
471 $stored_passwd = $this->tryAuthBackends($this->_userid);
472 if (empty($stored_passwd)) {
473 trigger_error(sprintf(_("Old UserPage %s without stored password updated with empty password. Set a password in your UserPreferences."),
474 $this->_userid), E_USER_NOTICE);
475 $prefs->set('passwd','*');
478 if ($stored_passwd == '*')
481 && crypt($passwd, $stored_passwd) == $stored_passwd )
487 function changePassword($newpasswd, $passwd2 = false) {
488 if (! $this->mayChangePass() ) {
489 trigger_error(sprintf("Attempt to change an external password for '%s'. Not allowed!",
490 $this->_userid), E_USER_ERROR);
493 if ($passwd2 && $passwd2 != $newpasswd) {
494 trigger_error("The second password must be the same as the first to change it",
498 $prefs = $this->getPreferences();
499 //$oldpasswd = $prefs->get('passwd');
500 $prefs->set('passwd', crypt($newpasswd));
501 $this->setPreferences($prefs);
504 function mayChangePass() {
505 // on external DBAuth maybe. on IMAP or LDAP not
506 // on internal DBAuth yes
507 if (in_array($this->_authmethod, array('IMAP', 'LDAP')))
509 if ($this->isAdmin())
511 if ($this->_authmethod == 'pagedata')
513 if ($this->_authmethod == 'authdb')
518 // create user and default user homepage
519 // FIXME: delete this, not used?
521 function createUser ($userid, $pref) {
523 $user = new WikiUser ($request, $userid);
524 $user->createUser($pref);
528 class _UserPreference
530 function _UserPreference ($default_value) {
531 $this->default_value = $default_value;
534 function sanify ($value) {
535 return (string)$value;
538 function update ($value) {
542 class _UserPreference_numeric
543 extends _UserPreference
545 function _UserPreference_numeric ($default, $minval = false,
547 $this->_UserPreference((double)$default);
548 $this->_minval = (double)$minval;
549 $this->_maxval = (double)$maxval;
552 function sanify ($value) {
553 $value = (double)$value;
554 if ($this->_minval !== false && $value < $this->_minval)
555 $value = $this->_minval;
556 if ($this->_maxval !== false && $value > $this->_maxval)
557 $value = $this->_maxval;
562 class _UserPreference_int
563 extends _UserPreference_numeric
565 function _UserPreference_int ($default, $minval = false, $maxval = false) {
566 $this->_UserPreference_numeric((int)$default, (int)$minval,
570 function sanify ($value) {
571 return (int)parent::sanify((int)$value);
575 class _UserPreference_bool
576 extends _UserPreference
578 function _UserPreference_bool ($default = false) {
579 $this->_UserPreference((bool)$default);
582 function sanify ($value) {
583 if (is_array($value)) {
584 /* This allows for constructs like:
586 * <input type="hidden" name="pref[boolPref][]" value="0" />
587 * <input type="checkbox" name="pref[boolPref][]" value="1" />
589 * (If the checkbox is not checked, only the hidden input
590 * gets sent. If the checkbox is sent, both inputs get
593 foreach ($value as $val) {
599 return (bool) $value;
603 class _UserPreference_language
604 extends _UserPreference
606 function _UserPreference_language ($default = DEFAULT_LANGUAGE) {
607 $this->_UserPreference($default);
610 // FIXME: check for valid locale
611 function sanify ($value) {
612 // Revert to DEFAULT_LANGUAGE if user does not specify
613 // language in UserPreferences or chooses <system language>.
614 if ($value == '' or empty($value))
615 $value = DEFAULT_LANGUAGE;
617 return (string) $value;
621 class _UserPreference_theme
622 extends _UserPreference
624 function _UserPreference_theme ($default = THEME) {
625 $this->_UserPreference($default);
628 function sanify ($value) {
629 if (findFile($this->_themefile($value), true))
631 return $this->default_value;
634 function update ($newvalue) {
636 include_once($this->_themefile($newvalue));
638 include_once($this->_themefile(THEME));
641 function _themefile ($theme) {
642 return "themes/$theme/themeinfo.php";
646 // don't save default preferences for efficiency.
647 class UserPreferences {
648 function UserPreferences ($saved_prefs = false) {
649 $this->_prefs = array();
651 if (isa($saved_prefs, 'UserPreferences') && $saved_prefs->_prefs) {
652 foreach ($saved_prefs->_prefs as $name => $value)
653 $this->set($name, $value);
654 } elseif (is_array($saved_prefs)) {
655 foreach ($saved_prefs as $name => $value)
656 $this->set($name, $value);
660 function _getPref ($name) {
661 global $UserPreferences;
662 if (!isset($UserPreferences[$name])) {
663 if ($name == 'passwd2') return false;
664 trigger_error("$name: unknown preference", E_USER_NOTICE);
667 return $UserPreferences[$name];
670 function get ($name) {
671 if (isset($this->_prefs[$name]))
672 return $this->_prefs[$name];
673 if (!($pref = $this->_getPref($name)))
675 return $pref->default_value;
678 function set ($name, $value) {
679 if (!($pref = $this->_getPref($name)))
682 $newvalue = $pref->sanify($value);
683 $oldvalue = $this->get($name);
686 if ($newvalue != $oldvalue)
687 $pref->update($newvalue);
689 // don't set default values to save space (in cookies, db and
691 if ($value == $pref->default_value)
692 unset($this->_prefs[$name]);
694 $this->_prefs[$name] = $newvalue;
697 function pack ($nonpacked) {
698 return serialize($nonpacked);
700 function unpack ($packed) {
703 if (substr($packed,0,2) == "O:") {
704 // Looks like a serialized object
705 return unserialize($packed);
707 //trigger_error("DEBUG: Can't unpack bad UserPreferences",
713 return hash($this->_prefs);
717 // $Log: not supported by cvs2svn $
718 // Revision 1.47 2004/01/27 23:23:39 rurban
719 // renamed ->Username => _userid for consistency
720 // renamed mayCheckPassword => mayCheckPass
721 // fixed recursion problem in WikiUserNew
722 // fixed bogo login (but not quite 100% ready yet, password storage)
724 // Revision 1.46 2004/01/26 09:17:48 rurban
725 // * changed stored pref representation as before.
726 // the array of objects is 1) bigger and 2)
727 // less portable. If we would import packed pref
728 // objects and the object definition was changed, PHP would fail.
729 // This doesn't happen with an simple array of non-default values.
730 // * use $prefs->retrieve and $prefs->store methods, where retrieve
731 // understands the interim format of array of objects also.
732 // * simplified $prefs->get() and fixed $prefs->set()
733 // * added $user->_userid and class '_WikiUser' portability functions
734 // * fixed $user object ->_level upgrading, mostly using sessions.
735 // this fixes yesterdays problems with loosing authorization level.
736 // * fixed WikiUserNew::checkPass to return the _level
737 // * fixed WikiUserNew::isSignedIn
738 // * added explodePageList to class PageList, support sortby arg
739 // * fixed UserPreferences for WikiUserNew
740 // * fixed WikiPlugin for empty defaults array
741 // * UnfoldSubpages: added pagename arg, renamed pages arg,
742 // removed sort arg, support sortby arg
744 // Revision 1.45 2003/12/09 20:00:43 carstenklapp
745 // Bugfix: The last BogoUserPrefs-bugfix prevented the admin from saving
746 // prefs into his own homepage, fixed broken logic. Tightened up BogoUser
747 // prefs saving ability by checking for true existance of homepage
748 // (previously a page revision of 0 also counted as valid, again due to
749 // somewhat flawed logic).
751 // Revision 1.44 2003/12/06 04:56:23 carstenklapp
752 // Security bugfix (minor): Prevent BogoUser~s from saving extraneous
753 // _pref object meta-data within locked pages.
755 // Previously, BogoUser~s who signed in with a (valid) WikiWord such as
756 // "HomePage" could actually save preferences into that page, even though
757 // it was already locked by the administrator. Thus, any subsequent
758 // WikiLink~s to that page would become prefixed with "that nice little"
759 // UserIcon, as if that page represented a valid user.
761 // Note that the admin can lock (even) non-existant pages as desired or
762 // necessary (i.e. any DB page whose revision==0), to prevent the
763 // arbitrary BogoUser from saving preference metadata into such a page;
764 // for example, the silly WikiName "@qmgi`Vcft_x|" (that is the
765 // \$examplechars presented in login.tmpl, in case it is not visible here
766 // in the CVS comments).
768 // http://phpwiki.sourceforge.net/phpwiki/
769 // %C0%F1%ED%E7%E9%E0%D6%E3%E6%F4%DF%F8%FC?action=lock
771 // To remove the prefs metadata from a page, the admin can use the
772 // EditMetaData plugin, enter pref as the key, leave the value box empty
773 // and then submit the change. For example:
775 // http://phpwiki.sourceforge.net/phpwiki/
776 // _EditMetaData?page=%C0%F1%ED%E7%E9%E0%D6%E3%E6%F4%DF%F8%FC
778 // (It seems a rethinking of WikiUserNew.php with its WikiUser and
779 // UserPreferences classes is in order. Ideally the WikiDB would
780 // transparently handle such a situation, perhaps BogoUser~s should
781 // simply be restricted to saving preferences into a cookie until his/her
782 // e-mail address has been verified.)
784 // Revision 1.43 2003/12/04 19:33:30 carstenklapp
785 // Bugfix: Under certain PhpWiki installations (such as the PhpWiki at
786 // SF), the user was unable to select a theme other than the server's
787 // default. (Use the more robust Theme::findFile instead of PHP's
788 // file_exists function to detect installed themes).
790 // Revision 1.42 2003/11/30 18:18:13 carstenklapp
791 // Minor code optimization: use include_once instead of require_once
792 // inside functions that might not always called.
794 // Revision 1.41 2003/11/21 21:32:39 carstenklapp
795 // Bugfix: When DEFAULT_LANGUAGE was not 'en', a user's language prefs
796 // would revert to 'en' when the default <system language> was selected
797 // in UserPreferences and the user saved his preferences. (Check for
798 // empty or blank language pref in sanify function of class
799 // _UserPreference_language and return DEFAULT_LANGUAGE if nothing or
800 // default selected in UserPreferences.)
802 // Revision 1.40 2003/11/21 16:54:58 carstenklapp
803 // Bugfix: login.tmpl was always displayed in English despite
804 // DEFAULT_LANGUAGE set in index.php. (Added call to
805 // update_locale(DEFAULT_LANGUAGE) before printing login form).
807 // Revision 1.39 2003/10/28 21:13:46 carstenklapp
808 // Security bug fix for admin password, submitted by Julien Charbon.
810 // Revision 1.38 2003/09/13 22:25:38 carstenklapp
811 // Hook for new user preference 'noLinkIcons'.
813 // Revision 1.37 2003/02/22 20:49:55 dairiki
814 // Fixes for "Call-time pass by reference has been deprecated" errors.
816 // Revision 1.36 2003/02/21 22:50:51 dairiki
817 // Ensure that language preference is a string.
819 // Revision 1.35 2003/02/16 20:04:47 dairiki
820 // Refactor the HTTP validator generation/checking code.
822 // This also fixes a number of bugs with yesterdays validator mods.
824 // Revision 1.34 2003/02/15 02:21:54 dairiki
825 // API Change! Explicit $request argument added to contructor for WikiUser.
827 // This seemed the best way to fix a problem whereby the WikiDB
828 // was being opened twice. (Which while being merely inefficient
829 // when using an SQL backend causes hangage when using a dba backend.)
831 // Revision 1.33 2003/01/22 03:21:40 zorloc
832 // Modified WikiUser constructor to move the DB request for the homepage to
833 // the end of the logic to prevent it from being requested and then dropped.
834 // Added more phpdoc comments.
836 // Revision 1.32 2003/01/21 07:40:50 zorloc
837 // Modified WikiUser::_ok() -- Inverted the logic so the default is to return
838 // false and to return true only in the desired condition. Added phpdoc
841 // Revision 1.31 2003/01/15 05:37:20 carstenklapp
844 // Revision 1.30 2003/01/15 04:59:27 carstenklapp
845 // Bugfix: Previously stored preferences were not loading when user
846 // signed in. (Fixed... I hope.)
853 // c-hanging-comment-ender-p: nil
854 // indent-tabs-mode: nil