Browse Source

Exactly how the line is terminated is not really relevant, so strip all
whitespace around an admin-username.

Thijs Kinkhorst 20 years ago
parent
commit
71a18ac31c
2 changed files with 6 additions and 7 deletions
  1. 1 4
      plugins/administrator/INSTALL
  2. 5 3
      plugins/administrator/auth.php

+ 1 - 4
plugins/administrator/INSTALL

@@ -12,10 +12,7 @@ work, if user's id equals to 0.
 
 An alternative method, but less secure, is to add a file called
 admins into the plugin folder with the names of the users that
-you want to allow the use of the plugin. admins file must have 
-empty line after administrator's username. If administrator name
-ends of end-of-file symbol instead of line feed, it will be 
-ignored.
+you want to allow the use of the plugin.
 
 Use this plugin at your own risk, and always remember to make a
 backup of your config.php file before use. 

+ 5 - 3
plugins/administrator/auth.php

@@ -32,10 +32,12 @@ function adm_check_user() {
         $auth = FALSE;
     } else if (file_exists(SM_PATH . 'plugins/administrator/admins')) {
         $auths = file(SM_PATH . 'plugins/administrator/admins');
-        $auth = in_array("$username\n", $auths);
+        array_walk($auths, 'trim');
+        $auth = in_array($username, $auths);
     } else if (file_exists(SM_PATH . 'config/admins')) {
         $auths = file(SM_PATH . 'config/admins');
-        $auth = in_array("$username\n", $auths);
+        array_walk($auths, 'trim');
+        $auth = in_array($username, $auths);
     } else if (($adm_id = fileowner(SM_PATH . 'config/config.php')) &&
                function_exists('posix_getpwuid')) {
         $adm = posix_getpwuid( $adm_id );
@@ -47,4 +49,4 @@ function adm_check_user() {
     return ($auth);
 }
 
-?>
+?>