Updated plugins, summer cleanup
This commit is contained in:
markseu
parent
f2a1bec88b
commit
5aec5794c4
3 changed files with 6 additions and 39 deletions
|
|
@ -1919,12 +1919,6 @@ class YellowConfig
|
|||
return $this->yellow->toolbox->createFile($fileName, $fileDataNew);
|
||||
}
|
||||
|
||||
// Update configuration in file, TODO: remove later, used for backwards compatibility
|
||||
function update($fileName, $config)
|
||||
{
|
||||
return $this->save($fileName, $config);
|
||||
}
|
||||
|
||||
// Set default configuration
|
||||
function setDefault($key, $value)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
class YellowEdit
|
||||
{
|
||||
const VERSION = "0.7.24";
|
||||
const VERSION = "0.7.25";
|
||||
var $yellow; //access to API
|
||||
var $response; //web response
|
||||
var $users; //user accounts
|
||||
|
|
@ -1689,7 +1689,7 @@ class YellowUsers
|
|||
$expire = $this->getAuthExpire($authToken);
|
||||
return $expire>time() && $this->isExisting($email) && $this->users[$email]["status"]=="active" &&
|
||||
$this->yellow->toolbox->verifyHash($this->users[$email]["hash"]."auth".$expire, "sha256", $signature) &&
|
||||
($this->verifyToken($csrfTokenExpected, $csrfTokenReceived) || $ignoreCsrfToken);
|
||||
($this->yellow->toolbox->verifyToken($csrfTokenExpected, $csrfTokenReceived) || $ignoreCsrfToken);
|
||||
}
|
||||
|
||||
// Check action token
|
||||
|
|
@ -1746,7 +1746,7 @@ class YellowUsers
|
|||
if(empty($stamp)) $stamp = substrb($authToken, 96, 20);
|
||||
foreach($this->users as $key=>$value)
|
||||
{
|
||||
if($this->verifyToken($value["stamp"], $stamp)) $email = $key;
|
||||
if($this->yellow->toolbox->verifyToken($value["stamp"], $stamp)) $email = $key;
|
||||
}
|
||||
return $email;
|
||||
}
|
||||
|
|
@ -1831,20 +1831,6 @@ class YellowUsers
|
|||
return $data;
|
||||
}
|
||||
|
||||
// Verify that token is not empty and identical, timing attack safe text string comparison
|
||||
function verifyToken($tokenExpected, $tokenReceived) //TODO: remove later, use directly from core after next release
|
||||
{
|
||||
$ok = false;
|
||||
$lengthExpected = strlenb($tokenExpected);
|
||||
$lengthReceived = strlenb($tokenReceived);
|
||||
if($lengthExpected!=0 && $lengthReceived!=0)
|
||||
{
|
||||
$ok = $lengthExpected==$lengthReceived;
|
||||
for($i=0; $i<$lengthReceived; ++$i) $ok &= $tokenExpected[$i<$lengthExpected ? $i : 0]==$tokenReceived[$i];
|
||||
}
|
||||
return $ok;
|
||||
}
|
||||
|
||||
// Check if user is taken
|
||||
function isTaken($email)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
class YellowUpdate
|
||||
{
|
||||
const VERSION = "0.7.11";
|
||||
const VERSION = "0.7.12";
|
||||
var $yellow; //access to API
|
||||
var $updates; //number of updates
|
||||
|
||||
|
|
@ -23,13 +23,6 @@ class YellowUpdate
|
|||
// Handle startup
|
||||
function onStartup($update)
|
||||
{
|
||||
if(!$this->yellow->config->isExisting("startupUpdate")) //TODO: remove later, detects old version
|
||||
{
|
||||
$update = true;
|
||||
$fileNameConfig = $this->yellow->config->get("configDir").$this->yellow->config->get("configFile");
|
||||
$this->yellow->config->update($fileNameConfig, array("startupUpdate" => "none"));
|
||||
$this->yellow->config->setDefault("startupUpdate", "none");
|
||||
}
|
||||
if($update)
|
||||
{
|
||||
$fileNameConfig = $this->yellow->config->get("configDir").$this->yellow->config->get("configFile");
|
||||
|
|
@ -39,12 +32,6 @@ class YellowUpdate
|
|||
foreach($this->yellow->toolbox->getTextLines($fileData) as $line)
|
||||
{
|
||||
preg_match("/^\s*(.*?)\s*:\s*(.*?)\s*$/", $line, $matches);
|
||||
if(substru($line, 0, 12)=="Webinterface") //TODO: remove later, converts old config
|
||||
{
|
||||
$line = preg_replace("/^Webinterface/i", "Edit", $line);
|
||||
preg_match("/^\s*(.*?)\s*:\s*(.*?)\s*$/", $line, $matches);
|
||||
if(!empty($matches[1]) && !strempty($matches[2])) $this->yellow->config->set($matches[1], $matches[2]);
|
||||
}
|
||||
if(!empty($matches[1]) && !is_null($configDefaults[$matches[1]])) unset($configDefaults[$matches[1]]);
|
||||
if(!empty($matches[1]) && $matches[1][0]!='#' && is_null($this->yellow->config->configDefaults[$matches[1]]))
|
||||
{
|
||||
|
|
@ -496,7 +483,7 @@ class YellowUpdate
|
|||
if($startupUpdate=="none") $startupUpdate = "YellowUpdate";
|
||||
if($software!="YellowUpdate") $startupUpdate .= ",$software";
|
||||
$fileNameConfig = $this->yellow->config->get("configDir").$this->yellow->config->get("configFile");
|
||||
if(!$this->yellow->config->update($fileNameConfig, array("startupUpdate" => $startupUpdate)))
|
||||
if(!$this->yellow->config->save($fileNameConfig, array("startupUpdate" => $startupUpdate)))
|
||||
{
|
||||
$statusCode = 500;
|
||||
$this->yellow->page->error(500, "Can't write file '$fileNameConfig'!");
|
||||
|
|
@ -635,7 +622,7 @@ class YellowUpdate
|
|||
{
|
||||
if($this->yellow->config->get("sitename")=="Yellow") $_REQUEST["sitename"] = $name;
|
||||
$fileNameConfig = $this->yellow->config->get("configDir").$this->yellow->config->get("configFile");
|
||||
$status = $this->yellow->config->update($fileNameConfig, $this->getConfigData()) ? "done" : "error";
|
||||
$status = $this->yellow->config->save($fileNameConfig, $this->getConfigData()) ? "done" : "error";
|
||||
if($status=="error") $this->yellow->page->error(500, "Can't write file '$fileNameConfig'!");
|
||||
}
|
||||
if($status=="done")
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue