forked from Wavyzz/dolibarr
cvsimport
This commit is contained in:
Laurent Destailleur
@@ -22,6 +22,9 @@
|
||||
<rule ref="Generic.CodeAnalysis.UnnecessaryFinalModifier" />
|
||||
|
||||
<rule ref="Generic.CodeAnalysis.UnusedFunctionParameter" />
|
||||
<rule ref="Generic.CodeAnalysis.UnusedFunctionParameter.Found">
|
||||
<severity>0</severity>
|
||||
</rule>
|
||||
|
||||
<rule ref="Generic.CodeAnalysis.UselessOverridingMethod" />
|
||||
|
||||
|
||||
@@ -31,7 +31,7 @@
|
||||
* @param int $entitytotest Number of instance (always 1 if module multicompany not enabled)
|
||||
* @return string Login if OK, '' if KO
|
||||
*/
|
||||
function check_user_password_empty($usertotest,$passwordtotest)
|
||||
function check_user_password_empty($usertotest,$passwordtotest,$entitytotest)
|
||||
{
|
||||
dol_syslog("functions_empty::check_user_password_empty usertotest=".$usertotest);
|
||||
|
||||
|
||||
@@ -32,7 +32,7 @@
|
||||
* @param int $entitytotest Number of instance (always 1 if module multicompany not enabled)
|
||||
* @return string Login if OK, '' if KO
|
||||
*/
|
||||
function check_user_password_forceuser($usertotest,$passwordtotest)
|
||||
function check_user_password_forceuser($usertotest,$passwordtotest,$entitytotest)
|
||||
{
|
||||
// Variable dolibarr_auto_user must be defined in conf.php file
|
||||
global $dolibarr_auto_user;
|
||||
|
||||
@@ -31,7 +31,7 @@
|
||||
* @param int $entitytotest Number of instance (always 1 if module multicompany not enabled)
|
||||
* @return string Login if OK, '' if KO
|
||||
*/
|
||||
function check_user_password_http($usertotest,$passwordtotest)
|
||||
function check_user_password_http($usertotest,$passwordtotest,$entitytotest)
|
||||
{
|
||||
dol_syslog("functions_http::check_user_password_http _SERVER[REMOTE_USER]=".$_SERVER["REMOTE_USER"]);
|
||||
|
||||
|
||||
@@ -32,7 +32,7 @@
|
||||
* @param int $entitytotest Number of instance (always 1 if module multicompany not enabled)
|
||||
* @return string Login if OK, '' if KO
|
||||
*/
|
||||
function check_user_password_ldap($usertotest,$passwordtotest)
|
||||
function check_user_password_ldap($usertotest,$passwordtotest,$entitytotest)
|
||||
{
|
||||
global $_POST,$db,$conf,$langs;
|
||||
global $dolibarr_main_auth_ldap_host,$dolibarr_main_auth_ldap_port;
|
||||
|
||||
@@ -32,7 +32,7 @@
|
||||
* @param int $entitytotest Number of instance (always 1 if module multicompany not enabled)
|
||||
* @return string Login if OK, '' if KO
|
||||
*/
|
||||
function check_user_password_myopenid($usertotest,$passwordtotest)
|
||||
function check_user_password_myopenid($usertotest,$passwordtotest,$entitytotest)
|
||||
{
|
||||
global $_POST,$db,$conf,$langs;
|
||||
|
||||
|
||||
@@ -43,10 +43,10 @@ class modGeneratePassNone extends ModeleGenPassword
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
* @param DoliDB $DB Database handler
|
||||
* @param conf Handler de conf
|
||||
* @param lang Handler de langue
|
||||
* @param user Handler du user connecte
|
||||
* @param DoliDB $db Database handler
|
||||
* @param Conf $conf Handler de conf
|
||||
* @param Translate $langs Handler de langue
|
||||
* @param User $user Handler du user connecte
|
||||
*/
|
||||
function modGeneratePassNone($db, $conf, $langs, $user)
|
||||
{
|
||||
@@ -61,6 +61,7 @@ class modGeneratePassNone extends ModeleGenPassword
|
||||
|
||||
/**
|
||||
* Return description of module
|
||||
*
|
||||
* @return string Description of text
|
||||
*/
|
||||
function getDescription()
|
||||
@@ -71,6 +72,7 @@ class modGeneratePassNone extends ModeleGenPassword
|
||||
|
||||
/**
|
||||
* Return an example of password generated by this module
|
||||
*
|
||||
* @return string Example of password
|
||||
*/
|
||||
function getExample()
|
||||
@@ -80,6 +82,7 @@ class modGeneratePassNone extends ModeleGenPassword
|
||||
|
||||
/**
|
||||
* Build new password
|
||||
*
|
||||
* @return string Return a new generated password
|
||||
*/
|
||||
function getNewGeneratedPassword()
|
||||
@@ -89,7 +92,9 @@ class modGeneratePassNone extends ModeleGenPassword
|
||||
|
||||
/**
|
||||
* Validate a password
|
||||
* @return int 0 if KO, >0 if OK
|
||||
*
|
||||
* @param string $password Password to check
|
||||
* @return int 0 if KO, >0 if OK
|
||||
*/
|
||||
function validatePassword($password)
|
||||
{
|
||||
|
||||
@@ -43,10 +43,10 @@ class modGeneratePassStandard extends ModeleGenPassword
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
* @param DoliDB $DB Database handler
|
||||
* @param conf Handler de conf
|
||||
* @param lang Handler de langue
|
||||
* @param user Handler du user connecte
|
||||
* @param DoliDB $db Database handler
|
||||
* @param Conf $conf Handler de conf
|
||||
* @param Translate $langs Handler de langue
|
||||
* @param User $user Handler du user connecte
|
||||
*/
|
||||
function modGeneratePassStandard($db, $conf, $langs, $user)
|
||||
{
|
||||
@@ -61,6 +61,7 @@ class modGeneratePassStandard extends ModeleGenPassword
|
||||
|
||||
/**
|
||||
* Return description of module
|
||||
*
|
||||
* @return string Description of module
|
||||
*/
|
||||
function getDescription()
|
||||
@@ -71,6 +72,7 @@ class modGeneratePassStandard extends ModeleGenPassword
|
||||
|
||||
/**
|
||||
* Return an example of password generated by this module
|
||||
*
|
||||
* @return string Example of password
|
||||
*/
|
||||
function getExample()
|
||||
@@ -80,6 +82,7 @@ class modGeneratePassStandard extends ModeleGenPassword
|
||||
|
||||
/**
|
||||
* Build new password
|
||||
*
|
||||
* @return string Return a new generated password
|
||||
*/
|
||||
function getNewGeneratedPassword()
|
||||
@@ -115,7 +118,9 @@ class modGeneratePassStandard extends ModeleGenPassword
|
||||
|
||||
/**
|
||||
* Validate a password
|
||||
* @return int 0 if KO, >0 if OK
|
||||
*
|
||||
* @param string $password Password to check
|
||||
* @return int 0 if KO, >0 if OK
|
||||
*/
|
||||
function validatePassword($password)
|
||||
{
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
<?php
|
||||
/* Copyright (C) 2007-2009 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
/* Copyright (C) 2007-2011 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@@ -30,54 +30,62 @@ require_once(DOL_DOCUMENT_ROOT.'/lib/functions.lib.php');
|
||||
*/
|
||||
abstract class ModeleGenPassword
|
||||
{
|
||||
var $error='';
|
||||
var $error='';
|
||||
|
||||
/** \brief Return if a module can be used or not
|
||||
* \return boolean true if module can be used
|
||||
*/
|
||||
function isEnabled()
|
||||
{
|
||||
return true;
|
||||
}
|
||||
/**
|
||||
* Return if a module can be used or not
|
||||
*
|
||||
* @return boolean true if module can be used
|
||||
*/
|
||||
function isEnabled()
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/** \brief Renvoi la description par defaut du modele
|
||||
* \return string Texte descripif
|
||||
*/
|
||||
function info()
|
||||
{
|
||||
global $langs;
|
||||
$langs->load("bills");
|
||||
return $langs->trans("NoDescription");
|
||||
}
|
||||
/**
|
||||
* Return description of module
|
||||
*
|
||||
* @return string Description of text
|
||||
*/
|
||||
function getDescription()
|
||||
{
|
||||
global $langs;
|
||||
return $langs->trans("NoDescription");
|
||||
}
|
||||
|
||||
/** \brief Renvoi un exemple de generation
|
||||
* \return string Example
|
||||
*/
|
||||
function getExample()
|
||||
{
|
||||
global $langs;
|
||||
$langs->load("bills");
|
||||
return $langs->trans("NoExample");
|
||||
}
|
||||
/**
|
||||
* Return an example of password generated by this module
|
||||
*
|
||||
* @return string Example of password
|
||||
*/
|
||||
function getExample()
|
||||
{
|
||||
global $langs;
|
||||
$langs->load("bills");
|
||||
return $langs->trans("NoExample");
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Build new password
|
||||
* \return string Return a new generated password
|
||||
* Build new password
|
||||
*
|
||||
* @return string Return a new generated password
|
||||
*/
|
||||
function getNewGeneratedPassword()
|
||||
{
|
||||
global $langs;
|
||||
return $langs->trans("NotAvailable");
|
||||
}
|
||||
function getNewGeneratedPassword()
|
||||
{
|
||||
global $langs;
|
||||
return $langs->trans("NotAvailable");
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Validate a password
|
||||
* \return int 0 if KO, >0 if OK
|
||||
* Validate a password
|
||||
*
|
||||
* @param string $password Password to check
|
||||
* @return int 0 if KO, >0 if OK
|
||||
*/
|
||||
function validatePassword($password)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
function validatePassword($password)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -18,8 +18,11 @@
|
||||
*/
|
||||
|
||||
/**
|
||||
* \file htdocs/lib/security.lib.php
|
||||
* \brief Set of function used for dolibarr security
|
||||
* \file htdocs/lib/security.lib.php
|
||||
* \ingroup core
|
||||
* \brief Set of function used for dolibarr security.
|
||||
* Warning, this file must not depends on other library files, except function.lib.php
|
||||
* because it is used at low code level.
|
||||
*/
|
||||
|
||||
|
||||
@@ -28,8 +31,8 @@
|
||||
*
|
||||
* @param string $usertotest Login value to test
|
||||
* @param string $passwordtotest Password value to test
|
||||
* @param string $entitytotest Instance to test
|
||||
* @param array $authmode Array list of selected authentication mode ('http', 'dolibarr', 'xxx'...)
|
||||
* @param string $entitytotest Instance of data we must check
|
||||
* @param array $authmode Array list of selected authentication mode array('http', 'dolibarr', 'xxx'...)
|
||||
* @return string Login or ''
|
||||
*/
|
||||
function checkLoginPassEntity($usertotest,$passwordtotest,$entitytotest,$authmode)
|
||||
@@ -44,14 +47,14 @@ function checkLoginPassEntity($usertotest,$passwordtotest,$entitytotest,$authmod
|
||||
$login = '';
|
||||
|
||||
// Validation of login/pass/entity with a third party login module method
|
||||
if (is_array($conf->login_method_modules) && !empty($conf->login_method_modules))
|
||||
if (! empty($conf->login_method_modules) && is_array($conf->login_method_modules))
|
||||
{
|
||||
foreach($conf->login_method_modules as $dir)
|
||||
{
|
||||
$newdir=dol_osencode($dir);
|
||||
|
||||
// Check if directory exists
|
||||
if (!is_dir($newdir)) continue;
|
||||
if (! is_dir($newdir)) continue;
|
||||
|
||||
$handle=opendir($newdir);
|
||||
if (is_resource($handle))
|
||||
@@ -324,7 +327,7 @@ function dol_loginfunction($langs,$conf,$mysoc)
|
||||
}
|
||||
|
||||
/**
|
||||
* Fonction pour initialiser un salt pour la fonction crypt
|
||||
* Fonction pour initialiser un salt pour la fonction crypt.
|
||||
*
|
||||
* @param int $type 2=>renvoi un salt pour cryptage DES
|
||||
* 12=>renvoi un salt pour cryptage MD5
|
||||
@@ -338,7 +341,7 @@ function makesalt($type=CRYPT_SALT_LENGTH)
|
||||
{
|
||||
case 12: // 8 + 4
|
||||
$saltlen=8; $saltprefix='$1$'; $saltsuffix='$'; break;
|
||||
case 8: // 8 + 4 (Pour compatibilite, ne devrait pas etre utilise)
|
||||
case 8: // 8 (Pour compatibilite, ne devrait pas etre utilise)
|
||||
$saltlen=8; $saltprefix='$1$'; $saltsuffix='$'; break;
|
||||
case 2: // 2
|
||||
default: // by default, fall back on Standard DES (should work everywhere)
|
||||
@@ -497,7 +500,7 @@ function dol_decode($chain)
|
||||
/**
|
||||
* Return a generated password using default module
|
||||
*
|
||||
* @param boolean $generic Create generic password
|
||||
* @param boolean $generic true=Create generic password (a MD5 string), false=Use the configured password generation module
|
||||
* @return string New value for password
|
||||
*/
|
||||
function getRandomPassword($generic=false)
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
|
||||
/**
|
||||
* \file htdocs/lib/ws.lib.php
|
||||
* \ingroup webservices
|
||||
* \brief Set of function for manipulating web services
|
||||
*/
|
||||
|
||||
@@ -25,10 +26,11 @@
|
||||
/**
|
||||
* Check authentication array and set error, errorcode, errorlabel
|
||||
*
|
||||
* @param authentication Array
|
||||
* @param error
|
||||
* @param errorcode
|
||||
* @param errorlabel
|
||||
* @param array $authentication Array with authentication informations ('login'=>,'password'=>,'entity'=>,'dolibarrkey'=>)
|
||||
* @param int &$error Number of errors
|
||||
* @param string &$errorcode Error string code
|
||||
* @param string &$errorlabel Error string label
|
||||
* @return User Return user object identified by login/pass/entity into authentication array
|
||||
*/
|
||||
function check_authentication($authentication,&$error,&$errorcode,&$errorlabel)
|
||||
{
|
||||
|
||||
@@ -178,23 +178,39 @@ class SecurityTest extends PHPUnit_Framework_TestCase
|
||||
|
||||
/**
|
||||
*/
|
||||
/* public function testAnalyseSqlAndScript()
|
||||
public function testEncodeDecode()
|
||||
{
|
||||
global $conf,$user,$langs,$db;
|
||||
$conf=$this->savconf;
|
||||
$user=$this->savuser;
|
||||
$langs=$this->savlangs;
|
||||
$db=$this->savdb;
|
||||
$stringtotest="This is a string to test encode/decode";
|
||||
|
||||
$_GET["param1"]="azert";
|
||||
$_POST["param2"]="a/b#e(pr)qq-rr\cc";
|
||||
|
||||
$result=analyse_sql_and_script($_GET);
|
||||
print __METHOD__." result=".$result."\n";
|
||||
$this->assertFalse($result); // False because mail send disabled
|
||||
$encodedstring=dol_encode($stringtotest);
|
||||
$decodedstring=dol_decode($encodedstring);
|
||||
print __METHOD__." encodedstring=".$encodedstring." ".base64_encode($stringtotest)."\n";
|
||||
$this->assertEquals($stringtotest,$decodedstring);
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
*/
|
||||
public function testGetRandomPassword()
|
||||
{
|
||||
global $conf;
|
||||
|
||||
$genpass1=getRandomPassword(true); // Should be a MD5 string return by dol_hash
|
||||
print __METHOD__." genpass1=".$genpass1."\n";
|
||||
$this->assertEquals(strlen($genpass1),32);
|
||||
|
||||
$conf->global->USER_PASSWORD_GENERATED='None';
|
||||
$genpass2=getRandomPassword(false); // Should be an empty string
|
||||
print __METHOD__." genpass2=".$genpass2."\n";
|
||||
$this->assertEquals($genpass2,'');
|
||||
|
||||
$conf->global->USER_PASSWORD_GENERATED='Standard';
|
||||
$genpass3=getRandomPassword(false);
|
||||
print __METHOD__." genpass3=".$genpass3."\n";
|
||||
$this->assertEquals(strlen($genpass3),8);
|
||||
|
||||
return $result;
|
||||
}
|
||||
*/
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user