Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Qual: Removed all PHPCodesniffer error.

Browse Source 
Qual: Removed a TODO.
Fix: A lib should not use a global $_POST.
This commit is contained in:
Laurent Destailleur
2011-09-16 17:06:10 +00:00
parent e2f9864f42
commit 83e3a6e4a7
4 changed files with 39 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dev/codesniffer/ruleset.xml
View File

@@ -77,7 +77,7 @@
</rule> </rule>
<rule ref="Generic.Metrics.NestingLevel"> <rule ref="Generic.Metrics.NestingLevel">
<properties> <properties>
<property name="nestingLevel" value="5" /> <property name="nestingLevel" value="6" />
<property name="absoluteNestingLevel" value="50" /> <property name="absoluteNestingLevel" value="50" />
</properties> </properties>
</rule> </rule>

6
htdocs/cashdesk/class/Auth.class.php
View File

@@ -89,7 +89,7 @@ class Auth {
if (is_array($conf->login_method_modules) && !empty($conf->login_method_modules)) if (is_array($conf->login_method_modules) && !empty($conf->login_method_modules))
{ {
include_once(DOL_DOCUMENT_ROOT . "/lib/security.lib.php"); include_once(DOL_DOCUMENT_ROOT . "/lib/security.lib.php");
$login = getLoginMethod(); $login = getLoginMethod($_POST["username"],$_POST["password"],$_POST["entity"]);
if ($login) $test=false; if ($login) $test=false;
} }
@@ -110,8 +110,8 @@ class Auth {
$result=include_once($authfile); $result=include_once($authfile);
if ($result) if ($result)
{ {
$this->login ($aLogin); $this->login($aLogin);
$this->passwd ($aPasswd); $this->passwd($aPasswd);
$entitytotest=$conf->entity; $entitytotest=$conf->entity;
$function='check_user_password_'.$mode; $function='check_user_password_'.$mode;

1
htdocs/cashdesk/sql/index.php
View File

@@ -1 +0,0 @@
Url not available

65
htdocs/lib/security.lib.php
View File

@@ -24,12 +24,14 @@
/** /**
* Return a login if login/pass was successfull using an external login method * Return a login if login/pass was successfull using an external login method.
* *
* @return string Login or '' * @param string $usertotest Login value to test
* TODO Provide usertotest, passwordtotest and entitytotest by parameters * @param string $passwordtotest Password value to test
* @param string $entitytotest Instance to test
* @return string Login or ''
*/ */
function getLoginMethod() function getLoginMethod($usertotest,$passwordtotest,$entitytotest=1)
{ {
global $conf,$langs; global $conf,$langs;
@@ -54,9 +56,6 @@ function getLoginMethod()
if ($result) if ($result)
{ {
// Call function to check user/password // Call function to check user/password
$usertotest=$_POST["username"];
$passwordtotest=$_POST["password"];
$entitytotest=$_POST["entity"];
$function='check_user_password_'.$mode; $function='check_user_password_'.$mode;
$login=call_user_func($function,$usertotest,$passwordtotest,$entitytotest); $login=call_user_func($function,$usertotest,$passwordtotest,$entitytotest);
if ($login) if ($login)
@@ -67,7 +66,7 @@ function getLoginMethod()
else else
{ {
dol_syslog("Authentification ko - failed to load file '".$authfile."'",LOG_ERR); dol_syslog("Authentification ko - failed to load file '".$authfile."'",LOG_ERR);
sleep(1); sleep(1); // To slow brut force cracking
$langs->load('main'); $langs->load('main');
$langs->load('other'); $langs->load('other');
$_SESSION["dol_loginmesg"]=$langs->trans("ErrorFailedToLoadLoginFileForMode",$mode); $_SESSION["dol_loginmesg"]=$langs->trans("ErrorFailedToLoadLoginFileForMode",$mode);
@@ -83,9 +82,10 @@ function getLoginMethod()
/** /**
* Show Dolibarr default login page * Show Dolibarr default login page
* *
* @param langs Lang object (must be initialized by a new). * @param Translate $langs Lang object (must be initialized by a new).
* @param conf Conf object * @param Conf $conf Conf object
* @param mysoc Company object * @param Societe $mysoc Company object
* @return void
*/ */
function dol_loginfunction($langs,$conf,$mysoc) function dol_loginfunction($langs,$conf,$mysoc)
{ {
@@ -274,10 +274,10 @@ function dol_loginfunction($langs,$conf,$mysoc)
/** /**
* Fonction pour initialiser un salt pour la fonction crypt * Fonction pour initialiser un salt pour la fonction crypt
* *
* @param $type 2=>renvoi un salt pour cryptage DES * @param int $type 2=>renvoi un salt pour cryptage DES
* 12=>renvoi un salt pour cryptage MD5 * 12=>renvoi un salt pour cryptage MD5
* non defini=>renvoi un salt pour cryptage par defaut * non defini=>renvoi un salt pour cryptage par defaut
* @return string Chaine salt * @return string Salt string
*/ */
function makesalt($type=CRYPT_SALT_LENGTH) function makesalt($type=CRYPT_SALT_LENGTH)
{ {
@@ -303,8 +303,8 @@ function makesalt($type=CRYPT_SALT_LENGTH)
/** /**
* Encode or decode database password in config file * Encode or decode database password in config file
* *
* @param level Encode level: 0 no encoding, 1 encoding * @param int $level Encode level: 0 no encoding, 1 encoding
* @return int <0 if KO, >0 if OK * @return int <0 if KO, >0 if OK
*/ */
function encodedecode_dbpassconf($level=0) function encodedecode_dbpassconf($level=0)
{ {
@@ -405,12 +405,14 @@ function encodedecode_dbpassconf($level=0)
/** /**
* Encode a string * Encode a string
* @param chain chaine de caracteres a encoder *
* @return string_coded chaine de caracteres encodee * @param string $chain chaine de caracteres a encoder
* @return string chaine de caracteres encodees
*/ */
function dol_encode($chain) function dol_encode($chain)
{ {
for($i=0;$i<dol_strlen($chain);$i++) $strlength=dol_strlen($chain);
for ($i=0; $i < $strlength; $i++)
{ {
$output_tab[$i] = chr(ord(substr($chain,$i,1))+17); $output_tab[$i] = chr(ord(substr($chain,$i,1))+17);
} }
@@ -421,14 +423,16 @@ function dol_encode($chain)
/** /**
* Decode a string * Decode a string
* @param chain chaine de caracteres a decoder *
* @return string_coded chaine de caracteres decodee * @param string $chain chaine de caracteres a decoder
* @return string chaine de caracteres decodee
*/ */
function dol_decode($chain) function dol_decode($chain)
{ {
$chain = base64_decode($chain); $chain = base64_decode($chain);
for($i=0;$i<dol_strlen($chain);$i++) $strlength=dol_strlen($chain);
for($i=0; $i < $strlength;$i++)
{ {
$output_tab[$i] = chr(ord(substr($chain,$i,1))-17); $output_tab[$i] = chr(ord(substr($chain,$i,1))-17);
} }
@@ -440,8 +444,9 @@ function dol_decode($chain)
/** /**
* Return a generated password using default module * Return a generated password using default module
* @param generic Create generic password *
* @return string New value for password * @param boolean $generic Create generic password
* @return string New value for password
*/ */
function getRandomPassword($generic=false) function getRandomPassword($generic=false)
{ {
@@ -465,12 +470,12 @@ function getRandomPassword($generic=false)
/** /**
* Returns a hash of a string * Returns a hash of a string
* @param chain String to hash *
* @param type Type of hash (0:md5, 1:sha1, 2:sha1+md5) * @param string $chain String to hash
* @param salt Salt * @param int $type Type of hash (0:md5, 1:sha1, 2:sha1+md5)
* @return hash hash of string * @return string Hash of string
*/ */
function dol_hash($chain,$type=0,$salt='') function dol_hash($chain,$type=0)
{ {
if ($type == 1) return sha1($chain); if ($type == 1) return sha1($chain);
else if ($type == 2) return sha1(md5($chain)); else if ($type == 2) return sha1(md5($chain));