Merge pull request #582 from exodus4d/develop

v1.3.3
exodus4d · Feb 23, 2018 · f3953f4 · f3953f4
2 parents 5c91bb6 + fda37aa
commit f3953f4
Show file tree

Hide file tree

Showing 240 changed files with 9,537 additions and 8,206 deletions.
diff --git a/app/environment.ini b/app/environment.ini
@@ -40,8 +40,8 @@ CCP_SSO_SECRET_KEY          =
 ; CCP ESI API
 CCP_ESI_URL                 =   https://esi.tech.ccp.is
 CCP_ESI_DATASOURCE          =   singularity
-CCP_ESI_SCOPES              =   esi-location.read_online.v1,esi-location.read_location.v1,esi-location.read_ship_type.v1,esi-ui.write_waypoint.v1,esi-ui.open_window.v1,esi-universe.read_structures.v1
-CCP_ESI_SCOPES_ADMIN        =   esi-corporations.read_corporation_membership.v1
+CCP_ESI_SCOPES              =   esi-location.read_online.v1,esi-location.read_location.v1,esi-location.read_ship_type.v1,esi-ui.write_waypoint.v1,esi-ui.open_window.v1,esi-universe.read_structures.v1,esi-corporations.read_corporation_membership.v1
+CCP_ESI_SCOPES_ADMIN        =
 
 ; SMTP settings (optional)
 SMTP_HOST                   =   localhost
@@ -92,8 +92,8 @@ CCP_SSO_SECRET_KEY          =
 ; CCP ESI API
 CCP_ESI_URL                 =   https://esi.tech.ccp.is
 CCP_ESI_DATASOURCE          =   tranquility
-CCP_ESI_SCOPES              =   esi-location.read_online.v1,esi-location.read_location.v1,esi-location.read_ship_type.v1,esi-ui.write_waypoint.v1,esi-ui.open_window.v1,esi-universe.read_structures.v1
-CCP_ESI_SCOPES_ADMIN        =   esi-corporations.read_corporation_membership.v1
+CCP_ESI_SCOPES              =   esi-location.read_online.v1,esi-location.read_location.v1,esi-location.read_ship_type.v1,esi-ui.write_waypoint.v1,esi-ui.open_window.v1,esi-universe.read_structures.v1,esi-corporations.read_corporation_membership.v1
+CCP_ESI_SCOPES_ADMIN        =
 
 ; SMTP settings (optional)
 SMTP_HOST                   =   localhost

diff --git a/app/lib/audit.php b/app/lib/audit.php
@@ -108,7 +108,7 @@ function ispublic($addr) {
 	**/
 	function isdesktop($agent=NULL) {
 		if (!isset($agent))
-			$agent=Base::instance()->get('AGENT');
+			$agent=Base::instance()->AGENT;
 		return (bool)preg_match('/('.self::UA_Desktop.')/i',$agent) &&
 			!$this->ismobile($agent);
 	}
@@ -120,7 +120,7 @@ function isdesktop($agent=NULL) {
 	**/
 	function ismobile($agent=NULL) {
 		if (!isset($agent))
-			$agent=Base::instance()->get('AGENT');
+			$agent=Base::instance()->AGENT;
 		return (bool)preg_match('/('.self::UA_Mobile.')/i',$agent);
 	}
 
@@ -131,7 +131,7 @@ function ismobile($agent=NULL) {
 	**/
 	function isbot($agent=NULL) {
 		if (!isset($agent))
-			$agent=Base::instance()->get('AGENT');
+			$agent=Base::instance()->AGENT;
 		return (bool)preg_match('/('.self::UA_Bot.')/i',$agent);
 	}
 

diff --git a/app/lib/auth.php b/app/lib/auth.php
@@ -115,18 +115,27 @@ protected function _sql($id,$pw,$realm) {
 	*	@param $pw string
 	**/
 	protected function _ldap($id,$pw) {
-		$dc=@ldap_connect($this->args['dc']);
+		$port=(int)($this->args['port']?:389);
+		$filter=$this->args['filter']=$this->args['filter']?:"uid=".$id;
+		$this->args['attr']=$this->args['attr']?:["uid"];
+		array_walk($this->args['attr'],
+		function($attr)use(&$filter,$id) {
+			$filter=str_ireplace($attr."=*",$attr."=".$id,$filter);});
+		$dc=@ldap_connect($this->args['dc'],$port);
 		if ($dc &&
 			ldap_set_option($dc,LDAP_OPT_PROTOCOL_VERSION,3) &&
 			ldap_set_option($dc,LDAP_OPT_REFERRALS,0) &&
 			ldap_bind($dc,$this->args['rdn'],$this->args['pw']) &&
 			($result=ldap_search($dc,$this->args['base_dn'],
-				'uid='.$id)) &&
+				$filter,$this->args['attr'])) &&
 			ldap_count_entries($dc,$result) &&
 			($info=ldap_get_entries($dc,$result)) &&
+			$info['count']==1 &&
 			@ldap_bind($dc,$info[0]['dn'],$pw) &&
 			@ldap_close($dc)) {
-			return $info[0]['uid'][0]==$id;
+			return in_array($id,(array_map(function($value){return $value[0];},
+				array_intersect_key($info[0],
+					array_flip($this->args['attr'])))),TRUE);
 		}
 		user_error(self::E_LDAP,E_USER_ERROR);
 	}
@@ -160,12 +169,12 @@ protected function _smtp($id,$pw) {
 			stream_set_blocking($socket,TRUE);
 			$dialog();
 			$fw=Base::instance();
-			$dialog('EHLO '.$fw->get('HOST'));
+			$dialog('EHLO '.$fw->HOST);
 			if (strtolower($this->args['scheme'])=='tls') {
 				$dialog('STARTTLS');
 				stream_socket_enable_crypto(
 					$socket,TRUE,STREAM_CRYPTO_METHOD_TLS_CLIENT);
-				$dialog('EHLO '.$fw->get('HOST'));
+				$dialog('EHLO '.$fw->HOST);
 			}
 			// Authenticate
 			$dialog('AUTH LOGIN');
@@ -196,7 +205,7 @@ function login($id,$pw,$realm=NULL) {
 	**/
 	function basic($func=NULL) {
 		$fw=Base::instance();
-		$realm=$fw->get('REALM');
+		$realm=$fw->REALM;
 		$hdr=NULL;
 		if (isset($_SERVER['HTTP_AUTHORIZATION']))
 			$hdr=$_SERVER['HTTP_AUTHORIZATION'];