Update users object to support storing arbitrary data.
This commit is contained in:
parent
16f5e8fa2c
commit
7ba0d62cc8
|
|
@ -41,11 +41,18 @@ $guiConfig = <<<'GUICONFIG'
|
||||||
"clean_raw_html": {"type": "checkbox", "description": "Whether page sources should be cleaned of HTML before rendering. It is STRONGLY recommended that you keep this option turned on.", "default": true},
|
"clean_raw_html": {"type": "checkbox", "description": "Whether page sources should be cleaned of HTML before rendering. It is STRONGLY recommended that you keep this option turned on.", "default": true},
|
||||||
"enable_math_rendering": {"type": "checkbox", "description": "Whether to enable client side rendering of mathematical expressions with MathJax (https://www.mathjax.org/). Math expressions should be enclosed inside of dollar signs ($). Turn off if you don't use it.", "default": true},
|
"enable_math_rendering": {"type": "checkbox", "description": "Whether to enable client side rendering of mathematical expressions with MathJax (https://www.mathjax.org/). Math expressions should be enclosed inside of dollar signs ($). Turn off if you don't use it.", "default": true},
|
||||||
"users": {"type": "usertable", "description": "An array of usernames and passwords - passwords should be hashed with sha256 (or sha3 if you have that option turned on)", "default": {
|
"users": {"type": "usertable", "description": "An array of usernames and passwords - passwords should be hashed with sha256 (or sha3 if you have that option turned on)", "default": {
|
||||||
"admin": "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8",
|
"admin": {
|
||||||
"user": "873ac9ffea4dd04fa719e8920cd6938f0c23cd678af330939cff53c3d2855f34"
|
"email": "admin@somewhere.com",
|
||||||
|
"password": "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"
|
||||||
|
},
|
||||||
|
"user": {
|
||||||
|
"email": "example@example.net",
|
||||||
|
"password": "873ac9ffea4dd04fa719e8920cd6938f0c23cd678af330939cff53c3d2855f34"
|
||||||
|
}
|
||||||
}},
|
}},
|
||||||
"admins": {"type": "array", "description": "An array of usernames that are administrators. Administrators can delete and move pages.", "default": [ "admin" ]},
|
"admins": {"type": "array", "description": "An array of usernames that are administrators. Administrators can delete and move pages.", "default": [ "admin" ]},
|
||||||
"use_sha3": {"type": "checkbox", "description": "Whether to use the new sha3 hashing algorithm for passwords etc.", "default": false},
|
"anonymous_user_name": { "type": "text", "description": "THe default name for anonymous users.", "default": "Anonymous" },
|
||||||
|
"use_sha3": {"type": "checkbox", "description": "Whether to use the new sha3 hashing algorithm for passwords etc.", "default": false },
|
||||||
"require_login_view": {"type": "checkbox", "description": "Whether to require that users login before they do anything else. Best used with the data_storage_dir option.", "default": false},
|
"require_login_view": {"type": "checkbox", "description": "Whether to require that users login before they do anything else. Best used with the data_storage_dir option.", "default": false},
|
||||||
"data_storage_dir": {"type": "text", "description": "The directory in which to store all files, except the main index.php.", "default": "."},
|
"data_storage_dir": {"type": "text", "description": "The directory in which to store all files, except the main index.php.", "default": "."},
|
||||||
"delayed_indexing_time": {"type": "number", "description": "The amount of time, in seconds, that pages should be blocked from being indexed by search engines after their last edit. Aka delayed indexing.", "default": 0},
|
"delayed_indexing_time": {"type": "number", "description": "The amount of time, in seconds, that pages should be blocked from being indexed by search engines after their last edit. Aka delayed indexing.", "default": 0},
|
||||||
|
|
@ -102,6 +109,10 @@ $guiConfig = <<<'GUICONFIG'
|
||||||
[
|
[
|
||||||
"🔐 ◆Toggle Protection",
|
"🔐 ◆Toggle Protection",
|
||||||
"index.php?action=protect&page={page}"
|
"index.php?action=protect&page={page}"
|
||||||
|
],
|
||||||
|
[
|
||||||
|
"⚙ ◆Edit master settings",
|
||||||
|
"index.php?action=configure"
|
||||||
]
|
]
|
||||||
]},
|
]},
|
||||||
"nav_links_bottom": {"type": "nav", "description": "An array of links in the above format that will be shown at the bottom of the page.", "default": [
|
"nav_links_bottom": {"type": "nav", "description": "An array of links in the above format that will be shown at the bottom of the page.", "default": [
|
||||||
|
|
@ -323,7 +334,7 @@ $env->is_history_revision = false; // Whether we are looking at a history revisi
|
||||||
$env->history = new stdClass(); // History revision information
|
$env->history = new stdClass(); // History revision information
|
||||||
$env->history->revision_number = -1; // The revision number of the current page
|
$env->history->revision_number = -1; // The revision number of the current page
|
||||||
$env->history->revision_data = false; // The revision data object from the page index
|
$env->history->revision_data = false; // The revision data object from the page index
|
||||||
$env->user = "Anonymous"; // The user's name
|
$env->user = $settings->anonymous_user_name; // The user's name
|
||||||
$env->is_logged_in = false; // Whether the user is logged in
|
$env->is_logged_in = false; // Whether the user is logged in
|
||||||
$env->is_admin = false; // Whether the user is an admin (moderator)
|
$env->is_admin = false; // Whether the user is an admin (moderator)
|
||||||
$env->storage_prefix = $settings->data_storage_dir . DIRECTORY_SEPARATOR; // The data storage directory
|
$env->storage_prefix = $settings->data_storage_dir . DIRECTORY_SEPARATOR; // The data storage directory
|
||||||
|
|
@ -353,21 +364,18 @@ if(isset($_SESSION[$settings->sessionprefix . "-expiretime"]) and
|
||||||
// Clear the session variables
|
// Clear the session variables
|
||||||
$_SESSION = [];
|
$_SESSION = [];
|
||||||
session_destroy();
|
session_destroy();
|
||||||
$env->is_logged_in = false;
|
|
||||||
$env->user = "Anonymous";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!isset($_SESSION[$settings->sessionprefix . "-user"]) and
|
if(isset($_SESSION[$settings->sessionprefix . "-user"]) and
|
||||||
!isset($_SESSION[$settings->sessionprefix . "-pass"]))
|
isset($_SESSION[$settings->sessionprefix . "-pass"]))
|
||||||
{
|
|
||||||
// The user is not logged in
|
|
||||||
$env->is_logged_in = false;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
{
|
||||||
|
// Grab the session variables
|
||||||
|
// Note that the 'pass' field here is actually a hash of the password set
|
||||||
|
// by the login action
|
||||||
$env->user = $_SESSION[$settings->sessionprefix . "-user"];
|
$env->user = $_SESSION[$settings->sessionprefix . "-user"];
|
||||||
$env->pass = $_SESSION[$settings->sessionprefix . "-pass"];
|
$env->pass = $_SESSION[$settings->sessionprefix . "-pass"];
|
||||||
if($settings->users->{$env->user} == $env->pass)
|
|
||||||
|
if($settings->users->{$env->user}->password == $env->pass)
|
||||||
{
|
{
|
||||||
// The user is logged in
|
// The user is logged in
|
||||||
$env->is_logged_in = true;
|
$env->is_logged_in = true;
|
||||||
|
|
@ -381,11 +389,12 @@ else
|
||||||
$env->user = "Anonymous";
|
$env->user = "Anonymous";
|
||||||
$env->pass = "";
|
$env->pass = "";
|
||||||
// Clear the session data
|
// Clear the session data
|
||||||
$_SESSION = []; //delete all the variables
|
$_SESSION = []; // Delete all the variables
|
||||||
session_destroy(); //destroy the session
|
session_destroy(); // Destroy the session
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
//check to see if the currently logged in user is an admin
|
|
||||||
|
// Check to see if the currently logged in user is an admin
|
||||||
$env->is_admin = false;
|
$env->is_admin = false;
|
||||||
if($env->is_logged_in)
|
if($env->is_logged_in)
|
||||||
{
|
{
|
||||||
|
|
@ -4825,9 +4834,9 @@ register_module([
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* ██████ ██ ██ ███████ ██████ ██ ██
|
* ██████ ██ ██ ███████ ██████ ██ ██
|
||||||
* ██ ██ ██ ██ ██ ██ ██
|
* ██ ██ ██ ██ ██ ██ ██
|
||||||
* ██ ███████ █████ ██ █████
|
* ██ ███████ █████ ██ █████
|
||||||
* ██ ██ ██ ██ ██ ██ ██
|
* ██ ██ ██ ██ ██ ██ ██
|
||||||
* ██████ ██ ██ ███████ ██████ ██ ██
|
* ██████ ██ ██ ███████ ██████ ██ ██
|
||||||
*
|
*
|
||||||
* ██ ██████ ██████ ██ ███ ██
|
* ██ ██████ ██████ ██ ███ ██
|
||||||
|
|
@ -4845,7 +4854,7 @@ register_module([
|
||||||
//the user wants to log in
|
//the user wants to log in
|
||||||
$user = $_POST["user"];
|
$user = $_POST["user"];
|
||||||
$pass = $_POST["pass"];
|
$pass = $_POST["pass"];
|
||||||
if($settings->users->$user == hash_password($pass))
|
if($settings->users->$user->password == hash_password($pass))
|
||||||
{
|
{
|
||||||
$env->is_logged_in = true;
|
$env->is_logged_in = true;
|
||||||
$expiretime = time() + 60*60*24*30; //30 days from now
|
$expiretime = time() + 60*60*24*30; //30 days from now
|
||||||
|
|
|
||||||
26
core.php
26
core.php
|
|
@ -17,7 +17,7 @@ $env->is_history_revision = false; // Whether we are looking at a history revisi
|
||||||
$env->history = new stdClass(); // History revision information
|
$env->history = new stdClass(); // History revision information
|
||||||
$env->history->revision_number = -1; // The revision number of the current page
|
$env->history->revision_number = -1; // The revision number of the current page
|
||||||
$env->history->revision_data = false; // The revision data object from the page index
|
$env->history->revision_data = false; // The revision data object from the page index
|
||||||
$env->user = "Anonymous"; // The user's name
|
$env->user = $settings->anonymous_user_name; // The user's name
|
||||||
$env->is_logged_in = false; // Whether the user is logged in
|
$env->is_logged_in = false; // Whether the user is logged in
|
||||||
$env->is_admin = false; // Whether the user is an admin (moderator)
|
$env->is_admin = false; // Whether the user is an admin (moderator)
|
||||||
$env->storage_prefix = $settings->data_storage_dir . DIRECTORY_SEPARATOR; // The data storage directory
|
$env->storage_prefix = $settings->data_storage_dir . DIRECTORY_SEPARATOR; // The data storage directory
|
||||||
|
|
@ -47,21 +47,18 @@ if(isset($_SESSION[$settings->sessionprefix . "-expiretime"]) and
|
||||||
// Clear the session variables
|
// Clear the session variables
|
||||||
$_SESSION = [];
|
$_SESSION = [];
|
||||||
session_destroy();
|
session_destroy();
|
||||||
$env->is_logged_in = false;
|
|
||||||
$env->user = "Anonymous";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!isset($_SESSION[$settings->sessionprefix . "-user"]) and
|
if(isset($_SESSION[$settings->sessionprefix . "-user"]) and
|
||||||
!isset($_SESSION[$settings->sessionprefix . "-pass"]))
|
isset($_SESSION[$settings->sessionprefix . "-pass"]))
|
||||||
{
|
|
||||||
// The user is not logged in
|
|
||||||
$env->is_logged_in = false;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
{
|
||||||
|
// Grab the session variables
|
||||||
|
// Note that the 'pass' field here is actually a hash of the password set
|
||||||
|
// by the login action
|
||||||
$env->user = $_SESSION[$settings->sessionprefix . "-user"];
|
$env->user = $_SESSION[$settings->sessionprefix . "-user"];
|
||||||
$env->pass = $_SESSION[$settings->sessionprefix . "-pass"];
|
$env->pass = $_SESSION[$settings->sessionprefix . "-pass"];
|
||||||
if($settings->users->{$env->user} == $env->pass)
|
|
||||||
|
if($settings->users->{$env->user}->password == $env->pass)
|
||||||
{
|
{
|
||||||
// The user is logged in
|
// The user is logged in
|
||||||
$env->is_logged_in = true;
|
$env->is_logged_in = true;
|
||||||
|
|
@ -75,11 +72,12 @@ else
|
||||||
$env->user = "Anonymous";
|
$env->user = "Anonymous";
|
||||||
$env->pass = "";
|
$env->pass = "";
|
||||||
// Clear the session data
|
// Clear the session data
|
||||||
$_SESSION = []; //delete all the variables
|
$_SESSION = []; // Delete all the variables
|
||||||
session_destroy(); //destroy the session
|
session_destroy(); // Destroy the session
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
//check to see if the currently logged in user is an admin
|
|
||||||
|
// Check to see if the currently logged in user is an admin
|
||||||
$env->is_admin = false;
|
$env->is_admin = false;
|
||||||
if($env->is_logged_in)
|
if($env->is_logged_in)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -50,7 +50,7 @@
|
||||||
"author": "Starbeamrainbowlabs",
|
"author": "Starbeamrainbowlabs",
|
||||||
"description": "The module everyone has been waiting for! Adds a web based gui that lets mods change the wiki settings.",
|
"description": "The module everyone has been waiting for! Adds a web based gui that lets mods change the wiki settings.",
|
||||||
"id": "feature-guiconfig",
|
"id": "feature-guiconfig",
|
||||||
"lastupdate": 1481484345,
|
"lastupdate": 1481488416,
|
||||||
"optional": false
|
"optional": false
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
@ -167,7 +167,7 @@
|
||||||
"author": "Starbeamrainbowlabs",
|
"author": "Starbeamrainbowlabs",
|
||||||
"description": "Adds a pair of actions (login and checklogin) that allow users to login. You need this one if you want your users to be able to login.",
|
"description": "Adds a pair of actions (login and checklogin) that allow users to login. You need this one if you want your users to be able to login.",
|
||||||
"id": "page-login",
|
"id": "page-login",
|
||||||
"lastupdate": 1472230366,
|
"lastupdate": 1481567842,
|
||||||
"optional": false
|
"optional": false
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -72,9 +72,9 @@ register_module([
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* ██████ ██ ██ ███████ ██████ ██ ██
|
* ██████ ██ ██ ███████ ██████ ██ ██
|
||||||
* ██ ██ ██ ██ ██ ██ ██
|
* ██ ██ ██ ██ ██ ██ ██
|
||||||
* ██ ███████ █████ ██ █████
|
* ██ ███████ █████ ██ █████
|
||||||
* ██ ██ ██ ██ ██ ██ ██
|
* ██ ██ ██ ██ ██ ██ ██
|
||||||
* ██████ ██ ██ ███████ ██████ ██ ██
|
* ██████ ██ ██ ███████ ██████ ██ ██
|
||||||
*
|
*
|
||||||
* ██ ██████ ██████ ██ ███ ██
|
* ██ ██████ ██████ ██ ███ ██
|
||||||
|
|
@ -92,7 +92,7 @@ register_module([
|
||||||
//the user wants to log in
|
//the user wants to log in
|
||||||
$user = $_POST["user"];
|
$user = $_POST["user"];
|
||||||
$pass = $_POST["pass"];
|
$pass = $_POST["pass"];
|
||||||
if($settings->users->$user == hash_password($pass))
|
if($settings->users->$user->password == hash_password($pass))
|
||||||
{
|
{
|
||||||
$env->is_logged_in = true;
|
$env->is_logged_in = true;
|
||||||
$expiretime = time() + 60*60*24*30; //30 days from now
|
$expiretime = time() + 60*60*24*30; //30 days from now
|
||||||
|
|
|
||||||
|
|
@ -19,11 +19,18 @@
|
||||||
"clean_raw_html": {"type": "checkbox", "description": "Whether page sources should be cleaned of HTML before rendering. It is STRONGLY recommended that you keep this option turned on.", "default": true},
|
"clean_raw_html": {"type": "checkbox", "description": "Whether page sources should be cleaned of HTML before rendering. It is STRONGLY recommended that you keep this option turned on.", "default": true},
|
||||||
"enable_math_rendering": {"type": "checkbox", "description": "Whether to enable client side rendering of mathematical expressions with MathJax (https://www.mathjax.org/). Math expressions should be enclosed inside of dollar signs ($). Turn off if you don't use it.", "default": true},
|
"enable_math_rendering": {"type": "checkbox", "description": "Whether to enable client side rendering of mathematical expressions with MathJax (https://www.mathjax.org/). Math expressions should be enclosed inside of dollar signs ($). Turn off if you don't use it.", "default": true},
|
||||||
"users": {"type": "usertable", "description": "An array of usernames and passwords - passwords should be hashed with sha256 (or sha3 if you have that option turned on)", "default": {
|
"users": {"type": "usertable", "description": "An array of usernames and passwords - passwords should be hashed with sha256 (or sha3 if you have that option turned on)", "default": {
|
||||||
"admin": "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8",
|
"admin": {
|
||||||
"user": "873ac9ffea4dd04fa719e8920cd6938f0c23cd678af330939cff53c3d2855f34"
|
"email": "admin@somewhere.com",
|
||||||
|
"password": "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"
|
||||||
|
},
|
||||||
|
"user": {
|
||||||
|
"email": "example@example.net",
|
||||||
|
"password": "873ac9ffea4dd04fa719e8920cd6938f0c23cd678af330939cff53c3d2855f34"
|
||||||
|
}
|
||||||
}},
|
}},
|
||||||
"admins": {"type": "array", "description": "An array of usernames that are administrators. Administrators can delete and move pages.", "default": [ "admin" ]},
|
"admins": {"type": "array", "description": "An array of usernames that are administrators. Administrators can delete and move pages.", "default": [ "admin" ]},
|
||||||
"use_sha3": {"type": "checkbox", "description": "Whether to use the new sha3 hashing algorithm for passwords etc.", "default": false},
|
"anonymous_user_name": { "type": "text", "description": "THe default name for anonymous users.", "default": "Anonymous" },
|
||||||
|
"use_sha3": {"type": "checkbox", "description": "Whether to use the new sha3 hashing algorithm for passwords etc.", "default": false },
|
||||||
"require_login_view": {"type": "checkbox", "description": "Whether to require that users login before they do anything else. Best used with the data_storage_dir option.", "default": false},
|
"require_login_view": {"type": "checkbox", "description": "Whether to require that users login before they do anything else. Best used with the data_storage_dir option.", "default": false},
|
||||||
"data_storage_dir": {"type": "text", "description": "The directory in which to store all files, except the main index.php.", "default": "."},
|
"data_storage_dir": {"type": "text", "description": "The directory in which to store all files, except the main index.php.", "default": "."},
|
||||||
"delayed_indexing_time": {"type": "number", "description": "The amount of time, in seconds, that pages should be blocked from being indexed by search engines after their last edit. Aka delayed indexing.", "default": 0},
|
"delayed_indexing_time": {"type": "number", "description": "The amount of time, in seconds, that pages should be blocked from being indexed by search engines after their last edit. Aka delayed indexing.", "default": 0},
|
||||||
|
|
@ -80,6 +87,10 @@
|
||||||
[
|
[
|
||||||
"🔐 ◆Toggle Protection",
|
"🔐 ◆Toggle Protection",
|
||||||
"index.php?action=protect&page={page}"
|
"index.php?action=protect&page={page}"
|
||||||
|
],
|
||||||
|
[
|
||||||
|
"⚙ ◆Edit master settings",
|
||||||
|
"index.php?action=configure"
|
||||||
]
|
]
|
||||||
]},
|
]},
|
||||||
"nav_links_bottom": {"type": "nav", "description": "An array of links in the above format that will be shown at the bottom of the page.", "default": [
|
"nav_links_bottom": {"type": "nav", "description": "An array of links in the above format that will be shown at the bottom of the page.", "default": [
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue