ian%hixie.ch
a89dffc374
* Added getGroupMembers() to the User data source.
...
* Fixed a bug in the MySQL implementation of User data source's getGroupName() method. It treated 'row' as an array ref instead of a normal array.
* Made the MySQL User data source automatically add a group with ID 1, named 'Administrators'.
* Special-cased the group with ID 1 in the user object so that if a user is in that group, he automatically is assumed to have all rights.
* Fixed a bug with the saving of the original groups in the user object (the backup object was simply a reference to the original object, which was later changed in place, causing the backup to change too).
* Fixed the handling of rights in the user object constructor to simply set the rights in one line instead of using indirection.
* Fixed the invalidateRights() method of the user object to correctly re-set the rights (previously it was not turning the generated array into a hashref).
* Added a setup.install implementation to the login component. It now queries the user for an administration username and creates the relevant user and puts it in the magic group 1.
* Fixed a call to checkAddress() in the login component.
2002-02-01 06:48:02 +00:00
ian%hixie.ch
1c49734d21
Commented out the call to Net::SMTP's verify() method and replaced it with a generic regexp sanity check. It appears that VRFY is not correctly implemented on all servers. (I may be mistaken on this; it might just be a bug somewhere in the PLIF code that is messing something up, but I couldn't find it if so.)
2002-02-01 06:38:55 +00:00
ian%hixie.ch
3a41393898
Added a check that ensures that the configuration file is not readable or writable by anyone except the user running the script. This closes a potential security hole on shared machines. Changed the umask during the creation of the configuration file so that the permission bits are set that way too. Added a comment to clarify the superficially recursive nature of the configuration database and the configuration data source.
2002-02-01 06:36:27 +00:00
ian%hixie.ch
2787ed1409
Another change that should be done at some point: Move PLIF/DataSource/*/MySQL.pm to PLIF/DataSource/MySQL/*.pm
2002-02-01 06:32:17 +00:00
ian%hixie.ch
7b34209a7b
Removed an erroneous comment, which should be the last traces of the old problem of the lack of a configuration file being a fatal error.
2002-01-31 18:30:21 +00:00
ian%hixie.ch
ed5ab39edd
Theoretical nit: call inherited constructor just in case at some point in the future it does something useful...
2002-01-31 17:35:52 +00:00
ian%hixie.ch
551d3369d7
Fix a minor typo in some SQL code which was causing an error during the creation of the user table.
2002-01-25 03:18:15 +00:00
ian%hixie.ch
28d425cd54
Moved the DBI module over to thew new more generic settings getting/saving API and removed the old DBI-specific one. Fixed an assert() call to check for the values being defined and not non-zero/non-blank. Fixed the password field to allow blank values (by making a blank value the default). Also fixed the calls to getArgument to not ever pass an undefined value as the default.
2002-01-25 03:17:05 +00:00
ian%hixie.ch
7ac3c80e5c
More things that need doing on the long (and not so long) run.
2002-01-25 03:12:26 +00:00
ian%hixie.ch
c80c11fad9
getting rid of the last traces of the newFieldXXX stuff
2001-12-31 06:28:59 +00:00
ian%hixie.ch
7674dacda9
abstracted out some common code. Made the flushing of pending text happen after each end tag as well as each start tag. (Not doing this was causing whitespace between sibling elements to be treated as trailing whitespace of the first element, resulting in excessive whitespace -- typically newlines -- in the output stream.)
2001-12-31 06:07:04 +00:00
ian%hixie.ch
1bb8d54c2c
Fixing SQL error (DROP COLUMN not REMOVE COLUMN)
2001-12-31 06:04:30 +00:00
ian%hixie.ch
fa701c948c
delete() doesn't work with array references in old versions of perl5.
2001-12-31 02:40:49 +00:00
ian%hixie.ch
eccb9aca1d
Checking in a list of things that still need doing.
2001-12-30 01:03:45 +00:00
ian%hixie.ch
7bb48dfffc
Changing e-mail address now sends a confirmation mail to the old address too. Implemented by making changing fields a generic mechanism. Also fixed some minor nits.
2001-12-30 00:33:36 +00:00
ian%hixie.ch
41564734e3
* Removed incorrect comments.
...
* Added some XXX comments.
* Changed the way text nodes are handled so that adjacent text nodes are merged.
* Changed the way original keys are kept so that they work across flattening, rounding, and that there is no 'coses: original keys' hash getting in the way.
* Fixed a bug whereby empty arrays and hashes caused extraneous iterations in <set> elements.
* Removed some redundant scalar()s.
2001-12-26 19:30:16 +00:00
ian%hixie.ch
dc80936c17
Made debug() be level 6 instead of level 7. Added various comments.
2001-12-26 19:12:57 +00:00
ian%hixie.ch
6cf0f6394c
Removed an unused variable. Made the selecting array always return an array even in scalar context. This makes using it in |if| statements a lot easier.
2001-12-26 19:03:07 +00:00
ian%hixie.ch
6415154def
Removing debug() calls.
2001-12-26 19:01:07 +00:00
ian%hixie.ch
ff47917188
Removing debug() calls, and removed the mention of a user 'logged out' state now that logging our is protocol specific.
2001-12-26 18:52:23 +00:00
ian%hixie.ch
0c63b62da7
Adding some error handling for the case where connecting to the AIM server fails. Also removing an extraneous dump() statement.
2001-12-26 18:35:16 +00:00
ian%hixie.ch
caac55f5f3
An implementation of a logout service for HTTP.
2001-12-26 18:34:01 +00:00
ian%hixie.ch
c869b6822d
Since User.pm is now calling this object's 'hash' method instead of using 'data' directly, we had better implement 'hash'. Also make setting the property always check that the value being set is valid.
2001-12-26 18:19:15 +00:00
ian%hixie.ch
f1129a6449
Since logout is now protocol specific, removing support for logging out from the user object. Also making the 'hash' method more generic by making it call the field 'hash' method instead of assuming it will never pass more than the data of a field.
2001-12-26 18:15:14 +00:00
ian%hixie.ch
25ba099600
Changed the implementation of cmdSetup to store the results of the selecting service lists in an array instead of a scalar.
2001-12-26 17:45:05 +00:00
ian%hixie.ch
39a7e0dafe
Change from a hard-coded logout mechanism to a generic per-protocol logout mechanism.
2001-12-26 17:38:41 +00:00
ian%hixie.ch
763aa79b24
A new type of user field for strings that are in the form of integers.
2001-12-26 17:18:00 +00:00
ian%hixie.ch
8be4dec718
Removed some |scalar()|s where they were redundant, added some XXX comments, and fixed a couple of logic errors (>2 should have been >=2 and stuff like that -- this code really should use named constants)
2001-12-26 16:46:06 +00:00
ian%hixie.ch
a8a4ffb711
|not| implies a scalar context, so there's no need for an explicit |scalar()|
2001-12-26 16:10:17 +00:00
ian%hixie.ch
6a8b581138
Removed a redundant |scalar()| -- |if| implies a scalar context anyway.
2001-12-26 16:05:54 +00:00
ian%hixie.ch
77fac412e2
Clarified a comment.
2001-12-26 16:03:55 +00:00
ian%hixie.ch
5bb8ed02a5
A few minor fixes: checked for a reference being defined rather than being true (twice), replaced some double quotes with single quotes, and removed a trailing dot on a call to error().
2001-12-26 15:45:01 +00:00
ian%hixie.ch
a75437cefb
Removing a level 10 dump statement that was being hit a lot.
2001-12-26 15:42:21 +00:00
ian%hixie.ch
988853e179
Removing a bunch of dump(10, ...) calls. It turns out that dump() is actually quite expensive, and calling it 1000+ times just to do nothing isn't that useful. In addition, most of these dump()s were used to debug the core PLIF code which now works pretty well, so they aren't that useful any more.
2001-12-04 18:06:06 +00:00
ian%hixie.ch
0ac4b20d8e
PLIF::Service::XML::Char() was the most expensive function in a typical profile. This takes it completely off the radar by not bothering to merge adjacent strings.
2001-12-04 17:51:23 +00:00
ian%hixie.ch
199ee1a91f
Changed the groupsById and groupsByName hashes of arrays into hashes of hashes to make them friendlier to handle. Also fixed some typos (groupByID instead of groupsByID, and one case of groupsByID where groupsByName was meant) and optimised away a call to dataSource.user's getGroupName method (since we already know the name).
2001-12-04 14:34:54 +00:00
ian%hixie.ch
a4d4cebebf
Fixing copy/paste error -- the user prefs object isn't the application object...
2001-12-04 13:40:04 +00:00
ian%hixie.ch
b382ef763c
Make '0' and '' be equivalent to 'default' for the 'order' attribute of the <set> element. This makes defaulting actually work (missing attributes seem to get set to ''?).
2001-12-04 13:08:39 +00:00
ian%hixie.ch
9868c69a29
Place a 5 second timeout on the SMTP object -- this makes running setup bearable without an SMTP server (the default timeout is 2 minutes).
2001-12-04 12:53:40 +00:00
ian%hixie.ch
1454dc7651
getFieldsHierarchically() will now return an even prettier result. Since it is mainly (currently only?) used for creating the data hash sent to the string expanders, this makes it a lot easier to author the templates. No silly numbers to remember. :-)
2001-12-04 12:51:48 +00:00
ian%hixie.ch
09282c5818
Fixed a bug in the main run loop whereby the objects array wasn't freed until shutdown, which sometimes meant objects got destroyed after the application, which is bad when the objects use the application to find services, etc. (This doesn't happen with services since services are not allowed to store references to the application, either directly or indirectly through references to objects or service instances.) Fixed the logout code to wait until the user tries to do something that requires login before clearing the logging out flag. This fixes a bug with HTTP whereby if a user logged out then his UA wouldn't ever be sent a 401 so wouldn't ever lose the authentication info, because browsers send the authentication info regardless of whether a page needs it or not. Also took the opportunity to remove a potential bug in the input validator code: store the admin message instead of a reference to the user object which might end up with a lifetime longer than expected.
2001-12-01 04:37:26 +00:00
ian%hixie.ch
ac14fa1708
Removed an outdated comment. It is now safe to have a single module be a service, one or more service instances, and one or more objects all at the same time.
2001-12-01 04:29:20 +00:00
ian%hixie.ch
79c1860606
Made all dependencies load their modules on demand rather than on startup (cuts down the page serving time by about 50%). Also removed some debugging statements in certain high profile areas.
2001-11-30 20:48:36 +00:00
ian%hixie.ch
050ad60758
Added support for easily getting the original key name of a munged key: added a virtual '.coses: original key' entry to all hashes in COSES (works similar to the virtual '.length' item that all arrays have). Edited the debug string to mention these virtual items.
2001-11-30 16:20:22 +00:00
ian%hixie.ch
389c6783a8
Fixing an inconsistency between getArgument() and peekArgument(). peekArgument() now returns an empty list in an array context if there is no such argument, instead of undef. This makes it act like getArgument(), which just returns the list of values in an array context. Similarly, made the default implementation of peekArgument() whine about not being implemented instead of returning undef, since by design peekArgument() should return the same as getArgument() if the argument is present.
2001-11-30 16:13:00 +00:00
ian%hixie.ch
d7607585fc
Adding error handling for the case where the user prefs editor is called with bogus user IDs.
2001-11-30 16:06:45 +00:00
ian%hixie.ch
004b78a163
Implemented logout and explicit new account creation in the login service. Had to add removeObject() to the Controller module (the opposite of the exisiting addObject()).
2001-11-30 13:31:29 +00:00
ian%hixie.ch
d0f1adf983
Minor fixes to make the previous checkin actually compile...
2001-11-29 20:23:48 +00:00
ian%hixie.ch
ae996eb3e1
* Corrected some inaccurate comments I came across.
...
* Added support for group membership levels (now you can be a normal member, as before, but also a group op or a group admin) -- this affected the user data source, the mysql data source, and the user service.
* Added a getFieldsHierarchically() method to the user data source.
* Added a getFieldsByCategory() method to the user data source.
* Fixed a typo in some of the SQL in the rights management part of the MySQL user data source.
* Added support in the arguments input module for treating the arguments as dot-delimited trees and returning a specific branch.
* Added support in the passwords service for encrypting a specific password.
* Added a getFieldByID() method to the user service.
* Made the groups in the user service be indexed by both ID and Name.
* Implemented the user preferences component.
2001-11-29 18:03:38 +00:00
ian%hixie.ch
002b60fd9c
work in progress: a component that provides a way for users and admins to edit user preferences, settings, contact details, password, etc.
2001-11-23 00:16:44 +00:00