missing files from filemanager mount GUI

This commit is contained in:
Ralf Becker 2021-09-13 17:41:21 +02:00
parent 36e42790f3
commit bad32959c2
3 changed files with 10 additions and 36 deletions

View File

@ -1995,27 +1995,6 @@ class Session
} }
} }
/**
* Create a hash from user and pw
*
* Can be used to check setup config user/password inside egroupware:
*
* if (Api\Session::user_pw_hash($user,$pw) === $GLOBALS['egw_info']['server']['config_hash'])
*
* @param string $user username
* @param string $password password or md5 hash of password if $allow_password_md5
* @param boolean $allow_password_md5 =false can password alread be an md5 hash
* @return string
*/
static function user_pw_hash($user,$password,$allow_password_md5=false)
{
$password_md5 = $allow_password_md5 && preg_match('/^[a-f0-9]{32}$/',$password) ? $password : md5($password);
$hash = sha1(strtolower($user).$password_md5);
return $hash;
}
/** /**
* Initialise the used session handler * Initialise the used session handler
* *

View File

@ -112,15 +112,9 @@ $GLOBALS['egw_info']['server'] += $GLOBALS['egw_domain'][$GLOBALS['egw_info']['u
// the egw-object instanciates all sub-classes (eg. $GLOBALS['egw']->db) and the egw_info array // the egw-object instanciates all sub-classes (eg. $GLOBALS['egw']->db) and the egw_info array
$GLOBALS['egw'] = new Egw(array_keys($GLOBALS['egw_domain'])); $GLOBALS['egw'] = new Egw(array_keys($GLOBALS['egw_domain']));
// store domain config user&pw as a hash (originals get unset)
$GLOBALS['egw_info']['server']['config_hash'] = Session::user_pw_hash($GLOBALS['egw_domain'][$GLOBALS['egw_info']['user']['domain']]['config_user'],
$GLOBALS['egw_domain'][$GLOBALS['egw_info']['user']['domain']]['config_passwd'],true);
if ($GLOBALS['egw_info']['flags']['currentapp'] != 'login' && !$GLOBALS['egw_info']['server']['show_domain_selectbox']) if ($GLOBALS['egw_info']['flags']['currentapp'] != 'login' && !$GLOBALS['egw_info']['server']['show_domain_selectbox'])
{ {
unset($GLOBALS['egw_domain']); // we kill this for security reasons unset($GLOBALS['egw_domain']); // we kill this for security reasons
unset($GLOBALS['egw_info']['server']['header_admin_user']);
unset($GLOBALS['egw_info']['server']['header_admin_password']);
} }
// saving the the egw_info array and the egw-object in the session // saving the the egw_info array and the egw-object in the session

View File

@ -283,10 +283,8 @@ class setup
$auth_type = strtolower($_auth_type); $auth_type = strtolower($_auth_type);
$GLOBALS['egw_info']['setup']['HeaderLoginMSG'] = $GLOBALS['egw_info']['setup']['ConfigLoginMSG'] = ''; $GLOBALS['egw_info']['setup']['HeaderLoginMSG'] = $GLOBALS['egw_info']['setup']['ConfigLoginMSG'] = '';
if(!$this->checkip(isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? if (($GLOBALS['egw_info']['setup']['ConfigLoginMSG'] = self::checkip()))
$_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']))
{ {
//error_log(__METHOD__."('$auth_type') invalid IP");
return false; return false;
} }
@ -405,15 +403,19 @@ class setup
* Check for correct IP, if an IP address should be enforced * Check for correct IP, if an IP address should be enforced
* *
* @param string $remoteip * @param string $remoteip
* @return boolean * @return string error-message or null on success
*/ */
function checkip($remoteip='') public static function checkip($remoteip=null)
{ {
if (!isset($remoteip))
{
$remoteip = $_SERVER['HTTP_X_FORWARDED_FOR'] ?: $_SERVER['REMOTE_ADDR'];
}
//echo "<p>setup::checkip($remoteip) against setup_acl='".$GLOBALS['egw_info']['server']['setup_acl']."'</p>\n"; //echo "<p>setup::checkip($remoteip) against setup_acl='".$GLOBALS['egw_info']['server']['setup_acl']."'</p>\n";
$allowed_ips = explode(',',@$GLOBALS['egw_info']['server']['setup_acl']); $allowed_ips = explode(',',@$GLOBALS['egw_info']['server']['setup_acl']);
if(empty($GLOBALS['egw_info']['server']['setup_acl']) || !is_array($allowed_ips)) if(empty($GLOBALS['egw_info']['server']['setup_acl']) || !is_array($allowed_ips))
{ {
return True; // no test return null; // no test
} }
$remotes = explode('.',$remoteip); $remotes = explode('.',$remoteip);
foreach($allowed_ips as $value) foreach($allowed_ips as $value)
@ -433,12 +435,11 @@ class setup
} }
if ($i == count($values)) if ($i == count($values))
{ {
return True; // match return null; // match
} }
} }
$GLOBALS['egw_info']['setup']['ConfigLoginMSG'] = lang('Invalid IP address').' '.$remoteip;
error_log(__METHOD__.'-> checking IP failed:'.print_r($remoteip,true)); error_log(__METHOD__.'-> checking IP failed:'.print_r($remoteip,true));
return False; return lang('Invalid IP address').' '.$remoteip;
} }
/** /**