diff options
| author | petko <petko@524c5546-5005-0410-9a3e-e25e191bd360> | 2024-01-29 11:23:15 +0000 |
|---|---|---|
| committer | petko <petko@524c5546-5005-0410-9a3e-e25e191bd360> | 2024-01-29 11:23:15 +0000 |
| commit | fabab241f07b8aebe0c3185518349fe5df11e027 (patch) | |
| tree | 7b4785c631c75d511c2a94cadbe05ac606bf9fa9 /pmwiki.php | |
| parent | 44e5ef9f7f542203b13d8d86b04dedd98cb224f2 (diff) | |
| download | pmwiki.svn-fabab241f07b8aebe0c3185518349fe5df11e027.tar.bz2 | |
Page attributes passwords form: allow for +addition and -removal of passwords, users, groups.
git-svn-id: svn://pmwiki.org/pmwiki/trunk@4613 524c5546-5005-0410-9a3e-e25e191bd360
Diffstat (limited to 'pmwiki.php')
| -rw-r--r-- | pmwiki.php | 36 |
1 files changed, 31 insertions, 5 deletions
@@ -3044,14 +3044,40 @@ function HandlePostAttr($pagename, $auth = 'attr') { $v = stripmagic(@$_POST[$attr]); if ($v == '') continue; if ($v=='clear') unset($page[$attr]); - else if (strncmp($attr, 'passwd', 6) != 0) $page[$attr] = $v; + elseif (strncmp($attr, 'passwd', 6) != 0) $page[$attr] = $v; else { + $append = false; $unsetpw = $unsetid = []; + if (strncmp($v, '+ ', 2) ==0 ) { # add password, user, group + $append = true; + $v = substr($v, 2); + } + elseif (strncmp($v, '- ', 2)==0) { # remove password, user, group + preg_match_all('/"[^"]*"|\'[^\']*\'|\\S+/', substr($v, 2), $mm); + foreach($mm[0] as $pw) { + if (preg_match('/^(@|\\w+:)/', $pw)) $unsetid[$pw] = 1; + else $unsetpw[] = preg_replace('/^([\'"])(.*)\\1$/', '$2', $pw); + } + $v = strval(@$page[$attr]); + } $a = array(); preg_match_all('/"[^"]*"|\'[^\']*\'|\\S+/', $v, $match); - foreach($match[0] as $pw) - $a[] = preg_match('/^(@|\\w+:)/', $pw) ? $pw - : pmcrypt(preg_replace('/^([\'"])(.*)\\1$/', '$2', $pw)); - if ($a) $page[$attr] = implode(' ',$a); + foreach($match[0] as $pw) { + if (preg_match('/^(@|\\w+:)/', $pw)) { + if (!@$unsetid[$pw]) $a[] = $pw; + continue; + } + foreach($unsetpw as $unpw) { + if (pmcrypt($unpw, $pw) == $pw) continue 2; + } + $pw = preg_replace('/^([\'"])(.*)\\1$/', '$2', $pw); + + $a[] = $unsetpw || $unsetid ? $pw : pmcrypt($pw); + } + if ($a) { + if ($append) $a = array_merge($a, explode(' ', trim(strval(@$page[$attr])))); + sort($a, SORT_NATURAL | SORT_FLAG_CASE); + $page[$attr] = implode(' ', array_unique($a)); + } } } WritePage($pagename,$page); |