diff --git a/inc/auth.php b/inc/auth.php
index 6a4108a7caf4964fbed1548a8ae0e7e4496806c0..49bb2d4d9c41413bb1e6b5602ba39c4c7789389b 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -35,6 +35,7 @@ function auth_setup(){
global $auth;
global $AUTH_ACL;
global $lang;
+ global $config_cascade;
$AUTH_ACL = array();
if(!$conf['useacl']) return false;
@@ -102,8 +103,8 @@ function auth_setup(){
}
//load ACL into a global array XXX
- if(is_readable(DOKU_CONF.'acl.auth.php')){
- $AUTH_ACL = file(DOKU_CONF.'acl.auth.php');
+ if(is_readable($config_cascade['acl']['default'])){
+ $AUTH_ACL = file($config_cascade['acl']['default']);
//support user wildcard
if(isset($_SERVER['REMOTE_USER'])){
$AUTH_ACL = str_replace('%USER%',$_SERVER['REMOTE_USER'],$AUTH_ACL);
diff --git a/inc/auth/plain.class.php b/inc/auth/plain.class.php
index af4fadb365e8d6c8452da023459fca37d602f21a..ec9e52beb191aa91d988148cbb0a0e4658b334f8 100644
--- a/inc/auth/plain.class.php
+++ b/inc/auth/plain.class.php
@@ -7,8 +7,6 @@
* @author Chris Smith <chris@jalakai.co.uk>
*/
-define('AUTH_USERFILE',DOKU_CONF.'users.auth.php');
-
class auth_plain extends auth_basic {
var $users = null;
@@ -23,10 +21,12 @@ class auth_plain extends auth_basic {
* @author Christopher Smith <chris@jalakai.co.uk>
*/
function auth_plain() {
- if (!@is_readable(AUTH_USERFILE)){
+ global $config_cascade;
+
+ if (!@is_readable($config_cascade['plainauth.users']['default'])){
$this->success = false;
}else{
- if(@is_writable(AUTH_USERFILE)){
+ if(@is_writable($config_cascade['plainauth.users']['default'])){
$this->cando['addUser'] = true;
$this->cando['delUser'] = true;
$this->cando['modLogin'] = true;
@@ -89,6 +89,7 @@ class auth_plain extends auth_basic {
*/
function createUser($user,$pwd,$name,$mail,$grps=null){
global $conf;
+ global $config_cascade;
// user mustn't already exist
if ($this->getUserData($user) !== false) return false;
@@ -102,12 +103,13 @@ class auth_plain extends auth_basic {
$groups = join(',',$grps);
$userline = join(':',array($user,$pass,$name,$mail,$groups))."\n";
- if (io_saveFile(AUTH_USERFILE,$userline,true)) {
+ if (io_saveFile($config_cascade['plainauth.users']['default'],$userline,true)) {
$this->users[$user] = compact('pass','name','mail','grps');
return $pwd;
}
- msg('The '.AUTH_USERFILE.' file is not writable. Please inform the Wiki-Admin',-1);
+ msg('The '.$config_cascade['plainauth.users']['default'].
+ ' file is not writable. Please inform the Wiki-Admin',-1);
return null;
}
@@ -123,6 +125,7 @@ class auth_plain extends auth_basic {
global $conf;
global $ACT;
global $INFO;
+ global $config_cascade;
// sanity checks, user must already exist and there must be something to change
if (($userinfo = $this->getUserData($user)) === false) return false;
@@ -147,7 +150,7 @@ class auth_plain extends auth_basic {
return false;
}
- if (!io_saveFile(AUTH_USERFILE,$userline,true)) {
+ if (!io_saveFile($config_cascade['plainauth.users']['default'],$userline,true)) {
msg('There was an error modifying your user data. You should register again.',-1);
// FIXME, user has been deleted but not recreated, should force a logout and redirect to login page
$ACT == 'register';
@@ -166,6 +169,7 @@ class auth_plain extends auth_basic {
* @return int the number of users deleted
*/
function deleteUsers($users) {
+ global $config_cascade;
if (!is_array($users) || empty($users)) return 0;
@@ -180,7 +184,7 @@ class auth_plain extends auth_basic {
$pattern = '/^('.join('|',$deleted).'):/';
- if (io_deleteFromFile(AUTH_USERFILE,$pattern,true)) {
+ if (io_deleteFromFile($config_cascade['plainauth.users']['default'],$pattern,true)) {
foreach ($deleted as $user) unset($this->users[$user]);
return count($deleted);
}
@@ -271,11 +275,13 @@ class auth_plain extends auth_basic {
* @author Andreas Gohr <andi@splitbrain.org>
*/
function _loadUserData(){
+ global $config_cascade;
+
$this->users = array();
- if(!@file_exists(AUTH_USERFILE)) return;
+ if(!@file_exists($config_cascade['plainauth.users']['default'])) return;
- $lines = file(AUTH_USERFILE);
+ $lines = file($config_cascade['plainauth.users']['default']);
foreach($lines as $line){
$line = preg_replace('/#.*$/','',$line); //ignore comments
$line = trim($line);
diff --git a/inc/config_cascade.php b/inc/config_cascade.php
new file mode 100644
index 0000000000000000000000000000000000000000..81c455dc37c26f126e68a34c9ec39f3e504a5d94
--- /dev/null
+++ b/inc/config_cascade.php
@@ -0,0 +1,57 @@
+<?php
+/**
+ * The default config cascade
+ *
+ * This array configures the default locations of various files in the
+ * DokuWiki directory hierarchy. It can be overriden in inc/preload.php
+ */
+$config_cascade = array(
+ 'main' => array(
+ 'default' => array(DOKU_CONF.'dokuwiki.php'),
+ 'local' => array(DOKU_CONF.'local.php'),
+ 'protected' => array(DOKU_CONF.'local.protected.php'),
+ ),
+ 'acronyms' => array(
+ 'default' => array(DOKU_CONF.'acronyms.conf'),
+ 'local' => array(DOKU_CONF.'acronyms.local.conf'),
+ ),
+ 'entities' => array(
+ 'default' => array(DOKU_CONF.'entities.conf'),
+ 'local' => array(DOKU_CONF.'entities.local.conf'),
+ ),
+ 'interwiki' => array(
+ 'default' => array(DOKU_CONF.'interwiki.conf'),
+ 'local' => array(DOKU_CONF.'interwiki.local.conf'),
+ ),
+ 'license' => array(
+ 'default' => array(DOKU_CONF.'license.php'),
+ 'local' => array(DOKU_CONF.'license.local.php'),
+ ),
+ 'mediameta' => array(
+ 'default' => array(DOKU_CONF.'mediameta.php'),
+ 'local' => array(DOKU_CONF.'mediameta.local.php'),
+ ),
+ 'mime' => array(
+ 'default' => array(DOKU_CONF.'mime.conf'),
+ 'local' => array(DOKU_CONF.'mime.local.conf'),
+ ),
+ 'scheme' => array(
+ 'default' => array(DOKU_CONF.'scheme.conf'),
+ 'local' => array(DOKU_CONF.'scheme.local.conf'),
+ ),
+ 'smileys' => array(
+ 'default' => array(DOKU_CONF.'smileys.conf'),
+ 'local' => array(DOKU_CONF.'smileys.local.conf'),
+ ),
+ 'wordblock' => array(
+ 'default' => array(DOKU_CONF.'wordblock.conf'),
+ 'local' => array(DOKU_CONF.'wordblock.local.conf'),
+ ),
+ 'acl' => array(
+ 'default' => DOKU_CONF.'acl.auth.php',
+ ),
+ 'plainauth.users' => array(
+ 'default' => DOKU_CONF.'users.auth.php',
+ ),
+);
+
diff --git a/inc/init.php b/inc/init.php
index 9a3eaf9c98ad57c51b2df6ed8a4f1975a432d18d..b53167e3c7d12e92ccfb85a54ab6ec340e343db2 100644
--- a/inc/init.php
+++ b/inc/init.php
@@ -54,49 +54,7 @@ global $cache_metadata;
//set the configuration cascade - but only if its not already been set in preload.php
if (empty($config_cascade)) {
- $config_cascade = array(
- 'main' => array(
- 'default' => array(DOKU_CONF.'dokuwiki.php'),
- 'local' => array(DOKU_CONF.'local.php'),
- 'protected' => array(DOKU_CONF.'local.protected.php'),
- ),
- 'acronyms' => array(
- 'default' => array(DOKU_CONF.'acronyms.conf'),
- 'local' => array(DOKU_CONF.'acronyms.local.conf'),
- ),
- 'entities' => array(
- 'default' => array(DOKU_CONF.'entities.conf'),
- 'local' => array(DOKU_CONF.'entities.local.conf'),
- ),
- 'interwiki' => array(
- 'default' => array(DOKU_CONF.'interwiki.conf'),
- 'local' => array(DOKU_CONF.'interwiki.local.conf'),
- ),
- 'license' => array(
- 'default' => array(DOKU_CONF.'license.php'),
- 'local' => array(DOKU_CONF.'license.local.php'),
- ),
- 'mediameta' => array(
- 'default' => array(DOKU_CONF.'mediameta.php'),
- 'local' => array(DOKU_CONF.'mediameta.local.php'),
- ),
- 'mime' => array(
- 'default' => array(DOKU_CONF.'mime.conf'),
- 'local' => array(DOKU_CONF.'mime.local.conf'),
- ),
- 'scheme' => array(
- 'default' => array(DOKU_CONF.'scheme.conf'),
- 'local' => array(DOKU_CONF.'scheme.local.conf'),
- ),
- 'smileys' => array(
- 'default' => array(DOKU_CONF.'smileys.conf'),
- 'local' => array(DOKU_CONF.'smileys.local.conf'),
- ),
- 'wordblock' => array(
- 'default' => array(DOKU_CONF.'wordblock.conf'),
- 'local' => array(DOKU_CONF.'wordblock.local.conf'),
- ),
- );
+ include(DOKU_INC.'inc/config_cascade.php');
}
//prepare config array()
diff --git a/inc/lang/en/lang.php b/inc/lang/en/lang.php
index 1fddfe7278b5eab8d8c503855f28271a226bbffc..802a903608ddc3731859c8bcd8062b2bd6de83c1 100644
--- a/inc/lang/en/lang.php
+++ b/inc/lang/en/lang.php
@@ -119,6 +119,7 @@ $lang['deletefail'] = '"%s" couldn\'t be deleted - check permissions.';
$lang['mediainuse'] = 'The file "%s" hasn\'t been deleted - it is still in use.';
$lang['namespaces'] = 'Namespaces';
$lang['mediafiles'] = 'Available files in';
+$lang['accessdenied'] = 'You are not allowed to view this page.';
$lang['js']['searchmedia'] = 'Search for files';
$lang['js']['keepopen'] = 'Keep window open on selection';
diff --git a/inc/parser/parser.php b/inc/parser/parser.php
index 48facd6b5b809e8b6976c090c251f686cd213b25..435b8aa460c4a34a96d67df0e87480228754a6e5 100644
--- a/inc/parser/parser.php
+++ b/inc/parser/parser.php
@@ -413,8 +413,8 @@ class Doku_Parser_Mode_listblock extends Doku_Parser_Mode {
}
function connectTo($mode) {
- $this->Lexer->addEntryPattern('\n {2,}[\-\*]',$mode,'listblock');
- $this->Lexer->addEntryPattern('\n\t{1,}[\-\*]',$mode,'listblock');
+ $this->Lexer->addEntryPattern('[ \t]*\n {2,}[\-\*]',$mode,'listblock');
+ $this->Lexer->addEntryPattern('[ \t]*\n\t{1,}[\-\*]',$mode,'listblock');
$this->Lexer->addPattern('\n {2,}[\-\*]','listblock');
$this->Lexer->addPattern('\n\t{1,}[\-\*]','listblock');
diff --git a/lib/exe/mediamanager.php b/lib/exe/mediamanager.php
index 1fe3639850bfbd4e8f3e60ec1e209267a3f3349d..c79a25c084dc9f2a7302bc27a43615f2fc6bb440 100644
--- a/lib/exe/mediamanager.php
+++ b/lib/exe/mediamanager.php
@@ -34,6 +34,12 @@
// check auth
$AUTH = auth_quickaclcheck("$NS:*");
+ // do not display the manager if user does not have read access
+ if($AUTH < AUTH_READ) {
+ header('HTTP/1.0 403 Forbidden');
+ die($lang['accessdenied']);
+ }
+
// create the given namespace (just for beautification)
if($AUTH >= AUTH_UPLOAD) { io_createNamespace("$NS:xxx", 'media'); }
diff --git a/lib/plugins/acl/admin.php b/lib/plugins/acl/admin.php
index 673ffbc963ae1f5d53a523dbf1d5ebee8a107a09..84932f7ac1e28a8bed5f27ebc27f085f1b483575 100644
--- a/lib/plugins/acl/admin.php
+++ b/lib/plugins/acl/admin.php
@@ -69,6 +69,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
global $AUTH_ACL;
global $ID;
global $auth;
+ global $config_cascade;
// fresh 1:1 copy without replacements
$AUTH_ACL = file(DOKU_CONF.'acl.auth.php');
@@ -161,11 +162,11 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
}
}
// save it
- io_saveFile(DOKU_CONF.'acl.auth.php', join('',$lines));
+ io_saveFile($config_cascade['acl']['default'], join('',$lines));
}
// reload ACL config
- $AUTH_ACL = file(DOKU_CONF.'acl.auth.php');
+ $AUTH_ACL = file($config_cascade['acl']['default']);
}
// initialize ACL array
@@ -696,7 +697,8 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
* @author Frank Schubert <frank@schokilade.de>
*/
function _acl_add($acl_scope, $acl_user, $acl_level){
- $acl_config = file_get_contents(DOKU_CONF.'acl.auth.php');
+ global $config_cascade;
+ $acl_config = file_get_contents($config_cascade['acl']['default']);
$acl_user = auth_nameencode($acl_user,true);
// max level for pagenames is edit
@@ -718,7 +720,8 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
* @author Frank Schubert <frank@schokilade.de>
*/
function _acl_del($acl_scope, $acl_user){
- $acl_config = file(DOKU_CONF.'acl.auth.php');
+ global $config_cascade;
+ $acl_config = file($config_cascade['acl']['default']);
$acl_user = auth_nameencode($acl_user,true);
$acl_pattern = '^'.preg_quote($acl_scope,'/').'\s+'.$acl_user.'\s+[0-8].*$';