This patch supresses a warning in the adLDAP library when a password
change is attempted but fails due to the configured Active Directory
Password Policy. Instead of the error an Exception is thrown.

This change probably needs to be replicated in the user modification
function.

Patch sent to upstream.

this splits the long auth_cryptPassword() function into many member
functions of a new class PassHash which should make it more
maintainable and reusable for other projects.

This also adds two new methods djangomd5 and djangosha1 as used by the
popular python framework Django.

Maybe the auth_cryptPassword() and auth_verifyPassword() functions
should be deprecated in favor of using the class directly?

This reverts commit fa7c70ff.

For locks and getRevisions there hasn't been any acl check. In many
other cases the id hadn't been cleaned before the acl check was done
which means that many acl rules that should be applied weren't applied.
So e.g. when you have read permissions for the root namespace but not
for a subnamespace you could add a leading ":" and the permissions for
the root namespace will be used instead of the permissions for the
subnamespace. This did not apply to writing pages and reading media
files, but writing and deleting media files have been concerned as well
as reading both plain and html versions of pages.

This only concerns installations where XML-RPC is enabled (default is
disabled) and XML-RPC is allowed for all or untrusted users.

This reverts commit 58a22bd0.

It was accidentally pushed to the repo.

This removes headers that are sent by PHP/the webserver anyway as they
are possibly wrong as e.g. when gzip compression is enabled in
inc/init.php (which does happen when the client supports gzip) the
content size is smaller than the one that was specified by the
content-length header and thus e.g. the Python XML-RPC client fails with
an error message because of the size mismatch. Additionally the content
encoding is now set to utf-8 in the http headers.

Sometimes (when using rewriting with the workaround for CGI mode
described at
http://www.besthostratings.com/articles/http-auth-php-cgi.html) the
HTTP_AUTHORIZATION variable is renamed, this change detects this
renaming and uses the renamed variable.

Not sure if this sympol is the best to use. I'm open for different
suggestions.

Template auhtors still can overwrite the symbol of course.

This makes it possible for plugin and template authors to overwrite or
extend the quicksearch JavaScript logic.

$NS is only used in lib/exe/{ajax,mediamanager}.php when no $ID context
is present. The two functions which use $NS in inc/template.php are only
called through those both endpoints, not through doku.php. In doku.php,
$ID is the only correct value, $NS is not kept synchronous with $ID.

Use getNS($ID) in functions which are called through doku.php.

This patch moves the shortening of namespaces in the quicksearch results
to JavaScript. This makes it independend from used template and will
always try to fill the width of the result pane correctly.

Things missing:

  * Make it work with RTL-languages
  * Check Browser compatibility (only tested in Chrome so far)

[+] New feature: Move the user to a new OU using user_move() function
[-] Bug fix: Prevent an 'undefined index' error in recursive_groups()
    when full PHP E_ALL logging is enabled
[-] Bug fix: user_groups() does not return primary group when objectsid
    is not given (Tracker ID:2931213)
[-] Bug fix: Undefined index in function user_info for non-existent
    users (Tracker ID:2922729)
[-] Bug fix: Force user_info to find objectCategory of person as if a
    sAMAccountName also exists in a group it will return that group.
    (Tracker ID:3006096)
[-] Bug fix: Return false for user_info if the user does not exist
[-] Bug fix: user_info, checks for for a "count" value that not exist in
    $entries array if "memberof" isn't passed in $fields array. (Tracker
    ID:2993172)
[-] Bug fix: In authenticate() if user authentication fails function
    returns and does not rebind with admin credentials - so the other
    funcions don't work anymore as $this->_bind === false. (Tracker
    ID:2987887)
[-] Bug fix: When calling $ldap->user_modify('user',
    array("expires"=>0)) the function fails due to the value being 0.
    Changed to isset (Tracker ID:3036726)