[sork] [vacation] [patch] missing hordeauth and norealm in conf.xml

Martin Luethi horde at humbapa.ch
Thu Jan 29 00:50:32 PST 2004


attached is a patch who adds hordeauth and norealm to config.xml
and allows hordeauth to be 'full'

g. tinu


Wed, 28 Jan 2004 11:59:29 +0100 Martin Luethi <horde at humbapa.ch>:
> hi list,
>
> the hordeauth- and norealm-parameters are missing in the
> vacation xml-config (except for the forwards-driver)
>
> i'm not sure where to include this 2 parameters, my guess is:
> - norealm: leave it inside the forwards-driver and add it also to
>           the qmail-driver
> - hordeauth: add it to each driver
>
> would be nice to change hordeauth to string also:
> false: prompt for password
> true: use the user's login password
> full: same as true, but the username will be used unmodified (like e.g. the
>      backends-config in gollem)
>
> the following files use hordeauth also:
> vacation/templates/main/main.inc
> vacation/main.php
>
>
> g. tinu
> --
> Sork mailing list - Join the hunt: http://horde.org/bounties/#sork
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: sork-unsubscribe at lists.horde.org

-------------- next part --------------
Index: conf.xml
===================================================================
RCS file: /repository/vacation/config/conf.xml,v
retrieving revision 1.4
diff -u -r1.4 conf.xml
--- conf.xml	26 Jan 2004 08:56:42 -0000	1.4
+++ conf.xml	29 Jan 2004 08:46:26 -0000
@@ -28,7 +28,7 @@
      <configsection name="default">
       <configstring name="host" desc="Hostname where the FTP server is running on">localhost</configstring>
       <configinteger name="port" desc="Port that the FTP server is using">21</configinteger>
-      <configboolean name="hordeauth" desc="Check this if the user's login password is the right password, and you don't want them to have to confirm it">false</configboolean>
+      <configstring name="hordeauth" required="false" desc="If this parameter is present and true, then the user doesn't have to confirm his password. If this parameter is 'full', the username will be used unmodified. Otherwise, everything after and including the first @ in the username will be stripped before attempting authentication."></configstring>
       <configboolean name="norealm" desc="Check this if the domain information shouldn't be added to the email address in .forward files">false</configboolean>
       <configenum name="dbtype" desc="The type of database file to use">empty
        <values>
@@ -56,6 +56,8 @@
      <configsection name="default">
       <configstring name="host" desc="Hostname where the FTP server is running on">localhost</configstring>
       <configinteger name="port" desc="Port that the FTP server is using">21</configinteger>
+      <configstring name="hordeauth" required="false" desc="If this parameter is present and true, then the user doesn't have to confirm his password. If this parameter is 'full', the username will be used unmodified. Otherwise, everything after and including the first @ in the username will be stripped before attempting authentication."></configstring>
+      <configboolean name="norealm" desc="Check this if the domain information shouldn't be added to the email address in .forward files">false</configboolean>
      </configsection>
     </configsection>
    </case>
@@ -112,6 +114,7 @@
         <configstring name="vacation" desc="Vacation message yes or no">vacation</configstring>
        </case>
       </configswitch>
+      <configstring name="hordeauth" required="false" desc="If this parameter is present and true, then the user doesn't have to confirm his password. If this parameter is 'full', the username will be used unmodified. Otherwise, everything after and including the first @ in the username will be stripped before attempting authentication."></configstring>
      </configsection>
     </configsection>
    </case>
@@ -132,6 +135,7 @@
       <configstring name="basedn" desc="Basedn">ou=mailaccount,dc=example,dc=com</configstring>
       <configstring name="userdn" required="false" desc="Userdn"></configstring>
       <configstring name="vacation" desc="The attribute to search for. If it exists it defines the vacation message">autoreply</configstring>
+      <configstring name="hordeauth" required="false" desc="If this parameter is present and true, then the user doesn't have to confirm his password. If this parameter is 'full', the username will be used unmodified. Otherwise, everything after and including the first @ in the username will be stripped before attempting authentication."></configstring>
      </configsection>
     </configsection>
    </case>
-------------- next part --------------
Index: main.inc
===================================================================
RCS file: /repository/vacation/templates/main/main.inc,v
retrieving revision 1.21
diff -u -r1.21 main.inc
--- main.inc	16 Sep 2003 23:08:48 -0000	1.21
+++ main.inc	29 Jan 2004 08:46:01 -0000
@@ -1,9 +1,10 @@
+<?php $curhordeauth = $driver->getParam('hordeauth', $realm); ?>
 <script language="JavaScript" type="text/javascript">
 <!--
 
 function submit_form()
 {
-<?php if (!$driver->getParam('hordeauth', $realm)): ?>
+<?php if (empty($curhordeauth)): ?>
     if (document.vacation.password.value == "") {
         alert('<?php echo addslashes(_("You must provide your password")) ?>');
         document.vacation.password.focus();
@@ -64,7 +65,7 @@
 <div class="light">
 <br />
 
-<?php if (!$driver->getParam('hordeauth', $realm)): ?>
+<?php if (empty($curhordeauth)): ?>
 <?php echo _("For your protection and safety, you must identify yourself with your login password to verify this change.") ?>
 <?php echo _("Then submit the form so that your vacation notice can be updated.") ?>
 <br />
-------------- next part --------------
Index: main.php
===================================================================
RCS file: /repository/vacation/main.php,v
retrieving revision 1.38
diff -u -r1.38 main.php
--- main.php	17 Jan 2004 22:57:49 -0000	1.38
+++ main.php	29 Jan 2004 08:45:37 -0000
@@ -19,10 +19,16 @@
 $split = explode('@', Auth::getAuth());
 $user = @$split[0];
 $realm = @$split[1];
-if (empty($realm)) {
+if (empty($realm) || !@is_array($driver->params[$realm])) {
     $realm = 'default';
 }
 
+// Check if hordeauth is set to 'full'
+$hordeauth = $driver->getParam('hordeauth', $realm);
+if ($hordeauth === 'full') {
+        $user = Auth::getAuth();
+}
+
 $submit = Util::getFormData('submit', false);
 
 if ($submit) {
@@ -32,20 +38,21 @@
                             'horde.warning');
     }
 
-    // Check for refused usernames, using current horde username.
-    if (in_array($user, $conf['user']['refused'])) {
-        $notification->push(sprintf(_("You can't change the vacation notice for %s."), $user), 'horde.error');
-        $vacationmode = 'error';
-    }
-
-    if ($driver->getParam('hordeauth', $realm)) {
-        $password = Auth::getCredential('password');
-    } else {
+    // Check for password
+    if (empty($hordeauth)) {
         $password = Util::getFormData('password', false);
         if (empty($password)) {
             $notification->push(_("You must give your password"), 'horde.warning');
             $vacationmode = 'error';
         }
+    } else {
+        $password = Auth::getCredential('password');
+    }
+
+    // Check for refused usernames, using current horde username.
+    if (in_array($user, $conf['user']['refused'])) {
+        $notification->push(sprintf(_("You can't change the vacation notice for %s."), $user), 'horde.error');
+        $vacationmode = 'error';
     }
 
     // Call the requested function.


More information about the sork mailing list