Merge branch '2.8' into 2.9

CHANGELOG

@@ -11,6 +11,11 @@ Version 2.9.0-dev 2014-
 - updated bundled Symfony ClassLoader to version 2.3.7 (Thorsten)
 - dropped support for ext/mysql (Thorsten)
 
+Version 2.8.5 - 2013-12-
+- fixed SSO logins with mod_auth_kerb (Stephane Lapie)
+- updated Dutch translation
+- fixed some minor bugs (Thorsten)
+
 Version 2.8.4 - 2013-11-26
 - fixed possible arbitrary PHP code execution (Thorsten)
 - updated Chinese (Traditional) translation

phpmyfaq/inc/PMF/Auth/Ldap.php

@@ -101,6 +101,18 @@ public function add($login, $pass)
     {
         $user   = new PMF_User($this->_config);
         $result = $user->createUser($login, null);
+        $this->ldap = new PMF_Ldap($this->_config);
+        $this->ldap->connect(
+            $this->_ldapConfig['ldap_server'],
+            $this->_ldapConfig['ldap_port'],
+            $this->_ldapConfig['ldap_base'],
+            $this->_ldapConfig['ldap_user'],
+            $this->_ldapConfig['ldap_password']
+        );
+
+        if ($this->ldap->error) {
+            $this->errors[] = $this->ldap->error;
+        } 
 
         $user->setStatus('active');
 
@@ -215,4 +227,4 @@ public function checkLogin($login, Array $optionalData = null)
     {
         return $this->ldap->getCompleteName($login);
     }
-}
+}

phpmyfaq/inc/PMF/Auth/Sso.php

@@ -1,6 +1,7 @@
 <?php
 /**
  * Manages user authentication with Apache's SSO authentication, e.g. mod_sspi
+ * or mod_auth_kerb
  *
  * PHP Version 5.3
  *
@@ -35,12 +36,11 @@
 class PMF_Auth_Sso extends PMF_Auth implements PMF_Auth_Driver
 {
     /**
-     * Adds a new user account to the authentication table.
+     * Always returns true because of SSO
      *
-     * Returns true on success, otherwise false.
+     * @param string $login Loginname
+     * @param string $pass  Password
      *
-     * @param  string $login Loginname
-     * @param  string $pass  Password
      * @return boolean
      */
     public function add($login, $pass)
@@ -49,14 +49,11 @@ public function add($login, $pass)
     }
 
     /**
-     * Changes the password for the account specified by login.
+     * Always returns true because of SSO
      *
-     * Returns true on success, otherwise false.
+     * @param string $login Loginname
+     * @param string $pass  Password
      *
-     * Error messages are added to the array errors.
-     *
-     * @param  string $login Loginname
-     * @param  string $pass  Password
      * @return boolean
     */
     public function changePassword($login, $pass)
@@ -65,13 +62,10 @@ public function changePassword($login, $pass)
     }
 
     /**
-     * Deletes the user account specified by login.
-     *
-     * Returns true on success, otherwise false.
+     * Always returns true because of SSO
      *
-     * Error messages are added to the array errors.
+     * @param string $login Loginname
      *
-     * @param  string $login Loginname
      * @return bool
      */
     public function delete($login)
@@ -80,31 +74,30 @@ public function delete($login)
     }
 
     /**
-     * Checks the password for the given user account.
-     *
-     * Returns true if the given password for the user account specified by
-     * is correct, otherwise false.
-     * Error messages are added to the array errors.
+     * Checks if the username of the remote user is equal to the login name
      *
-     * This function is only called when local authentication has failed, so
-     * we are about to create user account.
+     * @param string $login        Loginname
+     * @param string $pass         Password
+     * @param array  $optionalData Optional data
      *
-     * @param  string $login        Loginname
-     * @param  string $pass         Password
-     * @param  array  $optionalData Optional data
      * @return boolean
      */
     public function checkPassword($login, $pass, Array $optionalData = null)
     {
         if (!isset($_SERVER['REMOTE_USER'])) {
             return false;
         } else {
-            // Check if "DOMAIN\user" or only "user"
-            $remoteUser = explode("\\", $_SERVER['REMOTE_USER']);
-            if (is_array($remoteUser)) {
+            // Check if "DOMAIN\user", "user@DOMAIN" or only "user"
+            $remoteUser = explode('\\', $_SERVER['REMOTE_USER']);
+            if (is_array($remoteUser) && count($remoteUser) > 1) {
                 $user = $remoteUser[1];
             } else {
-                $user = $_SERVER['REMOTE_USER'];
+                $remoteUser = explode('@', $_SERVER['REMOTE_USER']);
+                if (is_array($remoteUser) && count($remoteUser) > 1) {
+                    $user = $remoteUser[0];
+                } else {
+                    $user = $_SERVER['REMOTE_USER'];
+                }
             }
             if ($user === $login) {
                 return true;
@@ -115,11 +108,12 @@ public function checkPassword($login, $pass, Array $optionalData = null)
     }
 
     /**
-     * Does nothing. A function required to be a valid auth.
+     * Returns true, if $_SERVER['REMOTE_USER'] is set.
      *
-     * @param  string $login        Loginname
-     * @param  array  $optionalData Optional data
-     * @return integer
+     * @param string $login        Loginname
+     * @param array  $optionalData Optional data
+     *
+     * @return boolean
      */
     public function checkLogin($login, Array $optionalData = null)
     {

phpmyfaq/inc/PMF/Faq.php

@@ -363,6 +363,7 @@ public function showAllRecords($categoryId, $orderby = 'id', $sortby = 'ASC')
             AND
                 fd.lang = '%s'
             %s
+            GROUP BY fd.id
             %s",
             PMF_Db::getTablePrefix(),
             PMF_Db::getTablePrefix(),

phpmyfaq/inc/PMF/Language.php

@@ -143,7 +143,7 @@ public function setLanguage($configDetection, $configLanguage)
         // Get the faq record language
         $_lang['artget'] = PMF_Filter::filterInput(INPUT_GET, 'artlang', FILTER_SANITIZE_STRING);
         if (!is_null($_lang['artget']) && !self::isASupportedLanguage($_lang['artget']) ) {
-            $_lang['get'] = null;
+            $_lang['artget'] = null;
         }
         // Get the language from the session
         if (isset($_SESSION['pmf_lang']) && self::isASupportedLanguage($_SESSION['pmf_lang']) ) {