Compare commits

...

2 Commits

Author SHA1 Message Date
Jean-Christian Paul Denis 5e68594f22
release 1.4 2023-08-13 00:16:19 +02:00
Jean-Christian Paul Denis b89a21f101
upgrade to Dotclear 2.27 2023-08-13 00:15:04 +02:00
12 changed files with 155 additions and 250 deletions

View File

@ -1,59 +1,79 @@
1.3 - 2023.05.13
- require dotclear 2.26
- fix type hint and nullsafe warnings
httpPassword 1.4 - 2023.08.12
===========================================================
* Require Dotclear 2.27
* Require PHP 7.4+
* Upgrade to Dotclear 2.27
* Remove custom permission, only admin can handle httpPassword
* Move third party repository
* Use Dotclear style for CHANGELOG
1.2 - 2023.04.22
- require dotclear 2.26
- add plugin Uninstaller features
- use latest dotclear namespace
- fix static init
- fix permission
- code doc and review
httpPassword 1.3 - 2023.05.13
===========================================================
* require dotclear 2.26
* fix type hint and nullsafe warnings
1.1 - 2023.03.25
- require dotclear 2.26
- use namespace
httpPassword 1.2 - 2023.04.22
===========================================================
* require dotclear 2.26
* add plugin Uninstaller features
* use latest dotclear namespace
* fix static init
* fix permission
* code doc and review
1.0 - 2022.12.30
- update to dotclear 2.24
- change settings names
- remove debug mode
- use dcLog table for last logins
httpPassword 1.1 - 2023.03.25
===========================================================
* require dotclear 2.26
* use namespace
0.5.10
- fix typo
- fix for PHP 5.3 compliance
httpPassword 1.0 - 2022.12.30
===========================================================
* update to dotclear 2.24
* change settings names
* remove debug mode
* use dcLog table for last logins
0.5.9
- fix bug in history page (PHP errors when history was empty)
- add page "debug" in plugin page in order to get infos about hosting setup (when plugins fails to authenticate users)
httpPassword 0.5.10
===========================================================
* fix typo
* fix for PHP 5.3 compliance
0.5
- deep rewrite : HTTP auth is not directly handled by apache anymore but by a dotclear behavior
- add support of multiblog installation (thanks to Stephanie "piloue" and Gabriel for being so patient and their helpfull tests)
- add support PHP running as CGI (tested with OVH hosting services)
- auto-detect crypt functions available and let user choose it
- HTTP auth is not required in order to access to blog admin
- plugin admin page with tabs
- plugin imported to dotclear lab
httpPassword 0.5.9
===========================================================
* fix bug in history page (PHP errors when history was empty)
* add page "debug" in plugin page in order to get infos about hosting setup (when plugins fails to authenticate users)
httpPassword 0.5
===========================================================
* deep rewrite : HTTP auth is not directly handled by apache anymore but by a dotclear behavior
* add support of multiblog installation (thanks to Stephanie "piloue" and Gabriel for being so patient and their helpfull tests)
* add support PHP running as CGI (tested with OVH hosting services)
* auto-detect crypt functions available and let user choose it
* HTTP auth is not required in order to access to blog admin
* plugin admin page with tabs
* plugin imported to dotclear lab
Known issues : This plugin does not protect non-php files (images, css, js)
0.4
- check filepermission when running
- add free.fr support
httpPassword 0.4
===========================================================
* check filepermission when running
* add free.fr support
0.3
- add last connection tracker
httpPassword 0.3
===========================================================
* add last connection tracker
0.2 - 2008.11.22
- _install.php added
- password crypt function setting added
- password crypt function can be choose within trim, crypt, md5, sha1
- remonte crypt function added as rcrypt rmd5 and rsha1 : crypt function
httpPassword 0.2 - 2008.11.22
===========================================================
* _install.php added
* password crypt function setting added
* password crypt function can be choose within trim, crypt, md5, sha1
* remonte crypt function added as rcrypt rmd5 and rsha1 : crypt function
is called over http://frederic.ple.name/....
This feature can ensure plugin running on php restricted environment
(ex: OVH.COM)
0.1 : 2008-11-17
- INITIAL public release
httpPassword 0.1 : 2008-11-17
===========================================================
* INITIAL public release

View File

@ -1,11 +1,10 @@
# README
[![Release](https://img.shields.io/github/v/release/JcDenis/httpPassword)](https://github.com/JcDenis/httpPassword/releases)
[![Date](https://img.shields.io/github/release-date/JcDenis/httpPassword)](https://github.com/JcDenis/httpPassword/releases)
[![Issues](https://img.shields.io/github/issues/JcDenis/httpPassword)](https://github.com/JcDenis/httpPassword/issues)
[![Dotclear](https://img.shields.io/badge/dotclear-v2.26-blue.svg)](https://fr.dotclear.org/download)
[![Dotaddict](https://img.shields.io/badge/dotaddict-official-green.svg)](https://plugins.dotaddict.org/dc2/details/httpPassword)
[![License](https://img.shields.io/github/license/JcDenis/httpPassword)](https://github.com/JcDenis/httpPassword/blob/master/LICENSE)
[![Release](https://img.shields.io/badge/release-1.4-a2cbe9.svg)](https://git.dotclear.watch/JcDenis/httpPassword/releases)
[![Date](https://img.shields.io/badge/date-2023.08.12-c44d58.svg)](https://git.dotclear.watch/JcDenis/httpPassword/releases)
[![Dotclear](https://img.shields.io/badge/dotclear-v2.27-137bbb.svg)](https://fr.dotclear.org/download)
[![Dotaddict](https://img.shields.io/badge/dotaddict-official-9ac123.svg)](https://plugins.dotaddict.org/dc2/details/httpPassword)
[![License](https://img.shields.io/github/license/JcDenis/httpPassword)](https://git.dotclear.watch/JcDenis/httpPassword/blob/master/LICENSE)
## WHAT IS HTTPPASSWORD ?
@ -16,11 +15,11 @@ Its helps to manage .httppassword files to make a blog private.
## REQUIREMENTS
_httpPassword_ requires:
_httpPassword_ requires:
* httpPassword permission to configure
* Dotclear 2.26
* Write permissions on blogs directories
* Dotclear 2.27
* PHP 7.4+
* Write permissions on blogs directories
## USAGE
@ -31,14 +30,14 @@ Manage settings, last logins, authorized users from sidebar menu _Http password_
## LINKS
* License : [GNU GPL v2](https://www.gnu.org/licenses/old-licenses/lgpl-2.0.html)
* Source & contribution : [GitHub Page](https://github.com/JcDenis/kUtRL)
* Packages & details: [Dotaddict Page](https://plugins.dotaddict.org/dc2/details/kUtRL)
* Discussion & Help: [Dotclear Forum](http://forum.dotclear.org/viewtopic.php?pid=331158)
* License : [GNU GPL v2](https://www.gnu.org/licenses/old-licenses/lgpl-2.0.html)
* Source & contribution : [Gitea Page](https://git.dotclear.watch/JcDenis/httpPassword) or [GitHub Page](https://github.com/JcDenis/httpPassword)
* Packages & details: [Gitea Page](https://git.dotclear.watch/JcDenis/httpPassword/releases) or [Dotaddict Page](https://plugins.dotaddict.org/dc2/details/httpPassword)
* Discussion & Help: [Dotclear Forum](http://forum.dotclear.org/viewtopic.php?pid=331158)
## CONTRIBUTORS
* Frederic PLE (author)
* Jean-Christian Denis
* Frederic PLE (author)
* Jean-Christian Denis
You are welcome to contribute to this code.
You are welcome to contribute to this code.

View File

@ -10,7 +10,7 @@
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
if (!defined('DC_RC_PATH') || is_null(dcCore::app()->auth)) {
if (!defined('DC_RC_PATH')) {
return null;
}
@ -18,16 +18,15 @@ $this->registerModule(
'Http password',
'Manage .htpasswd file to make the blog private',
'Frederic PLE and contributors',
'1.3',
'1.4',
[
'requires' => [['core', '2.26']],
'requires' => [['core', '2.27']],
'permissions' => dcCore::app()->auth->makePermissions([
dcCore::app()->auth::PERMISSION_USAGE,
initHttpPassword::PERMISSION,
dcCore::app()->auth::PERMISSION_ADMIN,
]),
'type' => 'plugin',
'support' => 'https://github.com/JcDenis/' . basename(__DIR__),
'details' => 'http://plugins.dotaddict.org/dc2/details/' . basename(__DIR__),
'repository' => 'https://raw.githubusercontent.com/JcDenis/' . basename(__DIR__) . '/master/dcstore.xml',
'support' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/issues',
'details' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/src/branch/master/README.md',
'repository' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/raw/branch/master/dcstore.xml',
]
);

View File

@ -2,12 +2,12 @@
<modules xmlns:da="http://dotaddict.org/da/">
<module id="httpPassword">
<name>Http password</name>
<version>1.3</version>
<version>1.4</version>
<author>Frederic PLE and contributors</author>
<desc>Manage .htpasswd file to make the blog private</desc>
<file>https://github.com/JcDenis/httpPassword/releases/download/v1.3/plugin-httpPassword.zip</file>
<da:dcmin>2.26</da:dcmin>
<da:details>http://plugins.dotaddict.org/dc2/details/httpPassword</da:details>
<da:support>https://github.com/JcDenis/httpPassword</da:support>
<file>https://git.dotclear.watch/JcDenis/httpPassword/releases/download/v1.4/plugin-httpPassword.zip</file>
<da:dcmin>2.27</da:dcmin>
<da:details>https://git.dotclear.watch/JcDenis/httpPassword/src/branch/master/README.md</da:details>
<da:support>https://git.dotclear.watch/JcDenis/httpPassword/issues</da:support>
</module>
</modules>

View File

@ -14,39 +14,22 @@ declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcAdmin;
use dcCore;
use dcPage;
use dcMenu;
use dcNsProcess;
use Dotclear\Core\Process;
class Backend extends dcNsProcess
class Backend extends Process
{
public static function init(): bool
{
static::$init = defined('DC_CONTEXT_ADMIN');
return static::$init;
return self::status(My::checkContext(My::BACKEND));
}
public static function process(): bool
{
if (!static::$init || is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog) || is_null(dcCore::app()->adminurl)) {
if (!self::status()) {
return false;
}
// add backend sidebar menu icon
if ((dcCore::app()->menu[dcAdmin::MENU_PLUGINS] instanceof dcMenu)) {
dcCore::app()->menu[dcAdmin::MENU_PLUGINS]->addItem(
My::name(),
dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
dcPage::getPF(My::id() . '/icon.svg'),
preg_match('/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.' . My::id())) . '(&.*)?$/', $_SERVER['REQUEST_URI']),
dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
My::PERMISSION,
]), dcCore::app()->blog->id)
);
}
My::addBackendMenuItem();
return true;
}

View File

@ -16,20 +16,18 @@ namespace Dotclear\Plugin\httpPassword;
use dcCore;
use dcLog;
use dcNsProcess;
use Dotclear\Core\Process;
class Frontend extends dcNsProcess
class Frontend extends Process
{
public static function init(): bool
{
static::$init = defined('DC_RC_PATH');
return static::$init;
return self::status(My::checkContext(My::FRONTEND));
}
public static function process(): bool
{
if (!static::$init || !Utils::isActive()) {
if (!self::status() || !Utils::isActive()) {
return false;
}

View File

@ -15,30 +15,25 @@ declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
use dcNsProcess;
use Dotclear\Core\Process;
use Exception;
class Install extends dcNsProcess
class Install extends Process
{
public static function init(): bool
{
if (defined('DC_CONTEXT_ADMIN')) {
$version = dcCore::app()->plugins->moduleInfo(My::id(), 'version');
static::$init = is_string($version) ? dcCore::app()->newVersion(My::id(), $version) : true;
}
return static::$init;
return self::status(My::checkContext(My::INSTALL));
}
public static function process(): bool
{
if (!static::$init || is_null(dcCore::app()->blog)) {
if (!self::status()) {
return false;
}
try {
// Set settings
$s = dcCore::app()->blog->settings->get(My::id());
$s = My::settings();
$s->put('active', false, 'boolean', 'Enable plugin', false, false);
$s->put('crypt', 'crypt_md5', 'string', 'Crypt algorithm', false, false);
$s->put('message', 'Private space', 'String', 'Personalized message on Authentication popup', false, false);

View File

@ -15,8 +15,11 @@ declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
use dcNsProcess;
use dcPage;
use Dotclear\Core\Backend\{
Notices,
Page
};
use Dotclear\Core\Process;
use Dotclear\Helper\Date;
use Dotclear\Helper\Html\Html;
use Dotclear\Helper\Html\Form\{
@ -36,30 +39,21 @@ use Dotclear\Helper\Html\Form\{
/**
* Manage contributions list
*/
class Manage extends dcNsProcess
class Manage extends Process
{
public static function init(): bool
{
static::$init = defined('DC_CONTEXT_ADMIN')
&& !is_null(dcCore::app()->auth) && !is_null(dcCore::app()->blog) // nullsafe
&& dcCore::app()->auth->check(
dcCore::app()->auth->makePermissions([
My::PERMISSION,
]),
dcCore::app()->blog->id
);
return static::$init;
return self::status(My::checkContext(My::MANAGE));
}
public static function process(): bool
{
if (!static::$init || is_null(dcCore::app()->blog) || is_null(dcCore::app()->adminurl)) {
if (!self::status() || is_null(dcCore::app()->blog)) {
return false;
}
if (!Utils::isWritable()) {
dcPage::addWarningNotice(
Notices::addWarningNotice(
__('No write permissions on blogs directories.')
);
}
@ -72,21 +66,18 @@ class Manage extends dcNsProcess
// save settings
if ('savesettings' == $action) {
$s = dcCore::app()->blog->settings->get(My::id());
$s = My::settings();
$s->put('active', !empty($_POST['active']));
$s->put('crypt', in_array((string) $_POST['crypt'], My::cryptCombo()) ? $_POST['crypt'] : 'paintext');
$s->put('message', (string) $_POST['message']);
dcCore::app()->blog->triggerBlog();
dcPage::addSuccessNotice(
Notices::addSuccessNotice(
__('Settings successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . My::id(),
['part' => $part]
);
My::redirect(['part' => $part]);
}
// delete users logins
@ -99,14 +90,11 @@ class Manage extends dcNsProcess
}
$logs = dcCore::app()->log->delLogs($ids);
dcPage::addSuccessNotice(
Notices::addSuccessNotice(
__('Logs successfully cleared.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . My::id(),
['part' => $part]
);
My::redirect(['part' => $part]);
}
}
@ -144,14 +132,11 @@ class Manage extends dcNsProcess
dcCore::app()->blog->triggerBlog();
dcPage::addSuccessNotice(
Notices::addSuccessNotice(
__('Logins successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . My::id(),
['part' => $part]
);
My::redirect(['part' => $part]);
}
return true;
@ -159,33 +144,33 @@ class Manage extends dcNsProcess
public static function render(): void
{
if (!static::$init || is_null(dcCore::app()->blog) || is_null(dcCore::app()->adminurl)) {
if (!self::status() || is_null(dcCore::app()->blog)) {
return;
}
$part = self::getSection();
dcPage::openModule(
Page::openModule(
My::name(),
dcPage::jsPageTabs() .
dcPage::jsModuleLoad(My::id() . '/js/backend.js')
Page::jsPageTabs() .
My::jsLoad('backend')
);
echo
dcPage::breadcrumb([
Page::breadcrumb([
__('Plugins') => '',
My::name() => dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
My::name() => My::manageUrl(),
array_search($part, My::sectionCombo()) => '',
]) .
dcPage::notices() .
Notices::getNotices() .
// Filters select menu list
(new Form('section_menu'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id()))->method('get')->fields([
(new Form('section_menu'))->action(My::manageUrl())->method('get')->fields([
(new Para())->class('anchor-nav')->items([
(new Label(__('Select section:')))->for('part')->class('classic'),
(new Select('part'))->default($part)->items(My::sectionCombo()),
(new Submit(['go']))->value(__('Ok')),
(new Hidden(['p'], My::id())),
... My::hiddenFields(),
]),
])->render() .
@ -194,7 +179,7 @@ class Manage extends dcNsProcess
// settigns form
if ('settings' == $part) {
echo
(new Form('section_settings'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'settings']))->method('post')->fields([
(new Form('section_settings'))->action(My::manageUrl())->method('post')->fields([
// active
(new Para())->items([
(new Checkbox('active', Utils::isActive()))->value(1),
@ -215,8 +200,7 @@ class Manage extends dcNsProcess
(new Div())->class('clear')->items([
(new Submit(['save']))->value(__('Save')),
(new Hidden(['action'], 'savesettings')),
(new Hidden(['part'], $part)),
dcCore::app()->formNonce(false),
... My::hiddenFields(['part' => $part]),
]),
])->render();
}
@ -229,12 +213,13 @@ class Manage extends dcNsProcess
'<p>' . __('Logins history is empty.') . '</p>';
} else {
echo
(new Form('section_logins'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'logins']))->method('post')->fields([
(new Form('section_logins'))->action(My::manageUrl())->method('post')->fields([
(new Para())->items([
(new Submit(['save']))->value(__('Clear logs')),
(new Hidden(['action'], 'savelogins')),
(new Hidden(['part'], $part)),
dcCore::app()->formNonce(false),
... My::hiddenFields([
'action' => 'savelogins',
'part' => $part,
]),
]),
])->render() .
@ -285,7 +270,7 @@ class Manage extends dcNsProcess
}
echo
(new Form('section_passwords'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
(new Form('section_passwords'))->action(My::manageUrl())->method('post')->fields([
(new Text(
'',
'<div class="table-outer"><table>' .
@ -300,15 +285,14 @@ class Manage extends dcNsProcess
)),
(new Para())->items([
(new Hidden(['action'], 'savepasswords')),
(new Hidden(['part'], $part)),
dcCore::app()->formNonce(false),
... My::hiddenFields(['part' => $part]),
]),
])->render();
}
// new login form
echo
(new Form('section_new'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
(new Form('section_new'))->action(My::manageUrl())->method('post')->fields([
(new Text('h3', Html::escapeHTML(__('Add a user')))),
// login
(new Para())->items([
@ -322,14 +306,15 @@ class Manage extends dcNsProcess
]),
(new Para())->items([
(new Submit(['add']))->value(__('Save')),
(new Hidden(['action'], 'savepasswords')),
(new Hidden(['part'], $part)),
dcCore::app()->formNonce(false),
... My::hiddenFields([
'action' => 'savepasswords',
'part' => $part,
]),
]),
])->render();
}
dcPage::closeModule();
Page::closeModule();
}
/**

View File

@ -14,45 +14,16 @@ declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
use Dotclear\Module\MyPlugin;
/**
* This module definitions.
*/
class My
class My extends MyPlugin
{
/** @var string This plugin permissions */
public const PERMISSION = 'httpPassword';
/** @var string Passwords file name */
public const FILE_PASSWORD = '.htpasswd';
/**
* This module id.
*/
public static function id(): string
{
return basename(dirname(__DIR__));
}
/**
* This module name.
*/
public static function name(): string
{
$name = dcCore::app()->plugins->moduleInfo(self::id(), 'name');
return __(is_string($name) ? $name : self::id());
}
/**
* This module path.
*/
public static function path(): string
{
return dirname(__DIR__);
}
/**
* Encryption methods combo.
*

View File

@ -1,43 +0,0 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
use dcNsProcess;
class Prepend extends dcNsProcess
{
public static function init(): bool
{
static::$init = true;
return static::$init;
}
public static function process(): bool
{
if (!static::$init || is_null(dcCore::app()->auth)) {
return false;
}
// register module permission
dcCore::app()->auth->setPermissionType(
My::PERMISSION,
__('Manage http password blog protection')
);
return true;
}
}

View File

@ -15,21 +15,19 @@ declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
use dcNsProcess;
use Dotclear\Core\Process;
use Dotclear\Plugin\Uninstaller\Uninstaller;
class Uninstall extends dcNsProcess
class Uninstall extends Process
{
public static function init(): bool
{
static::$init = defined('DC_CONTEXT_ADMIN');
return static::$init;
return self::status(My::checkContext(My::UNINSTALL));
}
public static function process(): bool
{
if (!static::$init || !dcCore::app()->plugins->moduleExists('Uninstaller')) {
if (!self::status() || !dcCore::app()->plugins->moduleExists('Uninstaller')) {
return false;
}

View File

@ -88,7 +88,7 @@ class Utils
*/
public static function isActive(): bool
{
return !is_null(dcCore::app()->blog) && (bool) dcCore::app()->blog->settings->get(My::id())->get('active');
return (bool) My::settings()->get('active');
}
/**
@ -98,7 +98,7 @@ class Utils
*/
public static function cryptMethod(): string
{
return !is_null(dcCore::app()->blog) && is_string(dcCore::app()->blog->settings->get(My::id())->get('crypt')) ? dcCore::app()->blog->settings->get(My::id())->get('crypt') : '';
return is_string(My::settings()->get('crypt')) ? My::settings()->get('crypt') : '';
}
/**
@ -108,7 +108,7 @@ class Utils
*/
public static function httpMessage(): string
{
return !is_null(dcCore::app()->blog) && is_string(dcCore::app()->blog->settings->get(My::id())->get('message')) ? dcCore::app()->blog->settings->get(My::id())->get('message') : '';
return is_string(My::settings()->get('message')) ? My::settings()->get('message') : '';
}
/**