[geeklog-cvs] geeklog: Allow empty database passwords only for local installs ...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Sun Mar 21 15:32:39 EDT 2010
changeset 7822:1c21fd923607
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/1c21fd923607
user: Dirk Haun <dirk at haun-online.de>
date: Sun Mar 21 20:26:33 2010 +0100
description:
Allow empty database passwords only for local installs (bug #0000923, patch provided by Chetan)
diffstat:
public_html/admin/install/index.php | 6 +++++-
public_html/admin/install/language/english.php | 3 ++-
public_html/admin/install/lib-install.php | 24 ++++++++++++++++--------
public_html/docs/history | 3 ++-
4 files changed, 25 insertions(+), 11 deletions(-)
diffs (81 lines):
diff -r 125ae60f37bd -r 1c21fd923607 public_html/admin/install/index.php
--- a/public_html/admin/install/index.php Sun Mar 21 18:27:49 2010 +0100
+++ b/public_html/admin/install/index.php Sun Mar 21 20:26:33 2010 +0100
@@ -222,7 +222,11 @@
$display .= '<h2>' . $LANG_INSTALL[104] . '</h2><p>'
. $LANG_INSTALL[105] . '</p>'
. INST_showReturnFormData($_POST) . LB;
-
+ // Check for blank password in production environment
+ } else if (!INST_dbPasswordCheck($site_url, $DB)) {
+ $display .= '<h2>' . $LANG_INSTALL[54] . '</h2><p>'
+ . $LANG_INSTALL[107] . '</p>'
+ . INST_showReturnFormData($_POST) . LB;
// Check if we can connect to the database
} else if (!INST_dbConnect($DB)) {
$display .= '<h2>' . $LANG_INSTALL[54] . '</h2><p>'
diff -r 125ae60f37bd -r 1c21fd923607 public_html/admin/install/language/english.php
--- a/public_html/admin/install/language/english.php Sun Mar 21 18:27:49 2010 +0100
+++ b/public_html/admin/install/language/english.php Sun Mar 21 20:26:33 2010 +0100
@@ -155,7 +155,8 @@
103 => 'and configure additional plugins',
104 => 'Incorrect Admin Directory Path',
105 => 'Sorry, but the admin directory path you entered does not appear to be correct. Please go back and try again.',
- 106 => 'PostgreSQL'
+ 106 => 'PostgreSQL',
+ 107 => 'Database Password is required for production environments.'
);
// +---------------------------------------------------------------------------+
diff -r 125ae60f37bd -r 1c21fd923607 public_html/admin/install/lib-install.php
--- a/public_html/admin/install/lib-install.php Sun Mar 21 18:27:49 2010 +0100
+++ b/public_html/admin/install/lib-install.php Sun Mar 21 20:26:33 2010 +0100
@@ -440,13 +440,6 @@
*/
function INST_dbConnect($db)
{
- /**
- * temp. "fix", see http://project.geeklog.net/tracking/view.php?id=923
- *
- if (empty($db['pass'])) {
- return false;
- }
- */
$db_handle = false;
switch ($db['type']) {
case 'mysql-innodb':
@@ -1276,5 +1269,20 @@
return $retval;
}
-
+/**
+* Check for blank database password in production environment
+*
+* @param array $db Database information
+* @param string $site_url The site's URL
+* @return boolean True if password is set or it is a local server
+*
+*/
+function INST_dbPasswordCheck($site_url, $db)
+{
+ if (!empty($db['pass']) || (isset($site_url) && (strpos($site_url, '127.0.0.1') !== false) || (strpos($site_url, 'localhost') !== false))) {
+ return true;
+ } else {
+ return false;
+ }
+}
?>
diff -r 125ae60f37bd -r 1c21fd923607 public_html/docs/history
--- a/public_html/docs/history Sun Mar 21 18:27:49 2010 +0100
+++ b/public_html/docs/history Sun Mar 21 20:26:33 2010 +0100
@@ -3,7 +3,8 @@
Apr ??, 2010 (1.6.2)
------------
-- Allow empty database passwords again for now (cf. bug #0000923)
+- Allow empty database passwords only for local installs (bug #0000923, patch
+ provided by Chetan)
- New Plugin API PLG_getWhatsNewComment for adding comments from plugins to the
Whats New Block and the User Profile page (feature request #0000835) [Tom]
- Truncated stories in Feeds now will have any open html tags closed.
More information about the geeklog-cvs
mailing list