porting my patches to v7

security/class.atksecuritymanager.inc

@@ -133,9 +133,6 @@ class atkSecurityManager
         // required interface;
         atkimport("atk.security.auth_interface");
 
-        //$this->addListener(atknew('atk.security.atksecuritylistener'));
-        //$this->addListener(atknew(atkconfig("security_listeners", "atk.security.atksecuritylistener")));
-
         $tmp_listeners = atkconfig("security_listeners", "atk.security.atksecuritylistener");
         if (is_array($tmp_listeners) && (count($tmp_listeners) > 0)) {
             foreach ($tmp_listeners as $listener_name) {
@@ -333,7 +330,8 @@ class atkSecurityManager
                     }
                     else {
                         $response = AUTH_MISMATCH;
-                        $this->notifyListeners("failedlogin", $auth_user);
+                        //AGX: we'll notify later
+                        //$this->notifyListeners("failedlogin", $auth_user);
                     }
                 }
 
@@ -361,41 +359,6 @@ class atkSecurityManager
                         $this->m_user['AUTH'] = $authname; // something to see wich auth scheme is used
                         if (atkconfig("enable_ssl_encryption"))
                                 $this->m_user['PASS'] = $auth_pw; // used by aktsecurerelation to decrypt an linkpass
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
 // for convenience, we also store the user as a global variable.
                         (is_array($this->m_user['level'])) ? $dbg = implode(",", $this->m_user['level']) : $dbg = $this->m_user['level'];
                         atkdebug("Logged in user: " . $this->m_user["name"] . " (level: " . $dbg . ")");
@@ -463,6 +426,23 @@ class atkSecurityManager
             }
         }
 
+        // NOTIFY SECURITY LISTENERS
+		// Output user agent data so we can use Fail2Ban to block brute force attack
+        $ip = filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_VALIDATE_IP);
+        $user = filter_var($auth_user, FILTER_SANITIZE_STRING);
+        $web = filter_input(INPUT_SERVER, 'HTTP_HOST', FILTER_SANITIZE_STRING);
+        $ua = filter_input(INPUT_SERVER, 'HTTP_USER_AGENT');
+        if ($response == AUTH_SUCCESS) {
+            $this->log(1, 'successfull Login "' . $user . '" from "' . $ip . '" for "' . $web . '"');
+            $this->notifyListeners("successfullLogin", $auth_user);
+        } else {
+            // Skip if Username is empty (when user press CTRL+R or reload in the browser)
+            if ($user != '') {
+                $this->log(1, 'failed Login "' . $user . '" from "' . $ip . '" for "' . $web . '" with "' . $ua . '"');
+                $this->notifyListeners("failedLogin", $auth_user);
+            }
+        }
+
         // if there was an error, drop out.
         if ($this->m_fatalError != "") {
             return false;

ui/class.atkpage.inc

@@ -582,7 +582,8 @@ class atkPage
     function render($title = null, $flags = HTML_STRICT, $extrabodyprops = "", $extra_header = "")
     {
         if ($title == null) {
-            $title = $this->m_title;
+			// AGX: fix empty title for homepage/dashboard
+            $title = $this->m_title != "" ? $this->m_title : atkText('app_title');
         }
 
         $ui = &atkinstance('atk.ui.atkui');

utils/class.atkselector.inc

@@ -349,8 +349,9 @@ class atkSelector implements ArrayAccess, Countable, IteratorAggregate
      */
     protected function _applyPostedSearchMethodToQuery(atkQuery $query)
     {
-        if (isset($this->m_postvars['atksearchmethod'])) {
-            $query->setSearchMethod($this->m_postvars['atksearchmethod']);
+        // fix missing _getNode() since $this does noe have any m_postvars method itself
+        if (isset($this->_getNode()->m_postvars['atksearchmethod'])) {
+            $query->setSearchMethod($this->_getNode()->m_postvars['atksearchmethod']);
         }
     }