Commits on Jul 13, 2013
  1. users auth: Fix harmless PHP warning on login (#848)

    "Undefined variable: user"
    PasswordHash doesn't need to know $user->password_iterations when checking
    passwords, so we can just get rid of it.  (The saved hash already includes
    this information).
    sourcejedi committed Jul 13, 2013
  2. Fix install where "\" is used as path separator (Windows) - #845

    Backslashes are special in the replacement argument of preg_replace().
    So we shouldn't pass it a full path.  We can still use preg_replace()
    to remove a segment at the start/end of a path, then we can concatenate
    the new segment(s) ourself.
    sourcejedi committed Jul 13, 2013
Commits on Apr 20, 2013
Commits on Apr 11, 2013
  1. database controller: CSRF cleanup

    These might have been exploitable to DoS the database.
    Or in the case of get_backup(), cause strange things to happen by
    reading from an arbitrary device file.
    sourcejedi committed Apr 10, 2013
  2. migrations controller: fix CSRF vulnerability

    I must have forgotten about migrate_to() at some point during the audit.
    migrate_module() wasn't vulnerable.  But we should make that _obvious_ by
    making it look the same.  (It may have been why I forgot about migrate_to).
    sourcejedi committed Apr 10, 2013
  3. migrations controller migrate_to: fix one error message

    Don't overwrite the error message if migrations fail!
    The error case is probably still broken generally, see #757, but this part
    is an obvious coding error.
    sourcejedi committed Apr 11, 2013
  4. gitignore: install/logs/*

    (Currently they only appear if you've created that directory yourself
    for development purposes.  But I have, and it was cluttering my IDE).
    sourcejedi committed Apr 10, 2013
  5. Merge pull request #790 from LeonardoCaitano/patch-1

    Small fixes for portuguese_br
    sourcejedi committed Apr 11, 2013
  6. Merge pull request #791 from LeonardoCaitano/patch-2

    Small fixes for portuguese_br
    sourcejedi committed Apr 11, 2013
Commits on Apr 10, 2013
  1. users controller: don't use non-existent lang('us_activate_error_msg')

    It was largely covered by 'us_err_activate_code' already.
    This avoids a "FIXME ('us_activate_error_msg')" appearing (from the revised
    language class).
    sourcejedi committed Apr 10, 2013
  2. user activation: don't put emails in urls, CI forbids it (issue #785)

    CI has a mandatory error "The URI you submitted has disallowed characters"
    for certain characters.  Email addresses can contain lots of characters,
    including at least one that CI doesn't like (I think it was '+').
    The activation URL used an email address to specify the user.  Use the
    user ID instead.
    sourcejedi committed Apr 10, 2013
  3. model->find_all(): remove "Invalid selection" error for empty results

    This generates log noise.  E.g. when visiting any page with the profiler
    turned out but without permission to view it
    DEBUG - 2013-04-10 09:07:17 --> Auth class initialized.
    DEBUG - 2013-04-10 09:07:17 --> Bonfire MY_Lang: Language file loaded: ../application/language/english/application_lang.php
    DEBUG - 2013-04-10 09:07:17 --> File loaded: /home/alan/php/Bonfire/bonfire/modules/permissions/models/permission_model.php
    DEBUG - 2013-04-10 09:07:17 --> Model Class Initialized
    DEBUG - 2013-04-10 09:07:17 --> File loaded: /home/alan/php/Bonfire/bonfire/modules/roles/models/role_permission_model.php
    DEBUG - 2013-04-10 09:07:17 --> Model Class Initialized
    DEBUG - 2013-04-10 09:07:17 --> [Role_permission_model: BF_Model::find_all] Invalid selection.
    5	0.2327	3504544	Base_Controller->__construct( )	../MY_Controller.php:183
    6	0.2494	3883288	has_permission( )	../MY_Controller.php:121
    7	0.2494	3883440	Auth->has_permission( )	../auth.php:978
    8	0.2543	3990520	Auth->load_role_permissions( )	../auth.php:490
    9	0.2544	3990776	Role_permission_model->find_for_role( )	../auth.php:580
    Supposedly it's simultaneouslly an unimportant debug message, and a
    user-facing error message that requires translation.  The message text
    looks equally unhelpful for either case.
    (The real WTF as they say, is that we're still forcing the caller to handle
    empty results as a special case, by returning FALSE.  And then not
    documenting how to distinguish this from a database error).
    sourcejedi committed Apr 10, 2013
  4. user_model->activate(): $code parameter is not optional

    PHP error messages are our friends.  They tell us developers when we've
    forgotten to pass a required parameter to a function.  They even give us a
    backtrace[1] that shows the exact file and line of the call that needs
    fixing.  Welcome the error messages, by ensuring required parameters do not
    have default values.
    [1] Backtraces may be void if suppressed by CodeIgniter's default error
    handler.  I'm getting them at the moment without modifications to CI...
    they are coming through xdebug though.
    Please do not re-implement PHP's own error messages and ask people to
    translate them into their native language.  Developers speak English,
    at least to the point of understanding the error messages of their
    programming language.
    (To be fair, there's an exception in the case of public methods on
    CodeIgniter _controllers_, which can cause some confusion.  With those
    methods the parameters are taken from URLs.  It's usual to provide default
    values to suppress PHP errors, and show something slightly less alarming to
    the unfortunate user).
    sourcejedi committed Apr 9, 2013
Commits on Apr 9, 2013
  1. emailer lib: remove incorrectly used errors array

    It was used correctly as an array in only 1 out of 5 places. The others
    would cause PHP errors when an email error was encountered, which is
    not very helpful.
    (I.e. there needed to be an easier way of printing the array - something
     like emailer->errors_as_html())
    sourcejedi committed Apr 9, 2013
  2. users model: don't try to insert NULL username; this field must be NO…

    …T NULL
    update() didn't try to do this.  Rip it out.
    This fixes a database error when creating users with an empty username,
    which is expected to work (if you've set auth.use_username=0).
    (We still don't support empty usernames properly, because it stops you
    editting users - issue #659).
    Thanks to @artlantis for pointing this out in issue #783.
    sourcejedi committed Apr 9, 2013
  3. users model: remove temp assignments to table/key that don't do anything

    Mentioned to us as issue #778, "Hardcoded table name"
    sourcejedi committed Apr 9, 2013
Commits on Apr 8, 2013
  1. commit fixed version of install code (issue #779)

    this was a mistake, the fix was supposed to be included as part of the
    original commit:
    "install: avoid accidentally re-creating installed.txt (issue #761)"
    sourcejedi committed Apr 8, 2013
Commits on Apr 5, 2013
  1. install: avoid accidentally re-creating installed.txt (issue #761)

    The installer pages aren't as paranoid / robust as they could be.
    This commit just tweaks one case that bit me.
    If you install, then remove installed.txt, then re-visit
    install/index.php/complete (which shows a fair amount of information you
    might have been interested in) - it causes installed.txt to be re-created.
    Move the code that creates installed.txt so it's somewhat less likely to
    be triggered.  With this tweak, you'd have to go back a second time to
    the "do_install" url (the method that creates the database, among other
    sourcejedi committed Apr 5, 2013
  2. install: change default DB driver to 'mysql' (see issue #765)

    The current version of CodeIgniter's 'mysqli' driver doesn't support the
    backup() method.
    sourcejedi committed Apr 4, 2013
Commits on Apr 4, 2013
  1. role model: prevent deleting default role

    Undesirable consequences of deleting the default role are mentioned in
    issue #767.
    sourcejedi committed Apr 4, 2013
  2. install: remove unreliable check for mod_rewrite (issue #772)

    Unfortunately this check doesn't appear to be reliable.  The information
    was provided by PHP's apache2handler.  I guess one explanation is that a
    different handler was being used (generic cgi/fastcgi).
    The removed comment may be confusing, so note that mod_rewrite is an
    Apache module and not a PHP extension :).
    sourcejedi committed Apr 4, 2013
Commits on Apr 3, 2013
  1. Don't disable username validation when !auth.use_usernames (issue #759)

    This would have allowed e.g. duplicating a username someone else had
    created, which could break logins (if auth.login_type was not
    set specifically to 'email').
    Also fix the username field to be required when
    auth.login_type == 'username' (even if auth.use_usernames is disabled).
    sourcejedi committed Apr 3, 2013
  2. install: update copies of models

    This looks like a lot but it's mainly changes in the style of function
    comments.  It shouldn't change the installer's behaviour at all.
    sourcejedi committed Apr 3, 2013
  3. permission model: remove no-op $purge parameter

    The permissions model does not have soft_deletes enabled, there is no
    deleted column, and nothing uses the state "deleted" either.  So this
    parameter has never worked, and in fact was never used.
    Remove the parameter so it doesn't give a false impression.
    sourcejedi committed Apr 3, 2013
Commits on Apr 2, 2013
  1. users auth library: remove duplicate field in $selects

    Pointed out in issue #773.
    sourcejedi committed Apr 2, 2013
Commits on Mar 29, 2013
  1. migrations library in installer: fix install() for non-core migrations

    Copy this regression fix to the installer.
    sourcejedi committed Mar 29, 2013
Commits on Mar 26, 2013
  1. install: remove reverse_writeable folders

    Obsoleted / should have removed at the same time I removed the initial
    chmod().  See
    sourcejedi committed Mar 26, 2013
  2. users module: simplify filter, fix #727 (can't use pagination with fi…

    CI pagination library doesn't link to urls with query strings.  But we were
    using query strings to set filter parameters :(.
    Simplify filter down to a single method parameter (i.e. a uri segment)
    instead.  This prevents combining first_letter filtering with another
    filter.  I think it's ok because the other filters will normally have quite
    a small subset of all users.
    So render_filter_first_letter() needed adapting away from query strings.
    The new version would have more parameters but be much shorter...
    out-of-tree uses would have to change significantly anwyay... and they'd
    be suffering from the same problem we had here.  I've just coded it inline
    for now, and dropped the old function.  I don't think it'll hurt for it
    to be copy+pasted a bit.
    sourcejedi committed Mar 26, 2013
Commits on Mar 25, 2013
  1. user controller index: consistently use uri->segment(5) to retrieve $…

    to match the way the parameter is passed to the pagination library
    (no behaviour change).
    sourcejedi committed Mar 25, 2013