Prepare 3.8.2 release

administrator/manifests/files/joomla.xml

@@ -6,7 +6,7 @@
 	<authorUrl>www.joomla.org</authorUrl>
 	<copyright>(C) 2005 - 2017 Open Source Matters. All rights reserved</copyright>
 	<license>GNU General Public License version 2 or later; see LICENSE.txt</license>
-	<version>3.8.2-dev</version>
+	<version>3.8.2</version>
 	<creationDate>November 2017</creationDate>
 	<description>FILES_JOOMLA_XML_DESCRIPTION</description>
 

components/com_fields/fields.php

@@ -2,14 +2,29 @@
 /**
  * @package     Joomla.Site
  * @subpackage  com_fields
- * 
+ *
  * @copyright   Copyright (C) 2005 - 2017 Open Source Matters, Inc. All rights reserved.
  * @license     GNU General Public License version 2 or later; see LICENSE.txt
  */
 defined('_JEXEC') or die;
 
 JLoader::register('FieldsHelper', JPATH_ADMINISTRATOR . '/components/com_fields/helpers/fields.php');
 
+$input   = JFactory::getApplication()->input;
+$context = JFactory::getApplication()->getUserStateFromRequest('com_fields.fields.context', 'context', 'com_content.article', 'CMD');
+$parts   = FieldsHelper::extract($context);
+
+if ($input->get('view') === 'fields' && $input->get('layout') === 'modal')
+{
+	if (!JFactory::getUser()->authorise('core.create', $parts[0])
+		|| !JFactory::getUser()->authorise('core.edit', $parts[0]))
+	{
+		JFactory::getApplication()->enqueueMessage(JText::_('JERROR_ALERTNOAUTHOR'), 'error');
+
+		return;
+	}
+}
+
 $controller = JControllerLegacy::getInstance('Fields');
-$controller->execute(JFactory::getApplication()->input->get('task'));
+$controller->execute($input->get('task'));
 $controller->redirect();

libraries/src/Version.php

@@ -60,7 +60,7 @@ final class Version
 	 * @var    string
 	 * @since  3.8.0
 	 */
-	const EXTRA_VERSION = 'dev';
+	const EXTRA_VERSION = '';
 
 	/**
 	 * Release version.
@@ -78,15 +78,15 @@ final class Version
 	 * @since  3.5
 	 * @deprecated  4.0  Use separated version constants instead
 	 */
-	const DEV_LEVEL = '2-dev';
+	const DEV_LEVEL = '2';
 
 	/**
 	 * Development status.
 	 *
 	 * @var    string
 	 * @since  3.5
 	 */
-	const DEV_STATUS = 'Development';
+	const DEV_STATUS = 'Stable';
 
 	/**
 	 * Build number.
@@ -111,15 +111,15 @@ final class Version
 	 * @var    string
 	 * @since  3.5
 	 */
-	const RELDATE = '4-November-2017';
+	const RELDATE = '7-November-2017';
 
 	/**
 	 * Release time.
 	 *
 	 * @var    string
 	 * @since  3.5
 	 */
-	const RELTIME = '16:00';
+	const RELTIME = '15:00';
 
 	/**
 	 * Release timezone.

plugins/authentication/joomla/joomla.php

@@ -184,6 +184,9 @@ public function onUserAuthenticate($credentials, $options, &$response)
 						 * user has used them all up. Therefore anything they enter is
 						 * an invalid OTEP.
 						 */
+						$response->status        = JAuthentication::STATUS_FAILURE;
+						$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_SECRETKEY');
+
 						return;
 					}
 				}

plugins/authentication/ldap/ldap.php

@@ -45,7 +45,7 @@ public function onUserAuthenticate($credentials, $options, &$response)
 		if (empty($credentials['password']))
 		{
 			$response->status = JAuthentication::STATUS_FAILURE;
-			$response->error_message = JText::_('JGLOBAL_AUTH_PASS_BLANK');
+			$response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
 
 			return false;
 		}
@@ -84,12 +84,13 @@ public function onUserAuthenticate($credentials, $options, &$response)
 				if ($bindtest)
 				{
 					// Search for users DN
-					$binddata = $ldap->simple_search(
+					$binddata = $this->searchByString(
 						str_replace(
 							'[search]',
-							$ldap->escape($credentials['username'], null, LDAP_ESCAPE_FILTER),
+							str_replace(';', '\3b', $ldap->escape($credentials['username'], null, LDAP_ESCAPE_FILTER)),
 							$this->params->get('search_string')
-						)
+						),
+						$ldap
 					);
 
 					if (isset($binddata[0], $binddata[0]['dn']))
@@ -103,7 +104,7 @@ public function onUserAuthenticate($credentials, $options, &$response)
 					else
 					{
 						$response->status = JAuthentication::STATUS_FAILURE;
-						$response->error_message = JText::_('JGLOBAL_AUTH_USER_NOT_FOUND');
+						$response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
 					}
 				}
 				else
@@ -120,18 +121,19 @@ public function onUserAuthenticate($credentials, $options, &$response)
 
 				if ($success)
 				{
-					$userdetails = $ldap->simple_search(
+					$userdetails = $this->searchByString(
 						str_replace(
 							'[search]',
-							$ldap->escape($credentials['username'], null, LDAP_ESCAPE_FILTER),
+							str_replace(';', '\3b', $ldap->escape($credentials['username'], null, LDAP_ESCAPE_FILTER)),
 							$this->params->get('search_string')
-						)
+						),
+						$ldap
 					);
 				}
 				else
 				{
 					$response->status = JAuthentication::STATUS_FAILURE;
-					$response->error_message = JText::_('JGLOBAL_AUTH_BIND_FAILED');
+					$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
 				}
 			}	break;
 		}
@@ -142,7 +144,7 @@ public function onUserAuthenticate($credentials, $options, &$response)
 
 			if ($response->error_message === '')
 			{
-				$response->error_message = JText::_('JGLOBAL_AUTH_INCORRECT');
+				$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
 			}
 		}
 		else
@@ -174,4 +176,29 @@ public function onUserAuthenticate($credentials, $options, &$response)
 
 		$ldap->close();
 	}
+
+	/**
+	 * Shortcut method to build a LDAP search based on a semicolon separated string
+	 *
+	 * Note that this method requires that semicolons which should be part of the search term to be escaped
+	 * to correctly split the search string into separate lookups
+	 *
+	 * @param   string      $search  search string of search values
+	 * @param   LdapClient  $ldap    The LDAP client
+	 *
+	 * @return  array  Search results
+	 *
+	 * @since   3.8.2
+	 */
+	private function searchByString($search, LdapClient $ldap)
+	{
+		$results = explode(';', $search);
+
+		foreach ($results as $key => $result)
+		{
+			$results[$key] = '(' . str_replace('\3b', ';', $result) . ')';
+		}
+
+		return $ldap->search($results);
+	}
 }