Merge branch 'alextselegidis:develop' into develop
This commit is contained in:
commit
89cff93600
|
@ -178,3 +178,21 @@ if (!function_exists('slot')) {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!function_exists('pure_html')) {
|
||||
/**
|
||||
* Use this function in order to render HTML that comes from a text editor or similar, but strip the JS from it.
|
||||
*
|
||||
* @param string $markup
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function pure_html(string $markup): string
|
||||
{
|
||||
$config = HTMLPurifier_Config::createDefault();
|
||||
|
||||
$purifier = new HTMLPurifier($config);
|
||||
|
||||
return $purifier->purify($markup);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -38,34 +38,6 @@ class Ldap_client
|
|||
$this->CI->load->library('accounts');
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate the provided password with an LDAP hashed password.
|
||||
*
|
||||
* @param string $password
|
||||
* @param string $hashed_password
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function validate_password(string $password, string $hashed_password): bool
|
||||
{
|
||||
if (empty($hashed_password) || ($hashed_password[0] !== '{' && $password === $hashed_password)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (str_starts_with($hashed_password, '{MD5}')) {
|
||||
$encrypted_password = '{MD5}' . base64_encode(md5($password, true));
|
||||
} elseif (str_starts_with($hashed_password, '{SHA1}')) {
|
||||
$encrypted_password = '{SHA}' . base64_encode(sha1($password, true));
|
||||
} elseif (str_starts_with($hashed_password, '{SSHA}')) {
|
||||
$salt = substr(base64_decode(substr($hashed_password, 6)), 20);
|
||||
$encrypted_password = '{SSHA}' . base64_encode(sha1($password . $salt, true) . $salt);
|
||||
} else {
|
||||
throw new RuntimeException('Unsupported password hash format');
|
||||
}
|
||||
|
||||
return $hashed_password === $encrypted_password;
|
||||
}
|
||||
|
||||
/**
|
||||
* Try authenticating the user with LDAP
|
||||
*
|
||||
|
@ -97,52 +69,19 @@ class Ldap_client
|
|||
$user = $this->CI->accounts->get_user_by_username($username);
|
||||
|
||||
if (empty($user['ldap_dn'])) {
|
||||
return null;
|
||||
return null; // User does not exist in Easy!Appointments
|
||||
}
|
||||
|
||||
// Connect to LDAP server
|
||||
|
||||
$host = setting('ldap_host');
|
||||
$port = (int) setting('ldap_port');
|
||||
$user_dn = setting('ldap_user_dn');
|
||||
$ldap_password = setting('ldap_password');
|
||||
|
||||
$connection = @ldap_connect($host, $port);
|
||||
|
||||
if (!$connection) {
|
||||
throw new Exception('Could not connect to LDAP server: ' . @ldap_error($connection));
|
||||
}
|
||||
$ldap_host = setting('ldap_host');
|
||||
$ldap_port = (int) setting('ldap_port');
|
||||
|
||||
$connection = @ldap_connect($ldap_host, $ldap_port);
|
||||
@ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
@ldap_set_option($connection, LDAP_OPT_REFERRALS, 0); // We need this for doing an LDAP search.
|
||||
|
||||
$bind = @ldap_bind($connection, $user_dn, $ldap_password);
|
||||
|
||||
if (!$bind) {
|
||||
throw new Exception('LDAP bind failed: ' . @ldap_error($connection));
|
||||
}
|
||||
|
||||
// Check the provided password against the LDAP service
|
||||
|
||||
$filter = '(objectclass=*)';
|
||||
|
||||
$result = @ldap_search($connection, $user['ldap_dn'], $filter);
|
||||
|
||||
if (!$result) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$ldap_entries = @ldap_get_entries($connection, $result);
|
||||
|
||||
foreach ($ldap_entries as $ldap_entry) {
|
||||
if (!is_array($ldap_entry) || empty($ldap_entry['dn']) || $ldap_entry['dn'] !== $user['ldap_dn']) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (!$this->validate_password($password, $ldap_entry['userpassword'][0])) {
|
||||
continue;
|
||||
}
|
||||
$user_bind = @ldap_bind($connection, $user['ldap_dn'], $password);
|
||||
|
||||
if ($user_bind) {
|
||||
$role = $this->CI->roles_model->find($user['id_roles']);
|
||||
|
||||
$default_timezone = $this->CI->timezones->get_default_timezone();
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<p><?= e($cookie_notice_content) ?></p>
|
||||
<?= pure_html($cookie_notice_content) ?>
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">
|
||||
|
|
|
@ -11,11 +11,10 @@
|
|||
<div class="modal-content">
|
||||
<div class="modal-header">
|
||||
<h4 class="modal-title"><?= lang('privacy_policy') ?></h4>
|
||||
<button type="button" class="btn-close" data-bs-dismiss="modal"><span aria-hidden="true"></span>
|
||||
</button>
|
||||
<button class="btn-close" data-bs-dismiss="modal"></button>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<p><?= e($privacy_policy_content) ?></p>
|
||||
<?= pure_html($privacy_policy_content) ?>
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<p><?= e($terms_and_conditions_content) ?></p>
|
||||
<?= pure_html($terms_and_conditions_content) ?>
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">
|
||||
|
|
|
@ -65,7 +65,7 @@ App.Pages.Booking = (function () {
|
|||
* Initialize the module.
|
||||
*/
|
||||
function initialize() {
|
||||
if (Boolean(Number(vars('display_cookie_notice')))) {
|
||||
if (Boolean(Number(vars('display_cookie_notice'))) && window?.cookieconsent) {
|
||||
cookieconsent.initialise({
|
||||
palette: {
|
||||
popup: {
|
||||
|
@ -426,11 +426,10 @@ App.Pages.Booking = (function () {
|
|||
});
|
||||
|
||||
// Scroll to the top of the page. On a small screen, especially on a mobile device, this is very useful.
|
||||
const scrollingElement = (document.scrollingElement || document.body);
|
||||
const scrollingElement = document.scrollingElement || document.body;
|
||||
if (window.innerHeight < scrollingElement.scrollHeight) {
|
||||
scrollingElement.scrollTop = 0;
|
||||
}
|
||||
|
||||
});
|
||||
|
||||
/**
|
||||
|
|
|
@ -40,7 +40,8 @@
|
|||
"monolog/monolog": "^2.8.0",
|
||||
"google/apiclient": "^2.12.6",
|
||||
"guzzlehttp/guzzle": "^7.5.0",
|
||||
"sabre/vobject": "^4.5"
|
||||
"sabre/vobject": "^4.5",
|
||||
"ezyang/htmlpurifier": "^4.17"
|
||||
},
|
||||
"require-dev": {
|
||||
"roave/security-advisories": "dev-master",
|
||||
|
|
|
@ -4,8 +4,69 @@
|
|||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||
"This file is @generated automatically"
|
||||
],
|
||||
"content-hash": "42334bbe254b633b82b51280317f82a9",
|
||||
"content-hash": "f9e5d7652965f4a744ffe0112e9e419c",
|
||||
"packages": [
|
||||
{
|
||||
"name": "ezyang/htmlpurifier",
|
||||
"version": "v4.17.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/ezyang/htmlpurifier.git",
|
||||
"reference": "bbc513d79acf6691fa9cf10f192c90dd2957f18c"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/bbc513d79acf6691fa9cf10f192c90dd2957f18c",
|
||||
"reference": "bbc513d79acf6691fa9cf10f192c90dd2957f18c",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"php": "~5.6.0 || ~7.0.0 || ~7.1.0 || ~7.2.0 || ~7.3.0 || ~7.4.0 || ~8.0.0 || ~8.1.0 || ~8.2.0 || ~8.3.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"cerdic/css-tidy": "^1.7 || ^2.0",
|
||||
"simpletest/simpletest": "dev-master"
|
||||
},
|
||||
"suggest": {
|
||||
"cerdic/css-tidy": "If you want to use the filter 'Filter.ExtractStyleBlocks'.",
|
||||
"ext-bcmath": "Used for unit conversion and imagecrash protection",
|
||||
"ext-iconv": "Converts text to and from non-UTF-8 encodings",
|
||||
"ext-tidy": "Used for pretty-printing HTML"
|
||||
},
|
||||
"type": "library",
|
||||
"autoload": {
|
||||
"files": [
|
||||
"library/HTMLPurifier.composer.php"
|
||||
],
|
||||
"psr-0": {
|
||||
"HTMLPurifier": "library/"
|
||||
},
|
||||
"exclude-from-classmap": [
|
||||
"/library/HTMLPurifier/Language/"
|
||||
]
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"LGPL-2.1-or-later"
|
||||
],
|
||||
"authors": [
|
||||
{
|
||||
"name": "Edward Z. Yang",
|
||||
"email": "admin@htmlpurifier.org",
|
||||
"homepage": "http://ezyang.com"
|
||||
}
|
||||
],
|
||||
"description": "Standards compliant HTML filter written in PHP",
|
||||
"homepage": "http://htmlpurifier.org/",
|
||||
"keywords": [
|
||||
"html"
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/ezyang/htmlpurifier/issues",
|
||||
"source": "https://github.com/ezyang/htmlpurifier/tree/v4.17.0"
|
||||
},
|
||||
"time": "2023-11-17T15:01:25+00:00"
|
||||
},
|
||||
{
|
||||
"name": "firebase/php-jwt",
|
||||
"version": "v6.10.0",
|
||||
|
@ -4215,7 +4276,7 @@
|
|||
"prefer-stable": false,
|
||||
"prefer-lowest": false,
|
||||
"platform": {
|
||||
"php": ">=8.0",
|
||||
"php": ">=8.1",
|
||||
"ext-curl": "*",
|
||||
"ext-json": "*",
|
||||
"ext-mbstring": "*",
|
||||
|
|
Loading…
Reference in New Issue