Tatsuki SUGIURA
sugi****@users*****
2006年 7月 12日 (水) 20:41:50 JST
Index: slashjp/plugins/Login/PLUGIN diff -u slashjp/plugins/Login/PLUGIN:1.1 slashjp/plugins/Login/PLUGIN:1.2 --- slashjp/plugins/Login/PLUGIN:1.1 Fri Dec 31 21:36:50 2004 +++ slashjp/plugins/Login/PLUGIN Wed Jul 12 20:41:50 2006 @@ -1,4 +1,4 @@ -# $Id: PLUGIN,v 1.1 2004/12/31 12:36:50 oliver Exp $ +# $Id: PLUGIN,v 1.2 2006/07/12 11:41:50 sugi Exp $ name=Login description="Login system for users" htdoc=login.pl Index: slashjp/plugins/Login/login.pl diff -u slashjp/plugins/Login/login.pl:1.2 slashjp/plugins/Login/login.pl:1.3 --- slashjp/plugins/Login/login.pl:1.2 Fri Dec 31 21:36:50 2004 +++ slashjp/plugins/Login/login.pl Wed Jul 12 20:41:50 2006 @@ -1,8 +1,8 @@ #!/usr/bin/perl -w # This code is a part of Slash, and is released under the GPL. -# Copyright 1997-2004 by Open Source Development Network. See README +# Copyright 1997-2005 by Open Source Technology Group. See README # and COPYING for more information, or see http://slashcode.com/. -# $Id: login.pl,v 1.2 2004/12/31 12:36:50 oliver Exp $ +# $Id: login.pl,v 1.3 2006/07/12 11:41:50 sugi Exp $ use strict; use Slash 2.003; @@ -12,7 +12,7 @@ use Slash::XML; use vars qw($VERSION); -($VERSION) = ' $Revision: 1.2 $ ' =~ /\$Revision:\s+([^\s]+)/; +($VERSION) = ' $Revision: 1.3 $ ' =~ /\$Revision:\s+([^\s]+)/; sub main { my $slashdb = getCurrentDB(); @@ -91,8 +91,8 @@ $error = 1; } elsif ($matchname ne '' && $form->{newusernick} ne '') { if ($constants->{newuser_portscan}) { - my $is_trusted = $slashdb->checkIsTrusted($user->{ipid}); - if ($is_trusted ne 'yes') { + my $is_trusted = $slashdb->checkAL2($user->{srcids}, 'trusted'); + if (!$is_trusted) { my $is_proxy = $slashdb->checkForOpenProxy($user->{hostip}); if ($is_proxy) { push @note, getData('new_user_open_proxy', { @@ -216,7 +216,19 @@ my $user_send = $reader->getUser($uid); if (!$error) { - if ($reader->checkReadOnly(nopost => { ipid => $user->{ipid} })) { + # A user coming from a srcid that's been marked as not + # acceptable for posting from also does not get to + # mail a password to anyone. + + ## XXX: we added uid to srcids, so now this is broken; + ## anywhere else we need to address this? + my %srcids; + @srcids{keys %{$user->{srcids}}} = values %{$user->{srcids}}; + delete $srcids{uid}; + + if ($reader->checkAL2(\%srcids, 'nopost') + || $reader->checkAL2(\%srcids, 'nopostanon') + ) { push @note, getData('mail_readonly'); $error = 1; @@ -242,7 +254,7 @@ my $uid = $user_send->{uid}; my $newpasswd = $slashdb->getNewPasswd($uid); - my $tempnick = fixparam($user_send->{nickname}); + my $tempnick = $user_send->{nickname}; my $subject = getData('mail_subject', { nickname => $user_send->{nickname} }); # Pull out some data passed in with the request. Only the IP @@ -355,7 +367,6 @@ $slashdb->setUser($user->{uid}, $user_save); $note = getData('passchanged'); - my $value = $slashdb->getLogToken($uid, 1); my $cookie = bakeUserCookie($uid, $slashdb->getLogToken($uid, 1)); setCookie('user', $cookie, $user_save->{session_login}); }