mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Harden empty 

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
Victor Dubiniuk 2016-09-23 01:30:57 +03:00 committed by Arthur Schiwon
parent 17fa45a292
commit 011d5f554c
No known key found for this signature in database
GPG Key ID: 7424F1874854DF23
7 changed files with 59 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
apps/user_ldap/lib/Access.php
View File

@ -184,14 +184,14 @@ class Access extends LDAPUtility implements IUserTools {
$dn = $this->helper->DNasBaseParameter($dn);
$rr = @$this->ldap->read($cr, $dn, $filter, array($attr));
if(!$this->ldap->isResource($rr)) {
if(!empty($attr)) {
if ($attr !== '') {
//do not throw this message on userExists check, irritates
\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, \OCP\Util::DEBUG);
}
//in case an error occurs , e.g. object does not exist
return false;
}
if (empty($attr) && ($filter === 'objectclass=*' || $this->ldap->countEntries($cr, $rr) === 1)) {
if ($attr === '' && ($filter === 'objectclass=*' || $this->ldap->countEntries($cr, $rr) === 1)) {
\OCP\Util::writeLog('user_ldap', 'readAttribute: '.$dn.' found', \OCP\Util::DEBUG);
return array();
}
@ -423,8 +423,8 @@ class Access extends LDAPUtility implements IUserTools {
}
if($isUser) {
$usernameAttribute = $this->connection->ldapExpertUsernameAttr;
if(!empty($usernameAttribute)) {
$usernameAttribute = strval($this->connection->ldapExpertUsernameAttr);
if ($usernameAttribute !== '') {
$username = $this->readAttribute($fdn, $usernameAttribute);
$username = $username[0];
} else {
@ -1129,7 +1129,7 @@ class Access extends LDAPUtility implements IUserTools {
private function combineFilter($filters, $operator) {
$combinedFilter = '('.$operator;
foreach($filters as $filter) {
if(!empty($filter) && $filter[0] !== '(') {
if ($filter !== '' && $filter[0] !== '(') {
$filter = '('.$filter.')';
}
$combinedFilter.=$filter;
@ -1212,7 +1212,7 @@ class Access extends LDAPUtility implements IUserTools {
$search = $this->prepareSearchTerm($search);
if(!is_array($searchAttributes) || count($searchAttributes) === 0) {
if(empty($fallbackAttribute)) {
if ($fallbackAttribute === '') {
return '';
}
$filter[] = $fallbackAttribute . '=' . $search;
@ -1238,8 +1238,12 @@ class Access extends LDAPUtility implements IUserTools {
$allowEnum = $config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes');
$result = empty($term) ? '*' :
$allowEnum !== 'no' ? $term . '*' : $term;
$result = $term;
if ($term === '') {
$result = '*';
} else if ($allowEnum !== 'no') {
$result = $term . '*';
}
return $result;
}
@ -1286,7 +1290,7 @@ class Access extends LDAPUtility implements IUserTools {
$filter = $this->connection->ldapUserFilter;
$base = $this->connection->ldapBaseUsers;
if($this->connection->ldapUuidUserAttribute === 'auto' && empty($uuidOverride)) {
if ($this->connection->ldapUuidUserAttribute === 'auto' && $uuidOverride === '') {
// Sacrebleu! The UUID attribute is unknown :( We need first an
// existing DN to be able to reliably detect it.
$result = $this->search($filter, $base, ['dn'], 1);
@ -1342,7 +1346,7 @@ class Access extends LDAPUtility implements IUserTools {
return true;
}
if(!empty($uuidOverride) && !$force) {
if ($uuidOverride !== '' && !$force) {
$this->connection->$uuidAttr = $uuidOverride;
return true;
}
@ -1385,7 +1389,7 @@ class Access extends LDAPUtility implements IUserTools {
if($this->detectUuidAttribute($dn, $isUser)) {
$uuid = $this->readAttribute($dn, $this->connection->$uuidAttr);
if( !is_array($uuid)
&& !empty($uuidOverride)
&& $uuidOverride !== ''
&& $this->detectUuidAttribute($dn, $isUser, true)) {
$uuid = $this->readAttribute($dn,
$this->connection->$uuidAttr);

4
apps/user_ldap/lib/Configuration.php
View File

@ -161,7 +161,7 @@ class Configuration {
break;
case 'homeFolderNamingRule':
$trimmedVal = trim($val);
if(!empty($trimmedVal) && strpos($val, 'attr:') === false) {
if ($trimmedVal !== '' && strpos($val, 'attr:') === false) {
$val = 'attr:'.$trimmedVal;
}
break;
@ -309,7 +309,7 @@ class Configuration {
foreach($value as $key => $val) {
if(is_string($val)) {
$val = trim($val);
if(!empty($val)) {
if ($val !== '') {
//accidental line breaks are not wanted and can cause
// odd behaviour. Thus, away with them.
$finalValue[] = $val;

13
apps/user_ldap/lib/Connection.php
View File

@ -137,7 +137,7 @@ class Connection extends LDAPUtility {
$this->configuration->$name = $value;
$after = $this->configuration->$name;
if($before !== $after) {
if(!empty($this->configID)) {
if ($this->configID !== '') {
$this->configuration->saveConfiguration();
}
$this->validateConfiguration();
@ -358,8 +358,8 @@ class Connection extends LDAPUtility {
}
}
$backupPort = $this->configuration->ldapBackupPort;
if(empty($backupPort)) {
$backupPort = intval($this->configuration->ldapBackupPort);
if ($backupPort <= 0) {
$this->configuration->backupPort = $this->configuration->ldapPort;
}
@ -427,7 +427,10 @@ class Connection extends LDAPUtility {
//combinations
$agent = $this->configuration->ldapAgentName;
$pwd = $this->configuration->ldapAgentPassword;
if((empty($agent) && !empty($pwd)) || (!empty($agent) && empty($pwd))) {
if (
($agent === '' && $pwd !== '')
|| ($agent !== '' && $pwd === '')
) {
\OCP\Util::writeLog('user_ldap',
$errorStr.'either no password is given for the'.
'user agent or a password is given, but not an'.
@ -568,7 +571,7 @@ class Connection extends LDAPUtility {
* @throws \OC\ServerNotAvailableException
*/
private function doConnect($host, $port) {
if(empty($host)) {
if ($host === '') {
return false;
}
$this->ldapConnectionRes = $this->ldap->connect($host, $port);

11
apps/user_ldap/lib/Group_LDAP.php
View File

@ -360,7 +360,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
$filterParts = [];
$filterParts[] = $this->access->getFilterForUserCount();
if(!empty($search)) {
if ($search !== '') {
$filterParts[] = $this->access->getFilterPartForUserSearch($search);
}
$filterParts[] = 'primaryGroupID=' . $groupID;
@ -658,7 +658,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
$groupUsers[] = $this->access->dn2username($ldap_users[0]['dn'][0]);
} else {
//we got DNs, check if we need to filter by search or we can give back all of them
if(!empty($search)) {
if ($search !== '') {
if(!$this->access->readAttribute($member,
$this->access->connection->ldapUserDisplayName,
$this->access->getFilterPartForUserSearch($search))) {
@ -714,7 +714,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
return false;
}
if(empty($search)) {
if ($search === '') {
$groupUsers = count($members) + $primaryUserCount;
$this->access->connection->writeToCache($cacheKey, $groupUsers);
return $groupUsers;
@ -826,9 +826,8 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
return array();
}
$search = $this->access->escapeFilterPart($search, true);
$pagingSize = $this->access->connection->ldapPagingSize;
if ((! $this->access->connection->hasPagedResultSupport)
|| empty($pagingSize)) {
$pagingSize = intval($this->access->connection->ldapPagingSize);
if (!$this->access->connection->hasPagedResultSupport || $pagingSize <= 0) {
return $this->getGroupsChunk($search, $limit, $offset);
}
$maxGroups = 100000; // limit max results (just for safety reasons)

27
apps/user_ldap/lib/User/User.php
View File

@ -183,13 +183,13 @@ class User {
$displayName = $displayName2 = '';
$attr = strtolower($this->connection->ldapUserDisplayName);
if(isset($ldapEntry[$attr])) {
$displayName = $ldapEntry[$attr][0];
$displayName = strval($ldapEntry[$attr][0]);
}
$attr = strtolower($this->connection->ldapUserDisplayName2);
if(isset($ldapEntry[$attr])) {
$displayName2 = $ldapEntry[$attr][0];
$displayName2 = strval($ldapEntry[$attr][0]);
}
if(!empty($displayName)) {
if ($displayName !== '') {
$this->composeAndStoreDisplayName($displayName);
$this->access->cacheUserDisplayName(
$this->getUsername(),
@ -261,10 +261,10 @@ class User {
* @throws \Exception
*/
public function getHomePath($valueFromLDAP = null) {
$path = $valueFromLDAP;
$path = strval($valueFromLDAP);
$attr = null;
if( is_null($path)
if (is_null($valueFromLDAP)
&& strpos($this->access->connection->homeFolderNamingRule, 'attr:') === 0
&& $this->access->connection->homeFolderNamingRule !== 'attr:')
{
@ -276,7 +276,7 @@ class User {
}
}
if(!empty($path)) {
if ($path !== '') {
//if attribute's value is an absolute path take this, otherwise append it to data dir
//check for / at the beginning or pattern c:\ resp. c:/
if( '/' !== $path[0]
@ -393,7 +393,8 @@ class User {
* @returns string the effective display name
*/
public function composeAndStoreDisplayName($displayName, $displayName2 = '') {
if(!empty($displayName2)) {
$displayName2 = strval($displayName2);
if($displayName2 !== '') {
$displayName .= ' (' . $displayName2 . ')';
}
$this->store('displayName', $displayName);
@ -432,20 +433,20 @@ class User {
if($this->wasRefreshed('email')) {
return;
}
$email = $valueFromLDAP;
$email = strval($valueFromLDAP);
if(is_null($valueFromLDAP)) {
$emailAttribute = $this->connection->ldapEmailAttribute;
if(!empty($emailAttribute)) {
if ($emailAttribute !== '') {
$aEmail = $this->access->readAttribute($this->dn, $emailAttribute);
if(is_array($aEmail) && (count($aEmail) > 0)) {
$email = $aEmail[0];
$email = strval($aEmail[0]);
}
}
}
if(!is_null($email)) {
if ($email !== '') {
$user = $this->userManager->get($this->uid);
if (!is_null($user)) {
$currentEmail = $user->getEMailAddress();
$currentEmail = strval($user->getEMailAddress());
if ($currentEmail !== $email) {
$user->setEMailAddress($email);
}
@ -470,7 +471,7 @@ class User {
if(is_null($valueFromLDAP)) {
$quotaAttribute = $this->connection->ldapQuotaAttribute;
if(!empty($quotaAttribute)) {
if ($quotaAttribute !== '') {
$aQuota = $this->access->readAttribute($this->dn, $quotaAttribute);
if($aQuota && (count($aQuota) > 0)) {
$quota = $aQuota[0];

6
apps/user_ldap/lib/User_LDAP.php
View File

@ -385,7 +385,7 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
//Check whether the display name is configured to have a 2nd feature
$additionalAttribute = $this->access->connection->ldapUserDisplayName2;
$displayName2 = '';
if(!empty($additionalAttribute)) {
if ($additionalAttribute !== '') {
$displayName2 = $this->access->readAttribute(
$this->access->username2dn($uid),
$additionalAttribute);
@ -398,8 +398,8 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
if($displayName && (count($displayName) > 0)) {
$displayName = $displayName[0];
if(is_array($displayName2) && (count($displayName2) > 0)) {
$displayName2 = $displayName2[0];
if (is_array($displayName2)){
$displayName2 = count($displayName2) > 0 ? $displayName2[0] : '';
}
$user = $this->access->userManager->get($uid);

22
apps/user_ldap/lib/Wizard.php
View File

@ -220,7 +220,7 @@ class Wizard extends LDAPUtility {
}
$attr = $this->configuration->ldapUserDisplayName;
if($attr !== 'displayName' && !empty($attr)) {
if ($attr !== '' && $attr !== 'displayName') {
// most likely not the default value with upper case N,
// verify it still produces a result
$count = intval($this->countUsersWithAttribute($attr, true));
@ -262,7 +262,7 @@ class Wizard extends LDAPUtility {
}
$attr = $this->configuration->ldapEmailAttribute;
if(!empty($attr)) {
if ($attr !== '') {
$count = intval($this->countUsersWithAttribute($attr, true));
if($count > 0) {
return false;
@ -552,7 +552,7 @@ class Wizard extends LDAPUtility {
}
//make sure the use display name is set
$displayName = $this->configuration->ldapGroupDisplayName;
if(empty($displayName)) {
if ($displayName === '') {
$d = $this->configuration->getDefaults();
$this->applyFind('ldap_group_display_name',
$d['ldap_group_display_name']);
@ -576,7 +576,7 @@ class Wizard extends LDAPUtility {
}
//make sure the use display name is set
$displayName = $this->configuration->ldapUserDisplayName;
if(empty($displayName)) {
if ($displayName === '') {
$d = $this->configuration->getDefaults();
$this->applyFind('ldap_display_name', $d['ldap_display_name']);
}
@ -904,7 +904,7 @@ class Wizard extends LDAPUtility {
$er = $this->ldap->firstEntry($cr, $rr);
$attrs = $this->ldap->getAttributes($cr, $er);
$dn = $this->ldap->getDN($cr, $er);
if(empty($dn)) {
if ($dn == false || $dn === '') {
continue;
}
$filterPart = '(memberof=' . $dn . ')';
@ -923,7 +923,7 @@ class Wizard extends LDAPUtility {
if($parts > 1) {
$filter = '(&' . $filter . ')';
}
if(empty($filter)) {
if ($filter === '') {
$filter = '(objectclass=*)';
}
break;
@ -973,7 +973,7 @@ class Wizard extends LDAPUtility {
//fallback
$attr = 'cn';
}
if(!empty($attr)) {
if ($attr !== '') {
$filterUsername = '(' . $attr . $loginpart . ')';
$parts++;
}
@ -1098,8 +1098,10 @@ class Wizard extends LDAPUtility {
$agent = $this->configuration->ldapAgentName;
$pwd = $this->configuration->ldapAgentPassword;
return ( (!empty($agent) && !empty($pwd))
|| (empty($agent) && empty($pwd)));
return
($agent !== '' && $pwd !== '')
|| ($agent === '' && $pwd === '')
;
}
/**
@ -1236,7 +1238,7 @@ class Wizard extends LDAPUtility {
if(is_array($setFeatures) && !empty($setFeatures)) {
//something is already configured? pre-select it.
$this->result->addChange($dbkey, $setFeatures);
} else if($po && !empty($maxEntryObjC)) {
} else if ($po && $maxEntryObjC !== '') {
//pre-select objectclass with most result entries
$maxEntryObjC = str_replace($p, '', $maxEntryObjC);
$this->applyFind($dbkey, $maxEntryObjC);