mantisbt/core rss_api.php,NONE,1.1 authentication_api.php,1.54,1.55 html_api.php,1.190,1.191

Update of /cvsroot/mantisbt/mantisbt/core
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11140/core

Modified Files:
        authentication_api.php html_api.php 
Added Files:
        rss_api.php 
Log Message:
Fixed #6757: Allow RSS syndication without allowing anonymous login..
Fixed #4213: Ability to log in to RSS feed via GET so that RSS would be 
available to registered users
Fixed #6116: "Issues" RSS feed doesn't work when $g_anonymous_account = ''

Index: html_api.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/core/html_api.php,v
retrieving revision 1.190
retrieving revision 1.191
diff -u -d -r1.190 -r1.191
--- html_api.php        22 Apr 2006 02:12:56 -0000      1.190
+++ html_api.php        23 Apr 2006 12:32:59 -0000      1.191
@@ -1,7 +1,7 @@
 <?php
        # Mantis - a php based bugtracking system
        # Copyright (C) 2000 - 2002  Kenzaburo Ito - 
kenito-J7RQz27tXwtAfugRpC6u6w@xxxxxxxxxxxxxxxx
-       # Copyright (C) 2002 - 2005  Mantis Team   - 
mantisbt-dev-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@xxxxxxxxxxxxxxxx
+       # Copyright (C) 2002 - 2006  Mantis Team   - 
mantisbt-dev-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@xxxxxxxxxxxxxxxx
        # This program is distributed under the terms and conditions of the GPL
        # See the README and LICENSE files for details
 
@@ -56,6 +56,7 @@
        require_once( $t_core_dir . 'helper_api.php' );
        require_once( $t_core_dir . 'authentication_api.php' );
        require_once( $t_core_dir . 'user_api.php' );
+       require_once( $t_core_dir . 'rss_api.php' );
 
        $g_rss_feed_url = null;
 
@@ -342,6 +343,11 @@
                                        PRINT '</select> ';
                                }
                                PRINT '<input type="submit" 
class="button-small" value="' . lang_get( 'switch' ) . '" />';
+
+                               # Link to RSS issues feed for the selected 
project, including authentication details.
+                               PRINT '<a href="' . rss_get_issues_feed_url() . 
'">';
+                               PRINT '<img src="images/rss.gif" alt="' . 
lang_get( 'rss' ) . '" style="border-style: none; margin: 5px; vertical-align: 
middle;" />';
+                               PRINT '</a>';
                                PRINT '</form>';
                        PRINT '</td>';
                PRINT '</tr>';
@@ -382,7 +388,7 @@
                        echo "\t", '<span class="timer"><a 
href="http://www.mantisbt.org/";>Mantis ', config_get( 'mantis_version' ), 
'</a>',
                                        '[<a href="http://www.mantisbt.org/"; 
target="_blank">^</a>]</span>', "\n";
                }
-               echo "\t", '<address>Copyright &copy; 2000 - 2005 Mantis 
Group</address>', "\n";
+               echo "\t", '<address>Copyright &copy; 2000 - 2006 Mantis 
Group</address>', "\n";
 
                # only display webmaster email is current user is not the 
anonymous user
                if ( ! is_page_name( 'login_page.php' ) && 
!current_user_is_anonymous() ) {

Index: authentication_api.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/core/authentication_api.php,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -d -r1.54 -r1.55
--- authentication_api.php      29 Oct 2005 09:52:52 -0000      1.54
+++ authentication_api.php      23 Apr 2006 12:32:59 -0000      1.55
@@ -141,7 +141,7 @@
        # --------------------
        # Allows scripts to login using a login name or ( login name + password 
)
        function auth_attempt_script_login( $p_username, $p_password = null ) {
-               global $g_script_login_cookie, $g_cache_current_user_id;
+               global $g_script_login_cookie, $g_cache_cookie_valid, 
$g_cache_current_user_id, $g_cache_current_user_cookie_string;
 
                $t_user_id = user_get_id_by_name( $p_username );
 
@@ -161,14 +161,18 @@
 
                # ok, we're good to login now
 
+               # With cases like RSS feeds and MantisConnect there is a login 
per operation, hence, there is no
+               # real significance of incrementing login count.
                # increment login count
-               user_increment_login_count( $t_user_id );
+               # user_increment_login_count( $t_user_id );
 
                # set the cookies
                $g_script_login_cookie = $t_user['cookie_string'];
-               
+               $g_cache_current_user_cookie_string = $g_script_login_cookie;
+
                # cache user id for future reference
                $g_cache_current_user_id = $t_user_id;
+               $g_cache_cookie_valid = true;
 
                return true;
        }
@@ -500,7 +504,6 @@
                return $t_user_id;
        }
 
-
        #===================================
        # HTTP Auth
        #===================================

--- NEW FILE: rss_api.php ---
<?php
        # Mantis - a php based bugtracking system
        # Copyright (C) 2000 - 2002  Kenzaburo Ito - 
kenito-J7RQz27tXwtAfugRpC6u6w@xxxxxxxxxxxxxxxx
        # Copyright (C) 2002 - 2006  Mantis Team   - 
mantisbt-dev-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@xxxxxxxxxxxxxxxx
        # This program is distributed under the terms and conditions of the GPL
        # See the README and LICENSE files for details

        # --------------------------------------------------------
        # $Id: rss_api.php,v 1.1 2006/04/23 12:32:59 vboctor Exp $
        # --------------------------------------------------------

        ### RSS API ###

        # --------------------
        # Calculates a key to be used for RSS authentication based on user 
name, cookie and password.
        # if the user changes his user name or password, then the key becomes 
invalid.
        function rss_calculate_key( $p_user_id = null ) {
                if ( $p_user_id === null ) {
                        $t_user_id = auth_get_current_user_id();
                } else {
                        $t_user_id = $p_user_id;
                }

                $t_seed     = config_get_global( 'rss_key_seed' );

                $t_username = user_get_field( $t_user_id, 'username' );
                $t_password = user_get_field( $t_user_id, 'password' );
                $t_cookie   = user_get_field( $t_user_id, 'cookie_string' );

                return md5( $t_seed . $t_username . $t_cookie . $t_password );
        }

        # --------------------
        # Given the user name and the rss key, this method attempts to login 
the user.  If successful, it
        # return true, otherwise, returns false.
        function rss_login( $p_username, $p_key ) {
                if ( ( $p_username === null ) || ( $p_key === null ) ) {
                        return false;
                }

                $t_user_id = user_get_id_by_name( $p_username );

                $t_correct_key = rss_calculate_key( $t_user_id );
                if ( $p_key != $t_correct_key ) {
                        return false;
                }

                if ( !auth_attempt_script_login( $p_username ) ) {
                        return false;
                }

                return true;
        }

        # --------------------
        function rss_get_issues_feed_url( $p_project_id = null, $p_username = 
null, $p_filter_id = null, $p_relative = true ) {
                if ( $p_username === null ) {
                        $t_username = current_user_get_field( 'username' );
                } else {
                        $t_username = $p_username;
                }

                if ( $p_project_id === null ) {
                        $t_project_id = helper_get_current_project();
                } else {
                        $t_project_id = (integer)$p_project_id;
                }

                $t_user_id = user_get_id_by_name( $t_username );

                if ( $p_relative ) {
                        $t_url = config_get( 'path' );
                } else {
                        $t_url = '';
                }

                if ( $t_username == config_get( 'anonymous_account' ) ) {
                        $t_url .= 'issues_rss.php?';

                        if ( $t_project_id == ALL_PROJECTS ) {
                                $t_url .= 'project_id=' . $t_project_id;
                        }
                } else {
                        $t_url .= 'issues_rss.php?username=' . $t_username . 
'&amp;key=' . rss_calculate_key( $t_user_id );

                        if ( $t_project_id != ALL_PROJECTS ) {
                                $t_url .= '&amp;project_id=' . $t_project_id;
                        }
                }

                if ( $p_filter_id !== null ) {
                        $t_url .= '&amp;filter_id=' . $p_filter_id;
                }

                return $t_url;
        }

        # --------------------
        function rss_get_news_feed_url( $p_project_id = null, $p_username = 
null, $p_relative = true ) {
                if ( $p_username === null ) {
                        $t_username = current_user_get_field( 'username' );
                } else {
                        $t_username = $p_username;
                }

                if ( $p_project_id === null ) {
                        $t_project_id = helper_get_current_project();
                } else {
                        $t_project_id = (integer)$p_project_id;
                }

                if ( $p_relative ) {
                        $t_rss_link = '';
                } else {
                        $t_rss_link = config_get( 'path' );
                }
                
                $t_user_id = user_get_id_by_name( $t_username );

                // If we have a logged in user then they can be given a 
'proper' feed, complete with auth string.
                if ( $t_username == config_get( 'anonymous_account' ) ) {
                        $t_rss_link .= "news_rss.php?";

                        if ( $t_project_id != ALL_PROJECTS ) {
                                $t_rss_link .= "news_rss.php?project_id=" . 
$t_project_id;
                        }
                } else {
                        $t_rss_link .= "news_rss.php?username=" . $t_username . 
"&amp;key=" . rss_calculate_key( $t_user_id );

                        if ( $t_project_id != ALL_PROJECTS ) {
                                $t_rss_link .= "&amp;project_id=" . 
$t_project_id;
                        }
                }

                return $t_rss_link;
        }
?>


-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642