added: flag has_pass to User structure

if false that means the user has not set a password yet 
       (this can be used by a plugins to create a new account without a password set)
       in order to login the user first has to set a new password
       (this can be done from a some kind of activation link send via email etc)
       



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@954 e52654a7-88a9-db11-a3e9-0013d4bc506e

Makefile

@@ -3,10 +3,13 @@
 include Makefile.dep
 
 
-#ifndef CXX
-# temporarily workaround: forcing using clang (CXX is defined by the OS and is equal to g++)
-CXX = g++-4.8
-#endif
+ifeq ($(OSTYPE), FreeBSD)
+	CXX = clang++
+else
+	CXX = g++-4.8
+endif
+
+
 
 ifndef CXXFLAGS
 CXXFLAGS = -Wall -O0 -g -fPIC -pthread -std=c++11 -I/usr/local/include -I/usr/include/postgresql -DEZC_USE_WINIX_LOGGER -DEZC_HAS_SPECIAL_STREAM

core/config.h

@@ -34,11 +34,11 @@ public:
 	// default: true
 	bool demonize;
 
-	// system user name (to which drop privileges)
+	// system user's name to whom winix should drop privileges
 	// used only if winix is started as the root
 	std::string user;
 
-	// system group name (to which drop privileges)
+	// system group's name to which drop privileges
 	// used only if winix is started as the root
 	std::string group;
 
@@ -51,21 +51,23 @@ public:
 	// log file name, log file name for notifications (sending emails, etc)
 	std::string log_file, log_notify_file;
 	
+	// the log level (how much info should be inserted to logs)
 	// 1 - minimum
 	// 2 - (default)
 	// 3 - maximum - all logs
 	int log_level;
 
 	// logging to stdout too
-	// only if demonize is 'false'
+	// this option is valid only if 'demonize' option is set to 'false'
 	// default: false
 	bool log_stdout;
 
 	// how many requests should be saved in the same time
+	// if you have a very busy server you can incrase this value
 	// default: 1
 	int log_request;
 
-	// whether to save each line of the config (use it for debug purposes)
+	// whether to save each line of the config (used for debugging purposes)
 	// default: false
 	bool log_save_each_line;
 
@@ -80,6 +82,7 @@ public:
 	bool log_server_answer;
 
 	// logging db queries
+	// warning: use it only on a developer's server as it logs the hashes of passwords too
 	// default: false
 	bool log_db_query;
 
@@ -89,7 +92,7 @@ public:
 
 	// how many characters in values should be logged from POST parameters
 	// default: 80
-	// set to 0 to turn off
+	// set to 0 to turn it off
 	size_t log_post_value_size;
 
 	// request delimiter in the log file, default "---------"
@@ -132,39 +135,46 @@ public:
 	// default: index.html
 	std::wstring templates_index;
 
-	// if true then only root can use 'template' function
+	// if true then only root can use 'template' winix function
 	// default: false
 	bool template_only_root_use_template_fun;
 
+	// the database name, user name and a password for the PostgreSQL database
 	std::string db_database;
 	std::string db_user;
 	std::string db_pass;
 
+	// the name of the cookie which has the session identifier
 	std::wstring http_session_id_name;
 
 	// string used in a place where is a user (or group) selected
+	// !! IMPROVE ME should be moved to locales
 	std::wstring priv_no_user;
 	std::wstring priv_no_group;
 
-	// time in seconds when the user will be automatically logged out (iddle time)
+	// time in seconds when a user will be automatically logged out (iddle time)
+	// default: 10800 = 3 hours
 	int session_max_idle;
 	
-	// time in seconds when the user will be automatically logged out (when he selected 'remember me' option)
+	// time in seconds when a user will be automatically logged out
+	// when he has selected the 'remember me' option when logging in
 	// this time is usually greater than session_max_idle
+	// default: 16070400 = 3 months
 	int session_remember_max_idle;
 
-	// this file is used when the program is starting and ending
+	// a file to which winix stores sessions info
+	// it is used when winix starts (boots) and quits
 	std::string session_file;
 
 	// how many sessions can be (zero turn off this checking)
 	// default: 1000000 (one milion)
 	size_t session_max;
 
-	// allow the html output to be compressed
+	// allow the winix output to be compressed
 	// default: true
 	bool compression;
 
-	// if the output is shorter than this value then it will not be compressed
+	// compress only if the output is greater or equal to this value
 	// default: 512 bytes
 	size_t compression_page_min_size;
 
@@ -191,12 +201,12 @@ public:
 	bool html_filter_trim_white;
 
 	// when long words should be broken (a space will be inserted)
-	// default: after 60 non white characters will be put a space
+	// default: after 60 non white characters there will be put a space
 	// set zero to turn off
 	size_t html_filter_break_word;
 
 	// when long lines should be broken (a new line character will be inserted)
-	// default: 80
+	// default: 110
 	// set zero to turn off
 	size_t html_filter_wrap_line;
 
@@ -215,9 +225,11 @@ public:
 	HTMLFilter::OrphanMode html_filter_orphans_mode;
 
 	// the url of a new empty item (if there is not the subject too)
+	// !! IMPROVE ME should be moved to locale
 	std::wstring item_url_empty;
 
 	// maximum length of a file send by post multipart form
+	// default: 8388608 - 8MB
 	// 0 - not used
 	size_t post_file_max;
 

core/user.cpp

@@ -37,6 +37,7 @@ void User::Clear()
 }
 
 
+
 bool User::IsMemberOf(long group)
 {
 std::vector<long>::iterator i;

core/user.h

@@ -32,6 +32,7 @@ namespace Winix
 #define WINIX_ACCOUNT_NOT_ACTIVATED		1
 
 // 2 - a user clicked on the link in the mail and now can normally use his account
+// (if has a password set too)
 #define WINIX_ACCOUNT_READY				2
 
 // 3 - account was suspended
@@ -41,6 +42,9 @@ namespace Winix
 #define WINIX_ACCOUNT_BLOCKED			4
 
 
+
+
+
 /*
 	a user can login only to an account which status is equal to WINIX_ACCOUNT_READY
 
@@ -62,6 +66,8 @@ namespace Winix
 */
 struct UserPass
 {
+	bool has_pass;				// true if the user has a password set
+								// if false the user cannot login
 	int pass_type;				// the kind of hash (WINIX_CRYPT_HASH_* see crypt.h)
 	std::wstring pass;			// password hashed or plain text if pass_type==0
 	std::string pass_encrypted; // password encrypted
@@ -79,7 +85,6 @@ struct User
 	std::wstring email;
 	int notify;
 
-
 	// environment variables which can be set by this user
 	// use 'env' winix function
 	PT::Space env;
@@ -99,7 +104,6 @@ struct User
 	// time zone identifier
 	size_t time_zone_id;
 
-
 	User();
 	
 	void Clear();

core/version.h

@@ -17,7 +17,7 @@ namespace Winix
 
 #define WINIX_VER_MAJOR		0
 #define WINIX_VER_MINOR		6
-#define WINIX_VER_REVISION	0
+#define WINIX_VER_REVISION	1
 
 
 

db/db.cpp

@@ -27,7 +27,7 @@ bool Db::GetUserPass(const std::wstring & login, long & user_id, UserPass & up)
 	try
 	{
 		query.Clear();
-		query << R("select id, password, pass_encrypted, pass_type, pass_hash_salted from core.user where login=")
+		query << R("select id, has_pass, password, pass_encrypted, pass_type, pass_hash_salted from core.user where login=")
 			  << login
 			  << R(";");
 		
@@ -46,6 +46,7 @@ bool Db::GetUserPass(const std::wstring & login, long & user_id, UserPass & up)
 		}
 
 		int cuser_id        = AssertColumn(r, "id");
+		int chas_pass       = AssertColumn(r, "has_pass");
 		int cpass_type      = AssertColumn(r, "pass_type");
 		int csalted         = AssertColumn(r, "pass_hash_salted");
 		int cpassword       = AssertColumn(r, "password");
@@ -53,6 +54,7 @@ bool Db::GetUserPass(const std::wstring & login, long & user_id, UserPass & up)
 
 		user_ok = true;
 		user_id             = AssertValueLong(r, 0, cuser_id);
+		up.has_pass         = AssertValueBool(r, 0, chas_pass);
 		up.pass_type        = AssertValueInt(r, 0, cpass_type);
 		up.pass_hash_salted = AssertValueBool(r, 0, csalted);
 		AssertValueWide(r, 0, cpassword, up.pass);
@@ -79,9 +81,10 @@ Error Db::AddUser(User & user, const UserPass & up)
 	try
 	{
 		query.Clear();
-		query << R("insert into core.user (login, password, pass_encrypted, super_user, email,"
+		query << R("insert into core.user (login, has_pass, password, pass_encrypted, super_user, email,"
 				   "notify, pass_type, pass_hash_salted, env, aenv, status, locale_id, time_zone_id) values (")
-			  << user.name;
+			  << user.name
+			  << up.has_pass;
 
 		// for safety we put up.pass only if there is not an encrypted version
 		// someone could have forgotten to clear up.pass
@@ -125,8 +128,9 @@ return status;
 Error Db::ChangeUserPass(long user_id, const UserPass & up)
 {
 	query.Clear();
-	query << R("update core.user set(password, pass_encrypted,"
-			   "pass_type, pass_hash_salted) = (");
+	query << R("update core.user set(has_pass, password, pass_encrypted,"
+			   "pass_type, pass_hash_salted) = (")
+		  << up.has_pass;
 
 	// for safety
 	if( up.pass_encrypted.empty() )

functions/adduser.cpp

@@ -139,6 +139,7 @@ return true;
 */
 bool AddUser::AddNewUser(User & user, const std::wstring & pass)
 {
+	up.has_pass = true;
 	up.pass = pass;
 	system->crypt.PassHashCrypt(up);
 	

functions/login.cpp

@@ -91,7 +91,15 @@ bool result;
 
 	if( db->GetUserPass(login, user_id, up) )
 	{
-		result = CheckPasswords(password);
+		if( up.has_pass )
+		{
+			result = CheckPasswords(password);
+		}
+		else
+		{
+			log << log2 << "Login: this account has not a password set yet" << logend;
+			result = false;
+		}
 	}
 	else
 	{

functions/passwd.cpp

@@ -85,6 +85,7 @@ bool result = false;
 
 	if( puser )
 	{
+		up.has_pass = true;
 		up.pass = new_password;
 		system->crypt.PassHashCrypt(up);
 		result = (db->ChangeUserPass(user_id, up) == WINIX_ERR_OK);