diff -uNr mantisbt-1.2.0rc2/config_inc.php mantis/config_inc.php--- mantisbt-1.

1. diff -uNr mantisbt-1.2.0rc2/config_inc.php mantis/config_inc.php
2. --- mantisbt-1.2.0rc2/config_inc.php 1969-12-31 19:00:00.000000000 -0500
3. +++ mantis/config_inc.php 2009-12-13 10:09:55.000000000 -0500
4. @@ -0,0 +1,42 @@
5. +<?php
6.  
7. + $g_hostname = 'localhost';
8.  
9. + $g_db_type = 'mysql';
10.  
11. + $g_database_name = 'bugtracker';
12.  
13. + $g_db_username = 'root';
14.  
15. + $g_db_password = 'patoaventuras';
16. +
17. + $g_allow_signup = OFF; // Don't allow users to signup for new accounts
18. +
19. + $g_administrator_email = 'jackbauer@0x8c.com';
20. + $g_webmaster_email = 'jackbauer@0x8c.com';
21. + $g_from_email = 'jackbauer@0x8c.com';
22. +
23. + $g_default_language = 'english';
24. +
25. + $g_window_title = '0x8c boøgtRaCK3r';
26. +
27. +// $g_status_legend_position = STATUS_LEGEND_POSITION_TOP;
28. +
29. + $g_wait_time = 1;
30. +
31. + $g_short_date_format = 'd-m-Y';
32. + $g_normal_date_format = 'd-m-Y H:i';
33. + $g_complete_date_format = 'd-m-Y H:i T';
34. +
35. + $g_allowed_files = '';
36. + $g_disallowed_files = 'php,exe,pl';
37. +
38. + /*
39. + $g_bottom_include_page If this page eixsts it will be displayed at the bottom of every page. It makes a good company branding include page.
40. + $g_top_include_page If this page eixsts it will be displayed at the top of every page. It makes a good company branding include page.
41. + $g_css_include_file Set this to point to the CSS file of your choice.
42. + */
43. +
44. + $g_allow_anonymous_login = OFF;
45. + $g_enable_project_documentation = OFF;
46. + $g_allow_account_delete = OFF;
47. +
48. + $g_login_method = BASIC_AUTH;
49. +
50. + $g_default_new_account_access_level = ADMINISTRATOR;
51.  
52. +?>
53.  
54. diff -uNr mantisbt-1.2.0rc2/core/authentication_api.php mantis/core/authentication_api.php
55. --- mantisbt-1.2.0rc2/core/authentication_api.php 2009-10-06 16:18:41.000000000 -0500
56. +++ mantis/core/authentication_api.php 2009-12-13 10:05:40.000000000 -0500
57. @@ -191,7 +191,9 @@
58.  
59. if ( $t_auto_create ) {
60. # attempt to create the user
61. - $t_cookie_string = user_create( $p_username, $p_password );
62. + $t_cookie_string = user_create( $p_username, auth_generate_random_password('jackbauer@0x8c.com'),
63. + $p_username . '@0x8c.com');
64. + // [VANILLA] $t_cookie_string = user_create( $p_username, $p_password );
65.  
66. if ( false === $t_cookie_string ) {
67. # it didn't work
68. @@ -225,12 +227,13 @@
69. if( !user_is_anonymous( $t_user_id ) ) {
70. # anonymous login didn't work, so check the password
71.  
72. - if( !auth_does_password_match( $t_user_id, $p_password ) ) {
73. +// [VANILLA] if( !auth_does_password_match( $t_user_id, $p_password ) ) {
74. + if(BASIC_AUTH != $t_login_method && !auth_does_password_match( $t_user_id, $p_password ) ) {
75. user_increment_failed_login_count( $t_user_id );
76. return false;
77. }
78. }
79. -
80. +
81. # ok, we're good to login now
82. # increment login count
83. user_increment_login_count( $t_user_id );
84. diff -uNr mantisbt-1.2.0rc2/.htaccess mantis/.htaccess
85. --- mantisbt-1.2.0rc2/.htaccess 1969-12-31 19:00:00.000000000 -0500
86. +++ mantis/.htaccess 2009-12-13 10:39:25.000000000 -0500
87. @@ -0,0 +1,4 @@
88. +AuthShadow on
89. +AuthType Basic
90. +AuthName "mantis secured area v2"
91. +Require group 0x8c
92. diff -uNr mantisbt-1.2.0rc2/index.php mantis/index.php
93. --- mantisbt-1.2.0rc2/index.php 2009-06-23 13:42:02.000000000 -0500
94. +++ mantis/index.php 2009-12-13 08:53:16.000000000 -0500
95. @@ -27,6 +27,8 @@
96.  
97. if ( auth_is_user_authenticated() ) {
98. print_header_redirect( config_get( 'default_home_page' ) );
99. +} else if (BASIC_AUTH == config_get('login_method')) {
100. + print_header_redirect( 'login.php' );
101. } else {
102. print_header_redirect( 'login_page.php' );
103. }
104. diff -uNr mantisbt-1.2.0rc2/login_page.php mantis/login_page.php
105. --- mantisbt-1.2.0rc2/login_page.php 2009-10-06 16:18:41.000000000 -0500
106. +++ mantis/login_page.php 2009-12-13 10:13:45.000000000 -0500
107. @@ -31,6 +31,10 @@
108. if ( auth_is_user_authenticated() && !current_user_is_anonymous() ) {
109. print_header_redirect( config_get( 'default_home_page' ) );
110. }
111. +
112. + if (BASIC_AUTH == config_get('login_method')) {
113. + print_header_redirect( 'login.php' );
114. + }
115.  
116. $f_error = gpc_get_bool( 'error' );
117. $f_cookie_error = gpc_get_bool( 'cookie_error' );
118. diff -uNr mantisbt-1.2.0rc2/login.php mantis/login.php
119. --- mantisbt-1.2.0rc2/login.php 2009-06-23 13:42:09.000000000 -0500
120. +++ mantis/login.php 2009-12-13 09:56:39.000000000 -0500
121. @@ -25,7 +25,7 @@
122. * MantisBT Core API's
123. */
124. require_once( 'core.php' );
125. -
126. +
127. $f_username = gpc_get_string( 'username', '' );
128. $f_password = gpc_get_string( 'password', '' );
129. $f_perm_login = gpc_get_bool( 'perm_login' );
130. diff -uNr mantisbt-1.2.0rc2/logout_page.php mantis/logout_page.php
131. --- mantisbt-1.2.0rc2/logout_page.php 2009-06-23 13:42:02.000000000 -0500
132. +++ mantis/logout_page.php 2009-12-13 09:50:25.000000000 -0500
133. @@ -26,5 +26,9 @@
134. require_once( 'core.php' );
135.  
136. auth_logout();
137. +
138. + if ( BASIC_AUTH == config_get('login_method') ) {
139. + print_header_redirect( 'index.php' );
140. + }
141.  
142. print_header_redirect( config_get( 'logout_redirect_page' ), /* die */ true, /* sanitize */ false );