Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

- fixed another issue with bug #7564

- added support for user defined handle fields
- fixed parameter $secret for LiveUser::decryptPW()


git-svn-id: http://svn.php.net/repository/pear/packages/LiveUser/trunk@218199 c90b9560-bf6c-de11-be94-00142212c4b1
  • Loading branch information...
commit a30b2a857f272f3701da48a202b2c25215180d95 1 parent f9c8cc5
Matthias Nothhaft authored
8 Auth/Common.php
@@ -161,6 +161,14 @@ class LiveUser_Auth_Common
161 161 var $externalValues = array();
162 162
163 163 /**
  164 + * A list of handle fields that are used to find a user.
  165 + *
  166 + * @var array
  167 + * @access public
  168 + */
  169 + var $handles = array('handle');
  170 +
  171 + /**
164 172 * Table configuration
165 173 *
166 174 * @var array
15 Auth/DB.php
@@ -208,8 +208,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
208 208 $query .= $this->alias['auth_user_id'] . '='
209 209 . $this->dbc->quoteSmart($auth_user_id);
210 210 } else {
211   - $query .= $this->alias['handle'] . '='
212   - . $this->dbc->quoteSmart($handle);
  211 + if (!is_array($this->handles) || empty($this->handles)) {
  212 + $this->stack->push(
  213 + LIVEUSER_ERROR_CONFIG, 'exception',
  214 + array('reason' => 'No handle set in storage config.')
  215 + );
  216 + return false;
  217 + }
  218 + $handles = array();
  219 + foreach ($this->handles as $field) {
  220 + $handles[] = $this->alias[$field] . '=' .
  221 + $this->dbc->quoteSmart($handle);
  222 + }
  223 + $query .= '(' . implode(' OR ', $handles) . ')';
213 224
214 225 if (!is_null($this->tables['users']['fields']['passwd'])) {
215 226 // If $passwd is set, try to find the first user with the given
15 Auth/MDB.php
@@ -221,8 +221,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
221 221 $query .= $this->alias['auth_user_id'] . '='
222 222 . $this->dbc->getValue($this->fields['auth_user_id'], $auth_user_id);
223 223 } else {
224   - $query .= $this->alias['handle'] . '='
225   - . $this->dbc->getValue($this->fields['handle'], $handle);
  224 + if (!is_array($this->handles) || empty($this->handles)) {
  225 + $this->stack->push(
  226 + LIVEUSER_ERROR_CONFIG, 'exception',
  227 + array('reason' => 'No handle set in storage config.')
  228 + );
  229 + return false;
  230 + }
  231 + $handles = array();
  232 + foreach ($this->handles as $field) {
  233 + $handles[] = $this->alias[$field] . '=' .
  234 + $this->dbc->getValue($this->fields[$field], $handle);
  235 + }
  236 + $query .= '(' . implode(' OR ', $handles) . ')';
226 237
227 238 if (!is_null($this->tables['users']['fields']['passwd'])) {
228 239 // If $passwd is set, try to find the first user with the given
15 Auth/MDB2.php
@@ -230,8 +230,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
230 230 $query .= $this->alias['auth_user_id'] . '='
231 231 . $this->dbc->quote($auth_user_id, $this->fields['auth_user_id']);
232 232 } else {
233   - $query .= $this->alias['handle'] . '='
234   - . $this->dbc->quote($handle, $this->fields['handle']);
  233 + if (!is_array($this->handles) || empty($this->handles)) {
  234 + $this->stack->push(
  235 + LIVEUSER_ERROR_CONFIG, 'exception',
  236 + array('reason' => 'No handle set in storage config.')
  237 + );
  238 + return false;
  239 + }
  240 + $handles = array();
  241 + foreach ($this->handles as $field) {
  242 + $handles[] = $this->alias[$field] . '=' .
  243 + $this->dbc->quote($handle, $this->fields[$field]);
  244 + }
  245 + $query .= '(' . implode(' OR ', $handles) . ')';
235 246
236 247 if (!is_null($this->tables['users']['fields']['passwd'])) {
237 248 // If $passwd is set, try to find the first user with the given
15 Auth/PDO.php
@@ -232,8 +232,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
232 232 $query .= $this->alias['auth_user_id'] . '='
233 233 . $this->dbc->quote($auth_user_id);
234 234 } else {
235   - $query .= $this->alias['handle'] . '='
236   - . $this->dbc->quote($handle);
  235 + if (!is_array($this->handles) || empty($this->handles)) {
  236 + $this->stack->push(
  237 + LIVEUSER_ERROR_CONFIG, 'exception',
  238 + array('reason' => 'No handle set in storage config.')
  239 + );
  240 + return false;
  241 + }
  242 + $handles = array();
  243 + foreach ($this->handles as $field) {
  244 + $handles[] = $this->alias[$field] . '=' .
  245 + $this->dbc->quote($handle);
  246 + }
  247 + $query .= '(' . implode(' OR ', $handles) . ')';
237 248
238 249 if (!is_null($this->tables['users']['fields']['passwd'])) {
239 250 // If $passwd is set, try to find the first user with the given
17 LiveUser.php
@@ -417,7 +417,8 @@ function LiveUser(&$debug)
417 417 * 'secret' => 'secret to use in password encryption',
418 418 * 'storage' => array(
419 419 * 'dbc' => 'db connection object, use this or dsn',
420   - * 'dsn' => 'database dsn, use this or connection',
  420 + * 'dsn' => 'database dsn, use this or connection',
  421 + * 'handles' => 'array of handle fields to find a user on login; works with DB, MDB, MDB2 and PDO containers',
421 422 * ),
422 423 * 'externalValues' => array(
423 424 * 'values' => 'reference to an array',
@@ -715,7 +716,7 @@ function classExists($classname)
715 716 *
716 717 * @param array|file Conf array or file path to configuration
717 718 * @param string Name of array containing the configuration
718   - * @return bool true on success or false on failure
  719 + * @return bool true on success or false on failure
719 720 *
720 721 * @access public
721 722 * @see LiveUser::factory
@@ -725,15 +726,15 @@ function readConfig(&$conf)
725 726 // probably a futile attempt at working out reference issues in arrays
726 727 $options = $conf;
727 728
728   - if (array_key_exists('debug', $conf) && !is_object($conf['debug'])) {
  729 + if (array_key_exists('debug', $conf) && is_object($conf['debug'])) {
729 730 $options['debug'] = true;
730 731 }
731 732 if (array_key_exists('authContainers', $conf)) {
732   - $this->_authContainers = $conf['authContainers'];
  733 + $this->_authContainers =& $conf['authContainers'];
733 734 unset($options['authContainers']);
734 735 }
735 736 if (array_key_exists('permContainer', $conf)) {
736   - $this->_permContainer = $conf['permContainer'];
  737 + $this->_permContainer =& $conf['permContainer'];
737 738 unset($options['permContainer']);
738 739 }
739 740
@@ -820,7 +821,7 @@ function &PEARLogFactory(&$log)
820 821 * @param string the encryption mode
821 822 * @return string The decrypted password
822 823 */
823   - function decryptPW($encryptedPW, $passwordEncryptionMode)
  824 + function decryptPW($encryptedPW, $passwordEncryptionMode, $secret)
824 825 {
825 826 if (empty($encryptedPW) && $encryptedPW !== 0) {
826 827 return '';
@@ -833,7 +834,7 @@ function decryptPW($encryptedPW, $passwordEncryptionMode)
833 834 }
834 835
835 836 if ($passwordEncryptionMode === 'rc4') {
836   - return LiveUser::cryptRC4($decryptedPW, $this->secret, false);
  837 + return LiveUser::cryptRC4($decryptedPW, $secret, false);
837 838 }
838 839
839 840 PEAR_ErrorStack::staticPush('LiveUser', LIVEUSER_ERROR_NOT_SUPPORTED, 'error', array(),
@@ -1763,4 +1764,4 @@ function statusMessage($value = null)
1763 1764 ? $statusMessages[$value] : $statusMessages[LIVEUSER_STATUS_UNKNOWN];
1764 1765 }
1765 1766 }
1766   -?>
  1767 +?>

0 comments on commit a30b2a8

Please sign in to comment.
Something went wrong with that request. Please try again.