- fixed another issue with bug #7564

- added support for user defined handle fields
- fixed parameter $secret for LiveUser::decryptPW()


git-svn-id: http://svn.php.net/repository/pear/packages/LiveUser/trunk@218199 c90b9560-bf6c-de11-be94-00142212c4b1

Auth/Common.php

@@ -160,6 +160,14 @@ class LiveUser_Auth_Common
      */
     var $externalValues = array();
 
+    /**
+     * A list of handle fields that are used to find a user.
+     *
+     * @var    array
+     * @access public
+     */
+    var $handles = array('handle');
+
     /**
      * Table configuration
      *

Auth/DB.php

@@ -208,8 +208,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
             $query .= $this->alias['auth_user_id'] . '='
                 . $this->dbc->quoteSmart($auth_user_id);
         } else {
-            $query .= $this->alias['handle'] . '='
-                . $this->dbc->quoteSmart($handle);
+            if (!is_array($this->handles) || empty($this->handles)) {
+                $this->stack->push(
+                    LIVEUSER_ERROR_CONFIG, 'exception',
+                    array('reason' => 'No handle set in storage config.')
+                );
+                return false;
+            }
+            $handles = array();
+            foreach ($this->handles as $field) {
+                $handles[] = $this->alias[$field] . '=' .
+                    $this->dbc->quoteSmart($handle);
+            }
+            $query .= '(' . implode(' OR ', $handles) . ')';
 
             if (!is_null($this->tables['users']['fields']['passwd'])) {
                 // If $passwd is set, try to find the first user with the given

Auth/MDB.php

@@ -221,8 +221,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
             $query .= $this->alias['auth_user_id'] . '='
                 . $this->dbc->getValue($this->fields['auth_user_id'], $auth_user_id);
         } else {
-            $query .= $this->alias['handle'] . '='
-                . $this->dbc->getValue($this->fields['handle'], $handle);
+            if (!is_array($this->handles) || empty($this->handles)) {
+                $this->stack->push(
+                    LIVEUSER_ERROR_CONFIG, 'exception',
+                    array('reason' => 'No handle set in storage config.')
+                );
+                return false;
+            }
+            $handles = array();
+            foreach ($this->handles as $field) {
+                $handles[] = $this->alias[$field] . '=' .
+                    $this->dbc->getValue($this->fields[$field], $handle);
+            }
+            $query .= '(' . implode(' OR ', $handles) . ')';
 
             if (!is_null($this->tables['users']['fields']['passwd'])) {
                 // If $passwd is set, try to find the first user with the given

Auth/MDB2.php

@@ -230,8 +230,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
             $query .= $this->alias['auth_user_id'] . '='
                 . $this->dbc->quote($auth_user_id, $this->fields['auth_user_id']);
         } else {
-            $query .= $this->alias['handle'] . '='
-                . $this->dbc->quote($handle, $this->fields['handle']);
+            if (!is_array($this->handles) || empty($this->handles)) {
+                $this->stack->push(
+                    LIVEUSER_ERROR_CONFIG, 'exception',
+                    array('reason' => 'No handle set in storage config.')
+                );
+                return false;
+            }
+            $handles = array();
+            foreach ($this->handles as $field) {
+                $handles[] = $this->alias[$field] . '=' .
+                    $this->dbc->quote($handle, $this->fields[$field]);
+            }
+            $query .= '(' . implode(' OR ', $handles) . ')';
 
             if (!is_null($this->tables['users']['fields']['passwd'])) {
                 // If $passwd is set, try to find the first user with the given

Auth/PDO.php

@@ -232,8 +232,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
             $query .= $this->alias['auth_user_id'] . '='
                 . $this->dbc->quote($auth_user_id);
         } else {
-            $query .= $this->alias['handle'] . '='
-                . $this->dbc->quote($handle);
+            if (!is_array($this->handles) || empty($this->handles)) {
+                $this->stack->push(
+                    LIVEUSER_ERROR_CONFIG, 'exception',
+                    array('reason' => 'No handle set in storage config.')
+                );
+                return false;
+            }
+            $handles = array();
+            foreach ($this->handles as $field) {
+                $handles[] = $this->alias[$field] . '=' .
+                    $this->dbc->quote($handle);
+            }
+            $query .= '(' . implode(' OR ', $handles) . ')';
 
             if (!is_null($this->tables['users']['fields']['passwd'])) {
                 // If $passwd is set, try to find the first user with the given

LiveUser.php

@@ -417,7 +417,8 @@ function LiveUser(&$debug)
      *            'secret'                => 'secret to use in password encryption',
      *            'storage' => array(
      *                'dbc' => 'db connection object, use this or dsn',
-     *                'dsn'        => 'database dsn, use this or connection',
+     *                'dsn' => 'database dsn, use this or connection',
+     *                'handles' => 'array of handle fields to find a user on login; works with DB, MDB, MDB2 and PDO containers',
      *           ),
      *           'externalValues' => array(
      *                  'values'      => 'reference to an array',
@@ -715,7 +716,7 @@ function classExists($classname)
      *
      * @param  array|file  Conf array or file path to configuration
      * @param  string      Name of array containing the configuration
-     * @return bool     true on success or false on failure
+     * @return bool        true on success or false on failure
      *
      * @access public
      * @see    LiveUser::factory
@@ -725,15 +726,15 @@ function readConfig(&$conf)
         // probably a futile attempt at working out reference issues in arrays
         $options = $conf;
 
-        if (array_key_exists('debug', $conf) && !is_object($conf['debug'])) {
+        if (array_key_exists('debug', $conf) && is_object($conf['debug'])) {
             $options['debug'] = true;
         }
         if (array_key_exists('authContainers', $conf)) {
-            $this->_authContainers = $conf['authContainers'];
+            $this->_authContainers =& $conf['authContainers'];
             unset($options['authContainers']);
         }
         if (array_key_exists('permContainer', $conf)) {
-            $this->_permContainer = $conf['permContainer'];
+            $this->_permContainer =& $conf['permContainer'];
             unset($options['permContainer']);
         }
 
@@ -820,7 +821,7 @@ function &PEARLogFactory(&$log)
      * @param  string the encryption mode
      * @return string The decrypted password
      */
-    function decryptPW($encryptedPW, $passwordEncryptionMode)
+    function decryptPW($encryptedPW, $passwordEncryptionMode, $secret)
     {
         if (empty($encryptedPW) && $encryptedPW !== 0) {
             return '';
@@ -833,7 +834,7 @@ function decryptPW($encryptedPW, $passwordEncryptionMode)
         }
 
         if ($passwordEncryptionMode === 'rc4') {
-            return LiveUser::cryptRC4($decryptedPW, $this->secret, false);
+            return LiveUser::cryptRC4($decryptedPW, $secret, false);
         }
 
         PEAR_ErrorStack::staticPush('LiveUser', LIVEUSER_ERROR_NOT_SUPPORTED, 'error', array(),
@@ -1763,4 +1764,4 @@ function statusMessage($value = null)
             ? $statusMessages[$value] : $statusMessages[LIVEUSER_STATUS_UNKNOWN];
     }
 }
-?>
+?>