Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

- fixed another issue with bug #7564

- added support for user defined handle fields
- fixed parameter $secret for LiveUser::decryptPW()


git-svn-id: http://svn.php.net/repository/pear/packages/LiveUser/trunk@218199 c90b9560-bf6c-de11-be94-00142212c4b1
  • Loading branch information...
commit a30b2a857f272f3701da48a202b2c25215180d95 1 parent f9c8cc5
Matthias Nothhaft authored
View
8 Auth/Common.php
@@ -161,6 +161,14 @@ class LiveUser_Auth_Common
var $externalValues = array();
/**
+ * A list of handle fields that are used to find a user.
+ *
+ * @var array
+ * @access public
+ */
+ var $handles = array('handle');
+
+ /**
* Table configuration
*
* @var array
View
15 Auth/DB.php
@@ -208,8 +208,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
$query .= $this->alias['auth_user_id'] . '='
. $this->dbc->quoteSmart($auth_user_id);
} else {
- $query .= $this->alias['handle'] . '='
- . $this->dbc->quoteSmart($handle);
+ if (!is_array($this->handles) || empty($this->handles)) {
+ $this->stack->push(
+ LIVEUSER_ERROR_CONFIG, 'exception',
+ array('reason' => 'No handle set in storage config.')
+ );
+ return false;
+ }
+ $handles = array();
+ foreach ($this->handles as $field) {
+ $handles[] = $this->alias[$field] . '=' .
+ $this->dbc->quoteSmart($handle);
+ }
+ $query .= '(' . implode(' OR ', $handles) . ')';
if (!is_null($this->tables['users']['fields']['passwd'])) {
// If $passwd is set, try to find the first user with the given
View
15 Auth/MDB.php
@@ -221,8 +221,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
$query .= $this->alias['auth_user_id'] . '='
. $this->dbc->getValue($this->fields['auth_user_id'], $auth_user_id);
} else {
- $query .= $this->alias['handle'] . '='
- . $this->dbc->getValue($this->fields['handle'], $handle);
+ if (!is_array($this->handles) || empty($this->handles)) {
+ $this->stack->push(
+ LIVEUSER_ERROR_CONFIG, 'exception',
+ array('reason' => 'No handle set in storage config.')
+ );
+ return false;
+ }
+ $handles = array();
+ foreach ($this->handles as $field) {
+ $handles[] = $this->alias[$field] . '=' .
+ $this->dbc->getValue($this->fields[$field], $handle);
+ }
+ $query .= '(' . implode(' OR ', $handles) . ')';
if (!is_null($this->tables['users']['fields']['passwd'])) {
// If $passwd is set, try to find the first user with the given
View
15 Auth/MDB2.php
@@ -230,8 +230,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
$query .= $this->alias['auth_user_id'] . '='
. $this->dbc->quote($auth_user_id, $this->fields['auth_user_id']);
} else {
- $query .= $this->alias['handle'] . '='
- . $this->dbc->quote($handle, $this->fields['handle']);
+ if (!is_array($this->handles) || empty($this->handles)) {
+ $this->stack->push(
+ LIVEUSER_ERROR_CONFIG, 'exception',
+ array('reason' => 'No handle set in storage config.')
+ );
+ return false;
+ }
+ $handles = array();
+ foreach ($this->handles as $field) {
+ $handles[] = $this->alias[$field] . '=' .
+ $this->dbc->quote($handle, $this->fields[$field]);
+ }
+ $query .= '(' . implode(' OR ', $handles) . ')';
if (!is_null($this->tables['users']['fields']['passwd'])) {
// If $passwd is set, try to find the first user with the given
View
15 Auth/PDO.php
@@ -232,8 +232,19 @@ function readUserData($handle = '', $passwd = '', $auth_user_id = false)
$query .= $this->alias['auth_user_id'] . '='
. $this->dbc->quote($auth_user_id);
} else {
- $query .= $this->alias['handle'] . '='
- . $this->dbc->quote($handle);
+ if (!is_array($this->handles) || empty($this->handles)) {
+ $this->stack->push(
+ LIVEUSER_ERROR_CONFIG, 'exception',
+ array('reason' => 'No handle set in storage config.')
+ );
+ return false;
+ }
+ $handles = array();
+ foreach ($this->handles as $field) {
+ $handles[] = $this->alias[$field] . '=' .
+ $this->dbc->quote($handle);
+ }
+ $query .= '(' . implode(' OR ', $handles) . ')';
if (!is_null($this->tables['users']['fields']['passwd'])) {
// If $passwd is set, try to find the first user with the given
View
17 LiveUser.php
@@ -417,7 +417,8 @@ function LiveUser(&$debug)
* 'secret' => 'secret to use in password encryption',
* 'storage' => array(
* 'dbc' => 'db connection object, use this or dsn',
- * 'dsn' => 'database dsn, use this or connection',
+ * 'dsn' => 'database dsn, use this or connection',
+ * 'handles' => 'array of handle fields to find a user on login; works with DB, MDB, MDB2 and PDO containers',
* ),
* 'externalValues' => array(
* 'values' => 'reference to an array',
@@ -715,7 +716,7 @@ function classExists($classname)
*
* @param array|file Conf array or file path to configuration
* @param string Name of array containing the configuration
- * @return bool true on success or false on failure
+ * @return bool true on success or false on failure
*
* @access public
* @see LiveUser::factory
@@ -725,15 +726,15 @@ function readConfig(&$conf)
// probably a futile attempt at working out reference issues in arrays
$options = $conf;
- if (array_key_exists('debug', $conf) && !is_object($conf['debug'])) {
+ if (array_key_exists('debug', $conf) && is_object($conf['debug'])) {
$options['debug'] = true;
}
if (array_key_exists('authContainers', $conf)) {
- $this->_authContainers = $conf['authContainers'];
+ $this->_authContainers =& $conf['authContainers'];
unset($options['authContainers']);
}
if (array_key_exists('permContainer', $conf)) {
- $this->_permContainer = $conf['permContainer'];
+ $this->_permContainer =& $conf['permContainer'];
unset($options['permContainer']);
}
@@ -820,7 +821,7 @@ function &PEARLogFactory(&$log)
* @param string the encryption mode
* @return string The decrypted password
*/
- function decryptPW($encryptedPW, $passwordEncryptionMode)
+ function decryptPW($encryptedPW, $passwordEncryptionMode, $secret)
{
if (empty($encryptedPW) && $encryptedPW !== 0) {
return '';
@@ -833,7 +834,7 @@ function decryptPW($encryptedPW, $passwordEncryptionMode)
}
if ($passwordEncryptionMode === 'rc4') {
- return LiveUser::cryptRC4($decryptedPW, $this->secret, false);
+ return LiveUser::cryptRC4($decryptedPW, $secret, false);
}
PEAR_ErrorStack::staticPush('LiveUser', LIVEUSER_ERROR_NOT_SUPPORTED, 'error', array(),
@@ -1763,4 +1764,4 @@ function statusMessage($value = null)
? $statusMessages[$value] : $statusMessages[LIVEUSER_STATUS_UNKNOWN];
}
}
-?>
+?>
Please sign in to comment.
Something went wrong with that request. Please try again.