New file |
0,0 → 1,409 |
<?php |
// |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Martin Jansen <mj@php.net> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: DB.php,v 1.40 2003/11/15 13:37:26 yavo Exp $ |
// |
|
require_once 'Auth/Container.php'; |
require_once 'DB.php'; |
|
/** |
* Storage driver for fetching login data from a database |
* |
* This storage driver can use all databases which are supported |
* by the PEAR DB abstraction layer to fetch login data. |
* |
* @author Martin Jansen <mj@php.net> |
* @package Auth |
* @version $Revision: 1.40 $ |
*/ |
class Auth_Container_DB extends Auth_Container |
{ |
|
/** |
* Additional options for the storage container |
* @var array |
*/ |
var $options = array(); |
|
/** |
* DB object |
* @var object |
*/ |
var $db = null; |
var $dsn = ''; |
|
/** |
* User that is currently selected from the DB. |
* @var string |
*/ |
var $activeUser = ''; |
|
// {{{ Constructor |
|
/** |
* Constructor of the container class |
* |
* Initate connection to the database via PEAR::DB |
* |
* @param string Connection data or DB object |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_DB($dsn) |
{ |
$this->_setDefaults(); |
|
if (is_array($dsn)) { |
$this->_parseOptions($dsn); |
|
if (empty($this->options['dsn'])) { |
PEAR::raiseError('No connection parameters specified!'); |
} |
} else { |
$this->options['dsn'] = $dsn; |
} |
} |
|
// }}} |
// {{{ _connect() |
|
/** |
* Connect to database by using the given DSN string |
* |
* @access private |
* @param string DSN string |
* @return mixed Object on error, otherwise bool |
*/ |
function _connect($dsn) |
{ |
if (is_string($dsn) || is_array($dsn)) { |
$this->db = DB::Connect($dsn); |
} elseif (get_parent_class($dsn) == "db_common") { |
$this->db = $dsn; |
} elseif (DB::isError($dsn)) { |
return PEAR::raiseError($dsn->getMessage(), $dsn->getCode()); |
} else { |
return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__, |
41, |
PEAR_ERROR_RETURN, |
null, |
null |
); |
} |
|
if (DB::isError($this->db) || PEAR::isError($this->db)) { |
return PEAR::raiseError($this->db->getMessage(), $this->db->getCode()); |
} else { |
return true; |
} |
} |
|
// }}} |
// {{{ _prepare() |
|
/** |
* Prepare database connection |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* |
* @access private |
* @return mixed True or a DB error object. |
*/ |
function _prepare() |
{ |
if (!DB::isConnection($this->db)) { |
$res = $this->_connect($this->options['dsn']); |
if(DB::isError($res) || PEAR::isError($res)){ |
return $res; |
} |
} |
return true; |
} |
|
// }}} |
// {{{ query() |
|
/** |
* Prepare query to the database |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* After that the query is passed to the database. |
* |
* @access public |
* @param string Query string |
* @return mixed a DB_result object or DB_OK on success, a DB |
* or PEAR error on failure |
*/ |
function query($query) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return $err; |
} |
return $this->db->query($query); |
} |
|
// }}} |
// {{{ _setDefaults() |
|
/** |
* Set some default options |
* |
* @access private |
* @return void |
*/ |
function _setDefaults() |
{ |
$this->options['table'] = 'auth'; |
$this->options['usernamecol'] = 'username'; |
$this->options['passwordcol'] = 'password'; |
$this->options['dsn'] = ''; |
$this->options['db_fields'] = ''; |
$this->options['cryptType'] = 'md5'; |
} |
|
// }}} |
// {{{ _parseOptions() |
|
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
foreach ($array as $key => $value) { |
if (isset($this->options[$key])) { |
$this->options[$key] = $value; |
} |
} |
|
/* Include additional fields if they exist */ |
if(!empty($this->options['db_fields'])){ |
if(is_array($this->options['db_fields'])){ |
$this->options['db_fields'] = join($this->options['db_fields'], ', '); |
} |
$this->options['db_fields'] = ', '.$this->options['db_fields']; |
} |
} |
|
// }}} |
// {{{ fetchData() |
|
/** |
* Get user information from database |
* |
* This function uses the given username to fetch |
* the corresponding login data from the database |
* table. If an account that matches the passed username |
* and password is found, the function returns true. |
* Otherwise it returns false. |
* |
* @param string Username |
* @param string Password |
* @return mixed Error object or boolean |
*/ |
function fetchData($username, $password) |
{ |
// Prepare for a database query |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
|
// Find if db_fileds contains a *, i so assume all col are selected |
if(strstr($this->options['db_fields'], '*')){ |
$sql_from = "*"; |
} |
else{ |
$sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; |
} |
/** |
Old Style, removed to go around the oci8 |
problem |
See bug 206 |
http://pear.php.net/bugs/bug.php?id=206 |
|
$query = "SELECT ! FROM ! WHERE ! = ?"; |
$query_params = array( |
$sql_from, |
$this->options['table'], |
$this->options['usernamecol'], |
$username |
); |
*/ |
|
$query = "SELECT ".$sql_from. |
" FROM ".$this->options['table']. |
" WHERE ".$this->options['usernamecol']." = '".$this->db->quoteString($username)."'"; |
|
$res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC); |
|
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} |
if (!is_array($res)) { |
$this->activeUser = ''; |
return false; |
} |
if ($this->verifyPassword(trim($password, "\r\n"), |
trim($res[$this->options['passwordcol']], "\r\n"), |
$this->options['cryptType'])) { |
// Store additional field values in the session |
foreach ($res as $key => $value) { |
if ($key == $this->options['passwordcol'] || |
$key == $this->options['usernamecol']) { |
continue; |
} |
// Use reference to the auth object if exists |
// This is because the auth session variable can change so a static call to setAuthData does not make sence |
if(is_object($this->_auth_obj)){ |
$this->_auth_obj->setAuthData($key, $value); |
} else { |
Auth::setAuthData($key, $value); |
} |
} |
|
return true; |
} |
|
$this->activeUser = $res[$this->options['usernamecol']]; |
return false; |
} |
|
// }}} |
// {{{ listUsers() |
|
function listUsers() |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
|
$retVal = array(); |
|
// Find if db_fileds contains a *, i so assume all col are selected |
if(strstr($this->options['db_fields'], '*')){ |
$sql_from = "*"; |
} |
else{ |
$sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; |
} |
|
$query = sprintf("SELECT %s FROM %s", |
$sql_from, |
$this->options['table'] |
); |
$res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC); |
|
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
foreach ($res as $user) { |
$user['username'] = $user[$this->options['usernamecol']]; |
$retVal[] = $user; |
} |
} |
return $retVal; |
} |
|
// }}} |
// {{{ addUser() |
|
/** |
* Add user to the storage container |
* |
* @access public |
* @param string Username |
* @param string Password |
* @param mixed Additional information that are stored in the DB |
* |
* @return mixed True on success, otherwise error object |
*/ |
function addUser($username, $password, $additional = "") |
{ |
if (function_exists($this->options['cryptType'])) { |
$cryptFunction = $this->options['cryptType']; |
} else { |
$cryptFunction = 'md5'; |
} |
|
$additional_key = ''; |
$additional_value = ''; |
|
if (is_array($additional)) { |
foreach ($additional as $key => $value) { |
$additional_key .= ', ' . $key; |
$additional_value .= ", '" . $value . "'"; |
} |
} |
|
$query = sprintf("INSERT INTO %s (%s, %s%s) VALUES ('%s', '%s'%s)", |
$this->options['table'], |
$this->options['usernamecol'], |
$this->options['passwordcol'], |
$additional_key, |
$username, |
$cryptFunction($password), |
$additional_value |
); |
|
$res = $this->query($query); |
|
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
return true; |
} |
} |
|
// }}} |
// {{{ removeUser() |
|
/** |
* Remove user from the storage container |
* |
* @access public |
* @param string Username |
* |
* @return mixed True on success, otherwise error object |
*/ |
function removeUser($username) |
{ |
$query = sprintf("DELETE FROM %s WHERE %s = '%s'", |
$this->options['table'], |
$this->options['usernamecol'], |
$username |
); |
|
$res = $this->query($query); |
|
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
return true; |
} |
} |
|
// }}} |
} |
?> |