WebSVN – Applications.papyrus – Diff – /trunk/api/pear/Auth/Container/MDB2.php


<?php
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
 
/**
 * Storage driver for use against PEAR MDB2
 *
 * PHP versions 4 and 5
 *
 * LICENSE: This source file is subject to version 3.01 of the PHP license
 * that is available through the world-wide-web at the following URI:
 * http://www.php.net/license/3_01.txt.  If you did not receive a copy of
 * the PHP License and are unable to obtain it through the web, please
 * send a note to license@php.net so we can mail you a copy immediately.
 *
 * @category   Authentication
 * @package    Auth
 * @author     Lorenzo Alberton <l.alberton@quipo.it>
 * @author     Adam Ashley <aashley@php.net>
 * @copyright  2001-2006 The PHP Group
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
 * @version    CVS: $Id: MDB2.php,v 1.2 2007-11-19 15:11:00 jp_milcent Exp $
 * @link       http://pear.php.net/package/Auth
 * @since      File available since Release 1.3.0
 */
 
/**
 * Include Auth_Container base class
 */
require_once 'Auth/Container.php';
/**
 * Include PEAR MDB2 package
 */
require_once 'MDB2.php';
 
/**
 * Storage driver for fetching login data from a database
 *
 * This storage driver can use all databases which are supported
 * by the PEAR MDB2 abstraction layer to fetch login data.
 *
 * @category   Authentication
 * @package    Auth
 * @author     Lorenzo Alberton <l.alberton@quipo.it>
 * @author     Adam Ashley <aashley@php.net>
 * @copyright  2001-2006 The PHP Group
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
 * @version    Release: 1.5.4  File: $Revision: 1.2 $
 * @link       http://pear.php.net/package/Auth
 * @since      Class available since Release 1.3.0
 */
class Auth_Container_MDB2 extends Auth_Container
{
 
    // {{{ properties
 
    /**
     * Additional options for the storage container
     * @var array
     */
    var $options = array();
 
    /**
     * MDB object
     * @var object
     */
    var $db = null;
    var $dsn = '';
 
    /**
     * User that is currently selected from the DB.
     * @var string
     */
    var $activeUser = '';
 
    // }}}
    // {{{ Auth_Container_MDB2() [constructor]
 
    /**
     * Constructor of the container class
     *
     * Initate connection to the database via PEAR::MDB2
     *
     * @param  string Connection data or MDB2 object
     * @return object Returns an error object if something went wrong
     */
    function Auth_Container_MDB2($dsn)
    {
        $this->_setDefaults();
 
        if (is_array($dsn)) {
            $this->_parseOptions($dsn);
            if (empty($this->options['dsn'])) {
                PEAR::raiseError('No connection parameters specified!');
            }
        } else {
            $this->options['dsn'] = $dsn;
        }
    }
 
    // }}}
    // {{{ _connect()
 
    /**
     * Connect to database by using the given DSN string
     *
     * @access private
     * @param  mixed DSN string | array | mdb object
     * @return mixed  Object on error, otherwise bool
     */
    function _connect($dsn)
    {
        $this->log('Auth_Container_MDB2::_connect() called.', AUTH_LOG_DEBUG);
        if (is_string($dsn) || is_array($dsn)) {
            $this->db =& MDB2::connect($dsn, $this->options['db_options']);
        } elseif (is_subclass_of($dsn, 'MDB2_Driver_Common')) {
            $this->db = $dsn;
        } elseif (is_object($dsn) && MDB2::isError($dsn)) {
            return PEAR::raiseError($dsn->getMessage(), $dsn->code);
        } else {
            return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,
                                    41,
                                    PEAR_ERROR_RETURN,
                                    null,
                                    null
                                    );
 
        }
 
        if (MDB2::isError($this->db) || PEAR::isError($this->db)) {
            return PEAR::raiseError($this->db->getMessage(), $this->db->code);
        }
 
        if ($this->options['auto_quote']) {
            $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table'], true);
            $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol'], true);
            $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol'], true);
        } else {
            $this->options['final_table'] = $this->options['table'];
            $this->options['final_usernamecol'] = $this->options['usernamecol'];
            $this->options['final_passwordcol'] = $this->options['passwordcol'];
        }
 
        return true;
    }
 
    // }}}
    // {{{ _prepare()
 
    /**
     * Prepare database connection
     *
     * This function checks if we have already opened a connection to
     * the database. If that's not the case, a new connection is opened.
     *
     * @access private
     * @return mixed True or a MDB error object.
     */
    function _prepare()
    {
        if (is_subclass_of($this->db, 'MDB2_Driver_Common')) {
            return true;
        }
        return $this->_connect($this->options['dsn']);
    }
 
    // }}}
    // {{{ query()
 
    /**
     * Prepare query to the database
     *
     * This function checks if we have already opened a connection to
     * the database. If that's not the case, a new connection is opened.
     * After that the query is passed to the database.
     *
     * @access public
     * @param  string Query string
     * @return mixed  a MDB_result object or MDB_OK on success, a MDB
     *                or PEAR error on failure
     */
    function query($query)
    {
        $this->log('Auth_Container_MDB2::query() called.', AUTH_LOG_DEBUG);
        $err = $this->_prepare();
        if ($err !== true) {
            return $err;
        }
        return $this->db->exec($query);
    }
 
    // }}}
    // {{{ _setDefaults()
 
    /**
     * Set some default options
     *
     * @access private
     * @return void
     */
    function _setDefaults()
    {
        $this->options['table']       = 'auth';
        $this->options['usernamecol'] = 'username';
        $this->options['passwordcol'] = 'password';
        $this->options['dsn']         = '';
        $this->options['db_fields']   = '';
        $this->options['cryptType']   = 'md5';
        $this->options['db_options']  = array();
        $this->options['db_where']    = '';
        $this->options['auto_quote']  = true;
    }
 
    // }}}
    // {{{ _parseOptions()
 
    /**
     * Parse options passed to the container class
     *
     * @access private
     * @param  array
     */
    function _parseOptions($array)
    {
        foreach ($array as $key => $value) {
            if (isset($this->options[$key])) {
                $this->options[$key] = $value;
            }
        }
    }
 
    // }}}
    // {{{ _quoteDBFields()
 
    /**
     * Quote the db_fields option to avoid the possibility of SQL injection.
     *
     * @access private
     * @return string A properly quoted string that can be concatenated into a
     * SELECT clause.
     */
    function _quoteDBFields()
    {
        if (isset($this->options['db_fields'])) {
            if (is_array($this->options['db_fields'])) {
                if ($this->options['auto_quote']) {
                    $fields = array();
                    foreach ($this->options['db_fields'] as $field) {
                        $fields[] = $this->db->quoteIdentifier($field, true);
                    }
                    return implode(', ', $fields);
                } else {
                    return implode(', ', $this->options['db_fields']);
                }
            } else {
                if (strlen($this->options['db_fields']) > 0) {
                    if ($this->options['auto_quote']) {
                        return $this->db->quoteIdentifier($this->options['db_fields'], true);
                    } else {
                        return $this->options['db_fields'];
                    }
                }
            }
        }
 
        return '';
    }
 
    // }}}
    // {{{ fetchData()
 
    /**
     * Get user information from database
     *
     * This function uses the given username to fetch
     * the corresponding login data from the database
     * table. If an account that matches the passed username
     * and password is found, the function returns true.
     * Otherwise it returns false.
     *
     * @param   string Username
     * @param   string Password
     * @param   boolean If true password is secured using a md5 hash
     *                  the frontend and auth are responsible for making sure the container supports
     *                  challenge response password authentication
     * @return  mixed  Error object or boolean
     */
    function fetchData($username, $password, $isChallengeResponse=false)
    {
        $this->log('Auth_Container_MDB2::fetchData() called.', AUTH_LOG_DEBUG);
        // Prepare for a database query
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        //Check if db_fields contains a *, if so assume all columns are selected
        if (is_string($this->options['db_fields'])
            && strstr($this->options['db_fields'], '*')) {
            $sql_from = '*';
        } else {
            $sql_from = $this->options['final_usernamecol'].
                ", ".$this->options['final_passwordcol'];
 
            if (strlen($fields = $this->_quoteDBFields()) > 0) {
                $sql_from .= ', '.$fields;
            }
        }
        $query = sprintf("SELECT %s FROM %s WHERE %s = %s",
                         $sql_from,
                         $this->options['final_table'],
                         $this->options['final_usernamecol'],
                         $this->db->quote($username, 'text')
                         );
 
        // check if there is an optional parameter db_where
        if ($this->options['db_where'] != '') {
            // there is one, so add it to the query
            $query .= " AND ".$this->options['db_where'];
        }
 
        $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->db->queryRow($query, null, MDB2_FETCHMODE_ASSOC);
        if (MDB2::isError($res) || PEAR::isError($res)) {
            return PEAR::raiseError($res->getMessage(), $res->getCode());
        }
        if (!is_array($res)) {
            $this->activeUser = '';
            return false;
        }
 
        // Perform trimming here before the hashing
        $password = trim($password, "\r\n");
        $res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n");
        // If using Challenge Response md5 the pass with the secret
        if ($isChallengeResponse) {
            $res[$this->options['passwordcol']] =
                md5($res[$this->options['passwordcol']].$this->_auth_obj->session['loginchallenege']);
            // UGLY cannot avoid without modifying verifyPassword
            if ($this->options['cryptType'] == 'md5') {
                $res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]);
            }
        }
        if ($this->verifyPassword($password,
                                  $res[$this->options['passwordcol']],
                                  $this->options['cryptType'])) {
            // Store additional field values in the session
            foreach ($res as $key => $value) {
                if ($key == $this->options['passwordcol'] ||
                    $key == $this->options['usernamecol']) {
                    continue;
                }
 
                $this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG);
 
                // Use reference to the auth object if exists
                // This is because the auth session variable can change so a static call to setAuthData does not make sense
                $this->_auth_obj->setAuthData($key, $value);
            }
            return true;
        }
 
        $this->activeUser = $res[$this->options['usernamecol']];
        return false;
    }
 
    // }}}
    // {{{ listUsers()
 
    /**
     * Returns a list of users from the container
     *
     * @return mixed array|PEAR_Error
     * @access public
     */
    function listUsers()
    {
        $this->log('Auth_Container_MDB2::listUsers() called.', AUTH_LOG_DEBUG);
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        $retVal = array();
 
        //Check if db_fields contains a *, if so assume all columns are selected
        if (   is_string($this->options['db_fields'])
            && strstr($this->options['db_fields'], '*')) {
            $sql_from = '*';
        } else {
            $sql_from = $this->options['final_usernamecol'].
                ", ".$this->options['final_passwordcol'];
 
            if (strlen($fields = $this->_quoteDBFields()) > 0) {
                $sql_from .= ', '.$fields;
            }
        }
 
        $query = sprintf('SELECT %s FROM %s',
                         $sql_from,
                         $this->options['final_table']
                         );
 
        // check if there is an optional parameter db_where
        if ($this->options['db_where'] != '') {
            // there is one, so add it to the query
            $query .= " WHERE ".$this->options['db_where'];
        }
 
        $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->db->queryAll($query, null, MDB2_FETCHMODE_ASSOC);
        if (MDB2::isError($res)) {
            return PEAR::raiseError($res->getMessage(), $res->getCode());
        } else {
            foreach ($res as $user) {
                $user['username'] = $user[$this->options['usernamecol']];
                $retVal[] = $user;
            }
        }
        $this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG);
        return $retVal;
    }
 
    // }}}
    // {{{ addUser()
 
    /**
     * Add user to the storage container
     *
     * @access public
     * @param  string Username
     * @param  string Password
     * @param  mixed  Additional information that are stored in the DB
     *
     * @return mixed True on success, otherwise error object
     */
    function addUser($username, $password, $additional = "")
    {
        $this->log('Auth_Container_MDB2::addUser() called.', AUTH_LOG_DEBUG);
 
        // Prepare for a database query
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        if (isset($this->options['cryptType']) && $this->options['cryptType'] == 'none') {
            $cryptFunction = 'strval';
        } elseif (isset($this->options['cryptType']) && function_exists($this->options['cryptType'])) {
            $cryptFunction = $this->options['cryptType'];
        } else {
            $cryptFunction = 'md5';
        }
 
        $password = $cryptFunction($password);
 
        $additional_key   = '';
        $additional_value = '';
 
        if (is_array($additional)) {
            foreach ($additional as $key => $value) {
                if ($this->options['auto_quote']) {
                    $additional_key   .= ', ' . $this->db->quoteIdentifier($key, true);
                } else {
                    $additional_key   .= ', ' . $key;
                }
                $additional_value .= ', ' . $this->db->quote($value, 'text');
            }
        }
 
        $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)",
                         $this->options['final_table'],
                         $this->options['final_usernamecol'],
                         $this->options['final_passwordcol'],
                         $additional_key,
                         $this->db->quote($username, 'text'),
                         $this->db->quote($password, 'text'),
                         $additional_value
                         );
 
        $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->query($query);
 
        if (MDB2::isError($res)) {
            return PEAR::raiseError($res->getMessage(), $res->code);
        }
        return true;
    }
 
    // }}}
    // {{{ removeUser()
 
    /**
     * Remove user from the storage container
     *
     * @access public
     * @param  string Username
     *
     * @return mixed True on success, otherwise error object
     */
    function removeUser($username)
    {
        $this->log('Auth_Container_MDB2::removeUser() called.', AUTH_LOG_DEBUG);
        // Prepare for a database query
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        $query = sprintf("DELETE FROM %s WHERE %s = %s",
                         $this->options['final_table'],
                         $this->options['final_usernamecol'],
                         $this->db->quote($username, 'text')
                         );
 
        // check if there is an optional parameter db_where
        if ($this->options['db_where'] != '') {
            // there is one, so add it to the query
            $query .= " AND ".$this->options['db_where'];
        }
 
        $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->query($query);
 
        if (MDB2::isError($res)) {
            return PEAR::raiseError($res->getMessage(), $res->code);
        }
        return true;
    }
 
    // }}}
    // {{{ changePassword()
 
    /**
     * Change password for user in the storage container
     *
     * @param string Username
     * @param string The new password (plain text)
     */
    function changePassword($username, $password)
    {
        $this->log('Auth_Container_MDB2::changePassword() called.', AUTH_LOG_DEBUG);
        // Prepare for a database query
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        if (isset($this->options['cryptType']) && $this->options['cryptType'] == 'none') {
            $cryptFunction = 'strval';
        } elseif (isset($this->options['cryptType']) && function_exists($this->options['cryptType'])) {
            $cryptFunction = $this->options['cryptType'];
        } else {
            $cryptFunction = 'md5';
        }
 
        $password = $cryptFunction($password);
 
        $query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s",
                         $this->options['final_table'],
                         $this->options['final_passwordcol'],
                         $this->db->quote($password, 'text'),
                         $this->options['final_usernamecol'],
                         $this->db->quote($username, 'text')
                         );
 
        // check if there is an optional parameter db_where
        if ($this->options['db_where'] != '') {
            // there is one, so add it to the query
            $query .= " AND ".$this->options['db_where'];
        }
 
        $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->query($query);
 
        if (MDB2::isError($res)) {
            return PEAR::raiseError($res->getMessage(), $res->code);
        }
        return true;
    }
 
    // }}}
    // {{{ supportsChallengeResponse()
 
    /**
     * Determine if this container supports
     * password authentication with challenge response
     *
     * @return bool
     * @access public
     */
    function supportsChallengeResponse()
    {
        return in_array($this->options['cryptType'], array('md5', 'none', ''));
    }
 
    // }}}
    // {{{ getCryptType()
 
    /**
     * Returns the selected crypt type for this container
     *
     * @return string Function used to crypt the password
     */
    function getCryptType()
    {
        return $this->options['cryptType'];
    }
 
    // }}}
 
}
?>

Rev 1173	Rev 1713
1	`<?php`	1	`<?php`
2	`/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */`	2	`/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */`
3		3
4	`/**`	4	`/**`
5	`* Storage driver for use against PEAR MDB2`	5	`* Storage driver for use against PEAR MDB2`
6	`*`	6	`*`
7	`* PHP versions 4 and 5`	7	`* PHP versions 4 and 5`
8	`*`	8	`*`
9	`* LICENSE: This source file is subject to version 3.01 of the PHP license`	9	`* LICENSE: This source file is subject to version 3.01 of the PHP license`
10	`* that is available through the world-wide-web at the following URI:`	10	`* that is available through the world-wide-web at the following URI:`
11	`* http://www.php.net/license/3_01.txt. If you did not receive a copy of`	11	`* http://www.php.net/license/3_01.txt. If you did not receive a copy of`
12	`* the PHP License and are unable to obtain it through the web, please`	12	`* the PHP License and are unable to obtain it through the web, please`
13	`* send a note to license@php.net so we can mail you a copy immediately.`	13	`* send a note to license@php.net so we can mail you a copy immediately.`
14	`*`	14	`*`
15	`* @category Authentication`	15	`* @category Authentication`
16	`* @package Auth`	16	`* @package Auth`
17	`* @author Lorenzo Alberton <l.alberton@quipo.it>`	17	`* @author Lorenzo Alberton <l.alberton@quipo.it>`
18	`* @author Adam Ashley <aashley@php.net>`	18	`* @author Adam Ashley <aashley@php.net>`
19	`* @copyright 2001-2006 The PHP Group`	19	`* @copyright 2001-2006 The PHP Group`
20	`* @license http://www.php.net/license/3_01.txt PHP License 3.01`	20	`* @license http://www.php.net/license/3_01.txt PHP License 3.01`
21	`* @version CVS: $Id: MDB2.php,v 1.1 2006-12-14 15:04:28 jp_milcent Exp $`	21	`* @version CVS: $Id: MDB2.php,v 1.2 2007-11-19 15:11:00 jp_milcent Exp $`
22	`* @link http://pear.php.net/package/Auth`	22	`* @link http://pear.php.net/package/Auth`
23	`* @since File available since Release 1.3.0`	23	`* @since File available since Release 1.3.0`
24	`*/`	24	`*/`
25		25
26	`/**`	26	`/**`
27	`* Include Auth_Container base class`	27	`* Include Auth_Container base class`
28	`*/`	28	`*/`
29	`require_once 'Auth/Container.php';`	29	`require_once 'Auth/Container.php';`
30	`/**`	30	`/**`
31	`* Include PEAR MDB2 package`	31	`* Include PEAR MDB2 package`
32	`*/`	32	`*/`
33	`require_once 'MDB2.php';`	33	`require_once 'MDB2.php';`
34		34
35	`/**`	35	`/**`
36	`* Storage driver for fetching login data from a database`	36	`* Storage driver for fetching login data from a database`
37	`*`	37	`*`
38	`* This storage driver can use all databases which are supported`	38	`* This storage driver can use all databases which are supported`
39	`* by the PEAR MDB2 abstraction layer to fetch login data.`	39	`* by the PEAR MDB2 abstraction layer to fetch login data.`
40	`*`	40	`*`
41	`* @category Authentication`	41	`* @category Authentication`
42	`* @package Auth`	42	`* @package Auth`
43	`* @author Lorenzo Alberton <l.alberton@quipo.it>`	43	`* @author Lorenzo Alberton <l.alberton@quipo.it>`
44	`* @author Adam Ashley <aashley@php.net>`	44	`* @author Adam Ashley <aashley@php.net>`
45	`* @copyright 2001-2006 The PHP Group`	45	`* @copyright 2001-2006 The PHP Group`
46	`* @license http://www.php.net/license/3_01.txt PHP License 3.01`	46	`* @license http://www.php.net/license/3_01.txt PHP License 3.01`
47	`* @version Release: 1.4.3 File: $Revision: 1.1 $`	47	`* @version Release: 1.5.4 File: $Revision: 1.2 $`
48	`* @link http://pear.php.net/package/Auth`	48	`* @link http://pear.php.net/package/Auth`
49	`* @since Class available since Release 1.3.0`	49	`* @since Class available since Release 1.3.0`
50	`*/`	50	`*/`
51	`class Auth_Container_MDB2 extends Auth_Container`	51	`class Auth_Container_MDB2 extends Auth_Container`
52	`{`	52	`{`
53		53
54	`// {{{ properties`	54	`// {{{ properties`
55		55
56	`/**`	56	`/**`
57	`* Additional options for the storage container`	57	`* Additional options for the storage container`
58	`* @var array`	58	`* @var array`
59	`*/`	59	`*/`
60	`var $options = array();`	60	`var $options = array();`
61		61
62	`/**`	62	`/**`
63	`* MDB object`	63	`* MDB object`
64	`* @var object`	64	`* @var object`
65	`*/`	65	`*/`
66	`var $db = null;`	66	`var $db = null;`
67	`var $dsn = '';`	67	`var $dsn = '';`
68		68
69	`/**`	69	`/**`
70	`* User that is currently selected from the DB.`	70	`* User that is currently selected from the DB.`
71	`* @var string`	71	`* @var string`
72	`*/`	72	`*/`
73	`var $activeUser = '';`	73	`var $activeUser = '';`
74		74
75	`// }}}`	75	`// }}}`
76	`// {{{ Auth_Container_MDB2() [constructor]`	76	`// {{{ Auth_Container_MDB2() [constructor]`
77		77
78	`/**`	78	`/**`
79	`* Constructor of the container class`	79	`* Constructor of the container class`
80	`*`	80	`*`
81	`* Initate connection to the database via PEAR::MDB2`	81	`* Initate connection to the database via PEAR::MDB2`
82	`*`	82	`*`
83	`* @param string Connection data or MDB2 object`	83	`* @param string Connection data or MDB2 object`
84	`* @return object Returns an error object if something went wrong`	84	`* @return object Returns an error object if something went wrong`
85	`*/`	85	`*/`
86	`function Auth_Container_MDB2($dsn)`	86	`function Auth_Container_MDB2($dsn)`
87	`{`	87	`{`
88	`$this->_setDefaults();`	88	`$this->_setDefaults();`
89		89
90	`if (is_array($dsn)) {`	90	`if (is_array($dsn)) {`
91	`$this->_parseOptions($dsn);`	91	`$this->_parseOptions($dsn);`
92	`if (empty($this->options['dsn'])) {`	92	`if (empty($this->options['dsn'])) {`
93	`PEAR::raiseError('No connection parameters specified!');`	93	`PEAR::raiseError('No connection parameters specified!');`
94	`}`	94	`}`
95	`} else {`	95	`} else {`
96	`$this->options['dsn'] = $dsn;`	96	`$this->options['dsn'] = $dsn;`
97	`}`	97	`}`
98	`}`	98	`}`
99		99
100	`// }}}`	100	`// }}}`
101	`// {{{ _connect()`	101	`// {{{ _connect()`
102		102
103	`/**`	103	`/**`
104	`* Connect to database by using the given DSN string`	104	`* Connect to database by using the given DSN string`
105	`*`	105	`*`
106	`* @access private`	106	`* @access private`
107	`* @param mixed DSN string \| array \| mdb object`	107	`* @param mixed DSN string \| array \| mdb object`
108	`* @return mixed Object on error, otherwise bool`	108	`* @return mixed Object on error, otherwise bool`
109	`*/`	109	`*/`
110	`function _connect($dsn)`	110	`function _connect($dsn)`
111	`{`	111	`{`
-		112	`$this->log('Auth_Container_MDB2::_connect() called.', AUTH_LOG_DEBUG);`
112	`if (is_string($dsn) \|\| is_array($dsn)) {`	113	`if (is_string($dsn) \|\| is_array($dsn)) {`
113	`$this->db =& MDB2::connect($dsn, $this->options['db_options']);`	114	`$this->db =& MDB2::connect($dsn, $this->options['db_options']);`
114	`} elseif (is_subclass_of($dsn, 'MDB2_Driver_Common')) {`	115	`} elseif (is_subclass_of($dsn, 'MDB2_Driver_Common')) {`
115	`$this->db = $dsn;`	116	`$this->db = $dsn;`
116	`} elseif (is_object($dsn) && MDB2::isError($dsn)) {`	117	`} elseif (is_object($dsn) && MDB2::isError($dsn)) {`
117	`return PEAR::raiseError($dsn->getMessage(), $dsn->code);`	118	`return PEAR::raiseError($dsn->getMessage(), $dsn->code);`
118	`} else {`	119	`} else {`
119	`return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,`	120	`return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,`
120	`41,`	121	`41,`
121	`PEAR_ERROR_RETURN,`	122	`PEAR_ERROR_RETURN,`
122	`null,`	123	`null,`
123	`null`	124	`null`
124	`);`	125	`);`
125		126
126	`}`	127	`}`
127		128
128	`if (MDB2::isError($this->db) \|\| PEAR::isError($this->db)) {`	129	`if (MDB2::isError($this->db) \|\| PEAR::isError($this->db)) {`
129	`return PEAR::raiseError($this->db->getMessage(), $this->db->code);`	130	`return PEAR::raiseError($this->db->getMessage(), $this->db->code);`
130	`}`	131	`}`
131		132
132	`if ($this->options['auto_quote']) {`	133	`if ($this->options['auto_quote']) {`
133	`$this->options['final_table'] = $this->db->quoteIdentifier($this->options['table'], true);`	134	`$this->options['final_table'] = $this->db->quoteIdentifier($this->options['table'], true);`
134	`$this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol'], true);`	135	`$this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol'], true);`
135	`$this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol'], true);`	136	`$this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol'], true);`
136	`} else {`	137	`} else {`
137	`$this->options['final_table'] = $this->options['table'];`	138	`$this->options['final_table'] = $this->options['table'];`
138	`$this->options['final_usernamecol'] = $this->options['usernamecol'];`	139	`$this->options['final_usernamecol'] = $this->options['usernamecol'];`
139	`$this->options['final_passwordcol'] = $this->options['passwordcol'];`	140	`$this->options['final_passwordcol'] = $this->options['passwordcol'];`
140	`}`	141	`}`
141		142
142	`return true;`	143	`return true;`
143	`}`	144	`}`
144		145
145	`// }}}`	146	`// }}}`
146	`// {{{ _prepare()`	147	`// {{{ _prepare()`
147		148
148	`/**`	149	`/**`
149	`* Prepare database connection`	150	`* Prepare database connection`
150	`*`	151	`*`
151	`* This function checks if we have already opened a connection to`	152	`* This function checks if we have already opened a connection to`
152	`* the database. If that's not the case, a new connection is opened.`	153	`* the database. If that's not the case, a new connection is opened.`
153	`*`	154	`*`
154	`* @access private`	155	`* @access private`
155	`* @return mixed True or a MDB error object.`	156	`* @return mixed True or a MDB error object.`
156	`*/`	157	`*/`
157	`function _prepare()`	158	`function _prepare()`
158	`{`	159	`{`
159	`if (is_subclass_of($this->db, 'MDB2_Driver_Common')) {`	160	`if (is_subclass_of($this->db, 'MDB2_Driver_Common')) {`
160	`return true;`	161	`return true;`
161	`}`	162	`}`
162	`return $this->_connect($this->options['dsn']);`	163	`return $this->_connect($this->options['dsn']);`
163	`}`	164	`}`
164		165
165	`// }}}`	166	`// }}}`
166	`// {{{ query()`	167	`// {{{ query()`
167		168
168	`/**`	169	`/**`
169	`* Prepare query to the database`	170	`* Prepare query to the database`
170	`*`	171	`*`
171	`* This function checks if we have already opened a connection to`	172	`* This function checks if we have already opened a connection to`
172	`* the database. If that's not the case, a new connection is opened.`	173	`* the database. If that's not the case, a new connection is opened.`
173	`* After that the query is passed to the database.`	174	`* After that the query is passed to the database.`
174	`*`	175	`*`
175	`* @access public`	176	`* @access public`
176	`* @param string Query string`	177	`* @param string Query string`
177	`* @return mixed a MDB_result object or MDB_OK on success, a MDB`	178	`* @return mixed a MDB_result object or MDB_OK on success, a MDB`
178	`* or PEAR error on failure`	179	`* or PEAR error on failure`
179	`*/`	180	`*/`
180	`function query($query)`	181	`function query($query)`
181	`{`	182	`{`
-		183	`$this->log('Auth_Container_MDB2::query() called.', AUTH_LOG_DEBUG);`
182	`$err = $this->_prepare();`	184	`$err = $this->_prepare();`
183	`if ($err !== true) {`	185	`if ($err !== true) {`
184	`return $err;`	186	`return $err;`
185	`}`	187	`}`
186	`return $this->db->exec($query);`	188	`return $this->db->exec($query);`
187	`}`	189	`}`
188		190
189	`// }}}`	191	`// }}}`
190	`// {{{ _setDefaults()`	192	`// {{{ _setDefaults()`
191		193
192	`/**`	194	`/**`
193	`* Set some default options`	195	`* Set some default options`
194	`*`	196	`*`
195	`* @access private`	197	`* @access private`
196	`* @return void`	198	`* @return void`
197	`*/`	199	`*/`
198	`function _setDefaults()`	200	`function _setDefaults()`
199	`{`	201	`{`
200	`$this->options['table'] = 'auth';`	202	`$this->options['table'] = 'auth';`
201	`$this->options['usernamecol'] = 'username';`	203	`$this->options['usernamecol'] = 'username';`
202	`$this->options['passwordcol'] = 'password';`	204	`$this->options['passwordcol'] = 'password';`
203	`$this->options['dsn'] = '';`	205	`$this->options['dsn'] = '';`
204	`$this->options['db_fields'] = '';`	206	`$this->options['db_fields'] = '';`
205	`$this->options['cryptType'] = 'md5';`	207	`$this->options['cryptType'] = 'md5';`
206	`$this->options['db_options'] = array();`	208	`$this->options['db_options'] = array();`
-		209	`$this->options['db_where'] = '';`
207	`$this->options['auto_quote'] = true;`	210	`$this->options['auto_quote'] = true;`
208	`}`	211	`}`
209		212
210	`// }}}`	213	`// }}}`
211	`// {{{ _parseOptions()`	214	`// {{{ _parseOptions()`
212		215
213	`/**`	216	`/**`
214	`* Parse options passed to the container class`	217	`* Parse options passed to the container class`
215	`*`	218	`*`
216	`* @access private`	219	`* @access private`
217	`* @param array`	220	`* @param array`
218	`*/`	221	`*/`
219	`function _parseOptions($array)`	222	`function _parseOptions($array)`
220	`{`	223	`{`
221	`foreach ($array as $key => $value) {`	224	`foreach ($array as $key => $value) {`
222	`if (isset($this->options[$key])) {`	225	`if (isset($this->options[$key])) {`
223	`$this->options[$key] = $value;`	226	`$this->options[$key] = $value;`
224	`}`	227	`}`
225	`}`	228	`}`
226	`}`	229	`}`
227		230
228	`// }}}`	231	`// }}}`
229	`// {{{ _quoteDBFields()`	232	`// {{{ _quoteDBFields()`
230		233
231	`/**`	234	`/**`
232	`* Quote the db_fields option to avoid the possibility of SQL injection.`	235	`* Quote the db_fields option to avoid the possibility of SQL injection.`
233	`*`	236	`*`
234	`* @access private`	237	`* @access private`
235	`* @return string A properly quoted string that can be concatenated into a`	238	`* @return string A properly quoted string that can be concatenated into a`
236	`* SELECT clause.`	239	`* SELECT clause.`
237	`*/`	240	`*/`
238	`function _quoteDBFields()`	241	`function _quoteDBFields()`
239	`{`	242	`{`
240	`if (isset($this->options['db_fields'])) {`	243	`if (isset($this->options['db_fields'])) {`
241	`if (is_array($this->options['db_fields'])) {`	244	`if (is_array($this->options['db_fields'])) {`
242	`if ($this->options['auto_quote']) {`	245	`if ($this->options['auto_quote']) {`
243	`$fields = array();`	246	`$fields = array();`
244	`foreach ($this->options['db_fields'] as $field) {`	247	`foreach ($this->options['db_fields'] as $field) {`
245	`$fields[] = $this->db->quoteIdentifier($field, true);`	248	`$fields[] = $this->db->quoteIdentifier($field, true);`
246	`}`	249	`}`
247	`return implode(', ', $fields);`	250	`return implode(', ', $fields);`
248	`} else {`	251	`} else {`
249	`return implode(', ', $this->options['db_fields']);`	252	`return implode(', ', $this->options['db_fields']);`
250	`}`	253	`}`
251	`} else {`	254	`} else {`
252	`if (strlen($this->options['db_fields']) > 0) {`	255	`if (strlen($this->options['db_fields']) > 0) {`
253	`if ($this->options['auto_quote']) {`	256	`if ($this->options['auto_quote']) {`
254	`return $this->db->quoteIdentifier($this->options['db_fields'], true);`	257	`return $this->db->quoteIdentifier($this->options['db_fields'], true);`
255	`} else {`	258	`} else {`
256	`return $this->options['db_fields'];`	259	`return $this->options['db_fields'];`
257	`}`	260	`}`
258	`}`	261	`}`
259	`}`	262	`}`
260	`}`	263	`}`
261		264
262	`return '';`	265	`return '';`
263	`}`	266	`}`
264		267
265	`// }}}`	268	`// }}}`
266	`// {{{ fetchData()`	269	`// {{{ fetchData()`
267		270
268	`/**`	271	`/**`
269	`* Get user information from database`	272	`* Get user information from database`
270	`*`	273	`*`
271	`* This function uses the given username to fetch`	274	`* This function uses the given username to fetch`
272	`* the corresponding login data from the database`	275	`* the corresponding login data from the database`
273	`* table. If an account that matches the passed username`	276	`* table. If an account that matches the passed username`
274	`* and password is found, the function returns true.`	277	`* and password is found, the function returns true.`
275	`* Otherwise it returns false.`	278	`* Otherwise it returns false.`
276	`*`	279	`*`
277	`* @param string Username`	280	`* @param string Username`
278	`* @param string Password`	281	`* @param string Password`
279	`* @param boolean If true password is secured using a md5 hash`	282	`* @param boolean If true password is secured using a md5 hash`
280	`* the frontend and auth are responsible for making sure the container supports`	283	`* the frontend and auth are responsible for making sure the container supports`
281	`* challenge response password authentication`	284	`* challenge response password authentication`
282	`* @return mixed Error object or boolean`	285	`* @return mixed Error object or boolean`
283	`*/`	286	`*/`
284	`function fetchData($username, $password, $isChallengeResponse=false)`	287	`function fetchData($username, $password, $isChallengeResponse=false)`
285	`{`	288	`{`
-		289	`$this->log('Auth_Container_MDB2::fetchData() called.', AUTH_LOG_DEBUG);`
286	`// Prepare for a database query`	290	`// Prepare for a database query`
287	`$err = $this->_prepare();`	291	`$err = $this->_prepare();`
288	`if ($err !== true) {`	292	`if ($err !== true) {`
289	`return PEAR::raiseError($err->getMessage(), $err->getCode());`	293	`return PEAR::raiseError($err->getMessage(), $err->getCode());`
290	`}`	294	`}`
291		295
292	`//Check if db_fields contains a *, if so assume all columns are selected`	296	`//Check if db_fields contains a *, if so assume all columns are selected`
293	`if (is_string($this->options['db_fields'])`	297	`if (is_string($this->options['db_fields'])`
294	`&& strstr($this->options['db_fields'], '*')) {`	298	`&& strstr($this->options['db_fields'], '*')) {`
295	`$sql_from = '*';`	299	`$sql_from = '*';`
296	`} else {`	300	`} else {`
297	`$sql_from = $this->options['final_usernamecol'].`	301	`$sql_from = $this->options['final_usernamecol'].`
298	`", ".$this->options['final_passwordcol'];`	302	`", ".$this->options['final_passwordcol'];`
299		303
300	`if (strlen($fields = $this->_quoteDBFields()) > 0) {`	304	`if (strlen($fields = $this->_quoteDBFields()) > 0) {`
301	`$sql_from .= ', '.$fields;`	305	`$sql_from .= ', '.$fields;`
302	`}`	306	`}`
303	`}`	307	`}`
304	`$query = sprintf("SELECT %s FROM %s WHERE %s = %s",`	308	`$query = sprintf("SELECT %s FROM %s WHERE %s = %s",`
305	`$sql_from,`	309	`$sql_from,`
306	`$this->options['final_table'],`	310	`$this->options['final_table'],`
307	`$this->options['final_usernamecol'],`	311	`$this->options['final_usernamecol'],`
308	`$this->db->quote($username, 'text')`	312	`$this->db->quote($username, 'text')`
309	`);`	313	`);`
-		314
-		315	`// check if there is an optional parameter db_where`
-		316	`if ($this->options['db_where'] != '') {`
-		317	`// there is one, so add it to the query`
-		318	`$query .= " AND ".$this->options['db_where'];`
-		319	`}`
-		320
-		321	`$this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);`
310		322
311	`$res = $this->db->queryRow($query, null, MDB2_FETCHMODE_ASSOC);`	323	`$res = $this->db->queryRow($query, null, MDB2_FETCHMODE_ASSOC);`
312	`if (MDB2::isError($res) \|\| PEAR::isError($res)) {`	324	`if (MDB2::isError($res) \|\| PEAR::isError($res)) {`
313	`return PEAR::raiseError($res->getMessage(), $res->getCode());`	325	`return PEAR::raiseError($res->getMessage(), $res->getCode());`
314	`}`	326	`}`
315	`if (!is_array($res)) {`	327	`if (!is_array($res)) {`
316	`$this->activeUser = '';`	328	`$this->activeUser = '';`
317	`return false;`	329	`return false;`
318	`}`	330	`}`
319		331
320	`// Perform trimming here before the hashing`	332	`// Perform trimming here before the hashing`
321	`$password = trim($password, "\r\n");`	333	`$password = trim($password, "\r\n");`
322	`$res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n");`	334	`$res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n");`
323	`// If using Challenge Response md5 the pass with the secret`	335	`// If using Challenge Response md5 the pass with the secret`
324	`if ($isChallengeResponse) {`	336	`if ($isChallengeResponse) {`
325	`$res[$this->options['passwordcol']] =`	337	`$res[$this->options['passwordcol']] =`
326	`md5($res[$this->options['passwordcol']].$this->_auth_obj->session['loginchallenege']);`	338	`md5($res[$this->options['passwordcol']].$this->_auth_obj->session['loginchallenege']);`
327	`// UGLY cannot avoid without modifying verifyPassword`	339	`// UGLY cannot avoid without modifying verifyPassword`
328	`if ($this->options['cryptType'] == 'md5') {`	340	`if ($this->options['cryptType'] == 'md5') {`
329	`$res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]);`	341	`$res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]);`
330	`}`	342	`}`
331	`}`	343	`}`
332	`if ($this->verifyPassword($password,`	344	`if ($this->verifyPassword($password,`
333	`$res[$this->options['passwordcol']],`	345	`$res[$this->options['passwordcol']],`
334	`$this->options['cryptType'])) {`	346	`$this->options['cryptType'])) {`
335	`// Store additional field values in the session`	347	`// Store additional field values in the session`
336	`foreach ($res as $key => $value) {`	348	`foreach ($res as $key => $value) {`
337	`if ($key == $this->options['passwordcol'] \|\|`	349	`if ($key == $this->options['passwordcol'] \|\|`
338	`$key == $this->options['usernamecol']) {`	350	`$key == $this->options['usernamecol']) {`
339	`continue;`	351	`continue;`
340	`}`	352	`}`
-		353
-		354	`$this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG);`
-		355
341	`// Use reference to the auth object if exists`	356	`// Use reference to the auth object if exists`
342	`// This is because the auth session variable can change so a static call to setAuthData does not make sense`	357	`// This is because the auth session variable can change so a static call to setAuthData does not make sense`
343	`$this->_auth_obj->setAuthData($key, $value);`	358	`$this->_auth_obj->setAuthData($key, $value);`
344	`}`	359	`}`
345	`return true;`	360	`return true;`
346	`}`	361	`}`
347		362
348	`$this->activeUser = $res[$this->options['usernamecol']];`	363	`$this->activeUser = $res[$this->options['usernamecol']];`
349	`return false;`	364	`return false;`
350	`}`	365	`}`
351		366
352	`// }}}`	367	`// }}}`
353	`// {{{ listUsers()`	368	`// {{{ listUsers()`
354		369
355	`/**`	370	`/**`
356	`* Returns a list of users from the container`	371	`* Returns a list of users from the container`
357	`*`	372	`*`
358	`* @return mixed array\|PEAR_Error`	373	`* @return mixed array\|PEAR_Error`
359	`* @access public`	374	`* @access public`
360	`*/`	375	`*/`
361	`function listUsers()`	376	`function listUsers()`
362	`{`	377	`{`
-		378	`$this->log('Auth_Container_MDB2::listUsers() called.', AUTH_LOG_DEBUG);`
363	`$err = $this->_prepare();`	379	`$err = $this->_prepare();`
364	`if ($err !== true) {`	380	`if ($err !== true) {`
365	`return PEAR::raiseError($err->getMessage(), $err->getCode());`	381	`return PEAR::raiseError($err->getMessage(), $err->getCode());`
366	`}`	382	`}`
367		383
368	`$retVal = array();`	384	`$retVal = array();`
369		385
370	`//Check if db_fields contains a *, if so assume all columns are selected`	386	`//Check if db_fields contains a *, if so assume all columns are selected`
371	`if ( is_string($this->options['db_fields'])`	387	`if ( is_string($this->options['db_fields'])`
372	`&& strstr($this->options['db_fields'], '*')) {`	388	`&& strstr($this->options['db_fields'], '*')) {`
373	`$sql_from = '*';`	389	`$sql_from = '*';`
374	`} else {`	390	`} else {`
375	`$sql_from = $this->options['final_usernamecol'].`	391	`$sql_from = $this->options['final_usernamecol'].`
376	`", ".$this->options['final_passwordcol'];`	392	`", ".$this->options['final_passwordcol'];`
377		393
378	`if (strlen($fields = $this->_quoteDBFields()) > 0) {`	394	`if (strlen($fields = $this->_quoteDBFields()) > 0) {`
379	`$sql_from .= ', '.$fields;`	395	`$sql_from .= ', '.$fields;`
380	`}`	396	`}`
381	`}`	397	`}`
382		398
383	`$query = sprintf('SELECT %s FROM %s',`	399	`$query = sprintf('SELECT %s FROM %s',`
384	`$sql_from,`	400	`$sql_from,`
385	`$this->options['final_table']`	401	`$this->options['final_table']`
386	`);`	402	`);`
-		403
-		404	`// check if there is an optional parameter db_where`
-		405	`if ($this->options['db_where'] != '') {`
-		406	`// there is one, so add it to the query`
-		407	`$query .= " WHERE ".$this->options['db_where'];`
-		408	`}`
-		409
-		410	`$this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);`
387		411
388	`$res = $this->db->queryAll($query, null, MDB2_FETCHMODE_ASSOC);`	412	`$res = $this->db->queryAll($query, null, MDB2_FETCHMODE_ASSOC);`
389	`if (MDB2::isError($res)) {`	413	`if (MDB2::isError($res)) {`
390	`return PEAR::raiseError($res->getMessage(), $res->getCode());`	414	`return PEAR::raiseError($res->getMessage(), $res->getCode());`
391	`} else {`	415	`} else {`
392	`foreach ($res as $user) {`	416	`foreach ($res as $user) {`
393	`$user['username'] = $user[$this->options['usernamecol']];`	417	`$user['username'] = $user[$this->options['usernamecol']];`
394	`$retVal[] = $user;`	418	`$retVal[] = $user;`
395	`}`	419	`}`
396	`}`	420	`}`
-		421	`$this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG);`
397	`return $retVal;`	422	`return $retVal;`
398	`}`	423	`}`
399		424
400	`// }}}`	425	`// }}}`
401	`// {{{ addUser()`	426	`// {{{ addUser()`
402		427
403	`/**`	428	`/**`
404	`* Add user to the storage container`	429	`* Add user to the storage container`
405	`*`	430	`*`
406	`* @access public`	431	`* @access public`
407	`* @param string Username`	432	`* @param string Username`
408	`* @param string Password`	433	`* @param string Password`
409	`* @param mixed Additional information that are stored in the DB`	434	`* @param mixed Additional information that are stored in the DB`
410	`*`	435	`*`
411	`* @return mixed True on success, otherwise error object`	436	`* @return mixed True on success, otherwise error object`
412	`*/`	437	`*/`
413	`function addUser($username, $password, $additional = "")`	438	`function addUser($username, $password, $additional = "")`
414	`{`	439	`{`
-		440	`$this->log('Auth_Container_MDB2::addUser() called.', AUTH_LOG_DEBUG);`
415		441
416	`// Prepare for a database query`	442	`// Prepare for a database query`
417	`$err = $this->_prepare();`	443	`$err = $this->_prepare();`
418	`if ($err !== true) {`	444	`if ($err !== true) {`
419	`return PEAR::raiseError($err->getMessage(), $err->getCode());`	445	`return PEAR::raiseError($err->getMessage(), $err->getCode());`
420	`}`	446	`}`
421		447
422	`if (isset($this->options['cryptType']) && $this->options['cryptType'] == 'none') {`	448	`if (isset($this->options['cryptType']) && $this->options['cryptType'] == 'none') {`
423	`$cryptFunction = 'strval';`	449	`$cryptFunction = 'strval';`
424	`} elseif (isset($this->options['cryptType']) && function_exists($this->options['cryptType'])) {`	450	`} elseif (isset($this->options['cryptType']) && function_exists($this->options['cryptType'])) {`
425	`$cryptFunction = $this->options['cryptType'];`	451	`$cryptFunction = $this->options['cryptType'];`
426	`} else {`	452	`} else {`
427	`$cryptFunction = 'md5';`	453	`$cryptFunction = 'md5';`
428	`}`	454	`}`
429		455
430	`$password = $cryptFunction($password);`	456	`$password = $cryptFunction($password);`
431		457
432	`$additional_key = '';`	458	`$additional_key = '';`
433	`$additional_value = '';`	459	`$additional_value = '';`
434		460
435	`if (is_array($additional)) {`	461	`if (is_array($additional)) {`
436	`foreach ($additional as $key => $value) {`	462	`foreach ($additional as $key => $value) {`
437	`if ($this->options['auto_quote']) {`	463	`if ($this->options['auto_quote']) {`
438	`$additional_key .= ', ' . $this->db->quoteIdentifier($key, true);`	464	`$additional_key .= ', ' . $this->db->quoteIdentifier($key, true);`
439	`} else {`	465	`} else {`
440	`$additional_key .= ', ' . $key;`	466	`$additional_key .= ', ' . $key;`
441	`}`	467	`}`
442	`$additional_value .= ', ' . $this->db->quote($value, 'text');`	468	`$additional_value .= ', ' . $this->db->quote($value, 'text');`
443	`}`	469	`}`
444	`}`	470	`}`
445		471
446	`$query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)",`	472	`$query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)",`
447	`$this->options['final_table'],`	473	`$this->options['final_table'],`
448	`$this->options['final_usernamecol'],`	474	`$this->options['final_usernamecol'],`
449	`$this->options['final_passwordcol'],`	475	`$this->options['final_passwordcol'],`
450	`$additional_key,`	476	`$additional_key,`
451	`$this->db->quote($username, 'text'),`	477	`$this->db->quote($username, 'text'),`
452	`$this->db->quote($password, 'text'),`	478	`$this->db->quote($password, 'text'),`
453	`$additional_value`	479	`$additional_value`
454	`);`	480	`);`
-		481
-		482	`$this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);`
455		483
456	`$res = $this->query($query);`	484	`$res = $this->query($query);`
457		485
458	`if (MDB2::isError($res)) {`	486	`if (MDB2::isError($res)) {`
459	`return PEAR::raiseError($res->getMessage(), $res->code);`	487	`return PEAR::raiseError($res->getMessage(), $res->code);`
460	`}`	488	`}`
461	`return true;`	489	`return true;`
462	`}`	490	`}`
463		491
464	`// }}}`	492	`// }}}`
465	`// {{{ removeUser()`	493	`// {{{ removeUser()`
466		494
467	`/**`	495	`/**`
468	`* Remove user from the storage container`	496	`* Remove user from the storage container`
469	`*`	497	`*`
470	`* @access public`	498	`* @access public`
471	`* @param string Username`	499	`* @param string Username`
472	`*`	500	`*`

Subversion Repositories Applications.papyrus

(root)/trunk/api/pear/Auth/Container/MDB2.php @ 2150 – Rev 1173 → 1713