Subversion Repositories Applications.papyrus

Rev

Rev 320 | Rev 1713 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 320 Rev 1173
Line 1... Line 1...
1 
<?php
 1 
<?php
2 
//
 - 
 
3 
// +----------------------------------------------------------------------+
 - 
 
4 
// | PHP Version 4                                                        |
 - 
 
5 
// +----------------------------------------------------------------------+
 - 
 
6 
// |                                                                      |
 - 
 
7 
// +----------------------------------------------------------------------+
 - 
 
8 
// | This source file is subject to version 2.02 of the PHP license,      |
 - 
 
9 
// | that is bundled with this package in the file LICENSE, and is        |
 - 
 
10 
// | available at through the world-wide-web at                           |
 - 
 
11 
// | http://www.php.net/license/2_02.txt.                                 |
 - 
 
12 
// | If you did not receive a copy of the PHP license and are unable to   |
 - 
 
13 
// | obtain it through the world-wide-web, please send a note to          |
 - 
 
14 
// | license@php.net so we can mail you a copy immediately.               |
 2 
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
15 
// +----------------------------------------------------------------------+
 - 
 
16 
// | Authors: Martin Jansen <mj@php.net>                                  |
 - 
 
17 
// +----------------------------------------------------------------------+
 - 
 
18 
//
 - 
 
19 
// $Id: DB.php,v 1.1 2005-03-30 08:50:33 jpm Exp $
 - 
 
20 
//
 - 
 
Line -... Line 3...
- 
 
 3 
 
- 
 
 4 
/**
- 
 
 5 
 * Storage driver for use against PEAR DB
- 
 
 6 
 *
- 
 
 7 
 * PHP versions 4 and 5
- 
 
 8 
 *
- 
 
 9 
 * LICENSE: This source file is subject to version 3.01 of the PHP license
- 
 
 10 
 * that is available through the world-wide-web at the following URI:
- 
 
 11 
 * http://www.php.net/license/3_01.txt.  If you did not receive a copy of
- 
 
 12 
 * the PHP License and are unable to obtain it through the web, please
- 
 
 13 
 * send a note to license@php.net so we can mail you a copy immediately.
- 
 
 14 
 *
- 
 
 15 
 * @category   Authentication
- 
 
 16 
 * @package    Auth
- 
 
 17 
 * @author     Martin Jansen <mj@php.net>
- 
 
 18 
 * @author     Adam Ashley <aashley@php.net>
- 
 
 19 
 * @copyright  2001-2006 The PHP Group
- 
 
 20 
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
- 
 
 21 
 * @version    CVS: $Id: DB.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $
- 
 
 22 
 * @link       http://pear.php.net/package/Auth
- 
 
 23 
 */
- 
 
 24 
 
- 
 
 25 
/**
- 
 
 26 
 * Include Auth_Container base class
21 
 
 27 
 */
- 
 
 28 
require_once 'Auth/Container.php';
- 
 
 29 
/**
- 
 
 30 
 * Include PEAR DB
22 
require_once 'Auth/Container.php';
 31 
 */
Line 23... Line 32...
23 
require_once 'DB.php';
 32 
require_once 'DB.php';
24 
 
 33 
 
25 
/**
 34 
/**
26 
 * Storage driver for fetching login data from a database
 35 
 * Storage driver for fetching login data from a database
27 
 *
 36 
 *
28 
 * This storage driver can use all databases which are supported
 37 
 * This storage driver can use all databases which are supported
29 
 * by the PEAR DB abstraction layer to fetch login data.
 38 
 * by the PEAR DB abstraction layer to fetch login data.
30 
 *
 39 
 *
- 
 
 40 
 * @category   Authentication
- 
 
 41 
 * @package    Auth
- 
 
 42 
 * @author     Martin Jansen <mj@php.net>
- 
 
 43 
 * @author     Adam Ashley <aashley@php.net>
31 
 * @author   Martin Jansen <mj@php.net>
 44 
 * @copyright  2001-2006 The PHP Group
- 
 
 45 
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
32 
 * @package  Auth
 46 
 * @version    Release: 1.4.3  File: $Revision: 1.2 $
33 
 * @version  $Revision: 1.1 $
 47 
 * @link       http://pear.php.net/package/Auth
34 
 */
 48 
 */
Line -... Line 49...
- 
 
 49 
class Auth_Container_DB extends Auth_Container
- 
 
 50 
{
35 
class Auth_Container_DB extends Auth_Container
 51 
 
36 
{
 52 
    // {{{ properties
37 
 
 53 
 
38 
    /**
 54 
    /**
39 
     * Additional options for the storage container
 55 
     * Additional options for the storage container
Line 52... Line 68...
52 
     * User that is currently selected from the DB.
 68 
     * User that is currently selected from the DB.
53 
     * @var string
 69 
     * @var string
54 
     */
 70 
     */
55 
    var $activeUser = '';
 71 
    var $activeUser = '';
Line -... Line 72...
- 
 
 72 
 
56 
 
 73 
    // }}}
Line 57... Line 74...
57 
    // {{{ Constructor
 74 
    // {{{ Auth_Container_DB [constructor]
58 
 
 75 
 
59 
    /**
 76 
    /**
60 
     * Constructor of the container class
 77 
     * Constructor of the container class
- 
 
 78 
     *
61 
     *
 79 
     * Save the initial options passed to the container. Initiation of the DB
62 
     * Initate connection to the database via PEAR::DB
 80 
     * connection is no longer performed here and is only done when needed.
63 
     *
 81 
     *
64 
     * @param  string Connection data or DB object
 82 
     * @param  string Connection data or DB object
65 
     * @return object Returns an error object if something went wrong
 83 
     * @return object Returns an error object if something went wrong
Line 90... Line 108...
90 
     * @return mixed  Object on error, otherwise bool
 108 
     * @return mixed  Object on error, otherwise bool
91 
     */
 109 
     */
92 
    function _connect($dsn)
 110 
    function _connect($dsn)
93 
    {
 111 
    {
94 
        if (is_string($dsn) || is_array($dsn)) {
 112 
        if (is_string($dsn) || is_array($dsn)) {
95 
            $this->db = DB::Connect($dsn);
 113 
            $this->db = DB::Connect($dsn, $this->options['db_options']);
96 
        } elseif (get_parent_class($dsn) == "db_common") {
 114 
        } elseif (is_subclass_of($dsn, 'db_common')) {
97 
            $this->db = $dsn;
 115 
            $this->db = $dsn;
98 
        } elseif (DB::isError($dsn)) {
 116 
        } elseif (DB::isError($dsn)) {
99 
            return PEAR::raiseError($dsn->getMessage(), $dsn->getCode());
 117 
            return PEAR::raiseError($dsn->getMessage(), $dsn->getCode());
100 
        } else {
 118 
        } else {
101 
            return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,
 119 
            return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,
Line 131... Line 149...
131 
            $res = $this->_connect($this->options['dsn']);
 149 
            $res = $this->_connect($this->options['dsn']);
132 
            if(DB::isError($res) || PEAR::isError($res)){
 150 
            if (DB::isError($res) || PEAR::isError($res)) {
133 
                return $res;
 151 
                return $res;
134 
            }
 152 
            }
135 
        }
 153 
        }
- 
 
 154 
        if ($this->options['auto_quote'] && $this->db->dsn['phptype'] != 'sqlite') {
- 
 
 155 
            $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']);
- 
 
 156 
            $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']);
- 
 
 157 
            $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']);
- 
 
 158 
        } else {
- 
 
 159 
            $this->options['final_table'] = $this->options['table'];
- 
 
 160 
            $this->options['final_usernamecol'] = $this->options['usernamecol'];
- 
 
 161 
            $this->options['final_passwordcol'] = $this->options['passwordcol'];
- 
 
 162 
        }
136 
        return true;
 163 
        return true;
137 
    }
 164 
    }
Line 138... Line 165...
138 
 
 165 
 
139 
    // }}}
 166 
    // }}}
Line 175... Line 202...
175 
        $this->options['usernamecol'] = 'username';
 202 
        $this->options['usernamecol'] = 'username';
176 
        $this->options['passwordcol'] = 'password';
 203 
        $this->options['passwordcol'] = 'password';
177 
        $this->options['dsn']         = '';
 204 
        $this->options['dsn']         = '';
178 
        $this->options['db_fields']   = '';
 205 
        $this->options['db_fields']   = '';
179 
        $this->options['cryptType']   = 'md5';
 206 
        $this->options['cryptType']   = 'md5';
- 
 
 207 
        $this->options['db_options']  = array();
- 
 
 208 
        $this->options['auto_quote']  = true;
180 
    }
 209 
    }
Line 181... Line 210...
181 
 
 210 
 
182 
    // }}}
 211 
    // }}}
Line 193... Line 222...
193 
        foreach ($array as $key => $value) {
 222 
        foreach ($array as $key => $value) {
194 
            if (isset($this->options[$key])) {
 223 
            if (isset($this->options[$key])) {
195 
                $this->options[$key] = $value;
 224 
                $this->options[$key] = $value;
196 
            }
 225 
            }
197 
        }
 226 
        }
- 
 
 227 
    }
Line -... Line 228...
- 
 
 228 
 
- 
 
 229 
    // }}}
- 
 
 230 
    // {{{ _quoteDBFields()
- 
 
 231 
 
198 
 
 232 
    /**
- 
 
 233 
     * Quote the db_fields option to avoid the possibility of SQL injection.
- 
 
 234 
     *
- 
 
 235 
     * @access private
- 
 
 236 
     * @return string A properly quoted string that can be concatenated into a
- 
 
 237 
     * SELECT clause.
- 
 
 238 
     */
- 
 
 239 
    function _quoteDBFields()
199 
        /* Include additional fields if they exist */
 240 
    {
200 
        if(!empty($this->options['db_fields'])){
 241 
        if (isset($this->options['db_fields'])) {
- 
 
 242 
            if (is_array($this->options['db_fields'])) {
- 
 
 243 
                if ($this->options['auto_quote']) {
201 
            if(is_array($this->options['db_fields'])){
 244 
                    $fields = array();
- 
 
 245 
                    foreach ($this->options['db_fields'] as $field) {
202 
                $this->options['db_fields'] = join($this->options['db_fields'], ', ');
 246 
                        $fields[] = $this->db->quoteIdentifier($field);
- 
 
 247 
                    }
- 
 
 248 
                    return implode(', ', $fields);
203 
            }
 249 
                } else {
- 
 
 250 
                    return implode(', ', $this->options['db_fields']);
- 
 
 251 
                }
- 
 
 252 
            } else {
- 
 
 253 
                if (strlen($this->options['db_fields']) > 0) {
- 
 
 254 
                    if ($this->options['auto_quote']) {
- 
 
 255 
                        return $this->db->quoteIdentifier($this->options['db_fields']);
- 
 
 256 
                    } else {
204 
            $this->options['db_fields'] = ', '.$this->options['db_fields'];
 257 
                        return $this->options['db_fields'];
205 
        }
 258 
                    }
- 
 
 259 
                }
- 
 
 260 
            }
- 
 
 261 
        }
- 
 
 262 
 
- 
 
 263 
        return '';
Line 206... Line 264...
206 
    }
 264 
    }
207 
 
 265
Line 208... Line 266...
208 
    // }}}
 266 
    // }}}
Line 217... Line 275...
217 
     * and password is found, the function returns true.
 275 
     * and password is found, the function returns true.
218 
     * Otherwise it returns false.
 276 
     * Otherwise it returns false.
219 
     *
 277 
     *
220 
     * @param   string Username
 278 
     * @param   string Username
221 
     * @param   string Password
 279 
     * @param   string Password
- 
 
 280 
     * @param   boolean If true password is secured using a md5 hash
- 
 
 281 
     *                  the frontend and auth are responsible for making sure the container supports
- 
 
 282 
     *                  challenge response password authentication
222 
     * @return  mixed  Error object or boolean
 283 
     * @return  mixed  Error object or boolean
223 
     */
 284 
     */
224 
    function fetchData($username, $password)
 285 
    function fetchData($username, $password, $isChallengeResponse=false)
225 
    {
 286 
    {
226 
        // Prepare for a database query
 287 
        // Prepare for a database query
227 
        $err = $this->_prepare();
 288 
        $err = $this->_prepare();
228 
        if ($err !== true) {
 289 
        if ($err !== true) {
229 
            return PEAR::raiseError($err->getMessage(), $err->getCode());
 290 
            return PEAR::raiseError($err->getMessage(), $err->getCode());
230 
        }
 291 
        }
Line 231... Line 292...
231 
 
 292 
 
- 
 
 293 
        // Find if db_fields contains a *, if so assume all columns are selected
232 
        // Find if db_fileds contains a *, i so assume all col are selected
 294 
        if (is_string($this->options['db_fields'])
233 
        if(strstr($this->options['db_fields'], '*')){
 295 
            && strstr($this->options['db_fields'], '*')) {
- 
 
 296 
            $sql_from = "*";
- 
 
 297 
        } else {
- 
 
 298 
            $sql_from = $this->options['final_usernamecol'].
- 
 
 299 
                ", ".$this->options['final_passwordcol'];
- 
 
 300 
 
- 
 
 301 
            if (strlen($fields = $this->_quoteDBFields()) > 0) {
234 
            $sql_from = "*";
 302 
                $sql_from .= ', '.$fields;
235 
        }
 - 
 
236 
        else{
 - 
 
237 
            $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields'];
 303 
            }
238 
        }
 - 
 
239 
        /**
 - 
 
240 
         Old Style, removed to go around the oci8
- 
 
241 
         problem
- 
 
242 
         See bug 206
 - 
 
243 
         http://pear.php.net/bugs/bug.php?id=206
 - 
 
244
- 
 
245 
        $query = "SELECT ! FROM ! WHERE ! = ?";
 - 
 
246 
        $query_params = array(
 - 
 
247 
                         $sql_from,
 - 
 
248 
                         $this->options['table'],
 - 
 
249 
                         $this->options['usernamecol'],
 - 
 
250 
                         $username
 - 
 
251 
                         );
 - 
 
Line 252... Line 304...
252 
        */
 304 
        }
253
305 
 
254 
        $query = "SELECT ".$sql_from.
 306 
        $query = "SELECT ".$sql_from.
Line 255... Line 307...
255 
                " FROM ".$this->options['table'].
 307 
                " FROM ".$this->options['final_table'].
Line 256... Line 308...
256 
                " WHERE ".$this->options['usernamecol']." = '".$this->db->quoteString($username)."'";
 308 
                " WHERE ".$this->options['final_usernamecol']." = ".$this->db->quoteSmart($username);
257
309 
 
258 
        $res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC);
 310 
        $res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC);
- 
 
 311 
 
259 
 
 312 
        if (DB::isError($res)) {
260 
        if (DB::isError($res)) {
 313 
            return PEAR::raiseError($res->getMessage(), $res->getCode());
261 
            return PEAR::raiseError($res->getMessage(), $res->getCode());
 314 
        }
262 
        }
 315 
 
- 
 
 316 
        if (!is_array($res)) {
- 
 
 317 
            $this->activeUser = '';
- 
 
 318 
            return false;
- 
 
 319 
        }
- 
 
 320 
 
- 
 
 321 
        // Perform trimming here before the hashihg
- 
 
 322 
        $password = trim($password, "\r\n");
- 
 
 323 
        $res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n");
- 
 
 324 
 
- 
 
 325 
        // If using Challenge Response md5 the pass with the secret
- 
 
 326 
        if ($isChallengeResponse) {
- 
 
 327 
            $res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]
- 
 
 328 
                    .$this->_auth_obj->session['loginchallenege']);
- 
 
 329
- 
 
 330 
            // UGLY cannot avoid without modifying verifyPassword
- 
 
 331 
            if ($this->options['cryptType'] == 'md5') {
- 
 
 332 
                $res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]);
- 
 
 333 
            }
263 
        if (!is_array($res)) {
 334
264 
            $this->activeUser = '';
 335 
            //print " Hashed Password [{$res[$this->options['passwordcol']]}]<br/>\n";
265 
            return false;
 336 
        }
266 
        }
 337 
 
267 
        if ($this->verifyPassword(trim($password, "\r\n"),
 338 
        if ($this->verifyPassword($password,
268 
                                  trim($res[$this->options['passwordcol']], "\r\n"),
 339 
                                  $res[$this->options['passwordcol']],
269 
                                  $this->options['cryptType'])) {
 340 
                                  $this->options['cryptType'])) {
270 
            // Store additional field values in the session
 341 
            // Store additional field values in the session
271 
            foreach ($res as $key => $value) {
 342 
            foreach ($res as $key => $value) {
272 
                if ($key == $this->options['passwordcol'] ||
 343 
                if ($key == $this->options['passwordcol'] ||
273 
                    $key == $this->options['usernamecol']) {
 344 
                    $key == $this->options['usernamecol']) {
274 
                    continue;
 345 
                    continue;
275 
                }
 346 
                }
276 
                // Use reference to the auth object if exists
 - 
 
277 
                // This is because the auth session variable can change so a static call to setAuthData does not make sence
 - 
 
278 
                if(is_object($this->_auth_obj)){
 - 
 
279 
                    $this->_auth_obj->setAuthData($key, $value);
 347 
                // Use reference to the auth object if exists
280 
                } else {
 - 
 
281 
                    Auth::setAuthData($key, $value);
 348 
                // This is because the auth session variable can change so a
282 
                }
 349 
                // static call to setAuthData does not make sence
283 
            }
 - 
 
284 
 
 350 
                $this->_auth_obj->setAuthData($key, $value);
285 
            return true;
 351 
            }
286 
        }
 352 
            return true;
Line 287... Line 353...
287 
 
 353 
        }
288 
        $this->activeUser = $res[$this->options['usernamecol']];
 354 
        $this->activeUser = $res[$this->options['usernamecol']];
Line -... Line 355...
- 
 
 355 
        return false;
- 
 
 356 
    }
- 
 
 357 
 
- 
 
 358 
    // }}}
- 
 
 359 
    // {{{ listUsers()
- 
 
 360 
 
289 
        return false;
 361 
    /**
290 
    }
 362 
     * Returns a list of users from the container
291 
 
 363 
     *
292 
    // }}}
 364 
     * @return mixed
293 
    // {{{ listUsers()
 365 
     * @access public
294 
 
 366 
     */
Line 295... Line 367...
295 
    function listUsers()
 367 
    function listUsers()
Line 296... Line 368...
296 
    {
 368 
    {
- 
 
 369 
        $err = $this->_prepare();
297 
        $err = $this->_prepare();
 370 
        if ($err !== true) {
298 
        if ($err !== true) {
 371 
            return PEAR::raiseError($err->getMessage(), $err->getCode());
- 
 
 372 
        }
- 
 
 373 
 
- 
 
 374 
        $retVal = array();
- 
 
 375 
 
- 
 
 376 
        // Find if db_fields contains a *, if so assume all col are selected
- 
 
 377 
        if (   is_string($this->options['db_fields'])
299 
            return PEAR::raiseError($err->getMessage(), $err->getCode());
 378 
            && strstr($this->options['db_fields'], '*')) {
300 
        }
 - 
 
301 
 
 - 
 
302 
        $retVal = array();
 379 
            $sql_from = "*";
Line 303... Line 380...
303 
 
 380 
        } else {
304 
        // Find if db_fileds contains a *, i so assume all col are selected
 381 
            $sql_from = $this->options['final_usernamecol'].
305 
        if(strstr($this->options['db_fields'], '*')){
 382 
                ", ".$this->options['final_passwordcol'];
306 
            $sql_from = "*";
 383 
 
307 
        }
 384 
            if (strlen($fields = $this->_quoteDBFields()) > 0) {
Line 308... Line 385...
308 
        else{
 385 
                $sql_from .= ', '.$fields;
309 
            $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields'];
 386 
            }
Line 339... Line 416...
339 
     *
 416 
     *
340 
     * @return mixed True on success, otherwise error object
 417 
     * @return mixed True on success, otherwise error object
341 
     */
 418 
     */
342 
    function addUser($username, $password, $additional = "")
 419 
    function addUser($username, $password, $additional = "")
343 
    {
 420 
    {
- 
 
 421 
        $err = $this->_prepare();
- 
 
 422 
        if ($err !== true) {
- 
 
 423 
            return PEAR::raiseError($err->getMessage(), $err->getCode());
- 
 
 424 
        }
- 
 
 425 
 
- 
 
 426 
        if (   isset($this->options['cryptType'])
- 
 
 427 
            && $this->options['cryptType'] == 'none') {
- 
 
 428 
            $cryptFunction = 'strval';
- 
 
 429 
        } elseif (   isset($this->options['cryptType'])
344 
        if (function_exists($this->options['cryptType'])) {
 430 
                  && function_exists($this->options['cryptType'])) {
345 
            $cryptFunction = $this->options['cryptType'];
 431 
            $cryptFunction = $this->options['cryptType'];
346 
        } else {
 432 
        } else {
347 
            $cryptFunction = 'md5';
 433 
            $cryptFunction = 'md5';
348 
        }
 434 
        }
Line -... Line 435...
- 
 
 435 
 
- 
 
 436 
        $password = $cryptFunction($password);
349 
 
 437 
 
350 
        $additional_key   = '';
 438 
        $additional_key   = '';
Line 351... Line 439...
351 
        $additional_value = '';
 439 
        $additional_value = '';
352 
 
 440 
 
- 
 
 441 
        if (is_array($additional)) {
- 
 
 442 
            foreach ($additional as $key => $value) {
- 
 
 443 
                if ($this->options['auto_quote']) {
353 
        if (is_array($additional)) {
 444 
                    $additional_key .= ', ' . $this->db->quoteIdentifier($key);
- 
 
 445 
                } else {
354 
            foreach ($additional as $key => $value) {
 446 
                    $additional_key .= ', ' . $key;
355 
                $additional_key .= ', ' . $key;
 447 
                }
356 
                $additional_value .= ", '" . $value . "'";
 448 
                $additional_value .= ", " . $this->db->quoteSmart($value);
Line 357... Line 449...
357 
            }
 449 
            }
358 
        }
 450 
        }
359 
 
 451 
 
360 
        $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES ('%s', '%s'%s)",
 452 
        $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)",
361 
                         $this->options['table'],
 453 
                         $this->options['final_table'],
362 
                         $this->options['usernamecol'],
 454 
                         $this->options['final_usernamecol'],
363 
                         $this->options['passwordcol'],
 455 
                         $this->options['final_passwordcol'],
364 
                         $additional_key,
 456 
                         $additional_key,
365 
                         $username,
 457 
                         $this->db->quoteSmart($username),
Line 366... Line 458...
366 
                         $cryptFunction($password),
 458 
                         $this->db->quoteSmart($password),
Line 387... Line 479...
387 
     *
 479 
     *
388 
     * @return mixed True on success, otherwise error object
 480 
     * @return mixed True on success, otherwise error object
389 
     */
 481 
     */
390 
    function removeUser($username)
 482 
    function removeUser($username)
391 
    {
 483 
    {
- 
 
 484 
        $err = $this->_prepare();
- 
 
 485 
        if ($err !== true) {
- 
 
 486 
            return PEAR::raiseError($err->getMessage(), $err->getCode());
- 
 
 487 
        }
- 
 
 488 
 
392 
        $query = sprintf("DELETE FROM %s WHERE %s = '%s'",
 489 
        $query = sprintf("DELETE FROM %s WHERE %s = %s",
393 
                         $this->options['table'],
 490 
                         $this->options['final_table'],
394 
                         $this->options['usernamecol'],
 491 
                         $this->options['final_usernamecol'],
395 
                         $username
 492 
                         $this->db->quoteSmart($username)
396 
                         );
 493 
                         );
Line 397... Line 494...
397 
 
 494 
 
Line 398... Line 495...
398 
        $res = $this->query($query);
 495 
        $res = $this->query($query);
Line 403... Line 500...
403 
          return true;
 500 
          return true;
404 
        }
 501 
        }
405 
    }
 502 
    }
Line 406... Line 503...
406 
 
 503 
 
- 
 
 504 
    // }}}
- 
 
 505 
    // {{{ changePassword()
- 
 
 506 
 
- 
 
 507 
    /**
- 
 
 508 
     * Change password for user in the storage container
- 
 
 509 
     *
- 
 
 510 
     * @param string Username
- 
 
 511 
     * @param string The new password (plain text)
- 
 
 512 
     */
- 
 
 513 
    function changePassword($username, $password)
- 
 
 514 
    {
- 
 
 515 
        $err = $this->_prepare();
- 
 
 516 
        if ($err !== true) {
- 
 
 517 
            return PEAR::raiseError($err->getMessage(), $err->getCode());
- 
 
 518 
        }
- 
 
 519 
 
- 
 
 520 
        if (   isset($this->options['cryptType'])
- 
 
 521 
            && $this->options['cryptType'] == 'none') {
- 
 
 522 
            $cryptFunction = 'strval';
- 
 
 523 
        } elseif (   isset($this->options['cryptType'])
- 
 
 524 
                  && function_exists($this->options['cryptType'])) {
- 
 
 525 
            $cryptFunction = $this->options['cryptType'];
- 
 
 526 
        } else {
- 
 
 527 
            $cryptFunction = 'md5';
- 
 
 528 
        }
- 
 
 529 
 
- 
 
 530 
        $password = $cryptFunction($password);
- 
 
 531 
 
- 
 
 532 
        $query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s",
- 
 
 533 
                         $this->options['final_table'],
- 
 
 534 
                         $this->options['final_passwordcol'],
- 
 
 535 
                         $this->db->quoteSmart($password),
- 
 
 536 
                         $this->options['final_usernamecol'],
- 
 
 537 
                         $this->db->quoteSmart($username)
- 
 
 538 
                         );
- 
 
 539 
 
- 
 
 540 
        $res = $this->query($query);
- 
 
 541 
 
- 
 
 542 
        if (DB::isError($res)) {
- 
 
 543 
            return PEAR::raiseError($res->getMessage(), $res->getCode());
- 
 
 544 
        } else {
- 
 
 545 
            return true;
- 
 
 546 
        }
- 
 
 547 
    }
- 
 
 548 
 
- 
 
 549 
    // }}}
- 
 
 550 
    // {{{ supportsChallengeResponse()
- 
 
 551 
 
- 
 
 552 
    /**
- 
 
 553 
     * Determine if this container supports
- 
 
 554 
     * password authentication with challenge response
- 
 
 555 
     *
- 
 
 556 
     * @return bool
- 
 
 557 
     * @access public
- 
 
 558 
     */
- 
 
 559 
    function supportsChallengeResponse()
- 
 
 560 
    {
- 
 
 561 
        return in_array($this->options['cryptType'], array('md5', 'none', ''));
- 
 
 562 
    }
- 
 
 563 
 
- 
 
 564 
    // }}}
- 
 
 565 
    // {{{ getCryptType()
- 
 
 566 
 
- 
 
 567 
    /**
- 
 
 568 
      * Returns the selected crypt type for this container
- 
 
 569 
      */
- 
 
 570 
    function getCryptType()
- 
 
 571 
    {
- 
 
 572 
        return($this->options['cryptType']);
- 
 
 573 
    }
- 
 
 574 
 
- 
 
 575 
    // }}}
407 
    // }}}
 576 
 
408 
}
 577 
}