WebSVN – Applications.papyrus – Diff – /trunk/api/pear/Auth/Container/DB.php


<?php
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
 
/**
 * Storage driver for use against PEAR DB
 *
 * PHP versions 4 and 5
 *
 * LICENSE: This source file is subject to version 3.01 of the PHP license
 * that is available through the world-wide-web at the following URI:
 * http://www.php.net/license/3_01.txt.  If you did not receive a copy of
 * the PHP License and are unable to obtain it through the web, please
 * send a note to license@php.net so we can mail you a copy immediately.
 *
 * @category   Authentication
 * @package    Auth
 * @author     Martin Jansen <mj@php.net>
 * @author     Adam Ashley <aashley@php.net>
 * @copyright  2001-2006 The PHP Group
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
 * @version    CVS: $Id: DB.php,v 1.72 2007/06/12 03:11:26 aashley Exp $
 * @link       http://pear.php.net/package/Auth
 */
 
/**
 * Include Auth_Container base class
 */
require_once 'Auth/Container.php';
/**
 * Include PEAR DB
 */
require_once 'DB.php';
 
/**
 * Storage driver for fetching login data from a database
 *
 * This storage driver can use all databases which are supported
 * by the PEAR DB abstraction layer to fetch login data.
 *
 * @category   Authentication
 * @package    Auth
 * @author     Martin Jansen <mj@php.net>
 * @author     Adam Ashley <aashley@php.net>
 * @copyright  2001-2006 The PHP Group
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
 * @version    Release: 1.5.4  File: $Revision: 1.72 $
 * @link       http://pear.php.net/package/Auth
 */
class Auth_Container_DB extends Auth_Container
{
 
    // {{{ properties
 
    /**
     * Additional options for the storage container
     * @var array
     */
    var $options = array();
 
    /**
     * DB object
     * @var object
     */
    var $db = null;
    var $dsn = '';
 
    /**
     * User that is currently selected from the DB.
     * @var string
     */
    var $activeUser = '';
 
    // }}}
    // {{{ Auth_Container_DB [constructor]
 
    /**
     * Constructor of the container class
     *
     * Save the initial options passed to the container. Initiation of the DB
     * connection is no longer performed here and is only done when needed.
     *
     * @param  string Connection data or DB object
     * @return object Returns an error object if something went wrong
     */
    function Auth_Container_DB($dsn)
    {
        $this->_setDefaults();
 
        if (is_array($dsn)) {
            $this->_parseOptions($dsn);
 
            if (empty($this->options['dsn'])) {
                PEAR::raiseError('No connection parameters specified!');
            }
        } else {
            $this->options['dsn'] = $dsn;
        }
    }
 
    // }}}
    // {{{ _connect()
 
    /**
     * Connect to database by using the given DSN string
     *
     * @access private
     * @param  string DSN string
     * @return mixed  Object on error, otherwise bool
     */
    function _connect($dsn)
    {
        $this->log('Auth_Container_DB::_connect() called.', AUTH_LOG_DEBUG);
 
        if (is_string($dsn) || is_array($dsn)) {
            $this->db = DB::Connect($dsn, $this->options['db_options']);
        } elseif (is_subclass_of($dsn, 'db_common')) {
            $this->db = $dsn;
        } elseif (DB::isError($dsn)) {
            return PEAR::raiseError($dsn->getMessage(), $dsn->getCode());
        } else {
            return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,
                                    41,
                                    PEAR_ERROR_RETURN,
                                    null,
                                    null
                                    );
        }
 
        if (DB::isError($this->db) || PEAR::isError($this->db)) {
            return PEAR::raiseError($this->db->getMessage(), $this->db->getCode());
        } else {
            return true;
        }
    }
 
    // }}}
    // {{{ _prepare()
 
    /**
     * Prepare database connection
     *
     * This function checks if we have already opened a connection to
     * the database. If that's not the case, a new connection is opened.
     *
     * @access private
     * @return mixed True or a DB error object.
     */
    function _prepare()
    {
        if (!DB::isConnection($this->db)) {
            $res = $this->_connect($this->options['dsn']);
            if (DB::isError($res) || PEAR::isError($res)) {
                return $res;
            }
        }
        if ($this->options['auto_quote'] && $this->db->dsn['phptype'] != 'sqlite') {
            $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']);
            $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']);
            $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']);
        } else {
            $this->options['final_table'] = $this->options['table'];
            $this->options['final_usernamecol'] = $this->options['usernamecol'];
            $this->options['final_passwordcol'] = $this->options['passwordcol'];
        }
        return true;
    }
 
    // }}}
    // {{{ query()
 
    /**
     * Prepare query to the database
     *
     * This function checks if we have already opened a connection to
     * the database. If that's not the case, a new connection is opened.
     * After that the query is passed to the database.
     *
     * @access public
     * @param  string Query string
     * @return mixed  a DB_result object or DB_OK on success, a DB
     *                or PEAR error on failure
     */
    function query($query)
    {
        $err = $this->_prepare();
        if ($err !== true) {
            return $err;
        }
        return $this->db->query($query);
    }
 
    // }}}
    // {{{ _setDefaults()
 
    /**
     * Set some default options
     *
     * @access private
     * @return void
     */
    function _setDefaults()
    {
        $this->options['table']       = 'auth';
        $this->options['usernamecol'] = 'username';
        $this->options['passwordcol'] = 'password';
        $this->options['dsn']         = '';
        $this->options['db_fields']   = '';
        $this->options['cryptType']   = 'md5';
        $this->options['db_options']  = array();
        $this->options['db_where']    = '';
        $this->options['auto_quote']  = true;
    }
 
    // }}}
    // {{{ _parseOptions()
 
    /**
     * Parse options passed to the container class
     *
     * @access private
     * @param  array
     */
    function _parseOptions($array)
    {
        foreach ($array as $key => $value) {
            if (isset($this->options[$key])) {
                $this->options[$key] = $value;
            }
        }
    }
 
    // }}}
    // {{{ _quoteDBFields()
 
    /**
     * Quote the db_fields option to avoid the possibility of SQL injection.
     *
     * @access private
     * @return string A properly quoted string that can be concatenated into a
     * SELECT clause.
     */
    function _quoteDBFields()
    {
        if (isset($this->options['db_fields'])) {
            if (is_array($this->options['db_fields'])) {
                if ($this->options['auto_quote']) {
                    $fields = array();
                    foreach ($this->options['db_fields'] as $field) {
                        $fields[] = $this->db->quoteIdentifier($field);
                    }
                    return implode(', ', $fields);
                } else {
                    return implode(', ', $this->options['db_fields']);
                }
            } else {
                if (strlen($this->options['db_fields']) > 0) {
                    if ($this->options['auto_quote']) {
                        return $this->db->quoteIdentifier($this->options['db_fields']);
                    } else {
                        return $this->options['db_fields'];
                    }
                }
            }
        }
 
        return '';
    }
 
    // }}}
    // {{{ fetchData()
 
    /**
     * Get user information from database
     *
     * This function uses the given username to fetch
     * the corresponding login data from the database
     * table. If an account that matches the passed username
     * and password is found, the function returns true.
     * Otherwise it returns false.
     *
     * @param   string Username
     * @param   string Password
     * @param   boolean If true password is secured using a md5 hash
     *                  the frontend and auth are responsible for making sure the container supports
     *                  challenge response password authentication
     * @return  mixed  Error object or boolean
     */
    function fetchData($username, $password, $isChallengeResponse=false)
    {
        $this->log('Auth_Container_DB::fetchData() called.', AUTH_LOG_DEBUG);
        // Prepare for a database query
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        // Find if db_fields contains a *, if so assume all columns are selected
        if (is_string($this->options['db_fields'])
            && strstr($this->options['db_fields'], '*')) {
            $sql_from = "*";
        } else {
            $sql_from = $this->options['final_usernamecol'].
                ", ".$this->options['final_passwordcol'];
 
            if (strlen($fields = $this->_quoteDBFields()) > 0) {
                $sql_from .= ', '.$fields;
            }
        }
 
        $query = "SELECT ".$sql_from.
                " FROM ".$this->options['final_table'].
                " WHERE ".$this->options['final_usernamecol']." = ".$this->db->quoteSmart($username);
 
        // check if there is an optional parameter db_where
        if ($this->options['db_where'] != '') {
            // there is one, so add it to the query
            $query .= " AND ".$this->options['db_where'];
        }
 
        $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC);
 
        if (DB::isError($res)) {
            return PEAR::raiseError($res->getMessage(), $res->getCode());
        }
 
        if (!is_array($res)) {
            $this->activeUser = '';
            return false;
        }
 
        // Perform trimming here before the hashihg
        $password = trim($password, "\r\n");
        $res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n");
 
        // If using Challenge Response md5 the pass with the secret
        if ($isChallengeResponse) {
            $res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]
                    .$this->_auth_obj->session['loginchallenege']);
 
            // UGLY cannot avoid without modifying verifyPassword
            if ($this->options['cryptType'] == 'md5') {
                $res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]);
            }
 
            //print " Hashed Password [{$res[$this->options['passwordcol']]}]<br/>\n";
        }
 
        if ($this->verifyPassword($password,
                                  $res[$this->options['passwordcol']],
                                  $this->options['cryptType'])) {
            // Store additional field values in the session
            foreach ($res as $key => $value) {
                if ($key == $this->options['passwordcol'] ||
                    $key == $this->options['usernamecol']) {
                    continue;
                }
 
                $this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG);
 
                // Use reference to the auth object if exists
                // This is because the auth session variable can change so a
                // static call to setAuthData does not make sence
                $this->_auth_obj->setAuthData($key, $value);
            }
            return true;
        }
        $this->activeUser = $res[$this->options['usernamecol']];
        return false;
    }
 
    // }}}
    // {{{ listUsers()
 
    /**
     * Returns a list of users from the container
     *
     * @return mixed
     * @access public
     */
    function listUsers()
    {
        $this->log('Auth_Container_DB::listUsers() called.', AUTH_LOG_DEBUG);
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        $retVal = array();
 
        // Find if db_fields contains a *, if so assume all col are selected
        if (   is_string($this->options['db_fields'])
            && strstr($this->options['db_fields'], '*')) {
            $sql_from = "*";
        } else {
            $sql_from = $this->options['final_usernamecol'].
                ", ".$this->options['final_passwordcol'];
 
            if (strlen($fields = $this->_quoteDBFields()) > 0) {
                $sql_from .= ', '.$fields;
            }
        }
 
        $query = sprintf("SELECT %s FROM %s",
                         $sql_from,
                         $this->options['final_table']
                         );
 
        // check if there is an optional parameter db_where
        if ($this->options['db_where'] != '') {
            // there is one, so add it to the query
            $query .= " WHERE ".$this->options['db_where'];
        }
 
        $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC);
 
        if (DB::isError($res)) {
            return PEAR::raiseError($res->getMessage(), $res->getCode());
        } else {
            foreach ($res as $user) {
                $user['username'] = $user[$this->options['usernamecol']];
                $retVal[] = $user;
            }
        }
        $this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG);
        return $retVal;
    }
 
    // }}}
    // {{{ addUser()
 
    /**
     * Add user to the storage container
     *
     * @access public
     * @param  string Username
     * @param  string Password
     * @param  mixed  Additional information that are stored in the DB
     *
     * @return mixed True on success, otherwise error object
     */
    function addUser($username, $password, $additional = "")
    {
        $this->log('Auth_Container_DB::addUser() called.', AUTH_LOG_DEBUG);
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        if (   isset($this->options['cryptType'])
            && $this->options['cryptType'] == 'none') {
            $cryptFunction = 'strval';
        } elseif (   isset($this->options['cryptType'])
                  && function_exists($this->options['cryptType'])) {
            $cryptFunction = $this->options['cryptType'];
        } else {
            $cryptFunction = 'md5';
        }
 
        $password = $cryptFunction($password);
 
        $additional_key   = '';
        $additional_value = '';
 
        if (is_array($additional)) {
            foreach ($additional as $key => $value) {
                if ($this->options['auto_quote']) {
                    $additional_key .= ', ' . $this->db->quoteIdentifier($key);
                } else {
                    $additional_key .= ', ' . $key;
                }
                $additional_value .= ", " . $this->db->quoteSmart($value);
            }
        }
 
        $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)",
                         $this->options['final_table'],
                         $this->options['final_usernamecol'],
                         $this->options['final_passwordcol'],
                         $additional_key,
                         $this->db->quoteSmart($username),
                         $this->db->quoteSmart($password),
                         $additional_value
                         );
 
        $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->query($query);
 
        if (DB::isError($res)) {
            return PEAR::raiseError($res->getMessage(), $res->getCode());
        } else {
            return true;
        }
    }
 
    // }}}
    // {{{ removeUser()
 
    /**
     * Remove user from the storage container
     *
     * @access public
     * @param  string Username
     *
     * @return mixed True on success, otherwise error object
     */
    function removeUser($username)
    {
        $this->log('Auth_Container_DB::removeUser() called.', AUTH_LOG_DEBUG);
 
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        // check if there is an optional parameter db_where
        if ($this->options['db_where'] != '') {
            // there is one, so add it to the query
            $where = " AND ".$this->options['db_where'];
        } else {
            $where = '';
        }
 
        $query = sprintf("DELETE FROM %s WHERE %s = %s %s",
                         $this->options['final_table'],
                         $this->options['final_usernamecol'],
                         $this->db->quoteSmart($username),
                         $where
                         );
 
        $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->query($query);
 
        if (DB::isError($res)) {
           return PEAR::raiseError($res->getMessage(), $res->getCode());
        } else {
          return true;
        }
    }
 
    // }}}
    // {{{ changePassword()
 
    /**
     * Change password for user in the storage container
     *
     * @param string Username
     * @param string The new password (plain text)
     */
    function changePassword($username, $password)
    {
        $this->log('Auth_Container_DB::changePassword() called.', AUTH_LOG_DEBUG);
        $err = $this->_prepare();
        if ($err !== true) {
            return PEAR::raiseError($err->getMessage(), $err->getCode());
        }
 
        if (   isset($this->options['cryptType'])
            && $this->options['cryptType'] == 'none') {
            $cryptFunction = 'strval';
        } elseif (   isset($this->options['cryptType'])
                  && function_exists($this->options['cryptType'])) {
            $cryptFunction = $this->options['cryptType'];
        } else {
            $cryptFunction = 'md5';
        }
 
        $password = $cryptFunction($password);
 
        // check if there is an optional parameter db_where
        if ($this->options['db_where'] != '') {
            // there is one, so add it to the query
            $where = " AND ".$this->options['db_where'];
        } else {
            $where = '';
        }
 
        $query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s %s",
                         $this->options['final_table'],
                         $this->options['final_passwordcol'],
                         $this->db->quoteSmart($password),
                         $this->options['final_usernamecol'],
                         $this->db->quoteSmart($username),
                         $where
                         );
 
        $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);
 
        $res = $this->query($query);
 
        if (DB::isError($res)) {
            return PEAR::raiseError($res->getMessage(), $res->getCode());
        } else {
            return true;
        }
    }
 
    // }}}
    // {{{ supportsChallengeResponse()
 
    /**
     * Determine if this container supports
     * password authentication with challenge response
     *
     * @return bool
     * @access public
     */
    function supportsChallengeResponse()
    {
        return in_array($this->options['cryptType'], array('md5', 'none', ''));
    }
 
    // }}}
    // {{{ getCryptType()
 
    /**
      * Returns the selected crypt type for this container
      */
    function getCryptType()
    {
        return($this->options['cryptType']);
    }
 
    // }}}
 
}
?>

Rev 1713	Rev 2150
1	`<?php`	1	`<?php`
2	`/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */`	2	`/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */`
3		3
4	`/**`	4	`/**`
5	`* Storage driver for use against PEAR DB`	5	`* Storage driver for use against PEAR DB`
6	`*`	6	`*`
7	`* PHP versions 4 and 5`	7	`* PHP versions 4 and 5`
8	`*`	8	`*`
9	`* LICENSE: This source file is subject to version 3.01 of the PHP license`	9	`* LICENSE: This source file is subject to version 3.01 of the PHP license`
10	`* that is available through the world-wide-web at the following URI:`	10	`* that is available through the world-wide-web at the following URI:`
11	`* http://www.php.net/license/3_01.txt. If you did not receive a copy of`	11	`* http://www.php.net/license/3_01.txt. If you did not receive a copy of`
12	`* the PHP License and are unable to obtain it through the web, please`	12	`* the PHP License and are unable to obtain it through the web, please`
13	`* send a note to license@php.net so we can mail you a copy immediately.`	13	`* send a note to license@php.net so we can mail you a copy immediately.`
14	`*`	14	`*`
15	`* @category Authentication`	15	`* @category Authentication`
16	`* @package Auth`	16	`* @package Auth`
17	`* @author Martin Jansen <mj@php.net>`	17	`* @author Martin Jansen <mj@php.net>`
18	`* @author Adam Ashley <aashley@php.net>`	18	`* @author Adam Ashley <aashley@php.net>`
19	`* @copyright 2001-2006 The PHP Group`	19	`* @copyright 2001-2006 The PHP Group`
20	`* @license http://www.php.net/license/3_01.txt PHP License 3.01`	20	`* @license http://www.php.net/license/3_01.txt PHP License 3.01`
21	`* @version CVS: $Id: DB.php,v 1.3 2007-11-19 15:11:00 jp_milcent Exp $`	21	`* @version CVS: $Id: DB.php,v 1.72 2007/06/12 03:11:26 aashley Exp $`
22	`* @link http://pear.php.net/package/Auth`	22	`* @link http://pear.php.net/package/Auth`
23	`*/`	23	`*/`
24		24
25	`/**`	25	`/**`
26	`* Include Auth_Container base class`	26	`* Include Auth_Container base class`
27	`*/`	27	`*/`
28	`require_once 'Auth/Container.php';`	28	`require_once 'Auth/Container.php';`
29	`/**`	29	`/**`
30	`* Include PEAR DB`	30	`* Include PEAR DB`
31	`*/`	31	`*/`
32	`require_once 'DB.php';`	32	`require_once 'DB.php';`
33		33
34	`/**`	34	`/**`
35	`* Storage driver for fetching login data from a database`	35	`* Storage driver for fetching login data from a database`
36	`*`	36	`*`
37	`* This storage driver can use all databases which are supported`	37	`* This storage driver can use all databases which are supported`
38	`* by the PEAR DB abstraction layer to fetch login data.`	38	`* by the PEAR DB abstraction layer to fetch login data.`
39	`*`	39	`*`
40	`* @category Authentication`	40	`* @category Authentication`
41	`* @package Auth`	41	`* @package Auth`
42	`* @author Martin Jansen <mj@php.net>`	42	`* @author Martin Jansen <mj@php.net>`
43	`* @author Adam Ashley <aashley@php.net>`	43	`* @author Adam Ashley <aashley@php.net>`
44	`* @copyright 2001-2006 The PHP Group`	44	`* @copyright 2001-2006 The PHP Group`
45	`* @license http://www.php.net/license/3_01.txt PHP License 3.01`	45	`* @license http://www.php.net/license/3_01.txt PHP License 3.01`
46	`* @version Release: 1.5.4 File: $Revision: 1.3 $`	46	`* @version Release: 1.5.4 File: $Revision: 1.72 $`
47	`* @link http://pear.php.net/package/Auth`	47	`* @link http://pear.php.net/package/Auth`
48	`*/`	48	`*/`
49	`class Auth_Container_DB extends Auth_Container`	49	`class Auth_Container_DB extends Auth_Container`
50	`{`	50	`{`
51		51
52	`// {{{ properties`	52	`// {{{ properties`
53		53
54	`/**`	54	`/**`
55	`* Additional options for the storage container`	55	`* Additional options for the storage container`
56	`* @var array`	56	`* @var array`
57	`*/`	57	`*/`
58	`var $options = array();`	58	`var $options = array();`
59		59
60	`/**`	60	`/**`
61	`* DB object`	61	`* DB object`
62	`* @var object`	62	`* @var object`
63	`*/`	63	`*/`
64	`var $db = null;`	64	`var $db = null;`
65	`var $dsn = '';`	65	`var $dsn = '';`
66		66
67	`/**`	67	`/**`
68	`* User that is currently selected from the DB.`	68	`* User that is currently selected from the DB.`
69	`* @var string`	69	`* @var string`
70	`*/`	70	`*/`
71	`var $activeUser = '';`	71	`var $activeUser = '';`
72		72
73	`// }}}`	73	`// }}}`
74	`// {{{ Auth_Container_DB [constructor]`	74	`// {{{ Auth_Container_DB [constructor]`
75		75
76	`/**`	76	`/**`
77	`* Constructor of the container class`	77	`* Constructor of the container class`
78	`*`	78	`*`
79	`* Save the initial options passed to the container. Initiation of the DB`	79	`* Save the initial options passed to the container. Initiation of the DB`
80	`* connection is no longer performed here and is only done when needed.`	80	`* connection is no longer performed here and is only done when needed.`
81	`*`	81	`*`
82	`* @param string Connection data or DB object`	82	`* @param string Connection data or DB object`
83	`* @return object Returns an error object if something went wrong`	83	`* @return object Returns an error object if something went wrong`
84	`*/`	84	`*/`
85	`function Auth_Container_DB($dsn)`	85	`function Auth_Container_DB($dsn)`
86	`{`	86	`{`
87	`$this->_setDefaults();`	87	`$this->_setDefaults();`
88		88
89	`if (is_array($dsn)) {`	89	`if (is_array($dsn)) {`
90	`$this->_parseOptions($dsn);`	90	`$this->_parseOptions($dsn);`
91		91
92	`if (empty($this->options['dsn'])) {`	92	`if (empty($this->options['dsn'])) {`
93	`PEAR::raiseError('No connection parameters specified!');`	93	`PEAR::raiseError('No connection parameters specified!');`
94	`}`	94	`}`
95	`} else {`	95	`} else {`
96	`$this->options['dsn'] = $dsn;`	96	`$this->options['dsn'] = $dsn;`
97	`}`	97	`}`
98	`}`	98	`}`
99		99
100	`// }}}`	100	`// }}}`
101	`// {{{ _connect()`	101	`// {{{ _connect()`
102		102
103	`/**`	103	`/**`
104	`* Connect to database by using the given DSN string`	104	`* Connect to database by using the given DSN string`
105	`*`	105	`*`
106	`* @access private`	106	`* @access private`
107	`* @param string DSN string`	107	`* @param string DSN string`
108	`* @return mixed Object on error, otherwise bool`	108	`* @return mixed Object on error, otherwise bool`
109	`*/`	109	`*/`
110	`function _connect($dsn)`	110	`function _connect($dsn)`
111	`{`	111	`{`
112	`$this->log('Auth_Container_DB::_connect() called.', AUTH_LOG_DEBUG);`	112	`$this->log('Auth_Container_DB::_connect() called.', AUTH_LOG_DEBUG);`
113		113
114	`if (is_string($dsn) \|\| is_array($dsn)) {`	114	`if (is_string($dsn) \|\| is_array($dsn)) {`
115	`$this->db = DB::Connect($dsn, $this->options['db_options']);`	115	`$this->db = DB::Connect($dsn, $this->options['db_options']);`
116	`} elseif (is_subclass_of($dsn, 'db_common')) {`	116	`} elseif (is_subclass_of($dsn, 'db_common')) {`
117	`$this->db = $dsn;`	117	`$this->db = $dsn;`
118	`} elseif (DB::isError($dsn)) {`	118	`} elseif (DB::isError($dsn)) {`
119	`return PEAR::raiseError($dsn->getMessage(), $dsn->getCode());`	119	`return PEAR::raiseError($dsn->getMessage(), $dsn->getCode());`
120	`} else {`	120	`} else {`
121	`return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,`	121	`return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,`
122	`41,`	122	`41,`
123	`PEAR_ERROR_RETURN,`	123	`PEAR_ERROR_RETURN,`
124	`null,`	124	`null,`
125	`null`	125	`null`
126	`);`	126	`);`
127	`}`	127	`}`
128		128
129	`if (DB::isError($this->db) \|\| PEAR::isError($this->db)) {`	129	`if (DB::isError($this->db) \|\| PEAR::isError($this->db)) {`
130	`return PEAR::raiseError($this->db->getMessage(), $this->db->getCode());`	130	`return PEAR::raiseError($this->db->getMessage(), $this->db->getCode());`
131	`} else {`	131	`} else {`
132	`return true;`	132	`return true;`
133	`}`	133	`}`
134	`}`	134	`}`
135		135
136	`// }}}`	136	`// }}}`
137	`// {{{ _prepare()`	137	`// {{{ _prepare()`
138		138
139	`/**`	139	`/**`
140	`* Prepare database connection`	140	`* Prepare database connection`
141	`*`	141	`*`
142	`* This function checks if we have already opened a connection to`	142	`* This function checks if we have already opened a connection to`
143	`* the database. If that's not the case, a new connection is opened.`	143	`* the database. If that's not the case, a new connection is opened.`
144	`*`	144	`*`
145	`* @access private`	145	`* @access private`
146	`* @return mixed True or a DB error object.`	146	`* @return mixed True or a DB error object.`
147	`*/`	147	`*/`
148	`function _prepare()`	148	`function _prepare()`
149	`{`	149	`{`
150	`if (!DB::isConnection($this->db)) {`	150	`if (!DB::isConnection($this->db)) {`
151	`$res = $this->_connect($this->options['dsn']);`	151	`$res = $this->_connect($this->options['dsn']);`
152	`if (DB::isError($res) \|\| PEAR::isError($res)) {`	152	`if (DB::isError($res) \|\| PEAR::isError($res)) {`
153	`return $res;`	153	`return $res;`
154	`}`	154	`}`
155	`}`	155	`}`
156	`if ($this->options['auto_quote'] && $this->db->dsn['phptype'] != 'sqlite') {`	156	`if ($this->options['auto_quote'] && $this->db->dsn['phptype'] != 'sqlite') {`
157	`$this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']);`	157	`$this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']);`
158	`$this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']);`	158	`$this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']);`
159	`$this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']);`	159	`$this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']);`
160	`} else {`	160	`} else {`
161	`$this->options['final_table'] = $this->options['table'];`	161	`$this->options['final_table'] = $this->options['table'];`
162	`$this->options['final_usernamecol'] = $this->options['usernamecol'];`	162	`$this->options['final_usernamecol'] = $this->options['usernamecol'];`
163	`$this->options['final_passwordcol'] = $this->options['passwordcol'];`	163	`$this->options['final_passwordcol'] = $this->options['passwordcol'];`
164	`}`	164	`}`
165	`return true;`	165	`return true;`
166	`}`	166	`}`
167		167
168	`// }}}`	168	`// }}}`
169	`// {{{ query()`	169	`// {{{ query()`
170		170
171	`/**`	171	`/**`
172	`* Prepare query to the database`	172	`* Prepare query to the database`
173	`*`	173	`*`
174	`* This function checks if we have already opened a connection to`	174	`* This function checks if we have already opened a connection to`
175	`* the database. If that's not the case, a new connection is opened.`	175	`* the database. If that's not the case, a new connection is opened.`
176	`* After that the query is passed to the database.`	176	`* After that the query is passed to the database.`
177	`*`	177	`*`
178	`* @access public`	178	`* @access public`
179	`* @param string Query string`	179	`* @param string Query string`
180	`* @return mixed a DB_result object or DB_OK on success, a DB`	180	`* @return mixed a DB_result object or DB_OK on success, a DB`
181	`* or PEAR error on failure`	181	`* or PEAR error on failure`
182	`*/`	182	`*/`
183	`function query($query)`	183	`function query($query)`
184	`{`	184	`{`
185	`$err = $this->_prepare();`	185	`$err = $this->_prepare();`
186	`if ($err !== true) {`	186	`if ($err !== true) {`
187	`return $err;`	187	`return $err;`
188	`}`	188	`}`
189	`return $this->db->query($query);`	189	`return $this->db->query($query);`
190	`}`	190	`}`
191		191
192	`// }}}`	192	`// }}}`
193	`// {{{ _setDefaults()`	193	`// {{{ _setDefaults()`
194		194
195	`/**`	195	`/**`
196	`* Set some default options`	196	`* Set some default options`
197	`*`	197	`*`
198	`* @access private`	198	`* @access private`
199	`* @return void`	199	`* @return void`
200	`*/`	200	`*/`
201	`function _setDefaults()`	201	`function _setDefaults()`
202	`{`	202	`{`
203	`$this->options['table'] = 'auth';`	203	`$this->options['table'] = 'auth';`
204	`$this->options['usernamecol'] = 'username';`	204	`$this->options['usernamecol'] = 'username';`
205	`$this->options['passwordcol'] = 'password';`	205	`$this->options['passwordcol'] = 'password';`
206	`$this->options['dsn'] = '';`	206	`$this->options['dsn'] = '';`
207	`$this->options['db_fields'] = '';`	207	`$this->options['db_fields'] = '';`
208	`$this->options['cryptType'] = 'md5';`	208	`$this->options['cryptType'] = 'md5';`
209	`$this->options['db_options'] = array();`	209	`$this->options['db_options'] = array();`
210	`$this->options['db_where'] = '';`	210	`$this->options['db_where'] = '';`
211	`$this->options['auto_quote'] = true;`	211	`$this->options['auto_quote'] = true;`
212	`}`	212	`}`
213		213
214	`// }}}`	214	`// }}}`
215	`// {{{ _parseOptions()`	215	`// {{{ _parseOptions()`
216		216
217	`/**`	217	`/**`
218	`* Parse options passed to the container class`	218	`* Parse options passed to the container class`
219	`*`	219	`*`
220	`* @access private`	220	`* @access private`
221	`* @param array`	221	`* @param array`
222	`*/`	222	`*/`
223	`function _parseOptions($array)`	223	`function _parseOptions($array)`
224	`{`	224	`{`
225	`foreach ($array as $key => $value) {`	225	`foreach ($array as $key => $value) {`
226	`if (isset($this->options[$key])) {`	226	`if (isset($this->options[$key])) {`
227	`$this->options[$key] = $value;`	227	`$this->options[$key] = $value;`
228	`}`	228	`}`
229	`}`	229	`}`
230	`}`	230	`}`
231		231
232	`// }}}`	232	`// }}}`
233	`// {{{ _quoteDBFields()`	233	`// {{{ _quoteDBFields()`
234		234
235	`/**`	235	`/**`
236	`* Quote the db_fields option to avoid the possibility of SQL injection.`	236	`* Quote the db_fields option to avoid the possibility of SQL injection.`
237	`*`	237	`*`
238	`* @access private`	238	`* @access private`
239	`* @return string A properly quoted string that can be concatenated into a`	239	`* @return string A properly quoted string that can be concatenated into a`
240	`* SELECT clause.`	240	`* SELECT clause.`
241	`*/`	241	`*/`
242	`function _quoteDBFields()`	242	`function _quoteDBFields()`
243	`{`	243	`{`
244	`if (isset($this->options['db_fields'])) {`	244	`if (isset($this->options['db_fields'])) {`
245	`if (is_array($this->options['db_fields'])) {`	245	`if (is_array($this->options['db_fields'])) {`
246	`if ($this->options['auto_quote']) {`	246	`if ($this->options['auto_quote']) {`
247	`$fields = array();`	247	`$fields = array();`
248	`foreach ($this->options['db_fields'] as $field) {`	248	`foreach ($this->options['db_fields'] as $field) {`
249	`$fields[] = $this->db->quoteIdentifier($field);`	249	`$fields[] = $this->db->quoteIdentifier($field);`
250	`}`	250	`}`
251	`return implode(', ', $fields);`	251	`return implode(', ', $fields);`
252	`} else {`	252	`} else {`
253	`return implode(', ', $this->options['db_fields']);`	253	`return implode(', ', $this->options['db_fields']);`
254	`}`	254	`}`
255	`} else {`	255	`} else {`
256	`if (strlen($this->options['db_fields']) > 0) {`	256	`if (strlen($this->options['db_fields']) > 0) {`
257	`if ($this->options['auto_quote']) {`	257	`if ($this->options['auto_quote']) {`
258	`return $this->db->quoteIdentifier($this->options['db_fields']);`	258	`return $this->db->quoteIdentifier($this->options['db_fields']);`
259	`} else {`	259	`} else {`
260	`return $this->options['db_fields'];`	260	`return $this->options['db_fields'];`
261	`}`	261	`}`
262	`}`	262	`}`
263	`}`	263	`}`
264	`}`	264	`}`
265		265
266	`return '';`	266	`return '';`
267	`}`	267	`}`
268		268
269	`// }}}`	269	`// }}}`
270	`// {{{ fetchData()`	270	`// {{{ fetchData()`
271		271
272	`/**`	272	`/**`
273	`* Get user information from database`	273	`* Get user information from database`
274	`*`	274	`*`
275	`* This function uses the given username to fetch`	275	`* This function uses the given username to fetch`
276	`* the corresponding login data from the database`	276	`* the corresponding login data from the database`
277	`* table. If an account that matches the passed username`	277	`* table. If an account that matches the passed username`
278	`* and password is found, the function returns true.`	278	`* and password is found, the function returns true.`
279	`* Otherwise it returns false.`	279	`* Otherwise it returns false.`
280	`*`	280	`*`
281	`* @param string Username`	281	`* @param string Username`
282	`* @param string Password`	282	`* @param string Password`
283	`* @param boolean If true password is secured using a md5 hash`	283	`* @param boolean If true password is secured using a md5 hash`
284	`* the frontend and auth are responsible for making sure the container supports`	284	`* the frontend and auth are responsible for making sure the container supports`
285	`* challenge response password authentication`	285	`* challenge response password authentication`
286	`* @return mixed Error object or boolean`	286	`* @return mixed Error object or boolean`
287	`*/`	287	`*/`
288	`function fetchData($username, $password, $isChallengeResponse=false)`	288	`function fetchData($username, $password, $isChallengeResponse=false)`
289	`{`	289	`{`
290	`$this->log('Auth_Container_DB::fetchData() called.', AUTH_LOG_DEBUG);`	290	`$this->log('Auth_Container_DB::fetchData() called.', AUTH_LOG_DEBUG);`
291	`// Prepare for a database query`	291	`// Prepare for a database query`
292	`$err = $this->_prepare();`	292	`$err = $this->_prepare();`
293	`if ($err !== true) {`	293	`if ($err !== true) {`
294	`return PEAR::raiseError($err->getMessage(), $err->getCode());`	294	`return PEAR::raiseError($err->getMessage(), $err->getCode());`
295	`}`	295	`}`
296		296
297	`// Find if db_fields contains a *, if so assume all columns are selected`	297	`// Find if db_fields contains a *, if so assume all columns are selected`
298	`if (is_string($this->options['db_fields'])`	298	`if (is_string($this->options['db_fields'])`
299	`&& strstr($this->options['db_fields'], '*')) {`	299	`&& strstr($this->options['db_fields'], '*')) {`
300	`$sql_from = "*";`	300	`$sql_from = "*";`
301	`} else {`	301	`} else {`
302	`$sql_from = $this->options['final_usernamecol'].`	302	`$sql_from = $this->options['final_usernamecol'].`
303	`", ".$this->options['final_passwordcol'];`	303	`", ".$this->options['final_passwordcol'];`
304		304
305	`if (strlen($fields = $this->_quoteDBFields()) > 0) {`	305	`if (strlen($fields = $this->_quoteDBFields()) > 0) {`
306	`$sql_from .= ', '.$fields;`	306	`$sql_from .= ', '.$fields;`
307	`}`	307	`}`
308	`}`	308	`}`
309		309
310	`$query = "SELECT ".$sql_from.`	310	`$query = "SELECT ".$sql_from.`
311	`" FROM ".$this->options['final_table'].`	311	`" FROM ".$this->options['final_table'].`
312	`" WHERE ".$this->options['final_usernamecol']." = ".$this->db->quoteSmart($username);`	312	`" WHERE ".$this->options['final_usernamecol']." = ".$this->db->quoteSmart($username);`
313		313
314	`// check if there is an optional parameter db_where`	314	`// check if there is an optional parameter db_where`
315	`if ($this->options['db_where'] != '') {`	315	`if ($this->options['db_where'] != '') {`
316	`// there is one, so add it to the query`	316	`// there is one, so add it to the query`
317	`$query .= " AND ".$this->options['db_where'];`	317	`$query .= " AND ".$this->options['db_where'];`
318	`}`	318	`}`
319		319
320	`$this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);`	320	`$this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);`
321		321
322	`$res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC);`	322	`$res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC);`
323		323
324	`if (DB::isError($res)) {`	324	`if (DB::isError($res)) {`
325	`return PEAR::raiseError($res->getMessage(), $res->getCode());`	325	`return PEAR::raiseError($res->getMessage(), $res->getCode());`
326	`}`	326	`}`
327		327
328	`if (!is_array($res)) {`	328	`if (!is_array($res)) {`
329	`$this->activeUser = '';`	329	`$this->activeUser = '';`
330	`return false;`	330	`return false;`
331	`}`	331	`}`
332		332
333	`// Perform trimming here before the hashihg`	333	`// Perform trimming here before the hashihg`
334	`$password = trim($password, "\r\n");`	334	`$password = trim($password, "\r\n");`
335	`$res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n");`	335	`$res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n");`
336		336
337	`// If using Challenge Response md5 the pass with the secret`	337	`// If using Challenge Response md5 the pass with the secret`
338	`if ($isChallengeResponse) {`	338	`if ($isChallengeResponse) {`
339	`$res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]`	339	`$res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]`
340	`.$this->_auth_obj->session['loginchallenege']);`	340	`.$this->_auth_obj->session['loginchallenege']);`
341		341
342	`// UGLY cannot avoid without modifying verifyPassword`	342	`// UGLY cannot avoid without modifying verifyPassword`
343	`if ($this->options['cryptType'] == 'md5') {`	343	`if ($this->options['cryptType'] == 'md5') {`
344	`$res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]);`	344	`$res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]);`
345	`}`	345	`}`
346		346
347	`//print " Hashed Password [{$res[$this->options['passwordcol']]}]<br/>\n";`	347	`//print " Hashed Password [{$res[$this->options['passwordcol']]}]<br/>\n";`
348	`}`	348	`}`
349		349
350	`if ($this->verifyPassword($password,`	350	`if ($this->verifyPassword($password,`
351	`$res[$this->options['passwordcol']],`	351	`$res[$this->options['passwordcol']],`
352	`$this->options['cryptType'])) {`	352	`$this->options['cryptType'])) {`
353	`// Store additional field values in the session`	353	`// Store additional field values in the session`
354	`foreach ($res as $key => $value) {`	354	`foreach ($res as $key => $value) {`
355	`if ($key == $this->options['passwordcol'] \|\|`	355	`if ($key == $this->options['passwordcol'] \|\|`
356	`$key == $this->options['usernamecol']) {`	356	`$key == $this->options['usernamecol']) {`
357	`continue;`	357	`continue;`
358	`}`	358	`}`
359		359
360	`$this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG);`	360	`$this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG);`
361		361
362	`// Use reference to the auth object if exists`	362	`// Use reference to the auth object if exists`
363	`// This is because the auth session variable can change so a`	363	`// This is because the auth session variable can change so a`
364	`// static call to setAuthData does not make sence`	364	`// static call to setAuthData does not make sence`
365	`$this->_auth_obj->setAuthData($key, $value);`	365	`$this->_auth_obj->setAuthData($key, $value);`
366	`}`	366	`}`
367	`return true;`	367	`return true;`
368	`}`	368	`}`
369	`$this->activeUser = $res[$this->options['usernamecol']];`	369	`$this->activeUser = $res[$this->options['usernamecol']];`
370	`return false;`	370	`return false;`
371	`}`	371	`}`
372		372
373	`// }}}`	373	`// }}}`
374	`// {{{ listUsers()`	374	`// {{{ listUsers()`
375		375
376	`/**`	376	`/**`
377	`* Returns a list of users from the container`	377	`* Returns a list of users from the container`
378	`*`	378	`*`
379	`* @return mixed`	379	`* @return mixed`
380	`* @access public`	380	`* @access public`
381	`*/`	381	`*/`
382	`function listUsers()`	382	`function listUsers()`
383	`{`	383	`{`
384	`$this->log('Auth_Container_DB::listUsers() called.', AUTH_LOG_DEBUG);`	384	`$this->log('Auth_Container_DB::listUsers() called.', AUTH_LOG_DEBUG);`
385	`$err = $this->_prepare();`	385	`$err = $this->_prepare();`
386	`if ($err !== true) {`	386	`if ($err !== true) {`
387	`return PEAR::raiseError($err->getMessage(), $err->getCode());`	387	`return PEAR::raiseError($err->getMessage(), $err->getCode());`
388	`}`	388	`}`
389		389
390	`$retVal = array();`	390	`$retVal = array();`
391		391
392	`// Find if db_fields contains a *, if so assume all col are selected`	392	`// Find if db_fields contains a *, if so assume all col are selected`
393	`if ( is_string($this->options['db_fields'])`	393	`if ( is_string($this->options['db_fields'])`
394	`&& strstr($this->options['db_fields'], '*')) {`	394	`&& strstr($this->options['db_fields'], '*')) {`
395	`$sql_from = "*";`	395	`$sql_from = "*";`
396	`} else {`	396	`} else {`
397	`$sql_from = $this->options['final_usernamecol'].`	397	`$sql_from = $this->options['final_usernamecol'].`
398	`", ".$this->options['final_passwordcol'];`	398	`", ".$this->options['final_passwordcol'];`
399		399
400	`if (strlen($fields = $this->_quoteDBFields()) > 0) {`	400	`if (strlen($fields = $this->_quoteDBFields()) > 0) {`
401	`$sql_from .= ', '.$fields;`	401	`$sql_from .= ', '.$fields;`
402	`}`	402	`}`
403	`}`	403	`}`
404		404
405	`$query = sprintf("SELECT %s FROM %s",`	405	`$query = sprintf("SELECT %s FROM %s",`
406	`$sql_from,`	406	`$sql_from,`
407	`$this->options['final_table']`	407	`$this->options['final_table']`
408	`);`	408	`);`
409		409
410	`// check if there is an optional parameter db_where`	410	`// check if there is an optional parameter db_where`
411	`if ($this->options['db_where'] != '') {`	411	`if ($this->options['db_where'] != '') {`
412	`// there is one, so add it to the query`	412	`// there is one, so add it to the query`
413	`$query .= " WHERE ".$this->options['db_where'];`	413	`$query .= " WHERE ".$this->options['db_where'];`
414	`}`	414	`}`
415		415
416	`$this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);`	416	`$this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);`
417		417
418	`$res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC);`	418	`$res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC);`
419		419
420	`if (DB::isError($res)) {`	420	`if (DB::isError($res)) {`
421	`return PEAR::raiseError($res->getMessage(), $res->getCode());`	421	`return PEAR::raiseError($res->getMessage(), $res->getCode());`
422	`} else {`	422	`} else {`
423	`foreach ($res as $user) {`	423	`foreach ($res as $user) {`
424	`$user['username'] = $user[$this->options['usernamecol']];`	424	`$user['username'] = $user[$this->options['usernamecol']];`
425	`$retVal[] = $user;`	425	`$retVal[] = $user;`
426	`}`	426	`}`
427	`}`	427	`}`
428	`$this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG);`	428	`$this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG);`
429	`return $retVal;`	429	`return $retVal;`
430	`}`	430	`}`
431		431
432	`// }}}`	432	`// }}}`
433	`// {{{ addUser()`	433	`// {{{ addUser()`
434		434
435	`/**`	435	`/**`
436	`* Add user to the storage container`	436	`* Add user to the storage container`
437	`*`	437	`*`
438	`* @access public`	438	`* @access public`
439	`* @param string Username`	439	`* @param string Username`
440	`* @param string Password`	440	`* @param string Password`
441	`* @param mixed Additional information that are stored in the DB`	441	`* @param mixed Additional information that are stored in the DB`
442	`*`	442	`*`
443	`* @return mixed True on success, otherwise error object`	443	`* @return mixed True on success, otherwise error object`
444	`*/`	444	`*/`
445	`function addUser($username, $password, $additional = "")`	445	`function addUser($username, $password, $additional = "")`
446	`{`	446	`{`
447	`$this->log('Auth_Container_DB::addUser() called.', AUTH_LOG_DEBUG);`	447	`$this->log('Auth_Container_DB::addUser() called.', AUTH_LOG_DEBUG);`
448	`$err = $this->_prepare();`	448	`$err = $this->_prepare();`
449	`if ($err !== true) {`	449	`if ($err !== true) {`
450	`return PEAR::raiseError($err->getMessage(), $err->getCode());`	450	`return PEAR::raiseError($err->getMessage(), $err->getCode());`
451	`}`	451	`}`
452		452
453	`if ( isset($this->options['cryptType'])`	453	`if ( isset($this->options['cryptType'])`
454	`&& $this->options['cryptType'] == 'none') {`	454	`&& $this->options['cryptType'] == 'none') {`
455	`$cryptFunction = 'strval';`	455	`$cryptFunction = 'strval';`
456	`} elseif ( isset($this->options['cryptType'])`	456	`} elseif ( isset($this->options['cryptType'])`
457	`&& function_exists($this->options['cryptType'])) {`	457	`&& function_exists($this->options['cryptType'])) {`
458	`$cryptFunction = $this->options['cryptType'];`	458	`$cryptFunction = $this->options['cryptType'];`
459	`} else {`	459	`} else {`
460	`$cryptFunction = 'md5';`	460	`$cryptFunction = 'md5';`
461	`}`	461	`}`
462		462
463	`$password = $cryptFunction($password);`	463	`$password = $cryptFunction($password);`
464		464
465	`$additional_key = '';`	465	`$additional_key = '';`
466	`$additional_value = '';`	466	`$additional_value = '';`
467		467
468	`if (is_array($additional)) {`	468	`if (is_array($additional)) {`
469	`foreach ($additional as $key => $value) {`	469	`foreach ($additional as $key => $value) {`
470	`if ($this->options['auto_quote']) {`	470	`if ($this->options['auto_quote']) {`
471	`$additional_key .= ', ' . $this->db->quoteIdentifier($key);`	471	`$additional_key .= ', ' . $this->db->quoteIdentifier($key);`
472	`} else {`	472	`} else {`
473	`$additional_key .= ', ' . $key;`	473	`$additional_key .= ', ' . $key;`
474	`}`	474	`}`
475	`$additional_value .= ", " . $this->db->quoteSmart($value);`	475	`$additional_value .= ", " . $this->db->quoteSmart($value);`
476	`}`	476	`}`
477	`}`	477	`}`
478		478
479	`$query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)",`	479	`$query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)",`
480	`$this->options['final_table'],`	480	`$this->options['final_table'],`
481	`$this->options['final_usernamecol'],`	481	`$this->options['final_usernamecol'],`
482	`$this->options['final_passwordcol'],`	482	`$this->options['final_passwordcol'],`
483	`$additional_key,`	483	`$additional_key,`
484	`$this->db->quoteSmart($username),`	484	`$this->db->quoteSmart($username),`
485	`$this->db->quoteSmart($password),`	485	`$this->db->quoteSmart($password),`
486	`$additional_value`	486	`$additional_value`
487	`);`	487	`);`
488		488
489	`$this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);`	489	`$this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);`
490		490
491	`$res = $this->query($query);`	491	`$res = $this->query($query);`
492		492
493	`if (DB::isError($res)) {`	493	`if (DB::isError($res)) {`
494	`return PEAR::raiseError($res->getMessage(), $res->getCode());`	494	`return PEAR::raiseError($res->getMessage(), $res->getCode());`
495	`} else {`	495	`} else {`
496	`return true;`	496	`return true;`
497	`}`	497	`}`
498	`}`	498	`}`
499		499
500	`// }}}`	500	`// }}}`

Subversion Repositories Applications.papyrus

(root)/trunk/api/pear/Auth/Container/DB.php – Rev 1713 → 2150