2 rcs_id('$Id: AdoDb.php,v 1.3 2004-12-20 16:05:01 rurban Exp $');
3 /* Copyright (C) 2004 $ThePhpWikiProgrammingTeam
10 * Simple sprintf, no prepare.
12 * Warning: Since we use FETCH_MODE_ASSOC (string hash) and not the also faster
13 * FETCH_MODE_ROW (numeric), we have to use the correct aliases in auth_* sql statements!
15 * TODO: Change FETCH_MODE in adodb WikiDB sublasses.
20 var $_authmethod = 'AdoDb';
21 function _AdoDbPassUser($UserName='',$prefs=false) {
22 if (!$this->_prefs and isa($this,"_AdoDbPassUser")) {
23 if ($prefs) $this->_prefs = $prefs;
24 if (!isset($this->_prefs->_method))
25 _PassUser::_PassUser($UserName);
27 if (!$this->isValidName($UserName)) {
28 trigger_error(_("Invalid username."),E_USER_WARNING);
31 $this->_userid = $UserName;
33 $this->_auth_crypt_method = $GLOBALS['request']->_dbi->getAuthParam('auth_crypt_method');
34 // Don't prepare the configured auth statements anymore
38 function getPreferences() {
39 // override the generic slow method here for efficiency
40 _AnonUser::getPreferences();
42 if (isset($this->_prefs->_select)) {
43 $dbh = & $this->_auth_dbi;
44 $rs = $dbh->Execute(sprintf($this->_prefs->_select, $dbh->qstr($this->_userid)));
48 $prefs_blob = @$rs->fields['prefs'];
50 if ($restored_from_db = $this->_prefs->retrieve($prefs_blob)) {
51 $updated = $this->_prefs->updatePrefs($restored_from_db);
52 //$this->_prefs = new UserPreferences($restored_from_db);
57 if ($this->_HomePagehandle) {
58 if ($restored_from_page = $this->_prefs->retrieve
59 ($this->_HomePagehandle->get('pref'))) {
60 $updated = $this->_prefs->updatePrefs($restored_from_page);
61 //$this->_prefs = new UserPreferences($restored_from_page);
68 function setPreferences($prefs, $id_only=false) {
69 // if the prefs are changed
70 if (_AnonUser::setPreferences($prefs, 1)) {
72 $packed = $this->_prefs->store();
73 //$user = $request->_user;
74 //unset($user->_auth_dbi);
75 if (!$id_only and isset($this->_prefs->_update)) {
77 $dbh = &$this->_auth_dbi;
78 $db_result = $dbh->Execute(sprintf($this->_prefs->_update,
80 $dbh->qstr($this->_userid)));
83 if ($this->_HomePagehandle and $this->_HomePagehandle->get('pref'))
84 $this->_HomePagehandle->set('pref', '');
86 //store prefs in homepage, not in cookie
87 if ($this->_HomePagehandle and !$id_only)
88 $this->_HomePagehandle->set('pref', $packed);
90 return count($this->_prefs->unpack($packed));
95 function userExists() {
97 $dbh = &$this->_auth_dbi;
98 if (!$dbh) { // needed?
99 return $this->_tryNextUser();
101 if (!$this->isValidName()) {
102 return $this->_tryNextUser();
104 $dbi =& $GLOBALS['request']->_dbi;
105 if (empty($this->_authselect) and $dbi->getAuthParam('auth_check')) {
106 $this->_authselect = $this->prepare($dbi->getAuthParam('auth_check'),
107 array("userid","password"));
109 if (empty($this->_authselect))
110 trigger_error(fmt("Either %s is missing or DATABASE_TYPE != '%s'",
111 'DBAUTH_AUTH_CHECK', 'ADODB'),
113 //NOTE: for auth_crypt_method='crypt' no special auth_user_exists is needed
114 if ($this->_auth_crypt_method == 'crypt') {
115 $rs = $dbh->Execute(sprintf($this->_authselect, $dbh->qstr($this->_userid)));
124 if (! $dbi->getAuthParam('auth_user_exists'))
125 trigger_error(fmt("%s is missing", 'DBAUTH_AUTH_USER_EXISTS'),
127 $this->_authcheck = $this->prepare($dbi->getAuthParam('auth_user_exists'),
129 $rs = $dbh->Execute(sprintf($this->_authcheck, $dbh->qstr($this->_userid)));
137 // maybe the user is allowed to create himself. Generally not wanted in
138 // external databases, but maybe wanted for the wiki database, for performance
140 if (empty($this->_authcreate) and $dbi->getAuthParam('auth_create')) {
141 $this->_authcreate = $this->prepare($dbi->getAuthParam('auth_create'),
142 array("userid", "password"));
144 if (!empty($this->_authcreate) and
145 isset($GLOBALS['HTTP_POST_VARS']['auth']) and
146 isset($GLOBALS['HTTP_POST_VARS']['auth']['passwd']))
148 $dbh->Execute(sprintf($this->_authcreate,
149 $dbh->qstr($GLOBALS['HTTP_POST_VARS']['auth']['passwd']),
150 $dbh->qstr($this->_userid)));
154 return $this->_tryNextUser();
157 function checkPass($submitted_password) {
158 //global $DBAuthParams;
160 if (!$this->_auth_dbi) { // needed?
161 return $this->_tryNextPass($submitted_password);
163 if (!$this->isValidName()) {
164 trigger_error(_("Invalid username."),E_USER_WARNING);
165 return $this->_tryNextPass($submitted_password);
167 if (!$this->_checkPassLength($submitted_password)) {
168 return WIKIAUTH_FORBIDDEN;
170 $dbh =& $this->_auth_dbi;
171 $dbi =& $GLOBALS['request']->_dbi;
172 if (empty($this->_authselect) and $dbi->getAuthParam('auth_check')) {
173 $this->_authselect = $this->prepare($dbi->getAuthParam('auth_check'),
174 array("userid", "password"));
176 if (!isset($this->_authselect))
178 if (!isset($this->_authselect))
179 trigger_error(fmt("Either %s is missing or DATABASE_TYPE != '%s'",
180 'DBAUTH_AUTH_CHECK', 'ADODB'),
182 //NOTE: for auth_crypt_method='crypt' defined('ENCRYPTED_PASSWD',true) must be set
183 if ($this->_auth_crypt_method == 'crypt') {
184 $rs = $dbh->Execute(sprintf($this->_authselect, $dbh->qstr($this->_userid)));
186 $stored_password = $rs->fields['password'];
188 $result = $this->_checkPass($submitted_password, $stored_password);
194 $rs = $dbh->Execute(sprintf($this->_authselect,
195 $dbh->qstr($submitted_password),
196 $dbh->qstr($this->_userid)));
197 if (isset($rs->fields['ok']))
198 $okay = $rs->fields['ok'];
199 elseif (isset($rs->fields[1]))
200 $okay = $rs->fields[1];
202 $okay = reset($rs->fields);
205 $result = !empty($okay);
209 $this->_level = WIKIAUTH_USER;
210 return $this->_level;
212 return $this->_tryNextPass($submitted_password);
216 function mayChangePass() {
217 return $GLOBALS['request']->_dbi->getAuthParam('auth_update');
220 function storePass($submitted_password) {
222 $dbh = &$this->_auth_dbi;
223 $dbi =& $GLOBALS['request']->_dbi;
224 if ($dbi->getAuthParam('auth_update') and empty($this->_authupdate)) {
225 $this->_authupdate = $this->prepare($dbi->getAuthParam('auth_update'),
226 array("userid", "password"));
228 if (!isset($this->_authupdate)) {
229 trigger_error(fmt("Either %s is missing or DATABASE_TYPE != '%s'",
230 'DBAUTH_AUTH_UPDATE', 'ADODB'),
235 if ($this->_auth_crypt_method == 'crypt') {
236 if (function_exists('crypt'))
237 $submitted_password = crypt($submitted_password);
239 $rs = $dbh->Execute(sprintf($this->_authupdate,
240 $dbh->qstr($submitted_password),
241 $dbh->qstr($this->_userid)
248 // $Log: not supported by cvs2svn $
249 // Revision 1.2 2004/12/19 00:58:02 rurban
250 // Enforce PASSWORD_LENGTH_MINIMUM in almost all PassUser checks,
251 // Provide an errormessage if so. Just PersonalPage and BogoLogin not.
252 // Simplify httpauth logout handling and set sessions for all methods.
253 // fix main.php unknown index "x" getLevelDescription() warning.
255 // Revision 1.1 2004/11/01 10:43:58 rurban
256 // seperate PassUser methods into seperate dir (memory usage)
257 // fix WikiUser (old) overlarge data session
258 // remove wikidb arg from various page class methods, use global ->_dbi instead
266 // c-hanging-comment-ender-p: nil
267 // indent-tabs-mode: nil