diff --git a/htdocs/includes/pear/Auth/Container/DB.php b/htdocs/includes/pear/Auth/Container/DB.php index f6da86614c2..d357e4ccef1 100644 --- a/htdocs/includes/pear/Auth/Container/DB.php +++ b/htdocs/includes/pear/Auth/Container/DB.php @@ -1,394 +1,394 @@ - | -// +----------------------------------------------------------------------+ -// -// $Id$ -// - -//require_once 'Auth/Container.php'; -require_once DOL_DOCUMENT_ROOT."/includes/pear/Auth/Container.php"; -//require_once 'DB.php'; -require_once DOL_DOCUMENT_ROOT."/includes/pear/DB.php"; - -/** - * Storage driver for fetching login data from a database - * - * This storage driver can use all databases which are supported - * by the PEAR DB abstraction layer to fetch login data. - * - * @author Martin Jansen - * @package Auth - * @version $Revision$ - */ -class Auth_Container_DB extends Auth_Container -{ - - /** - * Additional options for the storage container - * @var array - */ - var $options = array(); - - /** - * DB object - * @var object - */ - var $db = null; - var $dsn = ''; - - /** - * User that is currently selected from the DB. - * @var string - */ - var $activeUser = ''; - - // {{{ Constructor - - /** - * Constructor of the container class - * - * Initate connection to the database via PEAR::DB - * - * @param string Connection data or DB object - * @return object Returns an error object if something went wrong - */ - function Auth_Container_DB($dsn) - { - $this->_setDefaults(); - - if (is_array($dsn)) { - $this->_parseOptions($dsn); - - if (empty($this->options['dsn'])) { - PEAR::raiseError('No connection parameters specified!'); - } - } else { - $this->options['dsn'] = $dsn; - } - } - - // }}} - // {{{ _connect() - - /** - * Connect to database by using the given DSN string - * - * @access private - * @param string DSN string - * @return mixed Object on error, otherwise bool - */ - function _connect($dsn) - { - if (is_string($dsn) || is_array($dsn)) { - $this->db = DB::Connect($dsn); - } elseif (get_parent_class($dsn) == "db_common") { - $this->db = $dsn; - } elseif (DB::isError($dsn)) { - return PEAR::raiseError($dsn->getMessage(), $dsn->getCode()); - } else { - return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__, - 41, - PEAR_ERROR_RETURN, - null, - null - ); - } - - if (DB::isError($this->db) || DOLIPEAR::isError($this->db)) { - return DOLIPEAR::raiseError($this->db->getMessage(), $this->db->getCode()); - } else { - return true; - } - } - - // }}} - // {{{ _prepare() - - /** - * Prepare database connection - * - * This function checks if we have already opened a connection to - * the database. If that's not the case, a new connection is opened. - * - * @access private - * @return mixed True or a DB error object. - */ - function _prepare() - { - if (!DB::isConnection($this->db)) { - $res = $this->_connect($this->options['dsn']); - if(DB::isError($res) || DOLIPEAR::isError($res)){ - return $res; - } - } - return true; - } - - // }}} - // {{{ query() - - /** - * Prepare query to the database - * - * This function checks if we have already opened a connection to - * the database. If that's not the case, a new connection is opened. - * After that the query is passed to the database. - * - * @access public - * @param string Query string - * @return mixed a DB_result object or DB_OK on success, a DB - * or PEAR error on failure - */ - function query($query) - { - $err = $this->_prepare(); - if ($err !== true) { - return $err; - } - return $this->db->query($query); - } - - // }}} - // {{{ _setDefaults() - - /** - * Set some default options - * - * @access private - * @return void - */ - function _setDefaults() - { - $this->options['table'] = 'auth'; - $this->options['usernamecol'] = 'username'; - $this->options['passwordcol'] = 'password'; - $this->options['dsn'] = ''; - $this->options['db_fields'] = ''; - $this->options['cryptType'] = 'md5'; - } - - // }}} - // {{{ _parseOptions() - - /** - * Parse options passed to the container class - * - * @access private - * @param array - */ - function _parseOptions($array) - { - foreach ($array as $key => $value) { - if (isset($this->options[$key])) { - $this->options[$key] = $value; - } - } - - /* Include additional fields if they exist */ - if(!empty($this->options['db_fields'])){ - if(is_array($this->options['db_fields'])){ - $this->options['db_fields'] = join($this->options['db_fields'], ', '); - } - $this->options['db_fields'] = ', '.$this->options['db_fields']; - } - } - - // }}} - // {{{ fetchData() - - /** - * Get user information from database - * - * This function uses the given username to fetch - * the corresponding login data from the database - * table. If an account that matches the passed username - * and password is found, the function returns true. - * Otherwise it returns false. - * - * @param string Username - * @param string Password - * @return mixed Error object or boolean - */ - function fetchData($username, $password) - { - // Prepare for a database query - $err = $this->_prepare(); - if ($err !== true) { - return PEAR::raiseError($err->getMessage(), $err->getCode()); - } - - // Find if db_fileds contains a *, i so assume all col are selected - if(strstr($this->options['db_fields'], '*')){ - $sql_from = "*"; - } - else{ - $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; - } - - $query = "SELECT ! FROM ! WHERE ! = ?"; - $query_params = array( - $sql_from, - $this->options['table'], - $this->options['usernamecol'], - $username - ); - $res = $this->db->getRow($query, $query_params, DB_FETCHMODE_ASSOC); - - if (DB::isError($res)) { - return PEAR::raiseError($res->getMessage(), $res->getCode()); - } - if (!is_array($res)) { - $this->activeUser = ''; - return false; - } - if ($this->verifyPassword(trim($password), - trim($res[$this->options['passwordcol']]), - $this->options['cryptType'])) { - // Store additional field values in the session - foreach ($res as $key => $value) { - if ($key == $this->options['passwordcol'] || - $key == $this->options['usernamecol']) { - continue; - } - Auth::setAuthData($key, $value); - } - - return true; - } - - $this->activeUser = $res[$this->options['usernamecol']]; - return false; - } - - // }}} - // {{{ listUsers() - - function listUsers() - { - $err = $this->_prepare(); - if ($err !== true) { - return PEAR::raiseError($err->getMessage(), $err->getCode()); - } - - $retVal = array(); - - // Find if db_fileds contains a *, i so assume all col are selected - if(strstr($this->options['db_fields'], '*') || empty($this->options['db_fields'])){ - $sql_from = "*"; - } - else{ - $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; - } - - $query = sprintf("SELECT %s FROM %s", - $sql_from, - $this->options['table'] - ); - $res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC); - - if (DB::isError($res)) { - return PEAR::raiseError($res->getMessage(), $res->getCode()); - } else { - foreach ($res as $user) { - $user['username'] = $user[$this->options['usernamecol']]; - $retVal[] = $user; - } - } - return $retVal; - } - - // }}} - // {{{ addUser() - - /** - * Add user to the storage container - * - * @access public - * @param string Username - * @param string Password - * @param mixed Additional information that are stored in the DB - * - * @return mixed True on success, otherwise error object - */ - function addUser($username, $password, $additional = "") - { - if (function_exists($this->options['cryptType'])) { - $cryptfunction = $this->options['cryptType']; - } else { - $cryptfunction = 'md5'; - } - - $additional_key = ''; - $additional_value = ''; - - if (is_array($additional)) { - foreach ($additional as $key => $value) { - $additional_key .= ', ' . $key; - $additional_value .= ", '" . $value . "'"; - } - } - - $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES ('%s', '%s'%s)", - $this->options['table'], - $this->options['usernamecol'], - $this->options['passwordcol'], - $additional_key, - $username, - $cryptfunction($password), - $additional_value - ); - - $res = $this->query($query); - - if (DB::isError($res)) { - return PEAR::raiseError($res->getMessage(), $res->getCode()); - } else { - return true; - } - } - - // }}} - // {{{ removeUser() - - /** - * Remove user from the storage container - * - * @access public - * @param string Username - * - * @return mixed True on success, otherwise error object - */ - function removeUser($username) - { - $query = sprintf("DELETE FROM %s WHERE %s = '%s'", - $this->options['table'], - $this->options['usernamecol'], - $username - ); - - $res = $this->query($query); - - if (DB::isError($res)) { - return PEAR::raiseError($res->getMessage(), $res->getCode()); - } else { - return true; - } - } - - // }}} -} -?> + | +// +----------------------------------------------------------------------+ +// +// $Id$ +// + +//require_once 'Auth/Container.php'; +require_once DOL_DOCUMENT_ROOT."/includes/pear/Auth/Container.php"; +//require_once 'DB.php'; +require_once DOL_DOCUMENT_ROOT."/includes/pear/DB.php"; + +/** + * Storage driver for fetching login data from a database + * + * This storage driver can use all databases which are supported + * by the PEAR DB abstraction layer to fetch login data. + * + * @author Martin Jansen + * @package Auth + * @version $Revision$ + */ +class Auth_Container_DB extends Auth_Container +{ + + /** + * Additional options for the storage container + * @var array + */ + var $options = array(); + + /** + * DB object + * @var object + */ + var $db = null; + var $dsn = ''; + + /** + * User that is currently selected from the DB. + * @var string + */ + var $activeUser = ''; + + // {{{ Constructor + + /** + * Constructor of the container class + * + * Initate connection to the database via PEAR::DB + * + * @param string Connection data or DB object + * @return object Returns an error object if something went wrong + */ + function Auth_Container_DB($dsn) + { + $this->_setDefaults(); + + if (is_array($dsn)) { + $this->_parseOptions($dsn); + + if (empty($this->options['dsn'])) { + PEAR::raiseError('No connection parameters specified!'); + } + } else { + $this->options['dsn'] = $dsn; + } + } + + // }}} + // {{{ _connect() + + /** + * Connect to database by using the given DSN string + * + * @access private + * @param string DSN string + * @return mixed Object on error, otherwise bool + */ + function _connect($dsn) + { + if (is_string($dsn) || is_array($dsn)) { + $this->db = DB::Connect($dsn); + } elseif (get_parent_class($dsn) == "db_common") { + $this->db = $dsn; + } elseif (DB::isError($dsn)) { + return PEAR::raiseError($dsn->getMessage(), $dsn->getCode()); + } else { + return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__, + 41, + PEAR_ERROR_RETURN, + null, + null + ); + } + + if (DB::isError($this->db) || DOLIPEAR::isError($this->db)) { + return DOLIPEAR::raiseError($this->db->getMessage(), $this->db->getCode()); + } else { + return true; + } + } + + // }}} + // {{{ _prepare() + + /** + * Prepare database connection + * + * This function checks if we have already opened a connection to + * the database. If that's not the case, a new connection is opened. + * + * @access private + * @return mixed True or a DB error object. + */ + function _prepare() + { + if (!DB::isConnection($this->db)) { + $res = $this->_connect($this->options['dsn']); + if(DB::isError($res) || DOLIPEAR::isError($res)){ + return $res; + } + } + return true; + } + + // }}} + // {{{ query() + + /** + * Prepare query to the database + * + * This function checks if we have already opened a connection to + * the database. If that's not the case, a new connection is opened. + * After that the query is passed to the database. + * + * @access public + * @param string Query string + * @return mixed a DB_result object or DB_OK on success, a DB + * or PEAR error on failure + */ + function query($query) + { + $err = $this->_prepare(); + if ($err !== true) { + return $err; + } + return $this->db->query($query); + } + + // }}} + // {{{ _setDefaults() + + /** + * Set some default options + * + * @access private + * @return void + */ + function _setDefaults() + { + $this->options['table'] = 'auth'; + $this->options['usernamecol'] = 'username'; + $this->options['passwordcol'] = 'password'; + $this->options['dsn'] = ''; + $this->options['db_fields'] = ''; + $this->options['cryptType'] = 'md5'; + } + + // }}} + // {{{ _parseOptions() + + /** + * Parse options passed to the container class + * + * @access private + * @param array + */ + function _parseOptions($array) + { + foreach ($array as $key => $value) { + if (isset($this->options[$key])) { + $this->options[$key] = $value; + } + } + + /* Include additional fields if they exist */ + if(!empty($this->options['db_fields'])){ + if(is_array($this->options['db_fields'])){ + $this->options['db_fields'] = join($this->options['db_fields'], ', '); + } + $this->options['db_fields'] = ', '.$this->options['db_fields']; + } + } + + // }}} + // {{{ fetchData() + + /** + * Get user information from database + * + * This function uses the given username to fetch + * the corresponding login data from the database + * table. If an account that matches the passed username + * and password is found, the function returns true. + * Otherwise it returns false. + * + * @param string Username + * @param string Password + * @return mixed Error object or boolean + */ + function fetchData($username, $password) + { + // Prepare for a database query + $err = $this->_prepare(); + if ($err !== true) { + return PEAR::raiseError($err->getMessage(), $err->getCode()); + } + + // Find if db_fileds contains a *, i so assume all col are selected + if(strstr($this->options['db_fields'], '*')){ + $sql_from = "*"; + } + else{ + $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; + } + + $query = "SELECT ! FROM ! WHERE ! = ?"; + $query_params = array( + $sql_from, + $this->options['table'], + $this->options['usernamecol'], + $username + ); + $res = $this->db->getRow($query, $query_params, DB_FETCHMODE_ASSOC); + + if (DB::isError($res)) { + return PEAR::raiseError($res->getMessage(), $res->getCode()); + } + if (!is_array($res)) { + $this->activeUser = ''; + return false; + } + if ($this->verifyPassword(trim($password), + trim($res[$this->options['passwordcol']]), + $this->options['cryptType'])) { + // Store additional field values in the session + foreach ($res as $key => $value) { + if ($key == $this->options['passwordcol'] || + $key == $this->options['usernamecol']) { + continue; + } + Auth::setAuthData($key, $value); + } + + return true; + } + + $this->activeUser = $res[$this->options['usernamecol']]; + return false; + } + + // }}} + // {{{ listUsers() + + function listUsers() + { + $err = $this->_prepare(); + if ($err !== true) { + return PEAR::raiseError($err->getMessage(), $err->getCode()); + } + + $retVal = array(); + + // Find if db_fileds contains a *, i so assume all col are selected + if(strstr($this->options['db_fields'], '*') || empty($this->options['db_fields'])){ + $sql_from = "*"; + } + else{ + $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; + } + + $query = sprintf("SELECT %s FROM %s", + $sql_from, + $this->options['table'] + ); + $res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC); + + if (DB::isError($res)) { + return PEAR::raiseError($res->getMessage(), $res->getCode()); + } else { + foreach ($res as $user) { + $user['username'] = $user[$this->options['usernamecol']]; + $retVal[] = $user; + } + } + return $retVal; + } + + // }}} + // {{{ addUser() + + /** + * Add user to the storage container + * + * @access public + * @param string Username + * @param string Password + * @param mixed Additional information that are stored in the DB + * + * @return mixed True on success, otherwise error object + */ + function addUser($username, $password, $additional = "") + { + if (function_exists($this->options['cryptType'])) { + $cryptfunction = $this->options['cryptType']; + } else { + $cryptfunction = 'md5'; + } + + $additional_key = ''; + $additional_value = ''; + + if (is_array($additional)) { + foreach ($additional as $key => $value) { + $additional_key .= ', ' . $key; + $additional_value .= ", '" . $value . "'"; + } + } + + $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES ('%s', '%s'%s)", + $this->options['table'], + $this->options['usernamecol'], + $this->options['passwordcol'], + $additional_key, + $username, + $cryptfunction($password), + $additional_value + ); + + $res = $this->query($query); + + if (DB::isError($res)) { + return PEAR::raiseError($res->getMessage(), $res->getCode()); + } else { + return true; + } + } + + // }}} + // {{{ removeUser() + + /** + * Remove user from the storage container + * + * @access public + * @param string Username + * + * @return mixed True on success, otherwise error object + */ + function removeUser($username) + { + $query = sprintf("DELETE FROM %s WHERE %s = '%s'", + $this->options['table'], + $this->options['usernamecol'], + $username + ); + + $res = $this->query($query); + + if (DB::isError($res)) { + return PEAR::raiseError($res->getMessage(), $res->getCode()); + } else { + return true; + } + } + + // }}} +} +?>