ILIAS  release_4-4 Revision
All Data Structures Namespaces Files Functions Variables Modules Pages
Public Member Functions | Data Fields
Auth_Container_DBLite Class Reference
+ Inheritance diagram for Auth_Container_DBLite:
+ Collaboration diagram for Auth_Container_DBLite:

Public Member Functions

 Auth_Container_DBLite ($dsn)
 Constructor of the container class. More...
 
 _connect (&$dsn)
 Connect to database by using the given DSN string. More...
 
 _prepare ()
 Prepare database connection. More...
 
 _parseOptions ($array)
 Parse options passed to the container class. More...
 
 _quoteDBFields ()
 Quote the db_fields option to avoid the possibility of SQL injection. More...
 
 fetchData ($username, $password)
 Get user information from database. More...
 
- Public Member Functions inherited from Auth_Container
 Auth_Container ()
 Constructor. More...
 
 fetchData ($username, $password, $isChallengeResponse=false)
 Fetch data from storage container. More...
 
 verifyPassword ($password1, $password2, $cryptType="md5")
 Crypt and verfiy the entered password. More...
 
 supportsChallengeResponse ()
 Returns true if the container supports Challenge Response password authentication. More...
 
 getCryptType ()
 Returns the crypt current crypt type of the container. More...
 
 listUsers ()
 List all users that are available from the storage container. More...
 
 getUser ($username)
 Returns a user assoc array. More...
 
 addUser ($username, $password, $additional=null)
 Add a new user to the storage container. More...
 
 removeUser ($username)
 Remove user from the storage container. More...
 
 changePassword ($username, $password)
 Change password for user in the storage container. More...
 
 log ($message, $level=AUTH_LOG_DEBUG)
 Log a message to the Auth log. More...
 
- Public Member Functions inherited from ilAuthContainerBase
 loginObserver ($a_username, $a_auth)
 Called after successful login. More...
 
 failedLoginObserver ($a_username, $a_auth)
 Called after failed login. More...
 
 checkAuthObserver ($a_username, $a_auth)
 Called after check auth requests. More...
 
 logoutObserver ($a_username, $a_auth)
 Called after logout. More...
 
 supportsCaptchaVerification ()
 Returns whether or not the auth container supports the verification of captchas This should be true for those auth methods, which are available in the default login form. More...
 

Data Fields

 $options = array()
 
 $db = null
 
 $dsn = ''
 
 $activeUser = ''
 
- Data Fields inherited from Auth_Container
 $activeUser = ""
 User that is currently selected from the storage container. More...
 
 $_auth_obj = null
 The Auth object this container is attached to. More...
 

Detailed Description

Definition at line 52 of file DBLite.php.

Member Function Documentation

◆ _connect()

Auth_Container_DBLite::_connect ( $dsn)

Connect to database by using the given DSN string.

private

Parameters
stringDSN string
Returns
mixed Object on error, otherwise bool

Definition at line 119 of file DBLite.php.

References $dsn, AUTH_LOG_DEBUG, PEAR\isError(), Auth_Container\log(), and PEAR\raiseError().

Referenced by _prepare().

120  {
121  $this->log('Auth_Container_DBLite::_connect() called.', AUTH_LOG_DEBUG);
122  if (is_string($dsn) || is_array($dsn)) {
123  $this->db =& DB::connect($dsn, $this->options['db_options']);
124  } elseif (is_subclass_of($dsn, "db_common")) {
125  $this->db =& $dsn;
126  } else {
127  return PEAR::raiseError("Invalid dsn or db object given");
128  }
129 
130  if (DB::isError($this->db) || PEAR::isError($this->db)) {
131  return PEAR::raiseError($this->db->getMessage(), $this->db->getCode());
132  } else {
133  return true;
134  }
135  }
AUTH_LOG_DEBUG
const AUTH_LOG_DEBUG
Auth Log level - DEBUG.
Definition: Auth.php:59
Auth_Container_DBLite\$dsn
$dsn
Definition: DBLite.php:68
PEAR\raiseError
& raiseError($message=null, $code=null, $mode=null, $options=null, $userinfo=null, $error_class=null, $skipmsg=false)
This method is a wrapper that returns an instance of the configured error class with this object's de...
Definition: PEAR.php:524
Auth_Container\log
log($message, $level=AUTH_LOG_DEBUG)
Log a message to the Auth log.
Definition: Container.php:246
PEAR\isError
isError($data, $code=null)
Tell whether a value is a PEAR error.
Definition: PEAR.php:279
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _parseOptions()

Auth_Container_DBLite::_parseOptions (   $array)

Parse options passed to the container class.

private

Parameters
array

Definition at line 185 of file DBLite.php.

Referenced by Auth_Container_DBLite().

186  {
187  foreach ($array as $key => $value) {
188  if (isset($this->options[$key])) {
189  $this->options[$key] = $value;
190  }
191  }
192  }
+ Here is the caller graph for this function:

◆ _prepare()

Auth_Container_DBLite::_prepare ( )

Prepare database connection.

This function checks if we have already opened a connection to the database. If that's not the case, a new connection is opened.

private

Returns
mixed True or a DB error object.

Definition at line 149 of file DBLite.php.

References $res, $t, _connect(), and PEAR\isError().

Referenced by fetchData().

150  {
151  if (!DB::isConnection($this->db)) {
152  $res = $this->_connect($this->options['dsn']);
153  if (DB::isError($res) || PEAR::isError($res)) {
154  return $res;
155  }
156  }
157  if ($this->options['auto_quote'] && $this->db->dsn['phptype'] != 'sqlite') {
158  if (strpos('.', $this->options['table']) === false) {
159  $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']);
160  } else {
161  $t = explode('.', $this->options['table']);
162  for ($i = 0, $count = count($t); $i < $count; $i++)
163  $t[$i] = $this->db->quoteIdentifier($t[$i]);
164  $this->options['final_table'] = implode('.', $t);
165  }
166  $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']);
167  $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']);
168  } else {
169  $this->options['final_table'] = $this->options['table'];
170  $this->options['final_usernamecol'] = $this->options['usernamecol'];
171  $this->options['final_passwordcol'] = $this->options['passwordcol'];
172  }
173  return true;
174  }
$t
$t
Definition: class.ilBMFType_duration.php:154
Auth_Container_DBLite\_connect
_connect(&$dsn)
Connect to database by using the given DSN string.
Definition: DBLite.php:119
PEAR\isError
isError($data, $code=null)
Tell whether a value is a PEAR error.
Definition: PEAR.php:279
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _quoteDBFields()

Auth_Container_DBLite::_quoteDBFields ( )

Quote the db_fields option to avoid the possibility of SQL injection.

private

Returns
string A properly quoted string that can be concatenated into a SELECT clause.

Definition at line 204 of file DBLite.php.

Referenced by fetchData().

205  {
206  if (isset($this->options['db_fields'])) {
207  if (is_array($this->options['db_fields'])) {
208  if ($this->options['auto_quote']) {
209  $fields = array();
210  foreach ($this->options['db_fields'] as $field) {
211  $fields[] = $this->db->quoteIdentifier($field);
212  }
213  return implode(', ', $fields);
214  } else {
215  return implode(', ', $this->options['db_fields']);
216  }
217  } else {
218  if (strlen($this->options['db_fields']) > 0) {
219  if ($this->options['auto_quote']) {
220  return $this->db->quoteIdentifier($this->options['db_fields']);
221  } else {
222  $this->options['db_fields'];
223  }
224  }
225  }
226  }
227 
228  return '';
229  }
+ Here is the caller graph for this function:

◆ Auth_Container_DBLite()

Auth_Container_DBLite::Auth_Container_DBLite (   $dsn)

Constructor of the container class.

Initate connection to the database via PEAR::DB

Parameters
stringConnection data or DB object
Returns
object Returns an error object if something went wrong

Definition at line 87 of file DBLite.php.

References $dsn, _parseOptions(), and PEAR\raiseError().

88  {
89  $this->options['table'] = 'auth';
90  $this->options['usernamecol'] = 'username';
91  $this->options['passwordcol'] = 'password';
92  $this->options['dsn'] = '';
93  $this->options['db_fields'] = '';
94  $this->options['cryptType'] = 'md5';
95  $this->options['db_options'] = array();
96  $this->options['db_where'] = '';
97  $this->options['auto_quote'] = true;
98 
99  if (is_array($dsn)) {
100  $this->_parseOptions($dsn);
101  if (empty($this->options['dsn'])) {
102  PEAR::raiseError('No connection parameters specified!');
103  }
104  } else {
105  $this->options['dsn'] = $dsn;
106  }
107  }
Auth_Container_DBLite\$dsn
$dsn
Definition: DBLite.php:68
PEAR\raiseError
& raiseError($message=null, $code=null, $mode=null, $options=null, $userinfo=null, $error_class=null, $skipmsg=false)
This method is a wrapper that returns an instance of the configured error class with this object&#39;s de...
Definition: PEAR.php:524
Auth_Container_DBLite\_parseOptions
_parseOptions($array)
Parse options passed to the container class.
Definition: DBLite.php:185
+ Here is the call graph for this function:

◆ fetchData()

Auth_Container_DBLite::fetchData (   $username,
  $password 
)

Get user information from database.

This function uses the given username to fetch the corresponding login data from the database table. If an account that matches the passed username and password is found, the function returns true. Otherwise it returns false.

Parameters
stringUsername
stringPassword
Returns
mixed Error object or boolean

Definition at line 247 of file DBLite.php.

References $query, $res, _prepare(), _quoteDBFields(), AUTH_LOG_DEBUG, DB_FETCHMODE_ASSOC, Auth_Container\log(), PEAR\raiseError(), Auth\setAuthData(), and Auth_Container\verifyPassword().

248  {
249  $this->log('Auth_Container_DBLite::fetchData() called.', AUTH_LOG_DEBUG);
250  // Prepare for a database query
251  $err = $this->_prepare();
252  if ($err !== true) {
253  return PEAR::raiseError($err->getMessage(), $err->getCode());
254  }
255 
256  // Find if db_fields contains a *, if so assume all col are selected
257  if (is_string($this->options['db_fields'])
258  && strstr($this->options['db_fields'], '*')) {
259  $sql_from = "*";
260  } else {
261  $sql_from = $this->options['final_usernamecol'].
262  ", ".$this->options['final_passwordcol'];
263 
264  if (strlen($fields = $this->_quoteDBFields()) > 0) {
265  $sql_from .= ', '.$fields;
266  }
267  }
268 
269  $query = "SELECT ".$sql_from.
270  " FROM ".$this->options['final_table'].
271  " WHERE ".$this->options['final_usernamecol']." = ".$this->db->quoteSmart($username);
272 
273  // check if there is an optional parameter db_where
274  if ($this->options['db_where'] != '') {
275  // there is one, so add it to the query
276  $query .= " AND ".$this->options['db_where'];
277  }
278 
279  $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);
280 
281  $res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC);
282 
283  if (DB::isError($res)) {
284  return PEAR::raiseError($res->getMessage(), $res->getCode());
285  }
286  if (!is_array($res)) {
287  $this->activeUser = '';
288  return false;
289  }
290  if ($this->verifyPassword(trim($password, "\r\n"),
291  trim($res[$this->options['passwordcol']], "\r\n"),
292  $this->options['cryptType'])) {
293  // Store additional field values in the session
294  foreach ($res as $key => $value) {
295  if ($key == $this->options['passwordcol'] ||
296  $key == $this->options['usernamecol']) {
297  continue;
298  }
299 
300  $this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG);
301 
302  // Use reference to the auth object if exists
303  // This is because the auth session variable can change so a static call to setAuthData does not make sence
304  if (is_object($this->_auth_obj)) {
305  $this->_auth_obj->setAuthData($key, $value);
306  } else {
307  Auth::setAuthData($key, $value);
308  }
309  }
310  $this->activeUser = $res[$this->options['usernamecol']];
311  return true;
312  }
313  $this->activeUser = $res[$this->options['usernamecol']];
314  return false;
315  }
Auth_Container_DBLite\_quoteDBFields
_quoteDBFields()
Quote the db_fields option to avoid the possibility of SQL injection.
Definition: DBLite.php:204
AUTH_LOG_DEBUG
const AUTH_LOG_DEBUG
Auth Log level - DEBUG.
Definition: Auth.php:59
Auth_Container_DBLite\_prepare
_prepare()
Prepare database connection.
Definition: DBLite.php:149
Auth\setAuthData
setAuthData($name, $value, $overwrite=true)
Register additional information that is to be stored in the session.
Definition: Auth.php:777
DB_FETCHMODE_ASSOC
const DB_FETCHMODE_ASSOC
Definition: class.ilDB.php:10
Auth_Container\verifyPassword
verifyPassword($password1, $password2, $cryptType="md5")
Crypt and verfiy the entered password.
Definition: Container.php:101
PEAR\raiseError
& raiseError($message=null, $code=null, $mode=null, $options=null, $userinfo=null, $error_class=null, $skipmsg=false)
This method is a wrapper that returns an instance of the configured error class with this object&#39;s de...
Definition: PEAR.php:524
Auth_Container\log
log($message, $level=AUTH_LOG_DEBUG)
Log a message to the Auth log.
Definition: Container.php:246
+ Here is the call graph for this function:

Field Documentation

◆ $activeUser

Auth_Container_DBLite::$activeUser = ''

Definition at line 74 of file DBLite.php.

◆ $db

Auth_Container_DBLite::$db = null

Definition at line 67 of file DBLite.php.

◆ $dsn

Auth_Container_DBLite::$dsn = ''

Definition at line 68 of file DBLite.php.

Referenced by _connect(), and Auth_Container_DBLite().

◆ $options

Auth_Container_DBLite::$options = array()

Definition at line 61 of file DBLite.php.

The documentation for this class was generated from the following file: