ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
DBLite.php
Go to the documentation of this file.
1 <?php
2 /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
3 
29 require_once 'Auth/Container.php';
33 require_once 'DB.php';
34 
52 class Auth_Container_DBLite extends Auth_Container
53 {
54 
55  // {{{ properties
56 
61  var $options = array();
62 
67  var $db = null;
68  var $dsn = '';
69 
74  var $activeUser = '';
75 
76  // }}}
77  // {{{ Auth_Container_DBLite() [constructor]
78 
87  function Auth_Container_DBLite($dsn)
88  {
89  $this->options['table'] = 'auth';
90  $this->options['usernamecol'] = 'username';
91  $this->options['passwordcol'] = 'password';
92  $this->options['dsn'] = '';
93  $this->options['db_fields'] = '';
94  $this->options['cryptType'] = 'md5';
95  $this->options['db_options'] = array();
96  $this->options['db_where'] = '';
97  $this->options['auto_quote'] = true;
98 
99  if (is_array($dsn)) {
100  $this->_parseOptions($dsn);
101  if (empty($this->options['dsn'])) {
102  PEAR::raiseError('No connection parameters specified!');
103  }
104  } else {
105  $this->options['dsn'] = $dsn;
106  }
107  }
108 
109  // }}}
110  // {{{ _connect()
111 
119  function _connect(&$dsn)
120  {
121  $this->log('Auth_Container_DBLite::_connect() called.', AUTH_LOG_DEBUG);
122  if (is_string($dsn) || is_array($dsn)) {
123  $this->db =& DB::connect($dsn, $this->options['db_options']);
124  } elseif (is_subclass_of($dsn, "db_common")) {
125  $this->db =& $dsn;
126  } else {
127  return PEAR::raiseError("Invalid dsn or db object given");
128  }
129 
130  if (DB::isError($this->db) || PEAR::isError($this->db)) {
131  return PEAR::raiseError($this->db->getMessage(), $this->db->getCode());
132  } else {
133  return true;
134  }
135  }
136 
137  // }}}
138  // {{{ _prepare()
139 
149  function _prepare()
150  {
151  if (!DB::isConnection($this->db)) {
152  $res = $this->_connect($this->options['dsn']);
153  if (DB::isError($res) || PEAR::isError($res)) {
154  return $res;
155  }
156  }
157  if ($this->options['auto_quote'] && $this->db->dsn['phptype'] != 'sqlite') {
158  if (strpos('.', $this->options['table']) === false) {
159  $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']);
160  } else {
161  $t = explode('.', $this->options['table']);
162  for ($i = 0, $count = count($t); $i < $count; $i++)
163  $t[$i] = $this->db->quoteIdentifier($t[$i]);
164  $this->options['final_table'] = implode('.', $t);
165  }
166  $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']);
167  $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']);
168  } else {
169  $this->options['final_table'] = $this->options['table'];
170  $this->options['final_usernamecol'] = $this->options['usernamecol'];
171  $this->options['final_passwordcol'] = $this->options['passwordcol'];
172  }
173  return true;
174  }
175 
176  // }}}
177  // {{{ _parseOptions()
178 
185  function _parseOptions($array)
186  {
187  foreach ($array as $key => $value) {
188  if (isset($this->options[$key])) {
189  $this->options[$key] = $value;
190  }
191  }
192  }
193 
194  // }}}
195  // {{{ _quoteDBFields()
196 
204  function _quoteDBFields()
205  {
206  if (isset($this->options['db_fields'])) {
207  if (is_array($this->options['db_fields'])) {
208  if ($this->options['auto_quote']) {
209  $fields = array();
210  foreach ($this->options['db_fields'] as $field) {
211  $fields[] = $this->db->quoteIdentifier($field);
212  }
213  return implode(', ', $fields);
214  } else {
215  return implode(', ', $this->options['db_fields']);
216  }
217  } else {
218  if (strlen($this->options['db_fields']) > 0) {
219  if ($this->options['auto_quote']) {
220  return $this->db->quoteIdentifier($this->options['db_fields']);
221  } else {
222  $this->options['db_fields'];
223  }
224  }
225  }
226  }
227 
228  return '';
229  }
230 
231  // }}}
232  // {{{ fetchData()
233 
247  function fetchData($username, $password)
248  {
249  $this->log('Auth_Container_DBLite::fetchData() called.', AUTH_LOG_DEBUG);
250  // Prepare for a database query
251  $err = $this->_prepare();
252  if ($err !== true) {
253  return PEAR::raiseError($err->getMessage(), $err->getCode());
254  }
255 
256  // Find if db_fields contains a *, if so assume all col are selected
257  if (is_string($this->options['db_fields'])
258  && strstr($this->options['db_fields'], '*')) {
259  $sql_from = "*";
260  } else {
261  $sql_from = $this->options['final_usernamecol'].
262  ", ".$this->options['final_passwordcol'];
263 
264  if (strlen($fields = $this->_quoteDBFields()) > 0) {
265  $sql_from .= ', '.$fields;
266  }
267  }
268 
269  $query = "SELECT ".$sql_from.
270  " FROM ".$this->options['final_table'].
271  " WHERE ".$this->options['final_usernamecol']." = ".$this->db->quoteSmart($username);
272 
273  // check if there is an optional parameter db_where
274  if ($this->options['db_where'] != '') {
275  // there is one, so add it to the query
276  $query .= " AND ".$this->options['db_where'];
277  }
278 
279  $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG);
280 
281  $res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC);
282 
283  if (DB::isError($res)) {
284  return PEAR::raiseError($res->getMessage(), $res->getCode());
285  }
286  if (!is_array($res)) {
287  $this->activeUser = '';
288  return false;
289  }
290  if ($this->verifyPassword(trim($password, "\r\n"),
291  trim($res[$this->options['passwordcol']], "\r\n"),
292  $this->options['cryptType'])) {
293  // Store additional field values in the session
294  foreach ($res as $key => $value) {
295  if ($key == $this->options['passwordcol'] ||
296  $key == $this->options['usernamecol']) {
297  continue;
298  }
299 
300  $this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG);
301 
302  // Use reference to the auth object if exists
303  // This is because the auth session variable can change so a static call to setAuthData does not make sence
304  if (is_object($this->_auth_obj)) {
305  $this->_auth_obj->setAuthData($key, $value);
306  } else {
307  Auth::setAuthData($key, $value);
308  }
309  }
310  $this->activeUser = $res[$this->options['usernamecol']];
311  return true;
312  }
313  $this->activeUser = $res[$this->options['usernamecol']];
314  return false;
315  }
316 
317  // }}}
318 
319 }
320 ?>
Auth_Container
Definition: Container.php:39
Auth_Container_DBLite\_quoteDBFields
_quoteDBFields()
Quote the db_fields option to avoid the possibility of SQL injection.
Definition: DBLite.php:204
AUTH_LOG_DEBUG
const AUTH_LOG_DEBUG
Auth Log level - DEBUG.
Definition: Auth.php:59
$t
$t
Definition: class.ilBMFType_duration.php:154
Auth_Container_DBLite\fetchData
fetchData($username, $password)
Get user information from database.
Definition: DBLite.php:247
Auth_Container_DBLite\_prepare
_prepare()
Prepare database connection.
Definition: DBLite.php:149
Auth\setAuthData
setAuthData($name, $value, $overwrite=true)
Register additional information that is to be stored in the session.
Definition: Auth.php:777
Auth_Container_DBLite\$dsn
$dsn
Definition: DBLite.php:68
Auth_Container_DBLite\$activeUser
$activeUser
Definition: DBLite.php:74
Auth_Container_DBLite
Definition: DBLite.php:52
Auth_Container_DBLite\$options
$options
Definition: DBLite.php:61
Auth_Container_DBLite\Auth_Container_DBLite
Auth_Container_DBLite($dsn)
Constructor of the container class.
Definition: DBLite.php:87
Auth_Container_DBLite\_connect
_connect(&$dsn)
Connect to database by using the given DSN string.
Definition: DBLite.php:119
DB_FETCHMODE_ASSOC
const DB_FETCHMODE_ASSOC
Definition: class.ilDB.php:10
Auth_Container\verifyPassword
verifyPassword($password1, $password2, $cryptType="md5")
Crypt and verfiy the entered password.
Definition: Container.php:101
PEAR\raiseError
& raiseError($message=null, $code=null, $mode=null, $options=null, $userinfo=null, $error_class=null, $skipmsg=false)
This method is a wrapper that returns an instance of the configured error class with this object&#39;s de...
Definition: PEAR.php:524
Auth_Container\log
log($message, $level=AUTH_LOG_DEBUG)
Log a message to the Auth log.
Definition: Container.php:246
Auth_Container_DBLite\_parseOptions
_parseOptions($array)
Parse options passed to the container class.
Definition: DBLite.php:185
Auth_Container_DBLite\$db
$db
Definition: DBLite.php:67
PEAR\isError
isError($data, $code=null)
Tell whether a value is a PEAR error.
Definition: PEAR.php:279