ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Auth_Container_MDB2 Class Reference
+ Inheritance diagram for Auth_Container_MDB2:
+ Collaboration diagram for Auth_Container_MDB2:

Public Member Functions

 Auth_Container_MDB2 ($dsn)
 Constructor of the container class. More...
 
 _connect ($dsn)
 Connect to database by using the given DSN string. More...
 
 _prepare ()
 Prepare database connection. More...
 
 query ($query)
 Prepare query to the database. More...
 
 _setDefaults ()
 Set some default options. More...
 
 _parseOptions ($array)
 Parse options passed to the container class. More...
 
 _quoteDBFields ()
 Quote the db_fields option to avoid the possibility of SQL injection. More...
 
 fetchData ($username, $password, $isChallengeResponse=false)
 Get user information from database. More...
 
 listUsers ()
 Returns a list of users from the container. More...
 
 addUser ($username, $password, $additional="")
 Add user to the storage container. More...
 
 removeUser ($username)
 Remove user from the storage container. More...
 
 changePassword ($username, $password)
 Change password for user in the storage container. More...
 
 supportsChallengeResponse ()
 Determine if this container supports password authentication with challenge response. More...
 
 getCryptType ()
 Returns the selected crypt type for this container. More...
 
- Public Member Functions inherited from Auth_Container
 Auth_Container ()
 Constructor. More...
 
 fetchData ($username, $password, $isChallengeResponse=false)
 Fetch data from storage container. More...
 
 verifyPassword ($password1, $password2, $cryptType="md5")
 Crypt and verfiy the entered password. More...
 
 supportsChallengeResponse ()
 Returns true if the container supports Challenge Response password authentication. More...
 
 getCryptType ()
 Returns the crypt current crypt type of the container. More...
 
 listUsers ()
 List all users that are available from the storage container. More...
 
 getUser ($username)
 Returns a user assoc array. More...
 
 addUser ($username, $password, $additional=null)
 Add a new user to the storage container. More...
 
 removeUser ($username)
 Remove user from the storage container. More...
 
 changePassword ($username, $password)
 Change password for user in the storage container. More...
 
 log ($message, $level=AUTH_LOG_DEBUG)
 Log a message to the Auth log. More...
 
- Public Member Functions inherited from ilAuthContainerBase
 loginObserver ($a_username, $a_auth)
 Called after successful login. More...
 
 failedLoginObserver ($a_username, $a_auth)
 Called after failed login. More...
 
 checkAuthObserver ($a_username, $a_auth)
 Called after check auth requests. More...
 
 logoutObserver ($a_username, $a_auth)
 Called after logout. More...
 
 supportsCaptchaVerification ()
 Returns whether or not the auth container supports the verification of captchas This should be true for those auth methods, which are available in the default login form. More...
 

Data Fields

 $options = array()
 
 $db = null
 
 $dsn = ''
 
 $activeUser = ''
 
- Data Fields inherited from Auth_Container
 $activeUser = ""
 User that is currently selected from the storage container. More...
 
 $_auth_obj = null
 The Auth object this container is attached to. More...
 

Detailed Description

Definition at line 51 of file MDB2.php.

Member Function Documentation

◆ _connect()

Auth_Container_MDB2::_connect (   $dsn)

Connect to database by using the given DSN string.

@access private

Parameters
mixedDSN string | array | mdb object
Returns
mixed Object on error, otherwise bool

Definition at line 110 of file MDB2.php.

111 {
112 $this->log('Auth_Container_MDB2::_connect() called.', AUTH_LOG_DEBUG);
113 if (is_string($dsn) || is_array($dsn)) {
114 $this->db =& MDB2::connect($dsn, $this->options['db_options']);
115 } elseif (is_subclass_of($dsn, 'MDB2_Driver_Common')) {
116 $this->db = $dsn;
117 } elseif (is_object($dsn) && MDB2::isError($dsn)) {
118 return PEAR::raiseError($dsn->getMessage(), $dsn->code);
119 } else {
120 return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,
121 41,
123 null,
124 null
125 );
126
127 }
128
129 if (MDB2::isError($this->db) || PEAR::isError($this->db)) {
130 return PEAR::raiseError($this->db->getMessage(), $this->db->code);
131 }
132
133 if ($this->options['auto_quote']) {
134 if (strpos('.', $this->options['table']) === false) {
135 $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table'], true);
136 } else {
137 $t = explode('.', $this->options['table']);
138 for ($i = 0, $count = count($t); $i < $count; $i++)
139 $t[$i] = $this->db->quoteIdentifier($t[$i], true);
140 $this->options['final_table'] = implode('.', $t);
141 }
142 $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol'], true);
143 $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol'], true);
144 } else {
145 $this->options['final_table'] = $this->options['table'];
146 $this->options['final_usernamecol'] = $this->options['usernamecol'];
147 $this->options['final_passwordcol'] = $this->options['passwordcol'];
148 }
149
150 return true;
151 }
const AUTH_LOG_DEBUG
Auth Log level - DEBUG.
Definition: Auth.php:59
const PEAR_ERROR_RETURN
#+ ERROR constants
Definition: PEAR.php:31
log($message, $level=AUTH_LOG_DEBUG)
Log a message to the Auth log.
Definition: Container.php:246
isError($data, $code=null)
Tell whether a value is a MDB2 error.
Definition: MDB2.php:594
& connect($dsn, $options=false)
Create a new MDB2 connection object and connect to the specified database.
Definition: MDB2.php:431
isError($data, $code=null)
Tell whether a value is a PEAR error.
Definition: PEAR.php:279
& raiseError($message=null, $code=null, $mode=null, $options=null, $userinfo=null, $error_class=null, $skipmsg=false)
This method is a wrapper that returns an instance of the configured error class with this object's de...
Definition: PEAR.php:524

References $dsn, $t, AUTH_LOG_DEBUG, MDB2\connect(), MDB2\isError(), PEAR\isError(), Auth_Container\log(), PEAR_ERROR_RETURN, and PEAR\raiseError().

Referenced by _prepare().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _parseOptions()

Auth_Container_MDB2::_parseOptions (   $array)

Parse options passed to the container class.

@access private

Parameters
array

Definition at line 229 of file MDB2.php.

230 {
231 foreach ($array as $key => $value) {
232 if (isset($this->options[$key])) {
233 $this->options[$key] = $value;
234 }
235 }
236 }

Referenced by Auth_Container_MDB2().

+ Here is the caller graph for this function:

◆ _prepare()

Auth_Container_MDB2::_prepare ( )

Prepare database connection.

This function checks if we have already opened a connection to the database. If that's not the case, a new connection is opened.

@access private

Returns
mixed True or a MDB error object.

Definition at line 165 of file MDB2.php.

166 {
167 if (is_subclass_of($this->db, 'MDB2_Driver_Common')) {
168 return true;
169 }
170 return $this->_connect($this->options['dsn']);
171 }
_connect($dsn)
Connect to database by using the given DSN string.
Definition: MDB2.php:110

References _connect().

Referenced by addUser(), changePassword(), fetchData(), listUsers(), query(), and removeUser().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _quoteDBFields()

Auth_Container_MDB2::_quoteDBFields ( )

Quote the db_fields option to avoid the possibility of SQL injection.

@access private

Returns
string A properly quoted string that can be concatenated into a SELECT clause.

Definition at line 248 of file MDB2.php.

249 {
250 if (isset($this->options['db_fields'])) {
251 if (is_array($this->options['db_fields'])) {
252 if ($this->options['auto_quote']) {
253 $fields = array();
254 foreach ($this->options['db_fields'] as $field) {
255 $fields[] = $this->db->quoteIdentifier($field, true);
256 }
257 return implode(', ', $fields);
258 } else {
259 return implode(', ', $this->options['db_fields']);
260 }
261 } else {
262 if (strlen($this->options['db_fields']) > 0) {
263 if ($this->options['auto_quote']) {
264 return $this->db->quoteIdentifier($this->options['db_fields'], true);
265 } else {
266 return $this->options['db_fields'];
267 }
268 }
269 }
270 }
271
272 return '';
273 }

Referenced by fetchData(), and listUsers().

+ Here is the caller graph for this function:

◆ _setDefaults()

Auth_Container_MDB2::_setDefaults ( )

Set some default options.

@access private

Returns
void

Definition at line 207 of file MDB2.php.

208 {
209 $this->options['table'] = 'auth';
210 $this->options['usernamecol'] = 'username';
211 $this->options['passwordcol'] = 'password';
212 $this->options['dsn'] = '';
213 $this->options['db_fields'] = '';
214 $this->options['cryptType'] = 'md5';
215 $this->options['db_options'] = array();
216 $this->options['db_where'] = '';
217 $this->options['auto_quote'] = true;
218 }

Referenced by Auth_Container_MDB2().

+ Here is the caller graph for this function:

◆ addUser()

Auth_Container_MDB2::addUser (   $username,
  $password,
  $additional = "" 
)

Add user to the storage container.

@access public

Parameters
stringUsername
stringPassword
mixedAdditional information that are stored in the DB
Returns
mixed True on success, otherwise error object

Reimplemented from Auth_Container.

Definition at line 445 of file MDB2.php.

446 {
447 $this->log('Auth_Container_MDB2::addUser() called.', AUTH_LOG_DEBUG);
448
449 // Prepare for a database query
450 $err = $this->_prepare();
451 if ($err !== true) {
452 return PEAR::raiseError($err->getMessage(), $err->getCode());
453 }
454
455 if (isset($this->options['cryptType']) && $this->options['cryptType'] == 'none') {
456 $cryptFunction = 'strval';
457 } elseif (isset($this->options['cryptType']) && function_exists($this->options['cryptType'])) {
458 $cryptFunction = $this->options['cryptType'];
459 } else {
460 $cryptFunction = 'md5';
461 }
462
463 $password = $cryptFunction($password);
464
465 $additional_key = '';
466 $additional_value = '';
467
468 if (is_array($additional)) {
469 foreach ($additional as $key => $value) {
470 if ($this->options['auto_quote']) {
471 $additional_key .= ', ' . $this->db->quoteIdentifier($key, true);
472 } else {
473 $additional_key .= ', ' . $key;
474 }
475 $additional_value .= ', ' . $this->db->quote($value, 'text');
476 }
477 }
478
479 $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)",
480 $this->options['final_table'],
481 $this->options['final_usernamecol'],
482 $this->options['final_passwordcol'],
483 $additional_key,
484 $this->db->quote($username, 'text'),
485 $this->db->quote($password, 'text'),
486 $additional_value
487 );
488
489 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
490
491 $res = $this->query($query);
492
493 if (MDB2::isError($res)) {
494 return PEAR::raiseError($res->getMessage(), $res->code);
495 }
496 return true;
497 }
query($query)
Prepare query to the database.
Definition: MDB2.php:188
_prepare()
Prepare database connection.
Definition: MDB2.php:165
$additional
Definition: goto.php:89

References $additional, $query, $res, _prepare(), AUTH_LOG_DEBUG, MDB2\isError(), Auth_Container\log(), query(), and PEAR\raiseError().

+ Here is the call graph for this function:

◆ Auth_Container_MDB2()

Auth_Container_MDB2::Auth_Container_MDB2 (   $dsn)

Constructor of the container class.

Initate connection to the database via PEAR::MDB2

Parameters
stringConnection data or MDB2 object
Returns
object Returns an error object if something went wrong

Definition at line 86 of file MDB2.php.

87 {
88 $this->_setDefaults();
89
90 if (is_array($dsn)) {
91 $this->_parseOptions($dsn);
92 if (empty($this->options['dsn'])) {
93 PEAR::raiseError('No connection parameters specified!');
94 }
95 } else {
96 $this->options['dsn'] = $dsn;
97 }
98 }
_setDefaults()
Set some default options.
Definition: MDB2.php:207
_parseOptions($array)
Parse options passed to the container class.
Definition: MDB2.php:229

References $dsn, _parseOptions(), _setDefaults(), and PEAR\raiseError().

Referenced by ilAuthContainerDatabase\ilAuthContainerDatabase().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ changePassword()

Auth_Container_MDB2::changePassword (   $username,
  $password 
)

Change password for user in the storage container.

Parameters
stringUsername
stringThe new password (plain text)

Reimplemented from Auth_Container.

Definition at line 550 of file MDB2.php.

551 {
552 $this->log('Auth_Container_MDB2::changePassword() called.', AUTH_LOG_DEBUG);
553 // Prepare for a database query
554 $err = $this->_prepare();
555 if ($err !== true) {
556 return PEAR::raiseError($err->getMessage(), $err->getCode());
557 }
558
559 if (isset($this->options['cryptType']) && $this->options['cryptType'] == 'none') {
560 $cryptFunction = 'strval';
561 } elseif (isset($this->options['cryptType']) && function_exists($this->options['cryptType'])) {
562 $cryptFunction = $this->options['cryptType'];
563 } else {
564 $cryptFunction = 'md5';
565 }
566
567 $password = $cryptFunction($password);
568
569 $query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s",
570 $this->options['final_table'],
571 $this->options['final_passwordcol'],
572 $this->db->quote($password, 'text'),
573 $this->options['final_usernamecol'],
574 $this->db->quote($username, 'text')
575 );
576
577 // check if there is an optional parameter db_where
578 if ($this->options['db_where'] != '') {
579 // there is one, so add it to the query
580 $query .= " AND ".$this->options['db_where'];
581 }
582
583 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
584
585 $res = $this->query($query);
586
587 if (MDB2::isError($res)) {
588 return PEAR::raiseError($res->getMessage(), $res->code);
589 }
590 return true;
591 }

References $query, $res, _prepare(), AUTH_LOG_DEBUG, MDB2\isError(), Auth_Container\log(), query(), and PEAR\raiseError().

+ Here is the call graph for this function:

◆ fetchData()

Auth_Container_MDB2::fetchData (   $username,
  $password,
  $isChallengeResponse = false 
)

Get user information from database.

This function uses the given username to fetch the corresponding login data from the database table. If an account that matches the passed username and password is found, the function returns true. Otherwise it returns false.

Parameters
stringUsername
stringPassword
booleanIf true password is secured using a md5 hash the frontend and auth are responsible for making sure the container supports challenge response password authentication
Returns
mixed Error object or boolean

Reimplemented from Auth_Container.

Reimplemented in ilAuthContainerDatabase, and ilAuthContainerMDB2.

Definition at line 294 of file MDB2.php.

295 {
296 $this->log('Auth_Container_MDB2::fetchData() called.', AUTH_LOG_DEBUG);
297 // Prepare for a database query
298 $err = $this->_prepare();
299 if ($err !== true) {
300 return PEAR::raiseError($err->getMessage(), $err->getCode());
301 }
302
303 //Check if db_fields contains a *, if so assume all columns are selected
304 if (is_string($this->options['db_fields'])
305 && strstr($this->options['db_fields'], '*')) {
306 $sql_from = '*';
307 } else {
308 $sql_from = $this->options['final_usernamecol'].
309 ", ".$this->options['final_passwordcol'];
310
311 if (strlen($fields = $this->_quoteDBFields()) > 0) {
312 $sql_from .= ', '.$fields;
313 }
314 }
315 $query = sprintf("SELECT %s FROM %s WHERE %s = %s",
316 $sql_from,
317 $this->options['final_table'],
318 $this->options['final_usernamecol'],
319 $this->db->quote($username, 'text')
320 );
321
322 // check if there is an optional parameter db_where
323 if ($this->options['db_where'] != '') {
324 // there is one, so add it to the query
325 $query .= " AND ".$this->options['db_where'];
326 }
327
328 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
329
330 $res = $this->db->queryRow($query, null, MDB2_FETCHMODE_ASSOC);
332 return PEAR::raiseError($res->getMessage(), $res->getCode());
333 }
334 if (!is_array($res)) {
335 $this->activeUser = '';
336 return false;
337 }
338
339 // Perform trimming here before the hashing
340 $password = trim($password, "\r\n");
341 $res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n");
342 // If using Challenge Response md5 the pass with the secret
343 if ($isChallengeResponse) {
344 $res[$this->options['passwordcol']] =
345 md5($res[$this->options['passwordcol']].$this->_auth_obj->session['loginchallenege']);
346 // UGLY cannot avoid without modifying verifyPassword
347 if ($this->options['cryptType'] == 'md5') {
348 $res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]);
349 }
350 }
351 if ($this->verifyPassword($password,
352 $res[$this->options['passwordcol']],
353 $this->options['cryptType'])) {
354 // Store additional field values in the session
355 foreach ($res as $key => $value) {
356 if ($key == $this->options['passwordcol'] ||
357 $key == $this->options['usernamecol']) {
358 continue;
359 }
360
361 $this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG);
362
363 // Use reference to the auth object if exists
364 // This is because the auth session variable can change so a static call to setAuthData does not make sense
365 $this->_auth_obj->setAuthData($key, $value);
366 }
367 return true;
368 }
369
370 $this->activeUser = $res[$this->options['usernamecol']];
371 return false;
372 }
const MDB2_FETCHMODE_ASSOC
Column data indexed by column names.
Definition: MDB2.php:129
_quoteDBFields()
Quote the db_fields option to avoid the possibility of SQL injection.
Definition: MDB2.php:248
verifyPassword($password1, $password2, $cryptType="md5")
Crypt and verfiy the entered password.
Definition: Container.php:101

References $query, $res, _prepare(), _quoteDBFields(), AUTH_LOG_DEBUG, MDB2\isError(), PEAR\isError(), Auth_Container\log(), MDB2_FETCHMODE_ASSOC, PEAR\raiseError(), and Auth_Container\verifyPassword().

+ Here is the call graph for this function:

◆ getCryptType()

Auth_Container_MDB2::getCryptType ( )

Returns the selected crypt type for this container.

Returns
string Function used to crypt the password

Reimplemented from Auth_Container.

Definition at line 616 of file MDB2.php.

617 {
618 return $this->options['cryptType'];
619 }

◆ listUsers()

Auth_Container_MDB2::listUsers ( )

Returns a list of users from the container.

Returns
mixed array|PEAR_Error @access public

Reimplemented from Auth_Container.

Definition at line 383 of file MDB2.php.

384 {
385 $this->log('Auth_Container_MDB2::listUsers() called.', AUTH_LOG_DEBUG);
386 $err = $this->_prepare();
387 if ($err !== true) {
388 return PEAR::raiseError($err->getMessage(), $err->getCode());
389 }
390
391 $retVal = array();
392
393 //Check if db_fields contains a *, if so assume all columns are selected
394 if ( is_string($this->options['db_fields'])
395 && strstr($this->options['db_fields'], '*')) {
396 $sql_from = '*';
397 } else {
398 $sql_from = $this->options['final_usernamecol'].
399 ", ".$this->options['final_passwordcol'];
400
401 if (strlen($fields = $this->_quoteDBFields()) > 0) {
402 $sql_from .= ', '.$fields;
403 }
404 }
405
406 $query = sprintf('SELECT %s FROM %s',
407 $sql_from,
408 $this->options['final_table']
409 );
410
411 // check if there is an optional parameter db_where
412 if ($this->options['db_where'] != '') {
413 // there is one, so add it to the query
414 $query .= " WHERE ".$this->options['db_where'];
415 }
416
417 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
418
419 $res = $this->db->queryAll($query, null, MDB2_FETCHMODE_ASSOC);
420 if (MDB2::isError($res)) {
421 return PEAR::raiseError($res->getMessage(), $res->getCode());
422 } else {
423 foreach ($res as $user) {
424 $user['username'] = $user[$this->options['usernamecol']];
425 $retVal[] = $user;
426 }
427 }
428 $this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG);
429 return $retVal;
430 }

References $query, $res, _prepare(), _quoteDBFields(), AUTH_LOG_DEBUG, MDB2\isError(), Auth_Container\log(), MDB2_FETCHMODE_ASSOC, and PEAR\raiseError().

+ Here is the call graph for this function:

◆ query()

Auth_Container_MDB2::query (   $query)

Prepare query to the database.

This function checks if we have already opened a connection to the database. If that's not the case, a new connection is opened. After that the query is passed to the database.

@access public

Parameters
stringQuery string
Returns
mixed a MDB_result object or MDB_OK on success, a MDB or PEAR error on failure

Definition at line 188 of file MDB2.php.

189 {
190 $this->log('Auth_Container_MDB2::query() called.', AUTH_LOG_DEBUG);
191 $err = $this->_prepare();
192 if ($err !== true) {
193 return $err;
194 }
195 return $this->db->exec($query);
196 }

References $query, _prepare(), AUTH_LOG_DEBUG, and Auth_Container\log().

Referenced by addUser(), changePassword(), and removeUser().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ removeUser()

Auth_Container_MDB2::removeUser (   $username)

Remove user from the storage container.

@access public

Parameters
stringUsername
Returns
mixed True on success, otherwise error object

Reimplemented from Auth_Container.

Definition at line 510 of file MDB2.php.

511 {
512 $this->log('Auth_Container_MDB2::removeUser() called.', AUTH_LOG_DEBUG);
513 // Prepare for a database query
514 $err = $this->_prepare();
515 if ($err !== true) {
516 return PEAR::raiseError($err->getMessage(), $err->getCode());
517 }
518
519 $query = sprintf("DELETE FROM %s WHERE %s = %s",
520 $this->options['final_table'],
521 $this->options['final_usernamecol'],
522 $this->db->quote($username, 'text')
523 );
524
525 // check if there is an optional parameter db_where
526 if ($this->options['db_where'] != '') {
527 // there is one, so add it to the query
528 $query .= " AND ".$this->options['db_where'];
529 }
530
531 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG);
532
533 $res = $this->query($query);
534
535 if (MDB2::isError($res)) {
536 return PEAR::raiseError($res->getMessage(), $res->code);
537 }
538 return true;
539 }

References $query, $res, _prepare(), AUTH_LOG_DEBUG, MDB2\isError(), Auth_Container\log(), query(), and PEAR\raiseError().

+ Here is the call graph for this function:

◆ supportsChallengeResponse()

Auth_Container_MDB2::supportsChallengeResponse ( )

Determine if this container supports password authentication with challenge response.

Returns
bool @access public

Reimplemented from Auth_Container.

Definition at line 603 of file MDB2.php.

604 {
605 return in_array($this->options['cryptType'], array('md5', 'none', ''));
606 }

Field Documentation

◆ $activeUser

Auth_Container_MDB2::$activeUser = ''

Definition at line 73 of file MDB2.php.

◆ $db

Auth_Container_MDB2::$db = null

Definition at line 66 of file MDB2.php.

◆ $dsn

Auth_Container_MDB2::$dsn = ''

◆ $options

Auth_Container_MDB2::$options = array()

Definition at line 60 of file MDB2.php.

Referenced by ilAuthContainerMDB2\__construct().


The documentation for this class was generated from the following file: