diff options
| author | bugreport%peshkin.net <> | 2004-07-12 12:48:45 +0200 |
|---|---|---|
| committer | bugreport%peshkin.net <> | 2004-07-12 12:48:45 +0200 |
| commit | abdd4eba8b321e66d9a86d2d3592893f69632618 (patch) | |
| tree | 305a5c0f7857f37f576b0969dc46f9ff2950b14a /Bugzilla/Auth/Verify/DB.pm | |
| parent | ce983f5d751e61c5500eac45e5db29eee7309520 (diff) | |
| download | bugzilla-abdd4eba8b321e66d9a86d2d3592893f69632618.tar.gz bugzilla-abdd4eba8b321e66d9a86d2d3592893f69632618.tar.xz | |
Backing out bug 241900
Diffstat (limited to 'Bugzilla/Auth/Verify/DB.pm')
| -rw-r--r-- | Bugzilla/Auth/Verify/DB.pm | 132 |
1 files changed, 0 insertions, 132 deletions
diff --git a/Bugzilla/Auth/Verify/DB.pm b/Bugzilla/Auth/Verify/DB.pm deleted file mode 100644 index 4db34b5cf..000000000 --- a/Bugzilla/Auth/Verify/DB.pm +++ /dev/null @@ -1,132 +0,0 @@ -# -*- Mode: perl; indent-tabs-mode: nil -*- -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Bugzilla Bug Tracking System. -# -# The Initial Developer of the Original Code is Netscape Communications -# Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): Terry Weissman <terry@mozilla.org> -# Dan Mosedale <dmose@mozilla.org> -# Joe Robins <jmrobins@tgix.com> -# Dave Miller <justdave@syndicomm.com> -# Christopher Aillon <christopher@aillon.com> -# Gervase Markham <gerv@gerv.net> -# Christian Reis <kiko@async.com.br> -# Bradley Baetz <bbaetz@acm.org> -# Erik Stambaugh <erik@dasbistro.com> - -package Bugzilla::Auth::Verify::DB; - -use strict; - -use Bugzilla::Config; -use Bugzilla::Constants; -use Bugzilla::Util; - -# can_edit is now a hash. - -my $can_edit = { - 'new' => 1, - 'userid' => 0, - 'login_name' => 1, - 'realname' => 1, -}; - -sub authenticate { - my ($class, $username, $passwd) = @_; - - return (AUTH_NODATA) unless defined $username && defined $passwd; - - # We're just testing against the db: any value is ok - trick_taint($username); - - my $userid = $class->get_id_from_username($username); - return (AUTH_LOGINFAILED) unless defined $userid; - - return (AUTH_LOGINFAILED, $userid) - unless $class->check_password($userid, $passwd); - - # The user's credentials are okay, so delete any outstanding - # password tokens they may have generated. - require Bugzilla::Token; - Bugzilla::Token::DeletePasswordTokens($userid, "user_logged_in"); - - # Account may have been disabled - my $disabledtext = $class->get_disabled($userid); - return (AUTH_DISABLED, $userid, $disabledtext) - if $disabledtext ne ''; - - return (AUTH_OK, $userid); -} - -sub get_id_from_username { - my ($class, $username) = @_; - my $dbh = Bugzilla->dbh; - my $sth = $dbh->prepare_cached("SELECT userid FROM profiles " . - "WHERE login_name=?"); - my ($userid) = $dbh->selectrow_array($sth, undef, $username); - return $userid; -} - -sub get_disabled { - my ($class, $userid) = @_; - my $dbh = Bugzilla->dbh; - my $sth = $dbh->prepare_cached("SELECT disabledtext FROM profiles " . - "WHERE userid=?"); - my ($text) = $dbh->selectrow_array($sth, undef, $userid); - return $text; -} - -sub check_password { - my ($class, $userid, $passwd) = @_; - my $dbh = Bugzilla->dbh; - my $sth = $dbh->prepare_cached("SELECT cryptpassword FROM profiles " . - "WHERE userid=?"); - my ($realcryptpwd) = $dbh->selectrow_array($sth, undef, $userid); - - # Get the salt from the user's crypted password. - my $salt = $realcryptpwd; - - # Using the salt, crypt the password the user entered. - my $enteredCryptedPassword = crypt($passwd, $salt); - - return $enteredCryptedPassword eq $realcryptpwd; -} - -sub change_password { - my ($class, $userid, $password) = @_; - my $dbh = Bugzilla->dbh; - my $cryptpassword = Crypt($password); - $dbh->do("UPDATE profiles SET cryptpassword = ? WHERE userid = ?", - undef, $cryptpassword, $userid); -} - -1; - -__END__ - -=head1 NAME - -Bugzilla::Auth::Verify::DB - database authentication for Bugzilla - -=head1 SUMMARY - -This is an L<authentication module|Bugzilla::Auth/"AUTHENTICATION"> for -Bugzilla, which logs the user in using the password stored in the C<profiles> -table. This is the most commonly used authentication module. - -=head1 SEE ALSO - -L<Bugzilla::Auth> |