From 32cd82fc017195480a0d73acc19c7c64962153da Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 15 Sep 2013 23:17:46 +0200 Subject: Add default get_email to Duser_Driver This fixes a possible endless loop when the function is not implemented in the driver, but the array says it is. It also allows us to simply call it without checking if it's implemented. Signed-off-by: Florian Pritz --- application/libraries/Duser/Duser.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'application/libraries/Duser') diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php index 96d61e3cc..ecb0cd9c7 100644 --- a/application/libraries/Duser/Duser.php +++ b/application/libraries/Duser/Duser.php @@ -31,6 +31,10 @@ abstract class Duser_Driver extends CI_Driver { public function username_exists($username) { return false; } + + public function get_email($userid) { + return null; + } } class Duser extends CI_Driver_Library { @@ -98,8 +102,6 @@ class Duser extends CI_Driver_Library { public function get_email($userid) { - $this->require_implemented(__FUNCTION__); - return $this->{$this->_adapter}->get_email($userid); } } -- cgit v1.2.3-24-g4f1b From a301dbf1cbe6d001e3488c458fd0868ff0608888 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Mon, 16 Sep 2013 16:26:35 +0200 Subject: Duser_Driver/username_exists: return null if not implemented false means we know it doesn't exist, null means we don't know. Signed-off-by: Florian Pritz --- application/libraries/Duser/Duser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/libraries/Duser') diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php index ecb0cd9c7..42d6b1d62 100644 --- a/application/libraries/Duser/Duser.php +++ b/application/libraries/Duser/Duser.php @@ -29,7 +29,7 @@ abstract class Duser_Driver extends CI_Driver { abstract public function login($username, $password); public function username_exists($username) { - return false; + return null; } public function get_email($userid) { -- cgit v1.2.3-24-g4f1b From 2172c2049fc8b8eca5dbed7b659a089e20d1fadd Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Mon, 16 Sep 2013 16:43:13 +0200 Subject: Duser: Add some comments Signed-off-by: Florian Pritz --- application/libraries/Duser/Duser.php | 10 ++++++++++ application/libraries/Duser/drivers/Duser_db.php | 4 ++++ 2 files changed, 14 insertions(+) (limited to 'application/libraries/Duser') diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php index 42d6b1d62..b615528f7 100644 --- a/application/libraries/Duser/Duser.php +++ b/application/libraries/Duser/Duser.php @@ -24,14 +24,24 @@ abstract class Duser_Driver extends CI_Driver { * - username string * - userid INT > 0 * + * @param username + * @param password * @return mixed array on success, false on failure */ abstract public function login($username, $password); + /* + * @param username + * @return boolean true is username exists, false otherwise + */ public function username_exists($username) { return null; } + /* + * @param userid + * @return string email address of the user + */ public function get_email($userid) { return null; } diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php index 1258ec585..5252ec48e 100644 --- a/application/libraries/Duser/drivers/Duser_db.php +++ b/application/libraries/Duser/drivers/Duser_db.php @@ -9,6 +9,10 @@ class Duser_db extends Duser_Driver { + /* FIXME: If you use this driver as a template, remove can_reset_password + * and can_register_new_users. These features require the DB driver and + * will NOT work with other drivers. + */ public $optional_functions = array( 'username_exists', 'can_reset_password', -- cgit v1.2.3-24-g4f1b From bb9f9274e8c2d661a1adffd87c87c3d81ec47b4d Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Mon, 16 Sep 2013 16:49:58 +0200 Subject: Duser: Rework optional functions Not implemented functions return null and code using these no longer has to check if they are implemented, but it has to handle null properly. Signed-off-by: Florian Pritz --- application/libraries/Duser/Duser.php | 13 ++++--------- application/libraries/Duser/drivers/Duser_db.php | 2 -- 2 files changed, 4 insertions(+), 11 deletions(-) (limited to 'application/libraries/Duser') diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php index b615528f7..38ee967c9 100644 --- a/application/libraries/Duser/Duser.php +++ b/application/libraries/Duser/Duser.php @@ -9,14 +9,11 @@ abstract class Duser_Driver extends CI_Driver { - // List of optional functions or function groups that are implemented + // List of optional functions that are implemented // - // Possible values are names of functions already implemented in this - // abstract class or the function groups listed below. - // - // Possible function groups are: - // - can_register_new_users - // - can_reset_password + // Possible values are: + // - can_register_new_users (only supported with the DB driver!) + // - can_reset_password (only supported with the DB driver!) public $optional_functions = array(); /* @@ -101,8 +98,6 @@ class Duser extends CI_Driver_Library { public function username_exists($username) { - $this->require_implemented(__FUNCTION__); - if ($username === false) { return false; } diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php index 5252ec48e..0f4298258 100644 --- a/application/libraries/Duser/drivers/Duser_db.php +++ b/application/libraries/Duser/drivers/Duser_db.php @@ -14,10 +14,8 @@ class Duser_db extends Duser_Driver { * will NOT work with other drivers. */ public $optional_functions = array( - 'username_exists', 'can_reset_password', 'can_register_new_users', - 'get_email', ); public function login($username, $password) -- cgit v1.2.3-24-g4f1b From 2f374d188317a30ed51df9647ec1bdc0f36313de Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Sun, 22 Sep 2013 09:21:00 +0200 Subject: Add FluxBB authentication driver To enable set: $config['authentication_driver'] = 'fluxbb'; $config['auth_fluxbb'] = array('database' => 'fluxbb'); Signed-off-by: Pierre Schmitz Add example array to config.php Remove $optional_functions from Duser_fluxbb to follow bb9f9274e8c2d661a1adffd87c87c3d81ec47b4d. Signed-off-by: Florian Pritz --- application/libraries/Duser/Duser.php | 2 +- .../libraries/Duser/drivers/Duser_fluxbb.php | 53 ++++++++++++++++++++++ 2 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 application/libraries/Duser/drivers/Duser_fluxbb.php (limited to 'application/libraries/Duser') diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php index 38ee967c9..07a16190c 100644 --- a/application/libraries/Duser/Duser.php +++ b/application/libraries/Duser/Duser.php @@ -49,7 +49,7 @@ class Duser extends CI_Driver_Library { protected $_adapter = null; protected $valid_drivers = array( - 'duser_db', 'duser_ldap' + 'duser_db', 'duser_ldap', 'duser_fluxbb' ); function __construct() diff --git a/application/libraries/Duser/drivers/Duser_fluxbb.php b/application/libraries/Duser/drivers/Duser_fluxbb.php new file mode 100644 index 000000000..b32e2ac8e --- /dev/null +++ b/application/libraries/Duser/drivers/Duser_fluxbb.php @@ -0,0 +1,53 @@ + + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +class Duser_fluxbb extends Duser_Driver { + + private $CI = null; + private $config = array(); + + function __construct() + { + $this->CI =& get_instance(); + $this->config = $this->CI->config->item('auth_fluxbb'); + } + + public function login($username, $password) + { + $query = $this->CI->db->query(' + SELECT username, id + FROM '.$this->config['database'].'.users + WHERE username LIKE ? AND password = ? + ', array($username, sha1($password)))->row_array(); + + if (!empty($query)) { + return array( + 'username' => $query['username'], + 'userid' => $query['id'] + ); + } else { + return false; + } + } + + public function username_exists($username) + { + $query = $this->CI->db->query(' + SELECT id + FROM '.$this->config['database'].'.users + WHERE username LIKE ? + ', array($username)); + + if ($query->num_rows() > 0) { + return true; + } else { + return false; + } + } +} -- cgit v1.2.3-24-g4f1b From 6ec220c0c59868c86a40cc8373fdea32879f7cb5 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 22 Sep 2013 12:13:24 +0200 Subject: duser_fluxbb: Replace like with equals We don't use wildcards so we don't need like. Signed-off-by: Florian Pritz --- application/libraries/Duser/drivers/Duser_fluxbb.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/libraries/Duser') diff --git a/application/libraries/Duser/drivers/Duser_fluxbb.php b/application/libraries/Duser/drivers/Duser_fluxbb.php index b32e2ac8e..1790e830b 100644 --- a/application/libraries/Duser/drivers/Duser_fluxbb.php +++ b/application/libraries/Duser/drivers/Duser_fluxbb.php @@ -23,7 +23,7 @@ class Duser_fluxbb extends Duser_Driver { $query = $this->CI->db->query(' SELECT username, id FROM '.$this->config['database'].'.users - WHERE username LIKE ? AND password = ? + WHERE username = ? AND password = ? ', array($username, sha1($password)))->row_array(); if (!empty($query)) { @@ -41,7 +41,7 @@ class Duser_fluxbb extends Duser_Driver { $query = $this->CI->db->query(' SELECT id FROM '.$this->config['database'].'.users - WHERE username LIKE ? + WHERE username = ? ', array($username)); if ($query->num_rows() > 0) { -- cgit v1.2.3-24-g4f1b From 260da3941fafbe40877aa2ecb52169b460e0e644 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 22 Sep 2013 12:17:06 +0200 Subject: duser_db: Remove case sensitive username check Signed-off-by: Florian Pritz --- application/libraries/Duser/drivers/Duser_db.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'application/libraries/Duser') diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php index 0f4298258..a58b5a298 100644 --- a/application/libraries/Duser/drivers/Duser_db.php +++ b/application/libraries/Duser/drivers/Duser_db.php @@ -28,11 +28,7 @@ class Duser_db extends Duser_Driver { WHERE `username` = ? ', array($username))->row_array(); - if (!isset($query["username"]) || $query["username"] !== $username) { - return false; - } - - if (!isset($query["password"])) { + if (empty($query)) { return false; } -- cgit v1.2.3-24-g4f1b