From 2657e46860a359adae6f3bf3bbf8d7fcaf626f31 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Fri, 9 Nov 2012 16:31:57 +0100 Subject: authmysql fixes * use proper plugin config * code/PHP5 cleanup --- lib/plugins/authmysql/auth.php | 732 +++++++++++++++++---------------- lib/plugins/authmysql/conf/default.php | 3 + 2 files changed, 375 insertions(+), 360 deletions(-) create mode 100644 lib/plugins/authmysql/conf/default.php (limited to 'lib') diff --git a/lib/plugins/authmysql/auth.php b/lib/plugins/authmysql/auth.php index 368bd74a2..7d303726b 100644 --- a/lib/plugins/authmysql/auth.php +++ b/lib/plugins/authmysql/auth.php @@ -3,7 +3,7 @@ if(!defined('DOKU_INC')) die(); /** - * MySQLP authentication backend + * MySQL authentication backend * * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * @author Andreas Gohr @@ -12,12 +12,14 @@ if(!defined('DOKU_INC')) die(); * @author Jan Schumann */ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { - var $dbcon = 0; - var $dbver = 0; // database version - var $dbrev = 0; // database revision - var $dbsub = 0; // database subrevision - var $cnf = null; - var $defaultgroup = ""; + /** @var resource holds the database connection */ + protected $dbcon = 0; + /** @var int database version*/ + protected $dbver = 0; + /** @var int database revision */ + protected $dbrev = 0; + /** @var int database subrevision */ + protected $dbsub = 0; /** * Constructor @@ -27,92 +29,93 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * * @author Matthias Grimm */ - function __construct() { + public function __construct() { parent::__construct(); - global $conf; - $this->cnf = $conf['auth']['mysql']; - - if (method_exists($this, 'auth_basic')){ - parent::__construct(); - } - if(!function_exists('mysql_connect')) { - if ($this->cnf['debug']){ - msg("MySQL err: PHP MySQL extension not found.",-1,__LINE__,__FILE__); - } + $this->_debug("MySQL err: PHP MySQL extension not found.", -1, __LINE__, __FILE__); $this->success = false; return; } - // default to UTF-8, you rarely want something else - if(!isset($this->cnf['charset'])) $this->cnf['charset'] = 'utf8'; - - $this->defaultgroup = $conf['defaultgroup']; - // set capabilities based upon config strings set - if (empty($this->cnf['server']) || empty($this->cnf['user']) || - !isset($this->cnf['password']) || empty($this->cnf['database'])){ + if(!$this->getConf('server') || !$this->getConf('user') || !$this->getConf('database')) { + $this->_debug("MySQL err: insufficient configuration.", -1, __LINE__, __FILE__); - if ($this->cnf['debug']){ - msg("MySQL err: insufficient configuration.",-1,__LINE__,__FILE__); - } $this->success = false; return; } - $this->cando['addUser'] = $this->_chkcnf(array( - 'getUserInfo', - 'getGroups', - 'addUser', - 'getUserID', - 'getGroupID', - 'addGroup', - 'addUserGroup'),true); - $this->cando['delUser'] = $this->_chkcnf(array( - 'getUserID', - 'delUser', - 'delUserRefs'),true); - $this->cando['modLogin'] = $this->_chkcnf(array( - 'getUserID', - 'updateUser', - 'UpdateTarget'),true); - $this->cando['modPass'] = $this->cando['modLogin']; - $this->cando['modName'] = $this->cando['modLogin']; - $this->cando['modMail'] = $this->cando['modLogin']; - $this->cando['modGroups'] = $this->_chkcnf(array( - 'getUserID', - 'getGroups', - 'getGroupID', - 'addGroup', - 'addUserGroup', - 'delGroup', - 'getGroupID', - 'delUserGroup'),true); + $this->cando['addUser'] = $this->_chkcnf( + array( + 'getUserInfo', + 'getGroups', + 'addUser', + 'getUserID', + 'getGroupID', + 'addGroup', + 'addUserGroup' + ), true + ); + $this->cando['delUser'] = $this->_chkcnf( + array( + 'getUserID', + 'delUser', + 'delUserRefs' + ), true + ); + $this->cando['modLogin'] = $this->_chkcnf( + array( + 'getUserID', + 'updateUser', + 'UpdateTarget' + ), true + ); + $this->cando['modPass'] = $this->cando['modLogin']; + $this->cando['modName'] = $this->cando['modLogin']; + $this->cando['modMail'] = $this->cando['modLogin']; + $this->cando['modGroups'] = $this->_chkcnf( + array( + 'getUserID', + 'getGroups', + 'getGroupID', + 'addGroup', + 'addUserGroup', + 'delGroup', + 'getGroupID', + 'delUserGroup' + ), true + ); /* getGroups is not yet supported $this->cando['getGroups'] = $this->_chkcnf(array('getGroups', 'getGroupID'),false); */ - $this->cando['getUsers'] = $this->_chkcnf(array( - 'getUsers', - 'getUserInfo', - 'getGroups'),false); - $this->cando['getUserCount'] = $this->_chkcnf(array('getUsers'),false); + $this->cando['getUsers'] = $this->_chkcnf( + array( + 'getUsers', + 'getUserInfo', + 'getGroups' + ), false + ); + $this->cando['getUserCount'] = $this->_chkcnf(array('getUsers'), false); } /** * Check if the given config strings are set * * @author Matthias Grimm + * @param array $keys + * @param bool $wop is this a check for a write operation? * @return bool */ - function _chkcnf($keys, $wop=false){ - foreach ($keys as $key){ - if (empty($this->cnf[$key])) return false; + protected function _chkcnf($keys, $wop = false) { + foreach($keys as $key) { + if(!$this->getConf($key)) return false; } /* write operation and lock array filled with tables names? */ - if ($wop && (!is_array($this->cnf['TablesToLock']) || - !count($this->cnf['TablesToLock']))){ + if($wop && (!is_array($this->getConf('TablesToLock')) || + !count($this->getConf('TablesToLock'))) + ) { return false; } @@ -127,27 +130,28 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * Depending on which SQL string is defined in the config, password * checking is done here (getpass) or by the database (passcheck) * - * @param $user user who would like access - * @param $pass user's clear text password to check + * @param string $user user who would like access + * @param string $pass user's clear text password to check * @return bool * * @author Andreas Gohr * @author Matthias Grimm */ - function checkPass($user,$pass){ - $rc = false; + public function checkPass($user, $pass) { + global $conf; + $rc = false; if($this->_openDB()) { - $sql = str_replace('%{user}',$this->_escape($user),$this->cnf['checkPass']); - $sql = str_replace('%{pass}',$this->_escape($pass),$sql); - $sql = str_replace('%{dgroup}',$this->_escape($this->defaultgroup),$sql); + $sql = str_replace('%{user}', $this->_escape($user), $this->getConf('checkPass')); + $sql = str_replace('%{pass}', $this->_escape($pass), $sql); + $sql = str_replace('%{dgroup}', $this->_escape($conf['defaultgroup']), $sql); $result = $this->_queryDB($sql); if($result !== false && count($result) == 1) { - if($this->cnf['forwardClearPass'] == 1) + if($this->getConf('forwardClearPass') == 1) $rc = true; else - $rc = auth_verifyPassword($pass,$result[0]['pass']); + $rc = auth_verifyPassword($pass, $result[0]['pass']); } $this->_closeDB(); } @@ -155,20 +159,15 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { } /** - * [public function] - * - * Returns info about the given user needs to contain - * at least these fields: - * name string full name of the user - * mail string email addres of the user - * grps array list of groups the user is in - * - * @param $user user's nick to get data for + * Return user info * * @author Andreas Gohr * @author Matthias Grimm + * + * @param string $user user login to get data for + * @return array|bool */ - function getUserData($user){ + public function getUserData($user) { if($this->_openDB()) { $this->_lockTables("READ"); $info = $this->_getUserInfo($user); @@ -180,45 +179,46 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { } /** - * [public function] - * * Create a new User. Returns false if the user already exists, * null when an error occurred and true if everything went well. * * The new user will be added to the default group by this * function if grps are not specified (default behaviour). * - * @param $user nick of the user - * @param $pwd clear text password - * @param $name full name of the user - * @param $mail email address - * @param $grps array of groups the user should become member of - * * @author Andreas Gohr * @author Chris Smith * @author Matthias Grimm + * + * @param string $user nick of the user + * @param string $pwd clear text password + * @param string $name full name of the user + * @param string $mail email address + * @param array $grps array of groups the user should become member of + * @return bool|null */ - function createUser($user,$pwd,$name,$mail,$grps=null){ + public function createUser($user, $pwd, $name, $mail, $grps = null) { + global $conf; + if($this->_openDB()) { - if (($info = $this->_getUserInfo($user)) !== false) - return false; // user already exists + if(($info = $this->_getUserInfo($user)) !== false) + return false; // user already exists // set defaultgroup if no groups were given - if ($grps == null) - $grps = array($this->defaultgroup); + if($grps == null) + $grps = array($conf['defaultgroup']); $this->_lockTables("WRITE"); - $pwd = $this->cnf['forwardClearPass'] ? $pwd : auth_cryptPassword($pwd); - $rc = $this->_addUser($user,$pwd,$name,$mail,$grps); + $pwd = $this->getConf('forwardClearPass') ? $pwd : auth_cryptPassword($pwd); + $rc = $this->_addUser($user, $pwd, $name, $mail, $grps); $this->_unlockTables(); $this->_closeDB(); - if ($rc) return true; + if($rc) return true; } - return null; // return error + return null; // return error } /** - * Modify user data [public function] + * Modify user data * * An existing user dataset will be modified. Changes are given in an array. * @@ -237,37 +237,36 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * should be modified). In this case we asure that we don't touch groups * even $changes['grps'] is set by mistake. * - * @param $user nick of the user to be changed - * @param $changes array of field/value pairs to be changed (password - * will be clear text) - * @return bool true on success, false on error - * * @author Chris Smith * @author Matthias Grimm + * + * @param string $user nick of the user to be changed + * @param array $changes array of field/value pairs to be changed (password will be clear text) + * @return bool true on success, false on error */ - function modifyUser($user, $changes) { + public function modifyUser($user, $changes) { $rc = false; - if (!is_array($changes) || !count($changes)) - return true; // nothing to change + if(!is_array($changes) || !count($changes)) + return true; // nothing to change if($this->_openDB()) { $this->_lockTables("WRITE"); - if (($uid = $this->_getUserID($user))) { + if(($uid = $this->_getUserID($user))) { $rc = $this->_updateUserInfo($changes, $uid); - if ($rc && isset($changes['grps']) && $this->cando['modGroups']) { + if($rc && isset($changes['grps']) && $this->cando['modGroups']) { $groups = $this->_getGroups($user); $grpadd = array_diff($changes['grps'], $groups); $grpdel = array_diff($groups, $changes['grps']); foreach($grpadd as $group) - if (($this->_addUserToGroup($user, $group, 1)) == false) + if(($this->_addUserToGroup($user, $group, 1)) == false) $rc = false; foreach($grpdel as $group) - if (($this->_delUserFromGroup($user, $group)) == false) + if(($this->_delUserFromGroup($user, $group)) == false) $rc = false; } } @@ -293,10 +292,10 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { $count = 0; if($this->_openDB()) { - if (is_array($users) && count($users)) { + if(is_array($users) && count($users)) { $this->_lockTables("WRITE"); - foreach ($users as $user) { - if ($this->_delUser($user)) + foreach($users as $user) { + if($this->_delUser($user)) $count++; } $this->_unlockTables(); @@ -307,28 +306,26 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { } /** - * [public function] - * * Counts users which meet certain $filter criteria. * - * @param array $filter filter criteria in item/pattern pairs - * @return count of found users. - * * @author Matthias Grimm + * + * @param array $filter filter criteria in item/pattern pairs + * @return int count of found users */ - function getUserCount($filter=array()) { + public function getUserCount($filter = array()) { $rc = 0; if($this->_openDB()) { - $sql = $this->_createSQLFilter($this->cnf['getUsers'], $filter); + $sql = $this->_createSQLFilter($this->getConf('getUsers'), $filter); - if ($this->dbver >= 4) { - $sql = substr($sql, 6); /* remove 'SELECT' or 'select' */ + if($this->dbver >= 4) { + $sql = substr($sql, 6); /* remove 'SELECT' or 'select' */ $sql = "SELECT SQL_CALC_FOUND_ROWS".$sql." LIMIT 1"; $this->_queryDB($sql); $result = $this->_queryDB("SELECT FOUND_ROWS()"); - $rc = $result[0]['FOUND_ROWS()']; - } else if (($result = $this->_queryDB($sql))) + $rc = $result[0]['FOUND_ROWS()']; + } else if(($result = $this->_queryDB($sql))) $rc = count($result); $this->_closeDB(); @@ -337,27 +334,27 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { } /** - * Bulk retrieval of user data. [public function] - * - * @param first index of first user to be returned - * @param limit max number of users to be returned - * @param filter array of field/pattern pairs - * @return array of userinfo (refer getUserData for internal userinfo details) + * Bulk retrieval of user data * * @author Matthias Grimm + * + * @param int $first index of first user to be returned + * @param int $limit max number of users to be returned + * @param array|string $filter array of field/pattern pairs + * @return array userinfo (refer getUserData for internal userinfo details) */ - function retrieveUsers($first=0,$limit=10,$filter=array()) { - $out = array(); + public function retrieveUsers($first = 0, $limit = 10, $filter = array()) { + $out = array(); if($this->_openDB()) { $this->_lockTables("READ"); - $sql = $this->_createSQLFilter($this->cnf['getUsers'], $filter); - $sql .= " ".$this->cnf['SortOrder']." LIMIT $first, $limit"; + $sql = $this->_createSQLFilter($this->getConf('getUsers'), $filter); + $sql .= " ".$this->getConf('SortOrder')." LIMIT $first, $limit"; $result = $this->_queryDB($sql); - if (!empty($result)) { - foreach ($result as $user) - if (($info = $this->_getUserInfo($user['user']))) + if(!empty($result)) { + foreach($result as $user) + if(($info = $this->_getUserInfo($user['user']))) $out[$user['user']] = $info; } @@ -368,20 +365,20 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { } /** - * Give user membership of a group [public function] - * - * @param $user - * @param $group - * @return bool true on success, false on error + * Give user membership of a group * * @author Matthias Grimm + * + * @param string $user + * @param string $group + * @return bool true on success, false on error */ - function joinGroup($user, $group) { + protected function joinGroup($user, $group) { $rc = false; - if ($this->_openDB()) { + if($this->_openDB()) { $this->_lockTables("WRITE"); - $rc = $this->_addUserToGroup($user, $group); + $rc = $this->_addUserToGroup($user, $group); $this->_unlockTables(); $this->_closeDB(); } @@ -389,20 +386,19 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { } /** - * Remove user from a group [public function] - * - * @param $user user that leaves a group - * @param $group group to leave - * @return bool + * Remove user from a group * * @author Matthias Grimm + * + * @param string $user user that leaves a group + * @param string $group group to leave + * @return bool */ - function leaveGroup($user, $group) { + protected function leaveGroup($user, $group) { $rc = false; - if ($this->_openDB()) { + if($this->_openDB()) { $this->_lockTables("WRITE"); - $uid = $this->_getUserID($user); $rc = $this->_delUserFromGroup($user, $group); $this->_unlockTables(); $this->_closeDB(); @@ -413,54 +409,54 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { /** * MySQL is case-insensitive */ - function isCaseSensitive(){ + public function isCaseSensitive() { return false; } /** * Adds a user to a group. * - * If $force is set to '1' non existing groups would be created. + * If $force is set to true non existing groups would be created. * * The database connection must already be established. Otherwise * this function does nothing and returns 'false'. It is strongly * recommended to call this function only after all participating * tables (group and usergroup) have been locked. * - * @param $user user to add to a group - * @param $group name of the group - * @param $force '1' create missing groups - * @return bool 'true' on success, 'false' on error - * * @author Matthias Grimm + * + * @param string $user user to add to a group + * @param string $group name of the group + * @param bool $force create missing groups + * @return bool true on success, false on error */ - function _addUserToGroup($user, $group, $force=0) { + protected function _addUserToGroup($user, $group, $force = false) { $newgroup = 0; - if (($this->dbcon) && ($user)) { + if(($this->dbcon) && ($user)) { $gid = $this->_getGroupID($group); - if (!$gid) { - if ($force) { // create missing groups - $sql = str_replace('%{group}',$this->_escape($group),$this->cnf['addGroup']); - $gid = $this->_modifyDB($sql); - $newgroup = 1; // group newly created + if(!$gid) { + if($force) { // create missing groups + $sql = str_replace('%{group}', $this->_escape($group), $this->getConf('addGroup')); + $gid = $this->_modifyDB($sql); + $newgroup = 1; // group newly created } - if (!$gid) return false; // group didn't exist and can't be created + if(!$gid) return false; // group didn't exist and can't be created } - $sql = $this->cnf['addUserGroup']; - if(strpos($sql,'%{uid}') !== false){ + $sql = $this->getConf('addUserGroup'); + if(strpos($sql, '%{uid}') !== false) { $uid = $this->_getUserID($user); - $sql = str_replace('%{uid}', $this->_escape($uid),$sql); + $sql = str_replace('%{uid}', $this->_escape($uid), $sql); } - $sql = str_replace('%{user}', $this->_escape($user),$sql); - $sql = str_replace('%{gid}', $this->_escape($gid),$sql); - $sql = str_replace('%{group}',$this->_escape($group),$sql); - if ($this->_modifyDB($sql) !== false) return true; - - if ($newgroup) { // remove previously created group on error - $sql = str_replace('%{gid}', $this->_escape($gid),$this->cnf['delGroup']); - $sql = str_replace('%{group}',$this->_escape($group),$sql); + $sql = str_replace('%{user}', $this->_escape($user), $sql); + $sql = str_replace('%{gid}', $this->_escape($gid), $sql); + $sql = str_replace('%{group}', $this->_escape($group), $sql); + if($this->_modifyDB($sql) !== false) return true; + + if($newgroup) { // remove previously created group on error + $sql = str_replace('%{gid}', $this->_escape($gid), $this->getConf('delGroup')); + $sql = str_replace('%{group}', $this->_escape($group), $sql); $this->_modifyDB($sql); } } @@ -470,26 +466,26 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { /** * Remove user from a group * - * @param $user user that leaves a group - * @param $group group to leave - * @return bool true on success, false on error - * * @author Matthias Grimm + * + * @param string $user user that leaves a group + * @param string $group group to leave + * @return bool true on success, false on error */ - function _delUserFromGroup($user, $group) { + protected function _delUserFromGroup($user, $group) { $rc = false; - if (($this->dbcon) && ($user)) { - $sql = $this->cnf['delUserGroup']; - if(strpos($sql,'%{uid}') !== false){ + if(($this->dbcon) && ($user)) { + $sql = $this->getConf('delUserGroup'); + if(strpos($sql, '%{uid}') !== false) { $uid = $this->_getUserID($user); - $sql = str_replace('%{uid}', $this->_escape($uid),$sql); + $sql = str_replace('%{uid}', $this->_escape($uid), $sql); } $gid = $this->_getGroupID($group); - if ($gid) { - $sql = str_replace('%{user}', $this->_escape($user),$sql); - $sql = str_replace('%{gid}', $this->_escape($gid),$sql); - $sql = str_replace('%{group}',$this->_escape($group),$sql); + if($gid) { + $sql = str_replace('%{user}', $this->_escape($user), $sql); + $sql = str_replace('%{gid}', $this->_escape($gid), $sql); + $sql = str_replace('%{group}', $this->_escape($group), $sql); $rc = $this->_modifyDB($sql) == 0 ? true : false; } } @@ -501,19 +497,18 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * * The database connection must already be established * for this function to work. Otherwise it will return - * 'false'. - * - * @param $user user whose groups should be listed - * @return bool false on error - * @return array array containing all groups on success + * false. * * @author Matthias Grimm + * + * @param string $user user whose groups should be listed + * @return bool|array false on error, all groups on success */ - function _getGroups($user) { + protected function _getGroups($user) { $groups = array(); if($this->dbcon) { - $sql = str_replace('%{user}',$this->_escape($user),$this->cnf['getGroups']); + $sql = str_replace('%{user}', $this->_escape($user), $this->getConf('getGroups')); $result = $this->_queryDB($sql); if($result !== false && count($result)) { @@ -530,16 +525,16 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * * The database connection must already be established * for this function to work. Otherwise it will return - * 'false'. - * - * @param $user user whose id is desired - * @return user id + * false. * * @author Matthias Grimm + * + * @param string $user user whose id is desired + * @return mixed user id */ - function _getUserID($user) { + protected function _getUserID($user) { if($this->dbcon) { - $sql = str_replace('%{user}',$this->_escape($user),$this->cnf['getUserID']); + $sql = str_replace('%{user}', $this->_escape($user), $this->getConf('getUserID')); $result = $this->_queryDB($sql); return $result === false ? false : $result[0]['id']; } @@ -551,43 +546,45 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * * The database connection must already be established * for this function to work. Otherwise it will return - * 'false'. - * - * @param $user login of the user - * @param $pwd encrypted password - * @param $name full name of the user - * @param $mail email address - * @param $grps array of groups the user should become member of - * @return bool + * false. * * @author Andreas Gohr * @author Chris Smith * @author Matthias Grimm + * + * @param string $user login of the user + * @param string $pwd encrypted password + * @param string $name full name of the user + * @param string $mail email address + * @param array $grps array of groups the user should become member of + * @return bool */ - function _addUser($user,$pwd,$name,$mail,$grps){ + protected function _addUser($user, $pwd, $name, $mail, $grps) { if($this->dbcon && is_array($grps)) { - $sql = str_replace('%{user}', $this->_escape($user),$this->cnf['addUser']); - $sql = str_replace('%{pass}', $this->_escape($pwd),$sql); - $sql = str_replace('%{name}', $this->_escape($name),$sql); - $sql = str_replace('%{email}',$this->_escape($mail),$sql); + $sql = str_replace('%{user}', $this->_escape($user), $this->getConf('addUser')); + $sql = str_replace('%{pass}', $this->_escape($pwd), $sql); + $sql = str_replace('%{name}', $this->_escape($name), $sql); + $sql = str_replace('%{email}', $this->_escape($mail), $sql); $uid = $this->_modifyDB($sql); + $gid = false; + $group = ''; - if ($uid) { + if($uid) { foreach($grps as $group) { $gid = $this->_addUserToGroup($user, $group, 1); - if ($gid === false) break; + if($gid === false) break; } - if ($gid) return true; - else { + if($gid !== false){ + return true; + } else { /* remove the new user and all group relations if a group can't * be assigned. Newly created groups will remain in the database * and won't be removed. This might create orphaned groups but * is not a big issue so we ignore this problem here. */ $this->_delUser($user); - if ($this->cnf['debug']) - msg ("MySQL err: Adding user '$user' to group '$group' failed.",-1,__LINE__,__FILE__); + $this->_debug("MySQL err: Adding user '$user' to group '$group' failed.", -1, __LINE__, __FILE__); } } } @@ -599,21 +596,21 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * * The database connection must already be established * for this function to work. Otherwise it will return - * 'false'. - * - * @param $user user whose id is desired - * @return bool + * false. * * @author Matthias Grimm + * + * @param string $user user whose id is desired + * @return bool */ - function _delUser($user) { + protected function _delUser($user) { if($this->dbcon) { $uid = $this->_getUserID($user); - if ($uid) { - $sql = str_replace('%{uid}',$this->_escape($uid),$this->cnf['delUserRefs']); + if($uid) { + $sql = str_replace('%{uid}', $this->_escape($uid), $this->getConf('delUserRefs')); $this->_modifyDB($sql); - $sql = str_replace('%{uid}',$this->_escape($uid),$this->cnf['delUser']); - $sql = str_replace('%{user}', $this->_escape($user),$sql); + $sql = str_replace('%{uid}', $this->_escape($uid), $this->getConf('delUser')); + $sql = str_replace('%{user}', $this->_escape($user), $sql); $this->_modifyDB($sql); return true; } @@ -628,17 +625,16 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * must already be established for this function to work. * Otherwise it will return 'false'. * - * @param $user user's nick to get data for - * @return bool false on error - * @return array user info on success - * * @author Matthias Grimm + * + * @param string $user user's nick to get data for + * @return bool|array false on error, user info on success */ - function _getUserInfo($user){ - $sql = str_replace('%{user}',$this->_escape($user),$this->cnf['getUserInfo']); + protected function _getUserInfo($user) { + $sql = str_replace('%{user}', $this->_escape($user), $this->getConf('getUserInfo')); $result = $this->_queryDB($sql); if($result !== false && count($result)) { - $info = $result[0]; + $info = $result[0]; $info['grps'] = $this->_getGroups($user); return $info; } @@ -658,43 +654,43 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * * The password will be crypted if necessary. * - * @param $changes array of items to change as pairs of item and value - * @param $uid user id of dataset to change, must be unique in DB - * @return true on success or false on error + * @param array $changes array of items to change as pairs of item and value + * @param mixed $uid user id of dataset to change, must be unique in DB + * @return bool true on success or false on error * * @author Matthias Grimm */ - function _updateUserInfo($changes, $uid) { - $sql = $this->cnf['updateUser']." "; + protected function _updateUserInfo($changes, $uid) { + $sql = $this->getConf('updateUser')." "; $cnt = 0; $err = 0; if($this->dbcon) { - foreach ($changes as $item => $value) { - if ($item == 'user') { - if (($this->_getUserID($changes['user']))) { + foreach($changes as $item => $value) { + if($item == 'user') { + if(($this->_getUserID($changes['user']))) { $err = 1; /* new username already exists */ - break; /* abort update */ + break; /* abort update */ } - if ($cnt++ > 0) $sql .= ", "; - $sql .= str_replace('%{user}',$value,$this->cnf['UpdateLogin']); - } else if ($item == 'name') { - if ($cnt++ > 0) $sql .= ", "; - $sql .= str_replace('%{name}',$value,$this->cnf['UpdateName']); - } else if ($item == 'pass') { - if (!$this->cnf['forwardClearPass']) + if($cnt++ > 0) $sql .= ", "; + $sql .= str_replace('%{user}', $value, $this->getConf('UpdateLogin')); + } else if($item == 'name') { + if($cnt++ > 0) $sql .= ", "; + $sql .= str_replace('%{name}', $value, $this->getConf('UpdateName')); + } else if($item == 'pass') { + if(!$this->getConf('forwardClearPass')) $value = auth_cryptPassword($value); - if ($cnt++ > 0) $sql .= ", "; - $sql .= str_replace('%{pass}',$value,$this->cnf['UpdatePass']); - } else if ($item == 'mail') { - if ($cnt++ > 0) $sql .= ", "; - $sql .= str_replace('%{email}',$value,$this->cnf['UpdateEmail']); + if($cnt++ > 0) $sql .= ", "; + $sql .= str_replace('%{pass}', $value, $this->getConf('UpdatePass')); + } else if($item == 'mail') { + if($cnt++ > 0) $sql .= ", "; + $sql .= str_replace('%{email}', $value, $this->getConf('UpdateEmail')); } } - if ($err == 0) { - if ($cnt > 0) { - $sql .= " ".str_replace('%{uid}', $uid, $this->cnf['UpdateTarget']); + if($err == 0) { + if($cnt > 0) { + $sql .= " ".str_replace('%{uid}', $uid, $this->getConf('UpdateTarget')); if(get_class($this) == 'auth_mysql') $sql .= " LIMIT 1"; //some PgSQL inheritance comp. $this->_modifyDB($sql); } @@ -709,16 +705,16 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * * The database connection must already be established * for this function to work. Otherwise it will return - * 'false'. - * - * @param $group group name which id is desired - * @return group id + * false. * * @author Matthias Grimm + * + * @param string $group group name which id is desired + * @return mixed group id */ - function _getGroupID($group) { + protected function _getGroupID($group) { if($this->dbcon) { - $sql = str_replace('%{group}',$this->_escape($group),$this->cnf['getGroupID']); + $sql = str_replace('%{group}', $this->_escape($group), $this->getConf('getGroupID')); $result = $this->_queryDB($sql); return $result === false ? false : $result[0]['id']; } @@ -730,37 +726,39 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * usage in the object. The successful call to this functions is * essential for most functions in this object. * - * @return bool - * * @author Matthias Grimm + * + * @return bool */ - function _openDB() { - if (!$this->dbcon) { - $con = @mysql_connect ($this->cnf['server'], $this->cnf['user'], $this->cnf['password']); - if ($con) { - if ((mysql_select_db($this->cnf['database'], $con))) { - if ((preg_match("/^(\d+)\.(\d+)\.(\d+).*/", mysql_get_server_info ($con), $result)) == 1) { + protected function _openDB() { + if(!$this->dbcon) { + $con = @mysql_connect($this->getConf('server'), $this->getConf('user'), $this->getConf('password')); + if($con) { + if((mysql_select_db($this->getConf('database'), $con))) { + if((preg_match('/^(\d+)\.(\d+)\.(\d+).*/', mysql_get_server_info($con), $result)) == 1) { $this->dbver = $result[1]; $this->dbrev = $result[2]; $this->dbsub = $result[3]; } $this->dbcon = $con; - if(!empty($this->cnf['charset'])){ - mysql_query('SET CHARACTER SET "' . $this->cnf['charset'] . '"', $con); + if($this->getConf('charset')) { + mysql_query('SET CHARACTER SET "'.$this->getConf('charset').'"', $con); } - return true; // connection and database successfully opened + return true; // connection and database successfully opened } else { - mysql_close ($con); - if ($this->cnf['debug']) - msg("MySQL err: No access to database {$this->cnf['database']}.",-1,__LINE__,__FILE__); + mysql_close($con); + $this->_debug("MySQL err: No access to database {$this->getConf('database')}.", -1, __LINE__, __FILE__); } - } else if ($this->cnf['debug']) - msg ("MySQL err: Connection to {$this->cnf['user']}@{$this->cnf['server']} not possible.", - -1,__LINE__,__FILE__); + } else { + $this->_debug( + "MySQL err: Connection to {$this->getConf('user')}@{$this->getConf('server')} not possible.", + -1, __LINE__, __FILE__ + ); + } - return false; // connection failed + return false; // connection failed } - return true; // connection already open + return true; // connection already open } /** @@ -768,9 +766,9 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * * @author Matthias Grimm */ - function _closeDB() { - if ($this->dbcon) { - mysql_close ($this->dbcon); + protected function _closeDB() { + if($this->dbcon) { + mysql_close($this->dbcon); $this->dbcon = 0; } } @@ -782,27 +780,26 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * This function is only able to handle queries that returns a * table such as SELECT. * - * @param $query SQL string that contains the query - * @return array with the result table - * * @author Matthias Grimm + * + * @param string $query SQL string that contains the query + * @return array with the result table */ - function _queryDB($query) { - if($this->cnf['debug'] >= 2){ - msg('MySQL query: '.hsc($query),0,__LINE__,__FILE__); + protected function _queryDB($query) { + if($this->getConf('debug') >= 2) { + msg('MySQL query: '.hsc($query), 0, __LINE__, __FILE__); } $resultarray = array(); - if ($this->dbcon) { - $result = @mysql_query($query,$this->dbcon); - if ($result) { - while (($t = mysql_fetch_assoc($result)) !== false) - $resultarray[]=$t; - mysql_free_result ($result); + if($this->dbcon) { + $result = @mysql_query($query, $this->dbcon); + if($result) { + while(($t = mysql_fetch_assoc($result)) !== false) + $resultarray[] = $t; + mysql_free_result($result); return $resultarray; } - if ($this->cnf['debug']) - msg('MySQL err: '.mysql_error($this->dbcon),-1,__LINE__,__FILE__); + $this->_debug('MySQL err: '.mysql_error($this->dbcon), -1, __LINE__, __FILE__); } return false; } @@ -813,20 +810,19 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * This function is only able to handle queries that returns * either nothing or an id value such as INPUT, DELETE, UPDATE, etc. * - * @param $query SQL string that contains the query - * @return insert id or 0, false on error - * * @author Matthias Grimm + * + * @param string $query SQL string that contains the query + * @return int|bool insert id or 0, false on error */ - function _modifyDB($query) { - if ($this->dbcon) { - $result = @mysql_query($query,$this->dbcon); - if ($result) { + protected function _modifyDB($query) { + if($this->dbcon) { + $result = @mysql_query($query, $this->dbcon); + if($result) { $rc = mysql_insert_id($this->dbcon); //give back ID on insert - if ($rc !== false) return $rc; + if($rc !== false) return $rc; } - if ($this->cnf['debug']) - msg('MySQL err: '.mysql_error($this->dbcon),-1,__LINE__,__FILE__); + $this->_debug('MySQL err: '.mysql_error($this->dbcon), -1, __LINE__, __FILE__); } return false; } @@ -845,18 +841,19 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * so that this functionality is simulated by this function. Nevertheless * it is not as powerful as transactions, it is a good compromise in safty. * - * @param $mode could be 'READ' or 'WRITE' - * * @author Matthias Grimm + * + * @param string $mode could be 'READ' or 'WRITE' + * @return bool */ - function _lockTables($mode) { - if ($this->dbcon) { - if (is_array($this->cnf['TablesToLock']) && !empty($this->cnf['TablesToLock'])) { - if ($mode == "READ" || $mode == "WRITE") { + protected function _lockTables($mode) { + if($this->dbcon) { + if(is_array($this->getConf('TablesToLock'))) { + if($mode == "READ" || $mode == "WRITE") { $sql = "LOCK TABLES "; $cnt = 0; - foreach ($this->cnf['TablesToLock'] as $table) { - if ($cnt++ != 0) $sql .= ", "; + foreach($this->getConf('TablesToLock') as $table) { + if($cnt++ != 0) $sql .= ", "; $sql .= "$table $mode"; } $this->_modifyDB($sql); @@ -873,8 +870,8 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * * @author Matthias Grimm */ - function _unlockTables() { - if ($this->dbcon) { + protected function _unlockTables() { + if($this->dbcon) { $this->_modifyDB("UNLOCK TABLES"); return true; } @@ -886,32 +883,31 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * The database connection must already be established, otherwise the * original SQL string without filter criteria will be returned. * - * @param $sql SQL string to which the $filter criteria should be added - * @param $filter array of filter criteria as pairs of item and pattern - * @return SQL string with attached $filter criteria on success - * @return the original SQL string on error. - * * @author Matthias Grimm + * + * @param string $sql SQL string to which the $filter criteria should be added + * @param array $filter array of filter criteria as pairs of item and pattern + * @return string SQL string with attached $filter criteria on success, original SQL string on error */ - function _createSQLFilter($sql, $filter) { + protected function _createSQLFilter($sql, $filter) { $SQLfilter = ""; - $cnt = 0; + $cnt = 0; - if ($this->dbcon) { - foreach ($filter as $item => $pattern) { + if($this->dbcon) { + foreach($filter as $item => $pattern) { $tmp = '%'.$this->_escape($pattern).'%'; - if ($item == 'user') { - if ($cnt++ > 0) $SQLfilter .= " AND "; - $SQLfilter .= str_replace('%{user}',$tmp,$this->cnf['FilterLogin']); - } else if ($item == 'name') { - if ($cnt++ > 0) $SQLfilter .= " AND "; - $SQLfilter .= str_replace('%{name}',$tmp,$this->cnf['FilterName']); - } else if ($item == 'mail') { - if ($cnt++ > 0) $SQLfilter .= " AND "; - $SQLfilter .= str_replace('%{email}',$tmp,$this->cnf['FilterEmail']); - } else if ($item == 'grps') { - if ($cnt++ > 0) $SQLfilter .= " AND "; - $SQLfilter .= str_replace('%{group}',$tmp,$this->cnf['FilterGroup']); + if($item == 'user') { + if($cnt++ > 0) $SQLfilter .= " AND "; + $SQLfilter .= str_replace('%{user}', $tmp, $this->getConf('FilterLogin')); + } else if($item == 'name') { + if($cnt++ > 0) $SQLfilter .= " AND "; + $SQLfilter .= str_replace('%{name}', $tmp, $this->getConf('FilterName')); + } else if($item == 'mail') { + if($cnt++ > 0) $SQLfilter .= " AND "; + $SQLfilter .= str_replace('%{email}', $tmp, $this->getConf('FilterEmail')); + } else if($item == 'grps') { + if($cnt++ > 0) $SQLfilter .= " AND "; + $SQLfilter .= str_replace('%{group}', $tmp, $this->getConf('FilterGroup')); } } @@ -919,9 +915,9 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { // any of cnf['Filter????'] is not defined, a malformed SQL string // would be generated. - if (strlen($SQLfilter)) { - $glue = strpos(strtolower($sql),"where") ? " AND " : " WHERE "; - $sql = $sql.$glue.$SQLfilter; + if(strlen($SQLfilter)) { + $glue = strpos(strtolower($sql), "where") ? " AND " : " WHERE "; + $sql = $sql.$glue.$SQLfilter; } } @@ -932,18 +928,34 @@ class auth_plugin_authmysql extends DokuWiki_Auth_Plugin { * Escape a string for insertion into the database * * @author Andreas Gohr + * * @param string $string The string to escape * @param boolean $like Escape wildcard chars as well? + * @return string */ - function _escape($string,$like=false){ - if($this->dbcon){ + protected function _escape($string, $like = false) { + if($this->dbcon) { $string = mysql_real_escape_string($string, $this->dbcon); - }else{ + } else { $string = addslashes($string); } - if($like){ - $string = addcslashes($string,'%_'); + if($like) { + $string = addcslashes($string, '%_'); } return $string; } + + /** + * Wrapper around msg() but outputs only when debug is enabled + * + * @param string $message + * @param int $err + * @param int $line + * @param string $file + * @return void + */ + protected function _debug($message, $err, $line, $file) { + if(!$this->getConf('debug')) return; + msg($message, $err, $line, $file); + } } diff --git a/lib/plugins/authmysql/conf/default.php b/lib/plugins/authmysql/conf/default.php new file mode 100644 index 000000000..ea2cdad72 --- /dev/null +++ b/lib/plugins/authmysql/conf/default.php @@ -0,0 +1,3 @@ +