b9ddb2d5 |
1 | <?php |
2 | |
3 | /** |
4 | * @author Martin Dougiamas |
5 | * @license http://www.gnu.org/copyleft/gpl.html GNU Public License |
6 | * @package moodle multiauth |
7 | * |
8 | * Authentication Plugin: External Database Authentication |
9 | * |
10 | * Checks against an external database. |
11 | * |
12 | * 2006-08-28 File created. |
13 | */ |
14 | |
8ae42b8d |
15 | if (!defined('MOODLE_INTERNAL')) { |
16 | die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page |
17 | } |
b9ddb2d5 |
18 | |
19 | /** |
20 | * External database authentication plugin. |
21 | */ |
22 | class auth_plugin_db { |
23 | |
24 | /** |
25 | * The configuration details for the plugin. |
26 | */ |
27 | var $config; |
28 | |
29 | /** |
30 | * Constructor. |
31 | */ |
32 | function auth_plugin_db() { |
33 | $this->config = get_config('auth/db'); |
8ae42b8d |
34 | if (empty($this->config->extencoding)) { |
35 | $this->config->extencoding = 'utf-8'; |
36 | } |
b9ddb2d5 |
37 | } |
38 | |
39 | /** |
40 | * Returns true if the username and password work and false if they are |
41 | * wrong or don't exist. |
42 | * |
8ae42b8d |
43 | * @param string $username The username (with system magic quotes) |
44 | * @param string $password The password (with system magic quotes) |
45 | * |
46 | * @return bool Authentication success or failure. |
b9ddb2d5 |
47 | */ |
139ebfdb |
48 | function user_login($username, $password) { |
b9ddb2d5 |
49 | |
50 | global $CFG; |
51 | |
8ae42b8d |
52 | $textlib = textlib_get_instance(); |
53 | $extusername = $textlib->convert(stripslashes($username), 'utf-8', $this->config->extencoding); |
54 | $extpassword = $textlib->convert(stripslashes($password), 'utf-8', $this->config->extencoding); |
55 | |
139ebfdb |
56 | $authdb = $this->db_init(); |
b9ddb2d5 |
57 | |
8ae42b8d |
58 | if ($this->config->passtype === 'internal') { |
b9ddb2d5 |
59 | // lookup username externally, but resolve |
60 | // password locally -- to support backend that |
61 | // don't track passwords |
8ae42b8d |
62 | $rs = $authdb->Execute("SELECT * FROM {$this->config->table} |
63 | WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' "); |
b9ddb2d5 |
64 | $authdb->Close(); |
65 | |
66 | if (!$rs) { |
a9ad3633 |
67 | print_error('auth_dbcantconnect','auth'); |
b9ddb2d5 |
68 | return false; |
69 | } |
8ae42b8d |
70 | |
b9ddb2d5 |
71 | if ( $rs->RecordCount() ) { |
72 | // user exists exterally |
73 | // check username/password internally |
b7b50143 |
74 | if ($user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id)) { |
b9ddb2d5 |
75 | return validate_internal_user_password($user, $password); |
76 | } |
77 | } else { |
78 | // user does not exist externally |
79 | return false; |
8ae42b8d |
80 | } |
b9ddb2d5 |
81 | |
8ae42b8d |
82 | } else { |
b9ddb2d5 |
83 | // normal case: use external db for passwords |
84 | |
85 | if ($this->config->passtype === 'md5') { // Re-format password accordingly |
8ae42b8d |
86 | $extpassword = md5($extpassword); |
87 | } else if ($this->config->passtype === 'sha1') { |
88 | $extpassword = sha1($extpassword); |
b9ddb2d5 |
89 | } |
90 | |
8ae42b8d |
91 | $rs = $authdb->Execute("SELECT * FROM {$this->config->table} |
92 | WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' |
93 | AND {$this->config->fieldpass} = '".$this->ext_addslashes($extpassword)."' "); |
b9ddb2d5 |
94 | $authdb->Close(); |
8ae42b8d |
95 | |
b9ddb2d5 |
96 | if (!$rs) { |
a9ad3633 |
97 | print_error('auth_dbcantconnect','auth'); |
b9ddb2d5 |
98 | return false; |
99 | } |
8ae42b8d |
100 | |
139ebfdb |
101 | if ($rs->RecordCount()) { |
b9ddb2d5 |
102 | return true; |
103 | } else { |
104 | return false; |
8ae42b8d |
105 | } |
106 | |
b9ddb2d5 |
107 | } |
108 | } |
109 | |
139ebfdb |
110 | function db_init() { |
93901eb4 |
111 | // Connect to the external database (forcing new connection) |
112 | $authdb = &ADONewConnection($this->config->type); |
8ae42b8d |
113 | if (!empty($this->config->debugauthdb)) { |
114 | $authdb->debug = true; |
115 | ob_start();//start output buffer to allow later use of the page headers |
116 | } |
117 | $authdb->Connect($this->config->host, $this->config->user, $this->config->pass, $this->config->name, true); |
b9ddb2d5 |
118 | $authdb->SetFetchMode(ADODB_FETCH_ASSOC); |
8ae42b8d |
119 | if (!empty($this->config->setupsql)) { |
120 | $authdb->Execute($this->config->setupsql); |
121 | } |
b9ddb2d5 |
122 | |
139ebfdb |
123 | return $authdb; |
124 | } |
125 | /** |
126 | * retuns user attribute mappings between moodle and ldap |
127 | * |
128 | * @return array |
129 | */ |
130 | function db_attributes() { |
8ae42b8d |
131 | $fields = array("firstname", "lastname", "email", "phone1", "phone2", |
132 | "department", "address", "city", "country", "description", |
139ebfdb |
133 | "idnumber", "lang" ); |
134 | $moodleattributes = array(); |
b9ddb2d5 |
135 | foreach ($fields as $field) { |
139ebfdb |
136 | if (!empty($this->config->{"field_map_$field"})) { |
137 | $moodleattributes[$field] = $this->config->{"field_map_$field"}; |
0f02788f |
138 | } |
139 | } |
139ebfdb |
140 | $moodleattributes['username'] = $this->config->fielduser; |
141 | return $moodleattributes; |
142 | } |
143 | |
144 | /** |
145 | * Reads any other information for a user from external database, |
146 | * then returns it in an array |
147 | * |
148 | * @param string $username (with system magic quotes) |
149 | * |
150 | * @return array without magic quotes |
151 | */ |
152 | function get_userinfo($username) { |
153 | |
154 | global $CFG; |
155 | |
156 | $textlib = textlib_get_instance(); |
157 | $extusername = $textlib->convert(stripslashes($username), 'utf-8', $this->config->extencoding); |
158 | |
159 | $authdb = $this->db_init(); |
160 | |
161 | //Array to map local fieldnames we want, to external fieldnames |
162 | $selectfields = $this->db_attributes(); |
163 | |
0f02788f |
164 | $result = array(); |
165 | //If at least one field is mapped from external db, get that mapped data: |
166 | if ($selectfields) { |
167 | $select = ''; |
168 | foreach ($selectfields as $localname=>$externalname) { |
169 | $select .= ", $externalname AS $localname"; |
170 | } |
171 | $select = 'SELECT ' . substr($select,1); |
172 | $sql = $select . |
173 | " FROM {$this->config->table}" . |
8ae42b8d |
174 | " WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."'"; |
0f02788f |
175 | if ($rs = $authdb->Execute($sql)) { |
176 | if ( $rs->RecordCount() == 1 ) { |
931b5085 |
177 | $fields_obj = rs_fetch_record($rs); |
0f02788f |
178 | foreach ($selectfields as $localname=>$externalname) { |
8ae42b8d |
179 | $result[$localname] = $textlib->convert($fields_obj->{$localname}, $this->config->extencoding, 'utf-8'); |
0f02788f |
180 | } |
181 | } |
931b5085 |
182 | rs_close($rs); |
b9ddb2d5 |
183 | } |
184 | } |
185 | $authdb->Close(); |
b9ddb2d5 |
186 | return $result; |
187 | } |
188 | |
189 | |
fb5c7739 |
190 | /** |
191 | * Change a user's password |
192 | * |
193 | * @param object $user The user to update |
194 | * @param string $newpassword The new password |
8ae42b8d |
195 | * |
fb5c7739 |
196 | * @return bool True on success |
197 | */ |
da249a30 |
198 | function user_update_password($user, $newpassword) { |
b9ddb2d5 |
199 | |
b7b50143 |
200 | global $CFG; |
b9ddb2d5 |
201 | if ($this->config->passtype === 'internal') { |
139ebfdb |
202 | update_internal_user_password($user, $newpassword); |
b9ddb2d5 |
203 | } else { |
204 | // we should have never been called! |
205 | return false; |
206 | } |
207 | } |
208 | |
209 | /** |
210 | * syncronizes user fron external db to moodle user table |
211 | * |
212 | * Sync shouid be done by using idnumber attribute, not username. |
213 | * You need to pass firstsync parameter to function to fill in |
214 | * idnumbers if they dont exists in moodle user table. |
8ae42b8d |
215 | * |
b9ddb2d5 |
216 | * Syncing users removes (disables) users that dont exists anymore in external db. |
8ae42b8d |
217 | * Creates new users and updates coursecreator status of users. |
218 | * |
b9ddb2d5 |
219 | * @param bool $do_updates Optional: set to true to force an update of existing accounts |
220 | * |
221 | * This implementation is simpler but less scalable than the one found in the LDAP module. |
222 | * |
223 | */ |
139ebfdb |
224 | function sync_users($do_updates=false) { |
8ae42b8d |
225 | |
b9ddb2d5 |
226 | global $CFG; |
227 | $pcfg = get_config('auth/db'); |
228 | |
139ebfdb |
229 | /// list external users |
b9ddb2d5 |
230 | $userlist = $this->get_userlist(); |
8ae42b8d |
231 | $quoteduserlist = implode("', '", addslashes_recursive($userlist)); |
b9ddb2d5 |
232 | $quoteduserlist = "'$quoteduserlist'"; |
233 | |
139ebfdb |
234 | /// delete obsolete internal users |
235 | if (!empty($this->config->removeuser)) { |
b9ddb2d5 |
236 | |
139ebfdb |
237 | // find obsolete users |
238 | if (count($userlist)) { |
239 | $sql = "SELECT u.id, u.username, u.email |
240 | FROM {$CFG->prefix}user u |
241 | WHERE u.auth='db' AND u.deleted=0 AND u.username NOT IN ($quoteduserlist)"; |
242 | } else { |
243 | $sql = "SELECT u.id, u.username, u.email |
244 | FROM {$CFG->prefix}user u |
245 | WHERE u.auth='db' AND u.deleted=0"; |
246 | } |
247 | $remove_users = get_records_sql($sql); |
248 | |
249 | if (!empty($remove_users)) { |
250 | print_string('auth_dbuserstoremove','auth', count($remove_users)); echo "\n"; |
251 | |
252 | begin_sql(); |
253 | foreach ($remove_users as $user) { |
254 | if ($this->config->removeuser == 2) { |
255 | //following is copy pasted from admin/user.php |
256 | //maybe this should moved to function in lib/datalib.php |
257 | $updateuser = new object(); |
258 | $updateuser->id = $user->id; |
259 | $updateuser->deleted = 1; |
260 | $updateuser->username = addslashes("$user->email.".time()); // Remember it just in case |
261 | $updateuser->email = ''; // Clear this field to free it up |
262 | $updateuser->idnumber = ''; // Clear this field to free it up |
263 | $updateuser->timemodified = time(); |
264 | if (update_record('user', $updateuser)) { |
265 | delete_records('role_assignments', 'userid', $user->id); // unassign all roles |
266 | //copy pasted part ends |
267 | echo "\t"; print_string('auth_dbdeleteuser', 'auth', array($user->username, $user->id)); echo "\n"; |
268 | } else { |
269 | echo "\t"; print_string('auth_dbdeleteusererror', 'auth', $user->username); echo "\n"; |
270 | } |
271 | } else if ($this->config->removeuser == 1) { |
272 | $updateuser = new object(); |
273 | $updateuser->id = $user->id; |
274 | $updateuser->auth = 'nologin'; |
275 | if (update_record('user', $updateuser)) { |
276 | echo "\t"; print_string('auth_dbsuspenduser', 'auth', array($user->username, $user->id)); echo "\n"; |
277 | } else { |
278 | echo "\t"; print_string('auth_dbsuspendusererror', 'auth', $user->username); echo "\n"; |
279 | } |
280 | } |
b9ddb2d5 |
281 | } |
139ebfdb |
282 | commit_sql(); |
8ae42b8d |
283 | } |
139ebfdb |
284 | unset($remove_users); // free mem! |
8ae42b8d |
285 | } |
b9ddb2d5 |
286 | |
287 | if (!count($userlist)) { |
288 | // exit right here |
289 | // nothing else to do |
290 | return true; |
291 | } |
292 | |
293 | /// |
294 | /// update existing accounts |
295 | /// |
296 | if ($do_updates) { |
297 | // narrow down what fields we need to update |
298 | $all_keys = array_keys(get_object_vars($this->config)); |
299 | $updatekeys = array(); |
300 | foreach ($all_keys as $key) { |
301 | if (preg_match('/^field_updatelocal_(.+)$/',$key, $match)) { |
302 | if ($this->config->{$key} === 'onlogin') { |
303 | array_push($updatekeys, $match[1]); // the actual key name |
304 | } |
305 | } |
306 | } |
307 | // print_r($all_keys); print_r($updatekeys); |
308 | unset($all_keys); unset($key); |
309 | |
310 | // only go ahead if we actually |
311 | // have fields to update locally |
312 | if (!empty($updatekeys)) { |
8ae42b8d |
313 | $sql = 'SELECT u.id, u.username |
314 | FROM ' . $CFG->prefix .'user u |
b9ddb2d5 |
315 | WHERE u.auth=\'db\' AND u.deleted=\'0\' AND u.username IN (' . $quoteduserlist . ')'; |
8ae42b8d |
316 | if ($update_users = get_records_sql($sql)) { |
139ebfdb |
317 | print "User entries to update: ". count($update_users). "\n"; |
8ae42b8d |
318 | |
319 | foreach ($update_users as $user) { |
139ebfdb |
320 | echo "\t"; print_string('auth_dbupdatinguser', 'auth', array($user->username, $user->id)); |
321 | if (!$this->update_user_record(addslashes($user->username), $updatekeys)) { |
322 | echo " - ".get_string('skipped'); |
323 | } |
324 | echo "\n"; |
8ae42b8d |
325 | } |
326 | unset($update_users); // free memory |
b9ddb2d5 |
327 | } |
b9ddb2d5 |
328 | } |
329 | } |
330 | |
331 | |
332 | /// |
333 | /// create missing accounts |
334 | /// |
335 | // NOTE: this is very memory intensive |
336 | // and generally inefficient |
8ae42b8d |
337 | $sql = 'SELECT u.id, u.username |
338 | FROM ' . $CFG->prefix .'user u |
b9ddb2d5 |
339 | WHERE u.auth=\'db\' AND u.deleted=\'0\''; |
340 | |
341 | $users = get_records_sql($sql); |
8ae42b8d |
342 | |
b9ddb2d5 |
343 | // simplify down to usernames |
344 | $usernames = array(); |
345 | foreach ($users as $user) { |
346 | array_push($usernames, $user->username); |
347 | } |
348 | unset($users); |
349 | |
350 | $add_users = array_diff($userlist, $usernames); |
351 | unset($usernames); |
352 | |
353 | if (!empty($add_users)) { |
139ebfdb |
354 | print_string('auth_dbuserstoadd','auth',count($add_users)); echo "\n"; |
b9ddb2d5 |
355 | begin_sql(); |
356 | foreach($add_users as $user) { |
357 | $username = $user; |
358 | $user = $this->get_userinfo_asobj($user); |
8ae42b8d |
359 | |
b9ddb2d5 |
360 | // prep a few params |
b7b50143 |
361 | $user->username = $username; |
362 | $user->modified = time(); |
363 | $user->confirmed = 1; |
364 | $user->auth = 'db'; |
365 | $user->mnethostid = $CFG->mnet_localhost_id; |
8ae42b8d |
366 | if (empty($user->lang)) { |
367 | $user->lang = $CFG->lang; |
368 | } |
369 | |
370 | $user = addslashes_object($user); |
b9ddb2d5 |
371 | // maybe the user has been deleted before |
b7b50143 |
372 | if ($old_user = get_record('user', 'username', $user->username, 'deleted', 1, 'mnethostid', $user->mnethostid)) { |
b9ddb2d5 |
373 | $user->id = $old_user->id; |
374 | set_field('user', 'deleted', 0, 'username', $user->username); |
139ebfdb |
375 | echo "\t"; print_string('auth_dbreviveuser', 'auth', array(stripslashes($user->username), $user->id)); echo "\n"; |
8ae42b8d |
376 | } elseif ($id = insert_record ('user',$user)) { // it is truly a new user |
139ebfdb |
377 | echo "\t"; print_string('auth_dbinsertuser','auth',array(stripslashes($user->username), $id)); echo "\n"; |
b9ddb2d5 |
378 | // if relevant, tag for password generation |
379 | if ($this->config->passtype === 'internal') { |
380 | set_user_preference('auth_forcepasswordchange', 1, $id); |
381 | set_user_preference('create_password', 1, $id); |
382 | } |
383 | } else { |
139ebfdb |
384 | echo "\t"; print_string('auth_dbinsertusererror', 'auth', $user->username); echo "\n"; |
b9ddb2d5 |
385 | } |
b9ddb2d5 |
386 | } |
387 | commit_sql(); |
388 | unset($add_users); // free mem |
389 | } |
390 | return true; |
391 | } |
392 | |
139ebfdb |
393 | function user_exists($username) { |
93901eb4 |
394 | |
8ae42b8d |
395 | $textlib = textlib_get_instance(); |
396 | $extusername = $textlib->convert(stripslashes($username), 'utf-8', $this->config->extencoding); |
397 | |
139ebfdb |
398 | $authdb = $this->db_init(); |
b9ddb2d5 |
399 | |
8ae42b8d |
400 | $rs = $authdb->Execute("SELECT * FROM {$this->config->table} |
401 | WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' "); |
b9ddb2d5 |
402 | $authdb->Close(); |
403 | |
404 | if (!$rs) { |
a9ad3633 |
405 | print_error('auth_dbcantconnect','auth'); |
b9ddb2d5 |
406 | return false; |
407 | } |
8ae42b8d |
408 | |
b9ddb2d5 |
409 | if ( $rs->RecordCount() ) { |
410 | // user exists exterally |
b9ddb2d5 |
411 | return $rs->RecordCount(); |
412 | } else { |
413 | // user does not exist externally |
414 | return false; |
8ae42b8d |
415 | } |
b9ddb2d5 |
416 | } |
417 | |
418 | |
419 | function get_userlist() { |
93901eb4 |
420 | |
139ebfdb |
421 | $authdb = $this->db_init(); |
b9ddb2d5 |
422 | |
423 | // fetch userlist |
424 | $rs = $authdb->Execute("SELECT {$this->config->fielduser} AS username |
425 | FROM {$this->config->table} "); |
426 | $authdb->Close(); |
427 | |
428 | if (!$rs) { |
a9ad3633 |
429 | print_error('auth_dbcantconnect','auth'); |
b9ddb2d5 |
430 | return false; |
431 | } |
8ae42b8d |
432 | |
b9ddb2d5 |
433 | if ( $rs->RecordCount() ) { |
434 | $userlist = array(); |
c024b94b |
435 | while ($rec = rs_fetch_next_record($rs)) { |
436 | array_push($userlist, $rec->username); |
b9ddb2d5 |
437 | } |
438 | return $userlist; |
439 | } else { |
440 | return array(); |
8ae42b8d |
441 | } |
b9ddb2d5 |
442 | } |
443 | |
444 | /** |
445 | * reads userinformation from DB and return it in an object |
446 | * |
8ae42b8d |
447 | * @param string $username username (with system magic quotes) |
b9ddb2d5 |
448 | * @return array |
449 | */ |
450 | function get_userinfo_asobj($username) { |
451 | $user_array = truncate_userinfo($this->get_userinfo($username)); |
8ae42b8d |
452 | $user = new object(); |
b9ddb2d5 |
453 | foreach($user_array as $key=>$value) { |
454 | $user->{$key} = $value; |
455 | } |
456 | return $user; |
457 | } |
458 | |
8ae42b8d |
459 | /** |
460 | * will update a local user record from an external source. |
461 | * is a lighter version of the one in moodlelib -- won't do |
b9ddb2d5 |
462 | * expensive ops such as enrolment |
463 | * |
8ae42b8d |
464 | * If you don't pass $updatekeys, there is a performance hit and |
b9ddb2d5 |
465 | * values removed from DB won't be removed from moodle. |
8ae42b8d |
466 | * |
467 | * @param string $username username (with system magic quotes) |
b9ddb2d5 |
468 | */ |
139ebfdb |
469 | function update_user_record($username, $updatekeys=false) { |
b7b50143 |
470 | global $CFG; |
b9ddb2d5 |
471 | |
b9ddb2d5 |
472 | //just in case check text case |
473 | $username = trim(moodle_strtolower($username)); |
8ae42b8d |
474 | |
b9ddb2d5 |
475 | // get the current user record |
b7b50143 |
476 | $user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id); |
b9ddb2d5 |
477 | if (empty($user)) { // trouble |
478 | error_log("Cannot update non-existent user: $username"); |
a9ad3633 |
479 | print_error('auth_dbusernotexist','auth',$username); |
b9ddb2d5 |
480 | die; |
481 | } |
482 | |
b7b50143 |
483 | // Ensure userid is not overwritten |
484 | $userid = $user->id; |
485 | |
b9ddb2d5 |
486 | if ($newinfo = $this->get_userinfo($username)) { |
487 | $newinfo = truncate_userinfo($newinfo); |
8ae42b8d |
488 | |
b9ddb2d5 |
489 | if (empty($updatekeys)) { // all keys? this does not support removing values |
490 | $updatekeys = array_keys($newinfo); |
491 | } |
8ae42b8d |
492 | |
b9ddb2d5 |
493 | foreach ($updatekeys as $key) { |
b9ddb2d5 |
494 | if (isset($newinfo[$key])) { |
495 | $value = $newinfo[$key]; |
b9ddb2d5 |
496 | } else { |
497 | $value = ''; |
498 | } |
8ae42b8d |
499 | |
500 | if (!empty($this->config->{'field_updatelocal_' . $key})) { |
139ebfdb |
501 | if ($user->{$key} != $value) { // only update if it's changed |
502 | set_field('user', $key, addslashes($value), 'id', $userid); |
503 | } |
b9ddb2d5 |
504 | } |
505 | } |
506 | } |
139ebfdb |
507 | return get_record_select('user', "id = $userid AND deleted = 0"); |
508 | } |
509 | |
510 | /** |
511 | * Called when the user record is updated. |
512 | * Modifies user in external database. It takes olduser (before changes) and newuser (after changes) |
513 | * conpares information saved modified information to external db. |
514 | * |
515 | * @param mixed $olduser Userobject before modifications (without system magic quotes) |
516 | * @param mixed $newuser Userobject new modified userobject (without system magic quotes) |
517 | * @return boolean result |
518 | * |
519 | */ |
520 | function user_update($olduser, $newuser) { |
521 | if (isset($olduser->username) and isset($newuser->username) and $olduser->username != $newuser->username) { |
522 | error_log("ERROR:User renaming not allowed in ext db"); |
523 | return false; |
524 | } |
525 | |
526 | if (isset($olduser->auth) and $olduser->auth != 'db') { |
527 | return true; // just change auth and skip update |
528 | } |
529 | |
530 | $curruser = $this->get_userinfo($olduser->username); |
531 | if (empty($curruser)) { |
532 | error_log("ERROR:User $olduser->username found in ext db"); |
533 | return false; |
534 | } |
535 | |
536 | $textlib = textlib_get_instance(); |
537 | $extusername = $textlib->convert($olduser->username, 'utf-8', $this->config->extencoding); |
538 | |
539 | $authdb = $this->db_init(); |
540 | |
541 | $update = array(); |
542 | foreach($curruser as $key=>$value) { |
543 | if ($key == 'username') { |
544 | continue; // skip this |
545 | } |
546 | if (empty($this->config->{"field_updateremote_$key"})) { |
547 | continue; // remote update not requested |
548 | } |
549 | if (!isset($newuser->$key)) { |
550 | continue; |
551 | } |
552 | $nuvalue = stripslashes($newuser->$key); |
553 | if ($nuvalue != $value) { |
554 | $update[] = $this->config->{"field_map_$key"}."='".$this->ext_addslashes($textlib->convert($nuvalue, 'utf-8', $this->config->extencoding))."'"; |
555 | } |
556 | } |
557 | if (!empty($update)) { |
558 | $authdb->Execute("UPDATE {$this->config->table} |
559 | SET ".implode(',', $update)." |
560 | WHERE {$this->config->fielduser}='".$this->ext_addslashes($extusername)."'"); |
561 | } |
562 | $authdb->Close(); |
563 | return true; |
b9ddb2d5 |
564 | } |
565 | |
8ae42b8d |
566 | /** |
567 | * A chance to validate form data, and last chance to |
568 | * do stuff before it is inserted in config_plugin |
569 | */ |
570 | function validate_form(&$form, &$err) { |
150b5fb0 |
571 | if ($form->passtype === 'internal') { |
b9ddb2d5 |
572 | $this->config->changepasswordurl = ''; |
573 | set_config('changepasswordurl', '', 'auth/db'); |
574 | } |
575 | return true; |
576 | } |
577 | |
578 | /** |
579 | * Returns true if this authentication plugin is 'internal'. |
580 | * |
139ebfdb |
581 | * @return bool |
b9ddb2d5 |
582 | */ |
583 | function is_internal() { |
584 | return false; |
585 | } |
586 | |
587 | /** |
588 | * Returns true if this authentication plugin can change the user's |
589 | * password. |
590 | * |
139ebfdb |
591 | * @return bool |
b9ddb2d5 |
592 | */ |
593 | function can_change_password() { |
594 | return ($this->config->passtype === 'internal'); |
595 | } |
596 | |
597 | /** |
598 | * Returns the URL for changing the user's pw, or false if the default can |
599 | * be used. |
600 | * |
139ebfdb |
601 | * @return bool |
b9ddb2d5 |
602 | */ |
603 | function change_password_url() { |
604 | return $this->config->changepasswordurl; |
605 | } |
606 | |
607 | /** |
608 | * Prints a form for configuring this authentication plugin. |
609 | * |
610 | * This function is called from admin/auth.php, and outputs a full page with |
611 | * a form for configuring this plugin. |
612 | * |
613 | * @param array $page An object containing all the data for this page. |
614 | */ |
139ebfdb |
615 | function config_form($config, $err, $user_fields) { |
8ae42b8d |
616 | include 'config.html'; |
b9ddb2d5 |
617 | } |
618 | |
619 | /** |
620 | * Processes and stores configuration data for this authentication plugin. |
621 | */ |
622 | function process_config($config) { |
623 | // set to defaults if undefined |
624 | if (!isset($config->host)) { |
8ae42b8d |
625 | $config->host = 'localhost'; |
b9ddb2d5 |
626 | } |
627 | if (!isset($config->type)) { |
8ae42b8d |
628 | $config->type = 'mysql'; |
629 | } |
630 | if (!isset($config->sybasequoting)) { |
631 | $config->sybasequoting = 0; |
b9ddb2d5 |
632 | } |
633 | if (!isset($config->name)) { |
8ae42b8d |
634 | $config->name = ''; |
b9ddb2d5 |
635 | } |
636 | if (!isset($config->user)) { |
8ae42b8d |
637 | $config->user = ''; |
b9ddb2d5 |
638 | } |
639 | if (!isset($config->pass)) { |
8ae42b8d |
640 | $config->pass = ''; |
b9ddb2d5 |
641 | } |
642 | if (!isset($config->table)) { |
8ae42b8d |
643 | $config->table = ''; |
b9ddb2d5 |
644 | } |
645 | if (!isset($config->fielduser)) { |
8ae42b8d |
646 | $config->fielduser = ''; |
b9ddb2d5 |
647 | } |
648 | if (!isset($config->fieldpass)) { |
8ae42b8d |
649 | $config->fieldpass = ''; |
b9ddb2d5 |
650 | } |
651 | if (!isset($config->passtype)) { |
8ae42b8d |
652 | $config->passtype = 'plaintext'; |
653 | } |
654 | if (!isset($config->extencoding)) { |
655 | $config->extencoding = 'utf-8'; |
656 | } |
657 | if (!isset($config->setupsql)) { |
658 | $config->setupsql = ''; |
659 | } |
660 | if (!isset($config->debugauthdb)) { |
661 | $config->debugauthdb = 0; |
b9ddb2d5 |
662 | } |
139ebfdb |
663 | if (!isset($config->removeuser)) { |
664 | $config->removeuser = 0; |
665 | } |
b9ddb2d5 |
666 | if (!isset($config->changepasswordurl)) { |
667 | $config->changepasswordurl = ''; |
668 | } |
669 | |
8ae42b8d |
670 | $config = stripslashes_recursive($config); |
b9ddb2d5 |
671 | // save settings |
8ae42b8d |
672 | set_config('host', $config->host, 'auth/db'); |
673 | set_config('type', $config->type, 'auth/db'); |
674 | set_config('sybasequoting', $config->sybasequoting, 'auth/db'); |
675 | set_config('name', $config->name, 'auth/db'); |
676 | set_config('user', $config->user, 'auth/db'); |
677 | set_config('pass', $config->pass, 'auth/db'); |
678 | set_config('table', $config->table, 'auth/db'); |
679 | set_config('fielduser', $config->fielduser, 'auth/db'); |
680 | set_config('fieldpass', $config->fieldpass, 'auth/db'); |
681 | set_config('passtype', $config->passtype, 'auth/db'); |
682 | set_config('extencoding', trim($config->extencoding), 'auth/db'); |
139ebfdb |
683 | set_config('setupsql', trim($config->setupsql),'auth/db'); |
8ae42b8d |
684 | set_config('debugauthdb', $config->debugauthdb, 'auth/db'); |
139ebfdb |
685 | set_config('removeuser', $config->removeuser, 'auth/db'); |
8ae42b8d |
686 | set_config('changepasswordurl', trim($config->changepasswordurl), 'auth/db'); |
687 | |
b9ddb2d5 |
688 | return true; |
689 | } |
690 | |
8ae42b8d |
691 | function ext_addslashes($text) { |
692 | // using custom made function for now |
693 | if (empty($this->config->sybasequoting)) { |
694 | $text = str_replace('\\', '\\\\', $text); |
695 | $text = str_replace(array('\'', '"', "\0"), array('\\\'', '\\"', '\\0'), $text); |
696 | } else { |
697 | $text = str_replace("'", "''", $text); |
698 | } |
699 | return $text; |
700 | } |
b9ddb2d5 |
701 | } |
702 | |
703 | ?> |