MDL-20365 auth_db: cross-db passfield case and saltedcrypt unit test
authorEloy Lafuente (stronk7) <stronk7@moodle.org>
Wed, 26 Nov 2014 11:04:31 +0000 (12:04 +0100)
committerEloy Lafuente (stronk7) <stronk7@moodle.org>
Wed, 26 Nov 2014 11:11:46 +0000 (12:11 +0100)
auth/db/auth.php
auth/db/tests/db_test.php

index cef314d..e77bc48 100644 (file)
@@ -105,7 +105,7 @@ class auth_plugin_db extends auth_plugin_base {
 
             $authdb = $this->db_init();
 
-            $rs = $authdb->Execute("SELECT {$this->config->fieldpass}
+            $rs = $authdb->Execute("SELECT {$this->config->fieldpass} AS userpass
                                       FROM {$this->config->table}
                                      WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."'");
             if (!$rs) {
@@ -119,7 +119,8 @@ class auth_plugin_db extends auth_plugin_base {
                 return false;
             }
 
-            $fromdb = $rs->fields[$this->config->fieldpass];
+            $fields = array_change_key_case($rs->fields, CASE_LOWER);
+            $fromdb = $fields['userpass'];
             $rs->Close();
             $authdb->Close();
 
index 3931ea9..e619df6 100644 (file)
@@ -306,6 +306,13 @@ class auth_db_testcase extends advanced_testcase {
         $DB->update_record('auth_db_users', $user3);
         $this->assertTrue($auth->user_login('u3', 'heslo'));
 
+        require_once($CFG->libdir.'/password_compat/lib/password.php');
+        set_config('passtype', 'saltedcrypt', 'auth/db');
+        $auth->config->passtype = 'saltedcrypt';
+        $user3->pass = password_hash('heslo', PASSWORD_BCRYPT, array('salt' => 'best_salt_ever_moodle_rocks_dont_tell'));
+        $DB->update_record('auth_db_users', $user3);
+        $this->assertTrue($auth->user_login('u3', 'heslo'));
+
         set_config('passtype', 'internal', 'auth/db');
         $auth->config->passtype = 'internal';
         create_user_record('u3', 'heslo', 'db');