[dev] patch against Auth_sql::

Ronnie Garcia ronnie@mk2.net
Thu Nov 21 18:16:45 2002


oi team,
  Here is a patch against Auth_sql to add the possibility to setup a custom 
made query to authenticate the user.
  Special tokens are used to be replaced with the user's login and password 
: "\L" for login and "\P" for password. Other tokens might be added later.

  If the query returns at least one line, the user is authenticated. Using 
"SELECT 1" is not really a good idea ;)

  I'm now successfully using it with the following query in horde/conf.php :

$conf['auth']['params']['query_auth'] = '
                    SELECT *
                    FROM users, servers, services, users_servers_services
                    WHERE users.s_login = \L
                    AND users.s_passwd_md5 = \P
                    AND services.s_name = 'webmail'
                    AND users_servers_services.id_user = users.id
                    AND users_servers_services.id_server = servers.id
                    AND users_servers_services.id_service = services.id';

  If this gets into HEAD, i will send a patch to add documentation into 
horde/conf.php also.

  My second step is now to add a transparent-auth option to IMP, so that 
users don't need to re-login.
  Any ideas, thought, would be greatly appreciated.

Rgds,
Ronnie.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sql.php.patch
Type: application/octet-stream
Size: 4174 bytes
Desc: not available
Url : http://lists.horde.org/archives/dev/attachments/20021121/65d7220f/sql.php.obj


More information about the dev mailing list