[sork] Passwd, vpopmail and mysql
Ilya
mail at krel.org
Wed Feb 12 21:06:06 PST 2003
This are some updates to sql.php driver. Ive made it more similar to vpopmail in
terms of variable names, I also borrowed the domain expansion code from
vpopmail.
I have however an issue with it. in main.php $userid is expanded from :
} else {
$splitted = split("@", Auth::getAuth());
$userid = @$splitted[0];
}
so the domain part is dropped. this would be a problem with sql and vpopmail
domain feature, at present I have to type domain manually.
Also by adding domain I put a condition to be compatible with previous installs
(if anyone except me actually uses it) ,so if domain is set to 'none', than query is
constructed the old way.
Also I take now most of the settings from horde sql config, by using merge so
that takes care of that last TODO thingie.
And lastly removed exim from description in backends, since it really isnt exim specific.
-------------- next part --------------
--- backends.php.orig Wed Feb 12 20:15:06 2003
+++ backends.php.dist Wed Feb 12 20:54:05 2003
@@ -25,7 +25,7 @@
* Valid values are currently:
* ldap Change the password on a ldap server
* sql Change the password for sql authentication
- * (exim, pam_mysql, horde)
+ * (pam_mysql, horde)
* poppassd Change the password via a poppassd server
* smbpasswd Change the password via the smbpasswd command
* expect Change the password via an expect script
@@ -144,16 +144,13 @@
'minNumeric' => 1
),
'driver' => 'sql',
- 'params' => array(
- 'phptype' => 'mysql',
- 'hostspec' => 'localhost',
- 'username' => 'horde',
- 'password' => '',
- 'encryption' => 'md5-hex',
- 'database' => 'horde',
- 'table' => 'horde_users',
- 'user_col' => 'user_uid',
- 'pass_col' => 'user_pass'
+ 'params' => array_merge($conf['sql'],
+ array('table' => 'horde_users'),
+ array('encryption' => 'md5-hex'),
+ array('name' => 'user_uid'),
+ array('password' => 'user_pass'),
+/* set domain to 'none' if you are not using it */
+ array('domain' => 'domain')
)
);
-------------- next part --------------
--- sql.php.orig Wed Feb 12 19:22:59 2003
+++ sql.php Wed Feb 12 20:51:02 2003
@@ -48,8 +48,9 @@
/* Defaults to match Auth::sql default */
$this->_params['table'] = array_key_exists('table', $params) ? $params['table'] : 'horde_users';
$this->_params['encryption'] = array_key_exists('encryption', $params) ? $params['encryption'] : 'md5';
- $this->_params['user_col'] = array_key_exists('user_col', $params) ? $params['user_col'] : 'user_uid';
- $this->_params['pass_col'] = array_key_exists('pass_col', $params) ? $params['pass_col'] : 'user_pass';
+ $this->_params['name'] = array_key_exists('name', $params) ? $params['name'] : 'user';
+ $this->_params['passwd'] = array_key_exists('passwd', $params) ? $params['passwd'] : 'password';
+ $this->_params['domain'] = array_key_exists('domain', $params) ? $params['domain'] : 'domain';
}
/**
@@ -107,9 +108,14 @@
return $res;
}
+ list($name,$domain)=explode('@',$user);
+
// Build the SQL query.
- $query = 'SELECT ' . $this->_params['pass_col'] . ' FROM ' . $this->_params['table'];
- $query .= ' WHERE ' . $this->_params['user_col'] . ' = ' . $this->_db->quote($user);
+ $query = 'SELECT ' . $this->_params['passwd'] . ' FROM ' . $this->_params['table'];
+ $query .= ' WHERE ' . $this->_params['name'] . ' = ' . $this->_db->quote($name);
+ if ($this->_params['domain'] != 'none') {
+ $query .= ' AND ' . $this->_params['domain'] . ' = ' . $this->_db->quote($domain);
+ }
// Execute the query.
$result = $this->_db->query($query);
@@ -118,7 +124,7 @@
$result->free();
if (is_array($row)) {
// Get the password from the database
- $currentPassword = $row[$this->_params['pass_col']];
+ $currentPassword = $row[$this->_params['passwd']];
// Check the passwords match
return $this->comparePasswords($currentPassword, $oldPassword);
@@ -143,13 +149,18 @@
return $res;
}
+ list($name,$domain)=explode('@',$user);
+
// Encrypt the password
$newPassword = $this->encryptPassword($newPassword);
// Build the SQL query.
$query = 'UPDATE ' . $this->_params['table'];
- $query .= ' SET ' . $this->_params['pass_col'] . ' = ' . $this->_db->quote($newPassword);
- $query .= ' WHERE ' . $this->_params['user_col'] . ' = ' . $this->_db->quote($user);
+ $query .= ' SET ' . $this->_params['passwd'] . ' = ' . $this->_db->quote($newPassword);
+ $query .= ' WHERE ' . $this->_params['name'] . ' = ' . $this->_db->quote($name);
+ if ($this->_params['domain'] != 'none') {
+ $query .= ' AND ' . $this->_params['domain'] . ' = ' . $this->_db->quote($domain);
+ }
// Execute the query.
$result = $this->_db->query($query);
@@ -185,6 +196,7 @@
if (!is_a($res, 'PEAR_Error')) {
$this->reset_credentials($username, $oldpassword, $newpassword);
}
+
return $res;
}
More information about the sork
mailing list