[sork] Passwd, vpopmail and mysql

Ilya mail at krel.org
Wed Feb 12 21:06:06 PST 2003 

This are some updates to sql.php driver. Ive made it more similar to vpopmail in
terms of variable names, I also borrowed the domain expansion code from
vpopmail.
I have however an issue with it. in main.php $userid is expanded from :
 } else {
        $splitted  = split("@", Auth::getAuth());
        $userid = @$splitted[0];
    }

so the domain part is dropped. this would be a problem with sql and vpopmail
domain feature, at present I have to type domain manually.
Also by adding domain I put a condition to be compatible with previous installs
(if anyone except me actually uses it) ,so if domain is set to 'none', than query is
constructed the old way.
Also I take now most of the settings from horde sql config, by using merge so
that takes care of that last TODO thingie.

And lastly removed exim from description in  backends, since it really isnt exim specific.
-------------- next part --------------
--- backends.php.orig	Wed Feb 12 20:15:06 2003
+++ backends.php.dist	Wed Feb 12 20:54:05 2003
@@ -25,7 +25,7 @@
  *            Valid values are currently:
  *              ldap         Change the password on a ldap server
  *              sql          Change the password for sql authentication
- *                           (exim, pam_mysql, horde)
+ *                           (pam_mysql, horde)
  *              poppassd     Change the password via a poppassd server
  *              smbpasswd    Change the password via the smbpasswd command
  *              expect       Change the password via an expect script
@@ -144,16 +144,13 @@
         'minNumeric' => 1
     ),
     'driver' => 'sql',
-    'params' => array(
-        'phptype'    => 'mysql',
-        'hostspec'   => 'localhost',
-        'username'   => 'horde',
-        'password'   => '',
-        'encryption' => 'md5-hex',
-        'database'   => 'horde',
-        'table'      => 'horde_users',
-        'user_col'   => 'user_uid',
-        'pass_col'   => 'user_pass'
+    'params' => array_merge($conf['sql'], 
+        array('table'      => 'horde_users'),
+        array('encryption' => 'md5-hex'),
+        array('name'       => 'user_uid'),
+        array('password'   => 'user_pass'),
+/* set domain to 'none' if you are not using it */
+        array('domain'     => 'domain')
     )
 );
 
-------------- next part --------------
--- sql.php.orig	Wed Feb 12 19:22:59 2003
+++ sql.php	Wed Feb 12 20:51:02 2003
@@ -48,8 +48,9 @@
         /* Defaults to match Auth::sql default */
         $this->_params['table']      = array_key_exists('table', $params)      ? $params['table'] : 'horde_users';
         $this->_params['encryption'] = array_key_exists('encryption', $params) ? $params['encryption'] : 'md5';
-        $this->_params['user_col']   = array_key_exists('user_col', $params)   ? $params['user_col'] : 'user_uid';
-        $this->_params['pass_col']   = array_key_exists('pass_col', $params)   ? $params['pass_col'] : 'user_pass';
+        $this->_params['name']   = array_key_exists('name', $params)   ? $params['name'] : 'user';
+        $this->_params['passwd']   = array_key_exists('passwd', $params)   ? $params['passwd'] : 'password';
+        $this->_params['domain']   = array_key_exists('domain', $params)   ? $params['domain'] : 'domain';
     }
 
     /**
@@ -107,9 +108,14 @@
             return $res;
         }
 
+        list($name,$domain)=explode('@',$user);
+
         // Build the SQL query.
-        $query  = 'SELECT ' . $this->_params['pass_col'] . ' FROM ' . $this->_params['table'];
-        $query .= ' WHERE ' . $this->_params['user_col'] . ' = ' . $this->_db->quote($user);
+        $query  = 'SELECT ' . $this->_params['passwd'] . ' FROM ' . $this->_params['table'];
+        $query .= ' WHERE ' . $this->_params['name'] . ' = ' . $this->_db->quote($name);
+		if ($this->_params['domain'] != 'none') {
+        	$query .= ' AND ' . $this->_params['domain'] . ' = ' . $this->_db->quote($domain);
+		}
 
         // Execute the query.
         $result = $this->_db->query($query);
@@ -118,7 +124,7 @@
             $result->free();
             if (is_array($row)) {
                 // Get the password from the database
-                $currentPassword = $row[$this->_params['pass_col']];
+                $currentPassword = $row[$this->_params['passwd']];
 
                 // Check the passwords match
                 return $this->comparePasswords($currentPassword, $oldPassword);
@@ -143,13 +149,18 @@
             return $res;
         }
 
+        list($name,$domain)=explode('@',$user);
+
         // Encrypt the password
         $newPassword = $this->encryptPassword($newPassword);
 
         // Build the SQL query.
         $query = 'UPDATE ' . $this->_params['table'];
-        $query .= ' SET ' . $this->_params['pass_col'] . ' = ' . $this->_db->quote($newPassword);
-        $query .= ' WHERE ' . $this->_params['user_col'] . ' = ' . $this->_db->quote($user);
+        $query .= ' SET ' . $this->_params['passwd'] . ' = ' . $this->_db->quote($newPassword);
+        $query .= ' WHERE ' . $this->_params['name'] . ' = ' . $this->_db->quote($name);
+		if ($this->_params['domain'] != 'none') {
+	        $query .= ' AND ' . $this->_params['domain'] . ' = ' . $this->_db->quote($domain);
+		}
 
         // Execute the query.
         $result = $this->_db->query($query);
@@ -185,6 +196,7 @@
         if (!is_a($res, 'PEAR_Error')) {
             $this->reset_credentials($username, $oldpassword, $newpassword);
         }
+
         return $res;
     }

More information about the sork mailing list