/**
* リクエストからログイン処理をおこなう
*
* @param bool $is_save_cookie クッキーの保存期限を設定するかどうか
* @return bool
*/
function login($is_save_cookie = false)
{
$this->auth =& $this->factory(true);
if ($this->is_lowercase_username) {
$this->auth->post[$this->auth->_postUsername] = strtolower($this->auth->post[$this->auth->_postUsername]);
}
if ($this->is_encrypt_username) {
$this->auth->post[$this->auth->_postUsername] = t_encrypt($this->auth->post[$this->auth->_postUsername]);
}
$this->auth->start();
if ($this->auth->getAuth()) {
if (OPENPNE_SESSION_CHECK_URL) {
$this->auth->setAuthData('OPENPNE_URL', OPENPNE_URL);
}
if ($this->is_check_user_agent) {
$this->auth->setAuthData('USER_AGENT', $_SERVER['HTTP_USER_AGENT']);
}
$this->sess_id = session_id();
if (!$this->is_ktai) {
if ($is_save_cookie) {
$expire = time() + 2592000;
// 30 days
} else {
$expire = 0;
}
setcookie(session_name(), session_id(), $expire, $this->cookie_path);
}
return true;
} else {
return false;
}
}
/**
* Get user information from database
*
* This function uses the given username to fetch
* the corresponding login data from the database
* table. If an account that matches the passed username
* and password is found, the function returns true.
* Otherwise it returns false.
*
* @param string Username
* @param string Password
* @return mixed Error object or boolean
*/
function fetchData($username, $password)
{
// Prepare for a database query
$err = $this->_prepare();
if ($err !== true) {
return PEAR::raiseError($err->getMessage(), $err->getCode());
}
// Find if db_fields contains a *, i so assume all col are selected
if (strstr($this->options['db_fields'], '*')) {
$sql_from = "*";
} else {
$sql_from = $this->options['usernamecol'] . ", " . $this->options['passwordcol'] . $this->options['db_fields'];
}
$query = "SELECT " . $sql_from . " FROM " . $this->options['table'] . " WHERE " . $this->options['usernamecol'] . " = " . $this->db->Quote($username);
$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
$rset = $this->db->Execute($query);
$res = $rset->fetchRow();
if (DB::isError($res)) {
return PEAR::raiseError($res->getMessage(), $res->getCode());
}
if (!is_array($res)) {
$this->activeUser = '';
return false;
}
if ($this->verifyPassword(trim($password, "\r\n"), trim($res[$this->options['passwordcol']], "\r\n"), $this->options['cryptType'])) {
// Store additional field values in the session
foreach ($res as $key => $value) {
if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) {
continue;
}
// Use reference to the auth object if exists
// This is because the auth session variable can change so a static call to setAuthData does not make sence
if (is_object($this->_auth_obj)) {
$this->_auth_obj->setAuthData($key, $value);
} else {
Auth::setAuthData($key, $value);
}
}
return true;
}
$this->activeUser = $res[$this->options['usernamecol']];
return false;
}
/**
* Get user information from database
*
* This function uses the given username to fetch
* the corresponding login data from the database
* table. If an account that matches the passed username
* and password is found, the function returns true.
* Otherwise it returns false.
*
* @param string Username
* @param string Password
* @return mixed Error object or boolean
*/
function fetchData($username, $password)
{
// Prepare for a database query
$err = $this->_prepare();
if ($err !== true) {
return PEAR::raiseError($err->getMessage(), $err->getCode());
}
// Find if db_fileds contains a *, i so assume all col are selected
if (strstr($this->options['db_fields'], '*')) {
$sql_from = "*";
} else {
$sql_from = $this->options['usernamecol'] . ", " . $this->options['passwordcol'] . $this->options['db_fields'];
}
/**
Old Style, removed to go around the oci8
problem
See bug 206
http://pear.php.net/bugs/bug.php?id=206
$query = "SELECT ! FROM ! WHERE ! = ?";
$query_params = array(
$sql_from,
$this->options['table'],
$this->options['usernamecol'],
$username
);
*/
$query = "SELECT " . $sql_from . " FROM " . $this->options['table'] . " WHERE " . $this->options['usernamecol'] . " = '" . $this->db->quoteString($username) . "'";
$res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC);
if (DB::isError($res)) {
return PEAR::raiseError($res->getMessage(), $res->getCode());
}
if (!is_array($res)) {
$this->activeUser = '';
return false;
}
if ($this->verifyPassword(trim($password, "\r\n"), trim($res[$this->options['passwordcol']], "\r\n"), $this->options['cryptType'])) {
// Store additional field values in the session
foreach ($res as $key => $value) {
if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) {
continue;
}
// Use reference to the auth object if exists
// This is because the auth session variable can change so a static call to setAuthData does not make sence
if (is_object($this->_auth_obj)) {
$this->_auth_obj->setAuthData($key, $value);
} else {
Auth::setAuthData($key, $value);
}
}
return true;
}
$this->activeUser = $res[$this->options['usernamecol']];
return false;
}
/**
* Get user information from database
*
* This function uses the given username to fetch
* the corresponding login data from the database
* table. If an account that matches the passed username
* and password is found, the function returns true.
* Otherwise it returns false.
*
* @param string Username
* @param string Password
* @return mixed Error object or boolean
*/
function fetchData($username, $password)
{
$this->log('Auth_Container_DBLite::fetchData() called.', AUTH_LOG_DEBUG);
// Prepare for a database query
$err = $this->_prepare();
if ($err !== true) {
return PEAR::raiseError($err->getMessage(), $err->getCode());
}
// Find if db_fields contains a *, if so assume all col are selected
if (is_string($this->options['db_fields']) && strstr($this->options['db_fields'], '*')) {
$sql_from = "*";
} else {
$sql_from = $this->options['final_usernamecol'] . ", " . $this->options['final_passwordcol'];
if (strlen($fields = $this->_quoteDBFields()) > 0) {
$sql_from .= ', ' . $fields;
}
}
$query = "SELECT " . $sql_from . " FROM " . $this->options['final_table'] . " WHERE " . $this->options['final_usernamecol'] . " = " . $this->db->quoteSmart($username);
// check if there is an optional parameter db_where
if ($this->options['db_where'] != '') {
// there is one, so add it to the query
$query .= " AND " . $this->options['db_where'];
}
$this->log('Running SQL against DB: ' . $query, AUTH_LOG_DEBUG);
$res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC);
if (DB::isError($res)) {
return PEAR::raiseError($res->getMessage(), $res->getCode());
}
if (!is_array($res)) {
$this->activeUser = '';
return false;
}
if ($this->verifyPassword(trim($password, "\r\n"), trim($res[$this->options['passwordcol']], "\r\n"), $this->options['cryptType'])) {
// Store additional field values in the session
foreach ($res as $key => $value) {
if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) {
continue;
}
$this->log('Storing additional field: ' . $key, AUTH_LOG_DEBUG);
// Use reference to the auth object if exists
// This is because the auth session variable can change so a static call to setAuthData does not make sence
if (is_object($this->_auth_obj)) {
$this->_auth_obj->setAuthData($key, $value);
} else {
Auth::setAuthData($key, $value);
}
}
$this->activeUser = $res[$this->options['usernamecol']];
return true;
}
$this->activeUser = $res[$this->options['usernamecol']];
return false;
}
/**
* Register variable in a session telling that the user
* has logged in successfully
*
* @access public
* @param string Username
* @param mixed [Deprecated] Additional information that
* is stored in the session. This parameter
* can have any type (integer, string, array
* etc).
* @return void
*/
function setAuth($username, $data = null)
{
$session =& Auth::_importGlobalVariable("session");
if (!isset($session['auth']) && !isset($_SESSION)) {
session_register("auth");
}
if (!isset($session['auth']) || !is_array($session['auth'])) {
$session['auth'] = array();
}
$session['auth']['registered'] = true;
$session['auth']['username'] = $username;
$session['auth']['timestamp'] = time();
$session['auth']['idle'] = time();
if (!empty($data)) {
Auth::setAuthData($data);
}
}
/**
* Get user information from database
*
* This function uses the given username to fetch
* the corresponding login data from the database
* table. If an account that matches the passed username
* and password is found, the function returns true.
* Otherwise it returns false.
*
* @param string Username
* @param string Password
* @return mixed Error object or boolean
*/
function fetchData($username, $password)
{
// Prepare for a database query
$err = $this->_prepare();
if ($err !== true) {
return PEAR::raiseError($err->getMessage(), $err->getCode());
}
// Find if db_fileds contains a *, i so assume all col are selected
if (strstr($this->options['db_fields'], '*')) {
$sql_from = '*';
} else {
$sql_from = $this->options['usernamecol'] . ', ' . $this->options['passwordcol'] . $this->options['db_fields'];
}
$query = sprintf("SELECT %s FROM %s WHERE %s = %s", $sql_from, $this->options['table'], $this->options['usernamecol'], $this->db->getTextValue($username));
$res = $this->db->getRow($query, null, null, null, MDB_FETCHMODE_ASSOC);
if (MDB::isError($res) || PEAR::isError($res)) {
return PEAR::raiseError($res->getMessage(), $res->getCode());
}
if (!is_array($res)) {
$this->activeUser = '';
return false;
}
if ($this->verifyPassword(trim($password, "\r\n"), trim($res[$this->options['passwordcol']], "\r\n"), $this->options['cryptType'])) {
// Store additional field values in the session
foreach ($res as $key => $value) {
if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) {
continue;
}
// Use reference to the auth object if exists
// This is because the auth session variable can change so a static call to setAuthData does not make sence
if (is_object($this->_auth_obj)) {
$this->_auth_obj->setAuthData($key, $value);
} else {
Auth::setAuthData($key, $value);
}
}
return true;
}
$this->activeUser = $res[$this->options['usernamecol']];
return false;
}
