function testUpdateNREN($nren_id) { /* if columns missing, no update */ if (MDB2Wrapper::testColumn('nrens', 'login_name') && MDB2Wrapper::testColumn('nrens', 'password') && MDB2Wrapper::testColumn('nrens', 'ivector') && MDB2Wrapper::testColumn('nrens', 'ap_name')) { return true; } return false; }
/** * save() store updated results to the database, encrypting the password * before storage. */ public function save($validate = true) { if (!$this->changed) { return false; } if ($validate && !CAHandler::getCA($this->person)->verifyCredentials($this->login_name, $this->password)) { /* FIXME: l10n */ throw new ConfusaGenException("Invalid username/password, Comodo will not accept!"); } /* We create a new ivector every time we save the password */ $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CFB); $iv = mcrypt_create_iv($size, MCRYPT_DEV_URANDOM); $cryptpw = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, Config::get_config('capi_enc_pw'), base64_encode($this->password), MCRYPT_MODE_CFB, $iv)); if (MDB2Wrapper::testColumn('nrens', 'login_name') && MDB2Wrapper::testColumn('nrens', 'password') && MDB2Wrapper::testColumn('nrens', 'ivector') && MDB2Wrapper::testColumn('nrens', 'ap_name')) { $sql = " UPDATE nrens SET login_name=?, password=?, ivector=?, ap_name=?"; $sql .= " WHERE nren_id = ?"; Logger::log_event(LOG_DEBUG, "Using the new database-schema for account-details"); } else { if (isset($this->account_id)) { $sql = "UPDATE account_map SET login_name=?, password=?, ivector=?, ap_name=?"; $sql .= " WHERE nren_id = ?"; } else { $sql = "INSERT INTO account_map (login_name, password, ivector, ap_name, nren_id) "; $sql .= "VALUES(?, ?, ?, ?, ?)"; } } $params = array('text', 'text', 'text', 'text', 'integer'); $data = array($this->login_name, $cryptpw, base64_encode($iv), $this->ap_name, $this->nren->getID()); try { MDB2Wrapper::update($sql, $params, $data); Logger::log_event(LOG_NOTICE, "account-data updated for NREN " . $this->nren->getID()); } catch (DBQueryException $dqe) { $errorTag = PW::create(); Logger::log_event(LOG_ERR, "Could not update the login-account with ID " . $this->account_id . " for " . $this->nren->getID() . "(" . $this->login_name . ")"); return false; } catch (DBStatementException $dse) { $errorTag = PW::create(); Logger::log_event(LOG_ERR, "Could not update the login-account for NREN " . $this->nren->getID() . " to new value {$login_name} " . $dse->getMessage()); return false; } $this->changed = false; return true; }