/** * Initialises the userhash from a username/password table * * @param string $db Database holding the user table * @param string $table Table with columns db, username, password * @param string $user Username for the user database * @param string $pass Password for the user database */ public static function init($db, $table, $user, $pass) { // Set the database to the user DB DB::setDB($db, $user, $pass); // Clean the table name to prevent injection $table = DB::clean($table); $sql = "SELECT db, username, password FROM {$table}"; $result = DB::query($sql); // If valid result received then loop through and add users foreach ($result->rows as $row) { DB::addUser(self::$dbprefix . $row->db, $row->username, $row->password); } }
<?php include $_SERVER['DOCUMENT_ROOT'] . '/libs/serverconfig.php'; DB::setDB('prism'); session_name("prism"); function write_head() { echo <<<_END <!DOCTYPE html> <html lang="en"> <head> <link rel="apple-touch-icon" sizes="57x57" href="/apple-touch-icon-57x57.png"> <link rel="apple-touch-icon" sizes="114x114" href="/apple-touch-icon-114x114.png"> <link rel="apple-touch-icon" sizes="72x72" href="/apple-touch-icon-72x72.png"> <link rel="apple-touch-icon" sizes="144x144" href="/apple-touch-icon-144x144.png"> <link rel="apple-touch-icon" sizes="60x60" href="/apple-touch-icon-60x60.png"> <link rel="apple-touch-icon" sizes="120x120" href="/apple-touch-icon-120x120.png"> <link rel="apple-touch-icon" sizes="76x76" href="/apple-touch-icon-76x76.png"> <link rel="apple-touch-icon" sizes="152x152" href="/apple-touch-icon-152x152.png"> <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon-180x180.png"> <link rel="icon" type="image/png" href="/favicon-192x192.png" sizes="192x192"> <link rel="icon" type="image/png" href="/favicon-160x160.png" sizes="160x160"> <link rel="icon" type="image/png" href="/favicon-96x96.png" sizes="96x96"> <link rel="icon" type="image/png" href="/favicon-16x16.png" sizes="16x16"> <link rel="icon" type="image/png" href="/favicon-32x32.png" sizes="32x32"> <meta name="msapplication-TileColor" content="#b91d47"> <meta name="msapplication-TileImage" content="/mstile-144x144.png"> <title>PRevention of Insufficiency after Surgical Management (PRISM) trial</title> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="/css/bootstrap.css" rel="stylesheet" type="text/css" />
<?php if (count(get_included_files()) == 1) { exit("Direct access not permitted."); } if (php_sapi_name() === 'cli') { $path = '.'; } else { $path = $_SERVER['DOCUMENT_ROOT']; } require $path . '/libs/serverconfig.php'; addIncludePath('/classes'); addIncludePath('/addons'); $trial = 'PRISM'; Config::set('userdb', $db); Config::set('database', $db); Config::set('trial', $trial); Config::set('idName', 'PRISM ID'); if (!DB::setDB($db)) { exit('Unable to set database'); } require 'ecrflib.php'; require 'mainlib.php'; session_name('PRISM');
<?php require "../../DB.php"; require "model.php"; DB::setDB("sample.db"); DB::setDriver("sqlite"); try { DB::begin(); for ($i = 0; $i < 100; $i++) { $user = new User(array("user" => "foobar{$i}", "pass" => "nothing")); $user->save(); } DB::commit(); } catch (PDOException $e) { /* probably the table is already populated */ DB::rollback(); } /* Load users with `user` foobar1 or foobar2 and change its password */ $users = new User(); $users->user = array("foobar1", "foobar2"); DB::begin(); foreach ($users->load() as $user) { $user->pass = "******"; $user->save(); } DB::commit(); /* now let's try some queries, the first should work, the other should fail */ foreach (array("foobar1" => "pass", "foobar10" => "pass") as $user => $pass) { if (User::doLogin($user, $pass)) { print "Welcome user {$user}\n"; } else {