Commit 43a85886 authored by Brett Wilkins's avatar Brett Wilkins

MaharaAuthPlugin: Making sql queries more database friendly

Also setting the strict() calls to return true, and correcting some whitespace issues.
parent b8eee3a2
...@@ -33,7 +33,7 @@ class MaharaAuthPlugin extends AuthPlugin { ...@@ -33,7 +33,7 @@ class MaharaAuthPlugin extends AuthPlugin {
/** /**
* Check whether there exists a user account with the given name. * Check whether there exists a user account with the given name.
* The name will be normalized to MediaWiki's requirements, so * The name will be normalized to MediaWiki's requirements, so
* you might need to munge it (for instance, for lowercase initial * you might need to munge it (for instance, for lowercase initial
* letters). * letters).
* *
* @param $username String: username. * @param $username String: username.
...@@ -51,7 +51,7 @@ class MaharaAuthPlugin extends AuthPlugin { ...@@ -51,7 +51,7 @@ class MaharaAuthPlugin extends AuthPlugin {
$this->dbname = $dbname; $this->dbname = $dbname;
$this->host = $host; $this->host = $host;
$this->prefix = $prefix; $this->prefix = $prefix;
$this->dbtype = $dbtype; $this->dbtype = $dbtype;
$this->dbuser = $user; $this->dbuser = $user;
$this->dbpass = $password; $this->dbpass = $password;
} }
...@@ -59,7 +59,7 @@ class MaharaAuthPlugin extends AuthPlugin { ...@@ -59,7 +59,7 @@ class MaharaAuthPlugin extends AuthPlugin {
public function userExists( $username ) { public function userExists( $username ) {
$username = strtolower($username); $username = strtolower($username);
$db = $this->getDatabase(); $db = $this->getDatabase();
$sql = "SELECT username FROM ".$this->prefix."usr where username = '".$username."'"; $sql = "SELECT username FROM ".$this->prefix."usr where LOWER(username) = '".$username."'";
$res = $db->query($sql); $res = $db->query($sql);
$val = $db->fetchObject($res); $val = $db->fetchObject($res);
$db->close(); $db->close();
...@@ -82,7 +82,7 @@ class MaharaAuthPlugin extends AuthPlugin { ...@@ -82,7 +82,7 @@ class MaharaAuthPlugin extends AuthPlugin {
public function authenticate( $username, $password ) { public function authenticate( $username, $password ) {
$username = strtolower($username); $username = strtolower($username);
$db = $this->getDatabase(); $db = $this->getDatabase();
$sql = "SELECT username, password, salt FROM ".$this->prefix."usr where username = '".$username."'"; $sql = "SELECT username, password, salt FROM ".$this->prefix."usr where LOWER(username) = '".$username."'";
$res = $db->query($sql); $res = $db->query($sql);
$val = $db->fetchObject($res); $val = $db->fetchObject($res);
$db->close(); $db->close();
...@@ -136,8 +136,9 @@ class MaharaAuthPlugin extends AuthPlugin { ...@@ -136,8 +136,9 @@ class MaharaAuthPlugin extends AuthPlugin {
* @param User $user * @param User $user
*/ */
public function updateUser( &$user ) { public function updateUser( &$user ) {
$db = $this->getDatabase(); $db = $this->getDatabase();
$sql = "SELECT * FROM ".$this->prefix."usr where username = '".$username."'"; $sql = "SELECT * FROM ".$this->prefix."usr where LOWER(username) = LOWER('".$user->username."')";
$res = $db->query($sql); $res = $db->query($sql);
$val = $db->fetchRow($res); $val = $db->fetchRow($res);
$db->close(); $db->close();
...@@ -234,7 +235,7 @@ class MaharaAuthPlugin extends AuthPlugin { ...@@ -234,7 +235,7 @@ class MaharaAuthPlugin extends AuthPlugin {
* @return bool * @return bool
*/ */
public function strict() { public function strict() {
return false; return true;
} }
/** /**
...@@ -245,7 +246,7 @@ class MaharaAuthPlugin extends AuthPlugin { ...@@ -245,7 +246,7 @@ class MaharaAuthPlugin extends AuthPlugin {
* @return bool * @return bool
*/ */
public function strictUserAuth( $username ) { public function strictUserAuth( $username ) {
return false; return true;
} }
/** /**
...@@ -260,8 +261,9 @@ class MaharaAuthPlugin extends AuthPlugin { ...@@ -260,8 +261,9 @@ class MaharaAuthPlugin extends AuthPlugin {
* @param $autocreate bool True if user is being autocreated on login * @param $autocreate bool True if user is being autocreated on login
*/ */
public function initUser( &$user, $autocreate=false ) { public function initUser( &$user, $autocreate=false ) {
$username = strtolower($username);
$db = $this->getDatabase(); $db = $this->getDatabase();
$sql = "SELECT * FROM ".$this->prefix."usr where username = '".$username."'"; $sql = "SELECT * FROM ".$this->prefix."usr where LOWER(username) = '".$username."'";
$res = $db->query($sql); $res = $db->query($sql);
$val = $db->fetchRow($res); $val = $db->fetchRow($res);
$db->close(); $db->close();
...@@ -295,17 +297,9 @@ class MaharaAuthPlugin extends AuthPlugin { ...@@ -295,17 +297,9 @@ class MaharaAuthPlugin extends AuthPlugin {
switch ($this->dbtype) { switch ($this->dbtype) {
case 'mysql': case 'mysql':
return new DatabaseMysql($this->host,$this->dbuser,$this->dbpass,$this->dbname); return new DatabaseMysql($this->host,$this->dbuser,$this->dbpass,$this->dbname);
break;
case 'mssql':
return new DatabaseMssql($this->host,$this->dbuser,$this->dbpass,$this->dbname);
break;
case 'oracle':
return new DatabaseOracle($this->host,$this->dbuser,$this->dbpass,$this->dbname);
break;
case 'postgres': case 'postgres':
default: default:
return new DatabasePostgres($this->host,$this->dbuser,$this->dbpass,$this->dbname); return new DatabasePostgres($this->host,$this->dbuser,$this->dbpass,$this->dbname);
break;
} }
return false; return false;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment