Commit 43a85886 authored by Brett Wilkins's avatar Brett Wilkins

MaharaAuthPlugin: Making sql queries more database friendly

Also setting the strict() calls to return true, and correcting some whitespace issues.
parent b8eee3a2
......@@ -59,7 +59,7 @@ class MaharaAuthPlugin extends AuthPlugin {
public function userExists( $username ) {
$username = strtolower($username);
$db = $this->getDatabase();
$sql = "SELECT username FROM ".$this->prefix."usr where username = '".$username."'";
$sql = "SELECT username FROM ".$this->prefix."usr where LOWER(username) = '".$username."'";
$res = $db->query($sql);
$val = $db->fetchObject($res);
$db->close();
......@@ -82,7 +82,7 @@ class MaharaAuthPlugin extends AuthPlugin {
public function authenticate( $username, $password ) {
$username = strtolower($username);
$db = $this->getDatabase();
$sql = "SELECT username, password, salt FROM ".$this->prefix."usr where username = '".$username."'";
$sql = "SELECT username, password, salt FROM ".$this->prefix."usr where LOWER(username) = '".$username."'";
$res = $db->query($sql);
$val = $db->fetchObject($res);
$db->close();
......@@ -136,8 +136,9 @@ class MaharaAuthPlugin extends AuthPlugin {
* @param User $user
*/
public function updateUser( &$user ) {
$db = $this->getDatabase();
$sql = "SELECT * FROM ".$this->prefix."usr where username = '".$username."'";
$sql = "SELECT * FROM ".$this->prefix."usr where LOWER(username) = LOWER('".$user->username."')";
$res = $db->query($sql);
$val = $db->fetchRow($res);
$db->close();
......@@ -234,7 +235,7 @@ class MaharaAuthPlugin extends AuthPlugin {
* @return bool
*/
public function strict() {
return false;
return true;
}
/**
......@@ -245,7 +246,7 @@ class MaharaAuthPlugin extends AuthPlugin {
* @return bool
*/
public function strictUserAuth( $username ) {
return false;
return true;
}
/**
......@@ -260,8 +261,9 @@ class MaharaAuthPlugin extends AuthPlugin {
* @param $autocreate bool True if user is being autocreated on login
*/
public function initUser( &$user, $autocreate=false ) {
$username = strtolower($username);
$db = $this->getDatabase();
$sql = "SELECT * FROM ".$this->prefix."usr where username = '".$username."'";
$sql = "SELECT * FROM ".$this->prefix."usr where LOWER(username) = '".$username."'";
$res = $db->query($sql);
$val = $db->fetchRow($res);
$db->close();
......@@ -295,17 +297,9 @@ class MaharaAuthPlugin extends AuthPlugin {
switch ($this->dbtype) {
case 'mysql':
return new DatabaseMysql($this->host,$this->dbuser,$this->dbpass,$this->dbname);
break;
case 'mssql':
return new DatabaseMssql($this->host,$this->dbuser,$this->dbpass,$this->dbname);
break;
case 'oracle':
return new DatabaseOracle($this->host,$this->dbuser,$this->dbpass,$this->dbname);
break;
case 'postgres':
default:
return new DatabasePostgres($this->host,$this->dbuser,$this->dbpass,$this->dbname);
break;
}
return false;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment