Halaman utama Jelajahi Bantuan
Daftar Masuk
United_Software
/
k_online_backend
2
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Pohon: a0f10fe811
Ranting Tag
k_online_backen...
/
libs
/
ADOdb-5.20.17
/
pear
/
Auth
/
Container
/
ADOdb.php

ADOdb.php 11 KB
Riwayat Mentahan

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406 
  1. <?php
    2. 

  2. /*
    3. 

  3. @version   v5.20.17  31-Mar-2020
    4. 

  4. @copyright (c) 2000-2013 John Lim (jlim#natsoft.com). All rights reserved.
    5. 

  5. @copyright (c) 2014      Damien Regad, Mark Newnham and the ADOdb community
    6. 

  6.   Released under both BSD license and Lesser GPL library license.
    7. 

  7.   Whenever there is any discrepancy between the two licenses,
    8. 

  8.   the BSD license will take precedence. See License.txt.
    9. 

  9.   Set tabs to 4 for best viewing.
    10. 

  10. 

  11.   Latest version is available at http://adodb.org/
    12. 

  12. 

  13. 	Original Authors: Martin Jansen <mj#php.net>
    14. 

  14. 	Richard Tango-Lowy <richtl#arscognita.com>
    15. 

  15. */
    16. 

  16. 

  17. require_once 'Auth/Container.php';
    18. 

  18. require_once 'adodb.inc.php';
    19. 

  19. require_once 'adodb-pear.inc.php';
    20. 

  20. require_once 'adodb-errorpear.inc.php';
    21. 

  21. 

  22. /**
    23. 

  23.  * Storage driver for fetching login data from a database using ADOdb-PHP.
    24. 

  24.  *
    25. 

  25.  * This storage driver can use all databases which are supported
    26. 

  26.  * by the ADBdb DB abstraction layer to fetch login data.
    27. 

  27.  * See http://adodb.org/ for information on ADOdb.
    28. 

  28.  * NOTE: The ADOdb directory MUST be in your PHP include_path!
    29. 

  29.  *
    30. 

  30.  * @author   Richard Tango-Lowy <richtl@arscognita.com>
    31. 

  31.  * @package  Auth
    32. 

  32.  * @version  $Revision: 1.3 $
    33. 

  33.  */
    34. 

  34. class Auth_Container_ADOdb extends Auth_Container
    35. 

  35. {
    36. 

  36. 

  37.     /**
    38. 

  38.      * Additional options for the storage container
    39. 

  39.      * @var array
    40. 

  40.      */
    41. 

  41.     var $options = array();
    42. 

  42. 

  43.     /**
    44. 

  44.      * DB object
    45. 

  45.      * @var object
    46. 

  46.      */
    47. 

  47.     var $db = null;
    48. 

  48.     var $dsn = '';
    49. 

  49. 

  50.     /**
    51. 

  51.      * User that is currently selected from the DB.
    52. 

  52.      * @var string
    53. 

  53.      */
    54. 

  54.     var $activeUser = '';
    55. 

  55. 

  56.     // {{{ Constructor
    57. 

  57. 

  58.     /**
    59. 

  59.      * Constructor of the container class
    60. 

  60.      *
    61. 

  61.      * Initate connection to the database via PEAR::ADOdb
    62. 

  62.      *
    63. 

  63.      * @param  string Connection data or DB object
    64. 

  64.      * @return object Returns an error object if something went wrong
    65. 

  65.      */
    66. 

  66.     function __construct($dsn)
    67. 

  67.     {
    68. 

  68.         $this->_setDefaults();
    69. 

  69. 

  70.         if (is_array($dsn)) {
    71. 

  71.             $this->_parseOptions($dsn);
    72. 

  72. 

  73.             if (empty($this->options['dsn'])) {
    74. 

  74.                 PEAR::raiseError('No connection parameters specified!');
    75. 

  75.             }
    76. 

  76.         } else {
    77. 

  77.         	// Extract db_type from dsn string.
    78. 

  78.             $this->options['dsn'] = $dsn;
    79. 

  79.         }
    80. 

  80.     }
    81. 

  81. 

  82.     // }}}
    83. 

  83.     // {{{ _connect()
    84. 

  84. 

  85.     /**
    86. 

  86.      * Connect to database by using the given DSN string
    87. 

  87.      *
    88. 

  88.      * @access private
    89. 

  89.      * @param  string DSN string
    90. 

  90.      * @return mixed  Object on error, otherwise bool
    91. 

  91.      */
    92. 

  92.      function _connect($dsn)
    93. 

  93.     {
    94. 

  94.         if (is_string($dsn) || is_array($dsn)) {
    95. 

  95.         	if(!$this->db) {
    96. 

  96. 	        	$this->db = ADONewConnection($dsn);
    97. 

  97. 	    		if( $err = ADODB_Pear_error() ) {
    98. 

  98. 	   	    		return PEAR::raiseError($err);
    99. 

  99. 	    		}
    100. 

  100.         	}
    101. 

  101. 

  102.         } else {
    103. 

  103.             return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__,
    104. 

  104.                                     41,
    105. 

  105.                                     PEAR_ERROR_RETURN,
    106. 

  106.                                     null,
    107. 

  107.                                     null
    108. 

  108.                                     );
    109. 

  109.         }
    110. 

  110. 

  111.         if(!$this->db) {
    112. 

  112.         	return PEAR::raiseError(ADODB_Pear_error());
    113. 

  113.         } else {
    114. 

  114.         	return true;
    115. 

  115.         }
    116. 

  116.     }
    117. 

  117. 

  118.     // }}}
    119. 

  119.     // {{{ _prepare()
    120. 

  120. 

  121.     /**
    122. 

  122.      * Prepare database connection
    123. 

  123.      *
    124. 

  124.      * This function checks if we have already opened a connection to
    125. 

  125.      * the database. If that's not the case, a new connection is opened.
    126. 

  126.      *
    127. 

  127.      * @access private
    128. 

  128.      * @return mixed True or a DB error object.
    129. 

  129.      */
    130. 

  130.     function _prepare()
    131. 

  131.     {
    132. 

  132.     	if(!$this->db) {
    133. 

  133.     		$res = $this->_connect($this->options['dsn']);
    134. 

  134.     	}
    135. 

  135.         return true;
    136. 

  136.     }
    137. 

  137. 

  138.     // }}}
    139. 

  139.     // {{{ query()
    140. 

  140. 

  141.     /**
    142. 

  142.      * Prepare query to the database
    143. 

  143.      *
    144. 

  144.      * This function checks if we have already opened a connection to
    145. 

  145.      * the database. If that's not the case, a new connection is opened.
    146. 

  146.      * After that the query is passed to the database.
    147. 

  147.      *
    148. 

  148.      * @access public
    149. 

  149.      * @param  string Query string
    150. 

  150.      * @return mixed  a DB_result object or DB_OK on success, a DB
    151. 

  151.      *                or PEAR error on failure
    152. 

  152.      */
    153. 

  153.     function query($query)
    154. 

  154.     {
    155. 

  155.         $err = $this->_prepare();
    156. 

  156.         if ($err !== true) {
    157. 

  157.             return $err;
    158. 

  158.         }
    159. 

  159.         return $this->db->query($query);
    160. 

  160.     }
    161. 

  161. 

  162.     // }}}
    163. 

  163.     // {{{ _setDefaults()
    164. 

  164. 

  165.     /**
    166. 

  166.      * Set some default options
    167. 

  167.      *
    168. 

  168.      * @access private
    169. 

  169.      * @return void
    170. 

  170.      */
    171. 

  171.     function _setDefaults()
    172. 

  172.     {
    173. 

  173.     	$this->options['db_type']	= 'mysql';
    174. 

  174.         $this->options['table']       = 'auth';
    175. 

  175.         $this->options['usernamecol'] = 'username';
    176. 

  176.         $this->options['passwordcol'] = 'password';
    177. 

  177.         $this->options['dsn']         = '';
    178. 

  178.         $this->options['db_fields']   = '';
    179. 

  179.         $this->options['cryptType']   = 'md5';
    180. 

  180.     }
    181. 

  181. 

  182.     // }}}
    183. 

  183.     // {{{ _parseOptions()
    184. 

  184. 

  185.     /**
    186. 

  186.      * Parse options passed to the container class
    187. 

  187.      *
    188. 

  188.      * @access private
    189. 

  189.      * @param  array
    190. 

  190.      */
    191. 

  191.     function _parseOptions($array)
    192. 

  192.     {
    193. 

  193.         foreach ($array as $key => $value) {
    194. 

  194.             if (isset($this->options[$key])) {
    195. 

  195.                 $this->options[$key] = $value;
    196. 

  196.             }
    197. 

  197.         }
    198. 

  198. 

  199.         /* Include additional fields if they exist */
    200. 

  200.         if(!empty($this->options['db_fields'])){
    201. 

  201.             if(is_array($this->options['db_fields'])){
    202. 

  202.                 $this->options['db_fields'] = join(', ', $this->options['db_fields']);
    203. 

  203.             }
    204. 

  204.             $this->options['db_fields'] = ', '.$this->options['db_fields'];
    205. 

  205.         }
    206. 

  206.     }
    207. 

  207. 

  208.     // }}}
    209. 

  209.     // {{{ fetchData()
    210. 

  210. 

  211.     /**
    212. 

  212.      * Get user information from database
    213. 

  213.      *
    214. 

  214.      * This function uses the given username to fetch
    215. 

  215.      * the corresponding login data from the database
    216. 

  216.      * table. If an account that matches the passed username
    217. 

  217.      * and password is found, the function returns true.
    218. 

  218.      * Otherwise it returns false.
    219. 

  219.      *
    220. 

  220.      * @param   string Username
    221. 

  221.      * @param   string Password
    222. 

  222.      * @return  mixed  Error object or boolean
    223. 

  223.      */
    224. 

  224.     function fetchData($username, $password)
    225. 

  225.     {
    226. 

  226.         // Prepare for a database query
    227. 

  227.         $err = $this->_prepare();
    228. 

  228.         if ($err !== true) {
    229. 

  229.             return PEAR::raiseError($err->getMessage(), $err->getCode());
    230. 

  230.         }
    231. 

  231. 

  232.         // Find if db_fields contains a *, i so assume all col are selected
    233. 

  233.         if(strstr($this->options['db_fields'], '*')){
    234. 

  234.             $sql_from = "*";
    235. 

  235.         }
    236. 

  236.         else{
    237. 

  237.             $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields'];
    238. 

  238.         }
    239. 

  239. 

  240.         $query = "SELECT ".$sql_from.
    241. 

  241.                 " FROM ".$this->options['table'].
    242. 

  242.                 " WHERE ".$this->options['usernamecol']." = " . $this->db->Quote($username);
    243. 

  243. 

  244.         $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
    245. 

  245.         $rset = $this->db->Execute( $query );
    246. 

  246.         $res = $rset->fetchRow();
    247. 

  247. 

  248.         if (DB::isError($res)) {
    249. 

  249.             return PEAR::raiseError($res->getMessage(), $res->getCode());
    250. 

  250.         }
    251. 

  251.         if (!is_array($res)) {
    252. 

  252.             $this->activeUser = '';
    253. 

  253.             return false;
    254. 

  254.         }
    255. 

  255.         if ($this->verifyPassword(trim($password, "\r\n"),
    256. 

  256.                                   trim($res[$this->options['passwordcol']], "\r\n"),
    257. 

  257.                                   $this->options['cryptType'])) {
    258. 

  258.             // Store additional field values in the session
    259. 

  259.             foreach ($res as $key => $value) {
    260. 

  260.                 if ($key == $this->options['passwordcol'] ||
    261. 

  261.                     $key == $this->options['usernamecol']) {
    262. 

  262.                     continue;
    263. 

  263.                 }
    264. 

  264.                 // Use reference to the auth object if exists
    265. 

  265.                 // This is because the auth session variable can change so a static call to setAuthData does not make sence
    266. 

  266.                 if(is_object($this->_auth_obj)){
    267. 

  267.                     $this->_auth_obj->setAuthData($key, $value);
    268. 

  268.                 } else {
    269. 

  269.                     Auth::setAuthData($key, $value);
    270. 

  270.                 }
    271. 

  271.             }
    272. 

  272. 

  273.             return true;
    274. 

  274.         }
    275. 

  275. 

  276.         $this->activeUser = $res[$this->options['usernamecol']];
    277. 

  277.         return false;
    278. 

  278.     }
    279. 

  279. 

  280.     // }}}
    281. 

  281.     // {{{ listUsers()
    282. 

  282. 

  283.     function listUsers()
    284. 

  284.     {
    285. 

  285.         $err = $this->_prepare();
    286. 

  286.         if ($err !== true) {
    287. 

  287.             return PEAR::raiseError($err->getMessage(), $err->getCode());
    288. 

  288.         }
    289. 

  289. 

  290.         $retVal = array();
    291. 

  291. 

  292.         // Find if db_fileds contains a *, i so assume all col are selected
    293. 

  293.         if(strstr($this->options['db_fields'], '*')){
    294. 

  294.             $sql_from = "*";
    295. 

  295.         }
    296. 

  296.         else{
    297. 

  297.             $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields'];
    298. 

  298.         }
    299. 

  299. 

  300.         $query = sprintf("SELECT %s FROM %s",
    301. 

  301.                          $sql_from,
    302. 

  302.                          $this->options['table']
    303. 

  303.                          );
    304. 

  304.         $res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC);
    305. 

  305. 

  306.         if (DB::isError($res)) {
    307. 

  307.             return PEAR::raiseError($res->getMessage(), $res->getCode());
    308. 

  308.         } else {
    309. 

  309.             foreach ($res as $user) {
    310. 

  310.                 $user['username'] = $user[$this->options['usernamecol']];
    311. 

  311.                 $retVal[] = $user;
    312. 

  312.             }
    313. 

  313.         }
    314. 

  314.         return $retVal;
    315. 

  315.     }
    316. 

  316. 

  317.     // }}}
    318. 

  318.     // {{{ addUser()
    319. 

  319. 

  320.     /**
    321. 

  321.      * Add user to the storage container
    322. 

  322.      *
    323. 

  323.      * @access public
    324. 

  324.      * @param  string Username
    325. 

  325.      * @param  string Password
    326. 

  326.      * @param  mixed  Additional information that are stored in the DB
    327. 

  327.      *
    328. 

  328.      * @return mixed True on success, otherwise error object
    329. 

  329.      */
    330. 

  330.     function addUser($username, $password, $additional = "")
    331. 

  331.     {
    332. 

  332.         if (function_exists($this->options['cryptType'])) {
    333. 

  333.             $cryptFunction = $this->options['cryptType'];
    334. 

  334.         } else {
    335. 

  335.             $cryptFunction = 'md5';
    336. 

  336.         }
    337. 

  337. 

  338.         $additional_key   = '';
    339. 

  339.         $additional_value = '';
    340. 

  340. 

  341.         if (is_array($additional)) {
    342. 

  342.             foreach ($additional as $key => $value) {
    343. 

  343.                 $additional_key .= ', ' . $key;
    344. 

  344.                 $additional_value .= ", '" . $value . "'";
    345. 

  345.             }
    346. 

  346.         }
    347. 

  347. 

  348.         $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES ('%s', '%s'%s)",
    349. 

  349.                          $this->options['table'],
    350. 

  350.                          $this->options['usernamecol'],
    351. 

  351.                          $this->options['passwordcol'],
    352. 

  352.                          $additional_key,
    353. 

  353.                          $username,
    354. 

  354.                          $cryptFunction($password),
    355. 

  355.                          $additional_value
    356. 

  356.                          );
    357. 

  357. 

  358.         $res = $this->query($query);
    359. 

  359. 

  360.         if (DB::isError($res)) {
    361. 

  361.            return PEAR::raiseError($res->getMessage(), $res->getCode());
    362. 

  362.         } else {
    363. 

  363.           return true;
    364. 

  364.         }
    365. 

  365.     }
    366. 

  366. 

  367.     // }}}
    368. 

  368.     // {{{ removeUser()
    369. 

  369. 

  370.     /**
    371. 

  371.      * Remove user from the storage container
    372. 

  372.      *
    373. 

  373.      * @access public
    374. 

  374.      * @param  string Username
    375. 

  375.      *
    376. 

  376.      * @return mixed True on success, otherwise error object
    377. 

  377.      */
    378. 

  378.     function removeUser($username)
    379. 

  379.     {
    380. 

  380.         $query = sprintf("DELETE FROM %s WHERE %s = '%s'",
    381. 

  381.                          $this->options['table'],
    382. 

  382.                          $this->options['usernamecol'],
    383. 

  383.                          $username
    384. 

  384.                          );
    385. 

  385. 

  386.         $res = $this->query($query);
    387. 

  387. 

  388.         if (DB::isError($res)) {
    389. 

  389.            return PEAR::raiseError($res->getMessage(), $res->getCode());
    390. 

  390.         } else {
    391. 

  391.           return true;
    392. 

  392.         }
    393. 

  393.     }
    394. 

  394. 

  395.     // }}}
    396. 

  396. }
    397. 

  397. 

  398. function showDbg( $string ) {
    399. 

  399. 	print "
    400. 

  400. -- $string</P>";
    401. 

  401. }
    402. 

  402. function dump( $var, $str, $vardump = false ) {
    403. 

  403. 	print "<H4>$str</H4><pre>";
    404. 

  404. 	( !$vardump ) ? ( print_r( $var )) : ( var_dump( $var ));
    405. 

  405. 	print "</pre>";
    406. 

  406. }
    407.