--- /dev/null
+<?php
+
+/**
+* ownCloud
+*
+* @author Frank Karlitschek
+* @copyright 2010 Frank Karlitschek karlitschek@kde.org
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Affero General Public
+* License along with this library. If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+
+
+/**
+ * Base class for user management
+ *
+ */
+abstract class OC_GROUP_BACKEND {
+ /**
+ * Try to create a new group
+ *
+ * @param string $groupName The name of the group to create
+ */
+ abstract public static function createGroup($groupName);
+
+ /**
+ * Check if a user belongs to a group
+ *
+ * @param string $username Name of the user to check
+ * @param string $groupName Name of the group
+ */
+ abstract public static function inGroup($username, $groupName);
+
+ /**
+ * Add a user to a group
+ *
+ * @param string $username Name of the user to add to group
+ * @param string $groupName Name of the group in which add the user
+ */
+ abstract public static function addToGroup($username, $groupName);
+
+ /**
+ * Remove a user from a group
+ *
+ * @param string $username Name of the user to remove from group
+ * @param string $groupName Name of the group from which remove the user
+ */
+ abstract public static function removeFromGroup($username,$groupName);
+
+ /**
+ * Get all groups the user belongs to
+ *
+ * @param string $username Name of the user
+ */
+ abstract public static function getUserGroups($username);
+
+ /**
+ * get a list of all groups
+ *
+ */
+ abstract public static function getGroups();
+}
--- /dev/null
+<?php
+
+/**
+ * ownCloud
+ *
+ * @author Frank Karlitschek
+ * @copyright 2010 Frank Karlitschek karlitschek@kde.org
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+/*
+ *
+ * The following SQL statement is just a help for developers and will not be
+ * executed!
+ *
+ * CREATE TABLE `groups` (
+ * `gid` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
+ * PRIMARY KEY (`gid`)
+ * ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
+ *
+ * CREATE TABLE `group_user` (
+ * `gid` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
+ * `uid` varchar(64) COLLATE utf8_unicode_ci NOT NULL
+ * ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
+ *
+ */
+
+oc_require_once( 'Group/backend.php' );
+
+/**
+ * Class for group management in a SQL Database (e.g. MySQL, SQLite)
+ *
+ */
+class OC_GROUP_DATABASE extends OC_GROUP_BACKEND {
+ static private $userGroupCache=array();
+
+ /**
+ * Try to create a new group
+ *
+ * @param string $groupName The name of the group to create
+ */
+ public static function createGroup( $gid ){
+ $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*groups` WHERE `gid` = ?" );
+ $result = $query->execute( $gid );
+
+ if( $result->numRows() > 0 ){
+ return false;
+ }
+ else{
+ $query = OC_DB::prepare( "INSERT INTO `*PREFIX*groups` ( `gid` ) VALUES( ? )" );
+ $result = $query->prepare( $gid );
+
+ return $result ? true : false;
+ }
+ }
+
+ /**
+ * Check if a user belongs to a group
+ *
+ * @param string $username Name of the user to check
+ * @param string $groupName Name of the group
+ */
+ public static function inGroup($username,$groupName) {
+ $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*group_user` WHERE `gid` = ? AND `uid` = ?" );
+ $result = $query->execute( $groupName, $username );
+
+ return $result->numRows() > 0 ? true : false;
+ }
+
+ /**
+ * Add a user to a group
+ *
+ * @param string $username Name of the user to add to group
+ * @param string $groupName Name of the group in which add the user
+ */
+ public static function addToGroup($username, $groupName) {
+ if( !OC_USER::inGroup( $username, $groupName )){
+ $query = OC_DB::prepare( "INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )" );
+ $result = $query->execute( $username, $groupName );
+ }
+ }
+
+ /**
+ * Remove a user from a group
+ *
+ * @param string $username Name of the user to remove from group
+ * @param string $groupName Name of the group from which remove the user
+ */
+ public static function removeFromGroup($username,$groupName){
+ $query = OC_DB::prepare( "DELETE FROM `*PREFIX*group_user` WHERE `uid` = ? AND `gid` = ?" );
+ $result = $query->execute( $username, $groupName );
+ }
+
+ /**
+ * Get all groups the user belongs to
+ *
+ * @param string $username Name of the user
+ */
+ public static function getUserGroups($username) {
+ $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*group_user` WHERE `uid` = ?" );
+ $result = $query->execute( $username );
+
+ $groups = array();
+ while( $row = $result->fetchRow()){
+ $groups[] = $row;
+ }
+
+ return $groups;
+ }
+
+ /**
+ * get a list of all groups
+ *
+ */
+ public static function getGroups() {
+ $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*groups`" );
+ $result = $query->execute();
+
+ $groups = array();
+ while( $row = $result->fetchRow()){
+ $groups[] = $row;
+ }
+
+ return $groups;
+ }
+}
<?php
/**
-* ownCloud
-*
-* @author Frank Karlitschek
-* @copyright 2010 Frank Karlitschek karlitschek@kde.org
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library. If not, see <http://www.gnu.org/licenses/>.
-*
-*/
+ * ownCloud
+ *
+ * @author Frank Karlitschek
+ * @copyright 2010 Frank Karlitschek karlitschek@kde.org
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
*/
abstract class OC_USER_BACKEND {
- /**
- * Check if the login button is pressed and log the user in
- *
- */
- abstract public static function loginListener();
-
/**
* Try to create a new user
*
*/
abstract public static function login($username, $password);
- /**
- * Check if the logout button is pressed and logout the user
- *
- */
- abstract public static function logoutListener();
-
/**
* Check if some user is logged in
*
*/
abstract public static function isLoggedIn();
- /**
- * Try to create a new group
- *
- * @param string $groupName The name of the group to create
- */
- abstract public static function createGroup($groupName);
-
- /**
- * Get the ID of a user
- *
- * @param string $username Name of the user to find the ID
- * @param boolean $noCache If false the cache is used to find the ID
- */
- abstract public static function getUserId($username, $noCache=false);
-
- /**
- * Get the ID of a group
- *
- * @param string $groupName Name of the group to find the ID
- * @param boolean $noCache If false the cache is used to find the ID
- */
- abstract public static function getGroupId($groupName, $noCache=false);
-
- /**
- * Get the name of a group
- *
- * @param string $groupId ID of the group
- * @param boolean $noCache If false the cache is used to find the name of the group
- */
- abstract public static function getGroupName($groupId, $noCache=false);
-
- /**
- * Check if a user belongs to a group
- *
- * @param string $username Name of the user to check
- * @param string $groupName Name of the group
- */
- abstract public static function inGroup($username, $groupName);
-
- /**
- * Add a user to a group
- *
- * @param string $username Name of the user to add to group
- * @param string $groupName Name of the group in which add the user
- */
- abstract public static function addToGroup($username, $groupName);
-
- /**
- * Remove a user from a group
- *
- * @param string $username Name of the user to remove from group
- * @param string $groupName Name of the group from which remove the user
- */
- abstract public static function removeFromGroup($username,$groupName);
-
/**
* Generate a random password
*/
abstract public static function generatePassword();
- /**
- * Get all groups the user belongs to
- *
- * @param string $username Name of the user
- */
- abstract public static function getUserGroups($username);
-
/**
* Set the password of a user
*
*
*/
abstract public static function getUsers();
-
- /**
- * get a list of all groups
- *
- */
- abstract public static function getGroups();
}
<?php
/**
-* ownCloud
-*
-* @author Frank Karlitschek
-* @copyright 2010 Frank Karlitschek karlitschek@kde.org
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library. If not, see <http://www.gnu.org/licenses/>.
-*
-*/
+ * ownCloud
+ *
+ * @author Frank Karlitschek
+ * @copyright 2010 Frank Karlitschek karlitschek@kde.org
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+/*
+ *
+ * The following SQL statement is just a help for developers and will not be
+ * executed!
+ *
+ * CREATE TABLE `users` (
+ * `uid` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
+ * `password` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
+ * PRIMARY KEY (`uid`)
+ * ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
+ *
+ */
oc_require_once('User/backend.php');
-
-
/**
* Class for user management in a SQL Database (e.g. MySQL, SQLite)
*
class OC_USER_DATABASE extends OC_USER_BACKEND {
static private $userGroupCache=array();
- /**
- * Check if the login button is pressed and log the user in
- *
- */
- public static function loginListener(){
- if ( isset($_POST['loginbutton']) AND isset($_POST['password']) AND isset($_POST['login']) ) {
- if ( OC_USER::login($_POST['login'], $_POST['password']) ) {
- echo 1;
- OC_LOG::event($_SESSION['username'], 1, '');
- echo 2;
- if ( (isset($CONFIG_HTTPFORCESSL) AND $CONFIG_HTTPFORCESSL)
- OR (isset($_SERVER['HTTPS']) AND ('on' == $_SERVER['HTTPS'])) ) {
- $url = 'https://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
- } else {
- $url = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
- }
- header("Location: $url");
- die();
- } else {
- return('error');
- }
- }
- return('');
- }
-
/**
* Try to create a new user
*
* @param string $username The username of the user to create
* @param string $password The password of the new user
*/
- public static function createUser($username, $password) {
- self::clearCache();
- global $CONFIG_DBTABLEPREFIX;
+ public static function createUser( $uid, $password ){
+ $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE `uid` = ?" );
+ $result = $query->execute( $uid );
+
// Check if the user already exists
- if ( 0 != OC_USER::getUserId($username, true) ) {
+ if ( $result->numRows() > 0 ){
return false;
- } else {
- $usernameClean = strToLower($username);
- $password = sha1($password);
- $username = OC_DB::escape($username);
- $usernameClean = OC_DB::escape($usernameClean);
- $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) "
- . "VALUES ('$username', '$usernameClean', '$password')";
- $result = OC_DB::query($query);
+ }
+ else{
+ $query = OC_DB::prepare( "INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )" );
+ $result = $query->prepare( $uid, sha1( $password ));
+
return $result ? true : false;
}
}
* @param string $username The username of the user to log in
* @param string $password The password of the user
*/
- public static function login($username,$password){
- global $CONFIG_DBTABLEPREFIX;
+ public static function login( $username, $password ){
+ $query = OC_DB::prepare( "SELECT `uid`, `name` FROM `*PREFIX*users` WHERE `uid` = ? AND `password` = ?" );
+ $result = $query->execute( $username, sha1( $password ));
- $password = sha1($password);
- $usernameClean = strtolower($username);
- $username = OC_DB::escape($username);
- $usernameClean = OC_DB::escape($usernameClean);
- $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users "
- . "WHERE user_name_clean = '$usernameClean' AND user_password = '$password' LIMIT 1";
- $result = OC_DB::select($query);
- if ( isset($result[0]) AND isset($result[0]['user_id']) ) {
- $_SESSION['user_id'] = $result[0]['user_id'];
- $_SESSION['username'] = $username;
- $_SESSION['username_clean'] = $usernameClean;
+ if( $result->numRows() > 0 ){
+ $row = $result->fetchRow();
+ $_SESSION['user_id'] = $row["uid"];
return true;
- } else {
- return false;
}
- }
-
- /**
- * Check if the logout button is pressed and logout the user
- *
- */
- public static function logoutListener() {
- global $WEBROOT;
- if ( isset($_GET['logoutbutton']) AND isset($_SESSION['username']) ) {
- OC_LOG::event($_SESSION['username'], 2, '');
- $_SESSION['user_id'] = false;
- $_SESSION['username'] = '';
- $_SESSION['username_clean'] = '';
-
- header("location: $WEBROOT");
+ else{
+ return false;
}
}
*
*/
public static function logout() {
- OC_LOG::event($_SESSION['username'], 2, '');
+ OC_LOG::add( "core", $_SESSION['user_id'], "logout" );
$_SESSION['user_id'] = false;
- $_SESSION['username'] = '';
- $_SESSION['username_clean'] = '';
}
/**
*
*/
public static function isLoggedIn() {
- if ( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ) {
+ if( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ){
return true;
- } else {
- return false;
}
- }
-
- /**
- * Try to create a new group
- *
- * @param string $groupName The name of the group to create
- */
- public static function createGroup($groupName) {
- self::clearCache();
- global $CONFIG_DBTABLEPREFIX;
- if (0 == OC_USER::getGroupId($groupName) ) {
- $groupName = OC_DB::escape($groupName);
- $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupName')";
- $result = OC_DB::query($query);
- return $result ? true : false;
- } else {
+ else{
return false;
}
}
- /**
- * Get the ID of a user
- *
- * @param string $username Name of the user to find the ID
- * @param boolean $noCache If false the cache is used to find the ID
- */
- public static function getUserId($username, $noCache=false) {
- global $CONFIG_DBTABLEPREFIX;
-
- $usernameClean = strToLower($username);
- // Try to use cached value to avoid an SQL query
- if ( !$noCache AND isset($_SESSION['user_id_cache'][$usernameClean]) ) {
- return $_SESSION['user_id_cache'][$usernameClean];
- }
- $usernameClean = OC_DB::escape($usernameClean);
- $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameClean'";
- $result = OC_DB::select($query);
- if ( !is_array($result) ) {
- return 0;
- }
- if ( isset($result[0]) AND isset($result[0]['user_id']) ) {
- $_SESSION['user_id_cache'][$usernameClean] = $result[0]['user_id'];
- return $result[0]['user_id'];
- } else {
- return 0;
- }
- }
-
- /**
- * Get the ID of a group
- *
- * @param string $groupName Name of the group to find the ID
- * @param boolean $noCache If false the cache is used to find the ID
- */
- public static function getGroupId($groupName, $noCache=false) {
- global $CONFIG_DBTABLEPREFIX;
-
- // Try to use cached value to avoid an SQL query
- if ( !$noCache AND isset($_SESSION['group_id_cache'][$groupName]) ) {
- return $_SESSION['group_id_cache'][$groupName];
- }
- $groupName = OC_DB::escape($groupName);
- $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupName'";
- $result = OC_DB::select($query);
- if ( !is_array($result) ) {
- return 0;
- }
- if ( isset($result[0]) AND isset($result[0]['group_id']) ){
- $_SESSION['group_id_cache'][$groupName] = $result[0]['group_id'];
- return $result[0]['group_id'];
- } else {
- return 0;
- }
- }
-
- /**
- * Get the name of a group
- *
- * @param string $groupId ID of the group
- * @param boolean $noCache If false the cache is used to find the name of the group
- */
- public static function getGroupName($groupId, $noCache=false) {
- global $CONFIG_DBTABLEPREFIX;
-
- // Try to use cached value to avoid an sql query
- if ( !$noCache AND ($name = array_search($groupId, $_SESSION['group_id_cache'])) ) {
- return $name;
- }
- $groupId = (integer)$groupId;
- $query = "SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupId' LIMIT 1";
- $result = OC_DB::select($query);
- if ( isset($result[0]) AND isset($result[0]['group_name']) ) {
- return $result[0]['group_name'];
- } else {
- return 0;
- }
- }
-
- /**
- * Check if a user belongs to a group
- *
- * @param string $username Name of the user to check
- * @param string $groupName Name of the group
- */
- public static function inGroup($username,$groupName) {
- global $CONFIG_DBTABLEPREFIX;
- $userId = OC_USER::getUserId($username);
- $groupId = OC_USER::getGroupId($groupName);
- self::getUserGroups($username);
- $groups=self::$userGroupCache[$userId];
- return (array_search($groupId,$groups)!==false);
- }
-
- /**
- * Add a user to a group
- *
- * @param string $username Name of the user to add to group
- * @param string $groupName Name of the group in which add the user
- */
- public static function addToGroup($username, $groupName) {
- global $CONFIG_DBTABLEPREFIX;
- self::clearCache();
- if ( !OC_USER::inGroup($username, $groupName) ) {
- $userId = OC_USER::getUserId($username,true);
- $groupId = OC_USER::getGroupId($groupName,true);
- if ( (0 != $groupId) AND (0 != $userId) ) {
- $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userId', '$groupId');";
- $result = OC_DB::query($query);
- if ( $result ) {
- self::clearCache();
- return true;
- } else {
- return false;
- }
- } else {
- return false;
- }
- } else {
- return true;
- }
- }
-
- /**
- * Remove a user from a group
- *
- * @param string $username Name of the user to remove from group
- * @param string $groupName Name of the group from which remove the user
- */
- public static function removeFromGroup($username,$groupName){
- global $CONFIG_DBTABLEPREFIX;
- self::clearCache();
- if (OC_USER::inGroup($username, $groupName) ) {
- $userId = OC_USER::getUserId($username,true);
- $groupId = OC_USER::getGroupId($groupName,true);
- if ( (0 != $groupId) AND (0 != $userId) ) {
- $query="DELETE FROM `{$CONFIG_DBTABLEPREFIX}user_group` WHERE `group_id` =$groupId AND `user_id`=$userId";
- $result = OC_DB::query($query);
- if ( $result ) {
- self::clearCache();
- return true;
- } else {
- return false;
- }
- }
- }
- return false;
- }
-
/**
* Generate a random password
*/
return uniqId();
}
- /**
- * Get all groups the user belongs to
- *
- * @param string $username Name of the user
- */
- public static function getUserGroups($username) {
- global $CONFIG_DBTABLEPREFIX;
-
- $userId = OC_USER::getUserId($username);
- if(!isset(self::$userGroupCache[$userId])){
- $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userId'";
- $result = OC_DB::select($query);
- $groupsId = array();
- if ( is_array($result) ) {
- foreach ( $result as $group ) {
- $groupId = $group['group_id'];
- $groupsId[]=$groupId;
- }
- }
- self::$userGroupCache[$userId]=$groupsId;
- return $groupsId;
- }else{
- return self::$userGroupCache[$userId];
- }
- }
-
/**
* Set the password of a user
*
* @param string $username User who password will be changed
* @param string $password The new password for the user
*/
- public static function setPassword($username, $password) {
- global $CONFIG_DBTABLEPREFIX;
+ public static function setPassword( $username, $password ){
+ $query = OC_DB::prepare( "UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?" );
+ $result = $query->execute( sha1( $password ), $username );
- $password = sha1($password);
- $userId = OC_USER::getUserId($username);
- $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userId'";
- $result = OC_DB::query($query);
- if ( $result ) {
+ if( $result->numRows() > 0 ){
return true;
- } else {
+ }
+ else{
return false;
}
}
* @param string $username Name of the user
* @param string $password Password of the user
*/
- public static function checkPassword($username, $password) {
- global $CONFIG_DBTABLEPREFIX;
+ public static function checkPassword( $username, $password ){
+ $query = OC_DB::prepare( "SELECT `uid` FROM `*PREFIX*users` WHERE `uid` = ? AND `password` = ?" );
+ $result = $query->execute( $username, sha1( $password ));
- $password = sha1($password);
- $usernameClean = strToLower($username);
- $usernameClean = OC_DB::escape($usernameClean);
- $username = OC_DB::escape($username);
- $query = "SELECT user_id FROM `{$CONFIG_DBTABLEPREFIX}users` "
- . "WHERE user_name_clean = '$usernameClean' AND user_password = '$password' LIMIT 1";
- $result = OC_DB::select($query);
- if ( isset($result[0]) AND isset($result[0]['user_id']) AND ($result[0]['user_id'] > 0) ) {
+ if( $result->numRows() > 0 ){
return true;
- } else {
+ }
+ else{
return false;
}
}
* get a list of all users
*
*/
- public static function getUsers() {
- global $CONFIG_DBTABLEPREFIX;
+ public static function getUsers(){
+ $query = OC_DB::prepare( "SELECT `uid` FROM `*PREFIX*users`" );
+ $result = $query->execute();
- $query = "SELECT user_name FROM `{$CONFIG_DBTABLEPREFIX}users`";
- $result = OC_DB::select($query);
$users=array();
- foreach($result as $user){
- $users[]=$user['user_name'];
+ while( $row = $result->fetchRow()){
+ $users[] = $row["uid"];
}
return $users;
}
-
- /**
- * get a list of all groups
- *
- */
- public static function getGroups() {
- global $CONFIG_DBTABLEPREFIX;
-
- $query = "SELECT group_name FROM `{$CONFIG_DBTABLEPREFIX}groups`";
- $result = OC_DB::select($query);
- $groups=array();
- foreach($result as $group){
- $groups[]=$group['group_name'];
- }
- return $groups;
- }
-
- private static function clearCache(){
- self::$userGroupCache=array();
- $_SESSION['user_id_cache']=array();
- $_SESSION['group_id_cache']=array();
- }
}
// set some stuff
-ob_start();
+//ob_start();
// error_reporting(E_ALL | E_STRICT);
error_reporting( E_ERROR | E_PARSE | E_WARNING ); // MDB2 gives loads of strict error, disabling for now
ini_set('arg_separator.output','&');
ini_set('session.cookie_httponly','1;');
session_start();
+
// calculate the documentroot
$SERVERROOT=substr(__FILE__,0,-13);
$DOCUMENTROOT=realpath($_SERVER['DOCUMENT_ROOT']);
oc_require_once('log.php');
oc_require_once('config.php');
oc_require_once('user.php');
+oc_require_once('group.php');
oc_require_once('ocs.php');
oc_require_once('connect.php');
oc_require_once('remotestorage.php');
--- /dev/null
+<?php
+/**
+ * ownCloud
+ *
+ * @author Frank Karlitschek
+ * @copyright 2010 Frank Karlitschek karlitschek@kde.org
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+/**
+ * This class provides all methods needed for managing groups.
+ */
+class OC_GROUP {
+ // The backend used for user management
+ private static $_backend;
+
+ // Backends available (except database)
+ private static $_backends = array();
+
+ /**
+ * @brief registers backend
+ * @param $name name of the backend
+ * @returns true/false
+ *
+ * Makes a list of backends that can be used by other modules
+ */
+ public static function registerBackend( $name ){
+ self::$_backends[] = $name;
+ return true;
+ }
+
+ /**
+ * @brief gets available backends
+ * @returns array of backends
+ *
+ * Returns the names of all backends.
+ */
+ public static function getBackends(){
+ return self::$_backends;
+ }
+
+ /**
+ * @brief set the group backend
+ * @param string $backend The backend to use for user managment
+ * @returns true/false
+ */
+ public static function setBackend( $backend = 'database' ){
+ // You'll never know what happens
+ if( null === $backend OR !is_string( $backend )){
+ $backend = 'database';
+ }
+
+ // Load backend
+ switch( $backend ){
+ case 'database':
+ case 'mysql':
+ case 'sqlite':
+ oc_require_once('User/database.php');
+ self::$_backend = new OC_USER_DATABASE();
+ break;
+ default:
+ $className = 'OC_USER_' . strToUpper($backend);
+ self::$_backend = new $className();
+ break;
+ }
+ }
+
+ /**
+ * Get the name of a group
+ *
+ * @param string $groupId ID of the group
+ * @param boolean $noCache If false the cache is used to find the name of the group
+ */
+ public static function getGroupName($groupId, $noCache=false) {
+ return self::$_backend->getGroupName($groupId, $noCache);
+ }
+
+ /**
+ * Check if a user belongs to a group
+ *
+ * @param string $username Name of the user to check
+ * @param string $groupName Name of the group
+ */
+ public static function inGroup($username, $groupName) {
+ return self::$_backend->inGroup($username, $groupName);
+ }
+
+ /**
+ * Add a user to a group
+ *
+ * @param string $username Name of the user to add to group
+ * @param string $groupName Name of the group in which add the user
+ */
+ public static function addToGroup($username, $groupName) {
+ return self::$_backend->addToGroup($username, $groupName);
+ }
+
+ /**
+ * Remove a user from a group
+ *
+ * @param string $username Name of the user to remove from group
+ * @param string $groupName Name of the group from which remove the user
+ */
+ public static function removeFromGroup($username,$groupName){
+ return self::$_backend->removeFromGroup($username, $groupName);
+ }
+
+ /**
+ * Get all groups the user belongs to
+ *
+ * @param string $username Name of the user
+ */
+ public static function getUserGroups($username) {
+ return self::$_backend->getUserGroups($username);
+ }
+
+ /**
+ * get a list of all groups
+ *
+ */
+ public static function getGroups() {
+ return self::$_backend->getGroups();
+ }
+}
<?php
-
/**
-* ownCloud
-*
-* @author Frank Karlitschek
-* @copyright 2010 Frank Karlitschek karlitschek@kde.org
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library. If not, see <http://www.gnu.org/licenses/>.
-*
-*/
-
-
-
-
-if ( !$CONFIG_INSTALLED ) {
- $_SESSION['user_id'] = false;
- $_SESSION['username'] = '';
- $_SESSION['username_clean'] = '';
-}
+ * ownCloud
+ *
+ * @author Frank Karlitschek
+ * @copyright 2010 Frank Karlitschek karlitschek@kde.org
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
-//cache the userid's an groupid's
-if ( !isset($_SESSION['user_id_cache']) ) {
- $_SESSION['user_id_cache'] = array();
-}
-if ( !isset($_SESSION['group_id_cache']) ) {
- $_SESSION['group_id_cache'] = array();
+if( !$CONFIG_INSTALLED ){
+ $_SESSION['user_id'] = '';
}
-
-
-
/**
- * Class for User Management
- *
+ * This class provides all methods for user management.
*/
class OC_USER {
-
// The backend used for user management
- private static $_backend;
+ private static $_backend = null;
+
+ // Backends available (except database)
+ private static $_backends = array();
/**
- * Set the User Authentication Module
+ * @brief registers backend
+ * @param $name name of the backend
+ * @returns true/false
*
- * @param string $backend The backend to use for user managment
+ * Makes a list of backends that can be used by other modules
*/
- public static function setBackend($backend='database') {
- if ( (null === $backend) OR (!is_string($backend)) ) {
+ public static function registerBackend( $name ){
+ self::$_backends[] = $name;
+ return true;
+ }
+
+ /**
+ * @brief gets available backends
+ * @returns array of backends
+ *
+ * Returns the names of all backends.
+ */
+ public static function getBackends(){
+ return self::$_backends;
+ }
+
+ /**
+ * @brief Sets the backend
+ * @param $backend default: database The backend to use for user managment
+ * @returns true/false
+ *
+ * Set the User Authentication Module
+ */
+ public static function setBackend( $backend = 'database' ){
+ // You'll never know what happens
+ if( null === $backend OR !is_string( $backend )){
$backend = 'database';
}
- switch ( $backend ) {
+ // Load backend
+ switch( $backend ){
case 'database':
case 'mysql':
case 'sqlite':
self::$_backend = new $className();
break;
}
- }
- /**
- * Check if the login button is pressed and log the user in
- *
- */
- public static function loginListener() {
- return self::$_backend->loginListener();
- }
-
- /**
- * Try to create a new user
- *
- * @param string $username The username of the user to create
- * @param string $password The password of the new user
- */
- public static function createUser($username, $password) {
- return self::$_backend->createUser($username, $password);
+ true;
}
/**
- * Try to login a user
- *
- * @param string $username The username of the user to log in
- * @param string $password The password of the user
+ * @brief Creates a new user
+ * @param $username The username of the user to create
+ * @param $password The password of the new user
*/
- public static function login($username, $password) {
- return self::$_backend->login($username, $password);
+ public static function createUser( $username, $password ){
+ return self::$_backend->createUser( $username, $password );
}
/**
- * Check if the logout button is pressed and logout the user
- *
+ * @brief try to login a user
+ * @param $username The username of the user to log in
+ * @param $password The password of the user
*/
- public static function logoutListener() {
- return self::$_backend->logoutListener();
+ public static function login( $username, $password ){
+ return self::$_backend->login( $username, $password );
}
/**
- * Kick the user
- *
+ * @brief Kick the user
*/
- public static function logout() {
+ public static function logout(){
return self::$_backend->logout();
}
/**
- * Check if the user is logged in
- *
+ * @brief Check if the user is logged in
*/
- public static function isLoggedIn() {
+ public static function isLoggedIn(){
return self::$_backend->isLoggedIn();
}
/**
- * Try to create a new group
- *
- * @param string $groupName The name of the group to create
+ * @brief Generate a random password
*/
- public static function createGroup($groupName) {
- return self::$_backend->createGroup($groupName);
+ public static function generatePassword(){
+ return substr( md5( uniqId().time()), 0, 10 );
}
/**
- * Get the ID of a user
- *
- * @param string $username Name of the user to find the ID
- * @param boolean $noCache If false the cache is used to find the ID
+ * @brief Set the password of a user
+ * @param $username User whose password will be changed
+ * @param $password The new password for the user
*/
- public static function getUserId($username, $noCache=false) {
- return self::$_backend->getUserId($username, $noCache);
+ public static function setPassword( $username, $password ){
+ return self::$_backend->setPassword( $username, $password );
}
/**
- * Get the ID of a group
- *
- * @param string $groupName Name of the group to find the ID
- * @param boolean $noCache If false the cache is used to find the ID
- */
- public static function getGroupId($groupName, $noCache=false) {
- return self::$_backend->getGroupId($groupName, $noCache);
- }
-
- /**
- * Get the name of a group
- *
- * @param string $groupId ID of the group
- * @param boolean $noCache If false the cache is used to find the name of the group
- */
- public static function getGroupName($groupId, $noCache=false) {
- return self::$_backend->getGroupName($groupId, $noCache);
- }
-
- /**
- * Check if a user belongs to a group
- *
- * @param string $username Name of the user to check
- * @param string $groupName Name of the group
- */
- public static function inGroup($username, $groupName) {
- return self::$_backend->inGroup($username, $groupName);
- }
-
- /**
- * Add a user to a group
- *
- * @param string $username Name of the user to add to group
- * @param string $groupName Name of the group in which add the user
- */
- public static function addToGroup($username, $groupName) {
- return self::$_backend->addToGroup($username, $groupName);
- }
-
- /**
- * Remove a user from a group
- *
- * @param string $username Name of the user to remove from group
- * @param string $groupName Name of the group from which remove the user
- */
- public static function removeFromGroup($username,$groupName){
- return self::$_backend->removeFromGroup($username, $groupName);
- }
-
- /**
- * Generate a random password
- */
- public static function generatePassword() {
- return substr(md5(uniqId().time()),0,10);
- }
-
- /**
- * Get all groups the user belongs to
- *
- * @param string $username Name of the user
- */
- public static function getUserGroups($username) {
- return self::$_backend->getUserGroups($username);
- }
-
- /**
- * Set the password of a user
- *
- * @param string $username User who password will be changed
- * @param string $password The new password for the user
- */
- public static function setPassword($username, $password) {
- return self::$_backend->setPassword($username, $password);
- }
-
- /**
- * Check if the password of the user is correct
- *
+ * @brief Check if the password of the user is correct
* @param string $username Name of the user
* @param string $password Password of the user
*/
- public static function checkPassword($username, $password) {
- return self::$_backend->checkPassword($username, $password);
+ public static function checkPassword( $username, $password ){
+ return self::$_backend->checkPassword( $username, $password );
}
/**
- * get a list of all users
- *
+ * @brief get a list of all users
+ * @returns array with uids
*/
- public static function getUsers() {
+ public static function getUsers(){
return self::$_backend->getUsers();
}
-
- /**
- * get a list of all groups
- *
- */
- public static function getGroups() {
- return self::$_backend->getGroups();
- }
}
projects / nextcloud-server.git / commitdiff