aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/lib/plugins/authpdo/auth.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/plugins/authpdo/auth.php')
-rw-r--r--lib/plugins/authpdo/auth.php237
1 files changed, 98 insertions, 139 deletions
diff --git a/lib/plugins/authpdo/auth.php b/lib/plugins/authpdo/auth.php
index f58ad0247..47fe9cfc6 100644
--- a/lib/plugins/authpdo/auth.php
+++ b/lib/plugins/authpdo/auth.php
@@ -1,4 +1,7 @@
<?php
+
+use dokuwiki\Extension\AuthPlugin;
+use dokuwiki\PassHash;
use dokuwiki\Utf8\Sort;
/**
@@ -11,14 +14,13 @@ use dokuwiki\Utf8\Sort;
/**
* Class auth_plugin_authpdo
*/
-class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
+class auth_plugin_authpdo extends AuthPlugin
{
-
/** @var PDO */
protected $pdo;
/** @var null|array The list of all groups */
- protected $groupcache = null;
+ protected $groupcache;
/**
* Constructor.
@@ -44,11 +46,11 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
$this->getConf('dsn'),
$this->getConf('user'),
conf_decodeString($this->getConf('pass')),
- array(
+ [
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, // always fetch as array
PDO::ATTR_EMULATE_PREPARES => true, // emulating prepares allows us to reuse param names
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, // we want exceptions, not error codes
- )
+ ]
);
} catch (PDOException $e) {
$this->debugMsg($e);
@@ -59,94 +61,52 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
// can Users be created?
$this->cando['addUser'] = $this->checkConfig(
- array(
- 'select-user',
- 'select-user-groups',
- 'select-groups',
- 'insert-user',
- 'insert-group',
- 'join-group'
- )
+ ['select-user', 'select-user-groups', 'select-groups', 'insert-user', 'insert-group', 'join-group']
);
// can Users be deleted?
$this->cando['delUser'] = $this->checkConfig(
- array(
- 'select-user',
- 'select-user-groups',
- 'select-groups',
- 'leave-group',
- 'delete-user'
- )
+ ['select-user', 'select-user-groups', 'select-groups', 'leave-group', 'delete-user']
);
// can login names be changed?
$this->cando['modLogin'] = $this->checkConfig(
- array(
- 'select-user',
- 'select-user-groups',
- 'update-user-login'
- )
+ ['select-user', 'select-user-groups', 'update-user-login']
);
// can passwords be changed?
$this->cando['modPass'] = $this->checkConfig(
- array(
- 'select-user',
- 'select-user-groups',
- 'update-user-pass'
- )
+ ['select-user', 'select-user-groups', 'update-user-pass']
);
// can real names be changed?
$this->cando['modName'] = $this->checkConfig(
- array(
- 'select-user',
- 'select-user-groups',
- 'update-user-info:name'
- )
+ ['select-user', 'select-user-groups', 'update-user-info:name']
);
// can real email be changed?
$this->cando['modMail'] = $this->checkConfig(
- array(
- 'select-user',
- 'select-user-groups',
- 'update-user-info:mail'
- )
+ ['select-user', 'select-user-groups', 'update-user-info:mail']
);
// can groups be changed?
$this->cando['modGroups'] = $this->checkConfig(
- array(
- 'select-user',
- 'select-user-groups',
- 'select-groups',
- 'leave-group',
- 'join-group',
- 'insert-group'
- )
+ ['select-user', 'select-user-groups', 'select-groups', 'leave-group', 'join-group', 'insert-group']
);
// can a filtered list of users be retrieved?
$this->cando['getUsers'] = $this->checkConfig(
- array(
- 'list-users'
- )
+ ['list-users']
);
// can the number of users be retrieved?
$this->cando['getUserCount'] = $this->checkConfig(
- array(
- 'count-users'
- )
+ ['count-users']
);
// can a list of available groups be retrieved?
$this->cando['getGroups'] = $this->checkConfig(
- array(
- 'select-groups'
- )
+ ['select-groups']
);
$this->success = true;
@@ -166,7 +126,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
if ($userdata == false) return false;
// password checking done in SQL?
- if ($this->checkConfig(array('check-pass'))) {
+ if ($this->checkConfig(['check-pass'])) {
$userdata['clear'] = $pass;
$userdata['hash'] = auth_cryptPassword($pass);
$result = $this->query($this->getConf('check-pass'), $userdata);
@@ -177,7 +137,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
// we do password checking on our own
if (isset($userdata['hash'])) {
// hashed password
- $passhash = new \dokuwiki\PassHash();
+ $passhash = new PassHash();
return $passhash->verify_hash($pass, $userdata['hash']);
} else {
// clear text password in the database O_o
@@ -243,11 +203,11 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
}
// prepare data
- if ($grps == null) $grps = array();
+ if ($grps == null) $grps = [];
array_unshift($grps, $conf['defaultgroup']);
$grps = array_unique($grps);
$hash = auth_cryptPassword($clear);
- $userdata = compact('user', 'clear', 'hash', 'name', 'mail');
+ $userdata = ['user' => $user, 'clear' => $clear, 'hash' => $hash, 'name' => $name, 'mail' => $mail];
// action protected by transaction
$this->pdo->beginTransaction();
@@ -260,19 +220,19 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
// create all groups that do not exist, the refetch the groups
$allgroups = $this->selectGroups();
- foreach ($grps as $group) {
- if (!isset($allgroups[$group])) {
- $ok = $this->addGroup($group);
- if ($ok === false) goto FAIL;
- }
+ foreach ($grps as $group) {
+ if (!isset($allgroups[$group])) {
+ $ok = $this->addGroup($group);
+ if ($ok === false) goto FAIL;
}
+ }
$allgroups = $this->selectGroups();
// add user to the groups
- foreach ($grps as $group) {
- $ok = $this->joinGroup($userdata, $allgroups[$group]);
- if ($ok === false) goto FAIL;
- }
+ foreach ($grps as $group) {
+ $ok = $this->joinGroup($userdata, $allgroups[$group]);
+ if ($ok === false) goto FAIL;
+ }
}
$this->pdo->commit();
return true;
@@ -302,67 +262,67 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
unset($olddata['grps']);
// changing the user name?
- if (isset($changes['user'])) {
- if ($this->getUserData($changes['user'], false)) goto FAIL;
- $params = $olddata;
- $params['newlogin'] = $changes['user'];
+ if (isset($changes['user'])) {
+ if ($this->getUserData($changes['user'], false)) goto FAIL;
+ $params = $olddata;
+ $params['newlogin'] = $changes['user'];
- $ok = $this->query($this->getConf('update-user-login'), $params);
- if ($ok === false) goto FAIL;
- }
+ $ok = $this->query($this->getConf('update-user-login'), $params);
+ if ($ok === false) goto FAIL;
+ }
// changing the password?
- if (isset($changes['pass'])) {
- $params = $olddata;
- $params['clear'] = $changes['pass'];
- $params['hash'] = auth_cryptPassword($changes['pass']);
+ if (isset($changes['pass'])) {
+ $params = $olddata;
+ $params['clear'] = $changes['pass'];
+ $params['hash'] = auth_cryptPassword($changes['pass']);
- $ok = $this->query($this->getConf('update-user-pass'), $params);
- if ($ok === false) goto FAIL;
- }
+ $ok = $this->query($this->getConf('update-user-pass'), $params);
+ if ($ok === false) goto FAIL;
+ }
// changing info?
- if (isset($changes['mail']) || isset($changes['name'])) {
- $params = $olddata;
- if (isset($changes['mail'])) $params['mail'] = $changes['mail'];
- if (isset($changes['name'])) $params['name'] = $changes['name'];
+ if (isset($changes['mail']) || isset($changes['name'])) {
+ $params = $olddata;
+ if (isset($changes['mail'])) $params['mail'] = $changes['mail'];
+ if (isset($changes['name'])) $params['name'] = $changes['name'];
- $ok = $this->query($this->getConf('update-user-info'), $params);
- if ($ok === false) goto FAIL;
- }
+ $ok = $this->query($this->getConf('update-user-info'), $params);
+ if ($ok === false) goto FAIL;
+ }
// changing groups?
- if (isset($changes['grps'])) {
- $allgroups = $this->selectGroups();
-
- // remove membership for previous groups
- foreach ($oldgroups as $group) {
- if (!in_array($group, $changes['grps']) && isset($allgroups[$group])) {
- $ok = $this->leaveGroup($olddata, $allgroups[$group]);
- if ($ok === false) goto FAIL;
- }
+ if (isset($changes['grps'])) {
+ $allgroups = $this->selectGroups();
+
+ // remove membership for previous groups
+ foreach ($oldgroups as $group) {
+ if (!in_array($group, $changes['grps']) && isset($allgroups[$group])) {
+ $ok = $this->leaveGroup($olddata, $allgroups[$group]);
+ if ($ok === false) goto FAIL;
}
+ }
- // create all new groups that are missing
- $added = 0;
- foreach ($changes['grps'] as $group) {
- if (!isset($allgroups[$group])) {
- $ok = $this->addGroup($group);
- if ($ok === false) goto FAIL;
- $added++;
- }
+ // create all new groups that are missing
+ $added = 0;
+ foreach ($changes['grps'] as $group) {
+ if (!isset($allgroups[$group])) {
+ $ok = $this->addGroup($group);
+ if ($ok === false) goto FAIL;
+ $added++;
}
- // reload group info
- if ($added > 0) $allgroups = $this->selectGroups();
-
- // add membership for new groups
- foreach ($changes['grps'] as $group) {
- if (!in_array($group, $oldgroups)) {
- $ok = $this->joinGroup($olddata, $allgroups[$group]);
- if ($ok === false) goto FAIL;
- }
+ }
+ // reload group info
+ if ($added > 0) $allgroups = $this->selectGroups();
+
+ // add membership for new groups
+ foreach ($changes['grps'] as $group) {
+ if (!in_array($group, $oldgroups)) {
+ $ok = $this->joinGroup($olddata, $allgroups[$group]);
+ if ($ok === false) goto FAIL;
}
}
+ }
}
$this->pdo->commit();
@@ -406,10 +366,10 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
public function retrieveUsers($start = 0, $limit = -1, $filter = null)
{
if ($limit < 0) $limit = 10000; // we don't support no limit
- if (is_null($filter)) $filter = array();
+ if (is_null($filter)) $filter = [];
if (isset($filter['grps'])) $filter['group'] = $filter['grps'];
- foreach (array('user', 'name', 'mail', 'group') as $key) {
+ foreach (['user', 'name', 'mail', 'group'] as $key) {
if (!isset($filter[$key])) {
$filter[$key] = '%';
} else {
@@ -421,13 +381,13 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
$filter['limit'] = (int)$limit;
$result = $this->query($this->getConf('list-users'), $filter);
- if (!$result) return array();
- $users = array();
+ if (!$result) return [];
+ $users = [];
if (is_array($result)) {
foreach ($result as $row) {
if (!isset($row['user'])) {
$this->debugMsg("list-users statement did not return 'user' attribute", -1, __LINE__);
- return array();
+ return [];
}
$users[] = $this->getUserData($row['user']);
}
@@ -443,12 +403,12 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
* @param array $filter array of field/pattern pairs, empty array for no filter
* @return int
*/
- public function getUserCount($filter = array())
+ public function getUserCount($filter = [])
{
- if (is_null($filter)) $filter = array();
+ if (is_null($filter)) $filter = [];
if (isset($filter['grps'])) $filter['group'] = $filter['grps'];
- foreach (array('user', 'name', 'mail', 'group') as $key) {
+ foreach (['user', 'name', 'mail', 'group'] as $key) {
if (!isset($filter[$key])) {
$filter[$key] = '%';
} else {
@@ -473,7 +433,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
{
$sql = $this->getConf('insert-group');
- $result = $this->query($sql, array(':group' => $group));
+ $result = $this->query($sql, [':group' => $group]);
$this->clearGroupCache();
if ($result === false) return false;
return true;
@@ -491,7 +451,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
public function retrieveGroups($start = 0, $limit = 0)
{
$groups = array_keys($this->selectGroups());
- if ($groups === false) return array();
+ if ($groups === false) return [];
if (!$limit) {
return array_splice($groups, $start);
@@ -510,7 +470,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
{
$sql = $this->getConf('select-user');
- $result = $this->query($sql, array(':user' => $user));
+ $result = $this->query($sql, [':user' => $user]);
if (!$result) return false;
if (count($result) > 1) {
@@ -525,7 +485,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
$this->debugMsg("Statement did not return 'user' attribute", -1, __LINE__);
$dataok = false;
}
- if (!isset($data['hash']) && !isset($data['clear']) && !$this->checkConfig(array('check-pass'))) {
+ if (!isset($data['hash']) && !isset($data['clear']) && !$this->checkConfig(['check-pass'])) {
$this->debugMsg("Statement did not return 'clear' or 'hash' attribute", -1, __LINE__);
$dataok = false;
}
@@ -557,11 +517,11 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
$allgroups = $this->selectGroups();
// remove group memberships (ignore errors)
- foreach ($userdata['grps'] as $group) {
- if (isset($allgroups[$group])) {
- $this->leaveGroup($userdata, $allgroups[$group]);
- }
+ foreach ($userdata['grps'] as $group) {
+ if (isset($allgroups[$group])) {
+ $this->leaveGroup($userdata, $allgroups[$group]);
}
+ }
$ok = $this->query($this->getConf('delete-user'), $userdata);
if ($ok === false) goto FAIL;
@@ -587,7 +547,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
$result = $this->query($sql, $userdata);
if ($result === false) return false;
- $groups = array($conf['defaultgroup']); // always add default config
+ $groups = [$conf['defaultgroup']]; // always add default config
if (is_array($result)) {
foreach ($result as $row) {
if (!isset($row['group'])) {
@@ -618,7 +578,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
$result = $this->query($sql);
if ($result === false) return false;
- $groups = array();
+ $groups = [];
if (is_array($result)) {
foreach ($result as $row) {
if (!isset($row['group'])) {
@@ -685,7 +645,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
* @param array $arguments Named parameters to be used in the statement
* @return array|int|bool The result as associative array for SELECTs, affected rows for others, false on error
*/
- protected function query($sql, $arguments = array())
+ protected function query($sql, $arguments = [])
{
$sql = trim($sql);
if (empty($sql)) {
@@ -694,7 +654,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
}
// execute
- $params = array();
+ $params = [];
$sth = $this->pdo->prepare($sql);
$result = false;
try {
@@ -703,7 +663,7 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
if (is_array($value)) continue;
if (is_object($value)) continue;
if ($key[0] != ':') $key = ":$key"; // prefix with colon if needed
- if (strpos($sql, $key) === false) continue; // skip if parameter is missing
+ if (strpos($sql, (string) $key) === false) continue; // skip if parameter is missing
if (is_int($value)) {
$sth->bindValue($key, $value, PDO::PARAM_INT);
@@ -742,7 +702,6 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin
$this->debugMsg("SQL: <pre>$dsql</pre>", -1, $line);
}
$sth->closeCursor();
- $sth = null;
return $result;
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-03 04:01:43 +0000