Changeset:
a1b97fe52dde
https://sourceforge.net/p/mrbs/hg-code/ci/a1b97fe52ddec5749b8d1e3c4169318dd465a868
Author:
Markus Gilli <[email protected]>
Date:
Mon Jan 04 23:55:49 2016 +0100
Log message:
allow to read user access level from external database
diffstat:
AUTHENTICATION | 7 ++++++-
web/auth/auth_db_ext.inc | 39 +++++++++++++++++++++++++++++++++++++++
2 files changed, 45 insertions(+), 1 deletions(-)
diffs (66 lines):
diff -r 38808e08ed66 -r a1b97fe52dde AUTHENTICATION
--- a/AUTHENTICATION Mon Jan 04 22:56:41 2016 +0100
+++ b/AUTHENTICATION Mon Jan 04 23:55:49 2016 +0100
@@ -557,7 +557,12 @@
$auth['db_ext']['password_format'] = 'md5';
This is the format of the password entries in the table. You can specify
-'md5', 'sha1', 'crypt' or 'plaintext'.
+'md5', 'sha1', 'sha256', 'crypt' or 'plaintext'.
+
+$auth['db_ext']['column_name_level'] = 'level';
+
+This configuration item is optional and contains the name of the column
+that hold the access level of the user.
POP3 Authentication
-------------------
diff -r 38808e08ed66 -r a1b97fe52dde web/auth/auth_db_ext.inc
--- a/web/auth/auth_db_ext.inc Mon Jan 04 22:56:41 2016 +0100
+++ b/web/auth/auth_db_ext.inc Mon Jan 04 23:55:49 2016 +0100
@@ -157,6 +157,45 @@
}
}
+ // Get user level from external database
+ if (isset($auth['db_ext']['column_name_level']) &&
($auth['db_ext']['column_name_level'] != ''))
+ {
+ $persist = 0;
+ $port = isset($auth['db_ext']['db_port']) ?
(int)$auth['db_ext']['db_port'] : NULL;
+
+ $conn = sql_connect($auth['db_ext']['db_system'],
+ $auth['db_ext']['db_host'],
+ $auth['db_ext']['db_username'],
+ $auth['db_ext']['db_password'],
+ $auth['db_ext']['db_name'],
+ $persist,
+ $port);
+
+ // sql_syntax_casesensitive_equals() does the escaping. We need an
exact match -
+ // MySQL allows trailing spaces when using an '=' comparison, eg 'john' =
'john '
+ $query = "SELECT " . sql_quote($auth['db_ext']['column_name_level']) . "
+ FROM " . sql_quote($auth['db_ext']['db_table']) . "
+ WHERE " .
sql_syntax_casesensitive_equals($auth['db_ext']['column_name_username'],
utf8_strtolower($user)) . "
+ LIMIT 1";
+
+ $r = sql_query($query, $conn);
+
+ if ($r === FALSE)
+ {
+ trigger_error(sql_error($conn), E_USER_WARNING);
+ fatal_error(FALSE, get_vocab("fatal_db_error"));
+ }
+
+ if (sql_count($r) == 0)
+ {
+ return 0;
+ }
+
+ $row = sql_row($r, 0, $conn);
+
+ return $row[0];
+ }
+
// Everybody else is access level '1'
return 1;
}
------------------------------------------------------------------------------
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
