|
|
|
@ -42,13 +42,13 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
/** |
|
|
|
|
* @var PasswordHash |
|
|
|
|
*/ |
|
|
|
|
static private $hasher=null; |
|
|
|
|
static private $hasher = null; |
|
|
|
|
|
|
|
|
|
private function getHasher() { |
|
|
|
|
if(!self::$hasher) { |
|
|
|
|
if (!self::$hasher) { |
|
|
|
|
//we don't want to use DES based crypt(), since it doesn't return a hash with a recognisable prefix |
|
|
|
|
$forcePortable=(CRYPT_BLOWFISH!=1); |
|
|
|
|
self::$hasher=new PasswordHash(8, $forcePortable); |
|
|
|
|
$forcePortable = (CRYPT_BLOWFISH != 1); |
|
|
|
|
self::$hasher = new PasswordHash(8, $forcePortable); |
|
|
|
|
} |
|
|
|
|
return self::$hasher; |
|
|
|
|
|
|
|
|
@ -63,14 +63,14 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
* Creates a new user. Basic checking of username is done in OC_User |
|
|
|
|
* itself, not in its subclasses. |
|
|
|
|
*/ |
|
|
|
|
public function createUser( $uid, $password ) { |
|
|
|
|
if( $this->userExists($uid) ) { |
|
|
|
|
public function createUser($uid, $password) { |
|
|
|
|
if ($this->userExists($uid)) { |
|
|
|
|
return false; |
|
|
|
|
}else{ |
|
|
|
|
$hasher=$this->getHasher(); |
|
|
|
|
$hash = $hasher->HashPassword($password.OC_Config::getValue('passwordsalt', '')); |
|
|
|
|
$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )' ); |
|
|
|
|
$result = $query->execute( array( $uid, $hash)); |
|
|
|
|
} else { |
|
|
|
|
$hasher = $this->getHasher(); |
|
|
|
|
$hash = $hasher->HashPassword($password . OC_Config::getValue('passwordsalt', '')); |
|
|
|
|
$query = OC_DB::prepare('INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )'); |
|
|
|
|
$result = $query->execute(array($uid, $hash)); |
|
|
|
|
|
|
|
|
|
return $result ? true : false; |
|
|
|
|
} |
|
|
|
@ -83,10 +83,10 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
* |
|
|
|
|
* Deletes a user |
|
|
|
|
*/ |
|
|
|
|
public function deleteUser( $uid ) { |
|
|
|
|
public function deleteUser($uid) { |
|
|
|
|
// Delete user-group-relation |
|
|
|
|
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*users` WHERE `uid` = ?' ); |
|
|
|
|
$query->execute( array( $uid )); |
|
|
|
|
$query = OC_DB::prepare('DELETE FROM `*PREFIX*users` WHERE `uid` = ?'); |
|
|
|
|
$query->execute(array($uid)); |
|
|
|
|
return true; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
@ -98,15 +98,15 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
* |
|
|
|
|
* Change the password of a user |
|
|
|
|
*/ |
|
|
|
|
public function setPassword( $uid, $password ) { |
|
|
|
|
if( $this->userExists($uid) ) { |
|
|
|
|
$hasher=$this->getHasher(); |
|
|
|
|
$hash = $hasher->HashPassword($password.OC_Config::getValue('passwordsalt', '')); |
|
|
|
|
$query = OC_DB::prepare( 'UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?' ); |
|
|
|
|
$query->execute( array( $hash, $uid )); |
|
|
|
|
public function setPassword($uid, $password) { |
|
|
|
|
if ($this->userExists($uid)) { |
|
|
|
|
$hasher = $this->getHasher(); |
|
|
|
|
$hash = $hasher->HashPassword($password . OC_Config::getValue('passwordsalt', '')); |
|
|
|
|
$query = OC_DB::prepare('UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?'); |
|
|
|
|
$query->execute(array($hash, $uid)); |
|
|
|
|
|
|
|
|
|
return true; |
|
|
|
|
}else{ |
|
|
|
|
} else { |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
@ -119,12 +119,12 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
* |
|
|
|
|
* Change the display name of a user |
|
|
|
|
*/ |
|
|
|
|
public function setDisplayName( $uid, $displayName ) { |
|
|
|
|
if( $this->userExists($uid) ) { |
|
|
|
|
$query = OC_DB::prepare( 'UPDATE `*PREFIX*users` SET `displayname` = ? WHERE `uid` = ?' ); |
|
|
|
|
$query->execute( array( $displayName, $uid )); |
|
|
|
|
public function setDisplayName($uid, $displayName) { |
|
|
|
|
if ($this->userExists($uid)) { |
|
|
|
|
$query = OC_DB::prepare('UPDATE `*PREFIX*users` SET `displayname` = ? WHERE LOWER(`uid`) = ?'); |
|
|
|
|
$query->execute(array($displayName, $uid)); |
|
|
|
|
return true; |
|
|
|
|
}else{ |
|
|
|
|
} else { |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
@ -132,18 +132,16 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
/** |
|
|
|
|
* @brief get display name of the user |
|
|
|
|
* @param $uid user ID of the user |
|
|
|
|
* @return display name |
|
|
|
|
* @return string display name |
|
|
|
|
*/ |
|
|
|
|
public function getDisplayName($uid) { |
|
|
|
|
if( $this->userExists($uid) ) { |
|
|
|
|
$query = OC_DB::prepare( 'SELECT `displayname` FROM `*PREFIX*users` WHERE `uid` = ?' ); |
|
|
|
|
$result = $query->execute( array( $uid ))->fetchAll(); |
|
|
|
|
$displayName = trim($result[0]['displayname'], ' '); |
|
|
|
|
if ( !empty($displayName) ) { |
|
|
|
|
return $displayName; |
|
|
|
|
} else { |
|
|
|
|
return $uid; |
|
|
|
|
} |
|
|
|
|
$query = OC_DB::prepare('SELECT `displayname` FROM `*PREFIX*users` WHERE `uid` = ?'); |
|
|
|
|
$result = $query->execute(array($uid))->fetchAll(); |
|
|
|
|
$displayName = trim($result[0]['displayname'], ' '); |
|
|
|
|
if (!empty($displayName)) { |
|
|
|
|
return $displayName; |
|
|
|
|
} else { |
|
|
|
|
return $uid; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
@ -156,9 +154,9 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
public function getDisplayNames($search = '', $limit = null, $offset = null) { |
|
|
|
|
$displayNames = array(); |
|
|
|
|
$query = OC_DB::prepare('SELECT `uid`, `displayname` FROM `*PREFIX*users`' |
|
|
|
|
.' WHERE LOWER(`displayname`) LIKE LOWER(?) OR ' |
|
|
|
|
.'LOWER(`uid`) LIKE LOWER(?)', $limit, $offset); |
|
|
|
|
$result = $query->execute(array($search.'%', $search.'%')); |
|
|
|
|
. ' WHERE LOWER(`displayname`) LIKE LOWER(?) OR ' |
|
|
|
|
. 'LOWER(`uid`) LIKE LOWER(?)', $limit, $offset); |
|
|
|
|
$result = $query->execute(array($search . '%', $search . '%')); |
|
|
|
|
$users = array(); |
|
|
|
|
while ($row = $result->fetchRow()) { |
|
|
|
|
$displayNames[$row['uid']] = $row['displayname']; |
|
|
|
@ -176,30 +174,30 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
* Check if the password is correct without logging in the user |
|
|
|
|
* returns the user id or false |
|
|
|
|
*/ |
|
|
|
|
public function checkPassword( $uid, $password ) { |
|
|
|
|
$query = OC_DB::prepare( 'SELECT `uid`, `password` FROM `*PREFIX*users` WHERE LOWER(`uid`) = LOWER(?)' ); |
|
|
|
|
$result = $query->execute( array( $uid)); |
|
|
|
|
public function checkPassword($uid, $password) { |
|
|
|
|
$query = OC_DB::prepare('SELECT `uid`, `password` FROM `*PREFIX*users` WHERE LOWER(`uid`) = LOWER(?)'); |
|
|
|
|
$result = $query->execute(array($uid)); |
|
|
|
|
|
|
|
|
|
$row=$result->fetchRow(); |
|
|
|
|
if($row) { |
|
|
|
|
$storedHash=$row['password']; |
|
|
|
|
if ($storedHash[0]=='$') {//the new phpass based hashing |
|
|
|
|
$hasher=$this->getHasher(); |
|
|
|
|
if($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $storedHash)) { |
|
|
|
|
$row = $result->fetchRow(); |
|
|
|
|
if ($row) { |
|
|
|
|
$storedHash = $row['password']; |
|
|
|
|
if ($storedHash[0] == '$') { //the new phpass based hashing |
|
|
|
|
$hasher = $this->getHasher(); |
|
|
|
|
if ($hasher->CheckPassword($password . OC_Config::getValue('passwordsalt', ''), $storedHash)) { |
|
|
|
|
return $row['uid']; |
|
|
|
|
}else{ |
|
|
|
|
} else { |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
}else{//old sha1 based hashing |
|
|
|
|
if(sha1($password)==$storedHash) { |
|
|
|
|
} else { //old sha1 based hashing |
|
|
|
|
if (sha1($password) == $storedHash) { |
|
|
|
|
//upgrade to new hashing |
|
|
|
|
$this->setPassword($row['uid'], $password); |
|
|
|
|
return $row['uid']; |
|
|
|
|
}else{ |
|
|
|
|
} else { |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
}else{ |
|
|
|
|
} else { |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
@ -212,7 +210,7 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
*/ |
|
|
|
|
public function getUsers($search = '', $limit = null, $offset = null) { |
|
|
|
|
$query = OC_DB::prepare('SELECT `uid` FROM `*PREFIX*users` WHERE LOWER(`uid`) LIKE LOWER(?)', $limit, $offset); |
|
|
|
|
$result = $query->execute(array($search.'%')); |
|
|
|
|
$result = $query->execute(array($search . '%')); |
|
|
|
|
$users = array(); |
|
|
|
|
while ($row = $result->fetchRow()) { |
|
|
|
|
$users[] = $row['uid']; |
|
|
|
@ -226,8 +224,8 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
* @return boolean |
|
|
|
|
*/ |
|
|
|
|
public function userExists($uid) { |
|
|
|
|
$query = OC_DB::prepare( 'SELECT COUNT(*) FROM `*PREFIX*users` WHERE LOWER(`uid`) = LOWER(?)' ); |
|
|
|
|
$result = $query->execute( array( $uid )); |
|
|
|
|
$query = OC_DB::prepare('SELECT COUNT(*) FROM `*PREFIX*users` WHERE LOWER(`uid`) = LOWER(?)'); |
|
|
|
|
$result = $query->execute(array($uid)); |
|
|
|
|
if (OC_DB::isError($result)) { |
|
|
|
|
OC_Log::write('core', OC_DB::getErrorMessage($result), OC_Log::ERROR); |
|
|
|
|
return false; |
|
|
|
@ -236,14 +234,14 @@ class OC_User_Database extends OC_User_Backend { |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @brief get the user's home directory |
|
|
|
|
* @param string $uid the username |
|
|
|
|
* @return boolean |
|
|
|
|
*/ |
|
|
|
|
* @brief get the user's home directory |
|
|
|
|
* @param string $uid the username |
|
|
|
|
* @return boolean |
|
|
|
|
*/ |
|
|
|
|
public function getHome($uid) { |
|
|
|
|
if($this->userExists($uid)) { |
|
|
|
|
return OC_Config::getValue( "datadirectory", OC::$SERVERROOT."/data" ) . '/' . $uid; |
|
|
|
|
}else{ |
|
|
|
|
if ($this->userExists($uid)) { |
|
|
|
|
return OC_Config::getValue("datadirectory", OC::$SERVERROOT . "/data") . '/' . $uid; |
|
|
|
|
} else { |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|