moparisthebest
/
user_sql
mirror of https://github.com/moparisthebest/user_sql
1
0
Fork 0
Code Issues Releases Wiki Activity

Add Multi-Host support and fixes for ownCloud 8.1

This commit is contained in:
Andreas Boehler 2015-07-27 15:02:10 +02:00
parent bf8fb9ecb7
commit 4953f23c5c
11 changed files with 614 additions and 601 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
ajax/settings.php
View File

@ -1,66 +1,83 @@
<?php
namespace OCA\user_sql;
// Init owncloud
// Check if we are a user
OCP\User::checkAdminUser();
OCP\JSON::checkAppEnabled('user_sql');
\OCP\User::checkAdminUser();
\OCP\JSON::checkAppEnabled('user_sql');
// CSRF checks
OCP\JSON::callCheck();
\OCP\JSON::callCheck();
$helper = new \OCA\user_sql\lib\Helper;
$l = \OC::$server->getL10N('user_sql');
$params = array('sql_host', 'sql_user', 'sql_database', 'sql_password',
'sql_table', 'sql_column_username', 'sql_column_password', 'sql_type',
'sql_column_active', 'strip_domain', 'default_domain', 'crypt_type',
'sql_column_displayname', 'domain_settings', 'map_array', 'domain_array',
'allow_password_change', 'sql_column_active_invert', 'sql_column_email',
'mail_sync_mode');
$params = $helper -> getParameterArray();
if(isset($_POST['appname']) && $_POST['appname'] === "user_sql")
if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POST['function']) && isset($_POST['domain']))
{
foreach($params as $param)
$domain = $_POST['domain'];
switch($_POST['function'])
{
if(isset($_POST[$param]))
{
if($param === 'strip_domain')
case 'saveSettings':
foreach($params as $param)
{
if(isset($_POST[$param]))
{
if($param === 'set_strip_domain')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_'.$domain, 'true');
}
elseif($param === 'set_allow_pwchange')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_'.$domain, 'true');
}
elseif($param === 'set_active_invert')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'true');
}
else
{
\OC::$server->getConfig()->setAppValue('user_sql', $param.'_'.$domain, $_POST[$param]);
}
} else
{
if($param === 'set_strip_domain')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_'.$domain, 'false');
}
elseif($param === 'set_allow_pwchange')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_'.$domain, 'false');
}
elseif($param === 'set_active_invert')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'false');
}
}
}
break;
case 'loadSettingsForDomain':
$retArr = array();
foreach($params as $param)
{
OCP\Config::setAppValue('user_sql', 'strip_domain', true);
}
elseif($param === 'allow_password_change')
{
OCP\Config::setAppValue('user_sql', 'allow_password_change', true);
$retArr[$param] = \OC::$server->getConfig()->getAppValue('user_sql', $param.'_'.$domain, '');
}
elseif($param === 'sql_column_active_invert')
{
OCP\Config::setAppValue('user_sql', 'sql_column_active_invert', true);
}
else
{
OCP\Config::setAppValue('user_sql', $param, $_POST[$param]);
}
} else
{
if($param === 'strip_domain')
{
OCP\Config::setAppValue('user_sql', 'strip_domain', false);
}
elseif($param === 'allow_password_change')
{
OCP\Config::setAppValue('user_sql', 'allow_password_change', false);
}
elseif($param === 'sql_column_active_invert')
{
OCP\Config::setAppValue('user_sql', 'sql_column_active_invert', false);
}
}
\OCP\JSON::success(array('settings' => $retArr));
return true;
break;
}
} else
{
\OCP\JSON::error(array("data" => array("message" => $l -> t("Not submitted for us."))));
\OCP\JSON::error(array('data' => array('message' => $l -> t('Not submitted for us.'))));
return false;
}
OCP\JSON::success(array('data' => array('message' => $l -> t('Application settings successfully stored.'))));
\OCP\JSON::success(array('data' => array('message' => $l -> t('Application settings successfully stored.'))));
return true;

18
appinfo/app.php
View File

@ -4,7 +4,7 @@
* ownCloud - user_sql
*
* @author Andreas Böhler
* @copyright 2012 Andreas Böhler <andreas (at) aboehler (dot) at>
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -22,22 +22,14 @@
*/
require_once('apps/user_sql/user_sql.php');
\OCP\App::registerAdmin('user_sql','settings');
// define IMAP_DEFAULTs
define('OC_USER_BACKEND_SQL_DEFAULT_HOST', 'localhost');
define('OC_USER_BACKEND_SQL_DEFAULT_USER', 'mail_admin');
define('OC_USER_BACKEND_SQL_DEFAULT_DB', 'postfixadmin');
define('OC_USER_BACKEND_SQL_DEFAULT_PASSWORD', 'password');
define('OC_USER_BACKEND_SQL_DEFAULT_TABLE', 'users');
define('OC_USER_BACKEND_SQL_DEFAULT_PW_COLUMN', 'password');
define('OC_USER_BACKEND_SQL_DEFAULT_USER_COLUMN', 'username');
define('OC_USER_BACKEND_SQL_DEFAULT_DRIVER', 'mysql');
$backend = new \OCA\user_sql\OC_USER_SQL;
// register user backend
OC_User::registerBackend('SQL');
OC_User::useBackend('SQL');
OC_User::registerBackend($backend);
OC_User::useBackend($backend);
// add settings page to navigation
$entry = array(

4
appinfo/info.xml
View File

@ -6,8 +6,10 @@
<licence>AGPL</licence>
<author>Andreas Boehler &lt;dev (at) aboehler
(dot) at &gt;</author>
<require>5.0</require>
<version>1.99</version>
<requiremin>8.1</requiremin>
<shipped>false</shipped>
<namespace>user_sql</namespace>
<types>
<authentication/>
</types>

71
appinfo/update.php Normal file
View File

@ -0,0 +1,71 @@
<?php
/**
* ownCloud - user_sql
*
* @author Andreas Böhler and contributors
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
$installedVersion = \OC::$server->getConfig()->getAppValue('user_sql', 'installed_version');
$params = array('sql_host' => 'sql_hostname',
'sql_user' => 'sql_username',
'sql_database' => 'sql_database',
'sql_password' => 'sql_password',
'sql_table' => 'sql_table',
'sql_column_username' => 'col_username',
'sql_column_password' => 'col_password',
'sql_type' => 'sql_driver',
'sql_column_active' => 'col_active',
'strip_domain' => 'set_strip_domain',
'default_domain' => 'set_default_domain',
'crypt_type' => 'set_crypt_type',
'sql_column_displayname' => 'col_displayname',
'allow_password_change' => 'set_allow_pwchange',
'sql_column_active_invert' => 'set_active_invert',
'sql_column_email' => 'col_email',
'mail_sync_mode' => 'set_mail_sync_mode'
);
$delParams = array('domain_settings',
'map_array',
'domain_array'
);
if(version_compare($installedVersion, '1.99', '<'))
{
foreach($params as $oldPar => $newPar)
{
$val = \OC::$server->getConfig()->getAppValue('user_sql', $oldPar);
if(($oldPar === 'strip_domain') || ($oldPar === 'allow_password_change') || ($oldPar === 'sql_column_active_invert'))
{
if($val)
$val = 'true';
else
$val = 'false';
}
if($val)
\OC::$server->getConfig()->setAppValue('user_sql', $newPar.'_default', $val);
\OC::$server->getConfig()->deleteAppValue('user_sql', $oldPar);
}
foreach($delParams as $param)
{
\OC::$server->getConfig()->deleteAppValue('user_sql', $param);
}
}

1
appinfo/version
View File

@ -1 +0,0 @@
1.5

2
css/settings.css
View File

@ -9,6 +9,6 @@
}
.statusmessage,.errormessage,.successmessage{
display:none;
padding: 1;
padding: 1px;
}

173
js/settings.js
View File

@ -3,34 +3,6 @@ var user_sql = user_sql ||
{
};
user_sql.adminSettingsCheckRadio = function()
{
if($('#domain_none').attr("checked") == "checked")
{
$('#default_domain').attr("disabled", true);
$('#inputServerDomain').attr("disabled", true);
$('#inputMapDomain').attr("disabled", true);
$('#domainAddMap').attr("disabled", true);
} else if($('#domain_server').attr("checked") == "checked")
{
$('#default_domain').attr("disabled", true);
$('#inputServerDomain').attr("disabled", true);
$('#inputMapDomain').attr("disabled", true);
$('#domainAddMap').attr("disabled", true);
} else if($('#domain_mapping').attr("checked") == "checked")
{
$('#default_domain').attr("disabled", true);
$('#inputServerDomain').removeAttr("disabled");
$('#inputMapDomain').removeAttr("disabled");
$('#domainAddMap').removeAttr("disabled");
} else if($('#domain_default').attr("checked") == "checked")
{
$('#default_domain').removeAttr("disabled");
$('#inputServerDomain').attr("disabled", true);
$('#inputMapDomain').attr("disabled", true);
$('#domainAddMap').attr("disabled", true);
}
};
/**
* init admin settings view
*/
@ -48,28 +20,18 @@ user_sql.adminSettingsUI = function()
var self = $(this);
var post = $('#sqlForm').serializeArray();
var domainArr = new Array();
var mapArr = new Array();
$('#domain_map_entries tr').each(function()
{
var d = $(this).find("td:first").html();
var m = $(this).find("td").eq(1).html();
if(d != undefined && m != undefined)
{
mapArr.push(m);
domainArr.push(d);
}
var domain = $('#sql_domain_chooser option:selected').val();
post.push({
name: 'function',
value: 'saveSettings'
});
post.push(
{
name : 'map_array',
value : mapArr
});
post.push(
{
name : 'domain_array',
value : domainArr
post.push({
name: 'domain',
value: domain
});
$('#sql_update_message').show();
$('#sql_success_message').hide();
$('#sql_error_message').hide();
@ -93,66 +55,81 @@ user_sql.adminSettingsUI = function()
}, 'json');
return false;
});
$('#domain_none').click(function(event)
{
user_sql.adminSettingsCheckRadio();
$('#sql_domain_chooser').change(function() {
user_sql.loadDomainSettings($('#sql_domain_chooser option:selected').val());
});
$('#domain_server').click(function(event)
{
user_sql.adminSettingsCheckRadio();
});
$('#domain_mapping').click(function(event)
{
user_sql.adminSettingsCheckRadio();
});
$('#domain_default').click(function(event)
{
user_sql.adminSettingsCheckRadio();
});
$('#domainAddMap').click(function(event)
{
event.preventDefault();
var newDomain = $('#inputServerDomain').val();
var newMap = $('#inputMapDomain').val();
$('#domain_map_entries > tbody:last').append('<tr><td>' + newDomain + '</td><td>' + newMap + '</td><td><a class="deleteLink" href="#" >delete</a></td></tr>');
$('#inputServerDomain').val("");
$('#inputMapDomain').val("");
$("#domain_map_entries .deleteLink").on("click", function()
{
var tr = $(this).closest('tr');
tr.css("background-color", "#FF3700");
tr.fadeOut(400, function()
{
tr.remove();
});
return false;
});
});
}
};
user_sql.loadDomainSettings = function(domain)
{
$('#sql_loading_message').show();
var post = [
{
name: 'appname',
value: 'user_sql'
},
{
name: 'function',
value: 'loadSettingsForDomain'
},
{
name: 'domain',
value: domain
}
];
$.post(OC.filePath('user_sql', 'ajax', 'settings.php'), post, function(data)
{
$('#sql_loading_message').hide();
if(data.status == 'success')
{
for(key in data.settings)
{
if(key == 'set_strip_domain')
{
if(data.settings[key] == 'true')
$('#' + key).prop('checked', true);
else
$('#' + key).prop('checked', false);
}
else if(key == 'set_allow_pwchange')
{
if(data.settings[key] == 'true')
$('#' + key).prop('checked', true);
else
$('#' + key).prop('checked', false);
}
else if(key == 'set_active_invert')
{
if(data.settings[key] == 'true')
$('#' + key).prop('checked', true);
else
$('#' + key).prop('checked', false);
}
else
{
$('#' + key).val(data.settings[key]);
}
}
}
else
{
$('#sql_error_message').html(data.data.message);
$('#sql_error_message').show();
}
}
);
};
$(document).ready(function()
{
if($('#sql'))
{
user_sql.adminSettingsUI();
user_sql.adminSettingsCheckRadio();
$("#domain_map_entries .deleteLink").on("click", function()
{
var tr = $(this).closest('tr');
tr.css("background-color", "#FF3700");
tr.fadeOut(400, function()
{
tr.remove();
});
return false;
});
user_sql.loadDomainSettings($('#sql_domain_chooser option:selected').val());
}
});

211
lib/helper.php Normal file
View File

@ -0,0 +1,211 @@
<?php
/**
* ownCloud - user_sql
*
* @author Andreas Böhler and contributors
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\user_sql\lib;
class Helper {
protected $db;
protected $db_conn;
protected $settings;
public function __construct()
{
$this->db_conn = false;
}
public function getParameterArray()
{
$params = array(
'sql_hostname',
'sql_username',
'sql_password',
'sql_database',
'sql_table',
'sql_driver',
'col_username',
'col_password',
'col_active',
'col_displayname',
'col_email',
'set_active_invert',
'set_allow_pwchange',
'set_default_domain',
'set_strip_domain',
'set_crypt_type',
'set_mail_sync_mode'
);
return $params;
}
public function loadSettingsForDomain($domain)
{
\OCP\Util::writeLog('OC_USER_SQL', "Trying to load settings for domain: " . $domain, \OCP\Util::DEBUG);
$settings = array();
$sql_host = \OC::$server->getConfig()->getAppValue('user_sql', 'sql_hostname_'.$domain, '');
if($sql_host === '')
{
$domain = 'default';
}
$params = $this -> getParameterArray();
foreach($params as $param)
{
$settings[$param] = \OC::$server->getConfig()->getAppValue('user_sql', $param.'_'.$domain, '');
}
\OCP\Util::writeLog('OC_USER_SQL', "Loaded settings for domain: " . $domain, \OCP\Util::DEBUG);
return $settings;
}
public function runQuery($type, $params, $execOnly = false, $fetchArray = false, $limits = array())
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering runQuery for type: " . $type, \OCP\Util::DEBUG);
if(!$this -> db_conn)
return false;
switch($type)
{
case 'getMail':
$query = "SELECT ".$this->settings['col_email']." FROM ".$this->settings['sql_table']." WHERE ".$this->settings['col_username']." = :uid";
break;
case 'setMail':
$query = "UPDATE ".$this->settings['sql_table']." SET ".$this->settings['col_email']." = :currMail WHERE ".$this->settings['col_username']." = :uid";
break;
case 'getPass':
$query = "SELECT ".$this->settings['col_password']." FROM ".$this->settings['sql_table']." WHERE ".$this->settings['col_username']." = :uid";
if($this -> settings['col_active'] !== '')
$query .= " AND " .($this -> settings['set_active_invert'] === 'true' ? "NOT " : "" ) . $this -> settings['col_active'];
break;
case 'setPass':
$query = "UPDATE ".$this->settings['sql_table']." SET ".$this->settings['col_password']." = :enc_password WHERE ".$this->settings['col_username'] ." = :uid";
break;
case 'getRedmineSalt':
$query = "SELECT salt FROM ".$this->settings['sql_table']." WHERE ".$this->settings['col_username'] ." = :uid;";
break;
case 'countUsers':
$query = "SELECT COUNT(*) FROM ".$this->settings['sql_table'];
if($this -> settings['col_active'] !== '')
$query .= " WHERE " .($this -> settings['set_active_invert'] === 'true' ? "NOT " : "" ) . $this -> settings['col_active'];
break;
case 'getUsers':
$query = "SELECT ".$this->settings['col_username']." FROM ".$this->settings['sql_table'];
$query .= " WHERE ".$this->settings['col_username']." LIKE :search";
if($this -> settings['col_active'] !== '')
$query .= " AND " .($this -> settings['set_active_invert'] === 'true' ? "NOT " : "" ) . $this -> settings['col_active'];
$query .= " ORDER BY ".$this->settings['col_username'];
break;
case 'userExists':
$query = "SELECT ".$this->settings['col_username']." FROM ".$this->settings['sql_table']." WHERE ".$this->settings['col_username']." = :uid";
if($this -> settings['col_active'] !== '')
$query .= " AND " .($this -> settings['set_active_invert'] === 'true' ? "NOT " : "" ) . $this -> settings['col_active'];
break;
case 'getDisplayName':
$query = "SELECT ".$this->settings['col_displayname']." FROM ".$this->settings['sql_table']." WHERE ".$this->settings['col_username']." = :uid";
if($this -> settings['col_active'] !== '')
$query .= " AND " .($this -> settings['set_active_invert'] === 'true' ? "NOT " : "" ) . $this -> settings['col_active'];
break;
case 'mysqlEncryptSalt':
$query = "SELECT ENCRYPT(:pw, :salt);";
break;
case 'mysqlEncrypt':
$query = "SELECT ENCRYPT(:pw);";
break;
case 'mysqlPassword':
$query = "SELECT PASSWORD(:pw);";
break;
}
if(isset($limits['limit']) && $limits['limit'] !== null)
{
$limit = intval($limits['limit']);
$query .= " LIMIT ".$limit;
}
if(isset($limits['offset']) && $limits['offset'] !== null)
{
$offset = intval($limits['offset']);
$query .= " OFFSET ".$offset;
}
\OCP\Util::writeLog('OC_USER_SQL', "Preparing query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
foreach($params as $param => $value)
{
$result -> bindParam(":".$param, $value);
}
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
{
$err = $result -> errorInfo();
\OCP\Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], \OCP\Util::DEBUG);
return false;
}
if($execOnly === true)
{
return true;
}
\OCP\Util::writeLog('OC_USER_SQL', "Fetching result...", \OCP\Util::DEBUG);
if($fetchArray === true)
$row = $result -> fetchAll();
else
$row = $result -> fetch();
if(!$row)
{
return false;
}
return $row;
}
public function connectToDb($settings)
{
$this -> settings = $settings;
$dsn = $this -> settings['sql_driver'] . ":host=" . $this -> settings['sql_hostname'] . ";dbname=" . $this -> settings['sql_database'];
try
{
$this -> db = new \PDO($dsn, $this -> settings['sql_username'], $this -> settings['sql_password']);
$this -> db -> query("SET NAMES 'UTF8'");
$this -> db_conn = true;
return true;
}
catch (\PDOException $e)
{
\OCP\Util::writeLog('OC_USER_SQL', 'Failed to connect to the database: ' . $e -> getMessage(), \OCP\Util::ERROR);
$this -> db_conn = false;
return false;
}
}
}

50
settings.php
View File

@ -20,47 +20,33 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
$params = array('sql_host', 'sql_user', 'sql_database', 'sql_password', 'sql_table',
'sql_column_username', 'sql_column_password', 'sql_type', 'sql_column_active',
'strip_domain', 'default_domain', 'crypt_type', 'sql_column_displayname',
'domain_map', 'domain_settings', 'sql_column_active_invert', 'sql_column_email',
'mail_sync_mode');
namespace OCA\user_sql;
OCP\Util::addStyle('user_sql', 'settings');
OCP\Util::addScript('user_sql', 'settings');
OCP\User::checkAdminUser();
use OCA\user_sql\lib\Helper;
$helper = new \OCA\user_sql\lib\Helper();
$params = $helper -> getParameterArray();
$settings = $helper -> loadSettingsForDomain('default');
\OCP\Util::addStyle('user_sql', 'settings');
\OCP\Util::addScript('user_sql', 'settings');
\OCP\User::checkAdminUser();
// fill template
$tmpl = new OCP\Template('user_sql', 'settings');
$tmpl = new \OCP\Template('user_sql', 'settings');
foreach($params as $param)
{
$value = htmlentities(OCP\Config::getAppValue('user_sql', $param, ''));
$value = htmlentities($settings[$param]);
$tmpl -> assign($param, $value);
}
// settings with default values
$tmpl -> assign('sql_host', OCP\Config::getAppValue('user_sql', 'sql_host', OC_USER_BACKEND_SQL_DEFAULT_HOST));
$tmpl -> assign('sql_user', OCP\Config::getAppValue('user_sql', 'sql_user', OC_USER_BACKEND_SQL_DEFAULT_USER));
$tmpl -> assign('sql_database', OCP\Config::getAppValue('user_sql', 'sql_database', OC_USER_BACKEND_SQL_DEFAULT_DB));
$tmpl -> assign('sql_password', OCP\Config::getAppValue('user_sql', 'sql_password', OC_USER_BACKEND_SQL_DEFAULT_PASSWORD));
$tmpl -> assign('sql_table', OCP\Config::getAppValue('user_sql', 'sql_table', OC_USER_BACKEND_SQL_DEFAULT_TABLE));
$tmpl -> assign('sql_column_password', OCP\Config::getAppValue('user_sql', 'sql_column_password', OC_USER_BACKEND_SQL_DEFAULT_PW_COLUMN));
$tmpl -> assign('sql_column_username', OCP\Config::getAppValue('user_sql', 'sql_column_username', OC_USER_BACKEND_SQL_DEFAULT_USER_COLUMN));
$tmpl -> assign('sql_type', OCP\Config::getAppValue('user_sql', 'sql_type', OC_USER_BACKEND_SQL_DEFAULT_DRIVER));
$tmpl -> assign('sql_column_active', OCP\Config::getAppValue('user_sql', 'sql_column_active', ''));
$tmpl -> assign('sql_column_email', OCP\Config::getAppValue('user_sql', 'sql_column_email', ''));
$tmpl -> assign('mail_sync_mode', OCP\Config::getAppValue('user_sql', 'mail_sync_mode', 'none'));
$tmpl -> assign('strip_domain', OCP\Config::getAppValue('user_sql', 'strip_domain', 0));
$tmpl -> assign('default_domain', OCP\Config::getAppValue('user_sql', 'default_domain', ''));
$tmpl -> assign('crypt_type', OCP\Config::getAppValue('user_sql', 'crypt_type', 'mysql_encrypt'));
$tmpl -> assign('sql_column_displayname', OCP\Config::getAppValue('user_sql', 'sql_column_displayname', ''));
$tmpl -> assign('map_array', OCP\Config::getAppValue('user_sql', 'map_array', ''));
$tmpl -> assign('domain_array', OCP\Config::getAppValue('user_sql', 'domain_array', ''));
$tmpl -> assign('domain_settings', OCP\Config::getAppValue('user_sql', 'domain_settings', ''));
$tmpl -> assign('allow_password_change', OCP\Config::getAppValue('user_sql', 'allow_password_change', 0));
$tmpl -> assign('sql_column_active_invert', OCP\Config::getAppValue('user_sql', 'sql_column_active_invert', 0));
$trusted_domains = \OC::$server->getConfig()->getSystemValue('trusted_domains');
$inserted = array('default');
array_splice($trusted_domains, 0, 0, $inserted);
$tmpl -> assign('allowed_domains', array_unique($trusted_domains));
// workaround to detect OC version
$ocVersion = @reset(OCP\Util::getVersion());
$ocVersion = @reset(\OCP\Util::getVersion());
$tmpl -> assign('ocVersion', $ocVersion);
return $tmpl -> fetchPage();

175
templates/settings.php
View File

@ -2,134 +2,107 @@
$cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
?>
<div class="<?php p($cfgClass); ?>">
<h2><?php p($l->t('SQL')); ?></h2>
<form id="sqlForm" action="#" method="post" class="<?php echo $cfgClass; ?>">
<form id="sqlForm" action="#" method="post" class="<?php p($cfgClass); ?>">
<div id="sql" class="<?php echo $cfgClass; ?>">
<legend><strong><?php echo $l -> t('SQL'); ?></strong></legend>
<ul>
<li><a id="sqlBasicSettings" href="#sql-1"><?php echo $l -> t('Database Settings'); ?></a></li>
<li><a id="sqlAdvSettings" href="#sql-2"><?php echo $l -> t('Column/Password Settings'); ?></a></li>
<li><a id="sqlDomainSettings" href="#sql-3"><?php echo $l -> t('Domain Settings'); ?></a></li>
</ul>
<div id="sql" class="<?php p($cfgClass); ?>">
<label for="sql_domain_chooser"><?php p($l -> t('Settings for Domain')) ?></label>
<select id="sql_domain_chooser" name="sql_domain_chooser">
<?php foreach ($_['allowed_domains'] as $domain): ?>
<option value="<?php p($domain); ?>"><?php p($domain); ?></option>
<?php endforeach ?>
</select>
<ul>
<li><a id="sqlBasicSettings" href="#sql-1"><?php p($l -> t('Basic Settings')); ?></a></li>
<li><a id="sqlAdvSettings" href="#sql-2"><?php p($l -> t('Advanced Settings')); ?></a></li>
</ul>
<fieldset id="sql-1">
<table>
<tr><td><label for="sql_type"><?php echo $l -> t('SQL Driver'); ?></label></td>
<tr><td><label for="sql_driver"><?php p($l -> t('SQL Driver')); ?></label></td>
<?php $db_driver = array('mysql' => 'MySQL', 'pgsql' => 'PostgreSQL'); ?>
<td><select id="sql_type" name="sql_type">
<td><select id="sql_driver" name="sql_driver">
<?php
foreach ($db_driver as $driver => $name):
echo $_['sql_type'];
if($_['sql_type'] === $driver): ?>
<option selected="selected" value="<?php echo $driver; ?>"><?php echo $name; ?></option>
//echo $_['sql_driver'];
if($_['sql_driver'] === $driver): ?>
<option selected="selected" value="<?php p($driver); ?>"><?php p($name); ?></option>
<?php else: ?>
<option value="<?php echo $driver; ?>"><?php echo $name; ?></option>
<?php endif;
endforeach;
?>
</select></td>
</tr>
<tr><td><label for="sql_host"><?php echo $l -> t('Host'); ?></label></td><td><input type="text" id="sql_host" name="sql_host" value="<?php echo $_['sql_host']; ?>"></td></tr>
<tr><td><label for="sql_user"><?php echo $l -> t('Username'); ?></label></td><td><input type="text" id="sql_user" name="sql_user" value="<?php echo $_['sql_user']; ?>" /></td></tr>
<tr><td><label for="sql_database"><?php echo $l -> t('Database'); ?></label></td><td><input type="text" id="sql_database" name="sql_database" value="<?php echo $_['sql_database']; ?>" /></td></tr>
<tr><td><label for="sql_password"><?php echo $l -> t('Password'); ?></label></td><td><input type="password" id="sql_password" name="sql_password" value="<?php echo $_['sql_password']; ?>" /></td></tr>
<tr><td><label for="sql_table"><?php echo $l -> t('Table'); ?></label></td><td><input type="text" id="sql_table" name="sql_table" value="<?php echo $_['sql_table']; ?>" /></td></tr>
</table>
</fieldset>
<fieldset id="sql-2">
<table>
<tr><td><label for="sql_column_username"><?php echo $l -> t('Username Column'); ?></label></td><td><input type="text" id="sql_column_username" name="sql_column_username" value="<?php echo $_['sql_column_username']; ?>" /></td></tr>
<tr><td><label for="sql_column_password"><?php echo $l -> t('Password Column'); ?></label></td><td><input type="text" id="sql_column_password" name="sql_column_password" value="<?php echo $_['sql_column_password']; ?>" /></td></tr>
<tr><td><label for="sql_allow_password_change"><?php echo $l -> t('Allow password changing (read README!)'); ?></label></td><td><input type="checkbox" id="allow_password_change" name="allow_password_change" value="1"<?php
if($_['allow_password_change'])
echo ' checked';
?> title="Allow changing passwords. Imposes a security risk as password salts are not recreated"></td></tr>
<tr><td><label for="sql_column_displayname"><?php echo $l -> t('Real Name Column'); ?></label></td><td><input type="text" id="sql_column_displayname" name="sql_column_displayname" value="<?php echo $_['sql_column_displayname']; ?>" /></td></tr>
<tr><td><label for="crypt_type"><?php echo $l -> t('Encryption Type'); ?></label></td>
<?php $crypt_types = array('md5' => 'MD5', 'md5crypt' => 'MD5 Crypt', 'cleartext' => 'Cleartext', 'mysql_encrypt' => 'mySQL ENCRYPT()', 'system' => 'System (crypt)', 'mysql_password' => 'mySQL PASSWORD()', 'joomla' => 'Joomla MD5 Encryption', 'joomla2' => 'Joomla > 2.5.18 phpass', 'ssha256' => 'Salted SSHA256', 'redmine' => 'Redmine'); ?>
<td><select id="crypt_type" name="crypt_type">
<?php
foreach ($crypt_types as $driver => $name):
echo $_['crypt_type'];
if($_['crypt_type'] === $driver): ?>
<option selected="selected" value="<?php echo $driver; ?>"><?php echo $name; ?></option>
<?php else: ?>
<option value="<?php echo $driver; ?>"><?php echo $name; ?></option>
<option value="<?php p($driver); ?>"><?php p($name); ?></option>
<?php endif;
endforeach;
?>
</select></td>
</tr>
<tr><td><label for="sql_column_active"><?php echo $l -> t('User Active Column'); ?></label></td><td><input type="text" id="sql_column_active" name="sql_column_active" value="<?php echo $_['sql_column_active']; ?>" /></td></tr>
<tr><td><label for="sql_column_active_invert"><?php echo $l -> t('Invert Active Value'); ?></label></td><td><input type="checkbox" id="sql_column_active_invert" name="sql_column_active_invert" value="1"<?php
if($_['sql_column_active_invert'])
echo ' checked';
<tr><td><label for="sql_hostname"><?php p($l -> t('Host')); ?></label></td><td><input type="text" id="sql_hostname" name="sql_hostname" value="<?php p($_['sql_hostname']); ?>"></td></tr>
<tr><td><label for="sql_username"><?php p($l -> t('Username')); ?></label></td><td><input type="text" id="sql_username" name="sql_username" value="<?php p($_['sql_username']); ?>" /></td></tr>
<tr><td><label for="sql_database"><?php p($l -> t('Database')); ?></label></td><td><input type="text" id="sql_database" name="sql_database" value="<?php p($_['sql_database']); ?>" /></td></tr>
<tr><td><label for="sql_password"><?php p($l -> t('Password')); ?></label></td><td><input type="password" id="sql_password" name="sql_password" value="<?php p($_['sql_password']); ?>" /></td></tr>
<tr><td><label for="sql_table"><?php p($l -> t('Table')); ?></label></td><td><input type="text" id="sql_table" name="sql_table" value="<?php p($_['sql_table']); ?>" /></td></tr>
</table>
</fieldset>
<fieldset id="sql-2">
<table>
<tr><td><label for="col_username"><?php p($l -> t('Username Column')); ?></label></td><td><input type="text" id="col_username" name="col_username" value="<?php p($_['col_username']); ?>" /></td></tr>
<tr><td><label for="col_password"><?php p($l -> t('Password Column')); ?></label></td><td><input type="text" id="col_password" name="col_password" value="<?php p($_['col_password']); ?>" /></td></tr>
<tr><td><label for="set_allow_pwchange"><?php p($l -> t('Allow password changing (read README!)')); ?></label></td><td><input type="checkbox" id="set_allow_pwchange" name="set_allow_pwchange" value="1"<?php
if($_['set_allow_pwchange'])
p(' checked');
?> title="Allow changing passwords. Imposes a security risk as password salts are not recreated"></td></tr>
<tr><td><label for="col_displayname"><?php p($l -> t('Real Name Column')); ?></label></td><td><input type="text" id="col_displayname" name="col_displayname" value="<?php p($_['col_displayname']); ?>" /></td></tr>
<tr><td><label for="set_crypt_type"><?php p($l -> t('Encryption Type')); ?></label></td>
<?php $crypt_types = array('md5' => 'MD5', 'md5crypt' => 'MD5 Crypt', 'cleartext' => 'Cleartext', 'mysql_encrypt' => 'mySQL ENCRYPT()', 'system' => 'System (crypt)', 'mysql_password' => 'mySQL PASSWORD()', 'joomla' => 'Joomla MD5 Encryption', 'joomla2' => 'Joomla > 2.5.18 phpass', 'ssha256' => 'Salted SSHA256', 'redmine' => 'Redmine'); ?>
<td><select id="set_crypt_type" name="set_crypt_type">
<?php
foreach ($crypt_types as $driver => $name):
//echo $_['set_crypt_type'];
if($_['set_crypt_type'] === $driver): ?>
<option selected="selected" value="<?php p($driver); ?>"><?php p($name); ?></option>
<?php else: ?>
<option value="<?php p($driver); ?>"><?php p($name); ?></option>
<?php endif;
endforeach;
?>
</select></td>
</tr>
<tr><td><label for="col_active"><?php p($l -> t('User Active Column')); ?></label></td><td><input type="text" id="col_active" name="col_active" value="<?php p($_['col_active']); ?>" /></td></tr>
<tr><td><label for="set_active_invert"><?php p($l -> t('Invert Active Value')); ?></label></td><td><input type="checkbox" id="set_active_invert" name="set_active_invert" value="1"<?php
if($_['set_active_invert'])
p(' checked');
?> title="Invert the logic of the active column (for blocked users in the SQL DB)" /></td></tr>
<tr><td><label for="sql_column_email"><?php echo $l -> t('E-Mail Column'); ?></label></td><td><input type="text" id="sql_column_email" name="sql_column_email" value="<?php echo $_['sql_column_email']; ?>" /></td></tr>
<tr><td><label for="mail_sync_mode"><?php echo $l -> t('E-Mail address sync mode'); ?></label></td>
<tr><td><label for="col_email"><?php p($l -> t('E-Mail Column')); ?></label></td><td><input type="text" id="col_email" name="col_email" value="<?php p($_['col_email']); ?>" /></td></tr>
<tr><td><label for="set_mail_sync_mode"><?php p($l -> t('E-Mail address sync mode')); ?></label></td>
<?php $mail_modes = array('none' => 'No Synchronisation', 'initial' => 'Synchronise only once', 'forceoc' => 'ownCloud always wins', 'forcesql' => 'SQL always wins'); ?>
<td><select id="mail_sync_mode" name="mail_sync_mode">
<td><select id="set_mail_sync_mode" name="set_mail_sync_mode">
<?php
foreach ($mail_modes as $mode => $name):
echo $_['mail_sync_mode'];
if($_['mail_sync_mode'] === $mode): ?>
<option selected="selected" value="<?php echo $mode; ?>"><?php echo $name; ?></option>
//echo $_['set_mail_sync_mode'];
if($_['set_mail_sync_mode'] === $mode): ?>
<option selected="selected" value="<?php p($mode); ?>"><?php p($name); ?></option>
<?php else: ?>
<option value="<?php echo $mode; ?>"><?php echo $name; ?></option>
<option value="<?php p($mode); ?>"><?php p($name); ?></option>
<?php endif;
endforeach;
?>
</select>
</td></tr>
<tr><td><label for="set_default_domain"><?php p($l -> t('Append Default Domain')); ?></label></td><td><input type="text" id="set_default_domain", name="set_default_domain" value="<?php p($_['set_default_domain']); ?>" /></td></tr>
<tr><td><label for="set_strip_domain"><?php p($l -> t('Strip Domain Part from Username')); ?></label></td><td><input type="checkbox" id="set_strip_domain" name="set_strip_domain" value="1"<?php
if($_['set_strip_domain'])
p(' checked');
?> title="Strip Domain Part from Username when logging in and retrieving username lists"></td></tr>
</table>
</fieldset>
<fieldset id="sql-3">
<table>
<tr><td><label for="domain_settings"><?php echo $l -> t('Domain Settings'); ?></label></td><td><table>
<tr><td><input type="radio" name="domain_settings" id="domain_none" value="none" <?php
if($_['domain_settings'] === "" || $_['domain_settings'] === "none")
echo 'checked="checked"';
?>><?php echo $l->t('No Mapping') ?></td></tr>
<tr><td><input type="radio" name="domain_settings" id="domain_server" value="server" <?php
if($_['domain_settings'] === "server")
echo 'checked="checked"';
?>><?php echo $l->t('Append Server Hostname') ?></td><td></td></tr>
<tr><td><input type="radio" name="domain_settings" id="domain_default" value="default" <?php
if($_['domain_settings'] === "default")
echo 'checked="checked"';
?>><?php echo $l->t('Append Default') ?></td><td><input type="text" id="default_domain" name="default_domain" value="<?php echo $_['default_domain']; ?>" /></td></tr>
<tr><td><input type="radio" name="domain_settings" id="domain_mapping" value="mapping" <?php
if($_['domain_settings'] === "mapping")
echo 'checked="checked"';
?>><?php echo $l->t('Map Domains') ?></td><td>
<table id="domain_map_entries" cellspacing="2" cellpadding="2">
<tbody>
<tr><th><input type="text" placeholder="Server Domain" id="inputServerDomain"></th><th><input type="text" placeholder="Map to Domain" id="inputMapDomain"></th><th><input id="domainAddMap" type="submit" value="<?php echo $l -> t('Add Entry'); ?>" /></th></tr>
<?php $domains = explode(",", $_['domain_array']);
$maps = explode(",", $_['map_array']);
for($i = 0; $i < count($domains); $i++)
{
if(trim($domains[$i]) !== "" && trim($domains[$i]) !== "")
echo "<tr><td>" . htmlspecialchars($domains[$i]) . "</td><td>" . htmlspecialchars($maps[$i]) . "</td><td><a class=\"deleteLink\" href=\"#\" >delete</a></td></tr>";
}
?>
</tbody>
</table></td></tr>
</table></td></tr>
<tr><td><label for="strip_domain"><?php echo $l -> t('Strip Domain Part from Username'); ?></label></td><td><input type="checkbox" id="strip_domain" name="strip_domain" value="1"<?php
if($_['strip_domain'])
echo ' checked';
?> title="Strip Domain Part from Username when logging in and retrieving username lists"></td></tr>
</table>
</fieldset>
<input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>" id="requesttoken" />
<input type="hidden" name="appname" value="user_sql" />
<input id="sqlSubmit" type="submit" value="<?php echo $l -> t('Save'); ?>" />
<div id="sql_update_message" class="statusmessage"><?php echo $l -> t('Saving...'); ?></div>
<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']); ?>" id="requesttoken" />
<input type="hidden" name="appname" value="user_sql" />
<input id="sqlSubmit" type="submit" value="<?php p($l -> t('Save')); ?>" />
<div id="sql_update_message" class="statusmessage"><?php p($l -> t('Saving...')); ?></div>
<div id="sql_loading_message" class="statusmessage"><?php p($l -> t('Loading...')); ?></div>
<div id="sql_error_message" class="errormessage"></div>
<div id="sql_success_message" class="successmessage"></div>
</div>
</form>
</div>

405
user_sql.php
View File

@ -10,6 +10,7 @@
* credits go to Frédéric France for providing Joomla support
* credits go to Mark Jansenn for providing Joomla 2.5.18+ / 3.2.1+ support
* credits go to Dominik Grothaus for providing SSHA256 support and fixing a few bugs
* credits go to Sören Eberhardt-Biermann for providing multi-host support
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -26,129 +27,70 @@
*
*/
class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\UserInterface
namespace OCA\user_sql;
use \OCA\user_sql\lib\Helper;
class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\UserInterface
{
protected $cache;
// cached settings
protected $sql_host;
protected $sql_username;
protected $sql_database;
protected $sql_password;
protected $sql_table;
protected $sql_column_username;
protected $sql_column_password;
protected $sql_column_active;
protected $sql_column_active_invert;
protected $sql_column_displayname;
protected $sql_column_email;
protected $mail_sync_mode;
protected $sql_type;
protected $db_conn;
protected $db;
protected $default_domain;
protected $strip_domain;
protected $crypt_type;
protected $domain_settings;
protected $domain_array;
protected $map_array;
protected $allow_password_change;
protected $settings;
protected $helper;
protected $session_cache_name;
public function __construct()
{
$this -> db_conn = false;
$memcache = \OC::$server->getMemCacheFactory();
if ( $memcache -> isAvailable())
{
$this -> cache = $memcache -> create();
}
$this -> sql_host = OCP\Config::getAppValue('user_sql', 'sql_host', '');
$this -> sql_username = OCP\Config::getAppValue('user_sql', 'sql_user', '');
$this -> sql_database = OCP\Config::getAppValue('user_sql', 'sql_database', '');
$this -> sql_password = OCP\Config::getAppValue('user_sql', 'sql_password', '');
$this -> sql_table = OCP\Config::getAppValue('user_sql', 'sql_table', '');
$this -> sql_column_username = OCP\Config::getAppValue('user_sql', 'sql_column_username', '');
$this -> sql_column_password = OCP\Config::getAppValue('user_sql', 'sql_column_password', '');
$this -> sql_column_displayname = OCP\Config::getAppValue('user_sql', 'sql_column_displayname', $this->sql_column_username);
$this -> sql_column_email = OCP\Config::getAppValue('user_sql', 'sql_column_email', '');
$this -> sql_column_active = OCP\Config::getAppValue('user_sql', 'sql_column_active', '');
$this -> sql_column_active_invert = OCP\Config::getAppValue('user_sql', 'sql_column_active_invert', 0);
$this -> sql_type = OCP\Config::getAppValue('user_sql', 'sql_type', '');
$this -> default_domain = OCP\Config::getAppValue('user_sql', 'default_domain', '');
$this -> strip_domain = OCP\Config::getAppValue('user_sql', 'strip_domain', 0);
$this -> allow_password_change = OCP\Config::getAppValue('user_sql', 'allow_password_change', 0);
$this -> crypt_type = OCP\Config::getAppValue('user_sql', 'crypt_type', 'md5crypt');
$this -> domain_settings = OCP\Config::getAppValue('user_sql', 'domain_settings', 'none');
$this -> domain_array = explode(",", OCP\Config::getAppValue('user_sql', 'domain_array', ''));
$this -> map_array = explode(",", OCP\Config::getAppValue('user_sql', 'map_array', ''));
$this -> mail_sync_mode = OCP\Config::getAppValue('user_sql', 'mail_sync_mode', 'none');
$this -> helper = new \OCA\user_sql\lib\Helper();
$domain = \OC::$server->getRequest()->getServerHost();
$this -> settings = $this -> helper -> loadSettingsForDomain($domain);
$this -> helper -> connectToDb($this -> settings);
$this -> session_cache_name = 'USER_SQL_CACHE';
$dsn = $this -> sql_type . ":host=" . $this -> sql_host . ";dbname=" . $this -> sql_database;
try
{
$this -> db = new PDO($dsn, $this -> sql_username, $this -> sql_password);
$this -> db -> query("SET NAMES 'UTF8'");
$this -> db_conn = true;
} catch (PDOException $e)
{
\OCP\Util::writeLog('OC_USER_SQL', 'Failed to connect to the database: ' . $e -> getMessage(), \OCP\Util::ERROR);
}
return false;
}
private function doEmailSync($uid)
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering doEmailSync for UID: $uid", \OCP\Util::DEBUG);
if($this -> sql_column_email === '')
if($this -> settings['col_email'] === '')
return false;
if($this -> mail_sync_mode === 'none')
if($this -> settings['set_mail_sync_mode'] === 'none')
return false;
$ocUid = $uid;
$uid = $this -> doUserDomainMapping($uid);
$query = "SELECT $this->sql_column_email FROM $this->sql_table WHERE $this->sql_column_username = :uid";
\OCP\Util::writeLog('OC_USER_SQL', "Preparing query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
$result -> bindParam(":uid", $uid);
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
$row = $this -> helper -> runQuery('getMail', array('uid' => $uid));
if($row === false)
{
return false;
}
\OCP\Util::writeLog('OC_USER_SQL', "Fetching result...", \OCP\Util::DEBUG);
$row = $result -> fetch();
if(!$row)
{
return false;
}
$newMail = $row[$this -> sql_column_email];
$currMail = OCP\Config::getUserValue($ocUid, 'settings', 'email', '');
$newMail = $row[$this -> settings['col_email']];
$currMail = \OCP\Config::getUserValue($ocUid, 'settings', 'email', '');
switch($this -> mail_sync_mode)
switch($this -> settings['set_mail_sync_mode'])
{
case 'initial':
if($currMail === '')
OCP\Config::setUserValue($ocUid, 'settings', 'email', $newMail);
\OCP\Config::setUserValue($ocUid, 'settings', 'email', $newMail);
break;
case 'forcesql':
if($currMail !== $newMail)
OCP\Config::setUserValue($ocUid, 'settings', 'email', $newMail);
\OCP\Config::setUserValue($ocUid, 'settings', 'email', $newMail);
break;
case 'forceoc':
if(($currMail !== '') && ($currMail !== $newMail))
{
$query = "UPDATE $this->sql_table SET $this->sql_column_email = :currMail WHERE $this->sql_column_username = :uid";
\OCP\Util::writeLog('OC_USER_SQL', "Preapring query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
$result -> bindParam(":currMail", $currMail);
$result -> bindParam(":uid", $uid);
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
$row = $this -> helper -> runQuery('setMail', array('uid' => $uid, 'currMail' => $currMail), true);
if($row === false)
{
$err = $result -> errorInfo();
\OCP\Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], \OCP\Util::DEBUG);
\OCP\Util::writeLog('OC_USER_SQL', "Could not update E-Mail address in SQL database!", \OCP\Util::ERROR);
}
}
@ -161,39 +103,14 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
private function doUserDomainMapping($uid)
{
$uid = trim($uid);
switch($this->domain_settings)
if($this -> settings['set_default_domain'] !== '')
{
case "default" :
\OCP\Util::writeLog('OC_USER_SQL', "Default mapping", \OCP\Util::DEBUG);
if($this -> default_domain && (strpos($uid, '@') === false))
$uid .= "@" . $this -> default_domain;
break;
case "server" :
\OCP\Util::writeLog('OC_USER_SQL', "Server based mapping", \OCP\Util::DEBUG);
if(strpos($uid, '@') === false)
$uid .= "@" . $_SERVER['SERVER_NAME'];
break;
case "mapping" :
\OCP\Util::writeLog('OC_USER_SQL', 'Domain mapping selected', \OCP\Util::DEBUG);
if(strpos($uid, '@') === false)
{
for($i = 0; $i < count($this -> domain_array); $i++)
{
\OCP\Util::writeLog('OC_USER_SQL', 'Checking domain in mapping: ' . $this -> domain_array[$i], \OCP\Util::DEBUG);
if($_SERVER['SERVER_NAME'] === trim($this -> domain_array[$i]))
{
\OCP\Util::writeLog('OC_USER_SQL', 'Found domain in mapping: ' . $this -> domain_array[$i], \OCP\Util::DEBUG);
$uid .= "@" . trim($this -> map_array[$i]);
break;
}
}
}
break;
case "none" :
default :
\OCP\Util::writeLog('OC_USER_SQL', "No mapping", \OCP\Util::DEBUG);
break;
\OCP\Util::writeLog('OC_USER_SQL', "Append default domain: ".$this -> settings['set_default_domain'], \OCP\Util::DEBUG);
if(strpos($uid, '@') === false)
{
$uid .= "@" . $this -> settings['set_default_domain'];
}
}
$uid = strtolower($uid);
@ -233,45 +150,30 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
// Update the user's password - this might affect other services, that
// use the same database, as well
\OCP\Util::writeLog('OC_USER_SQL', "Entering setPassword for UID: $uid", \OCP\Util::DEBUG);
if(!$this -> db_conn || !$this->allow_password_change)
{
if($this -> settings['set_allow_pwchange'] !== 'true')
return false;
}
$uid = $this -> doUserDomainMapping($uid);
$query = "SELECT $this->sql_column_password FROM $this->sql_table WHERE $this->sql_column_username = :uid";
\OCP\Util::writeLog('OC_USER_SQL', "Preparing query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
$result -> bindParam(":uid", $uid);
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
$row = $this -> helper -> runQuery('getPass', array('uid' => $uid));
if($row === false)
{
return false;
}
\OCP\Util::writeLog('OC_USER_SQL', "Fetching result...", \OCP\Util::DEBUG);
$row = $result -> fetch();
if(!$row)
{
return false;
}
$old_password = $row[$this -> sql_column_password];
if($this -> crypt_type === 'joomla2')
$old_password = $row[$this -> settings['col_password']];
if($this -> settings['set_crypt_type'] === 'joomla2')
{
if(!class_exists('PasswordHash'))
require_once('PasswordHash.php');
$hasher = new PasswordHash(10, true);
$enc_password = $hasher->HashPassword($password);
$enc_password = $hasher -> HashPassword($password);
}
// Redmine stores the salt separatedly, this doesn't play nice with the way
// we check passwords
elseif($this -> crypt_type === 'redmine')
elseif($this -> settings['set_crypt_type'] === 'redmine')
{
$query = "SELECT salt FROM $this->sql_table WHERE $this->sql_column_username =:uid;";
$res = $this->db->prepare($query);
$res->bindparam(":uid", $uid);
if(!$res->execute())
return false;
$salt = $res->fetch();
$salt = $this -> helper -> runQuery('getRedmineSalt', array('uid' => $uid));
if(!$salt)
return false;
$enc_password = sha1($salt['salt'].sha1($password));
@ -279,16 +181,9 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
{
$enc_password = $this -> pacrypt($password, $old_password);
}
$query = "UPDATE $this->sql_table SET $this->sql_column_password = :enc_password WHERE $this->sql_column_username = :uid";
\OCP\Util::writeLog('OC_USER_SQL', "Preapring query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
$result -> bindParam(":enc_password", $enc_password);
$result -> bindParam(":uid", $uid);
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
$res = $this -> helper -> runQuery('setPass', array('uid' => $uid, 'enc_password' => $enc_password), true);
if($res === false)
{
$err = $result -> errorInfo();
\OCP\Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], \OCP\Util::DEBUG);
\OCP\Util::writeLog('OC_USER_SQL', "Could not update password!", \OCP\Util::ERROR);
return false;
}
@ -307,63 +202,42 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
public function checkPassword($uid, $password)
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering checkPassword() for UID: $uid", \OCP\Util::DEBUG);
if(!$this -> db_conn)
{
return false;
}
$uid = $this -> doUserDomainMapping($uid);
$query = "SELECT $this->sql_column_username, $this->sql_column_password FROM $this->sql_table WHERE $this->sql_column_username = :uid";
if($this -> sql_column_active !== '')
$query .= " AND " .($this->sql_column_active_invert ? "NOT " : "" ).$this->sql_column_active;
\OCP\Util::writeLog('OC_USER_SQL', "Preparing query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
$result -> bindParam(":uid", $uid);
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
{
$err = $result -> errorInfo();
\OCP\Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], \OCP\Util::DEBUG);
return false;
}
\OCP\Util::writeLog('OC_USER_SQL', "Fetching row...", \OCP\Util::DEBUG);
$row = $result -> fetch();
if(!$row)
$row = $this -> helper -> runQuery('getPass', array('uid' => $uid));
if($row === false)
{
\OCP\Util::writeLog('OC_USER_SQL', "Got no row, return false", \OCP\Util::DEBUG);
return false;
}
$db_pass = $row[$this -> settings['col_password']];
\OCP\Util::writeLog('OC_USER_SQL', "Encrypting and checking password", \OCP\Util::DEBUG);
// Joomla 2.5.18 switched to phPass, which doesn't play nice with the way
// we check passwords
if($this -> crypt_type === 'joomla2')
if($this -> settings['set_crypt_type'] === 'joomla2')
{
if(!class_exists('PasswordHash'))
require_once('PasswordHash.php');
$hasher = new PasswordHash(10, true);
$ret = $hasher -> CheckPassword($password, $row[$this -> sql_column_password]);
$ret = $hasher -> CheckPassword($password, $db_pass);
}
// Redmine stores the salt separatedly, this doesn't play nice with the way
// we check passwords
elseif($this -> crypt_type === 'redmine')
elseif($this -> settings['set_crypt_type'] === 'redmine')
{
$query = "SELECT salt FROM $this->sql_table WHERE $this->sql_column_username =:uid;";
$res = $this->db->prepare($query);
$res->bindparam(":uid", $uid);
if(!$res->execute())
return false;
$salt = $res->fetch();
$salt = $this -> helper -> runQuery('getRedmineSalt', array('uid' => $uid));
if(!$salt)
return false;
$ret = sha1($salt['salt'].sha1($password)) === $row[$this->sql_column_password];
$ret = sha1($salt['salt'].sha1($password)) === $db_pass;
} else
{
$ret = $this -> pacrypt($password, $row[$this -> sql_column_password]) === $row[$this -> sql_column_password];
$ret = $this -> pacrypt($password, $db_pass) === $db_pass;
}
if($ret)
{
\OCP\Util::writeLog('OC_USER_SQL', "Passwords matching, return true", \OCP\Util::DEBUG);
if($this -> strip_domain)
if($this -> settings['set_strip_domain'] === 'true')
{
$uid = explode("@", $uid);
$uid = $uid[0];
@ -378,27 +252,19 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
public function countUsers()
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering countUsers()",\OCP\Util::DEBUG);
if(!$this -> db_conn)
{
return FALSE;
}
$query = "SELECT COUNT(*) FROM $this->sql_table";
if($this -> sql_column_active !== '')
$query .= " WHERE " .($this->sql_column_active_invert ? "NOT " : "" ).$this->sql_column_active;
\OCP\Util::writeLog('OC_USER_SQL', "Preparing query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
\OCP\Util::writeLog('OC_USER_SQL', "Entering countUsers()", \OCP\Util::DEBUG);
$userCount = $this -> helper -> runQuery('countUsers', array());
if($userCount === false)
{
$err = $result -> errorInfo();
\OCP\Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], \OCP\Util::DEBUG);
return 0;
$userCount = 0;
}
\OCP\Util::writeLog('OC_USER_SQL', "Fetching results...", \OCP\Util::DEBUG);
$userCount = reset($result -> fetch());
\OCP\Util::writeLog('OC_USER_SQL', "Return usercount", \OCP\Util::DEBUG);
return $userCount;
else {
$userCount = reset($userCount);
}
\OCP\Util::writeLog('OC_USER_SQL', "Return usercount", \OCP\Util::DEBUG);
return $userCount;
}
/**
@ -412,27 +278,7 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering getUsers() with Search: $search, Limit: $limit, Offset: $offset", \OCP\Util::DEBUG);
$users = array();
if(!$this -> db_conn)
{
return false;
}
$query = "SELECT $this->sql_column_username FROM $this->sql_table";
$query .= " WHERE $this->sql_column_username LIKE :search";
if($this -> sql_column_active !== '')
$query .= " AND " .($this->sql_column_active_invert ? "NOT " : "" ).$this->sql_column_active;
$query .= " ORDER BY $this->sql_column_username";
if($limit !== null)
{
$limit = intval($limit);
$query .= " LIMIT $limit";
}
if($offset !== null)
{
$offset = intval($offset);
$query .= " OFFSET $offset";
}
\OCP\Util::writeLog('OC_USER_SQL', "Preparing query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
if($search !== '')
{
$search = "%".$this -> doUserDomainMapping($search."%")."%";
@ -441,20 +287,15 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
{
$search = "%".$this -> doUserDomainMapping("")."%";
}
$result -> bindParam(":search", $search);
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
{
$err = $result -> errorInfo();
\OCP\Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], \OCP\Util::DEBUG);
$rows = $this -> helper -> runQuery('getUsers', array('search' => $search), false, true, array('limit' => $limit, 'offset' => $offset));
if($rows === false)
return array();
}
\OCP\Util::writeLog('OC_USER_SQL', "Fetching results...", \OCP\Util::DEBUG);
while($row = $result -> fetch())
foreach($rows as $row)
{
$uid = $row[$this -> sql_column_username];
if($this -> strip_domain)
$uid = $row[$this -> settings['col_username']];
if($this -> settings['set_strip_domain'] === 'true')
{
$uid = explode("@", $uid);
$uid = $uid[0];
@ -481,27 +322,10 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
return (bool)$cacheVal;
\OCP\Util::writeLog('OC_USER_SQL', "Entering userExists() for UID: $uid", \OCP\Util::DEBUG);
if(!$this -> db_conn)
{
return false;
}
$uid = $this -> doUserDomainMapping($uid);
$query = "SELECT $this->sql_column_username FROM $this->sql_table WHERE $this->sql_column_username = :uid";
if($this -> sql_column_active !== '')
$query .= " AND " .($this->sql_column_active_invert ? "NOT " : "" ).$this->sql_column_active;
\OCP\Util::writeLog('OC_USER_SQL', "Preparing query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
$result -> bindParam(":uid", $uid);
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
{
$err = $result -> errorInfo();
\OCP\Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], \OCP\Util::DEBUG);
return false;
}
\OCP\Util::writeLog('OC_USER_SQL', "Fetching results...", \OCP\Util::DEBUG);
$exists = (bool)$result -> fetch();
$uid = $this -> doUserDomainMapping($uid);
$exists = (bool)$this -> helper -> runQuery('userExists', array('uid' => $uid));;
$this -> setCache ($cacheKey, $exists, 60);
if(!$exists)
@ -519,10 +343,7 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
public function getDisplayName($uid)
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering getDisplayName() for UID: $uid", \OCP\Util::DEBUG);
if(!$this -> db_conn)
{
return false;
}
$this -> doEmailSync($uid);
$uid = $this -> doUserDomainMapping($uid);
@ -531,21 +352,8 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
return false;
}
$query = "SELECT $this->sql_column_displayname FROM $this->sql_table WHERE $this->sql_column_username = :uid";
if($this -> sql_column_active !== '')
$query .= " AND " .($this->sql_column_active_invert ? "NOT " : "" ).$this->sql_column_active;
\OCP\Util::writeLog('OC_USER_SQL', "Preparing query: $query", \OCP\Util::DEBUG);
$result = $this -> db -> prepare($query);
$result -> bindParam(":uid", $uid);
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
if(!$result -> execute())
{
$err = $result -> errorInfo();
\OCP\Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], \OCP\Util::DEBUG);
return false;
}
\OCP\Util::writeLog('OC_USER_SQL', "Fetching results...", \OCP\Util::DEBUG);
$row = $result -> fetch();
$row = $this -> helper -> runQuery('getDisplayName', array('uid' => $uid));
if(!$row)
{
\OCP\Util::writeLog('OC_USER_SQL', "Empty row, user has no display name or does not exist, return false", \OCP\Util::DEBUG);
@ -553,7 +361,7 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
} else
{
\OCP\Util::writeLog('OC_USER_SQL', "User exists, return true", \OCP\Util::DEBUG);
$displayName = $row[$this -> sql_column_displayname];
$displayName = $row[$this -> settings['col_displayname']];
return $displayName; ;
}
return false;
@ -600,7 +408,7 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
$password = "";
$salt = "";
if($this -> crypt_type === 'md5crypt')
if($this -> settings['set_crypt_type'] === 'md5crypt')
{
$split_salt = preg_split('/\$/', $pw_db);
if(isset($split_salt[2]))
@ -608,14 +416,14 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
$salt = $split_salt[2];
}
$password = $this -> md5crypt($pw, $salt);
} elseif($this -> crypt_type === 'md5')
} elseif($this -> settings['set_crypt_type'] === 'md5')
{
$password = md5($pw);
} elseif($this -> crypt_type === 'system')
} elseif($this -> settings['set_crypt_type'] === 'system')
{
// We never generate salts, as user creation is not allowed here
$password = crypt($pw, $pw_db);
} elseif($this -> crypt_type === 'cleartext')
} elseif($this -> settings['set_crypt_type'] === 'cleartext')
{
$password = $pw;
}
@ -623,51 +431,28 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
// See
// https://sourceforge.net/tracker/?func=detail&atid=937966&aid=1793352&group_id=191583
// this is apparently useful for pam_mysql etc.
elseif($this -> crypt_type === 'mysql_encrypt')
elseif($this -> settings['set_crypt_type'] === 'mysql_encrypt')
{
if(!$this -> db_conn)
{
return false;
}
if($pw_db !== "")
{
$salt = substr($pw_db, 0, 2);
$query = "SELECT ENCRYPT(:pw, :salt);";
$row = $this -> helper -> runQuery('mysqlEncryptSalt', array('pw' => $pw, 'salt' => $salt));
} else
{
$query = "SELECT ENCRYPT(:pw);";
$row = $this -> helper -> runQuery('mysqlEncrypt', array('pw' => $pw));
}
$result = $this -> db -> prepare($query);
$result -> bindParam(":pw", $pw);
if($pw_db !== "")
$result -> bindParam(":salt", $salt);
if(!$result -> execute())
{
return false;
}
$row = $result -> fetch();
if(!$row)
if($row === false)
{
return false;
}
$password = $row[0];
} elseif($this -> crypt_type === 'mysql_password')
} elseif($this -> settings['set_crypt_type'] === 'mysql_password')
{
if(!$this -> db_conn)
{
return false;
}
$query = "SELECT PASSWORD(:pw);";
$this -> helper -> runQuery('mysqlPassword', array('pw' => $pw));
$result = $this -> db -> prepare($query);
$result -> bindParam(":pw", $pw);
if(!$result -> execute())
{
return false;
}
$row = $result -> fetch();
if(!$row)
if($row === false)
{
return false;
}
@ -675,7 +460,7 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
}
// The following is by Frédéric France
elseif($this -> crypt_type === 'joomla')
elseif($this -> settings['set_crypt_type'] === 'joomla')
{
$split_salt = preg_split('/:/', $pw_db);
if(isset($split_salt[1]))
@ -686,15 +471,15 @@ class OC_USER_SQL extends OC_User_Backend implements \OCP\IUserBackend, \OCP\Use
$password .= ':' . $salt;
}
elseif($this-> crypt_type === 'ssha256')
elseif($this-> settings['set_crypt_type'] === 'ssha256')
{
$salted_password = base64_decode(preg_replace('/{SSHA256}/i','',$pw_db));
$salt = substr($salted_password,-(strlen($salted_password)-32));
$password = $this->ssha256($pw,$salt);
} else
{
\OCP\Util::writeLog('OC_USER_SQL', "unknown/invalid crypt_type settings: $this->crypt_type", \OCP\Util::ERROR);
die('unknown/invalid Encryption type setting: ' . $this -> crypt_type);
\OCP\Util::writeLog('OC_USER_SQL', "unknown/invalid crypt_type settings: ".$this->settings['set_crypt_type'], \OCP\Util::ERROR);
die('unknown/invalid Encryption type setting: ' . $this -> settings['set_crypt_type']);
}
\OCP\Util::writeLog('OC_USER_SQL', "pacrypt() done, return", \OCP\Util::DEBUG);
return $password;