[geeklog-cvs] Auth_Enterprise/Enterprise/Server DB.php,1.7,1.8
jellybob at iowaoutdoors.org
jellybob at iowaoutdoors.org
Tue Jul 13 19:07:01 EDT 2004
Update of /var/cvs/Auth_Enterprise/Enterprise/Server
In directory www:/tmp/cvs-serv25196/Server
Modified Files:
DB.php
Log Message:
More refactoring of common code from DB.php to Server.php
Index: DB.php
===================================================================
RCS file: /var/cvs/Auth_Enterprise/Enterprise/Server/DB.php,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** DB.php 12 Jul 2004 03:06:07 -0000 1.7
--- DB.php 13 Jul 2004 23:06:58 -0000 1.8
***************
*** 215,413 ****
}
}
-
- /**
- * Changes a user's password
- *
- * NOTE: verification of the old password and confirmation of the new password should be taken
- * care of by the calling application. This method will use a transaction if DBMS supports it.
- *
- * @author Tony Bibbs <tony at geeklog.net>
- * @access public
- * @param string $userName User for whom to change the password for
- * @param string $newPassword The user's new password.
- * @todo need to add ability to limit a certain number of password changes within 24 hours.
- *
- */
- public function changePassword($userName, $newPassword)
- {
- // Make sure new password is a valid format
- if (!Auth_Enterprise_PasswordGenerator::isValidPassword($newPassword)) {
- throw new AEPasswordInvalid();
- }
-
- // Verify the password isn't in our password history
- if ($this->passwordInHistory($userName, $newPassword)) {
- throw new AEPasswordInHistory();
- }
-
- // Begin a SQL transaction if we can
- if ($this->db->provides('transactions')) {
- $this->db->autoCommit(false);
- }
-
- // Change the password
- try {
- $this->doPasswordChange($userName, $newPassword, $userName);
- } catch (AESQLException $e) {
- // rollback transaction
- if ($this->db->provides('transactions')) {
- $this->db->rollback();
- $this->db->autoCommit(true);
- }
- throw $e;
- }
-
- // Add password to history
- try {
- $this->addPasswordToHistory($userName, $newPassword);
- } catch (AESQLException $e) {
- // Rollback transaction
- if ($this->db->provides('transactions')) {
- $this->db->rollback();
- $this->db->autoCommit(true);
- }
-
- // Throw exception
- throw $e;
- }
- // Commit it all
- if ($this->db->provides('transactions')) {
- $this->db->commit();
- $this->db->autoCommit(true);
- }
- }
-
- /**
- * Allows an application administrator to change a user's password
- *
- * @author Tony Bibbs <tony at geeklog.net>
- * @access public
- * @param string $adminUserName Administrator's username
- * @param string $adminPassword Administrator's password
- * @param string $userName User to change password for
- * @param string $newPassword Password to give to a user
- *
- */
- public function changePasswordByAdmin($adminUserName, $adminPassword, $userName, $newPassword)
- {
- // Make sure admin is authenticated
- if (($userObj = $this->isAuthenticated()) === false) {
- try {
- $userObj = $this->authenticate($adminUserName, $adminPassword);
- } catch (AESQLException $e) {
- throw $e;
- } catch (AEAccountLocked $e) {
- throw new AEAccountLocked('Administrator\'s account is locked');
- } catch (AEPasswordExpired $e) {
- throw new AEPasswordExpired('Administrator\'s password has expired');
- }
- }
-
- // Need to verify the they have right Auth_Enterprise privilege
- if (!$userObj->authorize('AE_ACCOUNT_MGR')) {
- throw new AEUserNotAuthorized("User $adminUserName does not have sufficient privileges
- to change the password for $userName");
- }
-
- // Make sure password adhere's to our password rules
- if (!Auth_Enterprise_PasswordGenerator::isValidPassword($newPassword)) {
- throw new AEPasswordInvalid();
- }
-
- // Verify the password isn't in our password history
- if ($this->passwordInHistory($userName, $newPassword)) {
- throw new AEPasswordInHistory();
- }
-
- // Begin a SQL transaction if we can
- if ($this->db->provides('transactions')) {
- $this->db->autoCommit(false);
- }
-
- // Change the password
- try {
- $this->doPasswordChange($userName, $newPassword, $adminUserName);
- } catch (AESQLException $e) {
- // rollback transaction
- if ($this->db->provides('transactions')) {
- $this->db->rollback();
- $this->db->autoCommit(true);
- }
- throw $e;
- }
-
- // Add password to history
- try {
- $this->addPasswordToHistory($userName, $newPassword);
- } catch (AESQLException $e) {
- // Rollback transaction
- if ($this->db->provides('transactions')) {
- $this->db->rollback();
- $this->db->autoCommit(true);
- }
-
- // Throw exception
- throw $e;
- }
-
- // Commit it all
- if ($this->db->provides('transactions')) {
- $this->db->commit();
- $this->db->autoCommit(true);
- }
- }
-
- /**
- * Gives the user a randomly generator password
- *
- * @author Tony Bibbs <tony at geeklog.net>
- * @access public
- * @param string $userName User to reset password for
- * @return string New password
- *
- */
- public function resetPassword($userName)
- {
- $newPassword = Auth_Enterprise_PasswordGenerator::generatePassword($this->_options['passwords']);
-
- // Begin a SQL transaction if we can
- if ($this->db->provides('transactions')) {
- $this->db->autoCommit(false);
- }
-
- try {
- $this->doPasswordChange($userName, $newPassword, $userName);
- } catch (AESQLException $e) {
- // rollback transaction
- if ($this->db->provides('transactions')) {
- $this->db->rollback();
- $this->db->autoCommit(true);
- }
- throw $e;
- }
-
- try {
- $this->addPasswordToHistory($userName, $newPassword);
- } catch (AESQLException $e) {
- // Rollback transaction
- if ($this->db->provides('transactions')) {
- $this->db->rollback();
- $this->db->autoCommit(true);
- }
-
- // Throw exception
- throw $e;
- }
-
- // Commit it all
- if ($this->db->provides('transactions')) {
- $this->db->commit();
- $this->db->autoCommit(true);
- }
-
- return $newPassword;
- }
-
/**
* Atomic function that only does password change
--- 215,219 ----
***************
*** 437,474 ****
}
}
-
- /**
- * Gets the application privileges for a given user
- *
- * @author Tony Bibbs <tony at geeklog.net>
- * @access public
- * @param string $adminUserName Administrator's Username
- * @param string $adminPassword Administrator's Password
- * @param string $userName User to get privileges for
- * @return array AEPrivilege array
- *
- */
- public function getUserPrivilegesByAdmin($adminUserName, $adminPassword, $userName)
- {
- // Make sure admin is authenticated
- if (($userObj = $this->isAuthenticated()) === false) {
- try {
- $userObj = $this->authenticate($adminUserName, $adminPassword);
- } catch (AESQLException $e) {
- throw $e;
- } catch (AEAccountLocked $e) {
- throw new AEAccountLocked('Administrator\'s account is locked');
- } catch (AEPasswordExpired $e) {
- throw new AEPasswordExpired('Administrator\'s password has expired');
- }
- }
- try {
- return $this->getPrivileges($userName);
- } catch (AESQLException $e) {
- throw $e;
- }
- }
-
/**
* Sets the application privileges for a given user
--- 243,247 ----
***************
*** 896,901 ****
protected function addPasswordToHistory($userName, $password)
{
- global $gConf;
-
// I use this to test transactions
//throw new AESQLException('test');
--- 669,672 ----
***************
*** 951,954 ****
--- 722,751 ----
}
}
+
+ /**
+ * Removes a password from a user's history
+ *
+ * @author Tony Bibbs <tony at geeklog.net
+ * @author Jon Wood <jon at jellybob.co.uk>
+ * @access protected
+ * @param string $userName User to remove password from history for
+ * @param string $password Password to remove from history.
+ */
+ protected function removePasswordFromHistory($userName, $password)
+ {
+ $userName = strtoupper($userName);
+
+ //$encryptedPassword = MD5($password);
+ $prepStmt = $this->db->prepare('DELETE FROM ae_user_old_password
+ (uop_user_name, uop_password)
+ VALUES (?,?)');
+ $result = $this->db->execute($prepStmt, array($userName, $password));
+
+ // Check for SQL error
+ if (DB::isError($result)) {
+ throw new AESQLException($result->toString());
+ return;
+ }
+ }
/**
More information about the geeklog-cvs
mailing list