From 17d72c00ef0b234c4fad3b638488cda40c678ad6 Mon Sep 17 00:00:00 2001 From: hyung-hwan Date: Sat, 26 Nov 2011 13:32:03 +0000 Subject: [PATCH] added DbLoginModel --- codepot/etc/codepot.ini.in | 1 + codepot/etc/codepot.mysql | 7 ++ codepot/src/codepot/controllers/user.php | 8 +- codepot/src/codepot/models/Makefile.am | 2 +- codepot/src/codepot/models/Makefile.in | 2 +- codepot/src/codepot/models/dbloginmodel.php | 98 +++++++++++++++++++ codepot/src/codepot/models/ldaploginmodel.php | 4 +- codepot/src/codepot/models/loginmodel.php | 5 + .../src/codepot/models/mysqlloginmodel.php | 37 ------- codepot/src/codepot/models/projectmodel.php | 8 +- codepot/src/codepot/models/wikimodel.php | 26 ++--- codepot/src/codepot/views/user_settings.php | 8 +- 12 files changed, 140 insertions(+), 66 deletions(-) create mode 100644 codepot/src/codepot/models/dbloginmodel.php delete mode 100644 codepot/src/codepot/models/mysqlloginmodel.php diff --git a/codepot/etc/codepot.ini.in b/codepot/etc/codepot.ini.in index 72bb8d30..e29feddc 100644 --- a/codepot/etc/codepot.ini.in +++ b/codepot/etc/codepot.ini.in @@ -94,6 +94,7 @@ svn_base_url = "${REQUEST_PROTOCOL}://${SERVER_NAME}:${SERVER_PORT}/svn" ; Login model to use. ;------------------------------------------------------------------------------ login_model = "LdapLoginModel" +#login_model = "DbLoginModel" ;------------------------------------------------------------------------------ ; Comma separated list of system administrator IDs diff --git a/codepot/etc/codepot.mysql b/codepot/etc/codepot.mysql index 17999e21..c88d493c 100644 --- a/codepot/etc/codepot.mysql +++ b/codepot/etc/codepot.mysql @@ -152,3 +152,10 @@ CREATE TABLE user_settings ( code_hide_line_num CHAR(1) NOT NULL, code_hide_details CHAR(1) NOT NULL ) charset=utf8 engine=InnoDB; + +CREATE TABLE user ( + userid VARCHAR(32) PRIMARY KEY, + passwd VARCHAR(255) NOT NULL, + email VARCHAR(255), + enabled CHAR(1) NOT NULL DEFAULT 'N' CHECK(enabled in ('Y', 'N')) +) charset=utf8 engine=InnoDB; diff --git a/codepot/src/codepot/controllers/user.php b/codepot/src/codepot/controllers/user.php index 3a6acb76..e7981782 100644 --- a/codepot/src/codepot/controllers/user.php +++ b/codepot/src/codepot/controllers/user.php @@ -4,8 +4,8 @@ class User extends Controller { var $VIEW_ERROR = 'error'; var $VIEW_LOG = 'log'; - var $VIEW_HOME = 'user_home'; - var $VIEW_SETTINGS = 'user_settings'; + var $VIEW_HOME = 'user_home'; + var $VIEW_SETTINGS = 'user_settings'; function User () { @@ -159,8 +159,8 @@ class User extends Controller if($this->input->post('settings')) { - $settings->code_hide_line_num = $this->input->post('code_hide_line_num'); - $settings->code_hide_details = $this->input->post('code_hide_details'); + $settings->code_hide_line_num = $this->input->post('code_hide_line_num'); + $settings->code_hide_details = $this->input->post('code_hide_details'); if ($this->users->storeSettings ($login['id'], $settings) === FALSE) { diff --git a/codepot/src/codepot/models/Makefile.am b/codepot/src/codepot/models/Makefile.am index b2084142..7ef783f7 100644 --- a/codepot/src/codepot/models/Makefile.am +++ b/codepot/src/codepot/models/Makefile.am @@ -1,12 +1,12 @@ wwwdir=$(WWWDIR)/codepot/models www_DATA = \ + dbloginmodel.php \ filemodel.php \ index.html \ issuemodel.php \ ldaploginmodel.php \ loginmodel.php \ logmodel.php \ - mysqlloginmodel.php \ projectmodel.php \ sitemodel.php \ subversionmodel.php \ diff --git a/codepot/src/codepot/models/Makefile.in b/codepot/src/codepot/models/Makefile.in index 0ecd934c..ad138f44 100644 --- a/codepot/src/codepot/models/Makefile.in +++ b/codepot/src/codepot/models/Makefile.in @@ -166,13 +166,13 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ wwwdir = $(WWWDIR)/codepot/models www_DATA = \ + dbloginmodel.php \ filemodel.php \ index.html \ issuemodel.php \ ldaploginmodel.php \ loginmodel.php \ logmodel.php \ - mysqlloginmodel.php \ projectmodel.php \ sitemodel.php \ subversionmodel.php \ diff --git a/codepot/src/codepot/models/dbloginmodel.php b/codepot/src/codepot/models/dbloginmodel.php new file mode 100644 index 00000000..7e1276e4 --- /dev/null +++ b/codepot/src/codepot/models/dbloginmodel.php @@ -0,0 +1,98 @@ +load->database (); + } + + function rand_string ($length) + { + $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + + $str = ''; + $size = strlen ($chars); + for( $i = 0; $i < $length; $i++ ) + { + $str .= $chars[ rand( 0, $size - 1 ) ]; + } + + return $str; + } + + function format_password_with_salt ($password, $salt) + { + return '{ssha1}' . sha1($password . $salt) . bin2hex($salt); + } + + function format_password ($password, $salt_length) + { + $salt = $this->rand_string ($salt_length); + return $this->format_password_with_salt ($password, $salt); + } + + function authenticate ($userid, $passwd) + { + $this->db->trans_start (); + + $this->db->select ('userid,passwd,email'); + $this->db->where ('userid', $userid); + $query = $this->db->get ('user'); + + if ($this->db->trans_status() == FALSE) + { + $this->db->trans_complete (); + return FALSE; + } + + $result = $query->result (); + if (empty($result)) + { + $this->db->trans_complete (); + return FALSE; + } + + $this->db->trans_complete (); + if ($this->db->trans_status() == FALSE) return FALSE; + + $user = $result[0]; + if (strlen($user->passwd) < 10) return FALSE; + $hexsalt = substr ($user->passwd, -10); + $binsalt = pack("H*" , $hexsalt); + + if (strcmp ($this->format_password_with_salt($passwd,$binsalt),$user->passwd) != 0) return FALSE; + + return parent::authenticate ($userid, $user->passwd, $user->email); + } + + function changePassword ($userid, $passwd) + { + $this->db->trans_start (); + $this->db->trans_complete (); + + $this->db->where ('userid', $userid); + $this->db->set ('passwd', format_password($passwd,5)); + $this->db->update ('user'); + + if ($this->db->trans_status() === FALSE) + { + $this->db->trans_rollback (); + return FALSE; + } + + $this->db->trans_commit (); + return TRUE; + } + + function queryUserInfo ($userid) + { + $user['id'] = $userid; + $user['email'] = ''; + return $user; + } +} + +?> diff --git a/codepot/src/codepot/models/ldaploginmodel.php b/codepot/src/codepot/models/ldaploginmodel.php index 402e9ed7..7cc02857 100644 --- a/codepot/src/codepot/models/ldaploginmodel.php +++ b/codepot/src/codepot/models/ldaploginmodel.php @@ -81,7 +81,7 @@ class LdapLoginModel extends LoginModel if ($bind === FALSE) { $this->setErrorMessage (ldap_error ($ldap)); - ldap_close ($ldap); + @ldap_close ($ldap); return FALSE; } @@ -127,7 +127,7 @@ class LdapLoginModel extends LoginModel if ($bind === FALSE) { $this->setErrorMessage (ldap_error ($ldap)); - ldap_close ($ldap); + @ldap_close ($ldap); return FALSE; } diff --git a/codepot/src/codepot/models/loginmodel.php b/codepot/src/codepot/models/loginmodel.php index 6cdfc4ba..d52b2ece 100644 --- a/codepot/src/codepot/models/loginmodel.php +++ b/codepot/src/codepot/models/loginmodel.php @@ -87,6 +87,11 @@ class LoginModel extends Model $this->session->sess_destroy (); } + function changePassword ($userid, $passwd) + { + return FALSE; + } + function setUserSettings ($settings) { $this->session->set_userdata ('user_settings', serialize($settings)); diff --git a/codepot/src/codepot/models/mysqlloginmodel.php b/codepot/src/codepot/models/mysqlloginmodel.php deleted file mode 100644 index cec255bf..00000000 --- a/codepot/src/codepot/models/mysqlloginmodel.php +++ /dev/null @@ -1,37 +0,0 @@ -load->database ('auth-mysql'); - } - - function authenticate ($userid, $password) - { - $this->db->trans_start (); - - /* - TODO: - $this->db->select ('username'); - $this->db->where ('username', $userid); - $this->db->where ('passwd', $userid); - */ - $this->db->trans_complete (); - if ($this->db->trans_status() === FALSE) return FALSE; - - return parent::authenticate ($userid, $password, $email); - } - - function queryUserInfo ($userid) - { - $user['id'] = ''; - $user['email'] = ''; - - return $user; - } -} - -?> diff --git a/codepot/src/codepot/models/projectmodel.php b/codepot/src/codepot/models/projectmodel.php index 555c0507..611a322d 100644 --- a/codepot/src/codepot/models/projectmodel.php +++ b/codepot/src/codepot/models/projectmodel.php @@ -129,8 +129,8 @@ class ProjectModel extends Model $this->db->set ('type', 'project'); $this->db->set ('action', 'create'); $this->db->set ('projectid', $project->id); - $this->db->set ('userid', $userid); - $this->db->set ('message', $project->name); + $this->db->set ('userid', $userid); + $this->db->set ('message', $project->name); $this->db->insert ('log'); if ($priority <= 0 || $this->db->trans_status() === FALSE) @@ -236,8 +236,8 @@ class ProjectModel extends Model $this->db->set ('type', 'project'); $this->db->set ('action', 'update'); $this->db->set ('projectid', $project->id); - $this->db->set ('userid', $userid); - $this->db->set ('message', $project->name); + $this->db->set ('userid', $userid); + $this->db->set ('message', $project->name); $this->db->insert ('log'); if ($priority <= 0 || $this->db->trans_status() === FALSE) diff --git a/codepot/src/codepot/models/wikimodel.php b/codepot/src/codepot/models/wikimodel.php index 3a726d01..d5dbe52b 100644 --- a/codepot/src/codepot/models/wikimodel.php +++ b/codepot/src/codepot/models/wikimodel.php @@ -28,11 +28,11 @@ class WikiModel extends Model return NULL; } - $this->db->select ('name,encname,createdon,createdby'); - $this->db->where ('projectid', $project->id); - $this->db->where ('wikiname', $name); - $this->db->order_by ('name', 'ASC'); - $query2 = $this->db->get ('wiki_attachment'); + $this->db->select ('name,encname,createdon,createdby'); + $this->db->where ('projectid', $project->id); + $this->db->where ('wikiname', $name); + $this->db->order_by ('name', 'ASC'); + $query2 = $this->db->get ('wiki_attachment'); if ($this->db->trans_status() === FALSE) { @@ -82,7 +82,7 @@ class WikiModel extends Model { $this->db->trans_start (); - $this->db->select ('name,encname,createdon,createdby'); + $this->db->select ('name,encname,createdon,createdby'); $this->db->where ('projectid', $project->id); $this->db->where ('wikiname', $wikiname); @@ -143,13 +143,13 @@ class WikiModel extends Model $this->db->insert ('wiki_attachment'); } - $this->db->set ('createdon', $now); + $this->db->set ('createdon', $now); $this->db->set ('type', 'wiki'); $this->db->set ('action', 'create'); $this->db->set ('projectid', $wiki->projectid); $this->db->set ('userid', $userid); $this->db->set ('message', $wiki->name); - $this->db->insert ('log'); + $this->db->insert ('log'); if ($this->db->trans_status() === FALSE) { @@ -207,13 +207,13 @@ class WikiModel extends Model $this->db->insert ('wiki_attachment'); } - $this->db->set ('createdon', $now); + $this->db->set ('createdon', $now); $this->db->set ('type', 'wiki'); $this->db->set ('action', 'update'); $this->db->set ('projectid', $wiki->projectid); $this->db->set ('userid', $userid); $this->db->set ('message', $wiki->name); - $this->db->insert ('log'); + $this->db->insert ('log'); if ($this->db->trans_status() === FALSE) { @@ -238,16 +238,16 @@ class WikiModel extends Model $this->db->where ('name', $wiki->name); $this->db->delete ('wiki'); - $this->db->set ('createdon', date('Y-m-d H:i:s')); + $this->db->set ('createdon', date('Y-m-d H:i:s')); $this->db->set ('type', 'wiki'); $this->db->set ('action', 'delete'); $this->db->set ('projectid', $wiki->projectid); $this->db->set ('userid', $userid); $this->db->set ('message', $wiki->name); - $this->db->insert ('log'); + $this->db->insert ('log'); $this->db->trans_complete (); - return $this->db->trans_status(); + return $this->db->trans_status(); } } diff --git a/codepot/src/codepot/views/user_settings.php b/codepot/src/codepot/views/user_settings.php index 8675ed69..6efc3655 100644 --- a/codepot/src/codepot/views/user_settings.php +++ b/codepot/src/codepot/views/user_settings.php @@ -35,8 +35,8 @@ $(function () { $user->id = $login['id']; $this->load->view ( - 'projectbar', - array ( + 'projectbar', + array ( 'banner' => NULL, 'page' => array ( @@ -45,8 +45,8 @@ $this->load->view ( 'user' => $user, ), - 'ctxmenuitems' => array () - ) + 'ctxmenuitems' => array () + ) ); ?>