summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--extensions/LLAuthPlugin.php85
1 files changed, 32 insertions, 53 deletions
diff --git a/extensions/LLAuthPlugin.php b/extensions/LLAuthPlugin.php
index a56df8d8..b755f373 100644
--- a/extensions/LLAuthPlugin.php
+++ b/extensions/LLAuthPlugin.php
@@ -13,60 +13,46 @@ require_once('includes/AuthPlugin.php');
class LLAuthPlugin extends AuthPlugin {
- private $dbLink = null;
- private $data = null;
public static function isValidPassword($password) {
$length = strlen($password);
return ($length >= 6 && $length <= 25);
}
- function __destruct()
- {
- if (!is_null($this->dbLink))
- {
- mysqli_close($this->dbLink);
- }
- }
-
- private function connect()
- {
- global $wgDBuser, $wgDBpassword;
-
- if (is_null($this->dbLink))
- {
- $this->dbLink = mysqli_connect('localhost', $wgDBuser, $wgDBpassword, 'current');
- }
- }
-
private function getUserData($username) {
- if (is_null($this->data))
- {
- $this->connect();
- $result = mysqli_query($this->dbLink, 'SELECT id, name, email, realname FROM users WHERE name = \''.mysqli_escape_string($this->dbLink, $username).'\'');
- $data = mysqli_fetch_assoc($result);
- mysqli_free_result($result);
+ $dbr = wfGetDB( DB_SLAVE );
- $this->data = $data;
- }
+ $result = $dbr->safeQuery('SELECT id, name, email, realname FROM current.users WHERE name = ?', $username);
+ $data = $result->fetchRow();
+ $result->free();
- return $this->data;
+ return $data;
}
public function userExists( $username ) {
- $this->connect();
- $result = mysqli_query($this->dbLink, 'SELECT id FROM users WHERE name = \''.mysqli_escape_string($this->dbLink, $username).'\'');
- $exists = mysqli_num_rows($result) > 0;
- mysqli_free_result($result);
+ $dbr = wfGetDB( DB_SLAVE );
+
+ try {
+ $result = $dbr->safeQuery('SELECT id FROM current.users WHERE name = ?', $username);
+ $exists = ($result->numRows() > 0 ? true : false);
+ $result->free();
+ } catch (Exception $e) {
+ $exists = false;
+ }
return $exists;
}
public function authenticate( $username, $password ) {
- $this->connect();
- $result = mysqli_query($this->dbLink, 'SELECT id FROM users WHERE name = \''.mysqli_escape_string($this->dbLink, $username).'\' AND password = \''.mysqli_escape_string($this->dbLink, sha1($password)).'\' ');
- $authenticated = mysqli_num_rows($result) > 0;
- mysqli_free_result($result);
+ $dbr = wfGetDB( DB_SLAVE );
+
+ try {
+ $result = $dbr->safeQuery('SELECT id FROM current.users WHERE name = ? AND password = ?', $username, sha1($password));
+ $authenticated = ($result->numRows() > 0 ? true : false);
+ $result->free();
+ } catch (Exception $e) {
+ $authenticated = false;
+ }
return $authenticated;
}
@@ -122,26 +108,19 @@ class LLAuthPlugin extends AuthPlugin {
}
public function initUser( &$user, $autocreate=false ) {
- $data = $this->getUserData($user->getName());
- $user->setEmail($data['email']);
- $user->confirmEmail();
- $user->setRealName($data['realname']);
+ try {
+ $data = $this->getUserData($user->getName());
+ $user->setEmail($data['email']);
+ $user->confirmEmail();
+ $user->setRealName($data['realname']);
+ } catch (Exception $e) {
+ return false;
+ }
return true;
}
public function getCanonicalName( $username ) {
- // fix bug #122
- $data = $this->getUserData($username);
- // needed for update.php
- if (is_null($data))
- {
- return $username;
- }
- else
- {
- // make sure that first char is uppercase
- return strtoupper(substr($data['name'], 0, 1)).substr($data['name'], 1);
- }
+ return strtoupper(substr($username, 0, 1)).substr($username, 1);
}
}