X-Git-Url: http://mop.ddnsfree.com/gitweb/?a=blobdiff_plain;f=web%2FObj%2Fdbase_pgsql.phh;h=a205b32cffa770c164ab9ead624d865f4dcff8aa;hb=refs%2Ftags%2F3.2.1;hp=5da9207bdf9135b0861f69483d00fe282be9552c;hpb=05ed776e8b692bcd0dd708ea639f0e93dadb55c5;p=brisk.git diff --git a/web/Obj/dbase_pgsql.phh b/web/Obj/dbase_pgsql.phh index 5da9207..a205b32 100644 --- a/web/Obj/dbase_pgsql.phh +++ b/web/Obj/dbase_pgsql.phh @@ -86,7 +86,8 @@ class BriskDB /* check the existence of the nick in the BriskDB */ log_main("login_exists: ".$login); - $user_sql = sprintf("SELECT * FROM %susers WHERE login = lower('%s');", $G_dbpfx, escsql($login)); + $user_sql = sprintf("SELECT * FROM %susers WHERE login = lower('%s') AND (type & CAST (X'%08x' as integer)) = 0;", + $G_dbpfx, escsql($login), USER_FLAG_TY_DISABLE); if (($user_pg = pg_query($this->dbconn->db(), $user_sql)) != FALSE) if (pg_numrows($user_pg) == 1) return TRUE; @@ -97,7 +98,7 @@ class BriskDB function &getrecord_bylogin($login) { GLOBAL $G_false, $G_dbpfx; - $user_sql = sprintf("SELECT * FROM %susers WHERE login = lower('%s');", $G_dbpfx, escsql($login)); + $user_sql = sprintf("SELECT * FROM %susers WHERE login = lower('%s') AND (type & CAST (X'%08x' as integer)) = 0;", $G_dbpfx, escsql($login), USER_FLAG_TY_DISABLE); if (($user_pg = pg_query($this->dbconn->db(), $user_sql)) == FALSE) return $ret; @@ -138,13 +139,12 @@ class BriskDB if (strcmp($login, $chals->item[$e]->login) == 0) { log_main("login_verify [".$pass."] with [".md5($chals->item[$e]->token.$user_obj->pass)."]"); - if (strcmp($pass , md5($chals->item[$e]->token.$user_obj->pass)) == 0) { + if (strcmp($pass, md5($chals->item[$e]->token.$user_obj->pass)) == 0) { log_main("login_verify SUCCESS for ".$login); $chals->rem($login); $ret = LoginDBItem::LoginDBItemFromRecord($user_obj); - return ($ret); - //O break; + break; } } } // end for ($e = 0 ... @@ -195,7 +195,7 @@ class BriskDB for ($i = 0 ; $i < $olddb->count() ; $i++) { $user_sql = sprintf("INSERT INTO %susers ( login, pass, email, type) VALUES ('%s', '%s', '%s', %d);", - $G_dbpfx, escsql($olddb->item[$i]->login), escsql($olddb->item[$i]->pass), + $G_dbpfx, escsql(strtolower($olddb->item[$i]->login)), escsql($olddb->item[$i]->pass), escsql($olddb->item[$i]->email), $olddb->item[$i]->type & USER_FLAG_TY_ALL); // if ( ! (($user_pg = pg_exec($dbconn,$order_add_sql)) != FALSE && pg_affected_rows($order_pg) == 1) ) { @@ -324,127 +324,6 @@ class LoginDBOld return ($this->item_n); } - - -} - - - if (0 == 1) { - - - - - - - function count() - { - // sprintf("select count(code) from %sbrisk"); - return ($this->item_n); - } - - function getlogin_byidx($idx) - { - if ($idx >= $this->item_n) - return FALSE; - return ($this->item[$idx]->login); - } - - function &getitem_bylogin($login, &$id) - { - GLOBAL $G_false; - - log_main("login_exists: ".$login); - - /* check the existence of the nick in the LoginDB */ - for ($i = 0 ; $i < $this->item_n ; $i++) { - if (strcasecmp($this->item[$i]->login, $login) == 0) { - log_main("login[".$i."]: ".$this->item[$i]->login); - $ret = &$this->item[$i]; - $id = $i; - return ($ret); - } - } - $id = -1; - return ($G_false); - } - - function getmail($login) - { - log_main("getmail"); - - /* check the existence of the nick in the LoginDB */ - for ($i = 0 ; $i < $this->item_n ; $i++) { - if (strcasecmp($this->item[$i]->login, $login) == 0) { - log_main("login[".$i."]: ".$this->item[$i]->login); - return ($this->item[$i]->email); - } - } - return (FALSE); - } - - function gettype($login) - { - log_main("getmail"); - - /* check the existence of the nick in the LoginDB */ - for ($i = 0 ; $i < $this->item_n ; $i++) { - if (strcasecmp($this->item[$i]->login, $login) == 0) { - log_main("login[".$i."]: ".$this->item[$i]->login); - return ($this->item[$i]->type); - } - } - return (FALSE); - } - - function &login_verify($login, $pass) - { - GLOBAL $G_false; - - $ret = &$G_false; - - log_main("login_verify: ".$login); - - /* check the existence of the nick in the LoginDB */ - for ($i = 0 ; $i < $this->item_n ; $i++) { - log_main("login_verify: LOOP"); - if (strcasecmp($this->item[$i]->login, $login) == 0) { - log_main("login[".$i."]: ".$this->item[$i]->login); - - /* if it exists check for a valid challenge */ - if (($a_sem = Challenges::lock_data()) != FALSE) { - - if (($chals = &Challenges::load_data()) != FALSE) { - for ($e = 0 ; $e < $chals->item_n ; $e++) { - - log_main("challenge[".$i."]: ".$chals->item[$e]->login); - if (strcmp($login, $chals->item[$e]->login) == 0) { - log_main("login_verify [".$pass."] with [".md5($chals->item[$e]->token.$this->item[$i]->pass)."]"); - - if (strcmp($pass , md5($chals->item[$e]->token.$this->item[$i]->pass)) == 0) { - log_main("login_verify SUCCESS for ".$login); - - $chals->rem($login); - $ret = &$this->item[$i]; - break; - } - } - } // end for ($e = 0 ... - } - - if ($chals->ismod()) { - Challenges::save_data(&$chals); - } - - Challenges::unlock_data($a_sem); - } - break; - } // if (strcasecmp($this->item[$i]->login, ... - } - - return ($ret); - } - - } // if (0 == 1) { - +} // End class LoginDBOld ?> \ No newline at end of file