X-Git-Url: https://mop.ddnsfree.com/gitweb/?a=blobdiff_plain;f=web%2FObj%2Fdbase_pgsql.phh;h=004edb91a89f343bd4151ed9654d3b1f06a5ec0d;hb=312a6acc00ec7f331ab461894c319776eec95cae;hp=5da9207bdf9135b0861f69483d00fe282be9552c;hpb=05ed776e8b692bcd0dd708ea639f0e93dadb55c5;p=brisk.git diff --git a/web/Obj/dbase_pgsql.phh b/web/Obj/dbase_pgsql.phh index 5da9207..004edb9 100644 --- a/web/Obj/dbase_pgsql.phh +++ b/web/Obj/dbase_pgsql.phh @@ -40,18 +40,23 @@ class DBConn var $db = FALSE; function DBConn() + { + $this->db = DBConn::$dbcnnx; + } + + static function create() { GLOBAL $G_dbauth; if (DBConn::$dbcnnx == FALSE) { if (!(DBConn::$dbcnnx = @pg_connect ($G_dbauth))) { - echo "DB connection failed."; - exit; + return (FALSE); } } - $this->db = DBConn::$dbcnnx; - return; + $out = new DBConn(); + + return $out; } function db() { @@ -65,14 +70,27 @@ class BriskDB var $item; var $item_n; - function BriskDB() + function BriskDB($dbconn) { - GLOBAL $DOCUMENT_ROOT, $G_dbpfx, $G_false; + $this->dbconn = $dbconn; + } + + static function create() + { + GLOBAL $DOCUMENT_ROOT, $G_dbpfx; + + $ret = FALSE; + log_main("BriskDB create:start"); - $this->dbconn = new DBConn(); + do { + if (($dbconn = DBConn::create()) == FALSE) + break; + + $ret = new BriskDB($dbconn); + } while (0); - log_main("BriskDB create:end"); + return ($ret); } function users_load() @@ -86,7 +104,8 @@ class BriskDB /* check the existence of the nick in the BriskDB */ log_main("login_exists: ".$login); - $user_sql = sprintf("SELECT * FROM %susers WHERE login = lower('%s');", $G_dbpfx, escsql($login)); + $user_sql = sprintf("SELECT * FROM %susers WHERE login = lower('%s') AND (type & CAST (X'%08x' as integer)) = 0;", + $G_dbpfx, escsql($login), USER_FLAG_TY_DISABLE); if (($user_pg = pg_query($this->dbconn->db(), $user_sql)) != FALSE) if (pg_numrows($user_pg) == 1) return TRUE; @@ -94,15 +113,15 @@ class BriskDB return FALSE; } - function &getrecord_bylogin($login) { - GLOBAL $G_false, $G_dbpfx; + function getrecord_bylogin($login) { + GLOBAL $G_dbpfx; - $user_sql = sprintf("SELECT * FROM %susers WHERE login = lower('%s');", $G_dbpfx, escsql($login)); + $user_sql = sprintf("SELECT * FROM %susers WHERE login = lower('%s') AND (type & CAST (X'%08x' as integer)) = 0;", $G_dbpfx, escsql($login), USER_FLAG_TY_DISABLE); if (($user_pg = pg_query($this->dbconn->db(), $user_sql)) == FALSE) - return $ret; + return FALSE; if (pg_numrows($user_pg) != 1) - return $ret; + return FALSE; $user_obj = pg_fetch_object($user_pg, 0); @@ -111,11 +130,11 @@ class BriskDB - function &login_verify($login, $pass) + function login_verify($login, $pass) { - GLOBAL $G_dbpfx, $G_false; + GLOBAL $G_dbpfx; - $ret = &$G_false; + $ret = FALSE; log_main("login_verify: ".$login); @@ -124,30 +143,36 @@ class BriskDB //O for ($i = 0 ; $i < $this->item_n ; $i++) { //O log_main("login_verify: BEGIN"); - if (($user_obj = $this->getrecord_bylogin($login)) == FALSE) - return $ret; + if (($user_obj = $this->getrecord_bylogin($login)) == FALSE) { + return FALSE; + } log_main("login[".$user_obj->code."]: ".$user_obj->login); /* if it exists check for a valid challenge */ if (($a_sem = Challenges::lock_data()) != FALSE) { + // error_log("loop-2", 0); if (($chals = &Challenges::load_data()) != FALSE) { + // error_log("loop-1", 0); for ($e = 0 ; $e < $chals->item_n ; $e++) { - + // error_log("loop", 0); log_main("challenge[".$e."]: ".$chals->item[$e]->login); if (strcmp($login, $chals->item[$e]->login) == 0) { + // error_log("loop2", 0); log_main("login_verify [".$pass."] with [".md5($chals->item[$e]->token.$user_obj->pass)."]"); - if (strcmp($pass , md5($chals->item[$e]->token.$user_obj->pass)) == 0) { + if (strcmp($pass, md5($chals->item[$e]->token.$user_obj->pass)) == 0) { + // error_log("loop3", 0); log_main("login_verify SUCCESS for ".$login); $chals->rem($login); $ret = LoginDBItem::LoginDBItemFromRecord($user_obj); - return ($ret); - //O break; + // error_log("dbitem: ".print_r($ret, TRUE)); + break; } } } // end for ($e = 0 ... + // error_log("end loop-1", 0); } if ($chals->ismod()) { @@ -163,10 +188,8 @@ class BriskDB return ($ret); } - function &getitem_bylogin($login, &$id) { - GLOBAL $G_false; - - $ret = &$G_false; + function getitem_bylogin($login, &$id) { + $ret = FALSE; $id = -1; log_main("getitem_bylogin: ".$login); @@ -195,7 +218,7 @@ class BriskDB for ($i = 0 ; $i < $olddb->count() ; $i++) { $user_sql = sprintf("INSERT INTO %susers ( login, pass, email, type) VALUES ('%s', '%s', '%s', %d);", - $G_dbpfx, escsql($olddb->item[$i]->login), escsql($olddb->item[$i]->pass), + $G_dbpfx, escsql(strtolower($olddb->item[$i]->login)), escsql($olddb->item[$i]->pass), escsql($olddb->item[$i]->email), $olddb->item[$i]->type & USER_FLAG_TY_ALL); // if ( ! (($user_pg = pg_exec($dbconn,$order_add_sql)) != FALSE && pg_affected_rows($order_pg) == 1) ) { @@ -209,10 +232,9 @@ class BriskDB return TRUE; } - function &getdbconn() + function getdbconn() { - $ret = $this->dbconn; - return ($ret); + return ($this->dbconn); } // ttok text UNIQUE, @@ -324,127 +346,6 @@ class LoginDBOld return ($this->item_n); } - - -} - - - if (0 == 1) { - - - - - - - function count() - { - // sprintf("select count(code) from %sbrisk"); - return ($this->item_n); - } - - function getlogin_byidx($idx) - { - if ($idx >= $this->item_n) - return FALSE; - return ($this->item[$idx]->login); - } - - function &getitem_bylogin($login, &$id) - { - GLOBAL $G_false; - - log_main("login_exists: ".$login); - - /* check the existence of the nick in the LoginDB */ - for ($i = 0 ; $i < $this->item_n ; $i++) { - if (strcasecmp($this->item[$i]->login, $login) == 0) { - log_main("login[".$i."]: ".$this->item[$i]->login); - $ret = &$this->item[$i]; - $id = $i; - return ($ret); - } - } - $id = -1; - return ($G_false); - } - - function getmail($login) - { - log_main("getmail"); - - /* check the existence of the nick in the LoginDB */ - for ($i = 0 ; $i < $this->item_n ; $i++) { - if (strcasecmp($this->item[$i]->login, $login) == 0) { - log_main("login[".$i."]: ".$this->item[$i]->login); - return ($this->item[$i]->email); - } - } - return (FALSE); - } - - function gettype($login) - { - log_main("getmail"); - - /* check the existence of the nick in the LoginDB */ - for ($i = 0 ; $i < $this->item_n ; $i++) { - if (strcasecmp($this->item[$i]->login, $login) == 0) { - log_main("login[".$i."]: ".$this->item[$i]->login); - return ($this->item[$i]->type); - } - } - return (FALSE); - } - - function &login_verify($login, $pass) - { - GLOBAL $G_false; - - $ret = &$G_false; - - log_main("login_verify: ".$login); - - /* check the existence of the nick in the LoginDB */ - for ($i = 0 ; $i < $this->item_n ; $i++) { - log_main("login_verify: LOOP"); - if (strcasecmp($this->item[$i]->login, $login) == 0) { - log_main("login[".$i."]: ".$this->item[$i]->login); - - /* if it exists check for a valid challenge */ - if (($a_sem = Challenges::lock_data()) != FALSE) { - - if (($chals = &Challenges::load_data()) != FALSE) { - for ($e = 0 ; $e < $chals->item_n ; $e++) { - - log_main("challenge[".$i."]: ".$chals->item[$e]->login); - if (strcmp($login, $chals->item[$e]->login) == 0) { - log_main("login_verify [".$pass."] with [".md5($chals->item[$e]->token.$this->item[$i]->pass)."]"); - - if (strcmp($pass , md5($chals->item[$e]->token.$this->item[$i]->pass)) == 0) { - log_main("login_verify SUCCESS for ".$login); - - $chals->rem($login); - $ret = &$this->item[$i]; - break; - } - } - } // end for ($e = 0 ... - } - - if ($chals->ismod()) { - Challenges::save_data(&$chals); - } - - Challenges::unlock_data($a_sem); - } - break; - } // if (strcasecmp($this->item[$i]->login, ... - } - - return ($ret); - } - - } // if (0 == 1) { - +} // End class LoginDBOld ?> \ No newline at end of file