Peter M. Groen / knowledgetree

Commit ee682591f0b1d75b870926bf4c474b939e64fe5c

Authored by Brad Shuttleworth
1 parent 9e5304ab

remove usage of db-direct access. 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@5503 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 34 additions and 37 deletions
lib/authentication/DBAuthenticator.inc
  View file @ee68259
... ... @@ -38,16 +38,13 @@ class DBAuthenticator extends Authenticator {
38 38 global $default;
39 39  
40 40 $sql = $default->db;
41   - $sQuery = "SELECT * FROM $default->users_table WHERE username = ? AND password = ?";/*ok*/
  41 + $sTable = KTUtil::getTableName('users');
  42 + $sQuery = "SELECT count(*) AS match_count FROM $sTable WHERE username = ? AND password = ?";
42 43 $aParams = array($userName, md5($password));
43   - if ($sql->query(array($sQuery, $aParams))) {
44   - if ($sql->num_rows($sql) == "1") {
45   - return true;
46   - } else {
47   - return false;
48   - }
49   - } else {
50   - return false;
  44 + $res = DBUtil::getOneResultKey(array($sQuery, $aParams), 'match_count');
  45 + if (PEAR::isError($res)) { return false; }
  46 + else {
  47 + return ($res == 1);
51 48 }
52 49 }
53 50  
... ... @@ -62,25 +59,26 @@ class DBAuthenticator extends Authenticator {
62 59 global $default;
63 60  
64 61 $sql = $default->db;
  62 + $sTable = KTUtil::getTableName('users');
65 63 $sQuery = "SELECT ";/*ok*/
66 64 // build select
67 65 for ($i=0; $i<count($aAttributes); $i++) {
68 66 $sQuery .= $aAttributes[$i] . (( ($i+1) == count($aAttributes) ) ? "" : ", ");
69 67 }
70   - $sQuery .= " FROM $default->users_table WHERE username = ?";
  68 + $sQuery .= " FROM $sTable WHERE username = ?";
71 69 $aParams = array($sUserName);
72   -
73   - if ($sql->query(array($sQuery, $aParams))) {
74   - $aUserResults = array();
75   - while ($sql->next_record()) {
76   - for ($i=0; $i<count($aAttributes); $i++) {
77   - $aUserResults["$sUserName"]["$aAttributes[$i]"] = $sql->f($aAttributes[$i]);
78   - }
79   - }
80   - return $aUserResults;
81   - } else {
82   - return false;
  70 + $res = DBUtil::getResultArray(array($sQuery, $aParams));
  71 + if (PEAR::isError($res)) {
  72 + return false;
83 73 }
  74 +
  75 + $aUserResults = array();
  76 + foreach ($res as $aRow) {
  77 + foreach ($aAttributes as $sAttrName) {
  78 + $aUserResults[$sUserName][$sAttrName] = $aRow[$sAttrName];
  79 + }
  80 + }
  81 + return $aUserResults;
84 82 }
85 83  
86 84 /**
... ... @@ -93,26 +91,25 @@ class DBAuthenticator extends Authenticator {
93 91 function searchUsers($sUserNameSearch, $aAttributes) {
94 92 global $default;
95 93  
96   - $sql = $default->db;
  94 + $sTable = KTUtil::getTableName('users')
97 95 $sQuery = "SELECT ";/*ok*/
98   - // build select
99   - for ($i=0; $i<count($aAttributes); $i++) {
100   - $sQuery .= $aAttributes[$i] . (( ($i+1) == count($aAttributes) ) ? "" : ", ");
101   - }
102   - $sQuery .= " FROM $default->users_table where username like '%" . DBUtil::escapeSimple($sUserNameSearch) . "%'";
  96 + $sQuery .= implode(', ', $aAttributes);
  97 + $sQuery .= " FROM $sTable where username like '%" . DBUtil::escapeSimple($sUserNameSearch) . "%'";
103 98  
104   - if ($sql->query($sQuery)) {
105   - $aUserResults = array();
106   - while ($sql->next_record()) {
107   - $sUserName = $sql->f("username");
108   - for ($i=0; $i<count($aAttributes); $i++) {
109   - $aUserResults["$sUserName"]["$aAttributes[$i]"] = $sql->f($aAttributes[$i]);
110   - }
  99 + $res = DBUtil::getResultArray(array($sQuery, array()));
  100 + if (PEAR::isError($res)) {
  101 + return false; // return $res;
  102 + }
  103 +
  104 + $aUserResults = array();
  105 + foreach ($res as $aRow) {
  106 + $sUserName = $aRow['username'];
  107 + foreach ($aAttributes as $sAttrName) {
  108 + $aUserResults[$sUserName][$sAttrName] = $aRow[$sAttrName];
111 109 }
112   - return $aUserResults;
113   - } else {
114   - return false;
115 110 }
  111 + return $aUserResults;
  112 +
116 113 }
117 114 }
118 115 ?>
... ...