From aa90724a41887c942234e76084e5d945eb10c0fb Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Sun, 12 Oct 2008 20:02:07 +0200
Subject: [PATCH] fix use of unitialised %{user} placeholder in MySQL and
PostgreSQL backends
darcs-hash:20081012180207-7ad00-54ff244124e7ab824c635a550b02310f8163706a.gz
---
inc/auth/mysql.class.php | 36 ++++++++++++++++++++++--------------
inc/auth/pgsql.class.php | 17 ++++++++++-------
2 files changed, 32 insertions(+), 21 deletions(-)
diff --git a/inc/auth/mysql.class.php b/inc/auth/mysql.class.php
index ebc3df902..ea1fa2ae5 100644
--- a/inc/auth/mysql.class.php
+++ b/inc/auth/mysql.class.php
@@ -250,11 +250,11 @@ class auth_mysql extends auth_basic {
$grpdel = array_diff($groups, $changes['grps']);
foreach($grpadd as $group)
- if (($this->_addUserToGroup($uid, $group, 1)) == false)
+ if (($this->_addUserToGroup($user, $group, 1)) == false)
$rc = false;
foreach($grpdel as $group)
- if (($this->_delUserFromGroup($uid, $group)) == false)
+ if (($this->_delUserFromGroup($user, $group)) == false)
$rc = false;
}
}
@@ -368,8 +368,7 @@ class auth_mysql extends auth_basic {
if ($this->_openDB()) {
$this->_lockTables("WRITE");
- $uid = $this->_getUserID($user);
- $rc = $this->_addUserToGroup($uid, $group);
+ $rc = $this->_addUserToGroup($user, $group);
$this->_unlockTables();
$this->_closeDB();
}
@@ -391,7 +390,7 @@ class auth_mysql extends auth_basic {
if ($this->_openDB()) {
$this->_lockTables("WRITE");
$uid = $this->_getUserID($user);
- $rc = $this->_delUserFromGroup($uid, $group);
+ $rc = $this->_delUserFromGroup($user, $group);
$this->_unlockTables();
$this->_closeDB();
}
@@ -408,17 +407,17 @@ class auth_mysql extends auth_basic {
* recommended to call this function only after all participating
* tables (group and usergroup) have been locked.
*
- * @param $uid user id to add to a group
+ * @param $user user to add to a group
* @param $group name of the group
* @param $force '1' create missing groups
* @return bool 'true' on success, 'false' on error
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function _addUserToGroup($uid, $group, $force=0) {
+ function _addUserToGroup($user, $group, $force=0) {
$newgroup = 0;
- if (($this->dbcon) && ($uid)) {
+ if (($this->dbcon) && ($user)) {
$gid = $this->_getGroupID($group);
if (!$gid) {
if ($force) { // create missing groups
@@ -429,7 +428,11 @@ class auth_mysql extends auth_basic {
if (!$gid) return false; // group didn't exist and can't be created
}
- $sql = str_replace('%{uid}', $this->_escape($uid),$this->cnf['addUserGroup']);
+ $sql = $this->cnf['addUserGroup'];
+ if(strpos($sql,'%{uid}') !== false){
+ $uid = $this->_getUserID($user);
+ $sql = str_replace('%{uid}', $this->_escape($uid),$sql);
+ }
$sql = str_replace('%{user}', $this->_escape($user),$sql);
$sql = str_replace('%{gid}', $this->_escape($gid),$sql);
$sql = str_replace('%{group}',$this->_escape($group),$sql);
@@ -447,19 +450,24 @@ class auth_mysql extends auth_basic {
/**
* Remove user from a group
*
- * @param $uid user id that leaves a group
+ * @param $user user that leaves a group
* @param $group group to leave
* @return bool true on success, false on error
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function _delUserFromGroup($uid, $group) {
+ function _delUserFromGroup($user, $group) {
$rc = false;
- if (($this->dbcon) && ($uid)) {
+
+ if (($this->dbcon) && ($user)) {
+ $sql = $this->cnf['delUserGroup'];
+ if(strpos($sql,'%{uid}') !== false){
+ $uid = $this->_getUserID($user);
+ $sql = str_replace('%{uid}', $this->_escape($uid),$sql);
+ }
$gid = $this->_getGroupID($group);
if ($gid) {
- $sql = str_replace('%{uid}', $this->_escape($uid),$this->cnf['delUserGroup']);
$sql = str_replace('%{user}', $this->_escape($user),$sql);
$sql = str_replace('%{gid}', $this->_escape($gid),$sql);
$sql = str_replace('%{group}',$this->_escape($group),$sql);
@@ -547,7 +555,7 @@ class auth_mysql extends auth_basic {
if ($uid) {
foreach($grps as $group) {
- $gid = $this->_addUserToGroup($uid, $group, 1);
+ $gid = $this->_addUserToGroup($user, $group, 1);
if ($gid === false) break;
}
diff --git a/inc/auth/pgsql.class.php b/inc/auth/pgsql.class.php
index ae8d08666..c80f3ce5a 100644
--- a/inc/auth/pgsql.class.php
+++ b/inc/auth/pgsql.class.php
@@ -169,7 +169,7 @@ class auth_pgsql extends auth_mysql {
* The database connection must already be established. Otherwise
* this function does nothing and returns 'false'.
*
- * @param $uid user id to add to a group
+ * @param $user user to add to a group
* @param $group name of the group
* @param $force '1' create missing groups
* @return bool 'true' on success, 'false' on error
@@ -177,10 +177,10 @@ class auth_pgsql extends auth_mysql {
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
* @author Andreas Gohr <andi@splitbrain.org>
*/
- function _addUserToGroup($uid, $group, $force=0) {
+ function _addUserToGroup($user, $group, $force=0) {
$newgroup = 0;
- if (($this->dbcon) && ($uid)) {
+ if (($this->dbcon) && ($user)) {
$gid = $this->_getGroupID($group);
if (!$gid) {
if ($force) { // create missing groups
@@ -191,10 +191,13 @@ class auth_pgsql extends auth_mysql {
$newgroup = 1; // group newly created
}
}
-
if (!$gid) return false; // group didn't exist and can't be created
- $sql = str_replace('%{uid}', addslashes($uid),$this->cnf['addUserGroup']);
+ $sql = $this->cnf['addUserGroup'];
+ if(strpos($sql,'%{uid}') !== false){
+ $uid = $this->_getUserID($user);
+ $sql = str_replace('%{uid}', $sql);
+ }
$sql = str_replace('%{user}', addslashes($user),$sql);
$sql = str_replace('%{gid}', addslashes($gid),$sql);
$sql = str_replace('%{group}',addslashes($group),$sql);
@@ -209,7 +212,7 @@ class auth_pgsql extends auth_mysql {
return false;
}
- // @inherit function _delUserFromGroup($uid, $group)
+ // @inherit function _delUserFromGroup($user $group)
// @inherit function _getGroups($user)
// @inherit function _getUserID($user)
@@ -245,7 +248,7 @@ class auth_pgsql extends auth_mysql {
if ($uid) {
foreach($grps as $group) {
- $gid = $this->_addUserToGroup($uid, $group, 1);
+ $gid = $this->_addUserToGroup($user, $group, 1);
if ($gid === false) break;
}
--
GitLab