Ignore:
Timestamp:
11/30/09 07:01:34 (5 years ago)
Author:
benjamin
Message:

Adding Password Policy management to AlternC \!

File:
1 edited

Legend:

Unmodified
Added
Removed
  • alternc/trunk/bureau/class/m_mysql.php

    r2615 r2616  
    6363   */ 
    6464  function alternc_password_policy() { 
    65     return array("mysql_users"=>"MySQL users"); 
     65    return array("mysql"=>"MySQL users"); 
    6666  } 
    6767 
     
    252252   */ 
    253253  function put_mysql_details($password) { 
    254     global $db,$err,$mem,$cuid; 
     254    global $db,$err,$mem,$cuid,$admin; 
    255255    $err->log("mysql","put_mysql_details"); 
    256256    $db->query("SELECT * FROM db WHERE uid='$cuid';"); 
     
    266266      return false; 
    267267    } 
     268 
     269    // Check this password against the password policy using common API :  
     270    if (is_callable(array($admin,"checkPolicy"))) { 
     271      if (!$admin->checkPolicy("mysql",$login,$password)) { 
     272        return false; // The error has been raised by checkPolicy() 
     273      } 
     274    } 
     275 
    268276    // Update all the "pass" fields for this user :  
    269277    $db->query("UPDATE db SET pass='$password' WHERE uid='$cuid';"); 
     
    278286   */ 
    279287  function new_mysql($password) { 
    280     global $db,$err,$mem,$cuid; 
     288    global $db,$err,$mem,$cuid,$admin; 
    281289    $err->log("mysql","new_mysql"); 
    282290    if (strlen($password)>16) { 
     
    291299    $login=$mem->user["login"]; 
    292300    $dbname=$mem->user["login"]; 
     301 
     302    // Check this password against the password policy using common API :  
     303    if (is_callable(array($admin,"checkPolicy"))) { 
     304      if (!$admin->checkPolicy("mysql",$login,$password)) { 
     305        return false; // The error has been raised by checkPolicy() 
     306      } 
     307    }     
     308 
    293309    // OK, creation now... 
    294310    $db->query("INSERT INTO db (uid,login,pass,db) VALUES ('$cuid','".$login."','$password','".$dbname."');"); 
     
    457473  } 
    458474 
     475 
     476  /* ------------------------------------------------------------ */ 
     477  /**  
     478   * Create a new user in MySQL rights tables 
     479   * @param $usern the username (we will add _[alternc-account] to it) 
     480   * @param $password The password for this username 
     481   * @param $passconf The password confirmation 
     482   * @return TRUE if the user has been created in MySQL or FALSE if an error occurred 
     483   **/ 
    459484  function add_user($usern,$password,$passconf) { 
    460     global $db,$err,$quota,$mem,$cuid; 
     485    global $db,$err,$quota,$mem,$cuid,$admin; 
    461486    $err->log("mysql","add_user",$usern); 
    462487     
     
    487512    } 
    488513 
     514    // Check this password against the password policy using common API :  
     515    if (is_callable(array($admin,"checkPolicy"))) { 
     516      if (!$admin->checkPolicy("mysql",$user,$password)) { 
     517        return false; // The error has been raised by checkPolicy() 
     518      } 
     519    } 
    489520 
    490521    // We create the user account (the "file" right is the only one we need globally to be able to use load data into outfile) 
     
    495526  } 
    496527 
     528 
     529 
     530  /* ------------------------------------------------------------ */ 
     531  /**  
     532   * Delete a new user in MySQL rights tables 
     533   * @param $user the username (we will add _[alternc-account] to it) to delete 
     534   * @return TRUE if the user has been deleted in MySQL or FALSE if an error occurred 
     535   **/ 
    497536  function del_user($user) { 
    498537    global $db,$err,$mem,$cuid,$L_MYSQL_DATABASE; 
     
    519558  } 
    520559 
     560 
     561  /* ------------------------------------------------------------ */ 
     562  /**  
     563   * Return the list of the database rights of user $user 
     564   * @param $user the username  
     565   * @return array An array of database name and rights 
     566   **/ 
    521567  function get_user_dblist($user) { 
    522568    global $db,$err,$mem,$cuid,$L_MYSQL_DATABASE; 
     
    537583  } 
    538584 
     585 
     586 
     587  /* ------------------------------------------------------------ */ 
     588  /**  
     589   * Set the access rights of user $user to database $dbn to be rights $rights 
     590   * @param $user the username to give rights to 
     591   * @param $dbn The database to give rights to 
     592   * @param $rights The rights as an array of MySQL keywords (insert, select ...) 
     593   * @return boolean TRUE if the rights has been applied or FALSE if an error occurred 
     594   *  
     595   **/ 
    539596  function set_user_rights($user,$dbn,$rights) { 
    540597    global $mem, $db; 
     
    581638    } 
    582639 
    583      
    584     // On remet à zéro tous les droits de l'utilisateur 
     640    // We reset all user rights on this DB :  
    585641    $db->query("SELECT * FROM mysql.db WHERE User = '$usern' AND Db = '$dbname';"); 
    586642    if($db->num_rows()) 
     
    594650  } 
    595651 
     652 
     653 
    596654} /* Class m_mysql */ 
    597655 
Note: See TracChangeset for help on using the changeset viewer.