PageRenderTime 54ms CodeModel.GetById 28ms RepoModel.GetById 1ms app.codeStats 0ms

/library/Zend/Auth/Adapter/DbTable.php

https://bitbucket.org/hjain/loudmusic
PHP | 561 lines | 249 code | 66 blank | 246 comment | 32 complexity | 6893fc3c703446848a89bd369ef715de MD5 | raw file
  1. <?php
  2. /**
  3. * Zend Framework
  4. *
  5. * LICENSE
  6. *
  7. * This source file is subject to the new BSD license that is bundled
  8. * with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://framework.zend.com/license/new-bsd
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@zend.com so we can send you a copy immediately.
  14. *
  15. * @category Zend
  16. * @package Zend_Auth
  17. * @subpackage Adapter
  18. * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  19. * @license http://framework.zend.com/license/new-bsd New BSD License
  20. * @version $Id: DbTable.php 24593 2012-01-05 20:35:02Z matthew $
  21. */
  22. /**
  23. * @see Zend_Auth_Adapter_Interface
  24. */
  25. require_once 'Zend/Auth/Adapter/Interface.php';
  26. /**
  27. * @see Zend_Db_Adapter_Abstract
  28. */
  29. require_once 'Zend/Db/Adapter/Abstract.php';
  30. /**
  31. * @see Zend_Auth_Result
  32. */
  33. require_once 'Zend/Auth/Result.php';
  34. /**
  35. * @category Zend
  36. * @package Zend_Auth
  37. * @subpackage Adapter
  38. * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  39. * @license http://framework.zend.com/license/new-bsd New BSD License
  40. */
  41. class Zend_Auth_Adapter_DbTable implements Zend_Auth_Adapter_Interface
  42. {
  43. /**
  44. * Database Connection
  45. *
  46. * @var Zend_Db_Adapter_Abstract
  47. */
  48. protected $_zendDb = null;
  49. /**
  50. * @var Zend_Db_Select
  51. */
  52. protected $_dbSelect = null;
  53. /**
  54. * $_tableName - the table name to check
  55. *
  56. * @var string
  57. */
  58. protected $_tableName = null;
  59. /**
  60. * $_identityColumn - the column to use as the identity
  61. *
  62. * @var string
  63. */
  64. protected $_identityColumn = null;
  65. /**
  66. * $_credentialColumns - columns to be used as the credentials
  67. *
  68. * @var string
  69. */
  70. protected $_credentialColumn = null;
  71. /**
  72. * $_identity - Identity value
  73. *
  74. * @var string
  75. */
  76. protected $_identity = null;
  77. /**
  78. * $_credential - Credential values
  79. *
  80. * @var string
  81. */
  82. protected $_credential = null;
  83. /**
  84. * $_credentialTreatment - Treatment applied to the credential, such as MD5() or PASSWORD()
  85. *
  86. * @var string
  87. */
  88. protected $_credentialTreatment = null;
  89. /**
  90. * $_authenticateResultInfo
  91. *
  92. * @var array
  93. */
  94. protected $_authenticateResultInfo = null;
  95. /**
  96. * $_resultRow - Results of database authentication query
  97. *
  98. * @var array
  99. */
  100. protected $_resultRow = null;
  101. /**
  102. * $_ambiguityIdentity - Flag to indicate same Identity can be used with
  103. * different credentials. Default is FALSE and need to be set to true to
  104. * allow ambiguity usage.
  105. *
  106. * @var boolean
  107. */
  108. protected $_ambiguityIdentity = false;
  109. /**
  110. * __construct() - Sets configuration options
  111. *
  112. * @param Zend_Db_Adapter_Abstract $zendDb If null, default database adapter assumed
  113. * @param string $tableName
  114. * @param string $identityColumn
  115. * @param string $credentialColumn
  116. * @param string $credentialTreatment
  117. * @return void
  118. */
  119. public function __construct(Zend_Db_Adapter_Abstract $zendDb = null, $tableName = null, $identityColumn = null,
  120. $credentialColumn = null, $credentialTreatment = null)
  121. {
  122. $this->_setDbAdapter($zendDb);
  123. if (null !== $tableName) {
  124. $this->setTableName($tableName);
  125. }
  126. if (null !== $identityColumn) {
  127. $this->setIdentityColumn($identityColumn);
  128. }
  129. if (null !== $credentialColumn) {
  130. $this->setCredentialColumn($credentialColumn);
  131. }
  132. if (null !== $credentialTreatment) {
  133. $this->setCredentialTreatment($credentialTreatment);
  134. }
  135. }
  136. /**
  137. * _setDbAdapter() - set the database adapter to be used for quering
  138. *
  139. * @param Zend_Db_Adapter_Abstract
  140. * @throws Zend_Auth_Adapter_Exception
  141. * @return Zend_Auth_Adapter_DbTable
  142. */
  143. protected function _setDbAdapter(Zend_Db_Adapter_Abstract $zendDb = null)
  144. {
  145. $this->_zendDb = $zendDb;
  146. /**
  147. * If no adapter is specified, fetch default database adapter.
  148. */
  149. if(null === $this->_zendDb) {
  150. require_once 'Zend/Db/Table/Abstract.php';
  151. $this->_zendDb = Zend_Db_Table_Abstract::getDefaultAdapter();
  152. if (null === $this->_zendDb) {
  153. require_once 'Zend/Auth/Adapter/Exception.php';
  154. throw new Zend_Auth_Adapter_Exception('No database adapter present');
  155. }
  156. }
  157. return $this;
  158. }
  159. /**
  160. * setTableName() - set the table name to be used in the select query
  161. *
  162. * @param string $tableName
  163. * @return Zend_Auth_Adapter_DbTable Provides a fluent interface
  164. */
  165. public function setTableName($tableName)
  166. {
  167. $this->_tableName = $tableName;
  168. return $this;
  169. }
  170. /**
  171. * setIdentityColumn() - set the column name to be used as the identity column
  172. *
  173. * @param string $identityColumn
  174. * @return Zend_Auth_Adapter_DbTable Provides a fluent interface
  175. */
  176. public function setIdentityColumn($identityColumn)
  177. {
  178. $this->_identityColumn = $identityColumn;
  179. return $this;
  180. }
  181. /**
  182. * setCredentialColumn() - set the column name to be used as the credential column
  183. *
  184. * @param string $credentialColumn
  185. * @return Zend_Auth_Adapter_DbTable Provides a fluent interface
  186. */
  187. public function setCredentialColumn($credentialColumn)
  188. {
  189. $this->_credentialColumn = $credentialColumn;
  190. return $this;
  191. }
  192. /**
  193. * setCredentialTreatment() - allows the developer to pass a parameterized string that is
  194. * used to transform or treat the input credential data.
  195. *
  196. * In many cases, passwords and other sensitive data are encrypted, hashed, encoded,
  197. * obscured, or otherwise treated through some function or algorithm. By specifying a
  198. * parameterized treatment string with this method, a developer may apply arbitrary SQL
  199. * upon input credential data.
  200. *
  201. * Examples:
  202. *
  203. * 'PASSWORD(?)'
  204. * 'MD5(?)'
  205. *
  206. * @param string $treatment
  207. * @return Zend_Auth_Adapter_DbTable Provides a fluent interface
  208. */
  209. public function setCredentialTreatment($treatment)
  210. {
  211. $this->_credentialTreatment = $treatment;
  212. return $this;
  213. }
  214. /**
  215. * setIdentity() - set the value to be used as the identity
  216. *
  217. * @param string $value
  218. * @return Zend_Auth_Adapter_DbTable Provides a fluent interface
  219. */
  220. public function setIdentity($value)
  221. {
  222. $this->_identity = $value;
  223. return $this;
  224. }
  225. /**
  226. * setCredential() - set the credential value to be used, optionally can specify a treatment
  227. * to be used, should be supplied in parameterized form, such as 'MD5(?)' or 'PASSWORD(?)'
  228. *
  229. * @param string $credential
  230. * @return Zend_Auth_Adapter_DbTable Provides a fluent interface
  231. */
  232. public function setCredential($credential)
  233. {
  234. $this->_credential = $credential;
  235. return $this;
  236. }
  237. /**
  238. * setAmbiguityIdentity() - sets a flag for usage of identical identities
  239. * with unique credentials. It accepts integers (0, 1) or boolean (true,
  240. * false) parameters. Default is false.
  241. *
  242. * @param int|bool $flag
  243. * @return Zend_Auth_Adapter_DbTable
  244. */
  245. public function setAmbiguityIdentity($flag)
  246. {
  247. if (is_integer($flag)) {
  248. $this->_ambiguityIdentity = (1 === $flag ? true : false);
  249. } elseif (is_bool($flag)) {
  250. $this->_ambiguityIdentity = $flag;
  251. }
  252. return $this;
  253. }
  254. /**
  255. * getAmbiguityIdentity() - returns TRUE for usage of multiple identical
  256. * identies with different credentials, FALSE if not used.
  257. *
  258. * @return bool
  259. */
  260. public function getAmbiguityIdentity()
  261. {
  262. return $this->_ambiguityIdentity;
  263. }
  264. /**
  265. * getDbSelect() - Return the preauthentication Db Select object for userland select query modification
  266. *
  267. * @return Zend_Db_Select
  268. */
  269. public function getDbSelect()
  270. {
  271. if ($this->_dbSelect == null) {
  272. $this->_dbSelect = $this->_zendDb->select();
  273. }
  274. return $this->_dbSelect;
  275. }
  276. /**
  277. * getResultRowObject() - Returns the result row as a stdClass object
  278. *
  279. * @param string|array $returnColumns
  280. * @param string|array $omitColumns
  281. * @return stdClass|boolean
  282. */
  283. public function getResultRowObject($returnColumns = null, $omitColumns = null)
  284. {
  285. if (!$this->_resultRow) {
  286. return false;
  287. }
  288. $returnObject = new stdClass();
  289. if (null !== $returnColumns) {
  290. $availableColumns = array_keys($this->_resultRow);
  291. foreach ( (array) $returnColumns as $returnColumn) {
  292. if (in_array($returnColumn, $availableColumns)) {
  293. $returnObject->{$returnColumn} = $this->_resultRow[$returnColumn];
  294. }
  295. }
  296. return $returnObject;
  297. } elseif (null !== $omitColumns) {
  298. $omitColumns = (array) $omitColumns;
  299. foreach ($this->_resultRow as $resultColumn => $resultValue) {
  300. if (!in_array($resultColumn, $omitColumns)) {
  301. $returnObject->{$resultColumn} = $resultValue;
  302. }
  303. }
  304. return $returnObject;
  305. } else {
  306. foreach ($this->_resultRow as $resultColumn => $resultValue) {
  307. $returnObject->{$resultColumn} = $resultValue;
  308. }
  309. return $returnObject;
  310. }
  311. }
  312. /**
  313. * authenticate() - defined by Zend_Auth_Adapter_Interface. This method is called to
  314. * attempt an authentication. Previous to this call, this adapter would have already
  315. * been configured with all necessary information to successfully connect to a database
  316. * table and attempt to find a record matching the provided identity.
  317. *
  318. * @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible
  319. * @return Zend_Auth_Result
  320. */
  321. public function authenticate()
  322. {
  323. $this->_authenticateSetup();
  324. $dbSelect = $this->_authenticateCreateSelect();
  325. $resultIdentities = $this->_authenticateQuerySelect($dbSelect);
  326. if ( ($authResult = $this->_authenticateValidateResultSet($resultIdentities)) instanceof Zend_Auth_Result) {
  327. return $authResult;
  328. }
  329. if (true === $this->getAmbiguityIdentity()) {
  330. $validIdentities = array ();
  331. $zendAuthCredentialMatchColumn = $this->_zendDb->foldCase('zend_auth_credential_match');
  332. foreach ($resultIdentities as $identity) {
  333. if (1 === (int) $identity[$zendAuthCredentialMatchColumn]) {
  334. $validIdentities[] = $identity;
  335. }
  336. }
  337. $resultIdentities = $validIdentities;
  338. }
  339. $authResult = $this->_authenticateValidateResult(array_shift($resultIdentities));
  340. return $authResult;
  341. }
  342. /**
  343. * _authenticateSetup() - This method abstracts the steps involved with
  344. * making sure that this adapter was indeed setup properly with all
  345. * required pieces of information.
  346. *
  347. * @throws Zend_Auth_Adapter_Exception - in the event that setup was not done properly
  348. * @return true
  349. */
  350. protected function _authenticateSetup()
  351. {
  352. $exception = null;
  353. if ($this->_tableName == '') {
  354. $exception = 'A table must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.';
  355. } elseif ($this->_identityColumn == '') {
  356. $exception = 'An identity column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.';
  357. } elseif ($this->_credentialColumn == '') {
  358. $exception = 'A credential column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.';
  359. } elseif ($this->_identity == '') {
  360. $exception = 'A value for the identity was not provided prior to authentication with Zend_Auth_Adapter_DbTable.';
  361. } elseif ($this->_credential === null) {
  362. $exception = 'A credential value was not provided prior to authentication with Zend_Auth_Adapter_DbTable.';
  363. }
  364. if (null !== $exception) {
  365. /**
  366. * @see Zend_Auth_Adapter_Exception
  367. */
  368. require_once 'Zend/Auth/Adapter/Exception.php';
  369. throw new Zend_Auth_Adapter_Exception($exception);
  370. }
  371. $this->_authenticateResultInfo = array(
  372. 'code' => Zend_Auth_Result::FAILURE,
  373. 'identity' => $this->_identity,
  374. 'messages' => array()
  375. );
  376. return true;
  377. }
  378. /**
  379. * _authenticateCreateSelect() - This method creates a Zend_Db_Select object that
  380. * is completely configured to be queried against the database.
  381. *
  382. * @return Zend_Db_Select
  383. */
  384. protected function _authenticateCreateSelect()
  385. {
  386. // build credential expression
  387. if (empty($this->_credentialTreatment) || (strpos($this->_credentialTreatment, '?') === false)) {
  388. $this->_credentialTreatment = '?';
  389. }
  390. $credentialExpression = new Zend_Db_Expr(
  391. '(CASE WHEN ' .
  392. $this->_zendDb->quoteInto(
  393. $this->_zendDb->quoteIdentifier($this->_credentialColumn, true)
  394. . ' = ' . $this->_credentialTreatment, $this->_credential
  395. )
  396. . ' THEN 1 ELSE 0 END) AS '
  397. . $this->_zendDb->quoteIdentifier(
  398. $this->_zendDb->foldCase('zend_auth_credential_match')
  399. )
  400. );
  401. // get select
  402. $dbSelect = clone $this->getDbSelect();
  403. $dbSelect->from($this->_tableName, array('*', $credentialExpression))
  404. ->where($this->_zendDb->quoteIdentifier($this->_identityColumn, true) . ' = ?', $this->_identity);
  405. return $dbSelect;
  406. }
  407. /**
  408. * _authenticateQuerySelect() - This method accepts a Zend_Db_Select object and
  409. * performs a query against the database with that object.
  410. *
  411. * @param Zend_Db_Select $dbSelect
  412. * @throws Zend_Auth_Adapter_Exception - when an invalid select
  413. * object is encountered
  414. * @return array
  415. */
  416. protected function _authenticateQuerySelect(Zend_Db_Select $dbSelect)
  417. {
  418. try {
  419. if ($this->_zendDb->getFetchMode() != Zend_DB::FETCH_ASSOC) {
  420. $origDbFetchMode = $this->_zendDb->getFetchMode();
  421. $this->_zendDb->setFetchMode(Zend_DB::FETCH_ASSOC);
  422. }
  423. $resultIdentities = $this->_zendDb->fetchAll($dbSelect);
  424. if (isset($origDbFetchMode)) {
  425. $this->_zendDb->setFetchMode($origDbFetchMode);
  426. unset($origDbFetchMode);
  427. }
  428. } catch (Exception $e) {
  429. /**
  430. * @see Zend_Auth_Adapter_Exception
  431. */
  432. require_once 'Zend/Auth/Adapter/Exception.php';
  433. throw new Zend_Auth_Adapter_Exception('The supplied parameters to Zend_Auth_Adapter_DbTable failed to '
  434. . 'produce a valid sql statement, please check table and column names '
  435. . 'for validity.', 0, $e);
  436. }
  437. return $resultIdentities;
  438. }
  439. /**
  440. * _authenticateValidateResultSet() - This method attempts to make
  441. * certain that only one record was returned in the resultset
  442. *
  443. * @param array $resultIdentities
  444. * @return true|Zend_Auth_Result
  445. */
  446. protected function _authenticateValidateResultSet(array $resultIdentities)
  447. {
  448. if (count($resultIdentities) < 1) {
  449. $this->_authenticateResultInfo['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND;
  450. $this->_authenticateResultInfo['messages'][] = 'A record with the supplied identity could not be found.';
  451. return $this->_authenticateCreateAuthResult();
  452. } elseif (count($resultIdentities) > 1 && false === $this->getAmbiguityIdentity()) {
  453. $this->_authenticateResultInfo['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS;
  454. $this->_authenticateResultInfo['messages'][] = 'More than one record matches the supplied identity.';
  455. return $this->_authenticateCreateAuthResult();
  456. }
  457. return true;
  458. }
  459. /**
  460. * _authenticateValidateResult() - This method attempts to validate that
  461. * the record in the resultset is indeed a record that matched the
  462. * identity provided to this adapter.
  463. *
  464. * @param array $resultIdentity
  465. * @return Zend_Auth_Result
  466. */
  467. protected function _authenticateValidateResult($resultIdentity)
  468. {
  469. $zendAuthCredentialMatchColumn = $this->_zendDb->foldCase('zend_auth_credential_match');
  470. if ($resultIdentity[$zendAuthCredentialMatchColumn] != '1') {
  471. $this->_authenticateResultInfo['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
  472. $this->_authenticateResultInfo['messages'][] = 'Supplied credential is invalid.';
  473. return $this->_authenticateCreateAuthResult();
  474. }
  475. unset($resultIdentity[$zendAuthCredentialMatchColumn]);
  476. $this->_resultRow = $resultIdentity;
  477. $this->_authenticateResultInfo['code'] = Zend_Auth_Result::SUCCESS;
  478. $this->_authenticateResultInfo['messages'][] = 'Authentication successful.';
  479. return $this->_authenticateCreateAuthResult();
  480. }
  481. /**
  482. * _authenticateCreateAuthResult() - Creates a Zend_Auth_Result object from
  483. * the information that has been collected during the authenticate() attempt.
  484. *
  485. * @return Zend_Auth_Result
  486. */
  487. protected function _authenticateCreateAuthResult()
  488. {
  489. return new Zend_Auth_Result(
  490. $this->_authenticateResultInfo['code'],
  491. $this->_authenticateResultInfo['identity'],
  492. $this->_authenticateResultInfo['messages']
  493. );
  494. }
  495. }