2012-08-22 Miguel de Dios <miguel.dedios@artica.es>
* include/api.php: cleaned source code style. * include/auth/mysql.php: fixed the access users in the api with or without no_login field set. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@6904 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
parent
4748c7b1f6
commit
e77d6879a0
|
@ -1,3 +1,10 @@
|
||||||
|
2012-08-22 Miguel de Dios <miguel.dedios@artica.es>
|
||||||
|
|
||||||
|
* include/api.php: cleaned source code style.
|
||||||
|
|
||||||
|
* include/auth/mysql.php: fixed the access users in the api with or
|
||||||
|
without no_login field set.
|
||||||
|
|
||||||
2012-08-21 Miguel de Dios <miguel.dedios@artica.es>
|
2012-08-21 Miguel de Dios <miguel.dedios@artica.es>
|
||||||
|
|
||||||
* extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql,
|
* extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql,
|
||||||
|
|
|
@ -51,6 +51,7 @@ $no_login_msg = "";
|
||||||
if (isInACL($ipOrigin)) {
|
if (isInACL($ipOrigin)) {
|
||||||
if(empty($apiPassword) || (!empty($apiPassword) && $api_password === $apiPassword)) {
|
if(empty($apiPassword) || (!empty($apiPassword) && $api_password === $apiPassword)) {
|
||||||
$user_in_db = process_user_login($user, $password, true);
|
$user_in_db = process_user_login($user, $password, true);
|
||||||
|
|
||||||
if ($user_in_db !== false) {
|
if ($user_in_db !== false) {
|
||||||
$config['id_user'] = $user_in_db;
|
$config['id_user'] = $user_in_db;
|
||||||
$correctLogin = true;
|
$correctLogin = true;
|
||||||
|
|
|
@ -83,25 +83,46 @@ function process_user_login ($login, $pass, $api = false) {
|
||||||
// Connect to Database
|
// Connect to Database
|
||||||
switch ($config["dbtype"]) {
|
switch ($config["dbtype"]) {
|
||||||
case "mysql":
|
case "mysql":
|
||||||
|
if (!$api) {
|
||||||
$sql = sprintf ("SELECT `id_user`, `password`
|
$sql = sprintf ("SELECT `id_user`, `password`
|
||||||
FROM `tusuario`
|
FROM `tusuario`
|
||||||
WHERE `id_user` = '%s' AND `not_login` = " .
|
WHERE `id_user` = '%s' AND `not_login` = 0
|
||||||
((int)$api) . "
|
|
||||||
AND `disabled` = 0", $login);
|
AND `disabled` = 0", $login);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$sql = sprintf ("SELECT `id_user`, `password`
|
||||||
|
FROM `tusuario`
|
||||||
|
WHERE `id_user` = '%s'
|
||||||
|
AND `disabled` = 0", $login);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case "postgresql":
|
case "postgresql":
|
||||||
|
if (!$api) {
|
||||||
$sql = sprintf ('SELECT "id_user", "password"
|
$sql = sprintf ('SELECT "id_user", "password"
|
||||||
FROM "tusuario"
|
FROM "tusuario"
|
||||||
WHERE "id_user" = \'%s\' AND "not_login" = ' .
|
WHERE "id_user" = \'%s\' AND "not_login" = 0
|
||||||
((int)$api) . '
|
|
||||||
AND "disabled" = 0', $login);
|
AND "disabled" = 0', $login);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$sql = sprintf ('SELECT "id_user", "password"
|
||||||
|
FROM "tusuario"
|
||||||
|
WHERE "id_user" = \'%s\'
|
||||||
|
AND "disabled" = 0', $login);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case "oracle":
|
case "oracle":
|
||||||
|
if (!$api) {
|
||||||
$sql = sprintf ('SELECT id_user, password
|
$sql = sprintf ('SELECT id_user, password
|
||||||
FROM tusuario
|
FROM tusuario
|
||||||
WHERE id_user = \'%s\' AND not_login = ' .
|
WHERE id_user = \'%s\' AND not_login = 0
|
||||||
((int)$api) . '
|
|
||||||
AND disabled = 0', $login);
|
AND disabled = 0', $login);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$sql = sprintf ('SELECT id_user, password
|
||||||
|
FROM tusuario
|
||||||
|
WHERE id_user = \'%s\'
|
||||||
|
AND disabled = 0', $login);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
$row = db_get_row_sql ($sql);
|
$row = db_get_row_sql ($sql);
|
||||||
|
|
Loading…
Reference in New Issue