Changeset 158

Timestamp:

Jun 10, 2006 2:57:06 AM (18 years ago)

Author:

scdev

Message:

Q - changed Prefs so varable is serialized in the database ... so we can save arrays and such. Updated Auth_* so encrypted userpass is never stored in the session.

Location:

trunk/lib

Files:

• Auth_File.inc.php (modified) (1 diff)
• Auth_SQL.inc.php (modified) (1 diff)
• Prefs.inc.php (modified) (2 diffs)

trunk/lib/Auth_File.inc.php

@@ -66 +66 @@
      * @param optional array $params  A hash containing parameters.
      */
-    function Auth_File($namespace='null')
+    function Auth_File($namespace='')
     {
         $this->_ns = $namespace;

trunk/lib/Auth_SQL.inc.php

@@ -342 +342 @@
         // Return user data if found.
         if ($user_data = mysql_fetch_assoc($qid)) {
+            // Don't return password value.
+            unset($user_data['userpass']);
             $app->logMsg(sprintf('Authentication successful for user %s (%s)', $user_data['user_id'], $username), LOG_INFO, __FILE__, __LINE__);
             return $user_data;

trunk/lib/Prefs.inc.php

@@ -286 +286 @@
         ");
         while (list($key, $val) = mysql_fetch_row($qid)) {
-            $_SESSION['_prefs'][$this->_ns]['persistent'][$key] = $val;
+            $_SESSION['_prefs'][$this->_ns]['persistent'][$key] = unserialize($val);
         }
         
@@ -358 +358 @@
             $insert_values = array();
             foreach ($_SESSION['_prefs'][$this->_ns]['persistent'] as $key => $val) {
-                $insert_values[] = sprintf("('%s', '%s', '%s', '%s')", $db->escapeString($this->getParam('user_id')), $db->escapeString($this->_ns), $db->escapeString($key), $db->escapeString($val));
+                $insert_values[] = sprintf("('%s', '%s', '%s', '%s')", 
+                    $db->escapeString($this->getParam('user_id')), 
+                    $db->escapeString($this->_ns), 
+                    $db->escapeString($key), 
+                    $db->escapeString(serialize($val))
+                );
             }
             $db->query("