$hash ], 'users', '`username` = ? AND `type` = ?', [ $username, 'mysql' ]); // FIXME should return BOOL } /** * Check if the backend allows user management at all (create/delete/modify users). * * @return bool TRUE if user management is possible, FALSE if it is not */ function mysql_auth_usermanagement() { return TRUE; } /** * Adds a new user to the user backend. * * @param string $username User's username * @param string $password User's password (plain text) * @param int $level User's auth level * @param string $email User's e-mail address * @param string $realname User's real name * @param bool $can_modify_passwd TRUE if user can modify their own password, FALSE if not * @param string $description User's description * @return bool TRUE if user addition is successful, FALSE if it is not */ function mysql_adduser($username, $password, $level, $email = "", $realname = "", $can_modify_passwd = '1', $description = "") { if (!mysql_auth_user_exists($username)) { // $hash = crypt($password, '$1$' . strgen(8).'$'); // This is old hash, do not used anymore (keep for history) $hash = password_hash($password, PASSWORD_DEFAULT); return dbInsert([ 'username' => $username, 'password' => $hash, 'level' => $level, 'email' => $email, 'realname' => $realname, 'can_modify_passwd' => $can_modify_passwd, 'descr' => $description ], 'users'); } return FALSE; } /** * Check if a user, specified by username, exists in the user backend. * * @param string $username Username to check * @return bool TRUE if the user exists, FALSE if they do not */ function mysql_auth_user_exists($username) { //return @dbFetchCell("SELECT COUNT(*) FROM `users` WHERE `username` = ?", array($username)); // FIXME should return BOOL return dbExist('users', '`username` = ? AND `type` = ?', [ $username, 'mysql' ]); } /** * Find the user's username by specifying their user ID. * * @param int $user_id The user's ID to look up the username for * @return string The user's user name, or FALSE if the user ID is not found */ function mysql_auth_username_by_id($user_id) { return dbFetchCell("SELECT `username` FROM `users` WHERE `user_id` = ? AND `type` = ?", [ $user_id, 'mysql' ]); // FIXME should return FALSE if not found } /** * Retrieve user auth level for specified user. * * @param string $username Username to retrieve the auth level for * @return int User's auth level */ function mysql_auth_user_level($username) { return dbFetchCell("SELECT `level` FROM `users` WHERE `username` = ? AND `type` = ?", [ $username, 'mysql' ]); } /** * Retrieve user id for specified user. * * @param string $username Username to retrieve the ID for * @return int User's ID */ function mysql_auth_user_id($username) { return dbFetchCell("SELECT `user_id` FROM `users` WHERE `username` = ? AND `type` = ?", [ $username, 'mysql' ]); } /** * Deletes a user from the user database. * * @param string $username Username to delete * @return bool TRUE if user deletion is successful, FALSE if it is not */ function mysql_deluser($username) { $user_id = mysql_auth_user_id($username); dbDelete('entity_permissions', "`user_id` = ? AND `auth_mechanism` = ?", [ $user_id, $GLOBALS['config']['auth_mechanism'] ]); dbDelete('roles_users', "`user_id` = ? AND `auth_mechanism` = ?", [ $user_id, $GLOBALS['config']['auth_mechanism'] ]); dbDelete('users_prefs', "`user_id` = ?", array($user_id)); dbDelete('users_ckeys', "`username` = ?", array($username)); return dbDelete('users', "`username` = ? AND `type` = ?", [ $username, 'mysql' ]); // FIXME should return BOOL } /** * Retrieve list of users with all details. * * @return array Rows of user data */ function mysql_auth_user_list() { return dbFetchRows("SELECT * FROM `users` WHERE `type` = ?", [ 'mysql' ]); // FIXME hardcode list of returned fields as in all other backends; array content should not depend on db changes/column names. } /** * Get the user information by username * * @param string $username Username * @return string The user's user name, or FALSE if the user ID is not found */ function mysql_auth_user_info($username) { return dbFetchRow("SELECT * FROM `users` WHERE `username` = ? AND `type` = ?", [ $username, 'mysql' ]); } // EOF