diff --git a/authsql.php b/authsql.php index d305590..9772e84 100644 --- a/authsql.php +++ b/authsql.php @@ -22,6 +22,10 @@ class authsql extends auth public $fieldPassword = "password"; /** The identifier field name (maybe email) */ public $fieldIdentifier = "email"; + /** The field name containing the lastname of the user */ + public $fieldLastname = null; + /** The field name containing the Firstname of the user */ + public $fieldFirstname = null; /** The informations fields (in an array) */ public $fieldsInfo = array (); @@ -48,6 +52,12 @@ class authsql extends auth if ($this->fieldPassword === null) throw new Exception (dgettext("domframework", "No fieldPassword defined"), 500); + if ($this->fieldLastname === null) + throw new Exception (dgettext("domframework", + "No fieldLastname defined"), 500); + if ($this->fieldFirstname === null) + throw new Exception (dgettext("domframework", + "No fieldFirstname defined"), 500); $fields = array_merge (array ($this->fieldIdentifier, $this->fieldPassword), $this->fieldsInfo); $fields = array_flip ($fields); @@ -68,6 +78,8 @@ class authsql extends auth "The SQL database is not connected"), 500); $data = $this->db->read (array (array ($this->fieldIdentifier, $email)), array_merge (array ($this->fieldIdentifier, + $this->fieldFirstname, + $this->fieldLastname, $this->fieldPassword), $this->fieldsInfo)); if (count ($data) === 0) @@ -83,8 +95,13 @@ class authsql extends auth throw new Exception (sprintf (dgettext("domframework", "Bad password for '%s'"), $email), 401); + // The password should never be stored by this function unset ($data[0][$this->fieldPassword]); - $this->details = $data[0]; + $content = $data[0]; + $content["email"] = $data[0][$this->fieldIdentifier]; + $content["lastname"] = $data[0][$this->fieldLastname]; + $content["firstname"] = $data[0][$this->fieldFirstname]; + $this->details = $content; } /** Return all the parameters recorded for the authenticate user */ @@ -109,9 +126,8 @@ class authsql extends auth 500); $data = $this->db->read (array (array ($this->fieldIdentifier, $this->details[$this->fieldIdentifier])), - array_merge (array ($this->fieldIdentifier, - $this->fieldPassword), - $this->fieldsInfo)); + array ($this->fieldIdentifier, + $this->fieldPassword)); $cryptedPassword = $data[0][$this->fieldPassword]; if (crypt ($oldpassword, $cryptedPassword) !== $cryptedPassword) throw new Exception (dgettext("domframework", @@ -144,9 +160,8 @@ class authsql extends auth throw new Exception (dgettext("domframework", "The SQL database is not connected"), 500); $data = $this->db->read (array (array ($this->fieldIdentifier, $email)), - array_merge (array ($this->fieldIdentifier, - $this->fieldPassword), - $this->fieldsInfo)); + array ($this->fieldIdentifier, + $this->fieldPassword)); if (count ($data) === 0) throw new Exception (sprintf (dgettext("domframework", "Unable to find the user : '%s'"), @@ -174,7 +189,9 @@ class authsql extends auth if ($this->db === null) throw new Exception (dgettext("domframework", "The SQL database is not connected"), 500); - $data = $this->db->read (null, array_merge (array ($this->fieldIdentifier), + $data = $this->db->read (null, array_merge (array ($this->fieldIdentifier, + $this->fieldFirstname, + $this->fieldLastname), $this->fieldsInfo)); return $data; }