int ccnet_user_manager_validate_emailuser (CcnetUserManager *manager, const char *email, const char *passwd) { CcnetDB *db = manager->priv->db; char *sql; char *email_down; char *stored_passwd = NULL; gboolean need_upgrade = FALSE; #ifdef HAVE_LDAP if (manager->use_ldap) { if (ldap_verify_user_password (manager, email, passwd) == 0) return 0; } #endif sql = "SELECT passwd FROM EmailUser WHERE email=?"; if (ccnet_db_statement_foreach_row (db, sql, get_password, &stored_passwd, 1, "string", email) > 0) { if (validate_passwd (passwd, stored_passwd, &need_upgrade)) { if (need_upgrade) update_user_passwd (manager, email, passwd); g_free (stored_passwd); return 0; } else { g_free (stored_passwd); return -1; } } email_down = g_ascii_strdown (email, strlen(email)); if (ccnet_db_statement_foreach_row (db, sql, get_password, &stored_passwd, 1, "string", email_down) > 0) { g_free (email_down); if (validate_passwd (passwd, stored_passwd, &need_upgrade)) { if (need_upgrade) update_user_passwd (manager, email, passwd); g_free (stored_passwd); return 0; } else { g_free (stored_passwd); return -1; } } g_free (email_down); return -1; }
int ccnet_user_manager_validate_emailuser (CcnetUserManager *manager, const char *email, const char *passwd) { CcnetDB *db = manager->priv->db; char sql[512]; char hashed_passwd[41]; hash_password (passwd, hashed_passwd); #ifdef HAVE_LDAP if (manager->use_ldap) { CcnetEmailUser *emailuser; snprintf (sql, sizeof(sql), "SELECT id, email, is_staff, is_active, ctime" " FROM EmailUser WHERE email='%s' AND passwd='%s'", email, hashed_passwd); if (ccnet_db_foreach_selected_row (db, sql, get_emailuser_cb, &emailuser) > 0) { if (ccnet_email_user_get_is_staff(emailuser)) { g_object_unref (emailuser); return 0; } g_object_unref (emailuser); } return ldap_verify_user_password (manager, email, passwd); } #endif snprintf (sql, 512, "SELECT email FROM EmailUser WHERE email='%s' AND " "passwd='%s'", email, hashed_passwd); if (ccnet_db_check_for_existence (db, sql)) return 0; return -1; }