X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_sqlauth.cpp;h=4d0cc6a761139b572f11118b881d19d7e184aab9;hb=563ad5acb0fb3d1aee5094989377d8b284d33d92;hp=9ca4473b82fb38475d2f89a35a0c8bc99b5f2c04;hpb=84235673df58bb199622c67bbead02d91f953838;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/extra/m_sqlauth.cpp b/src/modules/extra/m_sqlauth.cpp
index 9ca4473b8..4d0cc6a76 100644
--- a/src/modules/extra/m_sqlauth.cpp
+++ b/src/modules/extra/m_sqlauth.cpp
@@ -2,7 +2,7 @@
  *       | Inspire Internet Relay Chat Daemon |
  *       +------------------------------------+
  *
- *  InspIRCd: (C) 2002-2008 InspIRCd Development Team
+ *  InspIRCd: (C) 2002-2009 InspIRCd Development Team
  * See: http://www.inspircd.org/wiki/index.php/Credits
  *
  * This program is free but copyrighted software; see
@@ -12,9 +12,6 @@
  */
 
 #include "inspircd.h"
-#include "users.h"
-#include "channels.h"
-#include "modules.h"
 #include "m_sqlv2.h"
 #include "m_sqlutils.h"
 #include "m_hash.h"
@@ -31,12 +28,12 @@ class ModuleSQLAuth : public Module
 	std::string killreason;
 	std::string allowpattern;
 	std::string databaseid;
-	
+
 	bool verbose;
-	
+
 public:
 	ModuleSQLAuth(InspIRCd* Me)
-	: Module::Module(Me)
+	: Module(Me)
 	{
 		ServerInstance->Modules->UseInterface("SQLutils");
 		ServerInstance->Modules->UseInterface("SQL");
@@ -74,12 +71,12 @@ public:
 
 	virtual int OnUserRegister(User* user)
 	{
-		if ((!allowpattern.empty()) && (ServerInstance->MatchText(user->nick,allowpattern)))
+		if ((!allowpattern.empty()) && (InspIRCd::Match(user->nick,allowpattern)))
 		{
 			user->Extend("sqlauthed");
 			return 0;
 		}
-		
+
 		if (!CheckCredentials(user))
 		{
 			ServerInstance->Users->QuitUser(user, killreason);
@@ -88,38 +85,32 @@ public:
 		return 0;
 	}
 
-	void SearchAndReplace(std::string& newline, const std::string &find, const std::string &replace)
-	{
-		std::string::size_type x = newline.find(find);
-		while (x != std::string::npos)
-		{
-			newline.erase(x, find.length());
-			if (!replace.empty())
-				newline.insert(x, replace);
-			x = newline.find(find);
-		}
-	}
-
 	bool CheckCredentials(User* user)
 	{
 		std::string thisquery = freeformquery;
 		std::string safepass = user->password;
-		
+		std::string safegecos = user->fullname;
+
 		/* Search and replace the escaped nick and escaped pass into the query */
 
-		SearchAndReplace(safepass, "\"", "");
+		SearchAndReplace(safepass, std::string("\""), std::string("\\\""));
+		SearchAndReplace(safegecos, std::string("\""), std::string("\\\""));
 
-		SearchAndReplace(thisquery, "$nick", user->nick);
-		SearchAndReplace(thisquery, "$pass", safepass);
-		SearchAndReplace(thisquery, "$host", user->host);
-		SearchAndReplace(thisquery, "$ip", user->GetIPString());
+		SearchAndReplace(thisquery, std::string("$nick"), user->nick);
+		SearchAndReplace(thisquery, std::string("$pass"), safepass);
+		SearchAndReplace(thisquery, std::string("$host"), user->host);
+		SearchAndReplace(thisquery, std::string("$ip"), std::string(user->GetIPString()));
+		SearchAndReplace(thisquery, std::string("$gecos"), safegecos);
+		SearchAndReplace(thisquery, std::string("$ident"), user->ident);
+		SearchAndReplace(thisquery, std::string("$server"), std::string(user->server));
+		SearchAndReplace(thisquery, std::string("$uuid"), user->uuid);
 
 		Module* HashMod = ServerInstance->Modules->Find("m_md5.so");
 
 		if (HashMod)
 		{
 			HashResetRequest(this, HashMod).Send();
-			SearchAndReplace(thisquery, "$md5pass", HashSumRequest(this, HashMod, user->password).Send());
+			SearchAndReplace(thisquery, std::string("$md5pass"), std::string(HashSumRequest(this, HashMod, user->password).Send()));
 		}
 
 		HashMod = ServerInstance->Modules->Find("m_sha256.so");
@@ -127,12 +118,12 @@ public:
 		if (HashMod)
 		{
 			HashResetRequest(this, HashMod).Send();
-			SearchAndReplace(thisquery, "$sha256pass", HashSumRequest(this, HashMod, user->password).Send());
+			SearchAndReplace(thisquery, std::string("$sha256pass"), std::string(HashSumRequest(this, HashMod, user->password).Send()));
 		}
 
 		/* Build the query */
 		SQLrequest req = SQLrequest(this, SQLprovider, databaseid, SQLquery(thisquery));
-			
+
 		if(req.Send())
 		{
 			/* When we get the query response from the service provider we will be given an ID to play with,
@@ -143,17 +134,17 @@ public:
 			 * us to discard the query.
 		 	 */
 			AssociateUser(this, SQLutils, req.id, user).Send();
-				
+
 			return true;
 		}
 		else
 		{
 			if (verbose)
-				ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick.c_str(), user->ident.c_str(), user->host, req.error.Str());
+				ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), req.error.Str());
 			return false;
 		}
 	}
-	
+
 	virtual const char* OnRequest(Request* request)
 	{
 		if(strcmp(SQLRESID, request->GetId()) == 0)
@@ -162,10 +153,10 @@ public:
 
 			User* user = GetAssocUser(this, SQLutils, res->id).S().user;
 			UnAssociate(this, SQLutils, res->id).S();
-			
+
 			if(user)
 			{
-				if(res->error.Id() == NO_ERROR)
+				if(res->error.Id() == SQL_NO_ERROR)
 				{
 					if(res->Rows())
 					{
@@ -175,13 +166,13 @@ public:
 					else if (verbose)
 					{
 						/* No rows in result, this means there was no record matching the user */
-						ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query returned no matches)", user->nick.c_str(), user->ident.c_str(), user->host);
+						ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query returned no matches)", user->nick.c_str(), user->ident.c_str(), user->host.c_str());
 						user->Extend("sqlauth_failed");
 					}
 				}
 				else if (verbose)
 				{
-					ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick.c_str(), user->ident.c_str(), user->host, res->error.Str());
+					ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), res->error.Str());
 					user->Extend("sqlauth_failed");
 				}
 			}
@@ -195,16 +186,16 @@ public:
 				ServerInstance->Users->QuitUser(user, killreason);
 			}
 			return SQLSUCCESS;
-		}		
+		}
 		return NULL;
 	}
-	
+
 	virtual void OnUserDisconnect(User* user)
 	{
 		user->Shrink("sqlauthed");
-		user->Shrink("sqlauth_failed");		
+		user->Shrink("sqlauth_failed");
 	}
-	
+
 	virtual bool OnCheckReady(User* user)
 	{
 		return user->GetExt("sqlauthed");
@@ -212,9 +203,9 @@ public:
 
 	virtual Version GetVersion()
 	{
-		return Version(1,2,1,0,VF_VENDOR,API_VERSION);
+		return Version("$Id$", VF_VENDOR, API_VERSION);
 	}
-	
+
 };
 
 MODULE_INIT(ModuleSQLAuth)