Apache Zeta Components Manual :: File Source for database_filter.php
Source for file database_filter.php
Documentation is available at database_filter.php
* File containing the ezcAuthenticationDatabaseFilter class.
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
* @package AuthenticationDatabaseTiein
* @version //autogentag//
* Filter to authenticate against a database.
* The database instance to use is specified using a ezcAuthenticationDatabaseInfo
* structure. Table name and field names are specified in the same structure.
* $credentials = new ezcAuthenticationPasswordCredentials( 'jan.modaal', 'b1b3773a05c0ed0176787a4f1574ff0075f7521e' );
* $database = new ezcAuthenticationDatabaseInfo( ezcDbInstance::get(), 'users', array( 'user', 'password' ) );
* $authentication = new ezcAuthentication( $credentials );
* $authentication->addFilter( new ezcAuthenticationDatabaseFilter( $database ) );
* if ( !$authentication->run() )
* // authentication did not succeed, so inform the user
* $status = $authentication->getStatus();
* 'ezcAuthenticationDatabaseFilter' => array(
* ezcAuthenticationDatabaseFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username',
* ezcAuthenticationDatabaseFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'
* foreach ( $status as $line )
* list( $key, $value ) = each( $line );
* echo $err[$key][$value] . "\n";
* // authentication succeeded, so allow the user to see his content
* Extra data can be fetched from the database during the authentication process,
* by registering the data to be fetched before calling run(). Example:
* // $filter is an ezcAuthenticationDatabaseFilter object
* $filter->registerFetchData( array( 'name', 'country' ) );
* $data = $filter->fetchData();
* The $data array will be something like:
* array( 'name' => array( 'John Doe' ),
* 'country' => array( 'US' )
* @property ezcAuthenticationDatabaseInfo $database
* Structure which holds a database instance, table name and fields
* which are used for authentication.
* @package AuthenticationDatabaseTiein
* @version //autogentag//
* Username is not found in the database.
* Holds the attributes which will be requested during the authentication
* Usually it has this structure:
* array( 'fullname', 'gender', 'country', 'language' );
* Holds the extra data fetched during the authentication process.
* Usually it has this structure:
* array( 'name' => array( 'John Doe' ),
* 'country' => array( 'US' )
* @var array(string=>mixed)
protected $data =
array();
* Holds the properties of this class.
* @var array(string=>mixed)
private $properties =
array();
* Creates a new object of this class.
* @param ezcAuthenticationDatabaseInfo $database Database to use in authentication
* @param ezcAuthenticationDatabaseOptions $options Options for this class
public function __construct( ezcAuthenticationDatabaseInfo $database, ezcAuthenticationDatabaseOptions $options =
null )
$this->database =
$database;
* Sets the property $name to $value.
* @throws ezcBasePropertyNotFoundException
* if the property $name does not exist
* @throws ezcBaseValueException
* if $value is not correct for the property $name
* @param string $name The name of the property to set
* @param mixed $value The new value of the property
public function __set( $name, $value )
$this->properties[$name] =
$value;
* Returns the value of the property $name.
* @throws ezcBasePropertyNotFoundException
* if the property $name does not exist
* @param string $name The name of the property for which to return the value
public function __get( $name )
return $this->properties[$name];
* Returns true if the property $name is set, otherwise false.
* @param string $name The name of the property to test if it is set
public function __isset( $name )
return isset
( $this->properties[$name] );
* Runs the filter and returns a status code when finished.
* @param ezcAuthenticationPasswordCredentials $credentials Authentication credentials
public function run( $credentials )
// see if username exists
$query->select( 'COUNT( ' .
$db->instance->quoteIdentifier( $db->fields[0] ) .
' )' )
->from( $db->instance->quoteIdentifier( $db->table ) )
$e->eq( $db->instance->quoteIdentifier( $db->fields[0] ), $query->bindValue( $credentials->id ) )
$rows =
$query->prepare();
$count = (int)
$rows->fetchColumn( 0 );
return self::STATUS_USERNAME_INCORRECT;
// see if username has the specified password
$query->select( 'COUNT( ' .
$db->instance->quoteIdentifier( $db->fields[0] ) .
' )' )
->from( $db->instance->quoteIdentifier( $db->table ) )
$e->eq( $db->instance->quoteIdentifier( $db->fields[0] ), $query->bindValue( $credentials->id ) ),
$e->eq( $db->instance->quoteIdentifier( $db->fields[1] ), $query->bindValue( $credentials->password ) )
$rows =
$query->prepare();
$count = (int)
$rows->fetchColumn( 0 );
return self::STATUS_PASSWORD_INCORRECT;
// fetch extra data from the database
$params[] =
$db->instance->quoteIdentifier( $param );
$query->select( implode( ', ', $params ) )
->from( $db->instance->quoteIdentifier( $db->table ) )
$e->eq( $db->instance->quoteIdentifier( $db->fields[0] ), $query->bindValue( $credentials->id ) ),
$e->eq( $db->instance->quoteIdentifier( $db->fields[1] ), $query->bindValue( $credentials->password ) )
$rows =
$query->prepare();
$data =
$rows->fetchAll();
$this->data[$attribute] =
array( $data[$attribute] );
* Registers the extra data which will be fetched by the filter during the
* authentication process.
* The input $data should be an array of attributes, for example:
* array( 'name', 'country' );
* @param array(string) $data The extra data to fetch during authentication
* Returns the extra data which was fetched during the authentication process.
* Example of returned array:
* array( 'name' => array( 'John Doe' ),
* 'country' => array( 'US' )
* @return array(string=>mixed)