Add check for empty attributes to perl_mysql
[usenet/INN.git] / auth / perl_mysql
CommitLineData
4b531c6e
TH
1#!/usr/bin/perl -w
2#
3# INN perl_auth script
4# Authentication against MySQL Database
5#
6# Written by Thomas Hochstein <thh@inter.net>
7# based on a script written by Sven Weise (sven@futzelnet.de).
8# Covered under the same license as INN in general.
9#
10# user = Username
11# password = Passwort
12# active = User active/inactive? (for temp. suspension)
13#
14### database structure
15# CREATE TABLE IF NOT EXISTS `users` (
16# `userid` int(11) NOT NULL auto_increment,
17# `user` varchar(16) collate latin1_bin NOT NULL default '',
18# `password` varchar(16) collate latin1_bin NOT NULL default '',
19# `active` tinyint(1) NOT NULL default '1',
20# `username` varchar(60) collate latin1_bin default NULL,
21# `usermail` varchar(60) collate latin1_bin default NULL,
22# `domain` varchar(40) collate latin1_bin default '<EDITME>',
23# `llo` date default NULL,
24# PRIMARY KEY (`userid`),
25# UNIQUE KEY `user` (`user`)
26# );
27####################################################################################################################################
28
29
30
31# use strict;
32use DBI;
33use Time::localtime;
34
35### DB Vars - EDIT ME!
36$conf{'dbdriver'} = "mysql";
37$conf{'dbhost'} = "localhost";
38$conf{'database'} = "";
39$conf{'dbuser'} = "";
40$conf{'dbpw'} = "";
41$conf{'dbtable'} = "";
42$conf{'actcheck'} = 1;
43
44sub auth_init() {
45 #D open LOG, '>/usr/lib/news/bin/auth/passwd/test.log';
46
47};
48
49sub authenticate() {
50 # $attributes{hostname} hostname (or the IP address if it doesn't resolve) of the client machine
51 # $attributes{ipaddress} IP address (as a string)
52 # $attributes{port} client port (as an integer)
53 # $attributes{interface} hostname of the interface the client connected on
54 # $attributes{intipaddr} IP address (as a string) of the interface the client connected on
55 # $attributes{intport} port (as an integer) on the interface the client connected on
56 # $attributes{username} username
57 # $attributes{password} password
58
c1ede6db
TH
59 # return if username or password not set
60 if (!defined($attributes{username}) or !defined($attributes{password})) {
61 return (481, 'Authentication failure');
62 }
63
4b531c6e
TH
64 ### DB init
65 my $dbs = sprintf('DBI:%s:database=%s;host=%s',$conf{'dbdriver'},$conf{'database'},$conf{'dbhost'});
66 my $dbhandle = DBI->connect($dbs, $conf{'dbuser'}, $conf{'dbpw'}, { PrintError => 1 });
67
68 ### Query database and disconnect.
69
70 my(@result);
71
72 # quote SQL
73 my $sql_user = $dbhandle->quote($attributes{username});
74 my $sql_pass = $dbhandle->quote($attributes{password});
75
76 my $query = sprintf("SELECT domain FROM %s.%s WHERE user = %s AND password = %s",$conf{'database'},$conf{'dbtable'},$sql_user,$sql_pass);
77 if ($conf{'actcheck'}) {
78 $query .= ' AND active = 1';
79 };
80 my $dbquery = $dbhandle->prepare($query);
81 if ($dbquery->execute()) {
82 @result = $dbquery->fetchrow_array;
83 $dbquery->finish;
84
85 if (@result) {
86 # log timestamp
87 my $tm = localtime;
88 my $today = sprintf('%04d-%02d-%02d', $tm->year+1900, ($tm->mon)+1, $tm->mday);
89 $query = sprintf("UPDATE %s.%s SET llo = '%s' WHERE user = %s",$conf{'database'},$conf{'dbtable'},$today,$sql_user);
90 $dbquery = $dbhandle->prepare($query);
91 $dbquery->execute();
92 $dbquery->finish;
93 };
94 };
95 $dbhandle->disconnect;
96 ###
97
98 ### check password and respond appropriate
99 if (@result) {
100 my $user = $attributes{username} . '@' . $result[0];
101 return (281, 'Authentication successful: '.$user, $user);
102 } else {
103 return (481, 'Authentication failure');
104 }
105
106 # code execution should never reach this point
107 return (481, 'Authentication failure');
108};
109### EOF ###
This page took 0.013706 seconds and 4 git commands to generate.