From 54c1264e2477a722ba8293a369a4dafe7755b65d Mon Sep 17 00:00:00 2001
From: "Aldo \"xoen\" Giambelluca" <xoen@xoen.org>
Date: Sat, 3 Jul 2010 19:38:31 +0200
Subject: [PATCH] Using table prefix preference in 'inc/lib_user.php'

---
 inc/lib_user.php | 55 ++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 44 insertions(+), 11 deletions(-)

diff --git a/inc/lib_user.php b/inc/lib_user.php
index e5d994dd02..d3b38bc2ea 100755
--- a/inc/lib_user.php
+++ b/inc/lib_user.php
@@ -55,6 +55,8 @@ class OC_USER {
 	*
 	*/
 	public static function createuser($username,$password){
+		global $CONFIG_DBTABLEPREFIX;
+
 		if(OC_USER::getuserid($username)!=0){
 			return false;
 		}else{
@@ -62,7 +64,8 @@ class OC_USER {
 			$usernameclean=strtolower($username);
 			$username=OC_DB::escape($username);
 			$usernameclean=OC_DB::escape($usernameclean);
-			$query="INSERT INTO  `users` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL ,  '$username',  '$usernameclean',  '$password')";
+			$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users';
+			$query = "INSERT INTO  `$dbTableUsers` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL ,  '$username',  '$usernameclean',  '$password')";
 			$result=OC_DB::query($query);
 			return ($result)?true:false;
 		}
@@ -74,11 +77,14 @@ class OC_USER {
 	*
 	*/
 	public static function login($username,$password){
+		global $CONFIG_DBTABLEPREFIX;
+
 		$password=sha1($password);
 		$usernameclean=strtolower($username);
 		$username=OC_DB::escape($username);
 		$usernameclean=OC_DB::escape($usernameclean);
-		$query="SELECT user_id FROM  users WHERE  user_name_clean =  '$usernameclean' AND  user_password =  '$password' LIMIT 1";
+		$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users';
+		$query = "SELECT user_id FROM $dbTableUsers WHERE user_name_clean = '$usernameclean' AND  user_password =  '$password' LIMIT 1";
 		$result=OC_DB::select($query);
 		if(isset($result[0]) && isset($result[0]['user_id'])){
 			$_SESSION['user_id']=$result[0]['user_id'];
@@ -116,9 +122,12 @@ class OC_USER {
 	*
 	*/
 	public static function creategroup($groupname){
+		global $CONFIG_DBTABLEPREFIX;
+
 		if(OC_USER::getgroupid($groupname)==0){
 			$groupname=OC_DB::escape($groupname);
-			$query="INSERT INTO  `groups` (`group_id` ,`group_name`) VALUES (NULL ,  '$groupname')";
+			$dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups';
+			$query="INSERT INTO `$dbTableGroups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname')";
 			$result=OC_DB::query($query);
 			return ($result)?true:false;
 		}else{
@@ -131,10 +140,13 @@ class OC_USER {
 	*
 	*/
 	public static function getuserid($username){
+		global $CONFIG_DBTABLEPREFIX;
+
 		$usernameclean=strtolower($username);
 		$username=OC_DB::escape($username);
 		$usernameclean=OC_DB::escape($usernameclean);
-		$query="SELECT user_id FROM  users WHERE user_name_clean = '$usernameclean'";
+		$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users';
+		$query="SELECT user_id FROM $dbTableUsers WHERE user_name_clean = '$usernameclean'";
 		$result=OC_DB::select($query);
 		if(!is_array($result)){
 			return 0;
@@ -151,8 +163,11 @@ class OC_USER {
 	*
 	*/
 	public static function getgroupid($groupname){
+		global $CONFIG_DBTABLEPREFIX;
+
 		$groupname=OC_DB::escape($groupname);
-		$query="SELECT group_id FROM groups WHERE  group_name = '$groupname'";
+		$dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups';
+		$query="SELECT group_id FROM $dbTableGroups WHERE  group_name = '$groupname'";
 		$result=OC_DB::select($query);
 		if(!is_array($result)){
 			return 0;
@@ -169,8 +184,11 @@ class OC_USER {
 	*
 	*/
 	public static function getgroupname($groupid){
+		global $CONFIG_DBTABLEPREFIX;
+
 		$groupid=(integer)$groupid;
-		$query="SELECT group_name FROM  groups WHERE  group_id =  '$groupid' LIMIT 1";
+		$dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups';
+		$query="SELECT group_name FROM $dbTableGroups WHERE group_id = '$groupid' LIMIT 1";
 		$result=OC_DB::select($query);
 		if(isset($result[0]) && isset($result[0]['group_name'])){
 			return $result[0]['group_name'];
@@ -184,10 +202,13 @@ class OC_USER {
 	*
 	*/
 	public static function ingroup($username,$groupname){
+		global $CONFIG_DBTABLEPREFIX;
+
 		$userid=OC_USER::getuserid($username);
 		$groupid=OC_USER::getgroupid($groupname);
 		if($groupid>0 and $userid>0){
-			$query="SELECT user_group_id FROM  user_group WHERE  group_id = $groupid  AND user_id = $userid LIMIT 1";
+			$dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group';
+			$query="SELECT user_group_id FROM $dbTableUserGroup WHERE group_id = $groupid AND user_id = $userid LIMIT 1";
 			$result=OC_DB::select($query);
 			if(isset($result[0]) && isset($result[0]['user_group_id'])){
 				return true;
@@ -204,11 +225,14 @@ class OC_USER {
 	*
 	*/
 	public static function addtogroup($username,$groupname){
+		global $CONFIG_DBTABLEPREFIX;
+
 		if(!OC_USER::ingroup($username,$groupname)){
 			$userid=OC_USER::getuserid($username);
 			$groupid=OC_USER::getgroupid($groupname);
 			if($groupid!=0 and $userid!=0){
-				$query="INSERT INTO `user_group` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL ,  '$userid',  '$groupid');";
+				$dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group';
+				$query="INSERT INTO `$dbTableUserGroup` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid',  '$groupid');";
 				$result=OC_DB::query($query);
 				if($result){
 					return true;
@@ -232,8 +256,11 @@ class OC_USER {
 	*
 	*/
 	public static function getusergroups($username){
+		global $CONFIG_DBTABLEPREFIX;
+
 		$userid=OC_USER::getuserid($username);
-		$query="SELECT group_id FROM  user_group WHERE  user_id =  '$userid'";
+		$dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group';
+		$query = "SELECT group_id FROM $dbTableUserGroup WHERE user_id = '$userid'";
 		$result=OC_DB::select($query);
 		$groups=array();
 		if(is_array($result)){
@@ -250,9 +277,12 @@ class OC_USER {
 	*
 	*/
 	public static function setpassword($username,$password){
+		global $CONFIG_DBTABLEPREFIX;
+
 		$password=sha1($password);
 		$userid=OC_USER::getuserid($username);
-		$query="UPDATE  users SET  user_password = '$password' WHERE  user_id ='$userid'";
+		$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users';
+		$query = "UPDATE $dbTableUsers SET user_password = '$password' WHERE user_id ='$userid'";
 		$result=OC_DB::query($query);
 		if($result){
 			return true;
@@ -266,11 +296,14 @@ class OC_USER {
 	*
 	*/
 	public static function checkpassword($username,$password){
+		global $CONFIG_DBTABLEPREFIX;
+
 		$password=sha1($password);
 		$usernameclean=strtolower($username);
 		$username=OC_DB::escape($username);
 		$usernameclean=OC_DB::escape($usernameclean);
-		$query="SELECT user_id FROM  'users' WHERE  user_name_clean =  '$usernameclean' AND  user_password =  '$password' LIMIT 1";
+		$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users';
+		$query = "SELECT user_id FROM '$dbTableUsers' WHERE user_name_clean = '$usernameclean' AND  user_password =  '$password' LIMIT 1";
 		$result=OC_DB::select($query);
 		if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){
 			return true;
-- 
GitLab