[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  /**
   4   * An SQLite store.
   5   *
   6   * @package OpenID
   7   */
   8  
   9  // Do not allow direct access
  10  defined( '_JEXEC' ) or die( 'Restricted access' );
  11  
  12  /**
  13   * Require the base class file.
  14   */
  15  require_once "Auth/OpenID/SQLStore.php";
  16  
  17  /**
  18   * An SQL store that uses SQLite as its backend.
  19   *
  20   * @package OpenID
  21   */
  22  class Auth_OpenID_SQLiteStore extends Auth_OpenID_SQLStore {
  23      function setSQL()
  24      {
  25          $this->sql['nonce_table'] =
  26              "CREATE TABLE %s (server_url VARCHAR(2047), timestamp INTEGER, ".
  27              "salt CHAR(40), UNIQUE (server_url, timestamp, salt))";
  28  
  29          $this->sql['assoc_table'] =
  30              "CREATE TABLE %s (server_url VARCHAR(2047), handle VARCHAR(255), ".
  31              "secret BLOB(128), issued INTEGER, lifetime INTEGER, ".
  32              "assoc_type VARCHAR(64), PRIMARY KEY (server_url, handle))";
  33  
  34          $this->sql['set_assoc'] =
  35              "INSERT OR REPLACE INTO %s VALUES (?, ?, ?, ?, ?, ?)";
  36  
  37          $this->sql['get_assocs'] =
  38              "SELECT handle, secret, issued, lifetime, assoc_type FROM %s ".
  39              "WHERE server_url = ?";
  40  
  41          $this->sql['get_assoc'] =
  42              "SELECT handle, secret, issued, lifetime, assoc_type FROM %s ".
  43              "WHERE server_url = ? AND handle = ?";
  44  
  45          $this->sql['remove_assoc'] =
  46              "DELETE FROM %s WHERE server_url = ? AND handle = ?";
  47  
  48          $this->sql['add_nonce'] =
  49              "INSERT INTO %s (server_url, timestamp, salt) VALUES (?, ?, ?)";
  50  
  51          $this->sql['clean_nonce'] =
  52              "DELETE FROM %s WHERE timestamp < ?";
  53  
  54          $this->sql['clean_assoc'] =
  55              "DELETE FROM %s WHERE issued + lifetime < ?";
  56      }
  57  
  58      /**
  59       * @access private
  60       */
  61      function _add_nonce($server_url, $timestamp, $salt)
  62      {
  63          // PECL SQLite extensions 1.0.3 and older (1.0.3 is the
  64          // current release at the time of this writing) have a broken
  65          // sqlite_escape_string function that breaks when passed the
  66          // empty string. Prefixing all strings with one character
  67          // keeps them unique and avoids this bug. The nonce table is
  68          // write-only, so we don't have to worry about updating other
  69          // functions with this same bad hack.
  70          return parent::_add_nonce('x' . $server_url, $timestamp, $salt);
  71      }
  72  }
  73  
  74  ?>