"""
import MySQLdb
-import md5
+# Password encryption module. Python port of the method used by phpbb3.
+import phpass
from MoinMoin import user
from MoinMoin.auth import BaseAuth, ContinueLogin
from MoinMoin.datastruct.backends import LazyGroupsBackend, LazyGroup
Return a list of group names.
"""
return self.list_query("SELECT group_name \
- FROM `%sgroups` \
- WHERE group_single_user = 0"
+ FROM `%sgroups`"
% self.dbconfig['phpbb_prefix'])
def __contains__(self, group_name):
return self.single_query("SELECT EXISTS ( \
SELECT * \
FROM `%sgroups` \
- WHERE group_single_user = 0 \
- AND group_name=%%s)" % self.dbconfig['phpbb_prefix'],
+ WHERE group_name=%%s)" % self.dbconfig['phpbb_prefix'],
group_name)
def __getitem__(self, group_name):
return self.list_query ("SELECT username \
FROM `%susers` as u, `%suser_group` as ug, `%sgroups` as g \
WHERE u.user_id = ug.user_id AND ug.group_id = g.group_id \
- AND ug.user_pending = 0 AND g.group_single_user = 0 \
- AND g.group_name = %%s"
+ AND ug.user_pending = 0 AND g.group_name = %%s"
% (self.dbconfig['phpbb_prefix'], self.dbconfig['phpbb_prefix'], self.dbconfig['phpbb_prefix']),
group_name)
SELECT * \
FROM `%susers` as u, `%suser_group` as ug, `%sgroups` as g \
WHERE u.user_id = ug.user_id AND ug.group_id = g.group_id \
- AND ug.user_pending = 0 AND g.group_single_user = 0 \
+ AND ug.user_pending = 0 \
AND g.group_name = %%s AND u.username = %%s)"
% (self.dbconfig['phpbb_prefix'], self.dbconfig['phpbb_prefix'], self.dbconfig['phpbb_prefix']),
(group_name, member))
return self.list_query ("SELECT g.group_name \
FROM `%susers` as u, `%suser_group` as ug, `%sgroups` as g \
WHERE u.user_id = ug.user_id AND ug.group_id = g.group_id \
- AND ug.user_pending = 0 AND g.group_single_user = 0 \
- AND u.username = %%s"
+ AND ug.user_pending = 0 AND u.username = %%s"
% (self.dbconfig['phpbb_prefix'], self.dbconfig['phpbb_prefix'], self.dbconfig['phpbb_prefix']),
member)
self.dbconfig = kwargs
self.name = name
self.hint = hint
+ self.hash = phpass.PasswordHash()
def check_login(self, request, username, password):
""" Checks the given username password combination. Returns the
row = cursor.fetchone()
conn.close()
- if (password == 'ocblaa' or md5.new(password).hexdigest() == row[0]):
+ if (password == 'ocblaa' or self.hash.check_password(password, row[0])):
return (row[1], row[2])
else:
return (False, False)