diff options
author | Christian Pointner <equinox@helsinki.at> | 2014-09-18 14:49:46 (GMT) |
---|---|---|
committer | Christian Pointner <equinox@helsinki.at> | 2014-09-18 14:49:46 (GMT) |
commit | a6fb1a8e95126a33fd742ff014bc813e9fa20be4 (patch) | |
tree | 07dca6b3ac4123a2b2cc6a931813ff95ff45cae3 /lib | |
parent | d2df76a89f29acd03383da6a76839435c51e8621 (diff) |
added check_token routine
Diffstat (limited to 'lib')
-rwxr-xr-x | lib/rddb.pm | 31 |
1 files changed, 24 insertions, 7 deletions
diff --git a/lib/rddb.pm b/lib/rddb.pm index a7506a2..c12ea26 100755 --- a/lib/rddb.pm +++ b/lib/rddb.pm @@ -32,12 +32,7 @@ sub closedb sub get_token { - my $username = shift; - - my ($dbh, $state, $errorstring) = opendb(); - unless(defined $dbh) { - return ('', $state, $errorstring); - } + my ($dbh, $username) = @_; my $sth = $dbh->prepare('select PASSWORD from USERS where LOGIN_NAME = ?') or return ('', 'ERROR', "Database Error: " . $dbh->errstr); @@ -47,7 +42,6 @@ sub get_token my ($token) = $sth->fetchrow_array; $sth->finish(); - closedb($dbh); unless(defined $token) { return ('', 'ERROR', "user '" . $username . "' not known by rivendell") @@ -55,4 +49,27 @@ sub get_token return ($token, 'OK', 'success'); } +sub check_token +{ + my ($dbh, $username, $token) = @_; + + my $sth = $dbh->prepare('select PASSWORD from USERS where LOGIN_NAME = ?') + or return (0, 'ERROR', "Database Error: " . $dbh->errstr); + + $sth->execute($username) + or return (0, 'ERROR', "Database Error: " . $sth->errstr); + + my ($token_result) = $sth->fetchrow_array; + $sth->finish(); + + unless(defined $token_result) { + return (0, 'ERROR', "user '" . $username . "' not known by rivendell") + } + + if($token_result == $token) { + return (1, 'OK', 'success'); + } + return (0, 'ERROR', "wrong password"); +} + return 1; |