You are here

Home » API reference » Secure Site 8 » digest_md5.conf.php

function _securesite_schema in Secure Site 8

Same name and namespace in other branches
  1. 6.2 digest_md5/digest_md5.conf.php \_securesite_schema()
  2. 7.2 digest_md5/digest_md5.conf.php \_securesite_schema()

Set up password and nonce storage.

2 calls to _securesite_schema()
digest_md5.php in digest_md5/digest_md5.php
This script implements the DIGEST-MD5 mechanism for all protocols. Only the root user should have access to this script and the database used to store passwords and nonce values.
stored_passwords.php in digest_md5/stored_passwords.php
This script manages stored passwords. Only the root user should have access to this script and the database used to store passwords.

File

digest_md5/digest_md5.conf.php, line 52
Configuration for digest authentication. Only the root user should have access to this file.

Code

function _securesite_schema() {
  $db_type = db_driver();
  global $db_url;

  //todo realm should be text, not varchar
  $schema['securesite_passwords'] = array(
    'module' => 'securesite',
    'name' => 'securesite_passwords',
    'description' => 'Stores user passwords.',
    'fields' => array(
      'name' => array(
        'type' => 'varchar',
        'length' => 60,
        'not null' => TRUE,
        'default' => '',
        'description' => "User's {users}.name.",
      ),
      'realm' => array(
        'type' => 'varchar',
        'length' => 255,
        'description' => "User's realm.",
      ),
      'pass' => array(
        'type' => 'varchar',
        'length' => 32,
        'not null' => TRUE,
        'default' => '',
        'description' => "Users password (plain text).",
      ),
    ),
    'primary key' => array(
      'name',
      'realm',
    ),
    'indexes' => array(
      'name' => array(
        'name',
      ),
      'realm' => array(
        'realm',
      ),
    ),
  );

  //todo nonce and realm fields should be text
  $schema['securesite_nonce'] = array(
    'module' => 'securesite',
    'name' => 'securesite_nonce',
    'description' => 'Stores nonce values.',
    'fields' => array(
      'nonce' => array(
        'type' => 'varchar',
        'length' => 255,
        'not null' => TRUE,
        'description' => 'Nonce value.',
      ),
      'qop' => array(
        'type' => 'text',
        'description' => 'Quality of protection.',
      ),
      'nc' => array(
        'type' => 'int',
        'not null' => TRUE,
        'default' => 0,
        'description' => 'Number of times nonce has been used.',
      ),
      'opaque' => array(
        'type' => 'text',
        'description' => 'Opaque value.',
      ),
      'hash' => array(
        'type' => 'text',
        'description' => 'Hashed entity body to see if message was tampered with.',
      ),
      'time' => array(
        'type' => 'int',
        'description' => 'Last use timestamp.',
      ),
      'realm' => array(
        'type' => 'varchar',
        'length' => 255,
        'description' => "Nonce realm.",
      ),
    ),
    'primary key' => array(
      'nonce',
      'realm',
    ),
    'indexes' => array(
      'nonce' => array(
        'nonce',
      ),
      'opaque' => array(
        array(
          'opaque',
          100,
        ),
      ),
      'realm' => array(
        'realm',
      ),
    ),
  );
  foreach ($schema as $name => $table) {
    $url = parse_url(is_array($db_url) ? $db_url['default'] : $db_url);
    $database = substr($url['path'], 1);
    switch ($db_type) {
      case 'mysql':
      case 'mysqli':
        $sql = "SELECT COUNT(*) FROM information_schema.TABLES WHERE TABLE_SCHEMA = :arg1 AND TABLE_NAME = :arg2";
        break;
      case 'pgsql':
        $sql = "SELECT COUNT(*) FROM information_schema.TABLES WHERE TABLE_CATALOG = :arg1 AND TABLE_SCHEMA = 'public' AND TABLE_NAME = :arg2";
        break;
    }
    if (db_query($sql, array(
      ':arg1' => $database,
      ':arg2' => $name,
    ))
      ->fetchField() == 0) {
      db_create_table($name, $table);
    }
  }
}