From 4bf882d38570f851fe6bc31f08c0383c8762e1ed Mon Sep 17 00:00:00 2001
From: Jan Vidar Krey <janvidar@extatic.org>
Date: Thu, 29 Jul 2010 11:22:57 +0200
Subject: [PATCH] Fixed credentials handling, and added debug output for SQL.

---
 src/plugins/mod_auth_sqlite.c | 59 ++++++++++++++++++++++++++---------
 1 file changed, 45 insertions(+), 14 deletions(-)

diff --git a/src/plugins/mod_auth_sqlite.c b/src/plugins/mod_auth_sqlite.c
index 5ce8c7a..4e93334 100644
--- a/src/plugins/mod_auth_sqlite.c
+++ b/src/plugins/mod_auth_sqlite.c
@@ -12,6 +12,8 @@
 #include "util/log.h"
 #include "util/config_token.h"
 
+#define DEBUG_SQL
+
 
 static void set_error_message(struct plugin_handle* plugin, const char* msg)
 {
@@ -35,7 +37,6 @@ static struct sql_data* parse_config(const char* line, struct plugin_handle* plu
 
 	while (token)
 	{
-
 		char* split = strchr(token, '=');
 		size_t len = strlen(token);
 		size_t key = split ? (split - token) : len;
@@ -45,6 +46,7 @@ static struct sql_data* parse_config(const char* line, struct plugin_handle* plu
 			{
 				cfg_tokens_free(tokens);
 				hub_free(data);
+				set_error_message(plugin, "Unable to open database file");
 				return 0;
 			}
 		}
@@ -62,8 +64,14 @@ static struct sql_data* parse_config(const char* line, struct plugin_handle* plu
 		}
 		token = cfg_token_get_next(tokens);
 	}
-
 	cfg_tokens_free(tokens);
+
+	if (!data->db)
+	{
+	      set_error_message(plugin, "No database file is given, use file=<database>");
+	      hub_free(data);
+	      return 0;
+	}
 	return data;
 }
 
@@ -81,25 +89,36 @@ static const char* sql_escape_string(const char* str)
 	return out;
 }
 
+struct data_record {
+	struct auth_info* data;
+	int found;
+};
+
 static int get_user_callback(void* ptr, int argc, char **argv, char **colName){
-	struct auth_info* data = (struct auth_info*) ptr;
-	int i;
-	for(i=0; i<argc; i++) {
+	struct data_record* data = (struct data_record*) ptr;
+	int i = 0;
+	for (; i < argc; i++) {
 		if (strcmp(colName[i], "nickname") == 0)
-			strncpy(data->nickname, argv[i], MAX_NICK_LEN);
+			strncpy(data->data->nickname, argv[i], MAX_NICK_LEN);
 		else if (strcmp(colName[i], "password") == 0)
-			strncpy(data->password, argv[i], MAX_PASS_LEN);
+			strncpy(data->data->password, argv[i], MAX_PASS_LEN);
 		else if (strcmp(colName[i], "credentials") == 0)
 		{
-			auth_string_to_cred(colName[i], &data->credentials);
+			auth_string_to_cred(argv[i], &data->data->credentials);
+			data->found = 1;
 		}
 	}
+
+#ifdef DEBUG_SQL
+	printf("SQL: nickname=%s, password=%s, credentials=%s\n", data->data->nickname, data->data->password, auth_cred_to_string(data->data->credentials));
+#endif
 	return 0;
 }
 
 static plugin_st get_user(struct plugin_handle* plugin, const char* nickname, struct auth_info* data)
 {
 	struct sql_data* sql = (struct sql_data*) plugin->ptr;
+	struct data_record result;
 	char query[1024];
 	char* errMsg;
 	int rc;
@@ -107,13 +126,25 @@ static plugin_st get_user(struct plugin_handle* plugin, const char* nickname, st
 	snprintf(query, sizeof(query), "SELECT * FROM users WHERE nickname='%s';", sql_escape_string(nickname));
 	memset(data, 0, sizeof(struct auth_info));
 
-	rc = sqlite3_exec(sql->db, query , get_user_callback, data, &errMsg);
-	if( rc != SQLITE_OK ){
-		fprintf(stderr, "SQL error: %s\n", errMsg);
-		sqlite3_free(errMsg);
-	}
+	result.data = data;
+	result.found = 0;
 
-	return st_allow;
+#ifdef DEBUG_SQL
+	printf("SQL: %s\n", query);
+#endif
+
+	rc = sqlite3_exec(sql->db, query , get_user_callback, &result, &errMsg);
+	if (rc != SQLITE_OK) {
+#ifdef DEBUG_SQL
+		fprintf(stderr, "SQL: ERROR: %s\n", errMsg);
+#endif
+		sqlite3_free(errMsg);
+		return st_default;
+	}
+	
+	if (result.found)
+		return st_allow;
+	return st_default;
 }
 
 static plugin_st register_user(struct plugin_handle* plugin, struct auth_info* user)