如何在 Sabre DAV 的 PDO class 中获取用户的明文密码?
How to get user's plain password in PDO class of Sabre DAV?
如何在Sabre DAV库的以下文件中获取当前登录用户的明文密码?
https://github.com/sabre-io/dav/tree/master/lib/CardDAV/Backend
in Baikal, this file is at:
\baikal\vendor\sabre\dav\lib\CardDAV\Backend\PDO.php
<?php
declare(strict_types=1);
namespace Sabre\CardDAV\Backend;
use Sabre\CardDAV;
use Sabre\DAV;
use Sabre\DAV\PropPatch;
/**
* PDO CardDAV backend.
*
* This CardDAV backend uses PDO to store addressbooks
*
* @copyright Copyright (C) fruux GmbH (https://fruux.com/)
* @author Evert Pot (http://evertpot.com/)
* @license http://sabre.io/license/ Modified BSD License
*/
class PDO extends AbstractBackend implements SyncSupport
...
...
}
对于基本身份验证,文件是这样的:
\baikal\Core\Frameworks\Baikal\Core\PDOBasicAuth.php
明文密码在 validateUserPass 函数中,它可以存储在全局变量中(或在问题评论中提到的会话中):
function validateUserPass($username, $password) {
global $ptp;
$stmt = $this->pdo->prepare('SELECT username, digesta1 FROM ' . $this->tableName . ' WHERE username = ?');
$stmt->execute([$username]);
$result = $stmt->fetchAll();
if (!count($result)) {
return false;
}
$hash = md5($username . ':' . $this->authRealm . ':' . $password);
if ($result[0]['digesta1'] === $hash) {
$this->currentUser = $username;
$ptp = $password;
return true;
}
return false;
}
}
然后,在 \baikal\vendor\sabre\dav\lib\CardDAV\Backend\PDO.php 文件中,可以使用 global $ptp;
检索 $ptp 变量的值
如何在Sabre DAV库的以下文件中获取当前登录用户的明文密码?
https://github.com/sabre-io/dav/tree/master/lib/CardDAV/Backend
in Baikal, this file is at:
\baikal\vendor\sabre\dav\lib\CardDAV\Backend\PDO.php
<?php
declare(strict_types=1);
namespace Sabre\CardDAV\Backend;
use Sabre\CardDAV;
use Sabre\DAV;
use Sabre\DAV\PropPatch;
/**
* PDO CardDAV backend.
*
* This CardDAV backend uses PDO to store addressbooks
*
* @copyright Copyright (C) fruux GmbH (https://fruux.com/)
* @author Evert Pot (http://evertpot.com/)
* @license http://sabre.io/license/ Modified BSD License
*/
class PDO extends AbstractBackend implements SyncSupport
...
...
}
对于基本身份验证,文件是这样的:
\baikal\Core\Frameworks\Baikal\Core\PDOBasicAuth.php
明文密码在 validateUserPass 函数中,它可以存储在全局变量中(或在问题评论中提到的会话中):
function validateUserPass($username, $password) {
global $ptp;
$stmt = $this->pdo->prepare('SELECT username, digesta1 FROM ' . $this->tableName . ' WHERE username = ?');
$stmt->execute([$username]);
$result = $stmt->fetchAll();
if (!count($result)) {
return false;
}
$hash = md5($username . ':' . $this->authRealm . ':' . $password);
if ($result[0]['digesta1'] === $hash) {
$this->currentUser = $username;
$ptp = $password;
return true;
}
return false;
}
}
然后,在 \baikal\vendor\sabre\dav\lib\CardDAV\Backend\PDO.php 文件中,可以使用 global $ptp;