<config for="Authenticator">
<!-- Connection data for class Authenticator -->
<param>
<name>connection</name>
<type>array</type>
<value>
<item key="dbName" type="string">AuthenticatorDemo</item>
<item key="dbHost" type="string">localhost</item>
<item key="dbUser" type="string">test</item>
<item key="dbPassword" type="string">1234</item>
</value>
</param>
<!-- Check if a table exists -->
<param>
<name>haveTable</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME
</item>
<item key="queryTemplate">
<![CDATA[
SHOW TABLES LIKE "%TABLE_NAME%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Lock a given table name -->
<param>
<name>lockTable</name>
<type>array</type>
<value>
<item key="queryParams">
MY_TABLE
</item>
<item key="queryTemplate">
<![CDATA[
LOCK TABLES `%MY_TABLE%` WRITE;
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Unlock all tables -->
<param>
<name>unlock</name>
<type>array</type>
<value>
<item key="queryTemplate">
<![CDATA[
UNLOCK TABLES;
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Create the "users" table -->
<param>
<name>makeUsersTable</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER_MAIL_COL, SECURITY_QUESTION_COL, SECURITY_ANSWER_COL,
USER_PASSWORD_COL, CONFIRMATION_UID_COL, USER_ROLE_COL, LAST_IP_COL, LAST_SESSION_UID
</item>
<item key="queryTemplate">
<![CDATA[
CREATE TABLE `%TABLE_NAME%`(
`%USER_NAME_COL%` VARCHAR(255) NOT NULL,
`%USER_MAIL_COL%` VARCHAR(255) NOT NULL,
`%SECURITY_QUESTION_COL%` VARCHAR(1024) NOT NULL,
`%SECURITY_ANSWER_COL%` VARCHAR(1024) NOT NULL,
`%USER_PASSWORD_COL%` VARCHAR(255) NOT NULL,
`%CONFIRMATION_UID_COL%` VARCHAR(255),
`%USER_ROLE_COL%` VARCHAR(128) NOT NULL,
`%LAST_IP_COL%` VARCHAR(128) NOT NULL,
`%LAST_SESSION_UID%` VARCHAR(255),
PRIMARY KEY (`%USER_NAME_COL%`),
UNIQUE (`%USER_MAIL_COL%`)
);
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Create the blacklist table -->
<param>
<name>makeBlacklistTable</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, IP_COL, BAN_EXPIRE_COL, STATUS_COL, BANNED_STATUS,
OBSERVING_STATUS, FAILURES_NUM_COL, FIRST_FAIL_DATE_COL
</item>
<item key="queryTemplate">
<![CDATA[
CREATE TABLE `%TABLE_NAME%`(
`%IP_COL%` VARCHAR(128) NOT NULL,
`%BAN_EXPIRE_COL%` VARCHAR(128),
`%STATUS_COL%` ENUM("%BANNED_STATUS%","%OBSERVING_STATUS%"),
`%FAILURES_NUM_COL%` INTEGER UNSIGNED,
`%FIRST_FAIL_DATE_COL%` VARCHAR(128),
PRIMARY KEY (`%IP_COL%`)
);
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Check if security question support has been dropped -->
<param>
<name>haveSqColumns</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, SECURITY_QUESTION_COL, SECURITY_ANSWER_COL
</item>
<item key="queryTemplate">
<![CDATA[
SHOW COLUMNS FROM `%TABLE_NAME%` WHERE `Field`="%SECURITY_QUESTION_COL%" OR
`Field`="%SECURITY_ANSWER_COL%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Check if open registration support has been dropped -->
<param>
<name>haveConfUidColumn</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, CONFIRMATION_UID_COL
</item>
<item key="queryTemplate">
<![CDATA[
SHOW COLUMNS FROM `%TABLE_NAME%` WHERE `Field`="%CONFIRMATION_UID_COL%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Checks if password retrieval support has been dropped -->
<param>
<name>havePassHashColumn</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_PASS_HASH_COL
</item>
<item key="queryTemplate">
<![CDATA[
SHOW COLUMNS FROM `%TABLE_NAME%` WHERE `Field`="%USER_PASS_HASH_COL%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Drop the security question support. -->
<param>
<name>dropSQSupport</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, SECURITY_QUESTION_COL, SECURITY_ANSWER_COL
</item>
<item key="queryTemplate">
<![CDATA[
ALTER TABLE `%TABLE_NAME%` DROP COLUMN `%SECURITY_QUESTION_COL%`,
DROP COLUMN `%SECURITY_ANSWER_COL%`;
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Drop the open registration support. -->
<param>
<name>dropORSupport</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, CONFIRMATION_UID_COL
</item>
<item key="queryTemplate">
<![CDATA[
ALTER TABLE `%TABLE_NAME%` DROP COLUMN `%CONFIRMATION_UID_COL%`;
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Rename the password column. -->
<param>
<name>renamePassColName</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, OLD_COL_NAME, NEW_COL_NAME
</item>
<item key="queryTemplate">
<![CDATA[
ALTER TABLE `%TABLE_NAME%` CHANGE `%OLD_COL_NAME%` `%NEW_COL_NAME%`
VARCHAR(255) NOT NULL;
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Count a column entries. -->
<param>
<name>countRows</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, COL_NAME
</item>
<item key="queryTemplate">
<![CDATA[
SELECT COUNT(`%COL_NAME%`) FROM `%TABLE_NAME%`;
]]>
</item>
<item key="queryResultType" type="string">number</item>
</value>
</param>
<!-- Get one row based on given offset -->
<param>
<name>retrieveOneRow</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, PRI_KEY, COL_NAME, OFFSET
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%PRI_KEY%`, `%COL_NAME%` from `%TABLE_NAME%` LIMIT %OFFSET%, 1;
]]>
</item>
<item key="queryResultType" type="string">array</item>
</value>
</param>
<!-- Update one row based on primary key value -->
<param>
<name>updateOneRow</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, PRI_KEY, PRI_KEY_VALUE, COL_NAME, COL_NAME_VALUE
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%COL_NAME%`="%COL_NAME_VALUE%" WHERE
`%PRI_KEY%`="%PRI_KEY_VALUE%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Matche one session id -->
<param>
<name>matchSessionId</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, LAST_SESSION_UID_COL, UID_VAL
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%LAST_SESSION_UID_COL%` from `%TABLE_NAME%` WHERE
`%LAST_SESSION_UID_COL%` LIKE "%UID_VAL%%";
]]>
</item>
<item key="queryResultType" type="string">string</item>
</value>
</param>
<!-- Erase one given session id -->
<param>
<name>eraseSessionId</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, LAST_SESSION_UID, UID_VAL
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%LAST_SESSION_UID%`="" WHERE
`%LAST_SESSION_UID%`="%UID_VAL%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Update one given session id -->
<param>
<name>updateSessionId</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, LAST_SESSION_UID, OLD_UID_VAL, NEW_UID_VAL
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%LAST_SESSION_UID%`="%NEW_UID_VAL%" WHERE
`%LAST_SESSION_UID%`="%OLD_UID_VAL%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Write a session id for a given user name -->
<param>
<name>writeSessionId</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, LAST_SESSION_UID, NEW_UID_VAL, USER_NAME_COL, USER_NAME
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%LAST_SESSION_UID%`="%NEW_UID_VAL%" WHERE
`%USER_NAME_COL%`="%USER_NAME%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Attempt to match a given username to a given password. -->
<param>
<name>matchUserAndPass</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER_NAME, USER_PASSWORD_COL, USER_PASS
</item>
<item key="queryTemplate">
<![CDATA[
SELECT * FROM `%TABLE_NAME%` WHERE `%USER_NAME_COL%`="%USER_NAME%"
AND `%USER_PASSWORD_COL%`="%USER_PASS%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Return the last IP related to a given unique session id -->
<param>
<name>getLastIp</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, LAST_IP_COL, LAST_SESSION_UID, UID_VAL
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%LAST_IP_COL%` FROM %TABLE_NAME% WHERE
`%LAST_SESSION_UID%`="%UID_VAL%";
]]>
</item>
<item key="queryResultType" type="string">string</item>
</value>
</param>
<!-- Write the IP a guven user uses to start a session -->
<param>
<name>writeUserIP</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, LAST_IP_COL, IP_VAL, USER_NAME_COL, USER_NAME
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%LAST_IP_COL%`="%IP_VAL%" WHERE
`%USER_NAME_COL%`="%USER_NAME%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Attempt to match a given user name to a given role -->
<param>
<name>matchUserAndRole</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER_NAME, USER_ROLE_COL, ROLE
</item>
<item key="queryTemplate">
<![CDATA[
SELECT * FROM `%TABLE_NAME%` WHERE `%USER_NAME_COL%`="%USER_NAME%"
AND `%USER_ROLE_COL%`="%ROLE%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Delete a blacklisted IP -->
<param>
<name>delBlackListedIp</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, IP_COL, IP
</item>
<item key="queryTemplate">
<![CDATA[
DELETE FROM `%TABLE_NAME%` WHERE `%IP_COL%`="%IP%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Check if a given IP is banned -->
<param>
<name>isIpBanned</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, IP_COL, IP, STATUS_COL, BAN_STATUS
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%IP_COL%`, `%STATUS_COL%` FROM `%TABLE_NAME%` WHERE
`%IP_COL%`="%IP%" AND `%STATUS_COL%`="%BAN_STATUS%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Get blacklist data for IP -->
<param>
<name>getBlacklistData</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, FAILURES_NUM_COL, FIRST_FAIL_DATE_COL, IP_COL, IP
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%FAILURES_NUM_COL%`, `%FIRST_FAIL_DATE_COL%` FROM `%TABLE_NAME%`
WHERE `%IP_COL%`="%IP%";
]]>
</item>
<item key="queryResultType" type="string">array</item>
</value>
</param>
<!-- Add a given IP to the black list. -->
<param>
<name>blacklistIP</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, IP_COL, IP, STATUS_COL, OBSERVING_STATUS,
FAILURES_NUM_COL, FAIL_NUM, FIRST_FAIL_DATE_COL,
FIRST_FAIL_DATE
</item>
<item key="queryTemplate">
<![CDATA[
INSERT INTO `%TABLE_NAME%` (
`%IP_COL%`, `%STATUS_COL%`,
`%FAILURES_NUM_COL%`, `%FIRST_FAIL_DATE_COL%`
)
VALUES(
"%IP%", "%OBSERVING_STATUS%", "%FAIL_NUM%",
"%FIRST_FAIL_DATE%"
);
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Reset failures number and start time -->
<param>
<name>resetFailedLogins</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, FAILURES_NUM_COL, FAIL_NUM, FIRST_FAIL_DATE_COL, FAIL_START_DATE,
IP_COL, IP
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%FAILURES_NUM_COL%`="%FAIL_NUM%",
`%FIRST_FAIL_DATE_COL%`="%FAIL_START_DATE%" WHERE `%IP_COL%`="%IP%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Count a failed login. -->
<param>
<name>countFailedLogin</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, FAILURES_NUM_COL, FAIL_NUM, IP_COL, IP
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%FAILURES_NUM_COL%`="%FAIL_NUM%"
WHERE `%IP_COL%`="%IP%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Ban a given IP -->
<param>
<name>banIp</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, BAN_EXPIRE_COL, BAN_TIME, STATUS_COL, BAN_STATUS, IP_COL, IP
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%BAN_EXPIRE_COL%`="%BAN_TIME%",
`%STATUS_COL%`="%BAN_STATUS%" WHERE `%IP_COL%`="%IP%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Get the ban expire time for a given ip -->
<param>
<name>getBanExpiry</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, BAN_EXPIRE_COL, IP_COL, IP
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%BAN_EXPIRE_COL%` FROM `%TABLE_NAME%` WHERE
`%IP_COL%`="%IP%";
]]>
</item>
<item key="queryResultType" type="string">string</item>
</value>
</param>
<!-- Check if master user exists -->
<param>
<name>haveMaster</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER_ROLE_COL, MASTER_ROLE
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%USER_NAME_COL%` FROM `%TABLE_NAME%` WHERE
`%USER_ROLE_COL%`="%MASTER_ROLE%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Proof given master password -->
<param>
<name>validateSuperUser</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_PASSWORD_COL, PASSWORD, USER_ROLE_COL, ROLE
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%USER_PASSWORD_COL%` FROM `%TABLE_NAME%`
WHERE `%USER_PASSWORD_COL%`="%PASSWORD%" AND
`%USER_ROLE_COL%`="%ROLE%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Register an user by its name, email, password AND a security question and answer -->
<param>
<name>registerUserWithSQ</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER, USER_MAIL_COL, MAIL,
SECURITY_QUESTION_COL, SECURITY_QUESTION,
SECURITY_ANSWER_COL, SECURITY_ANSWER, USER_PASSWORD_COL,
PASSWORD, USER_ROLE_COL, ROLE
</item>
<item key="queryTemplate">
<![CDATA[
INSERT INTO `%TABLE_NAME%` (
`%USER_NAME_COL%`, `%USER_MAIL_COL%`,
`%SECURITY_QUESTION_COL%`, `%SECURITY_ANSWER_COL%`,
`%USER_PASSWORD_COL%`, `%USER_ROLE_COL%`
)
VALUES(
"%USER%", "%MAIL%", "%SECURITY_QUESTION%",
"%SECURITY_ANSWER%", "%PASSWORD%", "%ROLE%");
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Register an user by its name, email and password (NO security question and answer) -->
<param>
<name>registerUserWithoutSQ</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER, USER_MAIL_COL, MAIL,
USER_PASSWORD_COL, PASSWORD, USER_ROLE_COL, ROLE
</item>
<item key="queryTemplate">
<![CDATA[
INSERT INTO `%TABLE_NAME%` (
`%USER_NAME_COL%`, `%USER_MAIL_COL%`,
`%USER_PASSWORD_COL%`, `%USER_ROLE_COL%`
)
VALUES(
"%USER%", "%MAIL%", "%PASSWORD%", "%ROLE%");
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Add a generated confirmation unique ID to a self-registered user. -->
<param>
<name>addConfUid</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, CONFIRMATION_UID_COL, CONFIRMATION, USER_NAME_COL, USER
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%CONFIRMATION_UID_COL%`="%CONFIRMATION%"
WHERE `%USER_NAME_COL%`="%USER%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Remove an existing confirmation unique ID -->
<param>
<name>removeConfUid</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, CONFIRMATION_UID_COL, CONFIRMATION
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%CONFIRMATION_UID_COL%`="" WHERE `%CONFIRMATION_UID_COL%`="%CONFIRMATION%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Obtain user name, password and role associated to a given confirmation unique id -->
<param>
<name>getCredentialsForConfUid</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER_PASSWORD_COL, USER_ROLE_COL,
CONFIRMATION_UID_COL, CONFIRMATION
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%USER_NAME_COL%`,`%USER_PASSWORD_COL%`,`%USER_ROLE_COL%`
FROM `%TABLE_NAME%` WHERE `%CONFIRMATION_UID_COL%`="%CONFIRMATION%";
]]>
</item>
<item key="queryResultType" type="string">array</item>
</value>
</param>
<!-- Get the full string of a unique configuration uid based on its first 16 chars -->
<param>
<name>matchConfUid</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, CONFIRMATION_UID_COL, CONFIRMATION
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%CONFIRMATION_UID_COL%` FROM `%TABLE_NAME%` WHERE
`%CONFIRMATION_UID_COL%` LIKE "%CONFIRMATION%%";
]]>
</item>
<item key="queryResultType" type="string">string</item>
</value>
</param>
<!-- Check if a given user name is currently authenticated -->
<param>
<name>isUserAuthenticated</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER, LAST_SESSION_UID
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%USER_NAME_COL%` FROM `%TABLE_NAME%` WHERE
`%USER_NAME_COL%`="%USER%" AND `%LAST_SESSION_UID%`
IS NOT NULL AND `%LAST_SESSION_UID%`<>"";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Check if a given self-registered user has confirmed registration -->
<param>
<name>hasConfirmedReg</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER, CONFIRMATION_UID_COL
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%USER_NAME_COL%` FROM `%TABLE_NAME%` WHERE
`%USER_NAME_COL%`="%USER%" AND `%CONFIRMATION_UID_COL%`
IS NULL OR `%CONFIRMATION_UID_COL%`="";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Change the password of a given user -->
<param>
<name>changePassword</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER, USER_PASSWORD_COL, OLD_PASSWORD, NEW_PASSWORD
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%USER_PASSWORD_COL%`="%NEW_PASSWORD%"
WHERE `%USER_NAME_COL%`="%USER%" AND `%USER_PASSWORD_COL%`="%OLD_PASSWORD%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Check if a given user has correctly provided his current password -->
<param>
<name>isOldPassValid</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_NAME_COL, USER, USER_PASSWORD_COL, PASSWORD
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%USER_NAME_COL%` FROM `%TABLE_NAME%` WHERE
`%USER_NAME_COL%`="%USER%" AND `%USER_PASSWORD_COL%`="%PASSWORD%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Get the security question for a given email -->
<param>
<name>getSQForEmail</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, SECURITY_QUESTION_COL, USER_MAIL_COL, EMAIL
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%SECURITY_QUESTION_COL%` FROM `%TABLE_NAME%` WHERE
`%USER_MAIL_COL%`="%EMAIL%";
]]>
</item>
<item key="queryResultType" type="string">string</item>
</value>
</param>
<!-- Attempt to match given email to a given security answer -->
<param>
<name>matchMailToSA</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, SECURITY_ANSWER_COL, ANSWER, USER_MAIL_COL, EMAIL
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%SECURITY_ANSWER_COL%` FROM `%TABLE_NAME%` WHERE
`%USER_MAIL_COL%`="%EMAIL%" AND `%SECURITY_ANSWER_COL%`="%ANSWER%";
]]>
</item>
<item key="queryResultType" type="string">boolean</item>
</value>
</param>
<!-- Overwrite user's existing password with a new one -->
<param>
<name>overwritePass</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_MAIL_COL, EMAIL, USER_PASSWORD_COL, NEW_PASSWORD
</item>
<item key="queryTemplate">
<![CDATA[
UPDATE `%TABLE_NAME%` SET `%USER_PASSWORD_COL%`="%NEW_PASSWORD%"
WHERE `%USER_MAIL_COL%`="%EMAIL%";
]]>
</item>
<item key="queryResultType" type="string">null</item>
</value>
</param>
<!-- Retrieve the password associated to a given e-mail -->
<param>
<name>getPassForEmail</name>
<type>array</type>
<value>
<item key="queryParams">
TABLE_NAME, USER_PASSWORD_COL, USER_MAIL_COL, EMAIL
</item>
<item key="queryTemplate">
<![CDATA[
SELECT `%USER_PASSWORD_COL%` FROM `%TABLE_NAME%` WHERE
`%USER_MAIL_COL%`="%EMAIL%";
]]>
</item>
<item key="queryResultType" type="string">string</item>
</value>
</param>
</config> |