Hey Jakob,
you are a genious, and a life saver..
Your solution works..
Now I would love if you could help me understand the syntax of these
calls?
Looking at my original line I don't understand the eq{$1} or the
{$value.... stuff
Is the syntax or language define anywhere??
Im thinking the eq is equating the original $1 to the results and
when they dont equal it throws a fail, which would be the case always if
Im trying to look up user and its finding user@???.. Which would
be why my line would never work.. Although if that's what its doing the
eq things is really kinda of redundant but maybe a good security thing..
What is the quote_mysql thing for?? I assume it just makes sure the
string returned is quoted properly for mysql syntax or something??
Where is this kind of thing documented???
lastly how does the {yes}fail portion of your line work..
Again.. Thanks so much for solving my problem..
Joe
Jakob Hirsch wrote:
>Joe Kocsis wrote:
>
>
>
>>What Im trying to accomplish is something like this..
>>
>>server_condition = ${if eq{$1}{${lookup mysql{SELECT Account FROM
>>UserSession WHERE (Account='$1' or Account='$1@???') and
>>Password='$2'}{$value}fail}}{1}{0}}
>>
>>I need to be able to authenticate if the domain is left off and would
>>like to supply a default domain.. ex: domain.com
>>
>>
>
>What you wrote above should work, I think, though you can simply it:
>
>${lookup mysql{
>SELECT 'yes' FROM UserSession
>WHERE (Account='${quote_mysql:$1}'
>OR Account='${quote_mysql:$1@???}')
>AND Password='${quote_mysql:$2}'}
>{yes}fail}
>
>You should really use quote_mysql for any remote-given input you send to
>mysql.
>
>You can also use two different queries depending on if there is a '@' in
>the username. Or oven put ${if !match {$1}{@} {@domain.com}} in the
>query. But I don't think it's worth this hassle.
>
>BTW, I'd recommend to allow different separators (e.g. !#%) between
>localpart and domain, since there are some MUAs that can't handle @ in
>the username.
>
>
>
>