[2019.03] Some fixes for MySQL8 and PHP7.3 (#1430)

* [Mysql8] Add support to login when using Mysql8

Removes mysql PASSWORD usage away from the initial always used sql for looking for mathcing users.

The deprecated Mysql password hash type will still work, just less efficient.
But as PASSWORD() sql function is removed in Mysql8 it won't work there.

* [PHP73] Silence notices on compact usage in compiled templates

* Add note on PASSWORD_HASH_MYSQL saying it won't work on MySQL 8.0

* Update ezuser.php

Author: André R

kernel/classes/datatypes/ezuser/ezuser.php

@@ -26,6 +26,7 @@ class eZUser extends eZPersistentObject
     /// MD5 of site, user and password
     const PASSWORD_HASH_MD5_SITE = 3;
     /// Legacy support for mysql hashed passwords
+    /// NB! Does not work as of MySQL 8.0 where this has been removed from MySQL.
     const PASSWORD_HASH_MYSQL = 4;
     /// Passwords in plaintext, should not be used for real sites
     const PASSWORD_HASH_PLAINTEXT = 5;
@@ -855,31 +856,13 @@ protected static function _loginUser( $login, $password, $authenticationMatch =
 
         $contentObjectStatus = eZContentObject::STATUS_PUBLISHED;
 
-        $ini = eZINI::instance();
-        $databaseName = $db->databaseName();
-        // if mysql
-        if ( $databaseName === 'mysql' )
-        {
-            $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login
-                      FROM ezuser, ezcontentobject
-                      WHERE ( $loginText ) AND
-                        ezcontentobject.status='$contentObjectStatus' AND
-                        ezcontentobject.id=contentobject_id AND
-                        password_hash_type!=0 AND
-                        ( ( password_hash_type!=4 ) OR
-                          ( password_hash_type=4 AND
-                            password_hash=PASSWORD('$passwordEscaped') ) )";
-        }
-        else
-        {
-            $query = "SELECT contentobject_id, password_hash,
-                             password_hash_type, email, login
-                      FROM   ezuser, ezcontentobject
-                      WHERE  ( $loginText )
-                      AND    password_hash_type!=0
-                      AND    ezcontentobject.status='$contentObjectStatus'
-                      AND    ezcontentobject.id=contentobject_id";
-        }
+        // PASSWORD_HASH_MYSQL is handled further down as this inital SQL needs to work on MySQL 8.0 as well as PostgreSQL
+        $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login
+            FROM   ezuser, ezcontentobject
+            WHERE  ( $loginText )
+            AND    password_hash_type!=0
+            AND    ezcontentobject.status='$contentObjectStatus'
+            AND    ezcontentobject.id=contentobject_id";
 
         $users = $db->arrayQuery( $query );
         $exists = false;
@@ -895,6 +878,7 @@ protected static function _loginUser( $login, $password, $authenticationMatch =
                                                     $hashType,
                                                     $hash );
 
+                $databaseName = $db->databaseName();
                 // If hash type is MySql
                 if ( $hashType == self::PASSWORD_HASH_MYSQL and $databaseName === 'mysql' )
                 {

lib/eztemplate/classes/eztemplateforeachfunction.php

@@ -126,11 +126,11 @@ function templateNodeTransformation( $functionName, &$node,
         $variableStack   = "fe_variable_stack_$uniqid";
         $namesArray = array( $array, $arrayKeys, $nItems, $nItemsProcessed, $i, $key, $val, $offset, $max, $reverse, $firstVal, $lastVal );
 
-        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "if ( !isset( \$$variableStack ) ) \$$variableStack = array();" );
-        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "\$" . $variableStack ."[] = compact( '" . implode( "', '", $namesArray ) . "' );" );
+        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "if ( !isset( \$$variableStack ) ) \$$variableStack = [];" );
+        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "\$" . $variableStack ."[] = @compact( '" . implode( "', '", $namesArray ) . "' );" );
 
         $newNodes[] = eZTemplateNodeTool::createVariableNode( false, $parameters['array'], $nodePlacement, array( 'text-result' => false ), $array );
-        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "\$$arrayKeys = is_array( \$$array ) ? array_keys( \$$array ) : array();" );
+        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "\$$arrayKeys = is_array( \$$array ) ? array_keys( \$$array ) : [];" );
         $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "\$$nItems = count( \$$arrayKeys );" );
         $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "\$$nItemsProcessed = 0;" );
 

lib/eztemplate/classes/eztemplateforfunction.php

@@ -94,8 +94,8 @@ function templateNodeTransformation( $functionName, &$node,
         $namesArray = array( "for_firstval_$uniqid", "for_lastval_$uniqid", "for_i_$uniqid" );
 
         $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "// for begins" );
-        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "if ( !isset( \$$variableStack ) ) \$$variableStack = array();" );
-        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "\$" . $variableStack ."[] = compact( '" . implode( "', '", $namesArray ) . "' );" );
+        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "if ( !isset( \$$variableStack ) ) \$$variableStack = [];" );
+        $newNodes[] = eZTemplateNodeTool::createCodePieceNode( "\$" . $variableStack ."[] = @compact( '" . implode( "', '", $namesArray ) . "' );" );
 
         $newNodes[] = eZTemplateNodeTool::createVariableNode( false, $parameters['first_val'], $nodePlacement, array( 'treat-value-as-non-object' => true ), "for_firstval_$uniqid" );
         $newNodes[] = eZTemplateNodeTool::createVariableNode( false, $parameters['last_val'],  $nodePlacement, array( 'treat-value-as-non-object' => true ), "for_lastval_$uniqid"  );