From 48f458a748ec3eea690a878f7a1ca9611c38a058 Mon Sep 17 00:00:00 2001
From: dragonbe <dragonbe@44c647ce-9c0f-0410-b52a-842ac1e357ba>
Date: Sat, 17 Jul 2010 13:43:22 +0000
Subject: [PATCH] added extra validation, verification and unit tests for issue
 ZF-7289

git-svn-id: http://framework.zend.com/svn/framework/standard/trunk@22613 44c647ce-9c0f-0410-b52a-842ac1e357ba
---
 src/Adapter/DbTable.php      | 11 +++++++++++
 test/Adapter/DbTableTest.php |  3 +++
 2 files changed, 14 insertions(+)

diff --git a/src/Adapter/DbTable.php b/src/Adapter/DbTable.php
index 867b8b1..df7eff0 100644
--- a/src/Adapter/DbTable.php
+++ b/src/Adapter/DbTable.php
@@ -369,6 +369,17 @@ public function authenticate()
             return $authResult;
         }
 
+        if (true === $this->getAmbiguityIdentity()) {
+            $validIdentities = array ();
+            $zendAuthCredentialMatchColumn = $this->_zendDb->foldCase('zend_auth_credential_match');
+            foreach ($resultIdentities as $identity) {
+                if (1 === (int) $identity[$zendAuthCredentialMatchColumn]) {
+                    $validIdentities[] = $identity;
+                }
+            }
+            $resultIdentities = $validIdentities;
+        }
+        
         $authResult = $this->_authenticateValidateResult(array_shift($resultIdentities));
         return $authResult;
     }
diff --git a/test/Adapter/DbTableTest.php b/test/Adapter/DbTableTest.php
index 43d36b6..d42e96f 100644
--- a/test/Adapter/DbTableTest.php
+++ b/test/Adapter/DbTableTest.php
@@ -429,6 +429,9 @@ public function testEqualUsernamesDifferentPasswordShouldAuthenticateWhenFlagIsS
         $this->assertTrue($result->isValid());
         $this->assertEquals('my_username', $result->getIdentity());
         
+        $this->_adapter = null;
+        $this->_setupAuthAdapter();
+        
         // test if user 2 can authenticate
         $this->_adapter->setIdentity('my_username')
                        ->setCredential('my_otherpass')