Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * phpBB3 authentication backend
- *
- * Uses external Trust mechanism to check against phpBB's
- * user cookie. phpBB's PHPBB_ROOT_PATH must be defined correctly.
- *
- * @author Markus Henn <brezelman@yahoo.de>
- */
- define('IN_PHPBB', true);
- global $phpbb_root_path;
- global $db;
- global $cache;
- global $phpEx;
- global $user;
- global $config;
- global $conf;
- global $dbhost;
- global $dbport;
- global $dbname;
- global $dbuser;
- global $dbpasswd;
- global $table_prefix;
- global $phpbb_auth;
- $phpEx = substr(strrchr(__FILE__, '.'), 1);
- if(strpos($_SERVER['PHP_SELF'], "/lib/plugins/") !== false) { $phpbb_root_path = '../../../'.$phpbb_root_path; }
- if(strpos($_SERVER['PHP_SELF'], "/lib/exe/") !== false) { $phpbb_root_path = '../../'.$phpbb_root_path; }
- require_once(DOKU_INC.'inc/auth/mysql.class.php');
- require_once($phpbb_root_path.'common.'.$phpEx);
- //config is loaded in common file, but $dbpasswd is unset there, too, so we have to reload it
- require($phpbb_root_path.'config.'.$phpEx);
- $user->session_begin();
- //$auth will be used by DokuWiki, so copy phpBB's $auth to another variable
- $phpbb_auth = $auth;
- $phpbb_auth->acl($user->data);
- class auth_phpbb3 extends auth_mysql
- {
- function auth_phpbb3()
- {
- $this->cando['external'] = true;
- $this->cando['logoff'] = true;
- global $conf;
- // get global vars from phpBB config
- global $dbhost;
- global $dbport;
- global $dbname;
- global $dbuser;
- global $dbpasswd;
- global $table_prefix;
- // set group config vars
- $conf['defaultgroup'] = 'REGISTERED';
- $conf['superuser'] = '@ADMINISTRATORS';
- $conf['manager'] = '@GLOBAL_MODERATORS';
- // now set up the mysql config strings
- $conf['auth']['mysql']['server'] = $dbhost.':'.$dbport;
- $conf['auth']['mysql']['user'] = $dbuser;
- $conf['auth']['mysql']['password'] = $dbpasswd;
- $conf['auth']['mysql']['database'] = $dbname;
- //unset $db* variables, so noone can hack them
- unset($dbpasswd);
- unset($dbuser);
- unset($dbhost);
- unset($dbport);
- unset($dbname);
- $conf['auth']['mysql']['TablesToLock']= array("{$table_prefix}users", "{$table_prefix}users AS u",
- "{$table_prefix}groups", "{$table_prefix}groups AS g",
- "{$table_prefix}user_group", "{$table_prefix}user_group AS ug");
- $conf['auth']['mysql']['checkPass'] = "SELECT user_password AS pass
- FROM {$table_prefix}users
- WHERE username='%{user}'";
- $conf['auth']['mysql']['getUserInfo'] = "SELECT user_password AS pass, username AS name, user_email AS mail
- FROM {$table_prefix}users
- WHERE username='%{user}'";
- $conf['auth']['mysql']['getGroups'] = "SELECT group_name as `group`
- FROM {$table_prefix}groups g, {$table_prefix}users u, {$table_prefix}user_group ug
- WHERE u.user_id = ug.user_id
- AND g.group_id = ug.group_id
- AND u.username='%{user}'";
- $conf['auth']['mysql']['getUsers'] = "SELECT DISTINCT username AS user
- FROM {$table_prefix}users AS u
- LEFT JOIN {$table_prefix}user_group AS ug ON u.user_id=ug.user_id
- LEFT JOIN {$table_prefix}groups AS g ON ug.group_id=g.group_id";
- $conf['auth']['mysql']['FilterLogin'] = "username LIKE '%{user}'";
- $conf['auth']['mysql']['FilterName'] = "username LIKE '%{name}'";
- $conf['auth']['mysql']['FilterEmail'] = "user_email LIKE '%{email}'";
- $conf['auth']['mysql']['FilterGroup'] = "group_name LIKE '%{group}'";
- $conf['auth']['mysql']['SortOrder'] = "ORDER BY username";
- $conf['auth']['mysql']['getUserID'] = "SELECT user_id AS id
- FROM {$table_prefix}users
- WHERE username='%{user}'";
- $conf['auth']['mysql']['getGroupID'] = "SELECT group_id AS id
- FROM {$table_prefix}groups
- WHERE group_name='%{group}'";
- /* $conf['auth']['mysql']['addUser'] = "INSERT INTO {$table_prefix}users
- (username, user_password, user_email)
- VALUES ('%{user}', '%{pass}', '%{email}')";
- $conf['auth']['mysql']['addGroup'] = "INSERT INTO {$table_prefix}groups (group_name)
- VALUES ('%{group}')";
- $conf['auth']['mysql']['addUserGroup']= "INSERT INTO {$table_prefix}user_group (user_id, group_id)
- VALUES ('%{uid}', '%{gid}')";
- $conf['auth']['mysql']['updateUser'] = "UPDATE {$table_prefix}users SET";
- $conf['auth']['mysql']['UpdateLogin'] = "username='%{user}'";
- $conf['auth']['mysql']['UpdatePass'] = "user_password='%{pass}'";
- $conf['auth']['mysql']['UpdateEmail'] = "user_email='%{email}'";
- //$conf['auth']['mysql']['UpdateName'] = $conf['auth']['mysql']['UpdateLogin'];
- $conf['auth']['mysql']['UpdateTarget']= "WHERE user_id=%{uid}";
- $conf['auth']['mysql']['delGroup'] = "DELETE FROM {$table_prefix}groups
- WHERE group_id='%{gid}'";
- $conf['auth']['mysql']['delUser'] = "DELETE FROM {$table_prefix}users
- WHERE user_id='%{uid}'";
- $conf['auth']['mysql']['delUserRefs'] = "DELETE FROM {$table_prefix}user_group
- WHERE user_id='%{uid}'";
- $conf['auth']['mysql']['delUserGroup']= "DELETE FROM {$table_prefix}user_group
- WHERE user_id='%{uid}'
- AND group_id='%{gid}'";
- */
- // call mysql constructor
- $this->auth_mysql();
- }
- function trustExternal($username, $password, $sticky = false)
- {
- global $USERINFO;
- global $conf;
- global $user;
- global $phpbb_auth;
- $sticky ? $sticky = true : $sticky = false; // sanity check
- // someone used the login form
- if(!empty($username)) {
- // run phpBB's login function
- define('IN_LOGIN', true);
- $login = $phpbb_auth->login($username, $password, $sticky);
- if($login['status'] != LOGIN_SUCCESS) { return false; }
- }
- if(!$user->data['is_registered']) { return false; }
- $USERINFO['name'] = $user->data['username'];
- $USERINFO['mail'] = $user->data['user_email'];
- if($this->_openDB()) {
- $USERINFO['grps'] = $this->_getGroups($USERINFO['name']);
- }
- $_SERVER['REMOTE_USER'] = $user->data['username'];
- $_SESSION[DOKU_COOKIE]['auth']['user'] = $user->data['username'];
- $_SESSION[DOKU_COOKIE]['auth']['pass'] = $user->data['user_password'];
- $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
- return true;
- }
- function logoff()
- {
- global $user;
- $user->session_kill();
- }
- }
- ?>
Add Comment
Please, Sign In to add comment