API tools faq
paste
Guest User

Untitled

a guest
Jun 20th, 2018
389
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.14 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3. * phpBB3 authentication backend
  4. *
  5. * Uses external Trust mechanism to check against phpBB's
  6. * user cookie. phpBB's PHPBB_ROOT_PATH must be defined correctly.
  7. *
  8. * @author Markus Henn <brezelman@yahoo.de>
  9. */
  10.  
  11. define('IN_PHPBB', true);
  12. global $phpbb_root_path;
  13. global $db;
  14. global $cache;
  15. global $phpEx;
  16. global $user;
  17. global $config;
  18. global $conf;
  19. global $dbhost;
  20. global $dbport;
  21. global $dbname;
  22. global $dbuser;
  23. global $dbpasswd;
  24. global $table_prefix;
  25. global $phpbb_auth;
  26.  
  27. $phpEx = substr(strrchr(__FILE__, '.'), 1);
  28.  
  29. if(strpos($_SERVER['PHP_SELF'], "/lib/plugins/") !== false) { $phpbb_root_path = '../../../'.$phpbb_root_path; }
  30. if(strpos($_SERVER['PHP_SELF'], "/lib/exe/") !== false) { $phpbb_root_path = '../../'.$phpbb_root_path; }
  31.  
  32. require_once(DOKU_INC.'inc/auth/mysql.class.php');
  33. require_once($phpbb_root_path.'common.'.$phpEx);
  34.  
  35. //config is loaded in common file, but $dbpasswd is unset there, too, so we have to reload it
  36. require($phpbb_root_path.'config.'.$phpEx);
  37.  
  38. $user->session_begin();
  39.  
  40. //$auth will be used by DokuWiki, so copy phpBB's $auth to another variable
  41. $phpbb_auth = $auth;
  42. $phpbb_auth->acl($user->data);
  43.  
  44. class auth_phpbb3 extends auth_mysql
  45. {
  46. function auth_phpbb3()
  47. {
  48. $this->cando['external'] = true;
  49. $this->cando['logoff'] = true;
  50.  
  51. global $conf;
  52.  
  53. // get global vars from phpBB config
  54. global $dbhost;
  55. global $dbport;
  56. global $dbname;
  57. global $dbuser;
  58. global $dbpasswd;
  59. global $table_prefix;
  60.  
  61. // set group config vars
  62. $conf['defaultgroup'] = 'REGISTERED';
  63. $conf['superuser'] = '@ADMINISTRATORS';
  64. $conf['manager'] = '@GLOBAL_MODERATORS';
  65.  
  66. // now set up the mysql config strings
  67. $conf['auth']['mysql']['server'] = $dbhost.':'.$dbport;
  68. $conf['auth']['mysql']['user'] = $dbuser;
  69. $conf['auth']['mysql']['password'] = $dbpasswd;
  70. $conf['auth']['mysql']['database'] = $dbname;
  71.  
  72. //unset $db* variables, so noone can hack them
  73. unset($dbpasswd);
  74. unset($dbuser);
  75. unset($dbhost);
  76. unset($dbport);
  77. unset($dbname);
  78.  
  79. $conf['auth']['mysql']['TablesToLock']= array("{$table_prefix}users", "{$table_prefix}users AS u",
  80. "{$table_prefix}groups", "{$table_prefix}groups AS g",
  81. "{$table_prefix}user_group", "{$table_prefix}user_group AS ug");
  82.  
  83. $conf['auth']['mysql']['checkPass'] = "SELECT user_password AS pass
  84. FROM {$table_prefix}users
  85. WHERE username='%{user}'";
  86.  
  87. $conf['auth']['mysql']['getUserInfo'] = "SELECT user_password AS pass, username AS name, user_email AS mail
  88. FROM {$table_prefix}users
  89. WHERE username='%{user}'";
  90.  
  91. $conf['auth']['mysql']['getGroups'] = "SELECT group_name as `group`
  92. FROM {$table_prefix}groups g, {$table_prefix}users u, {$table_prefix}user_group ug
  93. WHERE u.user_id = ug.user_id
  94. AND g.group_id = ug.group_id
  95. AND u.username='%{user}'";
  96.  
  97.  
  98.  
  99. $conf['auth']['mysql']['getUsers'] = "SELECT DISTINCT username AS user
  100. FROM {$table_prefix}users AS u
  101. LEFT JOIN {$table_prefix}user_group AS ug ON u.user_id=ug.user_id
  102. LEFT JOIN {$table_prefix}groups AS g ON ug.group_id=g.group_id";
  103. $conf['auth']['mysql']['FilterLogin'] = "username LIKE '%{user}'";
  104. $conf['auth']['mysql']['FilterName'] = "username LIKE '%{name}'";
  105. $conf['auth']['mysql']['FilterEmail'] = "user_email LIKE '%{email}'";
  106. $conf['auth']['mysql']['FilterGroup'] = "group_name LIKE '%{group}'";
  107. $conf['auth']['mysql']['SortOrder'] = "ORDER BY username";
  108.  
  109. $conf['auth']['mysql']['getUserID'] = "SELECT user_id AS id
  110. FROM {$table_prefix}users
  111. WHERE username='%{user}'";
  112.  
  113. $conf['auth']['mysql']['getGroupID'] = "SELECT group_id AS id
  114. FROM {$table_prefix}groups
  115. WHERE group_name='%{group}'";
  116.  
  117. /* $conf['auth']['mysql']['addUser'] = "INSERT INTO {$table_prefix}users
  118. (username, user_password, user_email)
  119. VALUES ('%{user}', '%{pass}', '%{email}')";
  120.  
  121. $conf['auth']['mysql']['addGroup'] = "INSERT INTO {$table_prefix}groups (group_name)
  122. VALUES ('%{group}')";
  123.  
  124. $conf['auth']['mysql']['addUserGroup']= "INSERT INTO {$table_prefix}user_group (user_id, group_id)
  125. VALUES ('%{uid}', '%{gid}')";
  126.  
  127. $conf['auth']['mysql']['updateUser'] = "UPDATE {$table_prefix}users SET";
  128. $conf['auth']['mysql']['UpdateLogin'] = "username='%{user}'";
  129. $conf['auth']['mysql']['UpdatePass'] = "user_password='%{pass}'";
  130. $conf['auth']['mysql']['UpdateEmail'] = "user_email='%{email}'";
  131. //$conf['auth']['mysql']['UpdateName'] = $conf['auth']['mysql']['UpdateLogin'];
  132. $conf['auth']['mysql']['UpdateTarget']= "WHERE user_id=%{uid}";
  133.  
  134. $conf['auth']['mysql']['delGroup'] = "DELETE FROM {$table_prefix}groups
  135. WHERE group_id='%{gid}'";
  136.  
  137. $conf['auth']['mysql']['delUser'] = "DELETE FROM {$table_prefix}users
  138. WHERE user_id='%{uid}'";
  139.  
  140. $conf['auth']['mysql']['delUserRefs'] = "DELETE FROM {$table_prefix}user_group
  141. WHERE user_id='%{uid}'";
  142.  
  143. $conf['auth']['mysql']['delUserGroup']= "DELETE FROM {$table_prefix}user_group
  144. WHERE user_id='%{uid}'
  145. AND group_id='%{gid}'";
  146. */
  147.  
  148. // call mysql constructor
  149. $this->auth_mysql();
  150. }
  151.  
  152.  
  153. function trustExternal($username, $password, $sticky = false)
  154. {
  155. global $USERINFO;
  156. global $conf;
  157. global $user;
  158. global $phpbb_auth;
  159.  
  160. $sticky ? $sticky = true : $sticky = false; // sanity check
  161.  
  162. // someone used the login form
  163. if(!empty($username)) {
  164. // run phpBB's login function
  165. define('IN_LOGIN', true);
  166. $login = $phpbb_auth->login($username, $password, $sticky);
  167. if($login['status'] != LOGIN_SUCCESS) { return false; }
  168. }
  169.  
  170. if(!$user->data['is_registered']) { return false; }
  171.  
  172. $USERINFO['name'] = $user->data['username'];
  173. $USERINFO['mail'] = $user->data['user_email'];
  174. if($this->_openDB()) {
  175. $USERINFO['grps'] = $this->_getGroups($USERINFO['name']);
  176. }
  177.  
  178. $_SERVER['REMOTE_USER'] = $user->data['username'];
  179. $_SESSION[DOKU_COOKIE]['auth']['user'] = $user->data['username'];
  180. $_SESSION[DOKU_COOKIE]['auth']['pass'] = $user->data['user_password'];
  181. $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
  182.  
  183. return true;
  184. }
  185.  
  186.  
  187. function logoff()
  188. {
  189. global $user;
  190. $user->session_kill();
  191. }
  192. }
  193. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!