| [ Index ] |
|
Code source de DokuWiki 2006-11-06 |
1 <?php 2 /** 3 * PunBB auth backend 4 * 5 * Uses external Trust mechanism to check against PunBB's 6 * user cookie. PunBB's PUN_ROOT must be defined correctly. 7 * 8 * @author Andreas Gohr <andi@splitbrain.org> 9 */ 10 11 if(!defined('PUN_ROOT')) define('PUN_ROOT', DOKU_INC.'../forum/'); 12 if(get_magic_quotes_gpc()){ 13 nice_die('Sorry the punbb auth backend requires the PHP option 14 <a href="http://www.php.net/manual/en/ref.info.php#ini.magic-quotes-gpc">magic_quotes_gpc</a> 15 to be disabled for proper operation. Either setup your PHP install accordingly or 16 choose a different auth backend.'); 17 } 18 19 require_once PUN_ROOT.'include/common.php'; 20 require_once DOKU_INC.'inc/auth/mysql.class.php'; 21 22 #dbg($GLOBALS); 23 #dbg($pun_user); 24 25 class auth_punbb extends auth_mysql { 26 27 /** 28 * Constructor. 29 * 30 * Sets additional capabilities and config strings 31 */ 32 function auth_punbb(){ 33 global $conf; 34 $this->cando['external'] = true; 35 $this->cando['logoff'] = true; 36 37 // make sure we use a crypt understood by punbb 38 if(function_exists('sha1')){ 39 $conf['passcrypt'] = 'sha1'; 40 }else{ 41 $conf['passcrypt'] = 'md5'; 42 } 43 44 // get global vars from PunBB config 45 global $db_host; 46 global $db_name; 47 global $db_username; 48 global $db_password; 49 global $db_prefix; 50 51 // now set up the mysql config strings 52 $conf['auth']['mysql']['server'] = $db_host; 53 $conf['auth']['mysql']['user'] = $db_username; 54 $conf['auth']['mysql']['password'] = $db_password; 55 $conf['auth']['mysql']['database'] = $db_name; 56 57 $conf['auth']['mysql']['checkPass'] = "SELECT u.password AS pass 58 FROM $db_prefix}users AS u, $db_prefix}groups AS g 59 WHERE u.group_id = g.g_id 60 AND u.username = '%{user}' 61 AND g.g_title != 'Guest'"; 62 $conf['auth']['mysql']['getUserInfo'] = "SELECT password AS pass, realname AS name, email AS mail, 63 id, g_title as `group` 64 FROM $db_prefix}users AS u, $db_prefix}groups AS g 65 WHERE u.group_id = g.g_id 66 AND u.username = '%{user}'"; 67 $conf['auth']['mysql']['getGroups'] = "SELECT g.g_title as `group` 68 FROM $db_prefix}users AS u, $db_prefix}groups AS g 69 WHERE u.group_id = g.g_id 70 AND u.username = '%{user}'"; 71 $conf['auth']['mysql']['getUsers'] = "SELECT DISTINCT u.username AS user 72 FROM $db_prefix}users AS u, $db_prefix}groups AS g 73 WHERE u.group_id = g.g_id"; 74 $conf['auth']['mysql']['FilterLogin'] = "u.username LIKE '%{user}'"; 75 $conf['auth']['mysql']['FilterName'] = "u.realname LIKE '%{name}'"; 76 $conf['auth']['mysql']['FilterEmail'] = "u.email LIKE '%{email}'"; 77 $conf['auth']['mysql']['FilterGroup'] = "g.g_title LIKE '%{group}'"; 78 $conf['auth']['mysql']['SortOrder'] = "ORDER BY u.username"; 79 $conf['auth']['mysql']['addUser'] = "INSERT INTO $db_prefix}users 80 (username, password, email, realname) 81 VALUES ('%{user}', '%{pass}', '%{email}', '%{name}')"; 82 $conf['auth']['mysql']['addGroup'] = "INSERT INTO $db_prefix}groups (g_title) VALUES ('%{group}')"; 83 $conf['auth']['mysql']['addUserGroup']= "UPDATE $db_prefix}users 84 SET group_id=%{gid} 85 WHERE id='%{uid}'"; 86 $conf['auth']['mysql']['delGroup'] = "DELETE FROM $db_prefix}groups WHERE g_id='%{gid}'"; 87 $conf['auth']['mysql']['getUserID'] = "SELECT id FROM $db_prefix}users WHERE username='%{user}'"; 88 $conf['auth']['mysql']['updateUser'] = "UPDATE $db_prefix}users SET"; 89 $conf['auth']['mysql']['UpdateLogin'] = "username='%{user}'"; 90 $conf['auth']['mysql']['UpdatePass'] = "password='%{pass}'"; 91 $conf['auth']['mysql']['UpdateEmail'] = "email='%{email}'"; 92 $conf['auth']['mysql']['UpdateName'] = "realname='%{name}'"; 93 $conf['auth']['mysql']['UpdateTarget']= "WHERE id=%{uid}"; 94 $conf['auth']['mysql']['delUserGroup']= "UPDATE $db_prefix}users SET g_id=4 WHERE id=%{uid}"; 95 $conf['auth']['mysql']['getGroupID'] = "SELECT g_id AS id FROM $db_prefix}groups WHERE g_title='%{group}'"; 96 97 $conf['auth']['mysql']['TablesToLock']= array("$db_prefix}users", "$db_prefix}users AS u", 98 "$db_prefix}groups", "$db_prefix}groups AS g"); 99 100 $conf['auth']['mysql']['debug'] = 1; 101 // call mysql constructor 102 $this->auth_mysql(); 103 } 104 105 /** 106 * Just checks against the $pun_user variable 107 */ 108 function trustExternal($user,$pass,$sticky=false){ 109 global $USERINFO; 110 global $conf; 111 global $lang; 112 global $pun_user; 113 global $pun_config; 114 $sticky ? $sticky = true : $sticky = false; //sanity check 115 116 // someone used the login form 117 if(!empty($user)){ 118 if($this->checkPass($user,$pass)){ 119 $expire = ($sticky) ? time() + 31536000 : 0; 120 $uinfo = $this->getUserData($user); 121 pun_setcookie($uinfo['id'], auth_cryptPassword($pass), $expire); 122 $pun_user = array(); 123 $pun_user['password'] = auth_cryptPassword($pass); 124 $pun_user['username'] = $user; 125 $pun_user['realname'] = $uinfo['name']; 126 $pun_user['email'] = $uinfo['mail']; 127 $pun_user['g_title'] = $uinfo['group']; 128 }else{ 129 //invalid credentials - log off 130 msg($lang['badlogin'],-1); 131 auth_logoff(); 132 return false; 133 } 134 } 135 136 if(isset($pun_user) && !$pun_user['is_guest']){ 137 // okay we're logged in - set the globals 138 $USERINFO['pass'] = $pun_user['password']; 139 $USERINFO['name'] = $pun_user['realname']; 140 $USERINFO['mail'] = $pun_user['email']; 141 $USERINFO['grps'] = array($pun_user['g_title']); 142 143 $_SERVER['REMOTE_USER'] = $pun_user['username']; 144 $_SESSION[DOKU_COOKIE]['auth']['user'] = $pun_user['username']; 145 $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO; 146 return true; 147 } 148 149 // to be sure 150 auth_logoff(); 151 return false; 152 } 153 154 /** 155 * remove punbb cookie on logout 156 */ 157 function logOff(){ 158 global $pun_user; 159 $pun_user = array(); 160 $pun_user['is_guest'] = 1; 161 pun_setcookie(1, random_pass(8), time() + 31536000); 162 } 163 } 164 //Setup VIM: ex: et ts=2 enc=utf-8 :
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Tue Apr 3 20:47:31 2007 | par Balluche grâce à PHPXref 0.7 |