phpBB 3 (authentication) integration
Features
- Completely using phpBB's authentication system, you don't have to login in DokuWiki again if you're already logged in in phpBB and vice versa. The same applies to log out of course.
- Using phpBB's groups for DokuWiki's access control list. Some default groups are already implemented (even if they are not displayed on DokuWiki's configuration page):
- REGISTERED: default group (replaces group user)
- ADMINISTRATORS: administrator/super user (replaces group admin)
- GLOBAL_MODERATORS: managers
- Dateformat and timezone sync
Features missing
- User registration
- Full name display (phpBB doesn't have full name information in the user profile by default, username is displayed instead)
- Integration with Mediamanager, pictures are not shown in the wiki anymore (path problem?)1)
- Language support
Installation instructions
To get this to work with the most recent stable version of DokuWiki “Rincewind” and PHPBB only do the following steps marked with =Rincewind=
To get this to work with the RC version of DokuWiki “Angua RC1” and PHPBB only do the following steps marked with =Angua RC1=
To install this mod, you can:
- use this download package for DokuWiki 2007-06-26b or
- follow these steps:
- create
inc/auth/phpbb3.class.php - edit
inc/init.php - edit
inc/utf8.php - edit
inc/cache.php - edit
feed.php
orCreate inc/auth/phpbb3.class.php
=Rincewind= =Angua RC1=
Create a file in the inc/auth/ directory with the filename phpbb3.class.php and the following content:
- phpbb3.class.php
<?php /** * phpBB3 authentication backend * * Uses external Trust mechanism to check against phpBB's * user cookie. phpBB's PHPBB_ROOT_PATH must be defined correctly. * * @author Markus Henn <brezelman@yahoo.de> */ define('IN_PHPBB', true); global $phpbb_root_path; global $db; global $cache; global $phpEx; global $user; global $config; global $conf; global $dbhost; global $dbport; global $dbname; global $dbuser; global $dbpasswd; global $table_prefix; global $phpbb_auth; $phpEx = substr(strrchr(__FILE__, '.'), 1); if(strpos($_SERVER['PHP_SELF'], "/lib/plugins/") !== false) { $phpbb_root_path = '../../../'.$phpbb_root_path; } if(strpos($_SERVER['PHP_SELF'], "/lib/exe/") !== false) { $phpbb_root_path = '../../'.$phpbb_root_path; } require_once(DOKU_INC.'inc/auth/mysql.class.php'); require_once($phpbb_root_path.'common.'.$phpEx); //config is loaded in common file, but $dbpasswd is unset there, too, so we have to reload it require($phpbb_root_path.'config.'.$phpEx); $user->session_begin(); //$auth will be used by DokuWiki, so copy phpBB's $auth to another variable $phpbb_auth = $auth; $phpbb_auth->acl($user->data); class auth_phpbb3 extends auth_mysql { function auth_phpbb3() { $this->cando['external'] = true; $this->cando['logoff'] = true; global $conf; // get global vars from phpBB config global $dbhost; global $dbport; global $dbname; global $dbuser; global $dbpasswd; global $table_prefix; // set group config vars $conf['defaultgroup'] = 'REGISTERED'; $conf['superuser'] = '@ADMINISTRATORS'; $conf['manager'] = '@GLOBAL_MODERATORS'; // now set up the mysql config strings $conf['auth']['mysql']['server'] = $dbhost.':'.$dbport; $conf['auth']['mysql']['user'] = $dbuser; $conf['auth']['mysql']['password'] = $dbpasswd; $conf['auth']['mysql']['database'] = $dbname; //unset $db* variables, so noone can hack them unset($dbpasswd); unset($dbuser); unset($dbhost); unset($dbport); unset($dbname); $conf['auth']['mysql']['TablesToLock']= array("{$table_prefix}users", "{$table_prefix}users AS u", "{$table_prefix}groups", "{$table_prefix}groups AS g", "{$table_prefix}user_group", "{$table_prefix}user_group AS ug"); $conf['auth']['mysql']['checkPass'] = "SELECT user_password AS pass FROM {$table_prefix}users WHERE username='%{user}'"; $conf['auth']['mysql']['getUserInfo'] = "SELECT user_password AS pass, username AS name, user_email AS mail FROM {$table_prefix}users WHERE username='%{user}'"; $conf['auth']['mysql']['getGroups'] = "SELECT group_name as `group` FROM {$table_prefix}groups g, {$table_prefix}users u, {$table_prefix}user_group ug WHERE u.user_id = ug.user_id AND g.group_id = ug.group_id AND u.username='%{user}'"; $conf['auth']['mysql']['getUsers'] = "SELECT DISTINCT username AS user FROM {$table_prefix}users AS u LEFT JOIN {$table_prefix}user_group AS ug ON u.user_id=ug.user_id LEFT JOIN {$table_prefix}groups AS g ON ug.group_id=g.group_id"; $conf['auth']['mysql']['FilterLogin'] = "username LIKE '%{user}'"; $conf['auth']['mysql']['FilterName'] = "username LIKE '%{name}'"; $conf['auth']['mysql']['FilterEmail'] = "user_email LIKE '%{email}'"; $conf['auth']['mysql']['FilterGroup'] = "group_name LIKE '%{group}'"; $conf['auth']['mysql']['SortOrder'] = "ORDER BY username"; $conf['auth']['mysql']['getUserID'] = "SELECT user_id AS id FROM {$table_prefix}users WHERE username='%{user}'"; $conf['auth']['mysql']['getGroupID'] = "SELECT group_id AS id FROM {$table_prefix}groups WHERE group_name='%{group}'"; /* $conf['auth']['mysql']['addUser'] = "INSERT INTO {$table_prefix}users (username, user_password, user_email) VALUES ('%{user}', '%{pass}', '%{email}')"; $conf['auth']['mysql']['addGroup'] = "INSERT INTO {$table_prefix}groups (group_name) VALUES ('%{group}')"; $conf['auth']['mysql']['addUserGroup']= "INSERT INTO {$table_prefix}user_group (user_id, group_id) VALUES ('%{uid}', '%{gid}')"; $conf['auth']['mysql']['updateUser'] = "UPDATE {$table_prefix}users SET"; $conf['auth']['mysql']['UpdateLogin'] = "username='%{user}'"; $conf['auth']['mysql']['UpdatePass'] = "user_password='%{pass}'"; $conf['auth']['mysql']['UpdateEmail'] = "user_email='%{email}'"; //$conf['auth']['mysql']['UpdateName'] = $conf['auth']['mysql']['UpdateLogin']; $conf['auth']['mysql']['UpdateTarget']= "WHERE user_id=%{uid}"; $conf['auth']['mysql']['delGroup'] = "DELETE FROM {$table_prefix}groups WHERE group_id='%{gid}'"; $conf['auth']['mysql']['delUser'] = "DELETE FROM {$table_prefix}users WHERE user_id='%{uid}'"; $conf['auth']['mysql']['delUserRefs'] = "DELETE FROM {$table_prefix}user_group WHERE user_id='%{uid}'"; $conf['auth']['mysql']['delUserGroup']= "DELETE FROM {$table_prefix}user_group WHERE user_id='%{uid}' AND group_id='%{gid}'"; */ // call mysql constructor $this->auth_mysql(); } function trustExternal($username, $password, $sticky = false) { global $USERINFO; global $conf; global $user; global $phpbb_auth; $sticky ? $sticky = true : $sticky = false; // sanity check // someone used the login form if(!empty($username)) { // run phpBB's login function define('IN_LOGIN', true); $login = $phpbb_auth->login($username, $password, $sticky); if($login['status'] != LOGIN_SUCCESS) { return false; } } if(!$user->data['is_registered']) { return false; } $USERINFO['name'] = $user->data['username']; $USERINFO['mail'] = $user->data['user_email']; if($this->_openDB()) { $USERINFO['grps'] = $this->_getGroups($USERINFO['name']); } $_SERVER['REMOTE_USER'] = $user->data['username']; $_SESSION[DOKU_COOKIE]['auth']['user'] = $user->data['username']; $_SESSION[DOKU_COOKIE]['auth']['pass'] = $user->data['user_password']; $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO; return true; } function logoff() { global $user; $user->session_kill(); } } ?>
Edit inc/init.php
=Rincewind= =Angua RC1=
In the file inc/init.php search for the following line:
$_REQUEST = array_merge($_GET,$_POST);
Comment it out by adding // in front of the line like this:
//$_REQUEST = array_merge($_GET,$_POST);
We have to do this because phpBB uses $_REQUEST for its cookies.
Edit inc/utf8.php
=Rincewind= =Angua RC1=
There are some functions in the file inc/utf8.php already defined by phpBB, these are:
- utf8_strlen
- utf8_substr
- utf8_strtolower
- utf8_strtoupper
- utf8_ucfirst
- utf8_strpos
So we only let DokuWiki define these functions if we're not using phpBB by adding an check around these function:
if(!defined('IN_PHPBB')) { ... }
Example: utf8_strlen
replace:
function utf8_strlen($string){ return strlen(utf8_decode($string)); }
with:
if(!defined('IN_PHPBB')){ function utf8_strlen($string){ return strlen(utf8_decode($string)); } }
Edit inc/cache.php
=Rincewind= =Angua RC1=
The last problem we have is that DokuWiki and phpBB both have a cache class. We can just rename this class in DokuWiki. To do so we open the file inc/cache.php and search for:
class cache {
replace this line with:
class wiki_cache {
Search for:
function cache($key,$ext) {
and replace it with:
function wiki_cache($key,$ext) {
Search for:
class cache_parser extends cache {
and replace it with:
class cache_parser extends wiki_cache {
Search for:
parent::cache($file.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'],'.'.$mode);
and replace it with:
parent::wiki_cache($file.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'],'.'.$mode);
Edit feed.php
=Rincewind= =Angua RC1=
Knowing we have just renamed the cache class (see above) and knowing this class is called in feed.php, we also need to rename the calling to make RSS/Atom feeds works. Find:
$cache = new cache($key, '.feed');
and replace with:
$cache = new wiki_cache($key, '.feed');
Otherwise you will have a very nice “XML Parsing Error”.
Edit lib/exe/css.php
=Angua RC1=
Do Not do for Rincewind
Knowing we have just renamed the cache class (see above) and knowing this class is called in lib/exe/css.php, we also need to rename the calling to make skin works. Find:
// The generated script depends on some dynamic options $cache = new cache('styles'.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'].DOKU_BASE.$tplinc.$mediatype,'.css');
and replace with:
// The generated script depends on some dynamic options $cache = new wiki_cache('styles'.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'].DOKU_BASE.$tplinc.$mediatype,'.css');
Edit lib/exe/js.php
=Angua RC1=
Do Not do for Rincewind
Knowing we have just renamed the cache class (see above) and knowing this class is called in lib/exe/js.php, we also need to rename the calling to make javascript works. Find:
// The generated script depends on some dynamic options $cache = new cache('scripts'.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'], '.js');
and replace with:
// The generated script depends on some dynamic options $cache = new wiki_cache('scripts'.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'], '.js');
Edit inc/load.php
=Angua RC1=
Do Not do for Rincewind
Knowing we have just renamed the cache class (see above) and knowing this class is in inc/load.php, we also need to rename the name to make css and javascript works. Find:
'cache' => DOKU_INC.'inc/cache.php',
and replace with:
'wiki_cache' => DOKU_INC.'inc/cache.php',
Edit inc/common.php
Do Not do for Rincewind and Angua RC1
To synchronize phpBB3's and Dokuwiki's dateformat and timezone you have to change the function dformat() in inc/common.php.
Search for:
function dformat($dt=null,$format=''){ global $conf; if(is_null($dt)) $dt = time(); $dt = (int) $dt; if(!$format) $format = $conf['dformat']; $format = str_replace('%f',datetime_h($dt),$format); return strftime($format,$dt); }
and replace it with:
function dformat($dt=null){ global $user; if(is_null($dt)) $dt = time(); $dt = (int) $dt; return $user->format_date($dt); }
So Dokuwiki uses the date configurations of phpBB3.
Set configuration variables
=Rincewind= =Angua RC1=
The last thing we have to do is: enable it! The file conf/local.protected.php is the best location to do so, because DokuWiki doesn't touch this file. If the file doesn't exist, you have to create it. Add these lines:
<?php /* * phpBB3 */ define('IN_PHPBB', true); $phpbb_root_path = 'phpBB3/'; $conf['authtype'] = 'phpbb3'; ?>
$phpbb_root_path has to be the relative path to phpBB from the DokuWiki directory, e.g. if phpBB is installed on the same level as DokuWiki, e.g. DokuWiki in var/user/dokuwiki and phpBB in var/user/forum/, $php_root_path has to be set to ../forum/.
I did this, but it wouldn't authenticate me. I tried pasting it in local.php, and it worked just fine. Is there a step missing?
phpBB3 Settings
Cookie Settings
=Rincewind= =Angua RC1=
In order for the above integration to work well, it is important that the cookie settings in the phpBB3 ACP (admin control panel) are set right. For example, with wrong cookie settings, first logging in at your phpBB3 forum, then browsing your DokuWiki pages will forcibly log you out when you next load a page of your forum.
If your phpBB3 forum is installed at www.yourdomain.com/phpBB3/ and your DokuWiki is installed at www.yourdomain.com/dokuwiki/, then you should not set the “Cookie path” on the “Cookie Settings” page in the phpBB3 ACP to /phpBB3/ – that will cause the very behaviour mentioned in the example above. Instead, set the “Cookie path” to /, and it should work as expected. carstenfuchs [at] t [dash] online [dot] de
Security Settings
An other thing to check in the phpbb3 ACP is “Validate referrer” in the Security settings. If this setting is set to “Validate path too” the integration will not work and you will experience exactly the same issue that is described above in case of wrong cookie path. For this reason please set “Validate referrer” to “Validate host” or “none” but never to “Validate path”. Be care…
Credits
- Thanks to Nathan Brittles who gave me the basic ideas in a thread in the official phpBB (phpBB3) forum.
Comments
- The file feed.php is now in the root of dokuwiki installation and not in the lib folder as of dokuwiki-2010-11-07a “Anteater”. Do not forget to include this line
require_once(DOKU_INC.'inc/cache.php');
just after
require_once(DOKU_INC.'inc/init.php');
in feed.php or else php will throw wiki_cache unknown class error.
- I just want to say that I'm not using DokuWiki anymore, so I'm not using this mod anymore, too, of course and so I can't help anyone with problems regarding DokuWiki and phpbb3. — Markus -voks- Henn 2008/10/16 10:34
- Just a few words for integrating authentication with phpBB 3.0.4:
- nammyung 2009/10/31: If the paths are not resolving properly, just replace them with absolute path to the phpbb3 install. For example, $php_root_path='/var/www/html/forum/'; If you do this, you can just comment out the two “if(strpos($_SERVER['PHP_SELF']” lines.
Cant you just make DokuWiki PLUG into the MySQL auth part of phpbb3? so what if you have to login twice!@
Worked fine for me (please note the phpbb cookies value and my subdomains) :
- 2010 May 10: RSS/Atom issue fixed. Refer to “Edit feed.php” above in this page to view fix.
Problem:
- 2010 July 1: I installed this plug in manually and everything works great however I believe I am having a problem with the date because I am getting this error where the date should be displayed:
[phpBB Debug] PHP Notice: in file /includes/session.php on line 2167: strtr() [function.strtr]: The second argument is not an array
When I check that line of code for errors this is what the code is:
return strtr(@gmdate($date_cache[$format]['format_long'], $gmepoch + $zone_offset), $date_cache[$format]['lang']);
Update - 2010 July 6th: I returned the date mod back to the original code and the error is fixed. Update2 - 2010 July 7th: The toolbar does NOT work and it just gives me a link to “Media Files”! I've tried all of the troubleshooting tips offered here and nothing fixes it. Any help?! Update3 - 2010 July7th: Make sure the permissions of the dokuwiki/lib/exe/js.php file are set to 755 otherwise the toolbar will not work!
- I had some problems getting this integration to work, it would not authenticate. But, I found the problem: If $_SERVER['PHP_AUTH_USER'] is set on your server, it will try to log in with that. If you have that problem, you can either unset it, or remove the corresponding code in inc/auth.php
- I found a solution to make it work with the most recent version (Anteater) of dokuwiki. You basically have to declare the global variables before the class is declared:
- At the beginning of the file phpbb3.class.php insert the global variables:
- ADDED TO CODE AT THE TOP OF THE PAGE SO THIS IS NOT NEEDED IF YOUR ALREADY COPIED THE NEW CODE ABOVE - djSupport
<?php /** * phpBB3 authentication backend * * Uses external Trust mechanism to check against phpBB's * user cookie. phpBB's PHPBB_ROOT_PATH must be defined correctly. * * @author Markus Henn <brezelman@yahoo.de> */ define('IN_PHPBB', true); global $phpbb_root_path; global $db; global $cache; global $phpEx; global $user; global $config; global $conf; global $dbhost; global $dbport; global $dbname; global $dbuser; global $dbpasswd; global $table_prefix; global $phpbb_auth; $phpEx = substr(strrchr(__FILE__, '.'), 1); if(strpos($_SERVER['PHP_SELF'], "/lib/plugins/") !== false) { $phpbb_root_path = '../../../'.$phpbb_root_path; } if(strpos($_SERVER['PHP_SELF'], "/lib/exe/") !== false) { $phpbb_root_path = '../../'.$phpbb_root_path; } require_once(DOKU_INC.'inc/auth/mysql.class.php'); require_once($phpbb_root_path.'common.'.$phpEx); //config is loaded in common file, but $dbpasswd is unset there, too, so we have to reload it require($phpbb_root_path.'config.'.$phpEx); $user->session_begin(); //$auth will be used by DokuWiki, so copy phpBB's $auth to another variable $phpbb_auth = $auth; $phpbb_auth->acl($user->data); class auth_phpbb3 extends auth_mysql { HERE THE REST OF THE ORIGINAL phpbb3.class.php CODE FROM THE TOP OF THIS SIDE
* I don't really understand why it works now, so I haven't added it to the instructions in case it's a security risk. — Eivind 2010/09/12
Eivind, i have your problem totally. i did what you said. and so far it can run.but afther the integrate the login button in my dokuwiki is disappeared it always “logout” even you never login.so i try remove 'PHP_AUTH_USER' part in the auth.php. because i use a remote sever.but it wasn't work.so i even try change some syntax in phpbb.class.php.whatsoever how does remove the corresponding code in inc/auth.php exactly? —smith 26/01/2011 (just be my hero Eivind) Maybe try removing basic apache authentification if written in .htaccess???
The Page has been cleared up a bit by djSupport on 24/7/11 Mail me if there is any issues I hope it helps...
