*/ define('IN_PHPBB', true); $phpEx = substr(strrchr(__FILE__, '.'), 1); global $phpbb_root_path; if(strpos($_SERVER['PHP_SELF'], "/lib/plugins/") !== false) { $phpbb_root_path = '../../../'.$phpbb_root_path; } if(strpos($_SERVER['PHP_SELF'], "/lib/exe/") !== false) { $phpbb_root_path = '../../'.$phpbb_root_path; } require_once(DOKU_INC.'inc/auth/mysql.class.php'); require_once($phpbb_root_path.'common.'.$phpEx); //config is loaded in common file, but $dbpasswd is unset there, too, so we have to reload it require($phpbb_root_path.'config.'.$phpEx); $user->session_begin(); //$auth will be used by DokuWiki, so copy phpBB's $auth to another variable $phpbb_auth = $auth; $phpbb_auth->acl($user->data); class auth_phpbb3 extends auth_mysql { function auth_phpbb3() { $this->cando['external'] = true; $this->cando['logoff'] = true; global $conf; // get global vars from phpBB config global $dbhost; global $dbport; global $dbname; global $dbuser; global $dbpasswd; global $table_prefix; // set group config vars $conf['defaultgroup'] = 'REGISTERED'; $conf['superuser'] = '@ADMINISTRATORS'; $conf['manager'] = '@GLOBAL_MODERATORS'; // now set up the mysql config strings $conf['auth']['mysql']['server'] = $dbhost.':'.$dbport; $conf['auth']['mysql']['user'] = $dbuser; $conf['auth']['mysql']['password'] = $dbpasswd; $conf['auth']['mysql']['database'] = $dbname; //unset $db* variables, so noone can hack them unset($dbpasswd); unset($dbuser); unset($dbhost); unset($dbport); unset($dbname); $conf['auth']['mysql']['TablesToLock']= array("{$table_prefix}users", "{$table_prefix}users AS u", "{$table_prefix}groups", "{$table_prefix}groups AS g", "{$table_prefix}user_group", "{$table_prefix}user_group AS ug"); $conf['auth']['mysql']['checkPass'] = "SELECT user_password AS pass FROM {$table_prefix}users WHERE username='%{user}'"; $conf['auth']['mysql']['getUserInfo'] = "SELECT user_password AS pass, username AS name, user_email AS mail FROM {$table_prefix}users WHERE username='%{user}'"; $conf['auth']['mysql']['getGroups'] = "SELECT group_name as `group` FROM {$table_prefix}groups g, {$table_prefix}users u, {$table_prefix}user_group ug WHERE u.user_id = ug.user_id AND g.group_id = ug.group_id AND u.username='%{user}'"; $conf['auth']['mysql']['getUsers'] = "SELECT DISTINCT username AS user FROM {$table_prefix}users AS u LEFT JOIN {$table_prefix}user_group AS ug ON u.user_id=ug.user_id LEFT JOIN {$table_prefix}groups AS g ON ug.group_id=g.group_id"; $conf['auth']['mysql']['FilterLogin'] = "username LIKE '%{user}'"; $conf['auth']['mysql']['FilterName'] = "username LIKE '%{name}'"; $conf['auth']['mysql']['FilterEmail'] = "user_email LIKE '%{email}'"; $conf['auth']['mysql']['FilterGroup'] = "group_name LIKE '%{group}'"; $conf['auth']['mysql']['SortOrder'] = "ORDER BY username"; $conf['auth']['mysql']['getUserID'] = "SELECT user_id AS id FROM {$table_prefix}users WHERE username='%{user}'"; $conf['auth']['mysql']['getGroupID'] = "SELECT group_id AS id FROM {$table_prefix}groups WHERE group_name='%{group}'"; /* $conf['auth']['mysql']['addUser'] = "INSERT INTO {$table_prefix}users (username, user_password, user_email) VALUES ('%{user}', '%{pass}', '%{email}')"; $conf['auth']['mysql']['addGroup'] = "INSERT INTO {$table_prefix}groups (group_name) VALUES ('%{group}')"; $conf['auth']['mysql']['addUserGroup']= "INSERT INTO {$table_prefix}user_group (user_id, group_id) VALUES ('%{uid}', '%{gid}')"; $conf['auth']['mysql']['updateUser'] = "UPDATE {$table_prefix}users SET"; $conf['auth']['mysql']['UpdateLogin'] = "username='%{user}'"; $conf['auth']['mysql']['UpdatePass'] = "user_password='%{pass}'"; $conf['auth']['mysql']['UpdateEmail'] = "user_email='%{email}'"; //$conf['auth']['mysql']['UpdateName'] = $conf['auth']['mysql']['UpdateLogin']; $conf['auth']['mysql']['UpdateTarget']= "WHERE user_id=%{uid}"; $conf['auth']['mysql']['delGroup'] = "DELETE FROM {$table_prefix}groups WHERE group_id='%{gid}'"; $conf['auth']['mysql']['delUser'] = "DELETE FROM {$table_prefix}users WHERE user_id='%{uid}'"; $conf['auth']['mysql']['delUserRefs'] = "DELETE FROM {$table_prefix}user_group WHERE user_id='%{uid}'"; $conf['auth']['mysql']['delUserGroup']= "DELETE FROM {$table_prefix}user_group WHERE user_id='%{uid}' AND group_id='%{gid}'"; */ // call mysql constructor $this->auth_mysql(); } function trustExternal($username, $password, $sticky = false) { global $USERINFO; global $conf; global $user; global $phpbb_auth; $sticky ? $sticky = true : $sticky = false; // sanity check // someone used the login form if(!empty($username)) { // run phpBB's login function define('IN_LOGIN', true); $login = $phpbb_auth->login($username, $password, $sticky); if($login['status'] != LOGIN_SUCCESS) { return false; } } if(!$user->data['is_registered']) { return false; } $USERINFO['name'] = $user->data['username']; $USERINFO['mail'] = $user->data['user_email']; if($this->_openDB()) { $USERINFO['grps'] = $this->_getGroups($USERINFO['name']); } $_SERVER['REMOTE_USER'] = $user->data['username']; $_SESSION[DOKU_COOKIE]['auth']['user'] = $user->data['username']; $_SESSION[DOKU_COOKIE]['auth']['pass'] = $user->data['user_password']; $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO; return true; } function logoff() { global $user; $user->session_kill(); } } ?>