auth:mysql_gallery2
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
auth:mysql_gallery2 [2010-09-02 09:10] – old revision restored mluigi | auth:mysql_gallery2 [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== MySql DokuWiki/ | ||
- | [[http:// | ||
- | This assumes that all user/group accounts will be created and maintained through Gallery2.\\ | ||
- | Gallery version 2.2.1 core 1.2.0.1 \\ | ||
- | DokuWiki version 2007-06-26b \\ | ||
- | Also tested on\\ | ||
- | Gallery version 2.2.4 core 1.2.0.6 \\ | ||
- | DokuWiki version 2008-05-05 \\ | ||
- | |||
- | ===== MySQL authentication in Gallery2 ===== | ||
- | Gallery2 stores passwords md5encrypted with salt as the first 4 chars. The code below is the function with which Gallery2 creates its passwords: | ||
- | |||
- | <code php> | ||
- | /** | ||
- | * Create a hashed password using md5 plus salt. | ||
- | * @param string $password plaintext password | ||
- | * @param string $salt (optional) salt or hash containing salt (randomly generated if omitted) | ||
- | * @return string hashed password | ||
- | */ | ||
- | function md5Salt($password, | ||
- | if (empty($salt)) { | ||
- | for ($i = 0; $i < 4; $i++) { | ||
- | $char = mt_rand(48, 109); | ||
- | $char += ($char > 90) ? 13 : ($char > 57) ? 7 : 0; | ||
- | $salt .= chr($char); | ||
- | } | ||
- | } else { | ||
- | $salt = substr($salt, | ||
- | } | ||
- | return $salt . md5($salt . $password); | ||
- | } | ||
- | </ | ||
- | ===== DokuWiki changes ===== | ||
- | |||
- | Due to how gallery stores its passwords as stated above, none of DokuWikis built-in-encryptions work so one must edit the function auth_verifyPassword in inc/ | ||
- | <code php> | ||
- | ... | ||
- | }elseif($len == 32){ | ||
- | $method = ' | ||
- | }elseif($len == 36){ //gallery2 md5 with salt | ||
- | $method = ' | ||
- | $privatesalt = substr($crypt, | ||
- | $clear = $privatesalt.$clear; | ||
- | $crypt = substr($crypt, | ||
- | }elseif($len == 40){ | ||
- | $method = ' | ||
- | ... | ||
- | </ | ||
- | |||
- | Lastly the file conf/ | ||
- | <code php> | ||
- | /* Options to configure database access. You need to set up this | ||
- | * options carefully, otherwise you won't be able to access you | ||
- | * database. | ||
- | */ | ||
- | $conf[' | ||
- | $conf[' | ||
- | $conf[' | ||
- | $conf[' | ||
- | |||
- | /* This option enables debug messages in the mysql module. It is | ||
- | * mostly usefull for system admins. | ||
- | */ | ||
- | $conf[' | ||
- | |||
- | /* Normally password encryption is done by DokuWiki (recommended) but for | ||
- | * some reasons it might be useful to let the database do the encryption. | ||
- | * Set ' | ||
- | * the database, otherwise the encrypted one. | ||
- | */ | ||
- | $conf[' | ||
- | |||
- | /* Multiple table operations will be protected by locks. This array tells | ||
- | * the module which tables to lock. If you use any aliases for table names | ||
- | * these array must also contain these aliases. Any unnamed alias will cause | ||
- | * a warning during operation. See the example below. | ||
- | */ | ||
- | $conf[' | ||
- | |||
- | / | ||
- | /* Basic SQL statements for user authentication (required) | ||
- | / | ||
- | |||
- | /* This statement is used to grant or deny access to the wiki. The result | ||
- | * should be a table with exact one line containing at least the password | ||
- | * of the user. If the result table is empty or contains more than one | ||
- | * row, access will be denied. | ||
- | * | ||
- | * The module access the password as ' | ||
- | * | ||
- | * Following patters will be replaced: | ||
- | | ||
- | | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | FROM g2_UserGroupMap AS ug | ||
- | JOIN g2_User AS u ON u.g_id=ug.g_userId | ||
- | JOIN g2_Group AS g ON g.g_id=ug.g_groupId | ||
- | WHERE g_userName=' | ||
- | AND g_groupName=' | ||
- | |||
- | /* This statement should return a table with exact one row containing | ||
- | * information about one user. The field needed are: | ||
- | * ' | ||
- | * ' | ||
- | * ' | ||
- | * | ||
- | * Keep in mind that DokuWiki will access this information through the | ||
- | * names listed above so aliases might be necessary. | ||
- | * | ||
- | * Following patters will be replaced: | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | FROM g2_User | ||
- | WHERE g_userName=' | ||
- | |||
- | /* This statement is used to get all groups a user is member of. The | ||
- | * result should be a table containing all groups the given user is | ||
- | * member of. The module access the group name as ' | ||
- | * might be necessary. | ||
- | * | ||
- | * Following patters will be replaced: | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | FROM g2_Group g, g2_User u, g2_UserGroupMap ug | ||
- | WHERE u.g_id = ug.g_userId | ||
- | AND g.g_id = ug.g_groupId | ||
- | AND u.g_userName=' | ||
- | |||
- | / | ||
- | /* Additional minimum SQL statements to use the user manager | ||
- | / | ||
- | |||
- | /* This statement should return a table containing all user login names | ||
- | * that meet certain filter criteria. The filter expressions will be added | ||
- | * case dependent by the module. At the end a sort expression will be added. | ||
- | * Important is that this list contains no double entries for a user. Each | ||
- | * user name is only allowed once in the table. | ||
- | * | ||
- | * The login name will be accessed as ' | ||
- | * No patterns will be replaced in this statement but following patters | ||
- | * will be replaced in the filter expressions: | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | FROM g2_User AS u | ||
- | LEFT JOIN g2_UserGroupMap AS ug ON u.g_id=ug.g_userId | ||
- | LEFT JOIN g2_Group AS g ON ug.g_groupId=g.g_id"; | ||
- | $conf[' | ||
- | $conf[' | ||
- | $conf[' | ||
- | $conf[' | ||
- | $conf[' | ||
- | |||
- | / | ||
- | /* | ||
- | / | ||
- | |||
- | /* This statement should add a user to the database. Minimum information | ||
- | * to store are: login name, password, email address and full name. | ||
- | * | ||
- | * Following patterns will be replaced: | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | */ | ||
- | /* This statement should add a group to the database. | ||
- | * Following patterns will be replaced: | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | | ||
- | */ | ||
- | /* This statement should connect a user to a group (a user become member | ||
- | * of that group). | ||
- | * Following patterns will be replaced: | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | | ||
- | */ | ||
- | /* This statement should remove a group from the database. | ||
- | * Following patterns will be replaced: | ||
- | | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | WHERE gid=' | ||
- | */ | ||
- | /* This statement should return the database index of a given user name. | ||
- | * The module will access the index with the name ' | ||
- | * necessary. | ||
- | * following patters will be replaced: | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | FROM users | ||
- | WHERE login=' | ||
- | */ | ||
- | |||
- | / | ||
- | /* | ||
- | / | ||
- | |||
- | /* This statement should remove a user from the database. | ||
- | * Following patterns will be replaced: | ||
- | | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | WHERE uid=' | ||
- | */ | ||
- | /* This statement should remove all connections from a user to any group | ||
- | * (a user quits membership of all groups). | ||
- | * Following patterns will be replaced: | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | WHERE uid=' | ||
- | */ | ||
- | / | ||
- | /* | ||
- | / | ||
- | |||
- | /* This statements should modify a user entry in the database. The | ||
- | * statements UpdateLogin, | ||
- | * added to updateUser on demand. Only changed parameters will be used. | ||
- | * | ||
- | * Following patterns will be replaced: | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | $conf[' | ||
- | $conf[' | ||
- | $conf[' | ||
- | $conf[' | ||
- | // | ||
- | $conf[' | ||
- | |||
- | /* This statement should remove a single connection from a user to a | ||
- | * group (a user quits membership of that group). | ||
- | * | ||
- | * Following patterns will be replaced: | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | WHERE uid=' | ||
- | AND gid=' | ||
- | */ | ||
- | /* This statement should return the database index of a given group name. | ||
- | * The module will access the index with the name ' | ||
- | * be necessary. | ||
- | * | ||
- | * Following patters will be replaced: | ||
- | | ||
- | */ | ||
- | $conf[' | ||
- | FROM g2_Group | ||
- | WHERE g_groupName=' | ||
- | |||
- | </ | ||
- | --- // |