diff options
Diffstat (limited to 'includes/extauth/vB.php')
| -rw-r--r-- | includes/extauth/vB.php | 140 |
1 files changed, 140 insertions, 0 deletions
diff --git a/includes/extauth/vB.php b/includes/extauth/vB.php new file mode 100644 index 00000000..23523665 --- /dev/null +++ b/includes/extauth/vB.php @@ -0,0 +1,140 @@ +<?php + +# Copyright (C) 2009 Aryeh Gregor +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# http://www.gnu.org/copyleft/gpl.html + +/** + * This class supports the proprietary vBulletin forum system + * <http://www.vbulletin.com>, versions 3.5 and up. It calls no functions or + * code, only reads from the database. Example lines to put in + * LocalSettings.php: + * + * $wgExternalAuthType = 'ExternalUser_vB'; + * $wgExternalAuthConf = array( + * 'server' => 'localhost', + * 'username' => 'forum', + * 'password' => 'udE,jSqDJ<""p=fI.K9', + * 'dbname' => 'forum', + * 'tableprefix' => '', + * 'cookieprefix' => 'bb' + * ); + * + * @ingroup ExternalUser + */ +class ExternalUser_vB extends ExternalUser { + private $mDb, $mRow; + + protected function initFromName( $name ) { + return $this->initFromCond( array( 'username' => $name ) ); + } + + protected function initFromId( $id ) { + return $this->initFromCond( array( 'userid' => $id ) ); + } + + protected function initFromCookie() { + # Try using the session table. It will only have a row if the user has + # an active session, so it might not always work, but it's a lot easier + # than trying to convince PHP to give us vB's $_SESSION. + global $wgExternalAuthConf; + if ( !isset( $wgExternalAuthConf['cookieprefix'] ) ) { + $prefix = 'bb'; + } else { + $prefix = $wgExternalAuthConf['cookieprefix']; + } + if ( !isset( $_COOKIE["{$prefix}sessionhash"] ) ) { + return false; + } + + $db = $this->getDb(); + + $row = $db->selectRow( + array( 'session', 'user' ), + $this->getFields(), + array( + 'session.userid = user.userid', + 'sessionhash' => $_COOKIE["{$prefix}sessionhash"] + ), + __METHOD__ + ); + if ( !$row ) { + return false; + } + $this->mRow = $row; + + return true; + } + + private function initFromCond( $cond ) { + $db = $this->getDb(); + + $row = $db->selectRow( + 'user', + $this->getFields(), + $cond, + __METHOD__ + ); + if ( !$row ) { + return false; + } + $this->mRow = $row; + + return true; + } + + private function getDb() { + global $wgExternalAuthConf; + return new Database( + $wgExternalAuthConf['server'], + $wgExternalAuthConf['username'], + $wgExternalAuthConf['password'], + $wgExternalAuthConf['dbname'], + false, 0, + $wgExternalAuthConf['tableprefix'] + ); + } + + private function getFields() { + return array( 'user.userid', 'username', 'password', 'salt', 'email', + 'usergroupid', 'membergroupids' ); + } + + public function getId() { return $this->mRow->userid; } + public function getName() { return $this->mRow->username; } + + public function authenticate( $password ) { + # vBulletin seemingly strips whitespace from passwords + $password = trim( $password ); + return $this->mRow->password == md5( md5( $password ) + . $this->mRow->salt ); + } + + public function getPref( $pref ) { + if ( $pref == 'emailaddress' && $this->mRow->email ) { + # TODO: only return if validated? + return $this->mRow->email; + } + return null; + } + + public function getGroups() { + $groups = array( $this->mRow->usergroupid ); + $groups = array_merge( $groups, explode( ',', $this->mRow->membergroupids ) ); + $groups = array_unique( $groups ); + return $groups; + } +} |