extensions/LLAuthPlugin.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115

<?php

$wgHooks['isValidPassword'][] = 'LLAuthPlugin::isValidPassword';

$wgExtensionCredits['other'][] = array(
    'name' => 'LLAuthPlugin',
    'description' => 'Authentifizierung am LL-Forum',
    'author' => 'Pierre Schmitz',
    'url' => 'http://www.archlinux.de',
);

require_once('includes/AuthPlugin.php');

class LLAuthPlugin extends AuthPlugin {

	public static function isValidPassword($password) {
		$length = strlen($password);
		return ($length >= 6 && $length <= 25);
	}

	private $dbLink = null;

	function __construct() {
		global $wgDBuser, $wgDBpassword;
		$this->dbLink = mysqli_connect('localhost', $wgDBuser, $wgDBpassword, 'current');
	}

	function __destruct() {
		mysqli_close($this->dbLink);
	}

	function getUserData($username) {
		$result = mysqli_query($this->dbLink, 'SELECT id, email, realname FROM users WHERE name = \''.mysqli_escape_string($this->dbLink, $username).'\'');
		$data = mysqli_fetch_assoc($result);
		mysqli_free_result($result);

		return $data;
	}

	function userExists( $username ) {
		$result = mysqli_query($this->dbLink, 'SELECT id FROM users WHERE name = \''.mysqli_escape_string($this->dbLink, $username).'\'');
		$exists = mysqli_num_rows($result) > 0;
		mysqli_free_result($result);

 		return $exists;
	}

	function authenticate( $username, $password ) {
		$result = mysqli_query($this->dbLink, 'SELECT id FROM users WHERE name = \''.mysqli_escape_string($this->dbLink, $username).'\' AND password = \''.mysqli_escape_string($this->dbLink, sha1($password)).'\' ');
		$authenticated = mysqli_num_rows($result) > 0;
		mysqli_free_result($result);

 		return $authenticated;
	}

	function modifyUITemplate( &$template ) {
		$template->set( 'usedomain', false );
		$template->set('link', 'Um Dich hier anzumelden, nutze Deine Konto-Daten aus dem <a href="http://forum.archlinux.de/">archlinux.de-Forum</a>.');
	}

	function setDomain( $domain ) {
		$this->domain = $domain;
	}

	function validDomain( $domain ) {
		return true;
	}

	function updateUser( &$user ) {
		return $this->initUser($user);
	}

	function autoCreate() {
		return true;
	}

	function allowPasswordChange() {
		return false;
	}

	function setPassword( $user, $password ) {
		return false;
	}

	function updateExternalDB( $user ) {
		// this way userdata is allways overwritten by external db
		return $this->initUser($user);
	}

	function canCreateAccounts() {
		return false;
	}

	function addUser( $user, $password, $email = '', $realname = '' ) {
		return false;
	}

	function strict() {
		return true;
	}

	function initUser( &$user ) {
		$data = $this->getUserData($user->getName());
		$user->setEmail($data['email']);
		$user->confirmEmail();
		$user->setRealName($data['realname']);
		return true;
	}

	function getCanonicalName( $username ) {
		return $username;
	}
}

?>