includes/auth/auth_phpbb2.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar
   5 || # Copyright ©2002-2007 Blue Static
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version 2 of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 require_once('./includes/auth/auth.php');
  23
  24 /**
  25 * Authentication: phpBB2
  26 *
  27 * Authentication system for phpBB2
  28 *
  29 * @author               Blue Static
  30 * @copyright    Copyright (c)2002 - 2007, Blue Static
  31 * @version              $Revision$
  32 * @package              Bugdar
  33 *
  34 */
  35 class AuthenticationPhpbb2 extends Authentication
  36 {
  37         /**
  38         * Mapping of Bugdar to phpBB2 fields
  39         * @var array
  40         */
  41         var $fieldMap = array(
  42                 'authid'                => 'user_id',
  43                 'displayname'   => 'username',
  44                 'email'                 => 'user_email'
  45         );
  46
  47         /**
  48         * Database table prefix
  49         * @var string
  50         */
  51         var $phpBBTablePrefix = 'phpbb2_';
  52
  53         /**
  54         * The cookie name that is set in phpBB -> Administration -> General Admin -> Configuration -> Cookie Settings -> Cookie Name
  55         * @var string
  56         */
  57         var $cookieName = 'phpbb2mysql';
  58
  59         // ###################################################################
  60         function _setupDatabase()
  61         {
  62                 // connect to the DB
  63                 $this->authDb = new BSDbMySQLI($this->registry);
  64                 $this->authDb->connect('DATABASE_SERVER', 'DATABASE_USER', 'DATABASE_PASSWORD', 'DATABASE_NAME');
  65         }
  66
  67         // ###################################################################
  68         function _fetchCookieUniqueId()
  69         {
  70                 $val = BSApp::$input->in[$this->cookieName . '_sid'];
  71                 return (!$val ? -1 : $val); // hack so we don't do stupid things but can still create a session
  72         }
  73
  74         // ###################################################################
  75         function _fetchCookiePassword()
  76         {
  77                 return true;
  78         }
  79
  80         // ###################################################################
  81         function _fetchUserUsingCookies()
  82         {
  83                 $session = $this->authDb->queryFirst("SELECT * FROM {$this->phpBBTablePrefix}sessions WHERE session_id = '" . $this->authDb->escapeString($this->_fetchCookieUniqueId()) . "'");
  84                 if (!$session)
  85                 {
  86                         // phpBB's wacky auto-login system
  87                         $data = unserialize($_COOKIE[$this->cookieName . '_data']);
  88                         if (!$data)
  89                         {
  90                                 return false;
  91                         }
  92                         return $this->authDb->queryFirst("SELECT * FROM {$this->phpBBTablePrefix}users WHERE user_id = " . BSApp::$input->clean($data['userid'], TYPE_UINT) . " AND user_password = '" . $this->authDb->escapeString($data['autologinid']) . "'");
  93                 }
  94                 else
  95                 {
  96                         if ($session['session_user_id'] == 0 OR $session['session_user_id'] == -1)
  97                         {
  98                                 return false;
  99                         }
 100                         return $this->authDb->queryFirst("SELECT * FROM {$this->phpBBTablePrefix}users WHERE user_id = " . $session['session_user_id']);
 101                 }
 102         }
 103
 104         // ###################################################################
 105         function _verifyCookieData()
 106         {
 107                 return ($this->_fetchUserUsingCookies() != false);
 108         }
 109
 110         // ###################################################################
 111         function _fetchUserWithIdentifier($string)
 112         {
 113                 return $this->authDb->queryFirst("SELECT * FROM {$this->phpBBTablePrefix}users WHERE username = '" . $this->authDb->escapeString($string) . "'");
 114         }
 115
 116         // ###################################################################
 117         function _verifyLoginUser($password)
 118         {
 119                 return (md5($password) == $this->authUser['user_password']);
 120         }
 121
 122         // ###################################################################
 123         function clearCookies()
 124         {
 125                 BSFunctions::cookie($this->cookieName . '_data');
 126                 BSFunctions::cookie($this->cookieName . '_sid');
 127                 $this->authDb->query("DELETE FROM {$this->phpBBTablePrefix}sessions WHERE session_id = '" . $this->authDb->escapeString($this->_fetchCookieUniqueId()) . "'");
 128         }
 129
 130         // ###################################################################
 131         function _setCookies($permanent = false)
 132         {
 133                 $sid = $this->_fetchCookieUniqueId();
 134                 $sid = ($sid != '-1' ? $sid : md5(microtime() . rand()));
 135                 BSFunctions::cookie($this->cookieName . '_sid', $sid, false);
 136                 if ($permanent)
 137                 {
 138                         BSFunctions::cookie($this->cookieName . '_data', serialize(array('autologinid' => $this->authUser['user_password'], 'userid' => $this->authUser['user_id'])), true);
 139                 }
 140                 $this->authDb->query("
 141                         REPLACE INTO {$this->phpBBTablePrefix}sessions
 142                                 (session_id, session_user_id, session_start, session_time, session_logged_in)
 143                         VALUES
 144                         (
 145                                 '$sid', " . $this->authUser['user_id'] . ", " . time() . ", " . time() . ", 1
 146                         )"
 147                 );
 148
 149                 $this->authDb->query("UPDATE {$this->phpBBTablePrefix}users SET user_session_time = " . time() . ", user_lastvisit = " . time() . " WHERE user_id = " . $this->authUser['user_id']);
 150         }
 151 }
 152
 153 /*=====================================================================*\
 154 || ###################################################################
 155 || # $HeadURL$
 156 || # $Id$
 157 || ###################################################################
 158 \*=====================================================================*/
 159 ?>