From bcefb47633b74f7fde69c49a1b597a729f862d03 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sun, 11 Mar 2007 22:03:26 +0000 Subject: [PATCH] r1441: Adding a phpBB2 authentication module --- includes/auth/auth_phpbb2.php | 159 ++++++++++++++++++++++++++++++++++ 1 file changed, 159 insertions(+) create mode 100644 includes/auth/auth_phpbb2.php diff --git a/includes/auth/auth_phpbb2.php b/includes/auth/auth_phpbb2.php new file mode 100644 index 0000000..435d1f3 --- /dev/null +++ b/includes/auth/auth_phpbb2.php @@ -0,0 +1,159 @@ + 'user_id', + 'displayname' => 'username', + 'email' => 'user_email' + ); + + /** + * Database table prefix + * @var string + */ + var $phpBBTablePrefix = 'phpbb2_'; + + /** + * The cookie name that is set in phpBB -> Administration -> General Admin -> Configuration -> Cookie Settings -> Cookie Name + * @var string + */ + var $cookieName = 'phpbb2mysql'; + + // ################################################################### + function _setupDatabase() + { + // connect to the DB + $this->authDb = new DB_MySQL($this->registry); + $this->authDb->connect('DATABASE_SERVER', 'DATABASE_USER', 'DATABASE_PASSWORD', 'DATABASE_NAME', false); + } + + // ################################################################### + function _fetchCookieUniqueId() + { + $val = $this->registry->in[$this->cookieName . '_sid']; + return (!$val ? -1 : $val); // hack so we don't do stupid things but can still create a session + } + + // ################################################################### + function _fetchCookiePassword() + { + return true; + } + + // ################################################################### + function _fetchUserUsingCookies() + { + $session = $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}sessions WHERE session_id = '" . $this->authDb->escape_string($this->_fetchCookieUniqueId()) . "'"); + if (!$session) + { + // phpBB's wacky auto-login system + $data = unserialize($_COOKIE[$this->cookieName . '_data']); + if (!$data) + { + return false; + } + return $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}users WHERE user_id = " . $this->registry->clean($data['userid'], TYPE_UINT) . " AND user_password = '" . $this->authDb->escape_string($data['autologinid']) . "'"); + } + else + { + if ($session['session_user_id'] == 0 OR $session['session_user_id'] == -1) + { + return false; + } + return $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}users WHERE user_id = " . $session['session_user_id']); + } + } + + // ################################################################### + function _verifyCookieData() + { + return ($this->_fetchUserUsingCookies() != false); + } + + // ################################################################### + function _fetchUserWithIdentifier($string) + { + return $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}users WHERE username = '" . $this->authDb->escape_string($string) . "'"); + } + + // ################################################################### + function _verifyLoginUser($password) + { + return (md5($password) == $this->authUser['user_password']); + } + + // ################################################################### + function clearCookies() + { + $this->registry->funct->cookie($this->cookieName . '_data'); + $this->registry->funct->cookie($this->cookieName . '_sid'); + $this->authDb->query("DELETE FROM {$this->phpBBTablePrefix}sessions WHERE session_id = '" . $this->authDb->escape_string($this->_fetchCookieUniqueId()) . "'"); + } + + // ################################################################### + function _setCookies($permanent = false) + { + $sid = $this->_fetchCookieUniqueId(); + $sid = ($sid != '-1' ? $sid : md5(microtime() . rand())); + $this->registry->funct->cookie($this->cookieName . '_sid', $sid, false); + if ($permanent) + { + $this->registry->funct->cookie($this->cookieName . '_data', serialize(array('autologinid' => $this->authUser['user_password'], 'userid' => $this->authUser['user_id'])), true); + } + $this->authDb->query(" + REPLACE INTO {$this->phpBBTablePrefix}sessions + (session_id, session_user_id, session_start, session_time, session_logged_in) + VALUES + ( + '$sid', " . $this->authUser['user_id'] . ", " . time() . ", " . time() . ", 1 + )" + ); + + $this->authDb->query("UPDATE {$this->phpBBTablePrefix}users SET user_session_time = " . time() . ", user_lastvisit = " . time() . " WHERE user_id = " . $this->authUser['user_id']); + } +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file -- 2.43.5