includes/auth/auth_ipb2.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar
   5 || # Copyright (c)2004-2009 Blue Static
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version 2 of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 require_once 'includes/auth/auth.php';
  23
  24 /**
  25  * Authentication: IPB2
  26  *
  27  * Authentication system for Invision Power Board 2
  28  *
  29  * @author              Blue Static
  30  * @copyright   Copyright (c)2004 - 2009, Blue Static
  31  * @package             Bugdar
  32  *
  33  */
  34 class AuthenticationIPB2 extends Authentication
  35 {
  36         /**
  37          * Map Bugdar fields to IPB ones
  38          * @var array
  39          */
  40         var $fieldMap = array(
  41                 'authid'                => 'id',
  42                 'displayname'   => 'name',
  43                 'email'                 => 'email'
  44         );
  45
  46         /**
  47          * IPB2 table prefix
  48          * @var string
  49          */
  50         var $tablePrefix;
  51
  52         /**
  53          * Cookie prefix
  54          * @var string
  55          */
  56         var $cookiePrefix;
  57
  58         // ###################################################################
  59         function _setupDatabase()
  60         {
  61                 parent::_setupDatabase();
  62
  63                 include 'includes/auth/config.php';
  64                 $this->tablePrefix = $config['auth']['IPB2']['tablePrefix'];
  65                 $this->cookiePrefix = $config['auth']['IPB2']['cookiePrefix'];
  66         }
  67
  68         // ###################################################################
  69         function _fetchCookieUniqueId()
  70         {
  71                 return $this->registry->input_clean($this->cookiePrefix . 'member_id', TYPE_UINT);
  72         }
  73
  74         // ###################################################################
  75         function _fetchCookiePassword()
  76         {
  77                 return $this->registry->in[$this->cookiePrefix . 'pass_hash'];
  78         }
  79
  80         // ###################################################################
  81         function _fetchUserUsingCookies()
  82         {
  83                 return $this->authDb->query_first("SELECT * FROM {$this->tablePrefix}members WHERE id = " . $this->_fetchCookieUniqueId());
  84         }
  85
  86         // ###################################################################
  87         function _verifyCookieData()
  88         {
  89                 return ($this->_fetchCookiePassword() == $this->authUser['member_login_key']);
  90         }
  91
  92         // ###################################################################
  93         function _fetchUserWithIdentifier($username)
  94         {
  95                 return $this->authDb->query_first("SELECT * FROM {$this->tablePrefix}members WHERE name = '" . $this->authDb->escape_string($username) . "'");
  96         }
  97
  98         // ###################################################################
  99         function _verifyLoginUser($password)
 100         {
 101                 $cvg = $this->authDb->query_first("SELECT * FROM {$this->tablePrefix}members_converge WHERE converge_email = '" . $this->authUser['email'] . "'");
 102                 return (md5(md5($cvg['converge_pass_salt']) . md5($password)) == $cvg['converge_pass_hash']);
 103         }
 104
 105         // ###################################################################
 106         function clearCookies()
 107         {
 108                 $this->registry->funct->cookie($this->cookiePrefix . 'member_id');
 109                 $this->registry->funct->cookie($this->cookiePrefix . 'pass_hash');
 110                 $this->registry->funct->cookie($this->cookiePrefix . 'ipb_stronghold');
 111                 $this->authDb->query("DELETE FROM {$this->tablePrefix}sessions WHERE id = '" . $this->authDb->escape_string($this->registry->in[$this->cookiePrefix . 'session_id']) . "'");
 112                 $this->registry->funct->cookie($this->cookiePrefix . 'session_id');
 113         }
 114
 115         // ###################################################################
 116         function _setCookies($sticky = false)
 117         {
 118                 $this->registry->funct->cookie($this->cookiePrefix . 'member_id', $this->authUser['id']);
 119                 $this->registry->funct->cookie($this->cookiePrefix . 'pass_hash', $this->authUser['member_login_key']);
 120
 121                 include 'includes/auth/config.php';
 122                 $ip = explode('.', $_SERVER['REMOTE_ADDR']);
 123                 $stronghold = md5(md5($this->authUser['id'] . '-' . $ip[0] . '-' . $ip[1] . '-' . $this->authUser['member_login_key']) . md5($config['auth']['dbPassword'] . $config['auth']['dbUser']));
 124                 $this->registry->funct->cookie($this->cookiePrefix . 'ipb_stronghold', $stronghold);
 125
 126                 $this->registry->funct->cookie($this->cookiePrefix . 'session_id');
 127         }
 128 }
 129
 130 ?>