includes/auth/auth_phpbb2.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar
   5 || # Copyright ©2002-2007 Blue Static
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version 2 of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 require_once('./includes/auth/auth.php');
  23
  24 /**
  25 * Authentication: phpBB2
  26 *
  27 * Authentication system for phpBB2
  28 *
  29 * @author               Blue Static
  30 * @copyright    Copyright (c)2002 - 2007, Blue Static
  31 * @version              $Revision$
  32 * @package              Bugdar
  33 *
  34 */
  35 class AuthenticationPhpbb2 extends Authentication
  36 {
  37         /**
  38         * Mapping of Bugdar to phpBB2 fields
  39         * @var array
  40         */
  41         var $fieldMap = array(
  42                 'authid'                => 'user_id',
  43                 'displayname'   => 'username',
  44                 'email'                 => 'user_email'
  45         );
  46
  47         /**
  48         * Database table prefix
  49         * @var string
  50         */
  51         var $phpBBTablePrefix = 'phpbb2_';
  52
  53         /**
  54         * The cookie name that is set in phpBB -> Administration -> General Admin -> Configuration -> Cookie Settings -> Cookie Name
  55         * @var string
  56         */
  57         var $cookieName = 'phpbb2mysql';
  58
  59         // ###################################################################
  60         function _setupDatabase()
  61         {
  62                 parent::_setupDatabase();
  63
  64                 include 'includes/auth/config.php';
  65                 $this->phpBBTablePrefix = $config['auth']['phpBB2']['tablePrefix'];
  66                 $this->cookieName = $config['auth']['phpBB2']['cookieName'];
  67         }
  68
  69         // ###################################################################
  70         function _fetchCookieUniqueId()
  71         {
  72                 $val = $this->registry->in[$this->cookieName . '_sid'];
  73                 return (!$val ? -1 : $val); // hack so we don't do stupid things but can still create a session
  74         }
  75
  76         // ###################################################################
  77         function _fetchCookiePassword()
  78         {
  79                 return true;
  80         }
  81
  82         // ###################################################################
  83         function _fetchUserUsingCookies()
  84         {
  85                 $session = $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}sessions WHERE session_id = '" . $this->authDb->escape_string($this->_fetchCookieUniqueId()) . "'");
  86                 if (!$session)
  87                 {
  88                         // phpBB's wacky auto-login system
  89                         $data = unserialize($_COOKIE[$this->cookieName . '_data']);
  90                         if (!$data)
  91                         {
  92                                 return false;
  93                         }
  94                         return $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}users WHERE user_id = " . $this->registry->clean($data['userid'], TYPE_UINT) . " AND user_password = '" . $this->authDb->escape_string($data['autologinid']) . "'");
  95                 }
  96                 else
  97                 {
  98                         if ($session['session_user_id'] == 0 OR $session['session_user_id'] == -1)
  99                         {
 100                                 return false;
 101                         }
 102                         return $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}users WHERE user_id = " . $session['session_user_id']);
 103                 }
 104         }
 105
 106         // ###################################################################
 107         function _verifyCookieData()
 108         {
 109                 return ($this->_fetchUserUsingCookies() != false);
 110         }
 111
 112         // ###################################################################
 113         function _fetchUserWithIdentifier($string)
 114         {
 115                 return $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}users WHERE username = '" . $this->authDb->escape_string($string) . "'");
 116         }
 117
 118         // ###################################################################
 119         function _verifyLoginUser($password)
 120         {
 121                 return (md5($password) == $this->authUser['user_password']);
 122         }
 123
 124         // ###################################################################
 125         function clearCookies()
 126         {
 127                 $this->registry->funct->cookie($this->cookieName . '_data');
 128                 $this->registry->funct->cookie($this->cookieName . '_sid');
 129                 $this->authDb->query("DELETE FROM {$this->phpBBTablePrefix}sessions WHERE session_id = '" . $this->authDb->escape_string($this->_fetchCookieUniqueId()) . "'");
 130         }
 131
 132         // ###################################################################
 133         function _setCookies($permanent = false)
 134         {
 135                 $sid = $this->_fetchCookieUniqueId();
 136                 $sid = ($sid != '-1' ? $sid : md5(microtime() . rand()));
 137                 $this->registry->funct->cookie($this->cookieName . '_sid', $sid, false);
 138                 if ($permanent)
 139                 {
 140                         $this->registry->funct->cookie($this->cookieName . '_data', serialize(array('autologinid' => $this->authUser['user_password'], 'userid' => $this->authUser['user_id'])), true);
 141                 }
 142                 $this->authDb->query("
 143                         REPLACE INTO {$this->phpBBTablePrefix}sessions
 144                                 (session_id, session_user_id, session_start, session_time, session_logged_in)
 145                         VALUES
 146                         (
 147                                 '$sid', " . $this->authUser['user_id'] . ", " . time() . ", " . time() . ", 1
 148                         )"
 149                 );
 150
 151                 $this->authDb->query("UPDATE {$this->phpBBTablePrefix}users SET user_session_time = " . time() . ", user_lastvisit = " . time() . " WHERE user_id = " . $this->authUser['user_id']);
 152         }
 153 }
 154
 155 /*=====================================================================*\
 156 || ###################################################################
 157 || # $HeadURL$
 158 || # $Id$
 159 || ###################################################################
 160 \*=====================================================================*/
 161 ?>