From bcefb47633b74f7fde69c49a1b597a729f862d03 Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@bluestatic.org>
Date: Sun, 11 Mar 2007 22:03:26 +0000
Subject: [PATCH] r1441: Adding a phpBB2 authentication module

---
 includes/auth/auth_phpbb2.php | 159 ++++++++++++++++++++++++++++++++++
 1 file changed, 159 insertions(+)
 create mode 100644 includes/auth/auth_phpbb2.php

diff --git a/includes/auth/auth_phpbb2.php b/includes/auth/auth_phpbb2.php
new file mode 100644
index 0000000..435d1f3
--- /dev/null
+++ b/includes/auth/auth_phpbb2.php
@@ -0,0 +1,159 @@
+<?php
+/*=====================================================================*\
+|| ###################################################################
+|| # Bugdar [#]version[#]
+|| # Copyright Â©2002-[#]year[#] Blue Static
+|| #
+|| # This program is free software; you can redistribute it and/or modify
+|| # it under the terms of the GNU General Public License as published by
+|| # the Free Software Foundation; version [#]gpl[#] of the License.
+|| #
+|| # This program is distributed in the hope that it will be useful, but
+|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+|| # more details.
+|| #
+|| # You should have received a copy of the GNU General Public License along
+|| # with this program; if not, write to the Free Software Foundation, Inc.,
+|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+|| ###################################################################
+\*=====================================================================*/
+
+require_once('./includes/auth/auth.php');
+
+/**
+* Authentication: phpBB2
+*
+* Authentication system for phpBB2
+*
+* @author		Blue Static
+* @copyright	Copyright (c)2002 - [#]year[#], Blue Static
+* @version		$Revision$
+* @package		Bugdar
+*
+*/
+class AuthenticationPhpbb2 extends Authentication
+{
+	/**
+	* Mapping of Bugdar to phpBB2 fields
+	* @var array
+	*/
+	var $fieldMap = array(
+		'authid'		=> 'user_id',
+		'displayname'	=> 'username',
+		'email'			=> 'user_email'
+	);
+	
+	/**
+	* Database table prefix
+	* @var string
+	*/
+	var $phpBBTablePrefix = 'phpbb2_';
+	
+	/**
+	* The cookie name that is set in phpBB -> Administration -> General Admin -> Configuration -> Cookie Settings -> Cookie Name
+	* @var string
+	*/
+	var $cookieName = 'phpbb2mysql';
+	
+	// ###################################################################
+	function _setupDatabase()
+	{
+		// connect to the DB
+		$this->authDb = new DB_MySQL($this->registry);
+		$this->authDb->connect('DATABASE_SERVER', 'DATABASE_USER', 'DATABASE_PASSWORD', 'DATABASE_NAME', false);
+	}
+	
+	// ###################################################################
+	function _fetchCookieUniqueId()
+	{
+		$val = $this->registry->in[$this->cookieName . '_sid'];
+		return (!$val ? -1 : $val); // hack so we don't do stupid things but can still create a session
+	}
+	
+	// ###################################################################
+	function _fetchCookiePassword()
+	{
+		return true;
+	}
+	
+	// ###################################################################
+	function _fetchUserUsingCookies()
+	{
+		$session = $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}sessions WHERE session_id = '" . $this->authDb->escape_string($this->_fetchCookieUniqueId()) . "'");
+		if (!$session)
+		{
+			// phpBB's wacky auto-login system
+			$data = unserialize($_COOKIE[$this->cookieName . '_data']);
+			if (!$data)
+			{
+				return false;
+			}
+			return $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}users WHERE user_id = " . $this->registry->clean($data['userid'], TYPE_UINT) . " AND user_password = '" . $this->authDb->escape_string($data['autologinid']) . "'");
+		}
+		else
+		{
+			if ($session['session_user_id'] == 0 OR $session['session_user_id'] == -1)
+			{
+				return false;
+			}
+			return $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}users WHERE user_id = " . $session['session_user_id']);
+		}
+	}
+	
+	// ###################################################################
+	function _verifyCookieData()
+	{
+		return ($this->_fetchUserUsingCookies() != false);
+	}
+	
+	// ###################################################################
+	function _fetchUserWithIdentifier($string)
+	{
+		return $this->authDb->query_first("SELECT * FROM {$this->phpBBTablePrefix}users WHERE username = '" . $this->authDb->escape_string($string) . "'");
+	}
+	
+	// ###################################################################
+	function _verifyLoginUser($password)
+	{
+		return (md5($password) == $this->authUser['user_password']);
+	}
+
+	// ###################################################################
+	function clearCookies()
+	{
+		$this->registry->funct->cookie($this->cookieName . '_data');
+		$this->registry->funct->cookie($this->cookieName . '_sid');
+		$this->authDb->query("DELETE FROM {$this->phpBBTablePrefix}sessions WHERE session_id = '" . $this->authDb->escape_string($this->_fetchCookieUniqueId()) . "'");
+	}
+	
+	// ###################################################################
+	function _setCookies($permanent = false)
+	{
+		$sid = $this->_fetchCookieUniqueId();
+		$sid = ($sid != '-1' ? $sid : md5(microtime() . rand()));
+		$this->registry->funct->cookie($this->cookieName . '_sid', $sid, false);
+		if ($permanent)
+		{
+			$this->registry->funct->cookie($this->cookieName . '_data', serialize(array('autologinid' => $this->authUser['user_password'], 'userid' => $this->authUser['user_id'])), true);
+		}
+		$this->authDb->query("
+			REPLACE INTO {$this->phpBBTablePrefix}sessions
+				(session_id, session_user_id, session_start, session_time, session_logged_in)
+			VALUES
+			(
+				'$sid', " . $this->authUser['user_id'] . ", " . time() . ", " . time() . ", 1
+			)"
+		);
+		
+		$this->authDb->query("UPDATE {$this->phpBBTablePrefix}users SET user_session_time = " . time() . ", user_lastvisit = " . time() . " WHERE user_id = " . $this->authUser['user_id']);
+	}
+}
+
+/*=====================================================================*\
+|| ###################################################################
+|| # $HeadURL$
+|| # $Id$
+|| ###################################################################
+\*=====================================================================*/
+?>
\ No newline at end of file
-- 
2.22.5