00001 <?php
00002
00003 # Copyright (C) 2009 Aryeh Gregor
00004 #
00005 # This program is free software; you can redistribute it and/or modify
00006 # it under the terms of the GNU General Public License as published by
00007 # the Free Software Foundation; either version 2 of the License, or
00008 # (at your option) any later version.
00009 #
00010 # This program is distributed in the hope that it will be useful,
00011 # but WITHOUT ANY WARRANTY; without even the implied warranty of
00012 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
00013 # GNU General Public License for more details.
00014 #
00015 # You should have received a copy of the GNU General Public License along
00016 # with this program; if not, write to the Free Software Foundation, Inc.,
00017 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
00018 # http://www.gnu.org/copyleft/gpl.html
00019
00038 class ExternalUser_vB extends ExternalUser {
00039 private $mDb, $mRow;
00040
00041 protected function initFromName( $name ) {
00042 return $this->initFromCond( array( 'username' => $name ) );
00043 }
00044
00045 protected function initFromId( $id ) {
00046 return $this->initFromCond( array( 'userid' => $id ) );
00047 }
00048
00049 protected function initFromCookie() {
00050 # Try using the session table. It will only have a row if the user has
00051 # an active session, so it might not always work, but it's a lot easier
00052 # than trying to convince PHP to give us vB's $_SESSION.
00053 global $wgExternalAuthConf;
00054 if ( !isset( $wgExternalAuthConf['cookieprefix'] ) ) {
00055 $prefix = 'bb';
00056 } else {
00057 $prefix = $wgExternalAuthConf['cookieprefix'];
00058 }
00059 if ( !isset( $_COOKIE["{$prefix}sessionhash"] ) ) {
00060 return false;
00061 }
00062
00063 $db = $this->getDb();
00064
00065 $row = $db->selectRow(
00066 array( 'session', 'user' ),
00067 $this->getFields(),
00068 array(
00069 'session.userid = user.userid',
00070 'sessionhash' => $_COOKIE["{$prefix}sessionhash"]
00071 ),
00072 __METHOD__
00073 );
00074 if ( !$row ) {
00075 return false;
00076 }
00077 $this->mRow = $row;
00078
00079 return true;
00080 }
00081
00082 private function initFromCond( $cond ) {
00083 $db = $this->getDb();
00084
00085 $row = $db->selectRow(
00086 'user',
00087 $this->getFields(),
00088 $cond,
00089 __METHOD__
00090 );
00091 if ( !$row ) {
00092 return false;
00093 }
00094 $this->mRow = $row;
00095
00096 return true;
00097 }
00098
00099 private function getDb() {
00100 global $wgExternalAuthConf;
00101 return new Database(
00102 $wgExternalAuthConf['server'],
00103 $wgExternalAuthConf['username'],
00104 $wgExternalAuthConf['password'],
00105 $wgExternalAuthConf['dbname'],
00106 false, 0,
00107 $wgExternalAuthConf['tableprefix']
00108 );
00109 }
00110
00111 private function getFields() {
00112 return array( 'user.userid', 'username', 'password', 'salt', 'email',
00113 'usergroupid', 'membergroupids' );
00114 }
00115
00116 public function getId() { return $this->mRow->userid; }
00117 public function getName() { return $this->mRow->username; }
00118
00119 public function authenticate( $password ) {
00120 # vBulletin seemingly strips whitespace from passwords
00121 $password = trim( $password );
00122 return $this->mRow->password == md5( md5( $password )
00123 . $this->mRow->salt );
00124 }
00125
00126 public function getPref( $pref ) {
00127 if ( $pref == 'emailaddress' && $this->mRow->email ) {
00128 # TODO: only return if validated?
00129 return $this->mRow->email;
00130 }
00131 return null;
00132 }
00133
00134 public function getGroups() {
00135 $groups = array( $this->mRow->usergroupid );
00136 $groups = array_merge( $groups, explode( ',', $this->mRow->membergroupids ) );
00137 $groups = array_unique( $groups );
00138 return $groups;
00139 }
00140 }