| pelicanparts |
05-30-2008 04:15 AM |
Yes, I was, and it is currently working. I will post it soon...
-Wayne
--------------- Added [DATE]1212124788[/DATE] at [TIME]1212124788[/TIME] ---------------
Add to end of LocalSettings.php. Change 123456789 to your vB license number. Change pelicanparts.com to your domain.
Make sure that in cookie settings in vBulletin's admin control panel, you set the cookie domain to be your domain, not blank. In my case I set it to be pelicanparts.com
Code:
# vBulletin integration script
require_once("D:/Wiki/extensions/AuthPlugin_vBulletin/AuthPlugin_vBulletin.php");
$wgCookieDomain = "pelicanparts.com";
define('COOKIE_SALT', '123456789'); ### VB LICENSE NUMBER, FROM LINE 37 OF FUNCTIONS
$wgAuth = new Auth_remoteuser();
$wgShowExceptionDetails = true;
--------------- Added [DATE]1212125151[/DATE] at [TIME]1212125151[/TIME] ---------------
Here's the code, still rough and with test messages printing.
Replace VBULLETINDATABASE with the name of your vb database
Replace MYSQLLOGIN with your mysql logon name
Replace MYSQLPASSWORD with your mysql password name
That does it, this does work on my site right now, I think the only thing I'm missing is sending people to vb for account creation...
-Wayne
Code:
<?php
ini_set('display_errors', '1');
error_reporting(E_ALL);
/**
* Authentication plugin interface. Instantiate a subclass of AuthPlugin
* and set $wgAuth to it to authenticate against some external tool.
*
* The default behavior is not to do anything, and use the local user
* database for all authentication. A subclass can require that all
* accounts authenticate externally, or use it only as a fallback; also
* you can transparently create internal wiki accounts the first time
* someone logs in who can be authenticated externally.
*
* This interface is new, and might change a bit before 1.4.0 final is
* done...
*
* AuthPlugin extension by Daniel Gravenor c/o HolisticEarth.org
* AuthPlugin original by Kai Backman
*
* @package MediaWiki
*/
require_once("includes/AuthPlugin.php");
$wgHooks['UserLogout'][] = 'fnMyVBLOGOUTHook';
class Auth_remoteuser extends AuthPlugin {
//WAYNE'S STUFF FROM http://www.raskas.be/blog/2006/11/17/mediawiki-remote-user-authentication/
function Auth_remoteuser() {
global $wgExtensionFunctions;
if (!isset($wgExtensionFunctions)) {
$wgExtensionFunctions = array();
} else if (!is_array($wgExtensionFunctions)) {
$wgExtensionFunctions = array( $wgExtensionFunctions );
}
//print "TEST: REMOTE HOOK2\n";
array_push($wgExtensionFunctions, 'Auth_remote_user_hook');
//print "DONE2\n";
return;
}
// Create a persistent DB connection
var $vb_database;
function AuthPlugin_vBulletin($host, $username, $password, $dbname, $prefix) {
global $wgCookiePrefix;
global $exp;
global $wgCookiePath;
global $wgCookieDomain;
global $wgCookieSecure;
global $wgUser;
global $wgRequest;
global $_REQUEST;
$this->vb_database = mysql_pconnect($host, $username, $password);
mysql_select_db($dbname, $this->vb_database);
$this->vb_prefix = $prefix;
// set the usergroups for those who can edit the wiki
$this->allowed_usergroups = Array(2, 5, 6, 7);
// set the usergroups for the administrators
$this->admin_usergroups = Array(6, 9);
$this->user_rights = Array("sysop");
// search pattern to only accept alphanumeric or underscore characters in usernames
// if they have illegal characters, their name cannot exist, period
$this->searchpattern = "/[\#\<\>\[\]\|\{\}/";
//print_r($_COOKIE);
//print "Content-type: text/html\n\n";
//print "bbsessionhash:" . $_COOKIE["bbsessionhash"] . "<br>\n";
//print "bblastvisit:" . $_COOKIE["bblastvisit"] . "<br>\n";
//print "bblastactivity:" . $_COOKIE["bblastactivity"] . "<br>\n";
//print "bbuserid:" . $_COOKIE["bbuserid"] . "<br>\n";
//print "bbpassword:" . $_COOKIE["bbpassword"] . "<br>\n";
}
/**
* Check whether there exists a user account with the given name.
* The name will be normalized to MediaWiki's requirements, so
* you might need to munge it (for instance, for lowercase initial
* letters).
*
* @param string $username
* @return bool
* @access public
*/
function userExists( $username ) {
print "Content-type: text/html TEST1\n\n";
// if no illegal characters are found in their username, then check to see if they exist
if (!preg_match($this->searchpattern, $username)) {
$username = addslashes($username);
$vb_find_user_query = "SELECT usergroupid FROM " . $this->vb_prefix . "user WHERE LOWER(username)=LOWER('" . $username . "')";
$vb_find_result = mysql_query($vb_find_user_query, $this->vb_database);
// make sure that there is only one person with the username
if (mysql_num_rows($vb_find_result) == 1) {
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
// Only registered and admins. Banned and unregistered don't belong here.
if (in_array($vb_userinfo['usergroupid'], $this->allowed_usergroups)) {
return TRUE;
}
}
}
// if no one is registered with that username, or there are more than 1 entries
// or they have illegal characters return FALSE (they do not exist)
return FALSE;
}
/**
* Check if a username+password pair is a valid login.
* The name will be normalized to MediaWiki's requirements, so
* you might need to munge it (for instance, for lowercase initial
* letters).
*
* @param string $username
* @param string $password
* @return bool
* @access public
*/
function authenticate( $username, $password ) {
$searchpattern = "/[\#\<\>\[\]\|\{\}]/";
$dbh = mysql_pconnect("localhost", "MYSQL-LOGON", "MYSQL-PASSWORD");
mysql_select_db("VBULLETINDBNAME", $dbh);
print "Content-type: text/html TEST2\n\n";
// if their name does not contain any illegal characters, let them try to login
if (!preg_match($searchpattern, $username)) {
print "TEST2A\n";
$username = addslashes($username);
$vb_find_user_query = "SELECT password, salt, usergroupid FROM VBULLETINDATABASE.user WHERE LOWER(username)=LOWER('" . $username . "')";
$vb_find_result = mysql_query($vb_find_user_query, $dbh);
if (mysql_num_rows($vb_find_result) == 1) {
print "FOUND!\n";
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
// Only registered and admins. Banned and unregistered don't belong here.
$valid_usergroup_array = array(2, 5, 6, 7);
print "TEST2B\n";
if (in_array($vb_userinfo['usergroupid'], $valid_usergroup_array)) {
if(md5(md5($password) . $vb_userinfo['salt']) == $vb_userinfo['password'])
{
print "AUTH TRUE: NOW WE NEED TO UPDATE VBULLETIN WITH THE LOGIN INFORMATION? OR NOT?\n";
return true;
}
}
}
}
return false;
}
/**
* When a user logs in, optionally fill in preferences and such.
* For instance, you might pull the email address or real name from the
* external user database.
*
* The User object is passed by reference so it can be modified; don't
* forget the & on your function declaration.
*
* @param User $user
* @access public
*/
function updateUser( &$user ) {
print "Content-type: text/html TEST3\n\n";
# Override this and do something
$dbh = mysql_pconnect("localhost", "MYSQL-LOGON", "MYSQL-PASSWORD");
mysql_select_db("VBULLETINDATABASE", $dbh);
$vb_find_user_query = "SELECT usergroupid, membergroupids FROM VBULLETINDATABASE.user WHERE LOWER(username)=LOWER('" . addslashes($user->mName) . "')";
$vb_find_result = mysql_query($vb_find_user_query, $dbh) or print("Could not find username");
if(mysql_num_rows($vb_find_result) == 1) {
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
// go through the users member groups to see if one of them is administrative
$user_membergroups = explode(",", $vb_userinfo['membergroupids']);
$admin_secondary = FALSE;
for ($x = 0; $x < count($user_membergroups); $x++) {
if (in_array($user_membergroups[$x], $this->admin_usergroups)) $admin_secondary = TRUE;
}
if (in_array($vb_userinfo['usergroupid'], $this->admin_usergroups) || $admin_secondary === TRUE) {
// if a user is not a sysop, make them a sysop
if (!in_array("sysop", $user->getEffectiveGroups())) {
$user->addGroup('sysop');
return TRUE;
}
}
// if the user is not an administrator, but they were, and they are still a sysop, remove their sysop status
if (!in_array($vb_userinfo['usergroupid'], $this->admin_usergroups) && $admin_secondary === FALSE) {
if (in_array("sysop", $user->getEffectiveGroups())) {
$user->removeGroup('sysop');
return TRUE;
}
}
}
return FALSE;
}
/**
* Return true if the wiki should create a new local account automatically
* when asked to login a user who doesn't exist locally but does in the
* external auth database.
*
* If you don't automatically create accounts, you must still create
* accounts in some way. It's not possible to authenticate without
* a local account.
*
* This is just a question, and shouldn't perform any actions.
*
* @return bool
* @access public
*/
function autoCreate() {
return true;
}
/**
* Return true to prevent logins that don't authenticate here from being
* checked against the local database's password fields.
*
* This is just a question, and shouldn't perform any actions.
*
* @return bool
* @access public
*/
function strict() {
return true;
}
/**
* When creating a user account, optionally fill in preferences and such.
* For instance, you might pull the email address or real name from the
* external user database.
*
* The User object is passed by reference so it can be modified; don't
* forget the & on your function declaration.
*
* @param User $user
* @access public
*/
function initUser( &$user ) {
print "Content-type: text/html TEST4\n\n";
$vb_find_user_query = "SELECT email, usergroupid FROM " . $this->vb_prefix . "user WHERE LOWER(username)=LOWER('" . addslashes($user->mName) . "')";
$vb_find_result = mysql_query($vb_find_user_query, $this->vb_database);
if(mysql_num_rows($vb_find_result) == 1) {
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
$user->mEmail = $vb_userinfo['email'];
$user->mEmailAuthenticated = wfTimestampNow();
}
}
} // END CLASS
function Auth_remote_user_hook() {
global $wgUser;
global $wgRequest;
global $_REQUEST;
global $wgCookiePrefix;
global $exp;
global $wgCookiePath;
global $wgCookieDomain;
global $wgCookieSecure;
//print_r($_COOKIE);
//print "REMOTE HOOK77";
// For a few special pages, don't do anything.
$title = $wgRequest->getVal('title') ;
if ($title == 'Special:Userlogout' || $title == 'Special:Userlogin') {
//print "TEST101\n";
return;
}
// Do nothing if session is valid
$wgUser = User::newFromSession();
if ($wgUser->isLoggedIn()) {
//print "TEST102\n";
return; // User is already logged in and not anonymous.
}
//print "TEST: WGUSER\n" . $_COOKIE["bbsessionhash"];
$test = new Auth_remoteuser();
$wgAuth = $test->AuthPlugin_vBulletin("localhost", "MYSQL-LOGON", "MYSQL-PASSWORD", "VBULLETINDATABASE", "VBULLETINDATABASE.");
if ($_COOKIE["bbsessionhash"] != "")
{
//print "TEST: IS INT, CONNECT TO DB\n";
$dbh = mysql_pconnect("localhost", "MYSQL-LOGON", "MYSQL-PASSWORD");
mysql_select_db("VBULLETINDATABASE", $dbh);
$vb_find_user_query = "SELECT password, salt, usergroupid, username FROM VBULLETINDATABASE.user WHERE userid IN (select userid from session where sessionhash = '" . $_COOKIE["bbsessionhash"] . "');";
$vb_find_result = mysql_query($vb_find_user_query, $dbh);
//print "SQL: $vb_find_user_query\n";
if (mysql_num_rows($vb_find_result) == 1) {
//print "FOUND";
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
// Only registered and admins. Banned and unregistered don't belong here.
//print "USERNAME: " . $vb_userinfo['username'] ."\n";
setcookie( $wgCookiePrefix.'wikidbUserName', $vb_userinfo['username'], $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
// NEED TO FIX THIS TO BE CONSISTENT
$valid_usergroup_array = array(2, 5, 6, 7);
if (in_array($vb_userinfo['usergroupid'], $valid_usergroup_array))
{
//print "TEST33\n";
//if(md5($vb_userinfo['password'] . COOKIE_SALT) == $_COOKIE["bbpassword"])
// {
//print "LOGGED INTO vB, NOW LOG INTO WIKI";\
// THIS ROUTINE IS CALLED, AND THEN THE PAGE IS REFRESHED
$username = $vb_userinfo['username'];
$u = User::newFromName( $username );
if (is_null($u))
{
# Invalid username or some other error -- force login, just return
//print "INVALID";
return;
}
$wgUser = $u;
if ($u->getId() != 0)
{
$_REQUEST['wpName'] = $username;
# also return, but user is know. set Cookies, et al
$wgUser->setCookies();
$wgUser->saveSettings();
//print "TEST103\n";
return;
#include 'includes/SpecialUserlogin.php';
#$form = new LoginForm( $wgRequest );
#$form->initUser( $wgUser );
#$wgUser->saveSettings();
#return true;
}
//print "TEST77:" . md5(md5($_COOKIE["bbpassword"])) ;
//print "<br>PWD: " . md5($vb_userinfo['password'] . COOKIE_SALT) ."<br> TEST44:" . $_COOKIE["bbpassword"] . "\n";
// }
}
}
}
// Ok, now we need to create a user.
//print "Location: http://forums.pelicanparts.com/newreply.php?do=newreply&noquote=1&p=3801901\n\n";
return;
// $loginForm = new LoginForm($params);
// $result = $loginForm->authenticateUserData();
// if ($result != LoginForm::SUCCESS) {
// error_log('Unexpected REMOTE_USER authentication failure.');
// return;
// }
}
function fnMyVBLOGOUTHook(&$user)
{
global $wgCookiePrefix;
global $exp;
global $wgCookiePath;
global $wgCookieDomain;
global $wgCookieSecure;
//print "LOGOUT HOOK";
setcookie('bbsessionhash', '', $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
setcookie('bblastvisit', '', $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
setcookie('bblastactivity', '', $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
setcookie('bbuserid', '', $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
setcookie('bbpassword', '', $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
return true;
}
#class AuthPlugin_vBulletin extends AuthPlugin {
?>
|
More Information