[Vig]

I put together a basic plugin to reuse HTTP Auth for vBulletin login. In our environment, the webserver has HTTP Auth to access it and PHP shares the username and password as $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'].

In the admin control panel, I created a new plugin named "HTTP Authentication" attached to the global_bootstrap_init_complete hook:

Code:

error_reporting(E_ALL & ~E_NOTICE);

// some basic requirements
require_once(DIR . '/includes/functions_login.php');

$newuser =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY);
$newuser->set('username', $_SERVER["PHP_AUTH_USER"]);
$newuser->set('password', $_SERVER["PHP_AUTH_PW"]);
$newuser->set('email', $_SERVER["PHP_AUTH_USER"]);
$newuser->set('usergroupid', 2);
$newuser->set('timezoneoffset', -6);
$newuser->set('showblogcss', 1);
$newuser->pre_save();

$vbulletin->GPC['vb_login_username'] = $_SERVER["PHP_AUTH_USER"]; //$vbulletin->GPC['vb_login_username'];
$vbulletin->GPC['cookieuser'] = $_SERVER["PHP_AUTH_USER"]; //$vbulletin->GPC['vb_login_username'];
$vbulletin->GPC['cookieuser'] = 1;

// try to create the user in vBulletin; if it works save the dataset else just login
if (empty($newuser->errors))
{
    $newuser->set_info('coppauser', false);
    $vbulletin->userinfo['userid'] = $newuser->save();
}

verify_authentication($vbulletin->GPC['vb_login_username'], '','','',$vbulletin->GPC['cookieuser'], true);
exec_unstrike_user($vbulletin->GPC['vb_login_username']);
process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']);

Current problem:

When logged in with the above method, the CSS/display isn't quite right. The "Home", "Forum", "Blogs", etc is on the right and the search box on the left. When logged in with the admin account or not logged in at all, the search box is on the right and the "Home", "Forum", etc is on the left.

So somehow things are getting swapped right to left with the above code...

--------------- Added [DATE]1264656982[/DATE] at [TIME]1264656982[/TIME] ---------------

If I attach this plugin to the "global_complete" hook location the CSS is not affected so it looks like that was the issue.

--------------- Added [DATE]1264723923[/DATE] at [TIME]1264723923[/TIME] ---------------

Updated version: This version uses the same password for everyone. Sounds crazy right? Well HTTP Authentication has to work 100% on our site to ensure security. So nobody can login as anyone else unless they can do so also via HTTP Auth. So the plugin now sets the same password for everyone. The reason for this is that it can now handle the case where the HTTP Auth password changes.

The cleaner way would be to update the password in the vBulletin system when the login fails however I do not know how to do that yet.

Code:

rror_reporting(E_ALL & ~E_NOTICE);

// some basic requirements
require(DIR . '/includes/functions_login.php');

$newuser =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY);
$newuser->set('username', $_SERVER['PHP_AUTH_USER']);
$newuser->set('password', 'SOME_STRING_HERE');  // http auth is 100% of security, to avoid password issues when passwords change...
$newuser->set('email', $_SERVER['PHP_AUTH_USER']);
$newuser->set('usergroupid', 2);
$newuser->set('timezoneoffset', -6);
$newuser->set('showblogcss', true);
$newuser->set('styleid', 1);
$newuser->pre_save();

$vbulletin->GPC['vb_login_username'] = $_SERVER['PHP_AUTH_USER'];
$vbulletin->GPC['cookieuser'] = $_SERVER['PHP_AUTH_USER'];
$vbulletin->GPC['cssprefs'] = '';

// try to create the user in vBulletin; if it works save the dataset else just login
if (empty($newuser->errors))
{
    $newuser->set_info('coppauser', false);
    $vbulletin->userinfo['userid'] = $newuser->save();
}

verify_authentication($vbulletin->GPC['vb_login_username'], '','','',$vbulletin->GPC['cookieuser'], true);
exec_unstrike_user($vbulletin->GPC['vb_login_username']);
process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']);