Do you want to use vBulletin's user database with your MediaWiki? You might like this.
I have taken Kai Backman's MediaWiki authentication plugin idea, fixed coding errors, and expanded greatly on it.
Working on:
vBulletin 3.5.4 and MediaWiki 1.6.3
Features:
Allows you to run MediaWiki with your vBulletin user database
Disallows users with invalid username characters
Disallows users who are not part of specified usergroups
Sets users to sysop status in MediaWiki if they are part of a specified admin usergroup
Removes users from sysop status in MediaWiki if they no longer are a part of a specified admin usergroup
For same-database setups, allows easy installation
Possible Future Features: These are possible features for inclusion in the how-to in the future. They have not been investigated for their feasibility, but are here to let you know they have been requested and I am thinking about them. If you know how to add the features, please let us know.
No-login required (automatic) integration
Option: User profile field points to, or has option to link to vBulletin profile
To register, link the user to vBulletin's registration script on the login pages
Optional: On boards that already have existing users, somehow have their usernames changed so that they are only alphanumeric. This is required if you wish your users to be able to login and edit the wiki using their vBulletin username. The reason you have to do this is because MediaWiki has some Restrictions on what can go in a page title, and as usernames have to be passed as page titles, they also have to adhere to the same restrictions. If you do not change the usernames, I have included a check to not allow users to login if their username contains non-alphanumeric characters.
Open your wiki/LocalSettings.php file
Insert the following code at the end of the file, before the ?>:
PHP Code:
# vBulletin integration script
require_once("AuthPlugin_vBulletin.php");
// if vBulletin and MediaWiki are not installed on the same database
// change these values to reflect your vBulletin database information
$wgAuth = new AuthPlugin_vBulletin($wgDBserver, $wgDBuser, $wgDBpassword, $wgDBname, "vb_");
If you are running vBulletin and MediaWiki in the same database, then it already uses the connection information.
If you are not running vBulletin and MediaWiki in the same database, please change the strings to reflect your vBulletin database information.
In either case, the last value is whatever your vBulletin table prefix is.
Insert this code below the require_once( "includes/DefaultSettings.php" ); at the top of the LocalSettings.php file:
This prevents people from registering new accounts on the wiki, requiring people to register on vBulletin. It also prevents anonymous edits. This code may only work on MediaWiki 1.5.x and above, but I am unsure.
Download the AuthPlugin_vBulletin.php file and put it in your main wiki directory, ie: /wiki/AuthPlugin_vBulletin.php
Please let me know if this was helpful, or if you can expand on this code.
Login error:Incorrect password entered. Please try again
This is what the AuthPlugin_Vbulletin.php file looks like:
Quote:
<?php
/**
* Authentication plugin interface. Instantiate a subclass of AuthPlugin
* and set $wgAuth to it to authenticate against some external tool.
*
* The default behavior is not to do anything, and use the local user
* database for all authentication. A subclass can require that all
* accounts authenticate externally, or use it only as a fallback; also
* you can transparently create internal wiki accounts the first time
* someone logs in who can be authenticated externally.
*
* This interface is new, and might change a bit before 1.4.0 final is
* done...
*
* AuthPlugin extension by Daniel Gravenor c/o HolisticEarth.org
* AuthPlugin original by Kai Backman
*
* @package MediaWiki
*/
require_once("includes/AuthPlugin.php");
class AuthPlugin_vBulletin extends AuthPlugin {
// Create a persistent DB connection
var $vb_database;
function AuthPlugin_vBulletin($host, $username, $password, $dbname, $prefix) {
$this->vb_database = mysql_pconnect($host, $username, $password);
mysql_select_db($dbname, $this->vb_database);
$this->vb_prefix = $prefix;
// set the usergroups for those who can edit the wiki
$this->allowed_usergroups = Array(29);
// set the usergroups for the administrators
$this->admin_usergroups = Array(6, 9);
$this->user_rights = Array("sysop");
// search pattern to only accept alphanumeric or underscore characters in usernames
// if they have illegal characters, their name cannot exist, period
$this->searchpattern = "/[^a-zA-Z0-9]+/";
}
/**
* Check whether there exists a user account with the given name.
* The name will be normalized to MediaWiki's requirements, so
* you might need to munge it (for instance, for lowercase initial
* letters).
*
* @param string $username
* @return bool
* @access public
*/
function userExists( $username ) {
// if no illegal characters are found in their username, then check to see if they exist
if (!preg_match($this->searchpattern, $username)) {
$username = addslashes($username);
$vb_find_user_query = "SELECT usergroupid FROM " . $this->vb_prefix . "user WHERE LOWER(username)=LOWER('" . $username . "')";
$vb_find_result = mysql_query($vb_find_user_query, $this->vb_database);
// make sure that there is only one person with the username
if (mysql_num_rows($vb_find_result) == 1) {
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
// Only registered and admins. Banned and unregistered don't belong here.
$vb_usergroups = explode(",", $vb_userinfo['membergroupids']); // make an array of membergroupids
$vb_usergroups[] = $vb_userinfo['usergroupid']; // add the primary usergroup to the array
foreach ( $vb_usergroups as $vb_groupiter )
if (in_array( $vb_groupiter, $this->allowed_usergroups)) {
return TRUE;
}
}
}
// if no one is registered with that username, or there are more than 1 entries
// or they have illegal characters return FALSE (they do not exist)
return FALSE;
}
/**
* Check if a username+password pair is a valid login.
* The name will be normalized to MediaWiki's requirements, so
* you might need to munge it (for instance, for lowercase initial
* letters).
*
* @param string $username
* @param string $password
* @return bool
* @access public
*/
function authenticate( $username, $password ) {
// if their name does not contain any illegal characters, let them try to login
if (!preg_match($this->searchpattern, $username)) {
$username = addslashes($username);
$vb_find_user_query = "SELECT password, salt, usergroupid FROM " . $this->vb_prefix . "user WHERE LOWER(username)=LOWER('" . $username . "')";
$vb_find_result = mysql_query($vb_find_user_query, $this->vb_database);
if (mysql_num_rows($vb_find_result) == 1) {
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
// Only registered and admins. Banned and unregistered don't belong here.
$vb_usergroups = explode(",", $vb_userinfo['membergroupids']); // make an array of membergroupids
$vb_usergroups[] = $vb_userinfo['usergroupid']; // add the primary usergroup to the array
foreach ( $vb_usergroups as $vb_groupiter )
if (in_array( $vb_groupiter, $this->allowed_usergroups)) {
return TRUE;
if(md5(md5($password) . $vb_userinfo['salt']) == $vb_userinfo['password']) return true;
}
}
}
return false;
}
/**
* When a user logs in, optionally fill in preferences and such.
* For instance, you might pull the email address or real name from the
* external user database.
*
* The User object is passed by reference so it can be modified; don't
* forget the & on your function declaration.
*
* @param User $user
* @access public
*/
function updateUser( &$user ) {
# Override this and do something
$vb_find_user_query = "SELECT usergroupid, membergroupids FROM " . $this->vb_prefix . "user WHERE LOWER(username)=LOWER('" . addslashes($user->mName) . "')";
$vb_find_result = mysql_query($vb_find_user_query, $this->vb_database) or die("Could not find username");
if(mysql_num_rows($vb_find_result) == 1) {
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
// go through the users member groups to see if one of them is administrative
$user_membergroups = explode(",", $vb_userinfo['membergroupids']);
$admin_secondary = FALSE;
for ($x = 0; $x < count($user_membergroups); $x++) {
if (in_array($user_membergroups[$x], $this->admin_usergroups)) $admin_secondary = TRUE;
}
if (in_array($vb_userinfo['usergroupid'], $this->admin_usergroups) || $admin_secondary === TRUE) {
// if a user is not a sysop, make them a sysop
if (!in_array("sysop", $user->getEffectiveGroups())) {
$user->addGroup('sysop');
return TRUE;
}
}
// if the user is not an administrator, but they were, and they are still a sysop, remove their sysop status
if (!in_array($vb_userinfo['usergroupid'], $this->admin_usergroups) && $admin_secondary === FALSE) {
if (in_array("sysop", $user->getEffectiveGroups())) {
$user->removeGroup('sysop');
return TRUE;
}
}
}
return FALSE;
}
/**
* Return true if the wiki should create a new local account automatically
* when asked to login a user who doesn't exist locally but does in the
* external auth database.
*
* If you don't automatically create accounts, you must still create
* accounts in some way. It's not possible to authenticate without
* a local account.
*
* This is just a question, and shouldn't perform any actions.
*
* @return bool
* @access public
*/
function autoCreate() {
return true;
}
/**
* Return true to prevent logins that don't authenticate here from being
* checked against the local database's password fields.
*
* This is just a question, and shouldn't perform any actions.
*
* @return bool
* @access public
*/
function strict() {
return true;
}
/**
* When creating a user account, optionally fill in preferences and such.
* For instance, you might pull the email address or real name from the
* external user database.
*
* The User object is passed by reference so it can be modified; don't
* forget the & on your function declaration.
*
* @param User $user
* @access public
*/
function initUser( &$user ) {
$vb_find_user_query = "SELECT email, usergroupid FROM " . $this->vb_prefix . "user WHERE LOWER(username)=LOWER('" . addslashes($user->mName) . "')";
$vb_find_result = mysql_query($vb_find_user_query, $this->vb_database);
if(mysql_num_rows($vb_find_result) == 1) {
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
$user->mEmail = $vb_userinfo['email'];
$user->mEmailAuthenticated = wfTimestampNow();
}
}
}
?>
:-) If I had dedicated some time to test the changes I was suggesting, we would have had it working by now... If this time it doesn't work, I will take the time to test it before my next post... <g>
Now, realize that this AuthPlugin_vBulletin was not written by me, and as such, the original author may not like/agree with my suggestions...
In the original code, the function authenticate checks for the allowed_usergroups. I personally think that this is not needed, since 'userExists' is always called before 'authenticate'.
Try changing the function 'authenticate' for the following code. Let me know if it doesn't work, and I will try it on my test server.
Code:
function authenticate( $username, $password ) {
// if their name does not contain any illegal characters, let them try to login
if (!preg_match($this->searchpattern, $username)) {
$username = addslashes($username);
$vb_find_user_query = "SELECT password, salt, usergroupid FROM " . $this->vb_prefix . "user WHERE LOWER(username)=LOWER('" . $username . "')";
$vb_find_result = mysql_query($vb_find_user_query, $this->vb_database);
if (mysql_num_rows($vb_find_result) == 1) {
$vb_userinfo = mysql_fetch_assoc($vb_find_result);
mysql_free_result($vb_find_result);
// check password
if(md5(md5($password) . $vb_userinfo['salt']) == $vb_userinfo['password']) return true;
}
}
return false;
}
3.5.7 board. For security I recently changed the DB username and password... The integration is no longer working.
I'm getting "Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/totalli/public_html/wiki/AuthPlugin_vBulletin.php on line 73" and "The password you entered is incorrect (or missing). Please try again" errors upon trying to log in.
Does this solution allow users to login to MW and vBulletin on the same domain with a single login? I want MW to be separate from, rather than integrated into, vBulletin, but with a single login.
04-13-2006, 10:00 PM
08-21-2006, 03:53 PM
