This authentication backend'll enable your DokuWiki to authenticate using the drupal database.
<?php
/**
* Drupal authentication backend
*
* Use drupal as an authentication backend.
*
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
* @author Mohammed Sameer <msameer@foolab.org>
*/
// TODO: Currently, Each time we have to connct to the db twice, one to auth the
// user and the 2nd to get the info ??
// Groups with spaces'll screw us.
// ChangeLog:
// 2005-12-23: Use header(); instead of redirect();
// 2006-07-23: Ported to the new dokuwiki auth code.
// use mysql_real_escape_string()
// We now get the groups using a join instead of multiple queries.
// 2006-08-24: in getUserData(): Check that we have results when we try to get
// the user details from the database (Thanks Matthew Robinson of fone-me.com)
// 2006-08-30: Check that the user isn't blocked. Thanks alienbrain of EGLUG for the note.
// 2007-01-29: urldecode the username, password, hostname and path (Thanks Walter G).
// 2007-06-29: $db_url for drupal can be an array, we now account for this.
class auth_drupal extends auth_basic {
var $url = array();
// Constructor.
function auth_drupal() {
global $conf;
// This is a hack because drupal is using ini_set in the $drupal_file
// and php'll complain
$ini = ini_get("error_reporting");
ini_set("error_reporting", 0);
$drupal_file = $conf['auth']['drupal']['file'];
include ($drupal_file);
ini_set("error_reporting", $ini);
// http://drupal.org/node/18429
$this->url = parse_url(is_array($db_url) ? $db_url['default'] : $db_url);
$this->url['path'] = substr($this->url['path'], 1);
$this->url['db_prefix'] = $db_prefix;
//Adapted from the Drupal database.mysql.inc code
//Decode url-encoded information in the db connection string
$this->url['user'] = urldecode($this->url['user']);
// Test if database url has a password.
if(isset($this->url['pass'])) {
$this->url['pass'] = urldecode($this->url['pass']);
} else {
$this->url['pass'] = '';
}
$this->url['host'] = urldecode($this->url['host']);
$this->url['path'] = urldecode($this->url['path']);
// Establish the connection.
$this->url['link'] = mysql_connect($this->url['host'], $this->url['user'], $this->url['pass']);
if (!$this->url['link']) {
msg('Could not connect: ' . mysql_error());
$this->success = false;
return;
}
if (!
mysql_select_db($this->url['path'], $this->url['link'])) {
msg('Can\'t select the database: ' . mysql_error());
$this->success = false;
return;
}
// Note: No capabilities. We only handle authentication.
// Fuck php4. No Destructor.
register_shutdown_function("auth_drupal_disconnect", $this);
}
/**
* Check user+password [required auth function]
*
* Checks if the given user exists and the given
* plaintext password is correct
*
* @author Mohammed Sameer <msameer@foolab.org>
* @return bool
*/
function checkPass($user,$pass)
{
$user = mysql_real_escape_string($user, $this->url['link']);
$password = mysql_real_escape_string(md5($pass), $this->url['link']);
$result = mysql_query("SELECT uid FROM ".$url['db_prefix']."users WHERE name = "$user" AND pass = "$password" AND status=1");
if (!$result)
{
msg('Invalid query: ' . mysql_error());
$this->disconnect();
return false;
}
$num = mysql_num_rows($result);
//$this->disconnect();
return ($num == 0 ? false : true);
}
/**
* Return user info [required auth function]
* at least these fields:
*
* name string full name of the user
* mail string email addres of the user
* grps array list of groups the user is in
*
* @author Mohammed Sameer <msameer@foolab.org>
*/
function getUserData($user) {
$info['name'] = $user;
$result = mysql_query("SELECT uid, mail FROM ".$url['db_prefix']."users WHERE name = "".mysql_real_escape_string($user, $this->url['link']).""");
if (!$result)
{
msg('Invalid query: ' . mysql_error());
$this->disconnect();
return false;
}
// This shouldn't fail but who knows ?
$tmp = mysql_fetch_row($result);
if (!$tmp)
return false;
$uid = $tmp[0];
// FILL THE EMAIL.
$info['mail'] = $tmp[1];
// Now let's get the groups of the user.
$result = mysql_query("select r.name from role r inner join users_roles u on u.rid=r.rid and u.uid=$uid");
if (!
$result)
{
msg('Invalid query: ' . mysql_error());
$this->disconnect();
return false;
}
while($tmp = mysql_fetch_row($result))
$info['grps'][] = $tmp[0];
// $this->disconnect();
return $info;
}
}
/**
* Disconnect from the database.
* @author Mohammed Sameer <msameer@foolab.org>
*/
function auth_drupal_disconnect($obj) {
mysql_close($obj->url['link']);
}
?>
- 84235 views
Add new comment