Recent Changes - Search:

Cookbook

PmWiki

pmwiki.org

Cookbook /

Auth-SMF

Summary: Integrate SMF Simple Machines Forum with PmWiki and use SMF user management for Pmwiki authentication
Version: 2008-06-27
Prerequisites: SQL support, Simple Machines Forum
Status: new
Maintainer: HansB
Categories: Administration Forum Security

Questions answered by this recipe

How can I integrate SMF Simple Machines Forum with PmWiki?
How can I create a single sign-on/log-on for both Pmwiki and SMF?

Description

This recipe integrates SMF with PmWiki and uses SMF's user management for PmWiki's AuthUser authentication

Installation

  1. Install SMF Simple Machines Forum in its own directory. Preferably into directory smf/ in your site root (the following script is using this, but it could be changed).
  2. Edit the SMF Settings.php file manually and add to section 'Forum Info' below $boardurl = ...
    $scripturl = $boardurl . '/index.php'; //URL of SMF board script
  3. Make sure SMF runs.
  4. Download and copy auth-smf.phpΔ to your cookbook directory.
  5. Add to config.php, preferably early on (adjust path to SMF root directory as needed):
    $SMFDir = "../smf"; //path to SMF root directory
    include_once("$FarmD/cookbook/auth-smf.php");
  6. Add default passwords for @admin and @editor groups, as these are authenticated. Add to config.php after the above inclusion of cookbook/auth-smf.php (authuser.php is included from within auth-smf.php):
    $DefaultPasswords['admin'] = '@admin';
    $DefaultPasswords['edit'] = '@editor';
  7. Test everything. Try some page variables in a wiki page to see what PmWiki allocates by the SMF login process, try editing under various authentications:
    *AuthId: {$AuthId}
    *Author: {$Author}
    *{$UserName}: {$UserEmail}

Usage

The script auth-smf.php integrates user authentication of PmWiki with SMF.
Logging into SMF logs you also into Pmwiki, and vice versa.
The authentication is used in PmWiki, using it's AuthUser script (included via auth-smf.php).
Logging out of SMF also logs out of PmWiki.
New users get added as new forum members via the SMF registration process. No separate authuser list needs to be kept by PmWiki.
PmWiki ?action=login and ?action=logout will also log into or log out off SMF.
A login form specified on a page Site.SMFAuthForm will be used if present (see example below).

  • A SMF Administrator (ID_GROUP = 1) will be assigned to PmWiki @admin auth group.
  • A SMF Global Moderator (ID_GROUP = 2) will be assigned to PmWiki @editor auth group.

You can set your Pmwiki default passwords in config.php accordingly:

$DefaultPasswords['admin'] = '@admin';
$DefaultPasswords['edit'] = '@editor';

Normal forum members will not have wiki edit permissions in this setup! If they should have edit permissions, in auth-smf.php the following line

if ($user_settings['ID_GROUP'] == 2) {

needs to be changed to

if ($user_settings['ID_GROUP']==2 || $user_settings['ID_GROUP']==0) {

Example for Site.SMFAuthForm

'''$[User Name & Password required]'''
(:messages:)
(:if enabled InvalidLogin:)* $[Name/password not recognized]
(:if:)
(:input smf_auth_form:)
(:input hidden cookielength -1:)
||width=12em
||$[User Name]: ||(:input text id=user name=user:) ||
||$[Password]: ||(:input password id=passwrd name=passwrd:) ||
|| ||(:input submit value='Login':) ||
(:input end:)

SMF includes

The SMF file SSI.php provides a number of 'content includes', which can be used by special markup inside Pmwiki pages to provide hooks into SMF, like a login form, welcome message, logout link, forum search form, menu bar, tabulatd recent posts, recent topics, top topics views etc.

Use the generic markup (:smf-SSIfunction:), replace SSIfunction with the function name of your choosing, but without the ssi_ prefix. You can also add arguments if the function accepts them, like (:smf-recentPosts 10:), which will display a table with links to the latest 10 forum posts in the wiki page. The directives listing links to posts and topics etc accept a number as argument, the login and logout directives accept a full url for redirection.

Here are some examples of possible smf markup directives:

(:smf-welcome:)welcome message
(:smf-login:)login form, redirecting to SMF boards page
(:smf-login {$PageUrl}:)login form, redirecting to current page
(:smf-logout:)logout link
(:smf-quickSearch:)forum quick search box
(:smf-latestMember:)welcome to latest Member
(:smf-news:)news message
(:smf-menubar:)forum menubar
(:smf-recentPosts:)links to recent forum posts
(:smf-recentTopics:)links to recent forum topics
(:smf-topTopicsViews :)links to forum top topics views
(:smf-recentEvents:)actually displays recent posts with full content

Full list of smf markups: 

(:smf-shutdown:)
(:smf-welcome:)
(:smf-menubar:)
(:smf-logout:)
(:smf-recentPosts:)
(:smf-recentTopics:)
(:smf-topPoster:)
(:smf-topBoards:)
(:smf-topTopics:)
(:smf-topTopicsReplies:)
 
(:smf-topTopicsViews:)
(:smf-latestMember:)
(:smf-boardStats:)
(:smf-whosOnline:)
(:smf-logOnline:)
(:smf-login:)
(:smf-topPoll:)
(:smf-recentPoll:)
(:smf-showPoll:)
(:smf-pollVote:)
 
(:smf-quickSearch:)
(:smf-news:)
(:smf-todaysBirthdays:)
(:smf-todaysHolidays:)
(:smf-todaysEvents:)
(:smf-todaysCalendar:)
(:smf-boardNews:)
(:smf-recentEvents:)
(:smf-checkPassword:)

Additional page variables

{$AuthId}
displays the authenticated user/forum member in a wiki page (defined in Pmwiki).
{$UserName}
displays the user/member's real name as used in the forum, which can be distinct from the user's login id (AuthId, or memberName in SMF).
{$UserEmail}
displays the user/member's email address. I thought this may come handy for creating special mailing lists using FoxNotify etc.

Other user settings could be added as page variables, by creating similar definitions as I did for above in auth-smf.php. If you like to explore the possibilities, uncomment the line with echo .... $user_settings.. to see what user settings are available in SMF.

Notes

Release Notes

If the recipe has multiple releases, then release notes can be placed here. Note that it's often easier for people to work with "release dates" instead of "version numbers".

See Also

Contributors

Comments

Hello Hans, I installed everything and it nearly worked. So I can display the post, topics, new and so on from smf on my page, but if I include the entries you mention in my local config.php I can't edit my wiki anymore. There is a prompt for user and password and I couldn't manage to get in, until I delete the smf entries in my local config.php. Is this maybe a bug? Thanks --MatthiasGünther

Have you set edit permissions for the wiki? Add to config.php:

$DefaultPasswords['admin'] = '@admin';
$DefaultPasswords['edit'] = '@editor';

For testing, put into a wiki page 

*AuthId: {$AuthId}
*Author: {$Author}
*{$UserName}: {$UserEmail}
HansB June 27, 2008, at 09:38 AM
Hello Hans, the {$Author}and {$UserName}: {$UserEmail} are correct but the {$AuthId} show the same entry as {$Author} --MatthiasGünther

That will be the case if in SMF your login name is the same as your "real name". Are the default passwords set after including auth-smf.php? -HansB

Hello Hans, yes I insert them after including auth-smf.php. Nevertheless if I change $DefaultPasswords['edit'] = '@editor'; to $DefaultPasswords['edit'] = 'bla'; the output is the same. --MatthiasGünther

$DefaultPasswords['edit'] = crypt('bla'); would make bla the general edit password.
$DefaultPasswords['edit'] = array('@editor', crypt('bla')); would make bla the general edit password and also all who are authenticated as @editor, i.e. SMF members of the Global moderator group.

Hello Hans, now it works. I had annother DefaultPasswords['admin'] in my config.php, such a stupid mistake :). Thanks for your help --MatthiasGünther

Hi,

I installed the software as per your instructions above and apart from making the same error as Matthias it now all works almost perfectly. The only proviso is:

  1. When I log-in I am taken to the Forum home page
  2. When I log-out I am taken to the Wiki home page

I have the following in my Page Top Menu: 

(:if equal {$AuthId} guest:)
* Welcome guest | [[{*$FullName}?action=login | Log In]]
(:if ! equal {$AuthId} guest:)
* [[{*$FullName}?action=logout | Log Out {$AuthId}]]
* %rel=nofollow accesskey=$[ak_edit]%[[{*$FullName}?action=edit | $[Edit] ]]

Is there a 'fix' for this such that I can in each case actually stay on the same page as I was before I hit the log-in / log-out button.

DaveCooke

webmaster@classic-sf.co.uk

Edit - History - Print - Recent Changes - Search
Page last modified on September 12, 2008, at 09:28 AM