<?php
if (!defined('PmWiki') || !defined ('PhpbbRootPath')) {
exit ();
}
$RecipeInfo['AuthPhpbb2Sso']['Version'] = '080401';
$phpbb_root_path = PhpbbRootPath;
// Include the required phpBB files
define('IN_PHPBB', true); // Or the phpBB scripts will report a "hacking attempt"
include_once ($phpbb_root_path . '/extension.inc'); // Necessary to get the php file extension
require_once ($phpbb_root_path . "/config.$phpEx"); // Get all db related information
require_once ($phpbb_root_path . "/includes/db.$phpEx"); // Define and instantiate the $db object
require_once ($phpbb_root_path . "/includes/constants.$phpEx"); // Get constants for table names etc.
require_once ($phpbb_root_path . "/includes/sessions.$phpEx"); // Functions for sessions
// Read the config table into the board_config array
$board_config = GetBoardConfig();
// To start a session we need the IP address of the client
$user_ip = encode_ip(( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') ));
// Now start a phpBB session
// Registered page number in the sessions table is -20. phpBB2 itself uses 0 till -11
$userdata = session_pagestart($user_ip, -20);
// We now have the $userdata array to play with, as per phpBB2. The array contains the user and session
// information from phpBB.
// Restrict admin pages to phpBB Administrators
SDV($PhpbbAdminGroup, 'siteadmin');
$DefaultPasswords['admin'] = '@' . $PhpbbAdminGroup;
// Suffix for group moderator groups
SDV ($PhpbbGroupModSuffix, 'Moderator');
// Set the author name as used by PMwiki. Author name will be set to 'anonymous' if the
// user is not signed in.
$Author = $userdata['username'];
// Populate variables for AuthUser. Only if the login succeeded, or the user
// will appear to AuthUser as an authenticated used named "anonymous".
if ($userdata['session_logged_in'] == 1) {
$AuthId = $userdata['username'];
AddPhpbbGroups($userdata['user_id']);
if ($userdata['user_level'] == 1) {
$AuthList ['@' . $PhpbbAdminGroup] = 1;
}
}
// Include AuthUser for authorization
require_once ("scripts/authuser.php");
// Set some variables that can be used in the PmWiki templates to visually integrate PmWiki and phpBB:
$SiteUrl = (($board_config['cookie_secure'] ) ? 'https://' : 'http://')
. trim($board_config['server_name'])
. (( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) : '');
$PhpbbUrl = $SiteUrl . '/' . preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path']));
$PhpbbStyleName = PhpbbStyleInfo('style_name');
$PhpbbTemplate = PhpbbStyleInfo('template_name');
$PhpbbStylesheet = PhpbbStyleInfo('head_stylesheet');
// Inherit compression setting from phpBB
InheritGzip ();
// Handle clients with disabled cookies
if (append_sid('') != '') {
// Buffer the page and append the "sid=" parameter to all local urls after
// the page is complete. Contents of the page are passed through the
// AddSid() function before being send to the client.
ob_start('AddSid');
// Append sid to redirect URL after editing a page. This is passed through
// a header("Location ..."), which cannot be altered by the output buffering
// function AddSid().
$EditRedirectFmt = append_sid('$FullName');
}
// ------------------------------------------------------------------------------------------
//Functions
// Get and set time settings from phpBB:
// * Time and date format
// * Timezone
// * Set format of new entries in the RecentChanges page so new entries are localizable.
function UsePhpbbDateSettings () {
global $TimeFmt, $board_config, $userdata, $RecentChangesFmt;
// Time format, convert from date() to strfdate()
$dateformatcnv = array('d' => '%d', 'D' => '%a', 'j' => '%e', 'l' => '%A', 'N' => '%u',
'w' => '%w', 'W' => '%V', 'F' => '%B', 'm' => '%I', 'M' => '%b',
'n' => '%e', 'o' => '%G', 'Y' => '%Y', 'y' => '%y', 'a' => '%p',
'A' => '%p', 'g' => '%I', 'G' => '%H', 'h' => '%I', 'H' => '%H',
'i' => '%M', 's' => '%S', 'c' => '%Y-%I-%dT%H:%M:%S',
'r' => '%a, %e %b %Y %H:%M:%S');
if ($userdata['user_dateformat'] != '') {
$TimeFmt = strtr($userdata['user_dateformat'], $dateformatcnv);
}
else {
$TimeFmt = strtr($board_config['default_dateformat'], $dateformatcnv);
}
// Timezone
$timezone = -1 * $userdata['user_timezone'];
if ($timezone > 0) {
$timezone = "+$timezone";
}
putenv("TZ=Etc/GMT$timezone");
// Localizable new entries in RecentChanges pages.
$RecentChangesFmt['$SiteGroup.AllRecentChanges'] =
'* [[{$Group}.{$Name}]] . . . {(ftime when="@' . time() . '")} $[by] $AuthorLink: [=$ChangeSummary=]';
$RecentChangesFmt['$Group.RecentChanges'] =
'* [[{$Group}/{$Name}]] . . . {(ftime when="@' . time() . '")} $[by] $AuthorLink: [=$ChangeSummary=]';
$DraftRecentChangesFmt['$Group.RecentDraftChanges'] =
'* [[{$Group}/{$Name}]] . . . {(ftime when="@' . time() . '")} $[by] $AuthorLink: [=$ChangeSummary=]';
}
// Returns information about the theme to be used.
function PhpbbStyleInfo($item) {
global $db, $userdata, $board_config;
static $row;
if (!is_array ($row)) {
if ($userdata['session_logged_in'] == 1) {
$themes_id = $userdata['user_style'];
}
else {
$themes_id = $board_config['default_style'];
}
$sql = "SELECT template_name, head_stylesheet, style_name FROM " . THEMES_TABLE . " WHERE themes_id = $themes_id";
$rowset = $db->sql_query($sql);
$row = $db->sql_fetchrow($rowset) or die ("Error retrieving theme name");
}
return $row[$item];
}
// Read the board cofiguration from the database and pass back
// as an array.
function GetBoardConfig() {
global $db;
$sql = "SELECT * FROM " . CONFIG_TABLE;
$rowset = $db->sql_query($sql);
while ( $row = $db->sql_fetchrow($rowset) ) {
$board_config[$row['config_name']] = $row['config_value'];
}
return $board_config;
}
// Function to create a link to the members profile in the forum on wiki pages.
//
// This can be used with the [[~username]] markup. To activate, add the following line
// to your PmWiki local/config.php:
// Markup ('[[~', '<links','/\\[\\[~(.*?)\\]\\]/e', "PhpbbUserProfile('$1')");
function PhpbbUserProfile ($username) {
global $db, $PhpbbUrl, $phpEx;
// Double quotes are passed escaped (\"), but these are stored as """ in the database
$username = str_replace('\"', '"', $username);
$sql = "SELECT user_id
FROM " . USERS_TABLE . "
WHERE username = \"$username\"";
$rowset = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($rowset)) {
// Found the userID, now pass PmWiki link markup for further processing.
return "[[$PhpbbUrl/profile.$phpEx?mode=viewprofile&u=" . $row['user_id'] . " | $username]]";
}
else {
// If no member was found, just return the name.
return $username;
}
}
// Adds the phpBB group memberships to the $AuthList array
function AddPhpbbGroups($UserId) {
global $db, $AuthList, $PhpbbGroupModSuffix;
$result = array();
$sql = "SELECT g.group_name
, g.group_moderator
FROM " . GROUPS_TABLE . " g
, " . USER_GROUP_TABLE . " ug
WHERE ug.group_id = g.group_id
AND ug.user_id = $UserId
AND g.group_single_user = 0
AND user_pending = 0";
$rowset = $db->sql_query($sql);
while ( $row = $db->sql_fetchrow($rowset) ) {
$AuthList['@' . $row['group_name']] = 1;
if ($row['group_moderator'] == $UserId) {
$AuthList['@' . $row['group_name'] . $PhpbbGroupModSuffix] = 1;
}
}
}
// Output Buffer processor for clients with disabled cookies.
// Add the sesion identifier (sid=) to all links pointing to the local site.
// If the client disabled cookies, this function is called through the
// ob_start() function after the page is complete. The $content variable
// will contain the entire page.
function AddSid ($content) {
global $SiteUrl;
if ((strpos($content, "<meta http-equiv='Refresh'")) === FALSE) {
// Regular page, replace all links
$content = ProcessTag ($content, '<a ', "href='");
$content = ProcessTag ($content, '<form ', "action='");
}
else {
// Page from the Redirect() function, replace the link. The header
// will already be sent, this is handled by the $EditRedirectFmt var.
$content = ProcessTag ($content, "<meta http-equiv='Refresh'", 'URL=');
}
return $content;
}
// Process a specified tag to add the session identifier
function ProcessTag ($content, $tag, $parameter) {
global $SiteUrl;
// Split the page into an array, each element starting with the tag
$links = explode($tag, $content);
// Now process the array
for ($i = 0; $i < count($links); $i++)
{
$parstart = strpos($links[$i], $parameter);
if (! ($parstart === FALSE)) {
// Found a link
$linkstart = $parstart + strlen($parameter);
$linkend = strpos($links[$i], '\'', $linkstart);
$thelink = substr($links[$i], $linkstart, ($linkend - $linkstart) );
// Only replace links starting with our own URL
if (strpos($thelink, $SiteUrl) === 0 ) {
$links[$i] = substr($links[$i], 0, $linkstart) . append_sid($thelink) . substr($links[$i], $linkend);
}
}
}
// And implode back
return implode ($links, $tag);
}
// Inherit Gzip compression if set in phpBB.
// Code copied from phpbb: includes/page_header.php
function InheritGzip () {
global $board_config;
if ( $board_config['gzip_compress'] )
{
$phpver = phpversion();
$useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT');
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
if ( extension_loaded('zlib') )
{
ob_start('ob_gzhandler');
}
}
else if ( $phpver > '4.0' )
{
if ( strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') )
{
if ( extension_loaded('zlib') )
{
ob_start();
ob_implicit_flush(0);
header('Content-Encoding: gzip');
}
}
}
}
}
// Sets the $AuthPromptFmt variable, which is displayed when an attempt is made to access
// a page for which the client is not authorized. This function distinguishes between
// anonimous users and users signed in.
function RedirectOnDeny () {
global $userdata, $AuthPromptFmt, $PageStartFmt, $PageEndFmt, $PhpbbUrl
, $PhpbbUrl, $phpEx, $AuthPromptMemberFmt, $AuthPromptAnonymousFmt;
SDV ($AuthPromptMemberFmt, array(&$PageStartFmt, "<br><p>You are not authorized to access this page.</p><br>", &$PageEndFmt));
SDV ($AuthPromptAnonymousFmt, "<html><head>
<meta http-equiv='Refresh' Content='0; URL=$PhpbbUrl/login.$phpEx' />
<title>Redirect</title>
</head><body></body></html>");
if ($userdata['session_logged_in'] == 1) {
$AuthPromptFmt = $AuthPromptMemberFmt;
}
else {
$AuthPromptFmt = $AuthPromptAnonymousFmt;
}
}
// ------------------------------------------------------------------------------------------
// Functions hi-jacked from the phpBB includes/functions.php file.
// We cannot include the file itself, because it contains a function "redirect", which
// is already defined by pmWiki.
// Simplified message_die
function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '')
{
die ($msg_text);
}
// Encode an IP address to hex
function encode_ip($dotquad_ip)
{
$ip_sep = explode('.', $dotquad_ip);
return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}
// Decode an IP address from hex
function decode_ip($int_ip)
{
$hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
}
// Randomiser as used by the sessions.php script
function dss_rand()
{
global $db, $board_config, $dss_seeded;
$val = $board_config['rand_seed'] . microtime();
$val = md5($val);
$board_config['rand_seed'] = md5($board_config['rand_seed'] . $val . 'a');
if($dss_seeded !== true)
{
$sql = "UPDATE " . CONFIG_TABLE . " SET
config_value = '" . $board_config['rand_seed'] . "'
WHERE config_name = 'rand_seed'";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Unable to reseed PRNG", "", __LINE__, __FILE__, $sql);
}
$dss_seeded = true;
}
return substr($val, 4, 16);
}