<?php if (! defined ('PmWiki')) exit;

# Copyright
# =========
# 
# Copyright (c) 2006 Benjamin C. Wilson. This software is released under GPL
# under the same terms as PmWiki.
#
# Description
# ===========
#
# AuthUserDBase is a database tie-in for PmWiki's AuthUser.
#
# Usage
# =====
#
# To use this for user authentication, the following steps must be taken.
# 
#    1. Include this file via the site configuration
#    include_once("/path/to/cookbook/authuser_mysql.php-1.0.php");
#
#    2. Edit Site.AuthUser and add the following on its own line:
#       " mysql : required for AuthUserMysql"
#
#    3. Set the following values:
#       a. $AUDBaseEncryption (defaults to md5).
#       b. $AUDBaseDBase (array)
#           i.   $AUDBaseDBase['host'] (defaults to 'localhost')
#           ii.  $AUDBaseDBase['db'] (no default)
#           iii. $AUDBaseDBase['host'] (no default)
#           iv.  $AUDBaseDBase['user'] (username to access database)
#           v.   $AUDBaseDBase['password'] (password to access database)
#       c. $AUDBaseTable (array)
#           i.   $AUDBaseTable['table'] (authentication database table)
#           ii.  $AUDBaseTable['userfield'] (user field in the authentication
#                 table)
#           iii. $AUDBaseTable['pwfield'] (password field in the
#                authentication table)
#
#    4. Have users in the authentication table.
#
# Release History
# ===============
#
# v.0.1 July, 2005 - Private release
# v.0.2 May 31, 3006 - Semi-public release.
# v.1.0 ---- -, 2006 - Initial public release. 
#   * I am trying to implement multiple-table support
#   * Cleaning up for easier use on various sites. 

if (!$AuthUser) return;

SDV($AUDBaseEncryption, 'md5');
SDV($AUDBaseDBase, array(
	  'host'      => 'localhost',
	  'db'        => '',
	  'user'      => '',
	  'password'  => '',
  )
);
SDV($AUDBaseTable, array(
	  'table'     => 'users',
	  'userfield' => 'username',
	  'pwfield'   => 'password',
    )
);
SDV($AUDBaseConditional, '');
SDV($AUDBaseEngine, 'mysql');


#$AuthForm      =<<<AUTHFORM
#<form name='authform' action='{$_SERVER['REQUEST_URI']}' method='post'>
#<table border='0'>
#<tr>
#<td class='name'>Name:</td><td><input tabindex='1' type='text' name='authid' value=''></td>
#</tr><tr>
#<td class='name'>Password:</td><td><input tabindex='2' type='password' name='authpw' value=''></td>
#</tr><tr>
#<td colspan='2'>
#<input type='submit' value='OK'>
#</td>
#<input type='hidden' name='authaction' value='1'>
#</table>
#<script language='javascript'<!-- document.authform.authid.focus() //--></script>
#</form>
#
#AUTHFORM;
#$AuthPromptFmt = array(&$PageStartFmt, $AuthForm, &$PageEndFmt);
function AuthUserDBaseError($t, $e) {
    $msg = array(
        'query' => "Could not successfully run query (\$ask) from DB: ",
        'dbase' => "Unable to select database \$AUDBaseDBase[db]: ",
        'conn' => "Could not connect: ",
    );
    die($msg[$t] . $e);
}
function AuthUserPgSQL($ask) {
    global $AUDBaseDBase;
    pg_connect(
        "host=$AUDBaseDBase[host] "
        . "dbname=$AUDBaseDBase[db] "
        . "user=$AUDBaseDBase[user] "
        . "password=$AUDBaseDBase[password]"
    )
        or AuthUserDBaseError('conn',pg_last_error());
    $result = pg_fetch_assoc($ask)
        or AuthUserDBaseError('query',mysql_error());
    return ($result['authorized']);
}
function AuthUserMySQL($ask) {
    global $AUDBaseDBase;
    mysql_connect(
        $AUDBaseDBase['host'],
        $AUDBaseDBase['user'],
        $AUDBaseDBase['password']
    ) or AuthUserDBaseError('conn',mysql_error());
    @mysql_select_db($AUDBaseDBase['db']) 
        or AuthUserDBaseError('dbase',mysql_error());
  
    $result = mysql_query($ask) 
        or AuthUserDBaseError('query',mysql_error());
    return ($result['authorized']);
}
function AuthUserDatabase($pagename, $id, $pw, $pwlist) {
    global $AUDBaseTable, $AUDBaseEncryption, $AUDBaseConditional;

    #-----------------------------------
    # Encryption Switch
    switch($AuthDBaseEncription) {
        case 'md5' : $pw = md5($pw); break;
        case 'sha1' : $pw = sha1($pw); break;
        default : $pw = md5($pw); break;
    }

    #-----------------------------------
    # Query Preparation
    $u = $AUDBaseTable['userfield'];
    $p = $AUDBaseTable['pwfield'];
    $t = $AUDBaseTable['table'];
    $w = $AUDBaseConditional;
    $n = $AUDBaseEncryption;
    $ask = "SELECT count(*) AS AUTHORIZED FROM $t WHERE $u='$i' AND $p='$pw' $w;";
  
    #-----------------------------------
    # Database Switch
    switch($AUDBaseEngine) {
        case 'mysql' : $answer = AuthUserMySQL($ask); break;
        case 'pgsql' : $answer = AuthUserPgSQL($ask); break;
        default : $answer = AuthUserMySQL($ask); break;
    }
    return ($answer) ? true : false;
    return false;
}

$AuthUserFunctions['mysql'] = 'AuthUserDBase';