* @param $cookie string
* @return mixed ExternalUser, or false on failure
*/
- public static function newFromCookie( $cookie ) {
+ public static function newFromCookie() {
global $wgExternalAuthType;
if ( is_null( $wgExternalAuthType ) ) {
return false;
}
$obj = new $wgExternalAuthType;
- if ( !$obj->initFromCookie( $cookie ) ) {
+ if ( !$obj->initFromCookie() ) {
return false;
}
return $obj;
protected abstract function initFromId( $id );
/**
- * Given the user's cookie, initialize this object to the correct user if
- * the cookie indicates that the user is logged into the external database.
- * If successful, return true. If the external database doesn't support
- * cookie-based authentication, or if the cookies don't belong to a
- * logged-in user, return false.
+ * Try to magically initialize the user from cookies or similar information
+ * so he or she can be logged in on just viewing the wiki. If this is
+ * impossible to do, just return false.
*
* TODO: Actually use this.
*
- * @param $cookie string
* @return bool Success?
*/
- protected function initFromCookie( $cookie ) {
+ protected function initFromCookie() {
return false;
}
* @return \bool True if the user is logged in, false otherwise.
*/
private function loadFromSession() {
- global $wgMemc, $wgCookiePrefix;
+ global $wgMemc, $wgCookiePrefix, $wgExternalAuthType, $wgAutocreatePolicy;
$result = null;
wfRunHooks( 'UserLoadFromSession', array( $this, &$result ) );
return $result;
}
+ if ( $wgExternalAuthType && $wgAutocreatePolicy == 'view' ) {
+ $extUser = ExternalUser::newFromCookie();
+ if ( $extUser ) {
+ # TODO: Automatically create the user here (or probably a bit
+ # lower down, in fact)
+ }
+ }
+
if ( isset( $_COOKIE["{$wgCookiePrefix}UserID"] ) ) {
$sId = intval( $_COOKIE["{$wgCookiePrefix}UserID"] );
if( isset( $_SESSION['wsUserID'] ) && $sId != $_SESSION['wsUserID'] ) {
# Check if we are looking at an IP or a logged-in user
if ( $this->isIP( $this->getName() ) ) {
- $ip = $this->getName();
+ $ip = $this->getName();
} else {
# Check if we are looking at the current user
# If we don't, and the user is logged in, we don't know about
if( !$wgAuth->allowPasswordChange() ) {
throw new PasswordError( wfMsg( 'password-change-forbidden' ) );
}
-
+
if( !$this->isValidPassword( $str ) ) {
global $wgMinimalPasswordLength;
$valid = $this->getPasswordValidity( $str );
$message = '';
} else {
$action = 'create2';
- $message = $byEmail
- ? wfMsgForContent( 'newuserlog-byemail' )
+ $message = $byEmail
+ ? wfMsgForContent( 'newuserlog-byemail' )
: '';
}
$log = new LogPage( 'newusers' );
// Maybe load from the object
if ( !is_null( $this->mOptionOverrides ) ) {
- wfDebug( "Loading options for user " . $this->getId() . " from override cache.\n" );
+ wfDebug( "Loading options for user " . $this->getId() . " from override cache.\n" );
foreach( $this->mOptionOverrides as $key => $value ) {
$this->mOptions[$key] = $value;
}
* 'username' => 'forum',
* 'password' => 'udE,jSqDJ<""p=fI.K9',
* 'dbname' => 'forum',
- * 'tableprefix' => ''
+ * 'tableprefix' => '',
+ * 'cookieprefix' => 'bb'
* );
*/
class ExternalUser_vB extends ExternalUser {
return $this->initFromCond( array( 'userid' => $id ) );
}
- # initFromCookie() not yet implemented
-
- private function initFromCond( $cond ) {
+ protected function initFromCookie() {
+ # Try using the session table. It will only have a row if the user has
+ # an active session, so it might not always work, but it's a lot easier
+ # than trying to convince PHP to give us vB's $_SESSION.
global $wgExternalAuthConf;
+ if ( !isset( $wgExternalAuthConf['cookieprefix'] ) ) {
+ $prefix = 'bb';
+ } else {
+ $prefix = $wgExternalAuthConf['cookieprefix'];
+ }
+ if ( !isset( $_COOKIE["{$prefix}sessionhash"] ) ) {
+ return false;
+ }
- $this->mDb = new Database(
- $wgExternalAuthConf['server'],
- $wgExternalAuthConf['username'],
- $wgExternalAuthConf['password'],
- $wgExternalAuthConf['dbname'],
- false, 0,
- $wgExternalAuthConf['tableprefix']
+ $db = $this->getDb();
+
+ $row = $db->selectRow(
+ array( 'session', 'user' ),
+ $this->getFields(),
+ array(
+ 'session.userid = user.userid',
+ 'sessionhash' => $_COOKIE["{$prefix}sessionhash"]
+ ),
+ __METHOD__
);
+ if ( !$row ) {
+ return false;
+ }
+ $this->mRow = $row;
- $row = $this->mDb->selectRow(
+ return true;
+ }
+
+ private function initFromCond( $cond ) {
+ $db = $this->getDb();
+
+ $row = $db->selectRow(
'user',
- array( 'userid', 'username', 'password', 'salt', 'email', 'usergroupid',
- 'membergroupids' ),
+ $this->getFields(),
$cond,
__METHOD__
);
return true;
}
+ private function getDb() {
+ global $wgExternalAuthConf;
+ return new Database(
+ $wgExternalAuthConf['server'],
+ $wgExternalAuthConf['username'],
+ $wgExternalAuthConf['password'],
+ $wgExternalAuthConf['dbname'],
+ false, 0,
+ $wgExternalAuthConf['tableprefix']
+ );
+ }
+
+ private function getFields() {
+ return array( 'user.userid', 'username', 'password', 'salt', 'email',
+ 'usergroupid', 'membergroupids' );
+ }
+
public function getId() { return $this->mRow->userid; }
public function getName() { return $this->mRow->username; }