]>
gitweb.michael.orlitzky.com - dead/third_party_db_auth.git/blob - third_party_db_auth.class.php
3 # Copyright Michael Orlitzky
5 # http://michael.orlitzky.com/
7 # This program is free software: you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation, either version 3 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # http://www.fsf.org/licensing/licenses/gpl.html
20 require_once('./includes/AuthPlugin.php');
22 class ThirdPartyDbAuth
extends AuthPlugin
{
24 /* A connection to the database that lasts as long
25 * as this object is around.
27 private $connection = null;
30 /* The query used to determine whether
31 or not the user is authorized. */
32 private $authentication_query = null;
35 /* Used to determine whether or not a
36 username is present in the database. */
37 private $user_exists_query = null;
40 /* True if the supplied query returns one or more rows
41 * when executed against our database connection */
42 private function query_returns_rows($query) {
43 $result = mysql_query($query, $this->connection
);
44 $row_count = mysql_num_rows($result);
45 mysql_free_result($result);
57 public function set_authentication_query($query) {
58 $this->authentication_query
= $query;
63 public function set_user_exists_query($query) {
64 $this->user_exists_query
= $query;
69 /* The constructor creates a connection to the database
70 * which is kept open for the lifetime of the object
72 public function __construct($database_hostname,
77 $this->connection
= mysql_connect($database_hostname,
80 or die(mysql_error());
82 mysql_select_db($database_name, $this->connection
)
83 or die("Couldn't select database {$this->database_name}. Error: " . mysql_error());
88 /* The destructor just closes the database connection
89 * that was opened in the constructor.
91 public function __destruct() {
92 mysql_close($this->connection
);
98 * Attempt to authenticate the user. We consider them authenticated
99 * if there are any records returned from our authentication query.
101 function authenticate($username, $password) {
102 if ($this->authentication_query
== null) {
106 $escaped_username = mysql_real_escape_string($username);
107 $escaped_password = mysql_real_escape_string($password);
109 // Substitute for the username and password template variables.
110 $query = str_replace('%u', $escaped_username, $this->authentication_query
);
111 $query = str_replace('%p', $escaped_password, $query);
113 return $this->query_returns_rows($query);
118 /* Check to see if a username exists in our data source.
120 function userExists($username) {
121 if ($this->user_exists_query
== null) {
125 $escaped_username = mysql_real_escape_string($username);
127 // Substitute for the username template variable.
128 $query = str_replace('%u', $escaped_username, $this->user_exists_query
);
130 return $this->query_returns_rows($query);
135 /* Most of the functions below this point are just overridden
136 * to return constant values. Generally, we don't want to allow
137 * users to touch our third-party database, so for example, we
138 * return false immediately from any attempts to add a user.
142 /* We don't add users to our data source, so always return false. */
143 function addUser($user, $password) {
148 /* This needs to be true.
149 * Check the superclass source code for an explanation.
151 function autoCreate() {
157 function canCreateAccounts() {
164 * If you want to munge the case of an account name before the final
165 * check, now is your chance.
167 function getCanonicalName($username) {
173 /* Disable some user interface options that don't make
174 * sense in our context.
176 function modifyUITemplate(&$template) {
177 $template->set('usedomain', false); // We do not want a domain name.
178 $template->set('create', false); // Remove option to create new accounts from the wiki.
179 $template->set('useemail', false); // Disable the mail new password box.
184 function setDomain($domain) {}
188 function allowPasswordChange() {
194 function setPassword($password) {
206 function strictUserAuth($username) {
212 /* This might actually be useful, but we don't use it. */
213 function updateUser( &$user ) {
219 function updateExternalDB($user) {
225 /* We don't use domains, so they're never valid.
227 function validDomain($domain) {
234 $wgExtensionCredits['other'][] = array(
235 'name' => 'Third-party Database Authentication',
236 'author' => 'Michael Orlitzky',
237 'description' => 'Allow Mediawiki to authenticate to a third-party (MySQL) database.',
238 'url' => 'http://michael.orlitzky.com/'