+<?php\r
+#\r
+# Copyright Michael Orlitzky\r
+#\r
+# http://michael.orlitzky.com/\r
+#\r
+# This program is free software: you can redistribute it and/or modify\r
+# it under the terms of the GNU General Public License as published by\r
+# the Free Software Foundation, either version 3 of the License, or\r
+# (at your option) any later version.\r
+#\r
+# This program is distributed in the hope that it will be useful,\r
+# but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+# GNU General Public License for more details.\r
+#\r
+# http://www.fsf.org/licensing/licenses/gpl.html\r
+#\r
+\r
+require_once('./includes/AuthPlugin.php');\r
+\r
+class ThirdPartyDbAuth extends AuthPlugin {\r
+\r
+ /* A connection to the database that lasts as long\r
+ * as this object is around.\r
+ */\r
+ private $connection = null;\r
+\r
+\r
+ /* The query used to determine whether\r
+ or not the user is authorized. */\r
+ private $authentication_query = null;\r
+\r
+ \r
+ /* Used to determine whether or not a\r
+ username is present in the database. */\r
+ private $user_exists_query = null;\r
+\r
+\r
+ /* True if the supplied query returns one or more rows\r
+ * when executed against our database connection */\r
+ private function query_returns_rows($query) {\r
+ $result = mysql_query($query, $this->connection);\r
+ $row_count = mysql_num_rows($result);\r
+ mysql_free_result($result);\r
+ \r
+ if ($row_count > 0) {\r
+ return true;\r
+ }\r
+ else {\r
+ return false;\r
+ }\r
+ }\r
+\r
+\r
+ \r
+ public function set_authentication_query($query) {\r
+ $this->authentication_query = $query;\r
+ }\r
+\r
+ \r
+\r
+ public function set_user_exists_query($query) {\r
+ $this->user_exists_query = $query;\r
+ }\r
+\r
+ \r
+ \r
+ /* The constructor creates a connection to the database\r
+ * which is kept open for the lifetime of the object\r
+ */ \r
+ public function __construct($database_hostname,\r
+ $database_name,\r
+ $database_username,\r
+ $database_password) {\r
+\r
+ $this->connection = mysql_connect($database_hostname,\r
+ $database_username,\r
+ $database_password)\r
+ or die(mysql_error());\r
+\r
+ mysql_select_db($database_name, $this->connection)\r
+ or die("Couldn't select database {$this->database_name}. Error: " . mysql_error());\r
+ }\r
+\r
+\r
+ \r
+ /* The destructor just closes the database connection\r
+ * that was opened in the constructor.\r
+ */\r
+ public function __destruct() {\r
+ mysql_close($this->connection);\r
+ }\r
+\r
+ \r
+ \r
+ /*\r
+ * Attempt to authenticate the user. We consider them authenticated\r
+ * if there are any records returned from our authentication query.\r
+ */\r
+ function authenticate($username, $password) {\r
+ if ($this->authentication_query == null) {\r
+ return false;\r
+ }\r
+ \r
+ $escaped_username = mysql_real_escape_string($username);\r
+ $escaped_password = mysql_real_escape_string($password); \r
+\r
+ // Substitute for the username and password template variables.\r
+ $query = str_replace('%u', $escaped_username, $this->authentication_query);\r
+ $query = str_replace('%p', $escaped_password, $query);\r
+ \r
+ return $this->query_returns_rows($query);\r
+ }\r
+\r
+\r
+\r
+ /* Check to see if a username exists in our data source.\r
+ */\r
+ function userExists($username) {\r
+ if ($this->user_exists_query == null) {\r
+ return false;\r
+ }\r
+ \r
+ $escaped_username = mysql_real_escape_string($username);\r
+\r
+ // Substitute for the username template variable.\r
+ $query = str_replace('%u', $escaped_username, $this->user_exists_query);\r
+ \r
+ return $this->query_returns_rows($query);\r
+ }\r
+\r
+\r
+ \r
+ /* Most of the functions below this point are just overridden\r
+ * to return constant values. Generally, we don't want to allow\r
+ * users to touch our third-party database, so for example, we\r
+ * return false immediately from any attempts to add a user.\r
+ */\r
+ \r
+ \r
+ /* We don't add users to our data source, so always return false. */\r
+ function addUser($user, $password) {\r
+ return false;\r
+ }\r
+\r
+ \r
+ /* This needs to be true.\r
+ * Check the superclass source code for an explanation. \r
+ */\r
+ function autoCreate() {\r
+ return true;\r
+ }\r
+\r
+\r
+ \r
+ function canCreateAccounts() {\r
+ return false;\r
+ }\r
+\r
+\r
+ \r
+ /*\r
+ * If you want to munge the case of an account name before the final\r
+ * check, now is your chance.\r
+ */\r
+ function getCanonicalName($username) {\r
+ return $username;\r
+ }\r
+\r
+\r
+ \r
+ /* Disable some user interface options that don't make\r
+ * sense in our context.\r
+ */\r
+ function modifyUITemplate(&$template) {\r
+ $template->set('usedomain', false); // We do not want a domain name.\r
+ $template->set('create', false); // Remove option to create new accounts from the wiki.\r
+ $template->set('useemail', false); // Disable the mail new password box.\r
+ }\r
+\r
+\r
+ \r
+ function setDomain($domain) {}\r
+\r
+\r
+\r
+ function allowPasswordChange() {\r
+ return false;\r
+ }\r
+\r
+ \r
+\r
+ function setPassword($password) {\r
+ return false;\r
+ }\r
+\r
+ \r
+\r
+ function strict() {\r
+ return true;\r
+ }\r
+\r
+\r
+ \r
+ function strictUserAuth($username) {\r
+ return true;\r
+ }\r
+\r
+ \r
+\r
+ /* This might actually be useful, but we don't use it. */\r
+ function updateUser( &$user ) {\r
+ return false;\r
+ }\r
+\r
+\r
+\r
+ function updateExternalDB($user) {\r
+ return false;\r
+ }\r
+\r
+\r
+ \r
+ /* We don't use domains, so they're never valid.\r
+ */\r
+ function validDomain($domain) {\r
+ return false;\r
+ } \r
+\r
+}\r
+\r
+\r
+$wgExtensionCredits['other'][] = array(\r
+ 'name' => 'Third-party Database Authentication',\r
+ 'author' => 'Michael Orlitzky',\r
+ 'description' => 'Allow Mediawiki to authenticate to a third-party (MySQL) database.',\r
+ 'url' => 'http://michael.orlitzky.com/'\r
+);\r
+\r
+?>\r