From: mjo Date: Wed, 10 Sep 2008 19:03:52 +0000 (-0400) Subject: Initial commit. X-Git-Url: https://gitweb.michael.orlitzky.com/?a=commitdiff_plain;ds=sidebyside;p=dead%2Fthird_party_db_auth.git Initial commit. --- 915e184c392a52271d84d4212cb7813cc6c0b2e1 diff --git a/LocalSettings.third_party_db_auth.php b/LocalSettings.third_party_db_auth.php new file mode 100644 index 0000000..c52c236 --- /dev/null +++ b/LocalSettings.third_party_db_auth.php @@ -0,0 +1,28 @@ +set_authentication_query("SELECT * FROM users WHERE username='%u' AND password='%p'"); +$wgAuth->set_user_exists_query("SELECT * FROM users WHERE username='%u'"); +?> diff --git a/README b/README new file mode 100644 index 0000000..81bb3d9 --- /dev/null +++ b/README @@ -0,0 +1,9 @@ +This class is an authorization plugin for Mediawiki. It performs the +authorization and user existence queries to an arbitrary MySQL +database. An example of its use is included in the +LocalSettings.third_party_db_auth.php file. + +To use the plugin, you could either 'require' the +LocalSettings.third_party_db_auth.php file in your LocalSettings.php, +or copy-and-paste its contents into LocalSettings.php, somewhere near +the bottom (after DefaultSettings.php is included). diff --git a/third_party_db_auth.class.php b/third_party_db_auth.class.php new file mode 100644 index 0000000..11d255b --- /dev/null +++ b/third_party_db_auth.class.php @@ -0,0 +1,241 @@ +connection); + $row_count = mysql_num_rows($result); + mysql_free_result($result); + + if ($row_count > 0) { + return true; + } + else { + return false; + } + } + + + + public function set_authentication_query($query) { + $this->authentication_query = $query; + } + + + + public function set_user_exists_query($query) { + $this->user_exists_query = $query; + } + + + + /* The constructor creates a connection to the database + * which is kept open for the lifetime of the object + */ + public function __construct($database_hostname, + $database_name, + $database_username, + $database_password) { + + $this->connection = mysql_connect($database_hostname, + $database_username, + $database_password) + or die(mysql_error()); + + mysql_select_db($database_name, $this->connection) + or die("Couldn't select database {$this->database_name}. Error: " . mysql_error()); + } + + + + /* The destructor just closes the database connection + * that was opened in the constructor. + */ + public function __destruct() { + mysql_close($this->connection); + } + + + + /* + * Attempt to authenticate the user. We consider them authenticated + * if there are any records returned from our authentication query. + */ + function authenticate($username, $password) { + if ($this->authentication_query == null) { + return false; + } + + $escaped_username = mysql_real_escape_string($username); + $escaped_password = mysql_real_escape_string($password); + + // Substitute for the username and password template variables. + $query = str_replace('%u', $escaped_username, $this->authentication_query); + $query = str_replace('%p', $escaped_password, $query); + + return $this->query_returns_rows($query); + } + + + + /* Check to see if a username exists in our data source. + */ + function userExists($username) { + if ($this->user_exists_query == null) { + return false; + } + + $escaped_username = mysql_real_escape_string($username); + + // Substitute for the username template variable. + $query = str_replace('%u', $escaped_username, $this->user_exists_query); + + return $this->query_returns_rows($query); + } + + + + /* Most of the functions below this point are just overridden + * to return constant values. Generally, we don't want to allow + * users to touch our third-party database, so for example, we + * return false immediately from any attempts to add a user. + */ + + + /* We don't add users to our data source, so always return false. */ + function addUser($user, $password) { + return false; + } + + + /* This needs to be true. + * Check the superclass source code for an explanation. + */ + function autoCreate() { + return true; + } + + + + function canCreateAccounts() { + return false; + } + + + + /* + * If you want to munge the case of an account name before the final + * check, now is your chance. + */ + function getCanonicalName($username) { + return $username; + } + + + + /* Disable some user interface options that don't make + * sense in our context. + */ + function modifyUITemplate(&$template) { + $template->set('usedomain', false); // We do not want a domain name. + $template->set('create', false); // Remove option to create new accounts from the wiki. + $template->set('useemail', false); // Disable the mail new password box. + } + + + + function setDomain($domain) {} + + + + function allowPasswordChange() { + return false; + } + + + + function setPassword($password) { + return false; + } + + + + function strict() { + return true; + } + + + + function strictUserAuth($username) { + return true; + } + + + + /* This might actually be useful, but we don't use it. */ + function updateUser( &$user ) { + return false; + } + + + + function updateExternalDB($user) { + return false; + } + + + + /* We don't use domains, so they're never valid. + */ + function validDomain($domain) { + return false; + } + +} + + +$wgExtensionCredits['other'][] = array( + 'name' => 'Third-party Database Authentication', + 'author' => 'Michael Orlitzky', + 'description' => 'Allow Mediawiki to authenticate to a third-party (MySQL) database.', + 'url' => 'http://michael.orlitzky.com/' +); + +?>