1 | <?php |
---|
2 | /* |
---|
3 | Plugin Name: External Connection |
---|
4 | Version: 2.0.7.a |
---|
5 | Description: High school connection - Don't DEACTIVATE !!! |
---|
6 | */ |
---|
7 | /* |
---|
8 | PREREQs: (Maybe an admin interface would become a must). |
---|
9 | |
---|
10 | 1 - Mandatory API parameter to define in your private LOCAL configuration file |
---|
11 | (ie. ./include/config_local.inc.php and NEVER config_global) |
---|
12 | Like this: |
---|
13 | $conf['external_connection_api'] = 'http://website.api/api.php?user=%s&pass=%s&type=echodata'; |
---|
14 | where user=%s will provide the user parameter to the API |
---|
15 | and pass=%s will provide the encoded password |
---|
16 | type=blahblahblah is any additionnal parameter |
---|
17 | |
---|
18 | 2 - Optional - Encoded password |
---|
19 | Default is MD5. |
---|
20 | If you need to encode it create a global static function (eg. main_convert_from_external) |
---|
21 | which will return the encoded password. Parameter is original clear password. |
---|
22 | $conf['pass_convert'] = create_function('$s', 'global $row; return main_convert_from_external($s);'); |
---|
23 | |
---|
24 | LOGIC: (A bit complex due to the ID provided logic). |
---|
25 | |
---|
26 | 1 - Try to connect to Piwigo as usual |
---|
27 | 2 - On failure the handler would take over. |
---|
28 | |
---|
29 | 3 - On logon failure now, call the API following its ruleset |
---|
30 | in the present case, the school API returns Pseudo and ID which could be different for other APIs |
---|
31 | 4 - If not found by the API, do nothing (see else final logic) |
---|
32 | |
---|
33 | 5 - Yes recognised, now. |
---|
34 | Because we have the ID forced (could be different with other APIs), we should try to register in Piwigo. |
---|
35 | Try to register (normaly only new users are there but consider that the Pseudo could be changed and it was the case once a year max). |
---|
36 | (See (*) below) |
---|
37 | |
---|
38 | |
---|
39 | 6 - Register is ok. Logon and redirect. |
---|
40 | |
---|
41 | Else (4 and 6) we are in a failure exception process, so just return to the normal failure process. |
---|
42 | |
---|
43 | (*): This API provides an ID so... |
---|
44 | It can provide ID 1 and 2 (which are by default respectively the webmaster-id and the guest-id for anonymous access). |
---|
45 | So the first step is to get from the API provider in such case... |
---|
46 | You id (to become the webmaster-id of Piwigo) and another id (to become the guest-id). |
---|
47 | Then connect you with each of them, just to create their account in Piwigo. |
---|
48 | See in admin Identification > Users their new lines. |
---|
49 | Move over their profile icons just to get their IDs (comming from the API). |
---|
50 | Supposed to be 1234 and 5678 for following statements. |
---|
51 | SET your user status as Admin. |
---|
52 | |
---|
53 | define in your private LOCAL configuration file |
---|
54 | (ie. ./include/config_local.inc.php and NEVER config_global) |
---|
55 | Like this: |
---|
56 | $conf['guest_id'] = 5678; |
---|
57 | $conf['default_user_id'] = $conf['guest_id']; |
---|
58 | $conf['webmaster_id'] = 1234; |
---|
59 | |
---|
60 | Close to be finished: |
---|
61 | Connect you with you user (1234). |
---|
62 | See in admin Identification > Users |
---|
63 | The old webmaster is an Admin |
---|
64 | The old guest is a normal registered user. |
---|
65 | Delete them (or at least change the status of the old webmaster as user). |
---|
66 | |
---|
67 | That's it. |
---|
68 | */ |
---|
69 | |
---|
70 | /* Here already in step 1 */ |
---|
71 | if (!defined('PHPWG_ROOT_PATH')) die ("Hacking attempt!"); |
---|
72 | |
---|
73 | global $conf, $row; |
---|
74 | $conf['allow_user_registration'] = false; |
---|
75 | if (!isset($conf['external_connection_api'])) |
---|
76 | die("The API parameter is NOT defined \$conf['external_connection_api']. Please see ./plugins/external_connection/main.inc.php comments."); |
---|
77 | |
---|
78 | /* step 2 (creation) */ |
---|
79 | add_event_handler('login_failure', 'try_external_identification'); |
---|
80 | |
---|
81 | function try_external_identification($username) |
---|
82 | { |
---|
83 | global $conf, $redirect_to, $remember_me; |
---|
84 | |
---|
85 | /* step 3 (call the external API) */ |
---|
86 | $external_url = sprintf($conf['external_connection_api'], addslashes($username), md5(addslashes($_POST['password']))); |
---|
87 | $fp = fopen($external_url,'r'); |
---|
88 | $d = fgets($fp); |
---|
89 | $g = split("//",$d); |
---|
90 | $userid = (int)($g[0]); //$userid=32; #for local testing |
---|
91 | fclose($fp); |
---|
92 | |
---|
93 | if ($userid > 0) |
---|
94 | { /* step 5 (register) */ |
---|
95 | $error = register_external_user($userid, $username, $_POST['password'], ''); |
---|
96 | if (empty($error)) |
---|
97 | { /* step 6 (Logon) */ |
---|
98 | log_user($userid, $remember_me); |
---|
99 | redirect(empty($redirect_to) ? make_index_url() : $redirect_to); |
---|
100 | } |
---|
101 | } |
---|
102 | /* step 4 (do nothing) */ |
---|
103 | } |
---|
104 | |
---|
105 | /* The orginal registration function has been reviewed to force an external provided id |
---|
106 | and to be able to change the pseudo (no duplicate pseudo in this particular case) */ |
---|
107 | function register_external_user($next_id, $login, $password, $mail_address, |
---|
108 | $with_notification = true, $errors = array()) |
---|
109 | { |
---|
110 | global $conf; |
---|
111 | if ($login == '') array_push($errors, l10n('reg_err_login1')); |
---|
112 | if (preg_match('/^.* $/', $login)) array_push($errors, l10n('reg_err_login2')); |
---|
113 | if (preg_match('/^ .*$/', $login)) array_push($errors, l10n('reg_err_login3')); |
---|
114 | if (get_userid($login)) array_push($errors, l10n('reg_err_login5')); |
---|
115 | $mail_error = validate_mail_address(null, $mail_address); |
---|
116 | if ('' != $mail_error) array_push($errors, $mail_error); |
---|
117 | $errors = trigger_event('register_user_check', |
---|
118 | $errors, array( |
---|
119 | 'username'=>$login, |
---|
120 | 'password'=>$password, |
---|
121 | 'email'=>$mail_address, |
---|
122 | )); |
---|
123 | |
---|
124 | // if no error until here, registration of the user |
---|
125 | if (count($errors) == 0) { |
---|
126 | $query = 'REPLACE INTO piwigo_users |
---|
127 | (id,username,password,mail_address) |
---|
128 | VALUES(' . $next_id . ',\'' . mysql_real_escape_string($login) . '\',\'' . $conf['pass_convert']($password) . '\',NULL);'; |
---|
129 | $result = pwg_query($query); |
---|
130 | |
---|
131 | // Assign by default groups |
---|
132 | $query = 'SELECT id |
---|
133 | FROM '.GROUPS_TABLE.' |
---|
134 | WHERE is_default = \''.boolean_to_string(true).'\' |
---|
135 | ORDER BY id ASC;'; |
---|
136 | $result = pwg_query($query); |
---|
137 | $inserts = array(); |
---|
138 | while ($row = mysql_fetch_array($result)) |
---|
139 | { |
---|
140 | array_push($inserts, |
---|
141 | array( |
---|
142 | 'user_id' => $next_id, |
---|
143 | 'group_id' => $row['id'] |
---|
144 | )); |
---|
145 | } |
---|
146 | |
---|
147 | if (count($inserts) != 0) { |
---|
148 | include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); |
---|
149 | mass_inserts(USER_GROUP_TABLE, array('user_id', 'group_id'), $inserts); |
---|
150 | } |
---|
151 | |
---|
152 | $num_infos = mysql_num_rows(pwg_query('SELECT user_id |
---|
153 | FROM '.USER_INFOS_TABLE.' WHERE user_id = \''.$next_id.'\'')); |
---|
154 | if ($num_infos == 0) create_user_infos($next_id); |
---|
155 | |
---|
156 | if ($with_notification and $num_infos == 0 and $conf['email_admin_on_new_user']) { |
---|
157 | include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php'); |
---|
158 | $admin_url = get_absolute_root_url() |
---|
159 | .'admin.php?page=user_list&username='.$login; |
---|
160 | $keyargs_content = array( |
---|
161 | get_l10n_args('User: %s', $login), |
---|
162 | get_l10n_args('Email: %s', $_POST['mail_address']), |
---|
163 | get_l10n_args('', ''), |
---|
164 | get_l10n_args('Admin: %s', $admin_url) |
---|
165 | ); |
---|
166 | pwg_mail_notification_admins( |
---|
167 | get_l10n_args('Registration of %s', $login), |
---|
168 | $keyargs_content |
---|
169 | ); |
---|
170 | } |
---|
171 | trigger_action('register_user', array( |
---|
172 | 'id'=>$next_id, |
---|
173 | 'username'=>$login, |
---|
174 | 'email'=>$mail_address, |
---|
175 | )); |
---|
176 | } |
---|
177 | return $errors; |
---|
178 | } |
---|
179 | |
---|
180 | ?> |
---|