From cecb985bee3bdd252e1b8dc0bd500b37cd52be01 Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Wed, 16 May 2007 20:58:53 +0000 Subject: Aktualisierung auf MediaWiki 1.10.0 Plugins angepasst und verbessert kleine Korrekturen am Design --- extensions/LLAuthPlugin.php | 202 +++++--------------------------------------- 1 file changed, 19 insertions(+), 183 deletions(-) (limited to 'extensions/LLAuthPlugin.php') diff --git a/extensions/LLAuthPlugin.php b/extensions/LLAuthPlugin.php index 2d903b28..f5bb718f 100644 --- a/extensions/LLAuthPlugin.php +++ b/extensions/LLAuthPlugin.php @@ -1,40 +1,6 @@ -# http://www.mediawiki.org/ -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -# http://www.gnu.org/copyleft/gpl.html -/** - * Authentication plugin interface. Instantiate a subclass of AuthPlugin - * and set $wgAuth to it to authenticate against some external tool. - * - * The default behavior is not to do anything, and use the local user - * database for all authentication. A subclass can require that all - * accounts authenticate externally, or use it only as a fallback; also - * you can transparently create internal wiki accounts the first time - * someone logs in who can be authenticated externally. - * - * This interface is new, and might change a bit before 1.4.0 final is - * done... - * - * @package MediaWiki - */ +$wgHooks['isValidPassword'][] = 'LLAuthPlugin::isValidPassword'; $wgExtensionCredits['other'][] = array( 'name' => 'LLAuthPlugin', @@ -47,218 +13,92 @@ require_once('includes/AuthPlugin.php'); class LLAuthPlugin extends AuthPlugin { + public static function isValidPassword($password) { + $length = strlen($password); + return ($length >= 6 && $length <= 25); + } + private $dbLink = null; - function __construct() - { + function __construct() { global $wgDBuser, $wgDBpassword; $this->dbLink = mysqli_connect('localhost', $wgDBuser, $wgDBpassword, 'current'); - } + } - function __destruct() - { + function __destruct() { mysqli_close($this->dbLink); - } + } - function getUserData($username) - { + function getUserData($username) { $result = mysqli_query($this->dbLink, 'SELECT id, email, realname FROM users WHERE name = \''.mysqli_escape_string($this->dbLink, $username).'\''); $data = mysqli_fetch_assoc($result); mysqli_free_result($result); return $data; - } - /** - * Check whether there exists a user account with the given name. - * The name will be normalized to MediaWiki's requirements, so - * you might need to munge it (for instance, for lowercase initial - * letters). - * - * @param $username String: username. - * @return bool - * @public - */ + } + function userExists( $username ) { $result = mysqli_query($this->dbLink, 'SELECT id FROM users WHERE name = \''.mysqli_escape_string($this->dbLink, $username).'\''); $exists = mysqli_num_rows($result) > 0; mysqli_free_result($result); - return $exists; + return $exists; } - /** - * Check if a username+password pair is a valid login. - * The name will be normalized to MediaWiki's requirements, so - * you might need to munge it (for instance, for lowercase initial - * letters). - * - * @param $username String: username. - * @param $password String: user password. - * @return bool - * @public - */ function authenticate( $username, $password ) { $result = mysqli_query($this->dbLink, 'SELECT id FROM users WHERE name = \''.mysqli_escape_string($this->dbLink, $username).'\' AND password = \''.mysqli_escape_string($this->dbLink, sha1($password)).'\' '); $authenticated = mysqli_num_rows($result) > 0; mysqli_free_result($result); - return $authenticated; + return $authenticated; } - /** - * Modify options in the login template. - * - * @param $template UserLoginTemplate object. - * @public - */ function modifyUITemplate( &$template ) { - # Override this! $template->set( 'usedomain', false ); $template->set('link', 'Um Dich hier anzumelden, nutze Deine Konto-Daten aus dem archlinux.de-Forum.'); } - /** - * Set the domain this plugin is supposed to use when authenticating. - * - * @param $domain String: authentication domain. - * @public - */ function setDomain( $domain ) { $this->domain = $domain; } - /** - * Check to see if the specific domain is a valid domain. - * - * @param $domain String: authentication domain. - * @return bool - * @public - */ function validDomain( $domain ) { - # Override this! return true; } - /** - * When a user logs in, optionally fill in preferences and such. - * For instance, you might pull the email address or real name from the - * external user database. - * - * The User object is passed by reference so it can be modified; don't - * forget the & on your function declaration. - * - * @param User $user - * @public - */ function updateUser( &$user ) { return $this->initUser($user); } - - /** - * Return true if the wiki should create a new local account automatically - * when asked to login a user who doesn't exist locally but does in the - * external auth database. - * - * If you don't automatically create accounts, you must still create - * accounts in some way. It's not possible to authenticate without - * a local account. - * - * This is just a question, and shouldn't perform any actions. - * - * @return bool - * @public - */ function autoCreate() { return true; } - /** - * Can users change their passwords? - * - * @return bool - */ function allowPasswordChange() { - return true; + return false; } - /** - * Set the given password in the authentication database. - * As a special case, the password may be set to null to request - * locking the password to an unusable value, with the expectation - * that it will be set later through a mail reset or other method. - * - * Return true if successful. - * - * @param $user User object. - * @param $password String: password. - * @return bool - * @public - */ function setPassword( $user, $password ) { - return true; + return false; } - /** - * Update user information in the external authentication database. - * Return true if successful. - * - * @param $user User object. - * @return bool - * @public - */ function updateExternalDB( $user ) { + // this way userdata is allways overwritten by external db return $this->initUser($user); } - /** - * Check to see if external accounts can be created. - * Return true if external accounts can be created. - * @return bool - * @public - */ function canCreateAccounts() { return false; } - /** - * Add a user to the external authentication database. - * Return true if successful. - * - * @param User $user - * @param string $password - * @return bool - * @public - */ - function addUser( $user, $password ) { + function addUser( $user, $password, $email = '', $realname = '' ) { return false; } - - /** - * Return true to prevent logins that don't authenticate here from being - * checked against the local database's password fields. - * - * This is just a question, and shouldn't perform any actions. - * - * @return bool - * @public - */ function strict() { return true; } - /** - * When creating a user account, optionally fill in preferences and such. - * For instance, you might pull the email address or real name from the - * external user database. - * - * The User object is passed by reference so it can be modified; don't - * forget the & on your function declaration. - * - * @param $user User object. - * @public - */ function initUser( &$user ) { $data = $this->getUserData($user->getName()); $user->setEmail($data['email']); @@ -267,10 +107,6 @@ class LLAuthPlugin extends AuthPlugin { return true; } - /** - * If you want to munge the case of an account name before the final - * check, now is your chance. - */ function getCanonicalName( $username ) { return $username; } -- cgit v1.2.3-54-g00ecf