~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/webapp/forum/phpbb3.diff

  • Committer: William Grant
  • Date: 2009-02-23 23:47:02 UTC
  • mfrom: (1099.1.211 new-dispatch)
  • Revision ID: grantw@unimelb.edu.au-20090223234702-db4b1llly46ignwo
Merge from lp:~ivle-dev/ivle/new-dispatch.

Pretty much everything changes. Reread the setup docs. Backup your databases.
Every file is now in a different installed location, the configuration system
is rewritten, the dispatch system is rewritten, URLs are different, the
database is different, worksheets and exercises are no longer on the
filesystem, we use a templating engine, jail service protocols are rewritten,
we don't repeat ourselves, we have authorization rewritten, phpBB is gone,
and probably lots of other things that I cannot remember.

This is certainly the biggest commit I have ever made, and hopefully
the largest I ever will.

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
diff -Nur a/adm/index.php b/adm/index.php
 
2
--- a/adm/index.php     2008-12-13 02:20:38.000000000 +1100
 
3
+++ b/adm/index.php     2009-02-18 11:53:53.000000000 +1100
 
4
@@ -27,12 +27,6 @@
 
5
 $user->setup('acp/common');
 
6
 // End session management
 
7
 
 
8
-// Have they authenticated (again) as an admin for this session?
 
9
-if (!isset($user->data['session_admin']) || !$user->data['session_admin'])
 
10
-{
 
11
-       login_box('', $user->lang['LOGIN_ADMIN_CONFIRM'], $user->lang['LOGIN_ADMIN_SUCCESS'], true, false);
 
12
-}
 
13
-
 
14
 // Is user any type of admin? No, then stop here, each script needs to
 
15
 // check specific permissions but this is a catchall
 
16
 if (!$auth->acl_get('a_'))
 
17
diff -Nur a/config.php b/config.php
 
18
--- a/config.php        2009-02-18 11:47:04.000000000 +1100
 
19
+++ b/config.php        2009-02-18 12:21:14.000000000 +1100
 
20
@@ -11,6 +11,8 @@
 
21
 $acm_type = 'file';
 
22
 $load_extensions = '';
 
23
 
 
24
+$ivle_secret = '<FORUM SECRET>';
 
25
+
 
26
 @define('PHPBB_INSTALLED', true);
 
27
 // @define('DEBUG', true);
 
28
 // @define('DEBUG_EXTRA', true);
 
29
diff -Nur a/includes/session.php b/includes/session.php
 
30
--- a/includes/session.php      2008-12-13 02:20:37.000000000 +1100
 
31
+++ b/includes/session.php      2009-02-18 12:32:37.000000000 +1100
 
32
@@ -296,6 +296,13 @@
 
33
                        $this->data = $db->sql_fetchrow($result);
 
34
                        $db->sql_freeresult($result);
 
35
 
 
36
+                       // IVLE SSO
 
37
+                       $ivle_userid = $this->ivle_auth();
 
38
+                       if ($ivle_userid && ($ivle_userid != $this->data['user_id']))
 
39
+                       {
 
40
+                               return $this->session_create($ivle_userid);
 
41
+                       }
 
42
+
 
43
                        // Did the session exist in the DB?
 
44
                        if (isset($this->data['user_id']))
 
45
                        {
 
46
@@ -2228,6 +2235,135 @@
 
47
                        return $var;
 
48
                }
 
49
        }
 
50
+
 
51
+       /** IVLE SSO
 
52
+        * This function attempts to authenticate from a signed cookie provided by 
 
53
+        * IVLE. If it does it will return either the forum user_id for the logged in 
 
54
+        * IVLE user or will create a new one on-the-fly.
 
55
+        * 
 
56
+        * If the cookie is bad, the ANONYMOUS user will be returned.
 
57
+        */
 
58
+       function ivle_auth()
 
59
+       {
 
60
+               global $db, $phpbb_root_path, $phpEx;
 
61
+
 
62
+               // Get the IVLE shared secret from config.php.
 
63
+               require($phpbb_root_path . 'config.' . $phpEx);
 
64
+
 
65
+               // Shared Cookie
 
66
+               $ivle_cookie = explode(':',$_COOKIE['ivleforumcookie']);
 
67
+        
 
68
+               if ($ivle_cookie == "NONE") {
 
69
+                       return ANONYMOUS;
 
70
+               }
 
71
+
 
72
+               // Decode and unescape the Cookie contents
 
73
+               $ivle_uid = urldecode($ivle_cookie[0]);
 
74
+               $ivle_nick = urldecode($ivle_cookie[1]);
 
75
+               $ivle_email = urldecode($ivle_cookie[2]);
 
76
+               $ivle_role = urldecode($ivle_cookie[3]);
 
77
+               $ivle_hash = $ivle_cookie[4];
 
78
+
 
79
+               // Check if uid + nick + email + secret is the same as the hash
 
80
+               if(md5($ivle_cookie[0].$ivle_cookie[1].$ivle_cookie[2].
 
81
+                      $ivle_cookie[3].$ivle_secret) == $ivle_hash)
 
82
+               {
 
83
+                       // Check if the user exists in the database
 
84
+                       $sql = 'SELECT user_id
 
85
+                               FROM ' . USERS_TABLE . "
 
86
+                               WHERE username = '" . $db->sql_escape($ivle_uid) . "';";
 
87
+                               $result = $db->sql_query($sql);
 
88
+                               $row = $db->sql_fetchrow($result);
 
89
+                               $user_id = $row['user_id'];
 
90
+                               $db->sql_freeresult($result);
 
91
+
 
92
+                       // If no user_id is found for the username, create a new user
 
93
+                       if(!$user_id)
 
94
+                       {
 
95
+                               // Needed for IVLE auth overide
 
96
+                               include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
97
+                  
 
98
+                               // Add all users to the Registered Group
 
99
+                               $sql = 'SELECT group_id
 
100
+                                       FROM ' . GROUPS_TABLE . "
 
101
+                                       WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
 
102
+                                       AND group_type = " . GROUP_SPECIAL;
 
103
+                               $result = $db->sql_query($sql);
 
104
+                               $row = $db->sql_fetchrow($result);
 
105
+                               $db->sql_freeresult($result);
 
106
+                               if (!$row)
 
107
+                               {
 
108
+                                       trigger_error('NO_GROUP');
 
109
+                               }
 
110
+
 
111
+                               $group_id = $row['group_id'];
 
112
+
 
113
+                               // Get the Time and Timezone
 
114
+                               $timezone = date('Z') / 3600;
 
115
+                               $is_dst = date('I');
 
116
+                               $timezone = ($is_dst) ? $timezone - 1 : $timezone;
 
117
+                               
 
118
+                               // Fill into array
 
119
+                               $user_row = array(
 
120
+                                       'username'              => $ivle_uid,
 
121
+                                       'user_password'         => '', # Not a valid hash
 
122
+                                       'user_email'            => $ivle_email,
 
123
+                                       'group_id'              => (int) $group_id,
 
124
+                                       'user_timezone'         => (float) $timezone,
 
125
+                                       'user_dst'              => $is_dst,
 
126
+                                       'user_lang'             => 'en',
 
127
+                                       'user_type'             => USER_NORMAL,
 
128
+                                       'user_actkey'           => '',
 
129
+                                       'user_ip'               => $this->ip,
 
130
+                                       'user_regdate'          => time(),
 
131
+                                       'user_inactive_reason'  => 0,
 
132
+                                       'user_inactive_time'    => 0,
 
133
+                               );
 
134
+                        
 
135
+                               // Add user
 
136
+                               $user_id = user_add($user_row);
 
137
+
 
138
+                               // Add any aditional groups
 
139
+                               // Select the equvialent group
 
140
+                               $group = False;
 
141
+                               switch($ivle_role)
 
142
+                               {
 
143
+                                       case('admin'):
 
144
+                                               $group = 'ADMINISTRATORS';
 
145
+                                               break;
 
146
+                                       case('lecturer'):
 
147
+                                               $group = 'GLOBAL_MODERATORS';
 
148
+                                               break;
 
149
+                               }
 
150
+                               if ($group)
 
151
+                               {
 
152
+                                       // Find the group_id
 
153
+                                       $sql = 'SELECT group_id
 
154
+                                               FROM ' . GROUPS_TABLE . "
 
155
+                                               WHERE group_name = '" . $db->sql_escape($group) . "'
 
156
+                                               AND group_type = " . GROUP_SPECIAL;
 
157
+                                       
 
158
+                                       $result = $db->sql_query($sql);
 
159
+                                       $row = $db->sql_fetchrow($result);
 
160
+                                       $db->sql_freeresult($result);
 
161
+
 
162
+                                       if (!$row)
 
163
+                                       {
 
164
+                                               trigger_error('NO_GROUP');
 
165
+                                       }
 
166
+
 
167
+                                       $group_id = $row['group_id'];
 
168
+
 
169
+                                       group_user_add($group_id,Array($user_id));
 
170
+                               }
 
171
+                       }
 
172
+                       return $user_id;
 
173
+               }
 
174
+               else
 
175
+               {
 
176
+                       return False;
 
177
+               }
 
178
+       }
 
179
 }
 
180
 
 
181
 ?>
 
182
diff -Nur a/styles/prosilver/template/index_body.html b/styles/prosilver/template/index_body.html
 
183
--- a/styles/prosilver/template/index_body.html 2008-12-13 02:20:37.000000000 +1100
 
184
+++ b/styles/prosilver/template/index_body.html 2009-02-18 12:05:36.000000000 +1100
 
185
@@ -14,20 +14,6 @@
 
186
 
 
187
 <!-- INCLUDE forumlist_body.html -->
 
188
 
 
189
-<!-- IF not S_USER_LOGGED_IN and not S_IS_BOT -->
 
190
-       <form method="post" action="{S_LOGIN_ACTION}" class="headerspace">
 
191
-       <h3><a href="{U_LOGIN_LOGOUT}">{L_LOGIN_LOGOUT}</a><!-- IF S_REGISTER_ENABLED -->&nbsp; &bull; &nbsp;<a href="{U_REGISTER}">{L_REGISTER}</a><!-- ENDIF --></h3>
 
192
-               <fieldset class="quick-login">
 
193
-                       <label for="username">{L_USERNAME}:</label>&nbsp;<input type="text" name="username" id="username" size="10" class="inputbox" title="{L_USERNAME}" />  
 
194
-                       <label for="password">{L_PASSWORD}:</label>&nbsp;<input type="password" name="password" id="password" size="10" class="inputbox" title="{L_PASSWORD}" />
 
195
-                       <!-- IF S_AUTOLOGIN_ENABLED -->
 
196
-                               | <label for="autologin">{L_LOG_ME_IN} <input type="checkbox" name="autologin" id="autologin" /></label>
 
197
-                       <!-- ENDIF -->
 
198
-                       <input type="submit" name="login" value="{L_LOGIN}" class="button2" />
 
199
-               </fieldset>
 
200
-       </form>
 
201
-<!-- ENDIF -->
 
202
-
 
203
 <!-- IF S_DISPLAY_ONLINE_LIST -->
 
204
        <!-- IF U_VIEWONLINE --><h3><a href="{U_VIEWONLINE}">{L_WHO_IS_ONLINE}</a></h3><!-- ELSE --><h3>{L_WHO_IS_ONLINE}</h3><!-- ENDIF -->
 
205
        <p>{TOTAL_USERS_ONLINE} ({L_ONLINE_EXPLAIN})<br />{RECORD_USERS}<br /> <br />{LOGGED_IN_USER_LIST}
 
206
diff -Nur a/styles/prosilver/template/overall_header.html b/styles/prosilver/template/overall_header.html
 
207
--- a/styles/prosilver/template/overall_header.html     2008-12-13 02:20:37.000000000 +1100
 
208
+++ b/styles/prosilver/template/overall_header.html     2009-02-18 12:06:22.000000000 +1100
 
209
@@ -151,8 +151,6 @@
 
210
                                <li class="icon-faq"><a href="{U_FAQ}" title="{L_FAQ_EXPLAIN}">{L_FAQ}</a></li>
 
211
                                <!-- IF not S_IS_BOT -->
 
212
                                        <!-- IF S_DISPLAY_MEMBERLIST --><li class="icon-members"><a href="{U_MEMBERLIST}" title="{L_MEMBERLIST_EXPLAIN}">{L_MEMBERLIST}</a></li><!-- ENDIF -->
 
213
-                                       <!-- IF not S_USER_LOGGED_IN and S_REGISTER_ENABLED --><li class="icon-register"><a href="{U_REGISTER}">{L_REGISTER}</a></li><!-- ENDIF -->
 
214
-                                       <li class="icon-logout"><a href="{U_LOGIN_LOGOUT}" title="{L_LOGIN_LOGOUT}" accesskey="l">{L_LOGIN_LOGOUT}</a></li>
 
215
                                <!-- ENDIF -->
 
216
                        </ul>
 
217