← Back to branch summary

~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/webapp/forum/phpbb3.diff

  • Committer: mattgiuca
  • Date: 2008-07-15 07:19:34 UTC
  • Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:875
Added "migrations" directory, which contains incremental database update
    scripts.
Updated users.sql, uniqueness key on offering table.
Added migration matching this update to the migrations directory. Mm handy!

Show diffs side-by-side

added added

removed removed

Lines of Context:
ivle/webapp/forum/phpbb3.diff
1
 
diff -Nur a/adm/index.php b/adm/index.php
2
 
--- a/adm/index.php     2008-12-13 02:20:38.000000000 +1100
3
 
+++ b/adm/index.php     2009-02-18 11:53:53.000000000 +1100
4
 
@@ -27,12 +27,6 @@
5
 
 $user->setup('acp/common');
6
 
 // End session management
7
 
 
8
 
-// Have they authenticated (again) as an admin for this session?
9
 
-if (!isset($user->data['session_admin']) || !$user->data['session_admin'])
10
 
-{
11
 
-       login_box('', $user->lang['LOGIN_ADMIN_CONFIRM'], $user->lang['LOGIN_ADMIN_SUCCESS'], true, false);
12
 
-}
13
 
-
14
 
 // Is user any type of admin? No, then stop here, each script needs to
15
 
 // check specific permissions but this is a catchall
16
 
 if (!$auth->acl_get('a_'))
17
 
diff -Nur a/config.php b/config.php
18
 
--- a/config.php        2009-02-18 11:47:04.000000000 +1100
19
 
+++ b/config.php        2009-02-18 12:21:14.000000000 +1100
20
 
@@ -11,6 +11,8 @@
21
 
 $acm_type = 'file';
22
 
 $load_extensions = '';
23
 
 
24
 
+$ivle_secret = '<FORUM SECRET>';
25
 
+
26
 
 @define('PHPBB_INSTALLED', true);
27
 
 // @define('DEBUG', true);
28
 
 // @define('DEBUG_EXTRA', true);
29
 
diff -Nur a/includes/session.php b/includes/session.php
30
 
--- a/includes/session.php      2008-12-13 02:20:37.000000000 +1100
31
 
+++ b/includes/session.php      2009-02-18 12:32:37.000000000 +1100
32
 
@@ -296,6 +296,13 @@
33
 
                        $this->data = $db->sql_fetchrow($result);
34
 
                        $db->sql_freeresult($result);
35
 
 
36
 
+                       // IVLE SSO
37
 
+                       $ivle_userid = $this->ivle_auth();
38
 
+                       if ($ivle_userid && ($ivle_userid != $this->data['user_id']))
39
 
+                       {
40
 
+                               return $this->session_create($ivle_userid);
41
 
+                       }
42
 
+
43
 
                        // Did the session exist in the DB?
44
 
                        if (isset($this->data['user_id']))
45
 
                        {
46
 
@@ -2228,6 +2235,135 @@
47
 
                        return $var;
48
 
                }
49
 
        }
50
 
+
51
 
+       /** IVLE SSO
52
 
+        * This function attempts to authenticate from a signed cookie provided by 
53
 
+        * IVLE. If it does it will return either the forum user_id for the logged in 
54
 
+        * IVLE user or will create a new one on-the-fly.
55
 
+        * 
56
 
+        * If the cookie is bad, the ANONYMOUS user will be returned.
57
 
+        */
58
 
+       function ivle_auth()
59
 
+       {
60
 
+               global $db, $phpbb_root_path, $phpEx;
61
 
+
62
 
+               // Get the IVLE shared secret from config.php.
63
 
+               require($phpbb_root_path . 'config.' . $phpEx);
64
 
+
65
 
+               // Shared Cookie
66
 
+               $ivle_cookie = explode(':',$_COOKIE['ivleforumcookie']);
67
 
+        
68
 
+               if ($ivle_cookie == "NONE") {
69
 
+                       return ANONYMOUS;
70
 
+               }
71
 
+
72
 
+               // Decode and unescape the Cookie contents
73
 
+               $ivle_uid = urldecode($ivle_cookie[0]);
74
 
+               $ivle_nick = urldecode($ivle_cookie[1]);
75
 
+               $ivle_email = urldecode($ivle_cookie[2]);
76
 
+               $ivle_role = urldecode($ivle_cookie[3]);
77
 
+               $ivle_hash = $ivle_cookie[4];
78
 
+
79
 
+               // Check if uid + nick + email + secret is the same as the hash
80
 
+               if(md5($ivle_cookie[0].$ivle_cookie[1].$ivle_cookie[2].
81
 
+                      $ivle_cookie[3].$ivle_secret) == $ivle_hash)
82
 
+               {
83
 
+                       // Check if the user exists in the database
84
 
+                       $sql = 'SELECT user_id
85
 
+                               FROM ' . USERS_TABLE . "
86
 
+                               WHERE username = '" . $db->sql_escape($ivle_uid) . "';";
87
 
+                               $result = $db->sql_query($sql);
88
 
+                               $row = $db->sql_fetchrow($result);
89
 
+                               $user_id = $row['user_id'];
90
 
+                               $db->sql_freeresult($result);
91
 
+
92
 
+                       // If no user_id is found for the username, create a new user
93
 
+                       if(!$user_id)
94
 
+                       {
95
 
+                               // Needed for IVLE auth overide
96
 
+                               include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
97
 
+                  
98
 
+                               // Add all users to the Registered Group
99
 
+                               $sql = 'SELECT group_id
100
 
+                                       FROM ' . GROUPS_TABLE . "
101
 
+                                       WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
102
 
+                                       AND group_type = " . GROUP_SPECIAL;
103
 
+                               $result = $db->sql_query($sql);
104
 
+                               $row = $db->sql_fetchrow($result);
105
 
+                               $db->sql_freeresult($result);
106
 
+                               if (!$row)
107
 
+                               {
108
 
+                                       trigger_error('NO_GROUP');
109
 
+                               }
110
 
+
111
 
+                               $group_id = $row['group_id'];
112
 
+
113
 
+                               // Get the Time and Timezone
114
 
+                               $timezone = date('Z') / 3600;
115
 
+                               $is_dst = date('I');
116
 
+                               $timezone = ($is_dst) ? $timezone - 1 : $timezone;
117
 
+                               
118
 
+                               // Fill into array
119
 
+                               $user_row = array(
120
 
+                                       'username'              => $ivle_uid,
121
 
+                                       'user_password'         => '', # Not a valid hash
122
 
+                                       'user_email'            => $ivle_email,
123
 
+                                       'group_id'              => (int) $group_id,
124
 
+                                       'user_timezone'         => (float) $timezone,
125
 
+                                       'user_dst'              => $is_dst,
126
 
+                                       'user_lang'             => 'en',
127
 
+                                       'user_type'             => USER_NORMAL,
128
 
+                                       'user_actkey'           => '',
129
 
+                                       'user_ip'               => $this->ip,
130
 
+                                       'user_regdate'          => time(),
131
 
+                                       'user_inactive_reason'  => 0,
132
 
+                                       'user_inactive_time'    => 0,
133
 
+                               );
134
 
+                        
135
 
+                               // Add user
136
 
+                               $user_id = user_add($user_row);
137
 
+
138
 
+                               // Add any aditional groups
139
 
+                               // Select the equvialent group
140
 
+                               $group = False;
141
 
+                               switch($ivle_role)
142
 
+                               {
143
 
+                                       case('admin'):
144
 
+                                               $group = 'ADMINISTRATORS';
145
 
+                                               break;
146
 
+                                       case('lecturer'):
147
 
+                                               $group = 'GLOBAL_MODERATORS';
148
 
+                                               break;
149
 
+                               }
150
 
+                               if ($group)
151
 
+                               {
152
 
+                                       // Find the group_id
153
 
+                                       $sql = 'SELECT group_id
154
 
+                                               FROM ' . GROUPS_TABLE . "
155
 
+                                               WHERE group_name = '" . $db->sql_escape($group) . "'
156
 
+                                               AND group_type = " . GROUP_SPECIAL;
157
 
+                                       
158
 
+                                       $result = $db->sql_query($sql);
159
 
+                                       $row = $db->sql_fetchrow($result);
160
 
+                                       $db->sql_freeresult($result);
161
 
+
162
 
+                                       if (!$row)
163
 
+                                       {
164
 
+                                               trigger_error('NO_GROUP');
165
 
+                                       }
166
 
+
167
 
+                                       $group_id = $row['group_id'];
168
 
+
169
 
+                                       group_user_add($group_id,Array($user_id));
170
 
+                               }
171
 
+                       }
172
 
+                       return $user_id;
173
 
+               }
174
 
+               else
175
 
+               {
176
 
+                       return False;
177
 
+               }
178
 
+       }
179
 
 }
180
 
 
181
 
 ?>
182
 
diff -Nur a/styles/prosilver/template/index_body.html b/styles/prosilver/template/index_body.html
183
 
--- a/styles/prosilver/template/index_body.html 2008-12-13 02:20:37.000000000 +1100
184
 
+++ b/styles/prosilver/template/index_body.html 2009-02-18 12:05:36.000000000 +1100
185
 
@@ -14,20 +14,6 @@
186
 
 
187
 
 <!-- INCLUDE forumlist_body.html -->
188
 
 
189
 
-<!-- IF not S_USER_LOGGED_IN and not S_IS_BOT -->
190
 
-       <form method="post" action="{S_LOGIN_ACTION}" class="headerspace">
191
 
-       <h3><a href="{U_LOGIN_LOGOUT}">{L_LOGIN_LOGOUT}</a><!-- IF S_REGISTER_ENABLED -->&nbsp; &bull; &nbsp;<a href="{U_REGISTER}">{L_REGISTER}</a><!-- ENDIF --></h3>
192
 
-               <fieldset class="quick-login">
193
 
-                       <label for="username">{L_USERNAME}:</label>&nbsp;<input type="text" name="username" id="username" size="10" class="inputbox" title="{L_USERNAME}" />  
194
 
-                       <label for="password">{L_PASSWORD}:</label>&nbsp;<input type="password" name="password" id="password" size="10" class="inputbox" title="{L_PASSWORD}" />
195
 
-                       <!-- IF S_AUTOLOGIN_ENABLED -->
196
 
-                               | <label for="autologin">{L_LOG_ME_IN} <input type="checkbox" name="autologin" id="autologin" /></label>
197
 
-                       <!-- ENDIF -->
198
 
-                       <input type="submit" name="login" value="{L_LOGIN}" class="button2" />
199
 
-               </fieldset>
200
 
-       </form>
201
 
-<!-- ENDIF -->
202
 
-
203
 
 <!-- IF S_DISPLAY_ONLINE_LIST -->
204
 
        <!-- IF U_VIEWONLINE --><h3><a href="{U_VIEWONLINE}">{L_WHO_IS_ONLINE}</a></h3><!-- ELSE --><h3>{L_WHO_IS_ONLINE}</h3><!-- ENDIF -->
205
 
        <p>{TOTAL_USERS_ONLINE} ({L_ONLINE_EXPLAIN})<br />{RECORD_USERS}<br /> <br />{LOGGED_IN_USER_LIST}
206
 
diff -Nur a/styles/prosilver/template/overall_header.html b/styles/prosilver/template/overall_header.html
207
 
--- a/styles/prosilver/template/overall_header.html     2008-12-13 02:20:37.000000000 +1100
208
 
+++ b/styles/prosilver/template/overall_header.html     2009-02-18 12:06:22.000000000 +1100
209
 
@@ -151,8 +151,6 @@
210
 
                                <li class="icon-faq"><a href="{U_FAQ}" title="{L_FAQ_EXPLAIN}">{L_FAQ}</a></li>
211
 
                                <!-- IF not S_IS_BOT -->
212
 
                                        <!-- IF S_DISPLAY_MEMBERLIST --><li class="icon-members"><a href="{U_MEMBERLIST}" title="{L_MEMBERLIST_EXPLAIN}">{L_MEMBERLIST}</a></li><!-- ENDIF -->
213
 
-                                       <!-- IF not S_USER_LOGGED_IN and S_REGISTER_ENABLED --><li class="icon-register"><a href="{U_REGISTER}">{L_REGISTER}</a></li><!-- ENDIF -->
214
 
-                                       <li class="icon-logout"><a href="{U_LOGIN_LOGOUT}" title="{L_LOGIN_LOGOUT}" accesskey="l">{L_LOGIN_LOGOUT}</a></li>
215
 
                                <!-- ENDIF -->
216
 
                        </ul>
217