<?php
/*
 * Sign in DokuWiki via SMF database
 *
 * Features:
 *  - Full support of usernames with non-ASCII symbols
 *  - Allow to login by email (like in SMF)
 *  - Full support of user's groups
 *  - Support of getting user's list at Doku admin page with simple filter
 *  - Doesn't support any operations, which modify SMF database
 *
 * @license GPLv3 (http://www.gnu.org/licenses/gpl.html)
 * @author Vadim Nevorotin <malamut@ubuntu.ru>
 *
 * Requirements: SMF 1.x with utf8 encoding in database
 * Tested with DokuWiki 2009-12-25c "Lemming"
*/

// We need basic auth_mysql class
require_once(dirname(__FILE__).'/mysql.class.php');

/*
 * IMPORTANT! Change to your path to SMF installation!
 * Or comment two next lines and manually add all database parameters in constructor
*/
if (!defined('SMF_SETTINGS'))
	define('SMF_SETTINGS', 'e:/data/web/forum2/Settings.php');

class auth_smf extends auth_mysql {

	/*
	 * Constructor
	*/
	function auth_smf() {
		// DokuWiki configurations array
		global $conf;
		// SMF database settings
		if (defined('SMF_SETTINGS')) {
			// If defined path to SMF settings file - include it and get all settings from this file
			include(SMF_SETTINGS);
			$this->db_server	= $db_server;
			$this->db_name		= $db_name;
			$this->db_user		= $db_user;
			$this->db_passwd	= $db_passwd;
			$this->db_prefix	= $db_prefix;
			$this->smf_url		= $boardurl;
		} else {
			// Alternativelly you can manually set all settings (don't forget to comment two lines above!)
			$this->db_server	= 'localhost';
			$this->db_name		= 'smf';
			$this->db_user		= 'smf';
			$this->db_passwd	= 'PROTECTED';
			$this->db_prefix	= 'smf_';
			$this->smf_url		= 'http://forum.domain.com';
		}
	
		// Database settings
		$conf['auth']['mysql']['server']	= $this->db_server;
		$conf['auth']['mysql']['database']	= $this->db_name;
		$conf['auth']['mysql']['user']		= $this->db_user;
		$conf['auth']['mysql']['password']	= $this->db_passwd;
		
		// Charset must be utf8, but of course you isn't so stupid to use other encoding in you database
		$conf['auth']['mysql']['charset'] = "utf8";

		// Doesn't use password encryption by DokuWiki
		$conf['auth']['mysql']['forwardClearPass'] = 1;

		/* 
		 * Minimum requirements for authorization
		*/
		// Meaning of this request is changed from auth-mysql. Look to checkPass() function below
		$conf['auth']['mysql']['checkPass']   = "SELECT passwd
													 FROM smf_members
													 WHERE member_Name = '%{user}'
													 AND passwd = SHA1(concat(LOWER(member_Name), '%{pass}'))";
		// Ok, we can also login with email like in SMF. Look to checkPass() function below
		$conf['auth']['mysql']['checkPass-e']	= "SELECT member_name, passwd
													FROM {$this->db_prefix}members
													WHERE email_address = '%{user}'";
	 
		$conf['auth']['mysql']['getUserInfo'] = "SELECT passwd AS pass, real_Name AS name, email_Address AS mail
													 FROM smf_members
													 WHERE member_Name = '%{user}'";
	 
		// `group` really must be in quotes
		$conf['auth']['mysql']['getGroups']   = "SELECT replace(group_name, ' ', '_') as `group`
													FROM smf2.smf_membergroups g, smf2.smf_members m
													WHERE m.member_Name = '%{user}'
													AND m.id_post_group = g.id_group";
		/*
		 * Minimum requirements for basic user manager support
		*/
		// We should join with group table to use filters
		$conf['auth']['mysql']['getUsers']    = "SELECT DISTINCT member_Name AS user
													FROM smf_members AS u
													LEFT JOIN smf_membergroups AS g ON u.ID_GROUP=g.ID_GROUP";
		$conf['auth']['mysql']['FilterLogin'] = "u.member_Name LIKE '%{user}'";
		$conf['auth']['mysql']['FilterName']  = "u.real_Name LIKE '%{name}'";
		$conf['auth']['mysql']['FilterEmail'] = "u.email_Address LIKE '%{email}'";
		$conf['auth']['mysql']['FilterGroup'] = "g.group_Name LIKE '%{group}'";
		$conf['auth']['mysql']['SortOrder']   = "ORDER BY u.member_Name";

		/*
		 * We don't really want to destroy our database accidentally, isn't so?
		*/
		$conf['auth']['mysql']['addUser']		= "";
		$conf['auth']['mysql']['delUser']		= "";
		$conf['auth']['mysql']['updateUser']	= "";
		$conf['auth']['mysql']['addUserGroup']	= "";
		$conf['auth']['mysql']['delUserGroup']	= "";
		$conf['auth']['mysql']['addGroup']		= "";
		$conf['auth']['mysql']['delGroup']		= "";
		$conf['auth']['mysql']['UpdateTarget']	= "";

		// Call parent constructor for other initialization
		$this->auth_mysql();
	}
	
	/*
	 * Redefine checking password function from mysql.class.php to use SMF specific password check
	 *
	 * @param  $user  user who would like access
	 * @param  $pass  user's clear text password to check
	 * @return bool
	*/
	function checkPass(&$user,$pass) {
		$rc  = false;

		if ($this->_openDB()) {
			$sql = str_replace('%{user}', $this->_escape($user), $this->cnf['checkPass']);
			$sql    = str_replace('%{pass}',$this->_escape($pass),$sql);
			$result = $this->_queryDB($sql);
			if ($result != false && count($result) == 1) {
				// Encrypt password like in SMF

				$encpass = sha1(strtolower($user) . $pass);
				// Check password...
				if ($encpass == $result[0]['passwd']) {
					echo 'true!';
					$rc = true;

				}
			} else {
				// Ok, now try to login with email
				$sql = str_replace('%{user}', $this->_escape($user), $this->cnf['checkPass-e']);
				$result = $this->_queryDB($sql);

				if($result != false && count($result) == 1) {
					// Encrypt password like in SMF
					$encpass = sha1(strtolower($result[0]['member_name']) . $this->_escape($pass));
					// Check password...
					if ($encpass == $result[0]['passwd']) {
						$rc = true;
						// We want username to be exactly as in SMF database, not email ;)
						$user = $result[0]['member_name'];
					}
				}
			}
			$this->_closeDB();
		}
		return $rc;
	}
	
}