<?php
/**
 * Wordpress auth backend for DokuWiki
 * Version 1.1 (3rd October 2006)
 * http://thedeadone.net/software/getting-dokuwiki-to-use-wordpress-authentication/
 *
 * Uses external Trust mechanism to check against Wordpress's
 * user cookie. Wordpress's WP_ROOT must be defined correctly.
 *
 * The usergroup and groups SQL tables do not exist in the WP
 * schema. You must add these manually. Please refer to the
 * readme.txt for more details.
 *
 * @author Mark Cunningham <Mark.Cunningham@gmail.com>
 */

if(!defined('WP_ROOT')) define('WP_ROOT', DOKU_INC.'../');

require_once WP_ROOT.'wp-config.php';
require_once DOKU_INC.'inc/auth/mysql.class.php';

class auth_wordpress extends auth_mysql {

  /**
   * Constructor.
   *
   * Sets additional capabilities and config strings
   */
  function auth_wordpress(){
    global $conf;
    global $table_prefix;

    // SQL setup for Wordpress

        $this->cando['getGroups']    = true;
        
        $conf['auth']['mysql']['server']   = DB_HOST;
    $conf['auth']['mysql']['user']     = DB_USER;
    $conf['auth']['mysql']['password'] = DB_PASSWORD;
    $conf['auth']['mysql']['database'] = DB_NAME;

    $conf['auth']['mysql']['debug'] = 1;

    $conf['auth']['mysql']['forwardClearPass'] = 0;
    $conf['auth']['mysql']['TablesToLock']= array("${table_prefix}users",
                                                  "${table_prefix}users AS u",
                                                  "${table_prefix}dw_groups",
                                                  "${table_prefix}dw_groups AS g",
                                                  "${table_prefix}dw_usergroup",
                                                  "${table_prefix}dw_usergroup AS ug");

    $conf['auth']['mysql']['checkPass']   = "SELECT user_pass AS pass
                                             FROM ${table_prefix}users
                                             WHERE user_login='%{user}'";

    $conf['auth']['mysql']['getUserInfo']   = "SELECT user_pass AS pass,
                                               user_nicename AS name,
                                               user_email AS mail
                                               FROM ${table_prefix}users
                                               WHERE user_login='%{user}'";

    $conf['auth']['mysql']['getGroups']   = "SELECT name as `group`
                                             FROM ${table_prefix}dw_groups g,
                                                  ${table_prefix}users u,
                                                  ${table_prefix}dw_usergroup ug
                                             WHERE u.ID = ug.uid
                                             AND g.gid = ug.gid
                                             AND u.user_login='%{user}'";

    $conf['auth']['mysql']['getUsers']    = "SELECT DISTINCT user_login AS user
                                             FROM ${table_prefix}users AS u
                                             LEFT JOIN ${table_prefix}dw_usergroup AS ug ON u.ID=ug.uid
                                             LEFT JOIN ${table_prefix}dw_groups AS g ON ug.gid=g.gid";
    $conf['auth']['mysql']['FilterLogin'] = "user_login LIKE '%{user}'";
    $conf['auth']['mysql']['FilterName']  = "user_nicename LIKE '%{name}'";
    $conf['auth']['mysql']['FilterEmail'] = "user_email LIKE '%{email}'";
    $conf['auth']['mysql']['FilterGroup'] = "name LIKE '%{group}'";
    $conf['auth']['mysql']['SortOrder']   = "ORDER BY user_login";

    /* Not recommended to add users via this interface! */
    $conf['auth']['mysql']['addUser']     = "INSERT INTO ${table_prefix}users
                                             (user_login, user_pass, user_email, user_nicename, RoleId)
                                             VALUES ('%{user}', '%{pass}', '%{email}', '%{name}' )";

    $conf['auth']['mysql']['addGroup']    = "INSERT INTO ${table_prefix}dw_groups (name)
                                             VALUES ('%{group}')";

    $conf['auth']['mysql']['addUserGroup']= "INSERT INTO ${table_prefix}dw_usergroup (uid, gid)
                                             VALUES (%{uid}, %{gid})";

    $conf['auth']['mysql']['delGroup']    = "DELETE FROM ${table_prefix}dw_groups
                                             WHERE gid='%{gid}'";

    $conf['auth']['mysql']['getUserID']   = "SELECT ID AS id
                                             FROM ${table_prefix}users
                                             WHERE user_login='%{user}'";

    $conf['auth']['mysql']['delUser']     = "DELETE FROM ${table_prefix}users
                                             WHERE ID='%{uid}'";

    $conf['auth']['mysql']['delUserRefs'] = "DELETE FROM ${table_prefix}dw_usergroup
                                             WHERE uid='%{uid}'";

    $conf['auth']['mysql']['updateUser']  = "UPDATE ${table_prefix}users SET";
    $conf['auth']['mysql']['UpdateLogin'] = "user_login='%{user}'";
    $conf['auth']['mysql']['UpdatePass']  = "user_pass='%{pass}'";
    $conf['auth']['mysql']['UpdateEmail'] = "user_email='%{email}'";
    $conf['auth']['mysql']['UpdateName']  = "user_nicename='%{name}'";
    $conf['auth']['mysql']['UpdateTarget']= "WHERE ID=%{uid}";

    $conf['auth']['mysql']['delUserGroup']= "DELETE FROM ${table_prefix}dw_usergroup
                                             WHERE uid='%{uid}'
                                             AND gid='%{gid}'";

    $conf['auth']['mysql']['getGroupID']  = "SELECT gid AS id
                                             FROM ${table_prefix}dw_groups
                                             WHERE name='%{group}'";
    $this->cando['external'] = true;
    $this->cando['logoff']   = true;

    // call mysql constructor
    $this->auth_mysql();
  }

  /**
   * Adds default group (normally "users"), to any user. This is because Wordpress
   * does not have user groups and therefore existing WP users will have no group.
   */
  function _getGroups($user) {
      $groups = array();
      $defgrp = true;
      if($this->dbcon) {
        $sql = str_replace('%{user}',$this->_escape($user),$this->cnf['getGroups']);
        $result = $this->_queryDB($sql);

        if(count($result)) {
          foreach($result as $row) {
            if($row['group'] == $this->defaultgroup){
               $defgrp = false;
            }
            $groups[] = $row['group'];
          }
        }
        if($defgrp == true){
          $groups[] = $this->defaultgroup;
        }
        return $groups;
      }
      return false;
  }

  /**
   * Check against wordpress login!
   */
  function trustExternal($user,$pass,$sticky=false){
    global $USERINFO;
    global $conf;
    global $lang;

    $sticky ? $sticky = true : $sticky = false; //sanity check
    $go = false;

    // kill magic quotes... again!
    if (get_magic_quotes_gpc() || !defined('MAGIC_QUOTES_STRIPPED') ) {
        if (!empty($_GET))    remove_magic_quotes($_GET);
        if (!empty($_POST))   remove_magic_quotes($_POST);
        if (!empty($_COOKIE)) remove_magic_quotes($_COOKIE);
        if (!empty($_REQUEST)) remove_magic_quotes($_REQUEST);
#        if (!empty($_SESSION)) remove_magic_quotes($_SESSION); #FIXME needed ?
        @ini_set('magic_quotes_gpc', 0);
        define('MAGIC_QUOTES_STRIPPED', 1);
    }
    @set_magic_quotes_runtime(0);
    @ini_set('magic_quotes_sybase',0);

    // someone used the login form!
    if(!empty($user)){
      if($this->checkPass($user,$pass)){

         /* Copied this from wp-login.php, not sure exactly what it's doing!
            But we know everything is good so we should be logged in! */

         do_action_ref_array('wp_authenticate', array(&$user, &$pass));
         $user_obj = new WP_User(0, $user);
         wp_login($user, $pass, true);
         wp_setcookie($user, $pass, false, '', '', false);
         do_action('wp_login', $user);

         $USERINFO['pass'] = $pass;
         $USERINFO['login'] = $user;
         $go = true;

      } else {
        //invalid credentials - log off
        msg($lang['badlogin'],-1);
        auth_logoff();
        return false;
      }
    }

    // logged in via wordpress
    if ( is_user_logged_in() ) {
       global $userdata;
       get_currentuserinfo();
       $user = $userdata->user_login;
       $pass = $userdata->user_pass;
       $USERINFO['pass'] = $userdata->user_pass;
       $USERINFO['login'] = $userdata->user_login;
       $go = true;
    }

    if($go == true)
    {
       // grab the rest from the db
       $info = $this->getUserData($user);
       $USERINFO['name'] = $info['name'];
       $USERINFO['grps'] = $info['grps'];
       $USERINFO['mail'] = $info['mail'];

       $_SERVER['REMOTE_USER'] = $user;
       $_SESSION[DOKU_COOKIE]['auth']['user'] = $user;
       $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
       return true;
    }

    // to be sure
    auth_logoff();
    return false;
  }

  /**
   * remove cookie on logout
   */
  function logOff(){
    wp_clearcookie();
    do_action('wp_logout');
    nocache_headers();
  }

  /**
   * Want to keep the database connection open so that we can use
   * WP theme template tags when we are logged in.
   */
  function _closeDB() {
     /* Do nothing. Do not want to close the database
      * connection at all! */
  }

}

// Setup VIM: ex et=1 ts=4