XPressME Integration Kit

Trac

Context Navigation

source: trunk/wp-content/plugins/xpressme/include/pluggable-override.php @ 142

Visit:

Last change on this file since 142 was 131, checked in by toemon, 16 years ago
ImpressCMSのパスワードHash対応　#75 bump Ver0.13
File size: 7.1 KB

Rev	Line
[71]	1	<?php
	2	/**
	3	* XPress - WordPress for XOOPS
	4	*
	5	* Adding multi-author features to XPressME
	6	*
	7	* @copyright The XPressME project
	8	* @license http://www.fsf.org/copyleft/gpl.html GNU public license
	9	* @author toemon
	10	* @since 2.05
	11	* @version $Id$
	12	* @package module::xpress
	13	*/
	14
	15	// ********************************* Start Pluggable Function Edit (wp-include/pluggable.php) **********************************
	16
	17	if ( !function_exists('get_currentuserinfo') ) :
	18	function get_currentuserinfo() {
	19	global $current_user;
	20	global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
	21
	22
[87]	23	if ($xoopsModule){
[114]	24	if (!is_object($xoopsUser)){
	25	wp_set_current_user(0);
	26	wp_logout();
	27	return false;
	28	}
[87]	29	if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
	30	return false;
[71]	31
[114]	32	if ( ! empty($current_user) ){
	33	$xoops_user = $xoopsUser->getVar("uname");
	34	if ($current_user->user_login == $xoops_user)
	35	return;
	36	}
[71]	37
	38	if (check_xpress_auth_cookie()){ //The cookie is login user's or it checks it
	39	if ( $user = wp_validate_auth_cookie() ) {
	40	wp_set_current_user($user);
	41	return ;
	42	}
	43	}
[87]	44	xpress_login();
[71]	45
	46	} else {
	47	// WP2.7 original
	48	if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
	49	return false;
	50
	51	if ( ! empty($current_user) )
	52	return;
	53
	54	if ( ! $user = wp_validate_auth_cookie() ) {
	55	if ( empty($_COOKIE[LOGGED_IN_COOKIE]) \|\| !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
	56	wp_set_current_user(0);
	57	return false;
	58	}
	59	}
	60
	61	wp_set_current_user($user);
	62	}
	63	}
	64	endif;
	65
[96]	66	if ( !function_exists('xpress_login') ) :
[71]	67	function xpress_login(){
	68	global $current_user;
[130]	69	global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
[71]	70
[130]	71	if(is_object($xoopsUser)){
	72	$u_name = $xoopsUser->getVar("uname");
	73	$u_pass_md5 = $xoopsUser->getVar("pass");
[87]	74	if ( ! empty($u_name) && ! empty($u_pass_md5) ) {
	75	include_once dirname( __FILE__ ).'/user_sync_xoops.php';
	76	repair_user_meta_prefix(); //Repair when data base prefix is changed on XOOPS side
	77	$messege = '';
[130]	78	$ret = user_sync_to_wordpress($xoopsUser->getVar("uid"),$messege);
[87]	79	if ($ret){
	80	$user = new WP_User(0, $u_name);
	81	if ( wp_login($u_name, $u_pass_md5) ) {
	82	wp_setcookie($u_name, $u_pass_md5, true, '', '', false);
	83	do_action('wp_login', $u_name);
	84	wp_set_current_user($user->ID);
	85	return true;
[71]	86	}
	87	}
[87]	88	}
	89	}
	90	wp_set_current_user(0);
	91	return 0;
[71]	92	}
[96]	93	endif;
[71]	94
[96]	95	if ( !function_exists('check_xpress_auth_cookie') ) :
[71]	96	function check_xpress_auth_cookie() { // for wp2.5
	97	if ( empty($_COOKIE[AUTH_COOKIE]) ){
	98	return false;
	99	}
	100	$cookie = $_COOKIE[AUTH_COOKIE];
	101
	102	$cookie_elements = explode('\|', $cookie);
	103	if ( count($cookie_elements) != 3 ){
	104	return false;
	105	}
	106
	107	if(is_object($GLOBALS["xoopsModule"])){
	108	// && WP_BLOG_DIRNAME == $GLOBALS["xoopsModule"]->getVar("dirname")){
	109	if(is_object($GLOBALS["xoopsUser"])){
	110	$u_name = $GLOBALS["xoopsUser"]->getVar("uname");
	111	list($username, $expiration, $hmac) = $cookie_elements;
	112	if ($u_name == $username) {
	113	return true;
	114	}
	115	}
	116	} else {
	117	$mydirname = basename( dirname( dirname( __FILE__ ) ) ) ;
	118	$org_url = $_SERVER['REQUEST_URI'];
	119	$needle = '/modules/' . $mydirname . '/wp-admin/';
	120	if (strstr($org_url , $needle)){
	121	return true;
	122	}
	123	}
	124	return false;
	125	}
[96]	126	endif;
[71]	127
[83]	128	if ( !function_exists('wp_check_password') ) :
[71]	129	// for wordpress2.5
	130	function wp_check_password($password, $hash, $user_id = '') {
	131	global $wp_hasher;
[131]	132	global $xoops_config,$xoops_db;
[71]	133
[131]	134	// For attestation when password has been sent as hash value. (When having logged it in from Xoops and ImpressCMS)
	135	if ($hash == $password){
[130]	136	return apply_filters('check_password', true, $password, $hash, $user_id);
	137	}
[131]	138
	139	// Password authentication for Xoops
	140	if ( strlen($hash) <= 32 ) {
	141	$check = ( $hash == md5($password) );
	142	return apply_filters('check_password', $check, $password, $hash, $user_id);
	143	}
	144
	145	// Password authentication for ImpressCMS
	146	if($xoops_config->is_impress && function_exists('hash')){
	147	$mainSalt = $xoops_config->xoops_db_salt;
	148	// get user salt
	149	$xpress_user_db = $xoops_config->module_db_prefix . 'users';
	150	$xoops_user_db = $xoops_config->xoops_db_prefix . '_users';
	151	$login_name = $xoops_db->get_var("SELECT user_login FROM $xpress_user_db WHERE ID = $user_id");
	152	$user_salt = $xoops_db->get_var("SELECT salt FROM $xoops_user_db WHERE uname = '$login_name'");
	153	// Make Impress hash
	154	$impress_hash = hash('sha256', $user_salt.md5($password).$mainSalt);
	155	if ($hash == $impress_hash){
	156	return apply_filters('check_password', true, $password, $hash, $user_id);
	157	}
	158	}
	159
[71]	160	// If the hash is still md5...
	161	if ( strlen($hash) <= 32 ) {
[130]	162	$check = ( $hash == md5($password) );
[71]	163	/* A new hash is not used because it differs from the hash on the XOOPS password.
	164	* if ( $check && $user_id ) {
	165	* // Rehash using new hash.
	166	* wp_set_password($password, $user_id);
	167	* $hash = wp_hash_password($password);
	168	* }
	169	*/
	170	return apply_filters('check_password', $check, $password, $hash, $user_id);
	171	}
	172
	173	// If the stored hash is longer than an MD5, presume the
	174	// new style phpass portable hash.
	175	if ( empty($wp_hasher) ) {
	176	require_once( ABSPATH . 'wp-includes/class-phpass.php');
	177	// By default, use the portable hash from phpass
	178	$wp_hasher = new PasswordHash(8, TRUE);
	179	}
	180
	181	$check = $wp_hasher->CheckPassword($password, $hash);
	182
	183	return apply_filters('check_password', $check, $password, $hash, $user_id);
	184	}
[83]	185	endif;
[71]	186
[83]	187	if ( !function_exists('wp_redirect') ) :
[71]	188	function wp_redirect($location, $status = 302) {
[123]	189	global $is_IIS,$xoops_config,$action;
[71]	190
[114]	191	if ($location == 'wp-login.php?loggedout=true') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at wp logout
	192	if ($location == 'wp-login.php?action=register') $location = $xoops_config->xoops_url."/register.php"; //wp-register to xoops register
[123]	193	if ($action == 'logout') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at comment logout
[71]	194
	195	$location = apply_filters('wp_redirect', $location, $status);
	196	$status = apply_filters('wp_redirect_status', $status, $location);
	197
	198	if ( !$location ) // allows the wp_redirect filter to cancel a redirect
	199	return false;
	200
	201	$location = wp_sanitize_redirect($location);
	202
	203	if ( $is_IIS ) {
	204	header("Refresh: 0;url=$location");
	205	} else {
	206	if ( php_sapi_name() != 'cgi-fcgi' )
	207	status_header($status); // This causes problems on IIS and some FastCGI setups
	208	header("Location: $location");
	209	}
	210	}
[83]	211	endif;
[71]	212
[83]	213	if ( !function_exists('wp_hash_password') ) :
[71]	214	function wp_hash_password($password) {
	215	global $wp_hasher;
	216	return md5($password); // A new hash is not used because it differs from the hash on the XOOPS password.
	217	/*
	218	if ( empty($wp_hasher) ) {
	219	require_once( ABSPATH . 'wp-includes/class-phpass.php');
	220	// By default, use the portable hash from phpass
	221	$wp_hasher = new PasswordHash(8, TRUE);
	222	}
	223
	224	return $wp_hasher->HashPassword($password);
	225	*/
	226	}
[83]	227	endif;
[71]	228	// ********************************* End Of Pluggable Function Edit (wp-include/pluggable.php) **********************************
	229
	230	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: