XPressME Integration Kit

Trac

Context Navigation

source: trunk/wp-content/plugins/xpressme/include/pluggable-override.php @ 131

Visit:

Last change on this file since 131 was 131, checked in by toemon, 15 years ago
ImpressCMSのパスワードHash対応　#75 bump Ver0.13
File size: 7.1 KB

Line
1	<?php
2	/**
3	* XPress - WordPress for XOOPS
4	*
5	* Adding multi-author features to XPressME
6	*
7	* @copyright The XPressME project
8	* @license http://www.fsf.org/copyleft/gpl.html GNU public license
9	* @author toemon
10	* @since 2.05
11	* @version $Id$
12	* @package module::xpress
13	*/
14
15	// ********************************* Start Pluggable Function Edit (wp-include/pluggable.php) **********************************
16
17	if ( !function_exists('get_currentuserinfo') ) :
18	function get_currentuserinfo() {
19	global $current_user;
20	global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
21
22
23	if ($xoopsModule){
24	if (!is_object($xoopsUser)){
25	wp_set_current_user(0);
26	wp_logout();
27	return false;
28	}
29	if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
30	return false;
31
32	if ( ! empty($current_user) ){
33	$xoops_user = $xoopsUser->getVar("uname");
34	if ($current_user->user_login == $xoops_user)
35	return;
36	}
37
38	if (check_xpress_auth_cookie()){ //The cookie is login user's or it checks it
39	if ( $user = wp_validate_auth_cookie() ) {
40	wp_set_current_user($user);
41	return ;
42	}
43	}
44	xpress_login();
45
46	} else {
47	// WP2.7 original
48	if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
49	return false;
50
51	if ( ! empty($current_user) )
52	return;
53
54	if ( ! $user = wp_validate_auth_cookie() ) {
55	if ( empty($_COOKIE[LOGGED_IN_COOKIE]) \|\| !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
56	wp_set_current_user(0);
57	return false;
58	}
59	}
60
61	wp_set_current_user($user);
62	}
63	}
64	endif;
65
66	if ( !function_exists('xpress_login') ) :
67	function xpress_login(){
68	global $current_user;
69	global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
70
71	if(is_object($xoopsUser)){
72	$u_name = $xoopsUser->getVar("uname");
73	$u_pass_md5 = $xoopsUser->getVar("pass");
74	if ( ! empty($u_name) && ! empty($u_pass_md5) ) {
75	include_once dirname( __FILE__ ).'/user_sync_xoops.php';
76	repair_user_meta_prefix(); //Repair when data base prefix is changed on XOOPS side
77	$messege = '';
78	$ret = user_sync_to_wordpress($xoopsUser->getVar("uid"),$messege);
79	if ($ret){
80	$user = new WP_User(0, $u_name);
81	if ( wp_login($u_name, $u_pass_md5) ) {
82	wp_setcookie($u_name, $u_pass_md5, true, '', '', false);
83	do_action('wp_login', $u_name);
84	wp_set_current_user($user->ID);
85	return true;
86	}
87	}
88	}
89	}
90	wp_set_current_user(0);
91	return 0;
92	}
93	endif;
94
95	if ( !function_exists('check_xpress_auth_cookie') ) :
96	function check_xpress_auth_cookie() { // for wp2.5
97	if ( empty($_COOKIE[AUTH_COOKIE]) ){
98	return false;
99	}
100	$cookie = $_COOKIE[AUTH_COOKIE];
101
102	$cookie_elements = explode('\|', $cookie);
103	if ( count($cookie_elements) != 3 ){
104	return false;
105	}
106
107	if(is_object($GLOBALS["xoopsModule"])){
108	// && WP_BLOG_DIRNAME == $GLOBALS["xoopsModule"]->getVar("dirname")){
109	if(is_object($GLOBALS["xoopsUser"])){
110	$u_name = $GLOBALS["xoopsUser"]->getVar("uname");
111	list($username, $expiration, $hmac) = $cookie_elements;
112	if ($u_name == $username) {
113	return true;
114	}
115	}
116	} else {
117	$mydirname = basename( dirname( dirname( __FILE__ ) ) ) ;
118	$org_url = $_SERVER['REQUEST_URI'];
119	$needle = '/modules/' . $mydirname . '/wp-admin/';
120	if (strstr($org_url , $needle)){
121	return true;
122	}
123	}
124	return false;
125	}
126	endif;
127
128	if ( !function_exists('wp_check_password') ) :
129	// for wordpress2.5
130	function wp_check_password($password, $hash, $user_id = '') {
131	global $wp_hasher;
132	global $xoops_config,$xoops_db;
133
134	// For attestation when password has been sent as hash value. (When having logged it in from Xoops and ImpressCMS)
135	if ($hash == $password){
136	return apply_filters('check_password', true, $password, $hash, $user_id);
137	}
138
139	// Password authentication for Xoops
140	if ( strlen($hash) <= 32 ) {
141	$check = ( $hash == md5($password) );
142	return apply_filters('check_password', $check, $password, $hash, $user_id);
143	}
144
145	// Password authentication for ImpressCMS
146	if($xoops_config->is_impress && function_exists('hash')){
147	$mainSalt = $xoops_config->xoops_db_salt;
148	// get user salt
149	$xpress_user_db = $xoops_config->module_db_prefix . 'users';
150	$xoops_user_db = $xoops_config->xoops_db_prefix . '_users';
151	$login_name = $xoops_db->get_var("SELECT user_login FROM $xpress_user_db WHERE ID = $user_id");
152	$user_salt = $xoops_db->get_var("SELECT salt FROM $xoops_user_db WHERE uname = '$login_name'");
153	// Make Impress hash
154	$impress_hash = hash('sha256', $user_salt.md5($password).$mainSalt);
155	if ($hash == $impress_hash){
156	return apply_filters('check_password', true, $password, $hash, $user_id);
157	}
158	}
159
160	// If the hash is still md5...
161	if ( strlen($hash) <= 32 ) {
162	$check = ( $hash == md5($password) );
163	/* A new hash is not used because it differs from the hash on the XOOPS password.
164	* if ( $check && $user_id ) {
165	* // Rehash using new hash.
166	* wp_set_password($password, $user_id);
167	* $hash = wp_hash_password($password);
168	* }
169	*/
170	return apply_filters('check_password', $check, $password, $hash, $user_id);
171	}
172
173	// If the stored hash is longer than an MD5, presume the
174	// new style phpass portable hash.
175	if ( empty($wp_hasher) ) {
176	require_once( ABSPATH . 'wp-includes/class-phpass.php');
177	// By default, use the portable hash from phpass
178	$wp_hasher = new PasswordHash(8, TRUE);
179	}
180
181	$check = $wp_hasher->CheckPassword($password, $hash);
182
183	return apply_filters('check_password', $check, $password, $hash, $user_id);
184	}
185	endif;
186
187	if ( !function_exists('wp_redirect') ) :
188	function wp_redirect($location, $status = 302) {
189	global $is_IIS,$xoops_config,$action;
190
191	if ($location == 'wp-login.php?loggedout=true') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at wp logout
192	if ($location == 'wp-login.php?action=register') $location = $xoops_config->xoops_url."/register.php"; //wp-register to xoops register
193	if ($action == 'logout') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at comment logout
194
195	$location = apply_filters('wp_redirect', $location, $status);
196	$status = apply_filters('wp_redirect_status', $status, $location);
197
198	if ( !$location ) // allows the wp_redirect filter to cancel a redirect
199	return false;
200
201	$location = wp_sanitize_redirect($location);
202
203	if ( $is_IIS ) {
204	header("Refresh: 0;url=$location");
205	} else {
206	if ( php_sapi_name() != 'cgi-fcgi' )
207	status_header($status); // This causes problems on IIS and some FastCGI setups
208	header("Location: $location");
209	}
210	}
211	endif;
212
213	if ( !function_exists('wp_hash_password') ) :
214	function wp_hash_password($password) {
215	global $wp_hasher;
216	return md5($password); // A new hash is not used because it differs from the hash on the XOOPS password.
217	/*
218	if ( empty($wp_hasher) ) {
219	require_once( ABSPATH . 'wp-includes/class-phpass.php');
220	// By default, use the portable hash from phpass
221	$wp_hasher = new PasswordHash(8, TRUE);
222	}
223
224	return $wp_hasher->HashPassword($password);
225	*/
226	}
227	endif;
228	// ********************************* End Of Pluggable Function Edit (wp-include/pluggable.php) **********************************
229
230	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: