/**
* Perform an action requested by the user mapper
*/
function wpu_process_mapaction()
{
global $phpbbForum, $db, $wpdb, $phpbb_root_path, $phpEx;
wpu_ajax_header();
echo '<wpumapaction>';
$action = isset($_POST['type']) ? (string) $_POST['type'] : '';
$userID = isset($_POST['userid']) ? (int) $_POST['userid'] : 0;
$intUserID = isset($_POST['intuserid']) ? (int) $_POST['intuserid'] : 0;
$package = isset($_POST['package']) ? (string) $_POST['package'] : '';
if (empty($action) || empty($userID) || empty($package) || $action == 'delboth' && empty($intUserID) || $action == 'break' && empty($intUserID) || $action == 'sync' && empty($intUserID)) {
wpu_map_action_error('Cannot perform action, required details are missing');
}
require_once $phpbb_root_path . 'includes/functions_user.' . $phpEx;
switch ($action) {
case 'del':
if ($package == 'wp') {
// First break if the user is integrated
wpu_map_break($userID);
wp_delete_user($userID, '0');
} else {
$fStateChanged = $phpbbForum->foreground();
user_delete('retain', $userID);
$phpbbForum->background($fStateChanged);
}
echo '<status>OK</status>';
break;
case 'delboth':
$wUserID = $package == 'wp' ? $userID : $intUserID;
$pUserID = $package == 'wp' ? $intUserID : $userID;
wp_delete_user($wUserID, '0');
$fStateChanged = $phpbbForum->foreground();
user_delete('retain', $pUserID);
$phpbbForum->background($fStateChanged);
echo '<status>OK</status>';
break;
case 'integrate':
$wUserID = $package == 'wp' ? $userID : $intUserID;
$pUserID = $package == 'wp' ? $intUserID : $userID;
if (!empty($wUserID) && !empty($pUserID)) {
wpu_update_int_id($pUserID, $wUserID);
// Sync profiles
$wpuNewDetails = $phpbbForum->get_userdata('', $pUserID);
$phpbbForum->background($fStateChanged);
$wpUsrData = get_userdata($wUserID);
// Don't modify passwords
wpu_sync_profiles($wpUsrData, $wpuNewDetails, 'sync', true);
echo '<status>OK</status>';
}
break;
case 'break':
$id = $package == 'wp' ? $userID : $intUserID;
wpu_map_break($id);
echo '<status>OK</status>';
break;
case 'sync':
$wpUserID = $package == 'wp' ? $userID : $intUserID;
$pUserID = $package == 'wp' ? $intUserID : $userID;
$wpUsrData = get_userdata($wpUserID);
$pUsrData = $phpbbForum->get_userdata('', $pUserID);
wpu_sync_profiles($wpUsrData, $pUsrData, 'sync', true);
echo '<status>OK</status>';
break;
case 'createin':
// create user in phpBB
if ($package == 'phpbb') {
$phpbbID = wpu_create_phpbb_user($userID);
if ($phpbbID == 0) {
die('<status>FAIL</status><details>' . __('Could not add user to phpBB', 'wp-united') . '</details></wpumapaction>');
} else {
if ($phpbbID == -1) {
die('<status>FAIL</status><details>' . __('A suitable username could not be found in phpBB', 'wp-united') . '</details></wpumapaction>');
}
}
wpu_sync_profiles(get_userdata($userID), $phpbbForum->get_userdata('', $phpbbID), 'wp-update');
} else {
// create user in WordPress
$wpuNewDetails = $phpbbForum->get_userdata('', $userID);
require_once ABSPATH . WPINC . '/registration.php';
if (!($userLevel = wpu_get_user_level($userID))) {
die('<status>FAIL</status><details>' . __('Cannot create integrated user, as they would have no integration permissions.', 'wp-united') . '</details></wpumapaction>');
}
$newUserID = wpu_create_wp_user($wpuNewDetails['username'], $wpuNewDetails['user_password'], $wpuNewDetails);
if ($newUserID) {
if ($wpUser = get_userdata($newUserID)) {
wpu_update_int_id($userID, $wpUser->ID);
wpu_sync_profiles($wpUser, $wpuNewDetails, 'phpbb-update');
wpu_set_role($wpUser->ID, $userLevel);
}
} else {
die('<status>FAIL</status><details>' . __('Could not add user to WordPress', 'wp-united') . '</details></wpumapaction>');
}
}
echo '<status>OK</status>';
break;
}
echo '<nonce>' . wp_create_nonce('wp-united-mapaction') . '</nonce>';
echo '</wpumapaction>';
die;
}
/**
* checks a login with username and password. If it failed, but the user they tried to log in as
* has an integrated phpBB user with a correct username and password, allow the login to proceed
* @param mixed $user WP_User|WP_Error|null a user object if the user has already successfully authenticated
* @param string $username attempted username
* @param string $password attempted password
* @return an authenticated WP_User object, or WP_Error or void on error
*/
public function authenticate($user, $username, $password)
{
global $phpbbForum;
if (is_a($user, 'WP_User')) {
return $user;
}
if (!$this->is_working()) {
return $user;
}
if (!$this->get_setting('integrateLogin')) {
return;
}
// phpBB does some processing of inbound strings so password could be modified
set_var($phpbbPass, stripslashes($password), 'string', true);
if (!$phpbbForum->login($username, $phpbbPass)) {
return $user;
// return an error
}
if ($integratedID = wpu_get_integration_id()) {
return get_userdata($integratedID);
}
// If we've got here, we have a valid phpBB user that isn't integrated in WordPress
// Should this phpBB user get an account? If not, we can just stay unintegrated
if (!$this->get_setting('integcreatewp') || !($userLevel = wpu_get_user_level())) {
return $user;
}
$signUpName = $phpbbForum->get_username();
$newUserID = wpu_create_wp_user($signUpName, $phpbbForum->get_userdata('user_password'), $phpbbForum->get_userdata('user_email'));
if ($newUserID) {
if (!is_a($newUserID, 'WP_Error')) {
wpu_set_role($newUserID, $userLevel);
wpu_update_int_id($phpbbForum->get_userdata('user_id'), $newUserID);
wpu_sync_profiles(get_userdata($newUserID), $phpbbForum->get_userdata(), 'sync');
return get_userdata($newUserID);
}
}
//just return whatever error was passed in
return $user;
}
function wpu_int_phpbb_logged_in()
{
global $wpUnited, $wpuDebug, $phpbbForum, $wpUnited, $current_user;
$wpuDebug->add('phpBB already logged in.');
// Check if user is logged into WP
get_currentuserinfo();
$currWPUser = $current_user;
if ($currWPUser->ID) {
$wpuDebug->add('WP already logged in, user ='******'session_autologin');
// This user is logged in to phpBB and needs to be integrated. Do they already have an integrated WP account?
if ($integratedID = wpu_get_integration_id()) {
$wpuDebug->add("phpBB account is integrated to WP account ID = {$integratedID}.");
if ($currWPUser->ID === (int) $integratedID) {
$wpuDebug->add('User is already logged in and integrated to correct account, nothing to do.');
return $currWPUser->ID;
} else {
$wpuDebug->add(sprintf('Integrated user ID is %d but WordPress ID is %s', $integratedID, $currWPUser->ID));
}
// they already have a WP account, log them in to it and ensure they have the correct details
if (!($currWPUser = get_userdata($integratedID))) {
$wpuDebug->add("Failed to fetch WordPress user details for user ID = {$integratedID}. Maybe they were deleted? Giving up.");
return false;
}
wp_set_current_user($currWPUser->ID);
wp_set_auth_cookie($currWPUser->ID, $persist);
$wpuDebug->add('WordPress user set to integrated user.');
return $currWPUser->ID;
} else {
$wpuDebug->add('User is not integrated yet.');
//Is this user already logged into WP? If so then just link the two logged in accounts
if ($currWPUser->ID) {
$wpuDebug->add('User is already logged into WP, linking two logged-in accounts.');
wpu_update_int_id($phpbbForum->get_userdata('user_id'), $currWPUser->ID);
// sync but don't modify passwords:
wpu_sync_profiles($currWPUser, $phpbbForum->get_userdata(), 'sync', true);
return $currWPUser->ID;
}
$wpuDebug->add('Not yet logged into WP.');
// Should this phpBB user get an account? If not, we can just stay unintegrated
if (!$wpUnited->get_setting('integcreatewp') || !($userLevel = wpu_get_user_level())) {
$wpuDebug->add('No permissions or auto-create switched off. Not creating integrated account.');
return false;
}
// they don't have an account yet, create one
$signUpName = $phpbbForum->get_username();
$wpuDebug->add("Creating integrated account with name {$signUpName}");
$newUserID = wpu_create_wp_user($signUpName, $phpbbForum->get_userdata('user_password'), $phpbbForum->get_userdata('user_email'));
if ($newUserID) {
if (!is_a($newUserID, 'WP_Error')) {
$currWPUser = get_userdata($newUserID);
$wpuDebug->add("Created new WordPress user, ID = {$currWPUser->ID}.");
// must set this here to prevent recursion
wp_set_current_user($currWPUser->ID);
wpu_set_role($currWPUser->ID, $userLevel);
wpu_update_int_id($phpbbForum->get_userdata('user_id'), $currWPUser->ID);
wpu_sync_profiles($currWPUser, $phpbbForum->get_userdata(), 'sync');
wp_set_auth_cookie($currWPUser->ID, $persist);
$createdUser = $currWPUser->ID;
//do_action('auth_cookie_valid', $cookie_elements, $currWPUser->ID);
return $currWPUser->ID;
}
$wpuDebug->add('Error when creating integrated account. Giving up.');
}
$wpuDebug->add('Failed to create integrated account. Giving up.');
}
return false;
}
/**
* Capture the outputted page, and prevent phpBB from exiting
* @todo: use better check to ensure hook is called on template->display and just drop for everything else
*/
function wpu_execute(&$hook, $handle)
{
global $wpUnited, $wpuBuffered, $wpuRunning, $template, $db, $cache, $phpbbForum;
// We only want this action to fire once, and only on a real $template->display('body') event
if (!$wpuRunning && isset($template->filename[$handle])) {
// perform profile sync if required
if ($wpUnited->should_do_action('profile')) {
global $phpbbForum, $user;
$idToFetch = $wpUnited->actions_for_another() ? $wpUnited->actions_for_another() : $user->data['user_id'];
// have to reload data from scratch otherwise cached $user is used
$newUserData = $phpbbForum->get_userdata('', $idToFetch, true);
// only sync password if it is changing
$ignorePassword = request_var('new_password', '') == '';
$phpbbForum->background();
wpu_initialise_wp();
$wpUserData = get_userdata($newUserData['user_wpuint_id']);
wpu_sync_profiles($wpUserData, $newUserData, 'phpbb-update', $ignorePassword);
$phpbbForum->foreground();
}
if ($handle != 'body') {
return;
}
/**
* An additional check to ensure we don't act on a $template->assign_display('body') event --
* if a mod is doing weird things with $template instead of creating their own $template object
*/
if ($wpUnited->should_do_action('template-w-in-p')) {
if ($wpuBuffered = wpu_am_i_buffered()) {
return;
}
}
// nested hooks don't work, and append_sid calls a hook. Furthermore we will call ->display again anyway:
$wpuRunning = true;
if (defined('SHOW_BLOG_LINK') && SHOW_BLOG_LINK) {
$template->assign_vars(array('U_BLOG' => append_sid($wpUnited->get_wp_home_url(), false, false, $GLOBALS['user']->session_id), 'S_BLOG' => TRUE));
}
if ($wpUnited->should_do_action('template-p-in-w')) {
$template->display($handle);
$wpUnited->set_inner_content(ob_get_contents());
ob_end_clean();
if (in_array($template->filename[$handle], (array) $GLOBALS['WPU_NOT_INTEGRATED_TPLS'])) {
//Don't reverse-integrate pages we know don't want header/footers
echo $wpUnited->get_inner_content();
} else {
//insert phpBB into a wordpress page
require_once $wpUnited->get_plugin_path() . 'template-integrator.php';
wpu_integrate_templates();
}
} elseif (defined('PHPBB_EXIT_DISABLED')) {
/**
* page_footer was called, but we don't want to close the DB connection & cache yet
*/
$template->display($handle);
$GLOBALS['bckDB'] = $db;
$GLOBALS['bckCache'] = $cache;
$db = '';
$cache = '';
return '';
}
}
}
