function wpu_int_phpbb_logged_in() { global $wpUnited, $wpuDebug, $phpbbForum, $wpUnited, $current_user; $wpuDebug->add('phpBB already logged in.'); // Check if user is logged into WP get_currentuserinfo(); $currWPUser = $current_user; if ($currWPUser->ID) { $wpuDebug->add('WP already logged in, user ='******'session_autologin'); // This user is logged in to phpBB and needs to be integrated. Do they already have an integrated WP account? if ($integratedID = wpu_get_integration_id()) { $wpuDebug->add("phpBB account is integrated to WP account ID = {$integratedID}."); if ($currWPUser->ID === (int) $integratedID) { $wpuDebug->add('User is already logged in and integrated to correct account, nothing to do.'); return $currWPUser->ID; } else { $wpuDebug->add(sprintf('Integrated user ID is %d but WordPress ID is %s', $integratedID, $currWPUser->ID)); } // they already have a WP account, log them in to it and ensure they have the correct details if (!($currWPUser = get_userdata($integratedID))) { $wpuDebug->add("Failed to fetch WordPress user details for user ID = {$integratedID}. Maybe they were deleted? Giving up."); return false; } wp_set_current_user($currWPUser->ID); wp_set_auth_cookie($currWPUser->ID, $persist); $wpuDebug->add('WordPress user set to integrated user.'); return $currWPUser->ID; } else { $wpuDebug->add('User is not integrated yet.'); //Is this user already logged into WP? If so then just link the two logged in accounts if ($currWPUser->ID) { $wpuDebug->add('User is already logged into WP, linking two logged-in accounts.'); wpu_update_int_id($phpbbForum->get_userdata('user_id'), $currWPUser->ID); // sync but don't modify passwords: wpu_sync_profiles($currWPUser, $phpbbForum->get_userdata(), 'sync', true); return $currWPUser->ID; } $wpuDebug->add('Not yet logged into WP.'); // Should this phpBB user get an account? If not, we can just stay unintegrated if (!$wpUnited->get_setting('integcreatewp') || !($userLevel = wpu_get_user_level())) { $wpuDebug->add('No permissions or auto-create switched off. Not creating integrated account.'); return false; } // they don't have an account yet, create one $signUpName = $phpbbForum->get_username(); $wpuDebug->add("Creating integrated account with name {$signUpName}"); $newUserID = wpu_create_wp_user($signUpName, $phpbbForum->get_userdata('user_password'), $phpbbForum->get_userdata('user_email')); if ($newUserID) { if (!is_a($newUserID, 'WP_Error')) { $currWPUser = get_userdata($newUserID); $wpuDebug->add("Created new WordPress user, ID = {$currWPUser->ID}."); // must set this here to prevent recursion wp_set_current_user($currWPUser->ID); wpu_set_role($currWPUser->ID, $userLevel); wpu_update_int_id($phpbbForum->get_userdata('user_id'), $currWPUser->ID); wpu_sync_profiles($currWPUser, $phpbbForum->get_userdata(), 'sync'); wp_set_auth_cookie($currWPUser->ID, $persist); $createdUser = $currWPUser->ID; //do_action('auth_cookie_valid', $cookie_elements, $currWPUser->ID); return $currWPUser->ID; } $wpuDebug->add('Error when creating integrated account. Giving up.'); } $wpuDebug->add('Failed to create integrated account. Giving up.'); } return false; }
/** * Perform an action requested by the user mapper */ function wpu_process_mapaction() { global $phpbbForum, $db, $wpdb, $phpbb_root_path, $phpEx; wpu_ajax_header(); echo '<wpumapaction>'; $action = isset($_POST['type']) ? (string) $_POST['type'] : ''; $userID = isset($_POST['userid']) ? (int) $_POST['userid'] : 0; $intUserID = isset($_POST['intuserid']) ? (int) $_POST['intuserid'] : 0; $package = isset($_POST['package']) ? (string) $_POST['package'] : ''; if (empty($action) || empty($userID) || empty($package) || $action == 'delboth' && empty($intUserID) || $action == 'break' && empty($intUserID) || $action == 'sync' && empty($intUserID)) { wpu_map_action_error('Cannot perform action, required details are missing'); } require_once $phpbb_root_path . 'includes/functions_user.' . $phpEx; switch ($action) { case 'del': if ($package == 'wp') { // First break if the user is integrated wpu_map_break($userID); wp_delete_user($userID, '0'); } else { $fStateChanged = $phpbbForum->foreground(); user_delete('retain', $userID); $phpbbForum->background($fStateChanged); } echo '<status>OK</status>'; break; case 'delboth': $wUserID = $package == 'wp' ? $userID : $intUserID; $pUserID = $package == 'wp' ? $intUserID : $userID; wp_delete_user($wUserID, '0'); $fStateChanged = $phpbbForum->foreground(); user_delete('retain', $pUserID); $phpbbForum->background($fStateChanged); echo '<status>OK</status>'; break; case 'integrate': $wUserID = $package == 'wp' ? $userID : $intUserID; $pUserID = $package == 'wp' ? $intUserID : $userID; if (!empty($wUserID) && !empty($pUserID)) { wpu_update_int_id($pUserID, $wUserID); // Sync profiles $wpuNewDetails = $phpbbForum->get_userdata('', $pUserID); $phpbbForum->background($fStateChanged); $wpUsrData = get_userdata($wUserID); // Don't modify passwords wpu_sync_profiles($wpUsrData, $wpuNewDetails, 'sync', true); echo '<status>OK</status>'; } break; case 'break': $id = $package == 'wp' ? $userID : $intUserID; wpu_map_break($id); echo '<status>OK</status>'; break; case 'sync': $wpUserID = $package == 'wp' ? $userID : $intUserID; $pUserID = $package == 'wp' ? $intUserID : $userID; $wpUsrData = get_userdata($wpUserID); $pUsrData = $phpbbForum->get_userdata('', $pUserID); wpu_sync_profiles($wpUsrData, $pUsrData, 'sync', true); echo '<status>OK</status>'; break; case 'createin': // create user in phpBB if ($package == 'phpbb') { $phpbbID = wpu_create_phpbb_user($userID); if ($phpbbID == 0) { die('<status>FAIL</status><details>' . __('Could not add user to phpBB', 'wp-united') . '</details></wpumapaction>'); } else { if ($phpbbID == -1) { die('<status>FAIL</status><details>' . __('A suitable username could not be found in phpBB', 'wp-united') . '</details></wpumapaction>'); } } wpu_sync_profiles(get_userdata($userID), $phpbbForum->get_userdata('', $phpbbID), 'wp-update'); } else { // create user in WordPress $wpuNewDetails = $phpbbForum->get_userdata('', $userID); require_once ABSPATH . WPINC . '/registration.php'; if (!($userLevel = wpu_get_user_level($userID))) { die('<status>FAIL</status><details>' . __('Cannot create integrated user, as they would have no integration permissions.', 'wp-united') . '</details></wpumapaction>'); } $newUserID = wpu_create_wp_user($wpuNewDetails['username'], $wpuNewDetails['user_password'], $wpuNewDetails); if ($newUserID) { if ($wpUser = get_userdata($newUserID)) { wpu_update_int_id($userID, $wpUser->ID); wpu_sync_profiles($wpUser, $wpuNewDetails, 'phpbb-update'); wpu_set_role($wpUser->ID, $userLevel); } } else { die('<status>FAIL</status><details>' . __('Could not add user to WordPress', 'wp-united') . '</details></wpumapaction>'); } } echo '<status>OK</status>'; break; } echo '<nonce>' . wp_create_nonce('wp-united-mapaction') . '</nonce>'; echo '</wpumapaction>'; die; }
/** * checks a login with username and password. If it failed, but the user they tried to log in as * has an integrated phpBB user with a correct username and password, allow the login to proceed * @param mixed $user WP_User|WP_Error|null a user object if the user has already successfully authenticated * @param string $username attempted username * @param string $password attempted password * @return an authenticated WP_User object, or WP_Error or void on error */ public function authenticate($user, $username, $password) { global $phpbbForum; if (is_a($user, 'WP_User')) { return $user; } if (!$this->is_working()) { return $user; } if (!$this->get_setting('integrateLogin')) { return; } // phpBB does some processing of inbound strings so password could be modified set_var($phpbbPass, stripslashes($password), 'string', true); if (!$phpbbForum->login($username, $phpbbPass)) { return $user; // return an error } if ($integratedID = wpu_get_integration_id()) { return get_userdata($integratedID); } // If we've got here, we have a valid phpBB user that isn't integrated in WordPress // Should this phpBB user get an account? If not, we can just stay unintegrated if (!$this->get_setting('integcreatewp') || !($userLevel = wpu_get_user_level())) { return $user; } $signUpName = $phpbbForum->get_username(); $newUserID = wpu_create_wp_user($signUpName, $phpbbForum->get_userdata('user_password'), $phpbbForum->get_userdata('user_email')); if ($newUserID) { if (!is_a($newUserID, 'WP_Error')) { wpu_set_role($newUserID, $userLevel); wpu_update_int_id($phpbbForum->get_userdata('user_id'), $newUserID); wpu_sync_profiles(get_userdata($newUserID), $phpbbForum->get_userdata(), 'sync'); return get_userdata($newUserID); } } //just return whatever error was passed in return $user; }