function wpu_int_phpbb_logged_in() { global $wpUnited, $wpuDebug, $phpbbForum, $wpUnited, $current_user; $wpuDebug->add('phpBB already logged in.'); // Check if user is logged into WP get_currentuserinfo(); $currWPUser = $current_user; if ($currWPUser->ID) { $wpuDebug->add('WP already logged in, user ='******'session_autologin'); // This user is logged in to phpBB and needs to be integrated. Do they already have an integrated WP account? if ($integratedID = wpu_get_integration_id()) { $wpuDebug->add("phpBB account is integrated to WP account ID = {$integratedID}."); if ($currWPUser->ID === (int) $integratedID) { $wpuDebug->add('User is already logged in and integrated to correct account, nothing to do.'); return $currWPUser->ID; } else { $wpuDebug->add(sprintf('Integrated user ID is %d but WordPress ID is %s', $integratedID, $currWPUser->ID)); } // they already have a WP account, log them in to it and ensure they have the correct details if (!($currWPUser = get_userdata($integratedID))) { $wpuDebug->add("Failed to fetch WordPress user details for user ID = {$integratedID}. Maybe they were deleted? Giving up."); return false; } wp_set_current_user($currWPUser->ID); wp_set_auth_cookie($currWPUser->ID, $persist); $wpuDebug->add('WordPress user set to integrated user.'); return $currWPUser->ID; } else { $wpuDebug->add('User is not integrated yet.'); //Is this user already logged into WP? If so then just link the two logged in accounts if ($currWPUser->ID) { $wpuDebug->add('User is already logged into WP, linking two logged-in accounts.'); wpu_update_int_id($phpbbForum->get_userdata('user_id'), $currWPUser->ID); // sync but don't modify passwords: wpu_sync_profiles($currWPUser, $phpbbForum->get_userdata(), 'sync', true); return $currWPUser->ID; } $wpuDebug->add('Not yet logged into WP.'); // Should this phpBB user get an account? If not, we can just stay unintegrated if (!$wpUnited->get_setting('integcreatewp') || !($userLevel = wpu_get_user_level())) { $wpuDebug->add('No permissions or auto-create switched off. Not creating integrated account.'); return false; } // they don't have an account yet, create one $signUpName = $phpbbForum->get_username(); $wpuDebug->add("Creating integrated account with name {$signUpName}"); $newUserID = wpu_create_wp_user($signUpName, $phpbbForum->get_userdata('user_password'), $phpbbForum->get_userdata('user_email')); if ($newUserID) { if (!is_a($newUserID, 'WP_Error')) { $currWPUser = get_userdata($newUserID); $wpuDebug->add("Created new WordPress user, ID = {$currWPUser->ID}."); // must set this here to prevent recursion wp_set_current_user($currWPUser->ID); wpu_set_role($currWPUser->ID, $userLevel); wpu_update_int_id($phpbbForum->get_userdata('user_id'), $currWPUser->ID); wpu_sync_profiles($currWPUser, $phpbbForum->get_userdata(), 'sync'); wp_set_auth_cookie($currWPUser->ID, $persist); $createdUser = $currWPUser->ID; //do_action('auth_cookie_valid', $cookie_elements, $currWPUser->ID); return $currWPUser->ID; } $wpuDebug->add('Error when creating integrated account. Giving up.'); } $wpuDebug->add('Failed to create integrated account. Giving up.'); } return false; }
/** * checks a login with username and password. If it failed, but the user they tried to log in as * has an integrated phpBB user with a correct username and password, allow the login to proceed * @param mixed $user WP_User|WP_Error|null a user object if the user has already successfully authenticated * @param string $username attempted username * @param string $password attempted password * @return an authenticated WP_User object, or WP_Error or void on error */ public function authenticate($user, $username, $password) { global $phpbbForum; if (is_a($user, 'WP_User')) { return $user; } if (!$this->is_working()) { return $user; } if (!$this->get_setting('integrateLogin')) { return; } // phpBB does some processing of inbound strings so password could be modified set_var($phpbbPass, stripslashes($password), 'string', true); if (!$phpbbForum->login($username, $phpbbPass)) { return $user; // return an error } if ($integratedID = wpu_get_integration_id()) { return get_userdata($integratedID); } // If we've got here, we have a valid phpBB user that isn't integrated in WordPress // Should this phpBB user get an account? If not, we can just stay unintegrated if (!$this->get_setting('integcreatewp') || !($userLevel = wpu_get_user_level())) { return $user; } $signUpName = $phpbbForum->get_username(); $newUserID = wpu_create_wp_user($signUpName, $phpbbForum->get_userdata('user_password'), $phpbbForum->get_userdata('user_email')); if ($newUserID) { if (!is_a($newUserID, 'WP_Error')) { wpu_set_role($newUserID, $userLevel); wpu_update_int_id($phpbbForum->get_userdata('user_id'), $newUserID); wpu_sync_profiles(get_userdata($newUserID), $phpbbForum->get_userdata(), 'sync'); return get_userdata($newUserID); } } //just return whatever error was passed in return $user; }