<?php
/**
*
* @package phpBB Extension - phpBB Mushraider
* @copyright (c) 2015 Kyah (Julien Goret)
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
/**
* @ignore
*/
namespace octetsetquartdepouces\mushraider\controller;
class login {
public function __construct(\phpbb\config\config $config, \phpbb\user $user, \phpbb\auth\auth $auth, \phpbb\request\request $request, \phpbb\controller\helper $helper, $root_path, $php_ext)
{
$this->config = $config;
$this->user = $user;
$this->auth = $auth;
$this->request = $request;
$this->helper = $helper;
$this->root_path = $root_path;
$this->php_ext = $php_ext;
}
public function base() {
header('Content-Type: application/json');
require($this->root_path . 'includes/constants.' . $this->php_ext);
require($this->root_path . 'includes/functions_user.' . $this->php_ext);
$this->user->session_begin();
$this->auth->acl($this->user->data);
if ($_POST) {
if (!isset($_POST['login']) || !isset($_POST['pwd'])) {
echo json_encode(array('authenticated' => false));
exit;
} else {
$username = request_var('login', '');
$pwd = $this->request->get_super_global(\phpbb\request\request_interface::POST)['pwd'];
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$salt = trim($this->config['mushraider_apikey']);
$password = utf8_decode(trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $salt, stripslashes($pwd), MCRYPT_MODE_ECB, $iv)));;
$username = request_var('login', '');
// Test if phpBB connects user
$result = $this->auth->login($username, $password);
$error = $result['error_msg'];
if ($result['status'] == LOGIN_SUCCESS)
{
$admins = explode(',', $this->config['mushraider_admin']);
$officers = explode(',', $this->config['mushraider_officers']);
$members = explode(',', $this->config['mushraider_members']);
//User was successfully logged into phpBB
$phpbbUserRow = $result['user_row'];
$user_id = $phpbbUserRow['user_id'];
$userInfos = array();
// Here we need to find if user is admin, officer or member!
foreach ($admins as $admin_group) {
if (!isset($userRole) && group_memberships($admin_group,$user_id,true)) {
$userRole = 'admin';
}
}
foreach ($officers as $officer_group) {
if (!isset($userRole) && group_memberships($officer_group,$user_id,true)) {
$userRole = 'officer';
}
}
foreach ($members as $member_group) {
if (!isset($userRole) && group_memberships($member_group,$user_id,true)) {
$userRole = 'member';
}
}
if (isset($userRole)) {
// Everything is OK!
$isAuthenticated = true;
$userInfos['email'] = $phpbbUserRow['user_email'];
$userInfos['role'] = $userRole;
} else {
$isAuthenticated = false;
}
// Return json to mushraider
$userInfos['authenticated'] = $isAuthenticated;
echo json_encode($userInfos);
}
else {
echo json_encode(array('authenticated' => false));
}
exit;
}
} else {
// If we don't come from mushraider, send them back to home...
redirect(append_sid("{$this->root_path}index.$this->php_ext"));
}
}
}
?>