<?php
# many ideas taken from http://meta.wikimedia.org/wiki/User:Otheus/Auto_Login_via_REMOTE_USER/code

$phpNukeLogin = 'http://www.somephpnukewebsite.com/modules.php?name=Your_Account';
$mediaWikiLogin = 'http://www.thewikiwebsite.net/index.php';

require_once('AuthPlugin.php');
require_once('authphpnuke.php');

class UserPhpNuke
{
   // Memberdeklaration
   public $userid, $pass;
}

// from phpnuke, mainfile.php
function cookiedecode($user) {
    global $cookie, $db, $user_prefix;
    static $pass;
    if(!is_array($user)) {
        $user = base64_decode($user);
        $user = addslashes($user);
        $cookie = explode(":", $user);
    } else {
        $cookie = $user;
    }
    return $cookie;
}

// $phpnukecookie comes as a http parameter
$phpnukeuser = cookiedecode($phpnukecookie);


function Auth_phpnuke_hook() {
    global $wgUser;
    global $wgRequest;
    global $phpnukeuser;
    global $privilegedUsers;
    global $phpNukeLogin;
    global $mediaWikiLogin;
    global $wgGroupPermissions;

    $phpnukeuserid=$phpnukeuser[1];
    $phpnukepasswd=$phpnukeuser[2];

    // For a few special pages, don't do anything.
    $title = $wgRequest->getVal('title') ;
    $wgTitle = Title::newFromText( $title);
    if ($wgTitle != null && NS_SPECIAL == $wgTitle->getNamespace() && $wgTitle->getText() == 'Userlogin') {
      header("Location: $phpNukeLogin");
      return;
    }

    $username = $phpnukeuserid;
    $wgUser = User::loadFromSession(); 
    if ($wgTitle != NULL && NS_SPECIAL == $wgTitle->getNamespace() && $wgTitle->getText() == 'Userlogout') {
        $wgUser->Logout();
        header("Location: ".$phpNukeLogin);
        die();
    }

    // only allow a given list of users
    if (isset($privilegedUsers) && !in_array($username, $privilegedUsers) && !in_array($wgUser->mName, $privilegedUsers))
    {
        header("Location: $phpNukeLogin");
        die();
    }
    
    // for an anonymous user, if reading is allowed, give access
    if ($wgGroupPermissions['*']['read'] == true 
        && !$wgUser->isLoggedIn() 
        && !isset($username))
    {
    	return;
    }
    
    
    // Do nothing if session is valid
    if ($wgUser->isLoggedIn() && $wgUser->mName == $username) {
        #echo "User is logged in";
        return;
    }
    if ($wgUser->isLoggedIn() && !isset($username)) {
        #echo "User is logged in";
        return;
    }

    // Do little if user already exists
    $u = User::newFromName( $username );
    if (is_null($u)) {
        #echo "invalid username or some other error";
          header("Location: $phpNukeLogin");
          # Invalid username or some other error -- force login, just return
          die();
    }

    // test if the user has access to phpnuke
    $wgUser = $u; 
    if (!$wgUser->checkPassword( $phpnukepasswd )) {
        #echo "user authentication failed";
        header("Location: $phpNukeLogin");
        die("4");
    }

    #echo "after checkpassword";                    
    $wgUser = $u; 
    if ($u->getId() != 0) {
      # also return, but user is know. set Cookies, et al
      $wgUser->setOption( 'rememberpassword', 1 );
      $wgUser->setCookies();
      $wgUser->saveSettings();
      return;
    }

    #echo "Ok, now we need to create a user";

    include 'includes/SpecialUserlogin.php';
    $form = new LoginForm( $wgRequest );
    $form->initUser( $wgUser );
    $wgUser->saveSettings();
    
    # and login again, using the phpNukeCookie from the beginning
    header("Location: $mediaWikiLogin?".$_SERVER['QUERY_STRING']);
    die();
}

class Auth_phpnuke extends AuthPlugin {

  function Auth_phpnuke() {

      global $wgExtensionFunctions;
      if (!isset($wgExtensionFunctions)) {
        $wgExtensionFunctions = array();
      }
      else if (!is_array($wgExtensionFunctions)) {
        $wgExtensionFunctions = array( $wgExtensionFunctions );
      }
      array_push($wgExtensionFunctions, 'Auth_phpnuke_hook');
      return;
  }

  //return whether $username is a valid username
  function userExists($username) {
    // in media wiki 1.5.5 this should always be true for autocreate() to work right
    return true; 
  }

  //whether the given username and password authenticate
  function authenticate($username, $password) {
    $user = new UserPhpNuke();
    $user->userid = $username;
    $user->pass = $password;
    error_log($username);
    return (_ex_auth_login($user));
    
  }

  //The authorization is external, so autocreate accounts as necessary
  function autoCreate() {
    return true;
  }

  //tell MediaWiki to not look in its database for user authentication and 
  // that our authentication method is all that counts
  function strict() {
    return true;
  }

  //this function gets called when the user is created
  //$user is an instance of the User class (see includes/User.php)
  function initUser(&$user) {

    $nukeuser = new UserPhpNuke();
    $nukeuser->userid = $user->mName;
    _ex_auth_get_user($nukeuser);
    $user->setEmail($nukeuser->email);
    $user->setRealName($nukeuser->name);

    $user->mEmailAuthenticated = wfTimestampNow();

    //turn on e-mail notifications by default
    $user->setOption('enotifwatchlistpages', 1);
    $user->setOption('enotifusertalkpages', 1);
    $user->setOption('enotifminoredits', 1);
    $user->setOption('enotifrevealaddr', 1);
  }

  //if using MediaWiki 1.5, we have a new function to modify the UI template!
  function modifyUITemplate(&$template) {
    //disable the mail new password box
    $template->set("useemail", false);
    //disable 'remember me' box
    $template->set("remember", false);
    $template->set("create", false);
    $template->set("domain", false);
  }
}