"; exit; } } if($_GET['loggedout'] == "true") { $redirect = get_site_option("mysqlauthLogoutURL"); if(isset($redirect)) { echo " "; exit; } } */ } add_action('admin_menu', 'mysqlauth_addmenu'); function mysqlauth_addmenu() { $objCurrUser = wp_get_current_user(); $objUser = wp_cache_get($objCurrUser->id, 'users'); if (function_exists('add_options_page') && is_site_admin($objUser->user_login)) { add_options_page('Authentication Options', 'Mysql Auth Options', 9, basename(__FILE__), 'mysqlauthOptionsPanel'); } } require_once( ABSPATH . WPINC . '/registration.php'); function mysqlauth_Auth($username, $password) { global $wpdb; $mysqlauthDbHost = get_site_option("mysqlauthDbHost"); $mysqlauthDbUser = get_site_option("mysqlauthDbUser"); $mysqlauthDbName = get_site_option("mysqlauthDbName"); $mysqlauthDbPass = get_site_option("mysqlauthDbPass"); $mysqlauthQuery = get_site_option("mysqlauthQuery"); $link = mysql_connect($mysqlauthDbHost, $mysqlauthDbUser, $mysqlauthDbPass, true) or die('Not connected : ' . mysql_error()); // make foo the current db $mydb = mysql_select_db($mysqlauthDbName, $link) or die ('Can\'t use $mysqlauthDbName : ' . mysql_error()); $sql = stripslashes($mysqlauthQuery); $sql = str_replace('%{user}', mysql_real_escape_string($username), $sql); //$sql = str_replace('%{pass}', mysql_real_escape_string($password), $sql); $sql = str_replace('%{pass}', $password, $sql); if($result = mysql_query($sql)) { while ($row = mysql_fetch_array($result)) { // SELECT username, password, email, name FROM jos_users WHERE username = '%{user}' $jv_parts = explode( ':', $row["password"] ); if ( count( $jv_parts ) > 1 ) $jv_salt = $jv_parts[1]; $jv_crypt = md5( $password . $jv_salt ); $jv_hashedPwd = $jv_crypt. ':' . $jv_salt; /* $row["pOK"] = false; if ($jv_hashedPwd == $row["password"] ) { $row["pOK"] = true; }*/ return $row; } } else { Return false; } } function mysqlauthOptionsPanel() { if($_POST['mysqlauthOptionsSave']) { update_site_option('mysqlauthSignupURL', $_POST['mysqlauthSignupURL']); update_site_option('mysqlauthLogoutURL', $_POST['mysqlauthLogoutURL']); update_site_option('mysqlauthDbHost', $_POST['mysqlauthDbHost']); update_site_option('mysqlauthDbUser', $_POST['mysqlauthDbUser']); update_site_option('mysqlauthDbName', $_POST['mysqlauthDbName']); update_site_option('mysqlauthDbPass', $_POST['mysqlauthDbPass']); update_site_option('mysqlauthQuery', stripslashes($_POST['mysqlauthQuery'])); update_site_option('mysqlauthActive', $_POST['mysqlauthActive']); echo "

Saved Options!

"; } $mysqlauthSignupURL = get_site_option("mysqlauthSignupURL"); $mysqlauthLogoutURL = get_site_option("mysqlauthLogoutURL"); $mysqlauthDbHost = get_site_option("mysqlauthDbHost"); $mysqlauthDbUser = get_site_option("mysqlauthDbUser"); $mysqlauthDbName = get_site_option("mysqlauthDbName"); $mysqlauthDbPass = get_site_option("mysqlauthDbPass"); $mysqlauthQuery = get_site_option("mysqlauthQuery"); $mysqlauthActive = get_site_option("mysqlauthActive"); if($mysqlauthActive) { $tChecked = "checked"; } else { $fChecked = "checked"; } echo <<

mysqlauth Authentication Options

Authentication options

Database host

This is usually 'localhost'.

Database username

Username to access the database.

Database password

Password for the database.

Database name

Name of the database where users are stored.

Query Form

Query form for fetching the user from the remote table .

The query should return at least the
```
username
```
and the email field. If your table doesn't have username or email field then you have to create alias eg.
```
user as username, mail as email
```
Use %{user} to query the username
Use %{pass} to query the password (apply MD5 where needed)

Some Examples:
Joomla :

SELECT username, email FROM jos_users WHERE username = '%{user}' AND password='%{pass}'

Sign-up URL

Where people go to sign up

Logout URL

Where users are redirected when logged out

Enable mysqlauth plugin?
Yes No

mysqlauthForm; } // *** End Admin Config Functions *** // // *** Begin User Auth Functions *** // // This will disabled the change password dialogs. if (get_site_option("mysqlauthActive")) : add_filter('show_password_fields', 'getFalse'); function getFalse() { return false; } endif; if (get_site_option("mysqlauthActive")) { function wp_login($username, $password, $already_md5 = false) { global $wpdb, $error, $current_site, $current_user, $base; //Make sure we always use lowercase usernames. $username = strtolower($username); $mysqlauthActive = get_site_option("mysqlauthActive"); $mysqlauthSignupURL = get_site_option("mysqlauthSignupURL"); $mysqlauthLogoutURL = get_site_option("mysqlauthLogoutURL"); $mysqlauthDbHost = get_site_option("mysqlauthDbHost"); $mysqlauthDbUser = get_site_option("mysqlauthDbUser"); $mysqlauthDbName = get_site_option("mysqlauthDbName"); $mysqlauthDbPass = get_site_option("mysqlauthDbPass"); $mysqlauthQuery = get_site_option("mysqlauthQuery"); if(!$username) { $error = __('Error: The username field is empty.'); return false; } if(!$password) { $error = __('Error: The password field is empty.'); return false; } //Bassically if we are already logged in and we try to relogin. if ($current_user->data->user_login == $username) { return true; } $login = get_userdatabylogin($username); # JVI hack: checking password encrpted with MD5 plus random salt $jv_parts = explode( ':', $login->user_pass ); if ( count( $jv_parts ) > 1 ) $jv_salt = $jv_parts[1]; $jv_crypt = md5( $password . $jv_salt ); $jv_hashedPwd = $jv_crypt. ':' . $jv_salt; // now use $jv_hashedPwd to check if it's this user's password //echo 'pwd ingresado: '.$jv_hashedPwd.'
'; //echo 'pwd en base: '.$row->password.'

'; $joomla_user = array(); $joomla_user = mysqlauth_Auth($username, $password); $jv_parts2 = explode( ':', $joomla_user["password"] ); if ( count( $jv_parts2 ) > 1 ) $jv_salt2 = $jv_parts2[1]; $jv_crypt2 = md5( $password . $jv_salt2 ); $jv_hashedPwd2 = $jv_crypt2. ':' . $jv_salt2; //echo 'pwd ingresado: '.$jv_hashedPwd.'
'; //echo 'pwd en base: '.$row->password.'

'; $pWPOK = 0 ; // si es password de wordpress cumple el hash if ( ($jv_crypt == $jv_hashedPwd) || ($login->user_pass == $jv_hashedPwd)) { $pWPOK = 1; } $pJOK = 0; // si es password de joomla cumple el hash if( ($joomla_user["password"] == $jv_hashedPwd2) || ($jv_crypt2 == $jv_hashedPwd2) ) { $pJOK = 1; } // si los hashes son iguales estamos hablando de q son copias y q los passwords no han cambiando en ningun lado $pEQUAL = 0; if ($jv_hashedPwd2 == $jv_hashedPwd) { $pEQUAL = 1; } if (is_array($joomla_user) != true) { $error = __('Error: Usuario Incorrecto.'); Return false; } // verificaciones para ver si estan saliendo iguales los datos de passwords, los datos q deberian coincidir no lo estan haciendo print_r("username que llega ---".$username."
"); print_r("password que llega ---".$password."
"); print_r("already_md5 que llega ---".$already_md5."
"); print_r("COOKIE PASS_COOKIE ---".$_COOKIE[PASS_COOKIE] ."
"); print_r("POST_PASSWORD ---".$_POST['pwd'] ."
"); print_r("pJOK---------".$pJOK."
,
"); print_r("pWPOK---------".$pWPOK."
,
"); print_r("pEQUAL---------".$pEQUAL."
,
"); print_r("user_pass---".$login->user_pass."
"); print_r("cript-------".$jv_crypt."
"); print_r("hashedpwd---".$jv_hashedPwd."

"); print_r("joomla pass-".$joomla_user["password"]."
"); print_r("cript2------".$jv_crypt2."
"); print_r("hashed pas2-".$jv_hashedPwd2."
"); /* if ($pEQUAL == 1 ) { $pJOK = 1; // por ahora se los esta dejando entrar si los pasw son iguales en wp y joomla } */ if ( ($pJOK != 1) ) { $error = __('Error: Password Incorrecto.'); Return false; } //EL USUARIO NO EXISTE EN WP //if (is_object($login) != true) if (!username_exists( $username )) { // echo 'NEW USER FROM WEBSERVICE '; // call the registration function to create a wordpress user account for this // successfully authenticated user //Create the user //$sPassword = generate_random_password(); define( "WP_INSTALLING", true ); $user_id = wpmu_create_user( $username, $password, $joomla_user["email"] ); if (!$user_id) { $error = __('Error: Falló la creación del usuario.'); return false; } //Update their first and last name from if any //This is for plugin events do_action( 'wpmu_new_user', $user_id ); do_action('wpmu_activate_user', $user_id, $password); $domain = strtolower( wp_specialchars( $username ) ); if( constant( "VHOST" ) == 'yes' ) { $newdomain = $domain . "." . $current_site->domain; $path = $base; } else { $newdomain = $current_site->domain; $path = $base . $domain . '/'; } $query = "UPDATE $wpdb->users SET user_nicename='". $joomla_user["name"]. "', user_email='". $joomla_user["email"] . "', display_name='". $joomla_user["name"]. "', user_pass='".$joomla_user["password"]."' WHERE ID = '$login->ID'"; //print_r ($query); $wpdb->query( $query ); //Update their data from Joomla if any update_usermeta( $user_id, 'first_name', ($joomla_user["firstname"] ? $joomla_user["firstname"] : $joomla_user["name"] )); update_usermeta( $user_id, 'last_name', ($joomla_user["lastname"] ? $joomla_user["lastname"] : $joomla_user["name"])); update_usermeta( $user_id, 'display_name', ($joomla_user["name"] ? $joomla_user["name"] : $joomla_user["name"])); update_usermeta( $user_id, 'user_url', ($joomla_user["url"] ? $joomla_user["url"] : "http://migranteecuatoriano.gov.ec/blogs/".$username)); //Must recreated the login object for our shiny NEW users. $login = get_userdatabylogin($username); //add_user_to_blog($current_blog->blog_id,$user_ID,'subscriber'); Da permisos a los usuarios add_user_to_blog(1,$user_id,'subscriber'); // $mysqlauthSignupURL = get_site_option("mysqlauthSignupURL"); // $mysqlauthLogoutURL = get_site_option("mysqlauthLogoutURL"); //Setup redirection to users home directory. if (!strpos($_REQUEST['redirect_to'], $username)) { $_REQUEST['redirect_to'] = $username . "/" . $_REQUEST['redirect_to']; } Return true; } // $query = "UPDATE $wpdb->users SET user_nicename='". $joomla_user["name"]. "', user_email='". $joomla_user["email"] . "', display_name='". $joomla_user["name"]. "', user_pass='".$jv_hashedPwd."' WHERE ID = '$login->ID'"; //QUERY: ACTUALIZAR BASE CON DATOS ADICIONALES DE JOOMLA $query = "UPDATE $wpdb->users SET user_nicename='". $joomla_user["name"]. "', user_email='". $joomla_user["email"] . "', display_name='". $joomla_user["name"]. "', user_pass='".$joomla_user["password"]."' WHERE ID = '$login->ID'"; //print_r ($query); $wpdb->query( $query ); return true; } } ?>