AuthPhpBB2

Summary: Use phpBB2 user authentication for PmWiki page edit protection and author name
Version: 1.0 (05 March 2007)
Prerequisites:
Status: Stable
Maintainer: Smc
Discussion: AuthPhpBB2-Talk

Questions answered by this recipe

  1. Can I tie phpBB2 forum users to PmWiki editors?
  2. If I'm using phpBB2 forum and PmWiki, how can I ensure only authenticated phpBB2 users can edit my PmWiki pages?

Description

AuthPhpBB2 permits user authentication via phpBB2 forum software to be used to edit protect PmWiki pages. Additionally your phpBB2 username is used as the PmWiki edit author name. Additionally, you can augment page permissions with PmWiki's in-built page attributes e.g. add a second level page edit and/or read protection e.g. perhaps edit protect the site sidebar and readonly protect the site blocklist from normal forum users.

It is anticipated that this recipe will work on any 2.x version of PmWiki or phpBB2 however the author has only specifically tested this on pmwiki-2.2.0-beta19 and phpBB2 2.0.22.

This recipe consists of two changes; firstly a cookbook plugin called auth_phpbb2.php for PmWiki and secondly a variant of the session.php file from the phpBB2 distribution. Please follow the procedure below to install this recipe. Additionally see the notes section below for design information and recommended future enhancements (should someone want to extend this).

An example of PmWiki and phpBB2 integration in action is over at Enginuity (http://www.enginuity.org). Note that page edit actions are not shown unless you have a user account or know the PmWiki administration password to override. Please feel free to request a forum login. Once you login for the forum, a page edit icon will appear on each Wiki page. Additionally the Author field will be set to your phpBB2 username.

Installation

The following instructions assume you have installed PmWiki and phpBB2 under the same web root e.g. /pmwiki and /forums. Also please pay attention to the phpBB cookie path setting below - with out it the cookie will not be presented to pmwiki.

  1. Please download the following files locally: auth_phpbb2.phpΔ (PmWiki), sessions.phpΔ (phpBB2)
  2. auth_phpbb2.php should be installed into your cookbook/ directory
  3. sessions.php is a slightly modified version of the phpBB2/includes/sessions.php file. If you are using phpBB-2.0.22 then simply overwrite this file. Otherwise simply edit your original sessions.php file using your favourite editor, inserting the three sections of code marked by "SMC:". On inspection it will be obvious what to do - just insert my additional lines of (don't delete anything).

Configuration - phpBB2 forum

  1. From the phpBB2 web Administration Console adjust the cookie path to slash - '/' (without the quotes).

Configuration - PmWiki

  1. local/config.php should be appended with the line: $phpBB2cookie = 'phpbb2mysql';. Replace 'phpbb2mysql' with the 'Cookie name' found from the phpBB2 Administration Panel under General Admininstrion -> Configuration -> Cookie Settings. This line must be before the next one.
  2. local/config.php should be appended with the line: include_once("$FarmD/cookbook/auth_phpbb2.php");
  3. (Optional step) Edit your Wiki Site/PageActions page to remove the page edit link if you do not have 'edit' permissions. To do this with the default PmWiki install add the following 'if' lines around the edit link.

    (:if auth edit:)
    * %item rel=nofollow class=edit      accesskey='$[ak_edit]'%      [[{*$FullName}?action=edit   | $[Edit] ]]
    (:if:)
    
  4. If you already had an installation of phpBB2 then you will need to logout and backin again so the cookie can get updated with some additional information. If you do not do this you will not have edit permissions!

Design Notes

The idea is to extend the existing phpBB2 session cookie set during the authentication stage. I basically add the username to this cookies' serialised information. I use the existance of the cookie to set an authentication flag. This flag is used within this recipe to check if we have edit permission. Additionally PmWiki's $Author variable is set to your username extracted from extended the phpBB2 cookie.

session.php is from the phpBB-2.0.22 distribution. I'm adding a new 'username' element to the existing cookie array which gets serialised. auth_phpbb2.php is based on PmWiki's core authuser.php. I basically override PmWiki's '$AuthFunction' with my own variant. It checks for the phpBB2 authentication cookie which is configured via the '$phpBB2cookie' variable. If the cookie is found and we can extract the username set from above then we set PmWiki's '$Author' variable accordingly.

Future Enhancements

  1. Improve the code so we do not need to alter the 'session.php' phpBB2 file. If I wasn't a newbee php hacker I would have written some php to extract the username directly from the pbpBB2 database using SQL - we have the userid. We could add this code to the 'auth_phpbb2.php' script making the integration much cleaner.
  2. Enhance the 'auth_phpbb2.php' script so that you can override edits by manually adding ?action=edit to a URL and entering the site admin password. his does not work for some reason at this point in time. Although if you set an edit password on a page then this works correctly and overrides the forum authentication forcing forum users to also enter a PmWiki page password.
  3. Perhaps alter user permissions within PmWiki based on what forum authentication group you are in. Perhaps consider that all forum 'Admins' have additional permissions within PmWiki.

Release Notes

If the recipe has multiple releases, then release notes can be placed here. Note that it's often easier for people to work with "release dates" instead of "version numbers".

  • Version 1.0 - 05 March 2007

See Also

Contributors

Comments

See discussion at AuthPhpBB2-Talk

User notes? : If you use, used or reviewed this recipe, you can add your name. These statistics appear in the Cookbook listings and will help newcomers browsing through the wiki.