|
| 1 | +<?php |
| 2 | +/* |
| 3 | + * Copyright © 2008-2010 Garrett Brown <http://www.mediawiki.org/wiki/User:Gbruin> |
| 4 | + * This program is free software; you can redistribute it and/or modify |
| 5 | + * it under the terms of the GNU General Public License as published by |
| 6 | + * the Free Software Foundation; either version 2 of the License, or |
| 7 | + * (at your option) any later version. |
| 8 | + * |
| 9 | + * This program is distributed in the hope that it will be useful, |
| 10 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | + * GNU General Public License for more details. |
| 13 | + * |
| 14 | + * You should have received a copy of the GNU General Public License along |
| 15 | + * with this program. If not, see <http://www.gnu.org/licenses/>. |
| 16 | + */ |
| 17 | + |
| 18 | +/** |
| 19 | + * FBConnect plugin. Integrates Facebook Connect into MediaWiki. |
| 20 | + * |
| 21 | + * Features include single sign on (SSO) experience and XFBML. |
| 22 | + * |
| 23 | + * Info is available at <http://www.mediawiki.org/wiki/Extension:FBConnect>. |
| 24 | + * Limited support is available at |
| 25 | + * <http://www.mediawiki.org/wiki/Extension_talk:FBConnect>. |
| 26 | + * |
| 27 | + * @file |
| 28 | + * @ingroup Extensions |
| 29 | + * @author Garrett Brown, Sean Colombo |
| 30 | + * @copyright Copyright © 2010 Garrett Brown, Sean Colombo |
| 31 | + * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License 2.0 or later |
| 32 | + */ |
| 33 | + |
| 34 | + |
| 35 | +/* |
| 36 | + * Not a valid entry point, skip unless MEDIAWIKI is defined. |
| 37 | + */ |
| 38 | +if ( !defined( 'MEDIAWIKI' ) ) { |
| 39 | + die( 'This file is a MediaWiki extension, it is not a valid entry point' ); |
| 40 | +} |
| 41 | + |
| 42 | +// Make it so that the code will survive the push until the config gets updated. |
| 43 | +$wgEnablePreferencesExt = true; |
| 44 | + |
| 45 | +// FBConnect version |
| 46 | +define( 'MEDIAWIKI_FBCONNECT_VERSION', '3.0-beta, January 2, 2011' ); |
| 47 | + |
| 48 | +// Magic string to use in substitution (must be defined prior to including config.php). |
| 49 | +define( 'FBCONNECT_LOCALE', '%LOCALE%'); |
| 50 | + |
| 51 | +/* |
| 52 | + * Add information about this extension to Special:Version. |
| 53 | + */ |
| 54 | +$wgExtensionCredits['specialpage'][] = array( |
| 55 | + 'path' => __FILE__, |
| 56 | + 'name' => 'Facebook Connect Plugin', |
| 57 | + 'author' => 'Garrett Brown, Sean Colombo, Tomek Odrobny', |
| 58 | + 'url' => 'http://www.mediawiki.org/wiki/Extension:FBConnect', |
| 59 | + 'descriptionmsg' => 'fbconnect-desc', |
| 60 | + 'version' => MEDIAWIKI_FBCONNECT_VERSION, |
| 61 | +); |
| 62 | + |
| 63 | +/* |
| 64 | + * Initialization of the autoloaders and special extension pages. |
| 65 | + */ |
| 66 | +$dir = dirname( __FILE__ ) . '/'; |
| 67 | +// Load the default configuration |
| 68 | +// It's recommended that you override these in LocalSettings.php |
| 69 | +include_once $dir . 'config.default.php'; |
| 70 | +// If config.php exists, import those settings over the default ones |
| 71 | +if (file_exists( $dir . 'config.php' )) { |
| 72 | + require_once $dir . 'config.php'; |
| 73 | +} |
| 74 | +// Load the PHP SDK |
| 75 | +require_once $dir . 'php-sdk/facebook.php'; |
| 76 | + |
| 77 | +$wgExtensionFunctions[] = 'FBConnect::init'; |
| 78 | + |
| 79 | +if( !empty( $wgFbEnablePushToFacebook ) ) { |
| 80 | + // Need to include it explicitly instead of autoload since it has initialization code of its own. |
| 81 | + // This should be done after FBConnect::init is added to wgExtensionFunctions so that FBConnect |
| 82 | + // gets fully initialized first. |
| 83 | + require_once $dir . 'FBConnectPushEvent.php'; |
| 84 | +} |
| 85 | + |
| 86 | +$wgExtensionMessagesFiles['FBConnect'] = $dir . 'FBConnect.i18n.php'; |
| 87 | +$wgExtensionMessagesFiles['FBPushEvents'] = $dir . 'pushEvents/FBPushEvents.i18n.php'; |
| 88 | +$wgExtensionMessagesFiles['FBConnectLanguage'] = $dir . 'FBConnectLanguage.i18n.php'; |
| 89 | +$wgExtensionAliasesFiles['FBConnect'] = $dir . 'FBConnect.alias.php'; |
| 90 | + |
| 91 | +$wgAutoloadClasses['FBConnectAPI'] = $dir . 'FBConnectAPI.php'; |
| 92 | +$wgAutoloadClasses['FBConnectDB'] = $dir . 'FBConnectDB.php'; |
| 93 | +$wgAutoloadClasses['FBConnectHooks'] = $dir . 'FBConnectHooks.php'; |
| 94 | +$wgAutoloadClasses['FBConnectProfilePic'] = $dir . 'FBConnectProfilePic.php'; |
| 95 | +$wgAutoloadClasses['FBConnectLanguage'] = $dir . 'FBConnectLanguage.php'; |
| 96 | +$wgAutoloadClasses['FBConnectUser'] = $dir . 'FBConnectUser.php'; |
| 97 | +$wgAutoloadClasses['FBConnectXFBML'] = $dir . 'FBConnectXFBML.php'; |
| 98 | +$wgAutoloadClasses['SpecialConnect'] = $dir . 'SpecialConnect.php'; |
| 99 | +$wgAutoloadClasses['ChooseNameTemplate'] = $dir . 'templates/ChooseNameTemplate.class.php'; |
| 100 | + |
| 101 | +$wgSpecialPages['Connect'] = 'SpecialConnect'; |
| 102 | + |
| 103 | +// Define new autopromote condition (use quoted text, numbers can cause collisions) |
| 104 | +define( 'APCOND_FB_INGROUP', 'fb*g' ); |
| 105 | +define( 'APCOND_FB_ISOFFICER', 'fb*o' ); |
| 106 | +define( 'APCOND_FB_ISADMIN', 'fb*a' ); |
| 107 | + |
| 108 | +// rt#68127 - Giving basic permissions to other groups might open security holes |
| 109 | +// See <http://trac.wikia-code.com/changeset/27160> and <http://trac.wikia-code.com/changeset/27928> for fix |
| 110 | +$wgGroupPermissions['fb-user'] = $wgGroupPermissions['user']; // Create a new group for Facebook users |
| 111 | + |
| 112 | +$wgAjaxExportList[] = 'FBConnect::disconnectFromFB'; |
| 113 | +$wgAjaxExportList[] = 'SpecialConnect::getLoginButtonModal'; |
| 114 | +$wgAjaxExportList[] = 'SpecialConnect::ajaxModalChooseName'; |
| 115 | +$wgAjaxExportList[] = 'SpecialConnect::checkCreateAccount'; |
| 116 | + |
| 117 | +// These hooks need to be hooked up prior to init() because runhooks may be called for them before init is run. |
| 118 | +$wgFbHooksToAddImmediately = array( 'SpecialPage_initList' ); |
| 119 | +foreach( $wgFbHooksToAddImmediately as $hookName ) { |
| 120 | + $wgHooks[$hookName][] = "FBConnectHooks::$hookName"; |
| 121 | +} |
| 122 | + |
| 123 | +/** |
| 124 | + * Class FBConnect |
| 125 | + * |
| 126 | + * This class initializes the extension, and contains the core non-hook, |
| 127 | + * non-authentification code. |
| 128 | + */ |
| 129 | +class FBConnect { |
| 130 | + static private $fbOnLoginJs; |
| 131 | + |
| 132 | + /** |
| 133 | + * Initializes and configures the extension. |
| 134 | + */ |
| 135 | + public static function init() { |
| 136 | + global $wgXhtmlNamespaces, $wgSharedTables, $facebook, $wgHooks, |
| 137 | + $wgFbOnLoginJsOverride, $wgFbHooksToAddImmediately, $wgFbUserRightsFromGroup; |
| 138 | + |
| 139 | + // The xmlns:fb attribute is required for proper rendering on IE |
| 140 | + $wgXhtmlNamespaces['fb'] = 'http://www.facebook.com/2008/fbml'; |
| 141 | + |
| 142 | + // Facebook/username associations should be shared when $wgSharedDB is enabled |
| 143 | + $wgSharedTables[] = 'user_fbconnect'; |
| 144 | + |
| 145 | + // Create our Facebook instance and make it available through $facebook |
| 146 | + $facebook = new FBConnectAPI(); |
| 147 | + |
| 148 | + // Install all public static functions in class FBConnectHooks as MediaWiki hooks |
| 149 | + $hooks = self::enumMethods( 'FBConnectHooks' ); |
| 150 | + foreach( $hooks as $hookName ) { |
| 151 | + if (!in_array( $hookName, $wgFbHooksToAddImmediately )) { |
| 152 | + $wgHooks[$hookName][] = "FBConnectHooks::$hookName"; |
| 153 | + } |
| 154 | + } |
| 155 | + |
| 156 | + // Allow configurable over-riding of the onLogin handler. |
| 157 | + if( !empty( $wgFbOnLoginJsOverride ) ) { |
| 158 | + self::$fbOnLoginJs = $wgFbOnLoginJsOverride; |
| 159 | + } else { |
| 160 | + self::$fbOnLoginJs = 'window.location.reload(true);'; |
| 161 | + } |
| 162 | + |
| 163 | + // Default to pull new info from Facebook |
| 164 | + global $wgDefaultUserOptions; |
| 165 | + foreach (FBConnectUser::$availableUserUpdateOptions as $option) { |
| 166 | + $wgDefaultUserOptions["fbconnect-update-on-login-$option"] = 1; |
| 167 | + } |
| 168 | + |
| 169 | + // If we are configured to pull group info from Facebook, then set up |
| 170 | + // the group permissions here |
| 171 | + if ( !empty( $wgFbUserRightsFromGroup ) ) { |
| 172 | + global $wgGroupPermissions, $wgImplictGroups, $wgAutopromote; |
| 173 | + $wgGroupPermissions['fb-groupie'] = $wgGroupPermissions['user']; |
| 174 | + $wgGroupPermissions['fb-officer'] = $wgGroupPermissions['bureaucrat']; |
| 175 | + $wgGroupPermissions['fb-admin'] = $wgGroupPermissions['sysop']; |
| 176 | + $wgImplictGroups[] = 'fb-groupie'; |
| 177 | + $wgImplictGroups[] = 'fb-officer'; |
| 178 | + $wgImplictGroups[] = 'fb-admin'; |
| 179 | + $wgAutopromote['fb-groupie'] = APCOND_FB_INGROUP; |
| 180 | + $wgAutopromote['fb-officer'] = APCOND_FB_ISOFFICER; |
| 181 | + $wgAutopromote['fb-admin'] = APCOND_FB_ISADMIN; |
| 182 | + } |
| 183 | + } |
| 184 | + |
| 185 | + /** |
| 186 | + * Returns an array with the names of all public static functions |
| 187 | + * in the specified class. |
| 188 | + */ |
| 189 | + public static function enumMethods( $className ) { |
| 190 | + $hooks = array(); |
| 191 | + try { |
| 192 | + $class = new ReflectionClass( $className ); |
| 193 | + foreach( $class->getMethods( ReflectionMethod::IS_PUBLIC ) as $method ) { |
| 194 | + if ( $method->isStatic() ) { |
| 195 | + $hooks[] = $method->getName(); |
| 196 | + } |
| 197 | + } |
| 198 | + } catch( Exception $e ) { |
| 199 | + // If PHP's version doesn't support the Reflection API, then exit |
| 200 | + die( 'PHP version (' . phpversion() . ') must be great enough to support the Reflection API' ); |
| 201 | + // Or list the extensions here manually... |
| 202 | + $hooks = array( |
| 203 | + 'AuthPluginSetup', 'UserLoadFromSession', |
| 204 | + 'RenderPreferencesForm', 'PersonalUrls', |
| 205 | + 'ParserAfterTidy', 'BeforePageDisplay', /*...*/ |
| 206 | + ); |
| 207 | + } |
| 208 | + return $hooks; |
| 209 | + } |
| 210 | + |
| 211 | + /** |
| 212 | + * Return the code for the permissions attribute (with leading space) to use on all fb:login-buttons. |
| 213 | + */ |
| 214 | + public static function getPermissionsAttribute() { |
| 215 | + global $wgFbExtendedPermissions; |
| 216 | + $attr = ''; |
| 217 | + if (!empty($wgFbExtendedPermissions)) { |
| 218 | + $attr = ' perms="' . implode( ',', $wgFbExtendedPermissions ) . '"'; |
| 219 | + } |
| 220 | + return $attr; |
| 221 | + } // end getPermissionsAttribute() |
| 222 | + |
| 223 | + /** |
| 224 | + * Return the code for the onlogin attribute which should be appended to all fb:login-button's in this |
| 225 | + * extension. |
| 226 | + * |
| 227 | + * TODO: Generate the entire fb:login-button in a function in this class. We have numerous buttons now. |
| 228 | + */ |
| 229 | + public static function getOnLoginAttribute() { |
| 230 | + $attr = ''; |
| 231 | + if ( !empty( self::$fbOnLoginJs ) ) { |
| 232 | + $attr = ' onlogin="' . self::$fbOnLoginJs . '"'; |
| 233 | + } |
| 234 | + return $attr; |
| 235 | + } // end getOnLoginAttribute() |
| 236 | + |
| 237 | + public static function getFBButton( $onload = '', $id = '' ) { |
| 238 | + global $wgFbExtendedPermissions; |
| 239 | + return '<fb:login-button length="short" size="large" onlogin="' . $onload . |
| 240 | + '" perms="' . implode(',', $wgFbExtendedPermissions) . '" id="' . $id . |
| 241 | + '"></fb:login-button>'; |
| 242 | + } |
| 243 | + |
| 244 | + /** |
| 245 | + * Ajax function to disconect from Facebook. |
| 246 | + */ |
| 247 | + public static function disconnectFromFB( $user = null ) { |
| 248 | + $response = new AjaxResponse(); |
| 249 | + $response->addText(json_encode(self::coreDisconnectFromFB($user))); |
| 250 | + return $response; |
| 251 | + } |
| 252 | + |
| 253 | + /** |
| 254 | + * Facebook disconnect function and send mail with temp password. |
| 255 | + */ |
| 256 | + public static function coreDisconnectFromFB( $user = null ) { |
| 257 | + global $wgRequest, $wgUser, $wgAuth; |
| 258 | + |
| 259 | + wfLoadExtensionMessages('FBConnect'); |
| 260 | + |
| 261 | + if ($user == null) { |
| 262 | + $user = $wgUser; |
| 263 | + } |
| 264 | + $statusError = array('status' => 'error', 'msg' => wfMsg('fbconnect-unknown-error')); |
| 265 | + |
| 266 | + if ($user->getId() == 0) { |
| 267 | + return $statusError; |
| 268 | + } |
| 269 | + |
| 270 | + $dbw = wfGetDB( DB_MASTER, array(), FBConnectDB::sharedDB() ); |
| 271 | + $dbw->begin(); |
| 272 | + $rows = FBConnectDB::removeFacebookID($user); |
| 273 | + |
| 274 | + // Remind password attemp |
| 275 | + $params = new FauxRequest(array ( |
| 276 | + 'wpName' => $user->getName() |
| 277 | + )); |
| 278 | + |
| 279 | + if( !$wgAuth->allowPasswordChange() ) { |
| 280 | + return $statusError; |
| 281 | + } |
| 282 | + |
| 283 | + $result = array(); |
| 284 | + $loginForm = new LoginForm($params); |
| 285 | + |
| 286 | + if ($wgUser->getOption('fbFromExist')) { |
| 287 | + $res = $loginForm->mailPasswordInternal( $wgUser, true, 'fbconnect-passwordremindertitle-exist', 'fbconnect-passwordremindertext-exist' ); |
| 288 | + } else { |
| 289 | + $res = $loginForm->mailPasswordInternal( $wgUser, true, 'fbconnect-passwordremindertitle', 'fbconnect-passwordremindertext' ); |
| 290 | + } |
| 291 | + |
| 292 | + if( WikiError::isError( $res ) ) { |
| 293 | + return $statusError; |
| 294 | + } |
| 295 | + |
| 296 | + return array( 'status' => 'ok' ); |
| 297 | + $dbw->commit(); |
| 298 | + return $response; |
| 299 | + } |
| 300 | +} |
0 commit comments