Location: PHPKode > projects > Article Manager > pm30/cgi/data/config/styles/phpbb/pm2phpbb.php
<?  $admin_access_key = "changethis";

##############################################
##                                          ##
##  Profile Manager Basic                   ##
##  PHPBB2 Integration Script               ##
##  Copyright 2005 Interlogy LLC.           ##
##  All rights reserved.                    ##
##  Contact: hide@address.com            ##
##                                          ##
##############################################


header('Content-type: text/plain');
if($_GET[adminkey] != $admin_access_key){
	return_error("Incorrect phpbb integration admin access key!");
}
define('IN_PHPBB', true);
$retval = 0;
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.' . $phpEx);

	if($_GET[mode] == "register"){
		//example: pm2phpbb.php?mode=register&username=test&email=hide@address.com&
		register();
	} else if($_GET[mode] == "change_password"){
		//example: pm2phpbb.php?mode=change_password&username=test23
		change_password();
	} else if($_GET[mode] == "log_in"){
		//example:  pm2phpbb.php?mode=log_in&username=test27&ip=64.252.5.23&
		log_in();
	} else if($_GET[mode] == "log_out"){
		//example:  pm2phpbb.php?mode=log_out&username=test27&
		log_out();
	} else if($_GET[mode] == "test"){
		print "OK";
	}
	// future possible integrations:
	// delete
	// update profile (match the database fields)


function log_out()
{
	global $db, $HTTP_GET_VARS, $board_config;

	# user 
	$username = $HTTP_GET_VARS[username];

	# find user id
	$sql = "SELECT user_id FROM " . USERS_TABLE . " WHERE username='". $username ."'";
	if ( !($result = $db->sql_query($sql)) ){
		return_warning("User not found");
	}
	$row = $db->sql_fetchrow($result);
	$user_id = $row['user_id'];

	# time
	$current_time = time();

	# session
	$session_id = md5(uniqid($user_ip));

	$sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_user_id=" . $user_id;
	if ( !$db->sql_query($sql) )
	{
		return_warning("Cannot delete session.");
	}

	$sessiondata = array();
	$sessiondata['userid'] = $user_id;
	$cookiename = $board_config['cookie_name'];
        setcookie($cookiename . '_sid', $session_id, ($current_time - 31536000), "/");
        setcookie($cookiename . '_data', serialize($sessiondata), $current_time - 31536000, "/");                  

	return_success( 
			$cookiename . '_sid|'. $session_id ."|". ($current_time - 31536000) ."|/\n" .
			$cookiename . '_data|'. serialize($sessiondata) .'|'. ($current_time - 31536000) . "|/\n"
	);
}

function log_in()
{
	global $db, $HTTP_GET_VARS, $board_config;

	# user 
	$username = $HTTP_GET_VARS[username];
	$user_ip = encode_ip($HTTP_GET_VARS[ip]);

	# find user id
	$sql = "SELECT user_id FROM " . USERS_TABLE . " WHERE username='". $username ."'";
	if ( !($result = $db->sql_query($sql)) ){
		return_warning("User not found");
	}
	$row = $db->sql_fetchrow($result);
	$user_id = $row['user_id'];

	# time
	$current_time = time();
        $expiry_time = $current_time - $board_config['session_length'];

	# session
	$session_id = md5(uniqid($user_ip));

	$sql = "INSERT INTO " . SESSIONS_TABLE . "
		(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
		VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', ". PAGE_INDEX .", 1)";
	if ( !$db->sql_query($sql) )
	{
		return_warning("Cannot create new session.");
	}

	$sessiondata = array();
	$sessiondata['userid'] = $user_id;
	$cookiename = $board_config['cookie_name'];
        //setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, "/");                  
        //setcookie($cookiename . '_sid', $session_id, 0, "/");

	return_success( 
			$cookiename . '_sid|'. $session_id ."|0|/\n" .
			$cookiename . '_data|'. serialize($sessiondata) .'|'. ($current_time + 31536000) . "|/\n"
	);
}


function change_password()
{
	global $db, $HTTP_GET_VARS;
	$new_password = htmlspecialchars(stripslashes($HTTP_GET_VARS[password]));
        $new_password = md5($new_password);
	$sql = "UPDATE ". USERS_TABLE ." SET user_password='". str_replace("\'", "''", $new_password) ."'
		WHERE  username='$HTTP_GET_VARS[username]'";
        if ( !($result = $db->sql_query($sql)) )
        {
		return_error("password cannot be changed! (phpbb)");
        }
	return_success();
}


function register()
{
	global $phpEx, $db, $board_config, $HTTP_GET_VARS;
        include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
        include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
        include($phpbb_root_path . 'includes/functions_post.'.$phpEx);

	$strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 
		'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 
		'occupation' => 'occupation', 'interests' => 'interests');
	while( list($var, $param) = @each($strip_var_list) )
        {
                if ( !empty($HTTP_GET_VARS[$param]) )
                {
                        $$var = trim(htmlspecialchars($HTTP_GET_VARS[$param]));
                }
        }
	$signature = str_replace('<br />', "\n", $signature);
	$password = $HTTP_GET_VARS[password];
	
        validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);

        $viewemail = 0;
        $allowviewonline = TRUE;
        $notifyreply = 0;
        $notifypm = TRUE;
        $popup_pm = TRUE;
        $attachsig = $board_config['allow_sig'];
        $allowhtml = $board_config['allow_html'];
        $allowbbcode = $board_config['allow_bbcode'];
        $allowsmilies = $board_config['allow_smilies'];
	$user_style = $board_config['default_style'];
	$user_lang = $board_config['default_lang'];
	$user_timezone = $board_config['board_timezone'];
        $sql = "SELECT config_value
                FROM " . CONFIG_TABLE . "
                WHERE config_name = 'default_dateformat'";
        $result = $db->sql_query($sql);
        $row = $db->sql_fetchrow($result);
        $board_config['default_dateformat'] = $row['config_value'];
	$user_dateformat = $board_config['default_dateformat'];
	$user_avatar_local = '';

        $user_avatar_remoteurl =  '';
        $user_avatar_upload = '';
        $user_avatar_name = '';
        $user_avatar_size = 0;
        $user_avatar_filetype = '';
        $user_avatar = '';
        $user_avatar_type = '';
	$user_avatar = $user_avatar_local;
	$user_avatar_type = USER_AVATAR_GALLERY;
	$avatar_sql = "'', " . USER_AVATAR_NONE;

	$username = stripslashes($username);
	$result = validate_username($username);
	if ( $result['error'] )
	{
		//$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
		return_error("This login name is taken or not allowed. (phpbb)");
	}
	$email = stripslashes($email);
	$new_password = htmlspecialchars(stripslashes($password));
	$new_password = md5($new_password);
	$icq = stripslashes($icq);
	$aim = stripslashes($aim);
	$msn = stripslashes($msn);
	$yim = stripslashes($yim);
	$website = stripslashes($website);
	$location = stripslashes($location);
	$occupation = stripslashes($occupation);
	$interests = stripslashes($interests);
	$signature = stripslashes($signature);
	$user_lang = stripslashes($user_lang);
	$user_dateformat = stripslashes($user_dateformat);

	
	$sql = "SELECT MAX(user_id) AS total FROM " . USERS_TABLE;
	if ( !($result = $db->sql_query($sql)) )
	{
		message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
	}

	if ( !($row = $db->sql_fetchrow($result)) )
	{
		message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
	}
	$user_id = $row['total'] + 1;

	//
	// Get current date
	//
	$sql = "INSERT INTO " . USERS_TABLE . " (
			user_id, username, user_regdate, 
			user_password, user_email, user_icq, 
			user_website, user_occ, user_from, 
			user_interests, user_sig, user_sig_bbcode_uid, 
			user_avatar, user_avatar_type, user_viewemail, 
			user_aim, user_yim, user_msnm, 
			user_attachsig, user_allowsmile, user_allowhtml, 
			user_allowbbcode, user_allow_viewonline, user_notify, 
			user_notify_pm, user_popup_pm, user_timezone, 
			user_dateformat, user_lang, user_style, 
			user_level, user_allow_pm, user_active, user_actkey)
			VALUES (
			$user_id, '" . str_replace("\'", "''", $username) . "', " . time() .  
			", '" . str_replace("\'", "''", $new_password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . 
			"', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . 
			"', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', 
			$avatar_sql, $viewemail, '" . 
			str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popup_pm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
	$user_actkey = gen_rand_string(true);
	$key_len = 54 - (strlen($server_url));
	$key_len = ( $key_len > 6 ) ? $key_len : 6;
	$user_actkey = substr($user_actkey, 0, $key_len);
	//$sql .= "1, '" . str_replace("\'", "''", $user_actkey) . "')";
	$sql .= "1, '')" ;

	if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
	{
	        // message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
		return_error("Cannot create a phpbb account");
	}
	$sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, 
				group_single_user, group_moderator)
                                VALUES ('', 'Personal User', 1, 0)";
	if ( !($result = $db->sql_query($sql)) )
	{
		#no error
	}

	$group_id = $db->sql_nextid();

	$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
		VALUES ($user_id, $group_id, 0)";
	if( !($result = $db->sql_query($sql, END_TRANSACTION)) )
	{
		# no error
	}

	return_success();
}


function get_all_usernames()
{
	$sql = "select username from ".USERS_TABLE;
	if ($result = $db->sql_query($sql)){
		while($row = $db->sql_fetchrow($result)){
			print_r($row);
		}

	}
}

function return_success($message="")
{
	print "SUCCESS\n";
	print $message;
	exit;
}

function return_error($err)
{
	print "ERROR\n";
	print $err;
	exit;
}

function return_warning($err)
{
	print "WARNING\n";
	print $err;
	exit;
}

function gen_rand_string($hash)
{
        $chars = array( 'a', 'A', 'b', 'B', 'c', 'C', 'd', 'D', 'e', 'E', 'f', 'F', 'g', 'G', 'h', 'H', 'i', 'I', 'j', 'J',  'k', 'K', 'l', 'L', 'm', 'M', 'n', 'N', 'o', 'O', 'p', 'P', 'q', 'Q', 'r', 'R', 's', 'S', 't', 'T',  'u', 'U', 'v', 'V', 'w', 'W', 'x', 'X', 'y', 'Y', 'z', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0');

        $max_chars = count($chars) - 1;
        srand( (double) microtime()*1000000);
        
        $rand_str = '';
        for($i = 0; $i < 8; $i++)
        {
                $rand_str = ( $i == 0 ) ? $chars[rand(0, $max_chars)] : $rand_str . $chars[rand(0, $max_chars)];
        }

        return ( $hash ) ? md5($rand_str) : $rand_str;
}



?>
Return current item: Article Manager