1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Create Mediawiki Users Externally

Discussion in 'PHP' started by j_o, Jul 20, 2012.

  1. #1
    Hey everyone,

    I have a website that has its own database for user login etc. Recently we have added an internal wiki (login to view and edit) also which has its own database tables. This is not a problem however I am trying to set it so that when I create a user from the website a user in the wiki database is also created. I am not looking to set up single sign on or anything. I just want the username, email and password to match between the two tables.

    So far I have successfully developed two functions. One to change an existing users email and the other to change an existing users password. Both these functions work perfectly and as expected. The last thing to do is is create a user externally. Please do not suggest an extension for Mediawiki, I have been at this for a long time and searched quite a bit before I started developing my own script. Unfortunately everything I found online was either for old versions of the wiki or was just not what I needed.

    Here is the code I have so far for the create user function. I am only missing how to set the variables user_email_token and user_email_token_expires in the database. I am trying to do this for Mediawiki v1.19 on a mysql database.

    Basically I am asking if anyone know how to properly set those two variables.

    Hopefully someone can help.

    
    function CreateMwUser($firstname, $lastname, $username, $email, $password, $wiki_prefix = NULL){
    	$user_id = NULL; //Since it auto increments this is just a place holder
    	$user_name = $username;
    	$user_real_name = $firstname." ".$lastname;
    
    	/*
    	A salt is used by MW to make the md5 hash harder to crack.
    	From the MediaWiki site the salt is a pseudo-random hexadecimal 31-bit salt between 0x0 and 0x7fff ffff
    	Similar to the user_token Mediawiki generates the salt using:
    		MWCryptRand::generateHex( 8 ); User.php -> line 3872 -> crypt() function
    	*/
    	$wiki_Fullsalt = md5(dechex(mt_rand()) . dechex(mt_rand())); //Generates a 32 character md5 string -> We need 8 characters
    	$wiki_salt = NULL; //Initially no salt is set
    	//Here we are choosing 8 random characters from the 32 character string to be our salt
    	for($i=0; $i<8;$i++){
    		$randomChar = $wiki_Fullsalt[rand(0, strlen($wiki_Fullsalt)-1)];
    		$wiki_salt .= $randomChar;
    	}
    	
    	//Now that we have a salt we can create the password in the proper format
    	$user_password = ':B:' . $wiki_salt . ':' . md5( $wiki_salt . '-' . md5( $password ) );
    
    
    	$user_newpassword = ""; //Empty since we are authenticating it instead of using the send email option
    	$user_newpass_time = NULL;
    
    	$user_email = $email;
    	$user_touched = gmdate("YmdHis", time()); //Format found from wfTimestamp() function found in GlobalFunctions.php
    
    	/*
    	For the token we need a 32 length random string. Media wiki does this with the following code:
    		MWCryptRand::generateHex( 32 ); This can be seen in use in the file User.php -> line 3212 -> generateToken()
    		After some searching I found this hidden among an old script (that no longer functions properly) for creating MW users 
    	*/
    	$user_token = md5(dechex(mt_rand()) . dechex(mt_rand()));
    
    	$user_email_authenticated = gmdate("YmdHis", time()); //Shows as authenticated at registration
    	
    	$user_email_token = ; //What is this?
    	$user_email_token_expires = ; //What is this?
    
    	$user_registration = gmdate("YmdHis", time());
    	$user_editcount = 0;
    
    	
    	//Now that all the information has been gathered/generated it is time to run the query(s).
    	
    	$CreateUser = "INSERT INTO `{$wiki_prefix}user` ";
    	$CreateUser .= "(`user_id`, `user_name`, `user_real_name`, `user_password`, `user_newpassword`, `user_newpass_time`, ";
    	$CreateUser .= "`user_email`, `user_touched`, `user_token`, `user_email_authenticated`, `user_email_token`, `user_email_token_expires`, ";
    	$CreateUser .= "`user_registration`, `user_editcount`) ";
    	$CreateUser .= "VALUES ('{$user_id}', ";
    	$CreateUser .= " '{$user_name}', ";
    	$CreateUser .= " '{$user_real_name}', ";
    	$CreateUser .= " '{$user_password}', ";
    	$CreateUser .= " '{$user_newpassword}', ";
    	$CreateUser .= " '{$user_newpass_time}', ";
    	$CreateUser .= " '{$user_email}', ";
    	$CreateUser .= " '{$user_touched}', ";
    	$CreateUser .= " '{$user_token}', ";
    	$CreateUser .= " '{$user_email_authenticated}', ";
    	$CreateUser .= " '{$user_email_token}', ";
    	$CreateUser .= " '{$user_email_token_expires}', ";
    	$CreateUser .= " '{$user_registration}', ";
    	$CreateUser .= " '{$user_editcount}')";
    	
    	$Create = mysql_query($CreateUser);
    	confirm_query($Create);
    	
    	//Now we update the site stats table with +1 users
    	$q = mysql_query("SELECT `ss_users` FROM `{$wiki_prefix}site_stats`");
    	confirm_query($q);
    	if(mysql_num_rows($q) == 1){
    		$result = mysql_fetch_array($q);
    		$ss_users = $result['ss_users'];
    		$ss_users++;
    		
    		$SiteStats = mysql_query("UPDATE `{$wiki_prefix}site_stats` SET `ss_users`={$ss_users} ");
    		confirm_query($SiteStats);
    	}
    }
    
    
    PHP:

    Thanks in advance for any help.

    Also in case anyone is in the same boat as me and wants the update user or update password scripts you can find the full file attached below. (Note that the create user script in that file is the same as the one posted above and does not work yet). The table structure can be seen in the attachment also.
     

    Attached Files:

    Last edited: Jul 20, 2012
    j_o, Jul 20, 2012 IP
  2. BRUm

    BRUm Well-Known Member

    Messages:
    3,086
    Likes Received:
    61
    Best Answers:
    1
    Trophy Points:
    100
    #2
    I expect you'd have to read the official documentation or ask those at mediaWiki.

    I'm guessing that the email_token_expires is a unix time stamp.
     
    BRUm, Jul 21, 2012 IP
  3. j_o

    j_o Well-Known Member

    Messages:
    516
    Likes Received:
    2
    Best Answers:
    1
    Trophy Points:
    113
    #3
    I have posted a question at mediawiki but am waiting to hear back (which is why i decided to also ask here incase some one would know). The email_token_expires is a time stamp but i need to know how it is calculated (how far in the future does it expire).
     
    j_o, Jul 23, 2012 IP
  4. j_o

    j_o Well-Known Member

    Messages:
    516
    Likes Received:
    2
    Best Answers:
    1
    Trophy Points:
    113
    #4
    The folks over at http://www.mwusers.com pulled through for me and helped me get the script fixed. I have attached the fully working copy here if anyone is interested in using it.
     

    Attached Files:

    j_o, Jul 24, 2012 IP
  5. BRUm

    BRUm Well-Known Member

    Messages:
    3,086
    Likes Received:
    61
    Best Answers:
    1
    Trophy Points:
    100
    #5
    Good news j_o. What was the result in the end? How long was the timestamp?
     
    BRUm, Jul 24, 2012 IP