4

我的目标是从我的外部应用程序检查 Joomla用户名密码是否有效。用户不必登录系统,只要他们的帐户存在即可。我决定基于 Joomla 身份验证 (JOOMLA_PATH/plugins/authentication/joomla) 创建自己的身份验证插件。我只改了名字:

<?php
/**
 * @version     $Id: joomla.php 21097 2011-04-07 15:38:03Z dextercowley $
 * @copyright   Copyright (C) 2005 - 2011 Open Source Matters, Inc. All rights reserved.
 * @license     GNU General Public License version 2 or later; see LICENSE.txt
 */

// No direct access
defined('_JEXEC') or die;

jimport('joomla.plugin.plugin');

/**
 * Joomla Authentication plugin
 *
 * @package     Joomla.Plugin
 * @subpackage  Authentication.Webservice
 * @since 1.5
 */
class plgAuthenticationWebservice extends JPlugin
{
    /**
     * This method should handle any authentication and report back to the subject
     *
     * @access  public
     * @param   array   Array holding the user credentials
     * @param   array   Array of extra options
     * @param   object  Authentication response object
     * @return  boolean
     * @since 1.5
     */
    function onUserAuthenticate($credentials, $options, &$response)
    {
        jimport('joomla.user.helper');

        $response->type = 'Webservice';
        // Joomla does not like blank passwords
        if (empty($credentials['password'])) {
            $response->status = JAUTHENTICATE_STATUS_FAILURE;
            $response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
            return false;
        }

        // Initialise variables.
        $conditions = '';

        // Get a database object
        $db     = JFactory::getDbo();
        $query  = $db->getQuery(true);

        $query->select('id, password');
        $query->from('#__users');
        $query->where('username=' . $db->Quote($credentials['username']));

        $db->setQuery($query);
        $result = $db->loadObject();

        if ($result) {
            $parts  = explode(':', $result->password);
            $crypt  = $parts[0];
            $salt   = @$parts[1];
            $testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);

            if ($crypt == $testcrypt) {
                $user = JUser::getInstance($result->id); // Bring this in line with the rest of the system
                $response->email = $user->email;
                $response->fullname = $user->name;
                if (JFactory::getApplication()->isAdmin()) {
                    $response->language = $user->getParam('admin_language');
                }
                else {
                    $response->language = $user->getParam('language');
                }
                $response->status = JAUTHENTICATE_STATUS_SUCCESS;
                $response->error_message = '';
            } else {
                $response->status = JAUTHENTICATE_STATUS_FAILURE;
                $response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
            }
        } else {
            $response->status = JAUTHENTICATE_STATUS_FAILURE;
            $response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
        }
    }
}

我在我的插件中添加了一个文件来访问身份验证,我将其命名为 test_auth.php,它是这样的:

<?php
define('_JEXEC', 1 );
define('JPATH_BASE', 'C:\xampp\htdocs\joomla');
define( 'DS', DIRECTORY_SEPARATOR );

require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );

include("Webservice.php"); 

$credentials = array(
    'username' => 'test',
    'password' => 'test');

$options = array();

$response = array();

$auth = new plgAuthenticationWebservice();
$auth->onUserAuthenticate($credentials, $options, &$response);

var_dump($response);

但是当我调用它时,它会出现以下错误:

警告:缺少 JPlugin::__construct() 的参数 1,在第 25 行的 C:\xampp\htdocs\joomla\plugins\authentication\Webservice\test_auth.php 中调用并在 C:\xampp\htdocs\joomla\libraries\ 中定义joomla\plugin\plugin.php 在第 57 行
致命错误:调用 C:\xampp\htdocs\joomla\libraries\joomla\base\observer.php 中非对象上的成员函数 attach() 第 41 行

我究竟做错了什么?我想我可以将所有 php 脚本放在外部并独立于 joomla 并使用 require_once(JPATH_BASE .DS.'includes'.DS.'defines.php') 等。或者我可以编写一个插件,使用扩展管理器安装它,然后不会与不可用的 joomla 框架作斗争。但事实上,如果我省略了defines.php 和framework.php,它就行不通了。

我认为在 Joomla 1.7 中创建插件的指南会有所帮助。

4

1 回答 1

4

好的,我完全放弃了我的第一次尝试。

相反,我现在使用 JOOMLA_ROOT/libraries/joomla/user/authentication.php(由 JOOMLA_ROOT/libraries/joomla/application/application.php 启发)。

我的 test_auth.php 现在看起来像这样:

<?php

define('_JEXEC', 1 );
define('DS', DIRECTORY_SEPARATOR);
define('JPATH_BASE', dirname(__FILE__) . DS . '..' . DS . '..' . DS . '..'); // assuming we are in the authorisation plugin folder and need to go up 3 steps to get to the Joomla root

require_once (JPATH_BASE .DS. 'includes' .DS. 'defines.php');
require_once (JPATH_BASE .DS. 'includes' .DS. 'framework.php');
require_once (JPATH_BASE .DS. 'libraries' .DS. 'joomla'. DS. 'user' .DS. 'authentication.php');

$mainframe =& JFactory::getApplication('site');
$mainframe->initialise();

$credentials = array(
    'username' => 'test',
    'password' => 'test');

$options = array();

$authenticate = JAuthentication::getInstance();
$response   = $authenticate->authenticate($credentials, $options);

if ($response->status === JAUTHENTICATE_STATUS_SUCCESS) {
    echo('<br />It works<br />');
}
var_dump($response);

对于任何改进,我将不胜感激!

编辑:我解雇了插件安装。它是一个简单的外部脚本,不会从 Joomla 本身调用。我只是将它移动到 Joomla 根目录中的一个新文件夹中。

于 2011-08-09T07:51:13.990 回答