=== Plugin Name ===
Contributors: charlener
Donate link: none
Tags: authentication
Requires at least: 2.5
Tested up to: 2.6
Stable tag: 2.0

A plugin that allows the use of an external database for authentication into wordpress.

== Description ==
A plugin that allows the use of an external MySQL database for authentication into wordpress.  It requires you know how the passwords are stored in the external database, though - with default support for SHA1 or MD5.  See FAQ about customizing hashing to work with your system.

Version 1.0 works with the 2.0-2.1 WordPress series for sure; other versions unsure.  Version 2.0 works with 2.5 upwards.

This plugin is particularly useful if you want users to login to do groupblogging, but want some control over who can login due to previous records.  To do this, you'll also need to change new user default role in Settings->General to something other than merely a subscriber.


== Installation ==

1. Upload `ext_db_auth.php` to the `/wp-content/plugins/` directory
1. Activate the plugin through the 'Plugins' menu in WordPress
1. Enter your external database settings in Options->External DB settings


== Frequently Asked Questions ==

= Why external? =

Because Moodle seems to have issues with having blogs actually have commenting abilities.

= What about the error message? Why doesn't it show up all the time? =

It seems that the updated version of the hook authenticates, but will override (sort of) actions if the login in the wp user database authenticates successfully.  This means that synchronizing will not occur, as it jumps to the admin pages before updating the password from the external db.  The current workaround for this is doing a redirect then exit() so that it won't go through unless the password really is the "right" (matches the external db) one.  This also means that the error message doesn't pop up.  If the login attempt is with a username that WordPress has never "seen" (never added to wp_user) then the error message shows up.

= Can I still create accounts within WordPress? =

Yes, but if there is a situation where you have a pre-created account on WordPress, then add an account with the identical username on the external database, the WordPress data will be overwritten.  Best practice is to not really use the user admin interface on WordPress for account addition.

= Can I update user information within WordPress? =

Yes, and your individual users can do so, too.  Only if the moodle option is enabled (and this may be rapidly becoming obsolete) will specific data from the Moodle db (if it exists) be used to overwrite WordPress user information.

= My external database's passwords are hashed with a salt/datestamp/phases of the moon/etc =

You can conceivably go into the code around line 196 and change the hashing code - albeit not the option name necessarily.  I've done this for a website where there was a salted hash and it worked fine.

== Screenshots ==

1. Plugin config screen
2. Example login error message