Topic: Sessions(or something)

Hi,

I wonder if it's possible to add the forum to my homepage and to make the whole login system work with the entire site? OK, a login form shouldn't be a problem, but then there are some sessions I have to keep alive and so on + that I have to be able to make it safe. This qestion has probably been asked before, but I don't know what do search for...

Best regards,
Madoor

Re: Sessions(or something)

I believe it will be quite difficult. You would have to add session management to all PunBB scripts in order to keep the session alive and updated. It is usually easier to base the site login system on PunBB than the other way around.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Sessions(or something)

That was what I meant! To be able to use the forums login system on the whole homepage...

Re: Sessions(or something)

Yes, that's what you meant. And I answered you that it will be very difficult. I don't know what else to say?

"Programming is like sex: one mistake and you have to support it for the rest of your life."

5 (edited by Madoor 2004-05-31 23:32)

Re: Sessions(or something)

oh, sorry, too late for me wink

Do you have any suggestions how to do this the most simple way? Just add the sessions to each page to keep it updated? The punBB itself does not use any sessions?

Re: Sessions(or something)

OK, I have now looked into the login.php file and can't say I understand it 100% and neither how people stay logged in.

you save the username and a cryptated password in a cookie, then common.php uses this function check_cookie($cur_user) to get the info out from the database... So, you only use variables and no sessions!?

Is it enough to include this function:
function check_cookie(&$cur_user)
{
...
}
in all my pages and to check it with check_cookie($cur_user) to keep the members logged in or do I have to include something more (I guess I do)?

Re: Sessions(or something)

You can include common.php from your other scripts and that way keep people logged in into PunBB, but that's building your site around PunBB and not the other way around that I thought you were after.

PunBB does not use sessions at all. The login feature is based solely on cookies.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Sessions(or something)

Yes, but if I shall build punBB upon my other login system that would sure be messy I think! Is this cookie system a safe and good system? In that case I can build my whole site upon that...

Do I only have to include common.php on all pages to keep the folks in?

I haven't started on the site yet, so, there is no problem with building the site around punBB...

Re: Sessions(or something)

Yes, I would say it's "safe and good" :D

"Programming is like sex: one mistake and you have to support it for the rest of your life."

10

Re: Sessions(or something)

How long do you stay logged in before it has to logg you in again (if you dont refresh..)?

Re: Sessions(or something)

By default, the cookie is valid for a year, so I guess the answer to your question is, a year :)

"Programming is like sex: one mistake and you have to support it for the rest of your life."

12

Re: Sessions(or something)

ok, so they will allways be logged in when they visit the site... And the cookie destroys when you log out then...
Thanks for the answers!

13 (edited by phil 2004-06-01 17:51)

Re: Sessions(or something)

A question for the real programmers out there (i.e. not me) - is there a technical reason that PunBB uses cookies rather than sessions? - or was it written before sessions were available in php??

thx.

Re: Sessions(or something)

I chose to base the login on cookies because it's a lot simpler than sessions. There's a disadvantage (the user has to accept cookies), but the code can be kept nice and neat.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

15

Re: Sessions(or something)

is there an error if the user don't accept cookies?

16 (edited by Madoor 2004-06-01 21:03)

Re: Sessions(or something)

One more thing.... At the top of the page it says "Last visit: Today 19:53:38"... If I'll just update the page now this time won't change... but if I wait a minute it will be updated... How long can I be inactive before it updates when I refresh the page? Where can I change that time?

Re: Sessions(or something)

Admin/Options/Visit timeout

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Sessions(or something)

Madoor wrote:

is there an error if the user don't accept cookies?

No. He/she just can't login.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

19

Re: Sessions(or something)

Thanks.

20

Re: Sessions(or something)

Rickard wrote:
Madoor wrote:

is there an error if the user don't accept cookies?

No. He/she just can't login.

Something to consider, if Guests can't read the forum or post ...

Re: Sessions(or something)

You mean using sessions as well? The answer is no.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

22

Re: Sessions(or something)

Rickard wrote:

You mean using sessions as well? The answer is no.

Actually, no, I meant it more as a warning for people like myself who disable guest read access that perhaps I've lost a few users along the way ...

Re: Sessions(or something)

Ah, ok :)

"Programming is like sex: one mistake and you have to support it for the rest of your life."

24

Re: Sessions(or something)

I tried to make one big site, but I failed in that, because cookie's are limited to one domain (e.g. www.domain.com), if you have forums.domain.com, the same cookie won't work (it does if you have www.domain.com/forums/). Since I wanted a subdomain, I am using the users database of punBB, but the users have to login on every subdomain, with the same username and password.

btw, if you press on register on my own site, you get the register page of punBB wink

FPS-Factory.nl - All about First Person Shooters!

Re: Sessions(or something)

That can be solved by editing your cookie_domain in config.php. I have

$cookie_domain = '.punbb.org';

which makes the cookie valid for everything under punbb.org. forums.punbb.org included.

"Programming is like sex: one mistake and you have to support it for the rest of your life."