1 (edited by eq1987 2004-07-04 21:05)

Topic: Integration

Hello, I want to integrate my forum with aMember pro (cgi-central.net). I was told, from cgi-central, that i could use $anyvariable = his login PHP stuff, and that would work. I integrated my own small profile system with it, and now i want to move to forums, might anyone be able to tell me which files i need to change.

You wouldnt need to specify where exactly every code is, just which files to change, and *maybe*, it wouldnt hurt to specify a few areas of code.
Perhaps someone would even write a tutorial for everyone in the future to use, to do this.
Thanks

Re: Integration

If you want to fiddle with authorisation stuff, you should look at check_cookie() in include/functions.php

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Integration

So if i fiddle with that file only, and do it correct, would i be able to integrate the forums to my member system? So all posts and all that stuff would work. And of course, do the tables in the DB.

Re: Integration

you MD5 your passwords, unfortuneately my user system doesnt, is it possible you could tell me how to take MD5 off?

Re: Integration

It's not possible to "reverse" an MD5 checksum. It's one way.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Integration

Im getting the error:
Error: Unable to fetch user information. 

Might you be able to tell me which fields, in the table, or perhaps in functions code, need to be fetched, so i can make em fetchable. heh. thank you

Re: Integration

That doesn't tell me much. Enable debug mode and try again:

http://punbb.org/forums/viewtopic.php?id=2658

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Integration

I changed some stuff in functions, because the index wasnt coming up anymore. now when i try to login, i get the message: wrong username and/or password.

Now, back to the MD5.
You have all passwords for the forums become MD5.
Well, when you have you script login, dont you have to state that it is MD5 or it wont be correct?
If this is true, and your code states, in the login, that it is MD5, it will search the password column for MD5, not normal.
My member system is *not* MD5; therefore, it wouldnt work? right?
If all this is correct, could you possibly tell me where the code is i need to change, so it wont read it MD5.

Thanks

9 (edited by eq1987 2004-07-06 22:34)

Re: Integration

Actually i logged in as my admin, it loaded the Loggin in page, then i came back to Login.php, and said i wasnt logged in? So it must be selected some parts from the old table, and some from the new one?

BTW: Whats password_hash?

10

Re: Integration

Ahhh, sorry for 10000 posts, but some more info:
The script provider for my user system said i could use:
$username = $_SESSION['_amember_user];
Could i use $variables in this page? or perhaps something like:

list($cookie['_amember_user'], $cookie['_amember_pass']) = unserialize(unescape($_COOKIE[$cookie_name]));

        if (strcasecmp($cookie['_amember_user'], 'Guest'))
        {
            $result = $db->query('SELECT * FROM '.$db->prefix.'users WHERE login=\''.addslashes($cookie['_amember_user']).'\' AND pass=\''.addslashes($cookie['?watever goes here...maybe _amember_pass']).'\'') or error('Unable to fetch user information', __FILE__, __LINE__, $db->error());

Hope this is all understandable....
Thanks

Re: Integration

I'm sorry, but I have no idea where to even start. Are you sure you want to be fiddling with the authorisation code if you aren't sure exactly how it works?

"Programming is like sex: one mistake and you have to support it for the rest of your life."

12

Re: Integration

Point taken. Although, I still want to try to integrate the forum to my user system, otherwise i have to pay someone to use IPB(which suxors).

I can integrate it, in time lol, i just dont understand how your forum is built.

This is probably the most confusing part,  because i dont deal with cookies often.
$cookie['password_hash'])
What exactly is password_hash?

When a user logins in at login.php, does he/she send a cookie to his/her computer, which password_hash as their password? Which i believe is correct.
The thing is, i dont understand *where* the code is that is sending the cookie with all the information.

Thanks - i will say, my ealier posts were a bit...confusing/stupid. Hopefully this one isnt too !!

Re: Integration

eq1987 wrote:

Point taken. Although, I still want to try to integrate the forum to my user system, otherwise i have to pay someone to use IPB(which suxors).

People usually do the opposite, i.e. integrate their site with the user system in PunBB :)

eq1987 wrote:

This is probably the most confusing part,  because i dont deal with cookies often.
$cookie['password_hash'])
What exactly is password_hash?

A hash is the result of a checksum function such as MD5 or SHA1. When someone registers, they enter a password. Lets say I just registered and I entered 'mypassword' as my password. What then happens is that PunBB checks to see if it has access to the sha1() function (PHP 4.3.0+). If it does, it uses it. Otherwise, it uses md5(). In our case, lets say the sha1() function doesn't exist, so we'll use md5(). PunBB will call md5() with the parameter 'mypassword' and it will return a hash of that password. It will return 34819d7beeabb9260a5c854bc85b3e44. This hash is then stored in the database as my password hash. The real password is never stored. Then, when I try to login, PunBB will run md5() on the password I enter in the login form and compare the hash it gets with the hash that is stored in the database. If they match, I entered the correct password. Finally, the password hash is stored together with my username in a cookie so that I don't have to login every time I visit the forums.

eq1987 wrote:

When a user logins in at login.php, does he/she send a cookie to his/her computer, which password_hash as their password? Which i believe is correct.

That sentence is weird. When someone logs in via login.php, the script calls setcookie() that outputs the appropriate headers to set a cookie on the client computer.

eq1987 wrote:

The thing is, i dont understand *where* the code is that is sending the cookie with all the information.

You've got it all backwards. That is done automatically via the HTTP protocol. You don't have to ask a clients browser to send the cookie information, it's sent regardless.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

14

Re: Integration

Ok, but doesnt the script somewhere check the cookie's information? Like the user/pass, so he/she can stay logged in.
If thats correct, once the PHP gets the info, wouldnt it have to do a  SQL, something like this:
SQL = "SELECT * FROM members WHERE login = $cookie_username AND password = $cookie_password"
If so, i was wondering where the SQL to do this would be?

Re: Integration

Look at my first post in this topic :)

"Programming is like sex: one mistake and you have to support it for the rest of your life."

16 (edited by Todd 2005-04-02 20:24)

Re: Integration

Hello eq1987,

Did you ever have any success in this endeavor?  I am interested in doing something similar.

If its cheaper to run Windows than it is to run Linux, how come Microsoft has all the money?