• spazin
  • Junior Member
  • Offline
  • Registered: 2005-03-16
  • Posts: 2

Topic: help this newbie!

I think I'm having the same problem a lot of other people are. I have a web site with a members area. When a person registers they are able to get into the mebers area. The PunBB board is in the members area. I want the registered members to be able to use their existing username/password to access the forum without having to register for the forum.
My registration/login for the members area uses a ".htpasswd" file to store/retreive usernames/passwords.
Is there any way to make PunBB look at this file(.htpasswd) and let the member login to the board?
I've seen a few questions about this here and even a few answers. Unfortunitly most of us don't understand the lingo used. If we were that smart we would have created our own board and not needed this one.
Example...one said "oh, just add this blah blah blah"...ok fine. Add it where? what file? what part of the file?
A few even said "if you know php you can......" Well if I knew PHP I'd just do it and not ask..lol
Please help!!

Thanks
Spazin

  • Connorhd
  • Connorhd
  • Former PunBB Developer
  • Offline
  • From: Leeds, UK
  • Registered: 2004-06-13
  • Posts: 4,195

Re: help this newbie!

that would be difficult i think, you would probably be better doing it the other way round and using punbbs login to allow users to access the members area

FluxBB.
Connorhd.co.uk.

Connorhd's Website

  • spazin
  • Junior Member
  • Offline
  • Registered: 2005-03-16
  • Posts: 2

Re: help this newbie!

Thanks for the reply. I was afraid I wouldn't be able to do it. Where(what file on my server) does PunBB keep username/password data? Maybe I can configure my main site login script to use the same file.
Thanks
Spazin

4 Reply by CodeXP (edited by CodeXP 2005-03-16 11:17)

  • CodeXP
  • Senior Member
  • Offline
  • From: /dev/null
  • Registered: 2004-07-07
  • Posts: 503

Re: help this newbie!

spazin wrote:

Thanks for the reply. I was afraid I wouldn't be able to do it. Where(what file on my server) does PunBB keep username/password data? Maybe I can configure my main site login script to use the same file.
Thanks
Spazin

The simplest way to learn what PunBB variables you can use in your scripts is to just copy/paste the following code into a new *.php file and run it. It'll display all the variables from $pun_user and $pun_config:

<?php
define('PUN_ROOT', './');
define('PUN_QUIET_VISIT', 1);
@require PUN_ROOT.'include/common.php';
echo 'Available variables in the <strong>$pun_user</strong> array:
        <pre>'; 
print_r($pun_user); // This will show you the user information.
echo '</pre>'; 
echo 'Available variables in the <strong>$pun_config</strong> array:
        <pre>'; 
print_r($pun_config); // This will show you the board configuration
echo '</pre>'; 
?>

CodeXP's Website

  • From: UK
  • Registered: 2004-07-24
  • Posts: 97

Re: help this newbie!

To use htaccess passwords essentially all you need to do is  replace your check_cookie() function in include/functions.php with this:

//
// Cookie stuff!
//
function check_cookie(&$pun_user)
{
    global $db, $pun_config;

    $username = (isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '');
    
    if (!$username) die('Authentication failure');

    $now = time();

    // Check if there's a user with the user ID and password hash from the cookie
    $result = $db->query('SELECT u.*, g.*, o.logged, o.idle FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON u.group_id=g.g_id LEFT JOIN '.$db->prefix.'online AS o ON o.user_id=u.id WHERE u.username=\''.$username.'\'') or error('Unable to fetch user information', __FILE__, __LINE__, $db->error());
    $pun_user = $db->fetch_assoc($result);

    // Set a default language if the user selected language no longer exists
    if (!@file_exists(PUN_ROOT.'lang/'.$pun_user['language']))
        $pun_user['language'] = $pun_config['o_default_lang'];

    // Set a default style if the user selected style no longer exists
    if (!@file_exists(PUN_ROOT.'style/'.$pun_user['style'].'.css'))
        $pun_user['style'] = $pun_config['o_default_style'];

    if (!$pun_user['disp_topics'])
        $pun_user['disp_topics'] = $pun_config['o_disp_topics_default'];
    if (!$pun_user['disp_posts'])
        $pun_user['disp_posts'] = $pun_config['o_disp_posts_default'];

    // Define this if you want this visit to affect the online list and the users last visit data
    if (!defined('PUN_QUIET_VISIT'))
    {
        // Update the online list
        if (!$pun_user['logged'])
            $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$now.')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
        else
        {
            // Special case: We've timed out, but no other user has browsed the forums since we timed out
            if ($pun_user['logged'] < ($now-$pun_config['o_timeout_visit']))
            {
                $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error());
                $pun_user['last_visit'] = $pun_user['logged'];
            }

            $idle_sql = ($pun_user['idle'] == '1') ? ', idle=0' : '';
            $db->query('UPDATE '.$db->prefix.'online SET logged='.$now.$idle_sql.' WHERE user_id='.$pun_user['id']) or error('Unable to update online list', __FILE__, __LINE__, $db->error());
        }
    }
    $pun_user['is_guest'] = false;
}

And then setup password protection on your punbb folder to use the same passwd file as your members area. If you get 'Authentication failure' then you haven't setup the protection properly.

Nibbler(cpg)'s Website