Topic: PunBB's cookies
Hi,
Can someone point me to where and how PunBB stores cookies? I would like to integrate my own login to set PunBB's cookies so the same login can work for both my stuff as well as PunBB.
Thanks!
- Connorhd
- Former PunBB Developer
- Offline
Re: PunBB's cookies
i suggest you read the documentation, also punbb stores cookies as cookies theres no where about it, your best including punbb's common functions and let it proccess the cookie for you http://punbb.org/docs/dev.html#integration
Re: PunBB's cookies
Thanks for that but my site already has over 10,000 registered users and I just dont know how I can integrate my own login with punbb. Mine also uses a hashed cookie. The passwords are all stored in my db as md5 so there's no way I can simply replicate the user data in the punbb database! (Or is there? Does punbb also do md5 on passwords in the db?)
4 2005-05-30 14:09 (edited by Smartys 2005-05-30 14:10)
Re: PunBB's cookies
PunBB uses md5 (although if your server has the ability to use SHA-1 it will use that instead)
Edit: Do a urldecode and unserialize on the PunBB cookie and you'll see how it works 
5 2005-05-31 04:37 (edited by craigm 2005-05-31 04:38)
Re: PunBB's cookies
Thanks, but when I copied the text of the cookie and did this:
<?
echo urldecode(unserialize('-----cookie text with ampersands went here------'));
?>This printed nothing. What am I missing?
Re: PunBB's cookies
Also, how do I disable SHA-1 and force PunBB to do md5 hashing of passwords? Then I can simply set the right cookie and PunBB should work with my own user ID functions. Or do I need to set something else as well?
Re: PunBB's cookies
Other way around, and then it will be an array so you'll have to use print_r to see it
And to disable SHA-1 check the functions (ie: punhash)
Re: PunBB's cookies
craigm: Have a look at the functions pun_hash() and pun_setcookie() in include/functions.php. You might have to hack login.php a bit as well in order to ignore SHA1.
"Programming is like sex: one mistake and you have to support it for the rest of your life."
Re: PunBB's cookies
Thanks so much for the help, smarty and Richard. I dug around in the code, and ultimately, given my excellent command of PHP, broke the code
So I will start over again with fresh PunBB install, and here is what I wish to do -- bypass the cookie checking altogether, or force PunBB to look at the cookies I have set. In this case, I don't need the pun_hash and the pun_setcookie functions, I just need to change the login CHECKING to simply check for the cookie that is set through my login.
Is this advisable? Wouldn't it be simpler? What parts of the code should I look into for this? Basically, bypass the login.php altogether and simply modify the checking code.
Thanks so much for your help until now!