Array
(
[forum_cookie_16bb58] => MnxkMmQxODQ0ZTZiOTE1ZWI0ZWZjNTk4ZjQ0OGE5YWJjYzY4MDU2ZWY4fDEyMzQ0NTEwNjZ8ZDY5NzZmNWFlZGQwOTVhYTUwZjg4YmM3MDNjYWExYWUxYTliZTllOQ==
[CAKEPHP] => jkei6cr9b835tllrfvcj2go8s1
)1 2009-01-13 15:04
Re: External login / cookie / authentication questions (8 replies, posted in PunBB 1.3 additions)
2 2009-01-13 15:00
Re: External login / cookie / authentication questions (8 replies, posted in PunBB 1.3 additions)
$forum_user
Array
(
[id] => 2
[group_id] => 1
[username] => {user_id}
[password] => {password_here}
[salt] => {salt_here}
[email] => {email}
[title] =>
[realname] =>
[url] =>
[jabber] =>
[icq] =>
[msn] =>
[aim] =>
[yahoo] =>
[location] =>
[signature] =>
[disp_topics] =>
[disp_posts] =>
[email_setting] => 1
[notify_with_post] => 0
[auto_notify] => 0
[show_smilies] => 1
[show_img] => 1
[show_img_sig] => 1
[show_avatars] => 1
[show_sig] => 1
[access_keys] => 0
[timezone] => 0
[dst] => 0
[time_format] => 0
[date_format] => 0
[language] => English
[style] => Oxygen
[num_posts] => 1
[last_post] => 1231794225
[last_search] =>
[last_email_sent] =>
[registered] => 1231794225
[registration_ip] => 127.0.0.1
[last_visit] => 1231812874
[admin_note] =>
[activate_string] =>
[activate_key] =>
)$cookie
Array
(
[user_id] => 1
[password_hash] => Guest
[expiration_time] => 0
[expire_hash] => Guest
)3 2009-01-13 14:52
Re: External login / cookie / authentication questions (8 replies, posted in PunBB 1.3 additions)
Only the one before
// If this a cookie for a logged in user and it shouldn't have already expired
if (intval($cookie['user_id']) > 1 && intval($cookie['expiration_time']) > $now)
{prints anything. The data is my user array from the database.
Latest updated code
if(!defined('FORUM_ROOT')) {
define('FORUM_ROOT', 'forums/');
}
require_once FORUM_ROOT.'config.php';
require_once FORUM_ROOT.'include/functions.php';
require_once FORUM_ROOT.'include/dblayer/common_db.php';
($hook = get_hook('in_start')) ? eval($hook) : null;
$userId = $forum_user['id'];
$salt = $forum_user['salt'];
$password= $_POST['password'];
$hash = forum_hash($password, $salt);
$saveLogin = 0;
$expire = time()+60*60*24*30;
forum_setcookie($cookie_name, base64_encode($userId.'|'.$hash.'|'.$expire.'|'.sha1($salt.$hash.forum_hash($expire, $salt))), $expire);
cookie_login($forum_user);4 2009-01-13 14:23
Re: External login / cookie / authentication questions (8 replies, posted in PunBB 1.3 additions)
what the problem?
If I login from the external script, I don't appear as logged in on the forums.
does the forum say something when you access it with a logged in user? ...
If I login with the external script, and then navigate to the forums, it shows me as logged out.
run the current code, after the cookie has been set run the cookie_login() function and then print the forum_user array
Doing this shows me as guest.
As far as I can tell, 100% of the data going into forum_setcookie() is the same in my script as in the forum/login.php.
What is csrf_token on the forums/login.php form?
5 2009-01-13 02:45
Topic: External login / cookie / authentication questions (8 replies, posted in PunBB 1.3 additions)
We are working on integrating PunBB into one of our major sites. We don't need to worry about account CRUD, this is already working. The only piece we have not been able to complete is the login script to allow people that login on our main site to appear logged in on the punbb forums.
Forums are located in www.domain.com/forums/. $forumUser['PunbbUser'] is a database row from the punbb_users db table. $password is set above this block of code, but it is the value passed from the login form.
Here is our integration script:
$forum_user = $forumUser['PunbbUser']; // used to spoof punbb into thinking we are logged in
if(!defined('FORUM_ROOT')) {
define('FORUM_ROOT', 'forums/');
}
require_once FORUM_ROOT.'config.php';
require_once FORUM_ROOT.'include/functions.php';
($hook = get_hook('in_start')) ? eval($hook) : null;
$userId = $forumUser['PunbbUser']['id'];
$salt = $forumUser['PunbbUser']['salt'];
$hash = forum_hash($password, $salt);
$saveLogin = 0;
$expire = ($saveLogin) ? time() + 1209600 : time() + $forum_config['o_timeout_visit'];
forum_setcookie($cookie_name, base64_encode($userId.'|'.$hash.'|'.$expire.'|'.sha1($salt.$hash.forum_hash($expire, $salt))), $expire);This actually generates a cookie. I have compared all the vars going into forum_setcookie() and they are 100% the same as those used in /forums/login.php (ignoring the time difference of $expires).
Can someone please point out the detail that we are missing. I would owe the owner of the correct answer a beer, for sure.
Thanks.