well teh solution could be to change all the time() functions for a cookie to gmdate('u')
but didn't test it yet
You are not logged in. Please login or register.
PunBB Forums → Posts by Cereal
well teh solution could be to change all the time() functions for a cookie to gmdate('u')
but didn't test it yet
what the problem?
does the forum say something when you access it with a logged in user? ...
or does it just stays logged out, or do you get the erro: appeared a cookie has been set , ....
what you could do is create some sort of testscript,
run the current code, after the cookie has been set run the cookie_login() function and then print the forum_user array again and see what is in that array
from that point on we can continue debuggin
Ok,
my bad, seems that i missed something
its checked at both register and changing of the email, but if the p_allow_dupe_email var is set this can't be an error
So pelase discard this bug
when there are 2 users in the db with the same email adress and one of them request a new password, both users get an email with a new password request ...
2 posible solutions:
- lost password requiers a username and email adress before it send an email
- create the email field in the db unique
actually the username field in the db should be unique to ...
yeah this should be possible
When a user registers with the web site write the appropriate information into the PunBB user table.
if you have mysql 5 this would be fairly simple todo with a mysql trigger
Then once that is done, is it possible to have a user be logged into PunBB automatically when they choose the forums option from the web site's menu by passing the username and password to PunBB
i think this would be easyer if you would just set the correct cookie on your website on login
I had exactly the same problem at my forum
i think i found the problem
my server is in GMT+1 timezone
my webbrowser is in GMT + 9 timezone
the timestamp thats set as the expire time is 1231694940 (Sun, 11 Jan 2009 17:29:00 GMT)
the timestamp thats used at the browsers end is 1231723740 (Mon, 12 Jan 2009 01:29:00 GMT)
so i think this is a timezone problem ...
the problem is that phps time() function is using systems local time and not GMT time ...
a solution could be to use gmdate('U') to generate the base timestamp for the cookie time.
currently i can't test this, but i will test it tomorow
ah, and why does this only happen when the remember me is not checked? well if remember me is checked the expire time is big enough to supress the timezone problem.
well going to see if i can write a simplepage so users can login with there old pass, and set a new pass for punbb using the forum_hash function ....
it will be much easyer, since i already ahve an authentication system that uses crypt hashes
Are you thinking of making this into an extension ( ), or wanting to discuss having this in the core? ( )
i don't see a way todo this with an extension, or there should be hooks to create a whole page ....
i believe that is something which would be easier with your framework right cereal?
yeah and you can take it a step further, in the inital pageload on the 3 cats are pulled from the db, when you expand the specifick cat, only the forums that belong to this cat are pulled from teh db, so we get some speed improments.
About making it a fork, well dunno, i don't think it would be a good idea, because i can not maintain a full fork ....
i found the 2 trouble pars in the code
in cookie_login
// We now validate the cookie hash
#if ($cookie['expire_hash'] !== sha1($forum_user['salt'].$forum_user['password'].forum_hash(intval($cookie['expiration_time']), $forum_user['salt'])))
# set_default_user();
in authenticate_user
if (!isset($forum_user['id']) ||
($password_is_hash && $password != $forum_user['password']) ||
(!$password_is_hash && forum_hash($password, $forum_user['salt']) != $forum_user['password']))
set_default_user();
but no hooks around it to fix this .... any ideas on otehr hooks?
to be exact:
1- login successfull
2- i get the folowing message
You appear to have logged in successfully, however a cookie has not been set. Please check your settings and if applicable, enable cookies for this website.
yeah i changed the forum_hash function and the login.php (with a hook) but still the cookie is giving errors ...
i already added the folowing hook for the plugin:
<hook id="li_login_pre_auth_message"><![CDATA[
if ( $db_password_hash == crypt($form_password, $db_password_hash) )
$authorized = true;
]]></hook>
and the forum_hash hook to create a crypt instead of a sha: fn_forum_hash_start
but now i have to fix up authenticate_user and the cookie values, any ideas on what i should change?
what this woul allow punbb todo ...
1- have all content loading in the background, this way only one pageload is required, once the first page is loaded all otehr requests will be done async with ajax.
2- add some visiual effects like fading, hovers, .... and stuff like that to the forum
3- basically anything thats used in web 2.0 and even web 3.0
I don't think you really need AJAX for that, just JS and absolute-positioned boxes.
well yeah this can be done with simply js, but this will need a lot more querys to display a topic (for every diff user one), if you do this async, you only do a query when the gui (browser) requests this query. this way the site will generate a lot faster and the server load will go down.
About extjs, well i personally don't like it, i'm more a protototype (http://prototypejs.org/) guy, i really like prototype because its a lightweight framework and doesn't really slow down the webbrowser.
hi,
what should be changed to switch from a sha1 hash to simple crypt hashes?
i checnged the cookie_login and the login.php to compare against crypt hashes, now i can login, but there is something wrong with the cookie, anyone sho can give some help what else needs to be changed?
or even better how i could do this with an extension ....
well thats exactly why i'm first posting on this forums, so i can have a talk to the devs about how they like to see it working, then i can start designing the framework for it and it can be implemented.
this way its exactly like the devs want it to be, and i don't do useless work.
And about a fork,
i don't have the time to fully run a fork of punbb
about the timeframe:
i think in 2 weeks a basic ajaj framework should be ready to be implemented into punbb, from this point on parts of the forum can be adepted to use the framwork.
yeah,
in my opinion it would take punbb to a new stage, but i'm not going todo the work if it isn't used later on
hi,
i really love punbb, and i would love to help move punbb to the next level. Thats why i was thiunking of integrating a ajax (or more specifick an ajaj) framework into punbb, so all information could be get assynchronously from the server.
I think this would give punbb a verry nice facelift, certainly in these web 2.0 times.
i'm willing todo this, but i'm not going to reinvent the wheel, so is anyone already working on this?
what do you guys think of it?
yeah its exactly for cases like this this would be really good.
I have a simular case where it would be handy if it was in punbb already.
I'm willing to do all the changes neeeded for it, but i don't think its possible to release it as a mod, since it most files will need to change for this.
yeah, true
its just an idea
and i think it would be cool
well, here a guest user is handeled diferent then a regular user and this is hardcoded into the engine.
i think it would be better/nicer/easyer if this wans't hardcoded,
this way you could define every function in the system with an acces sprivilege, so its more customizable.
i still think stuff like this should not be in the code:
if (!$pun_user['is_guest'])
// do stuff
else
//dos omething else
even stuff like this should be handeled by some sort off privil engine/class
ok, cool
Anything i can help on in developping for 1.3?
OK,
I think it would be greate if the permission that are set per group would be extended.
Like it is now:
You have 1 admin group, and 1 moderator group with fixed privileges for both.
Like I would be:
You have 1 admin group and can have multiple moderator groups, so you can give each moderator group separated privileges.
For example:
Board mods: can sticky, close and move topics in certain forums
Board senior mods: can do everything the board mods can but can also delete posts in the forums.
Off course there will stay 1 admin group wich has access to everything.
I think this will improve the configurability and customizability off punbb a lot, and it will clean out those hard coded permissions in the code.
Basicly it wont be that hard, its just a lot off work tweaking every file.
Second purposal
Add an disable/hide option to posts.
PunBB Forums → Posts by Cereal
Powered by PunBB, supported by Informer Technologies, Inc.