I've done several forum searches here as well as the web in general and haven't really found anything that has answered the question. Several threads about people doing it, but not how they did it.

In short, I have two systems. When someone logs into the "other" system, I want them to seamlessly (ie, behind the scenes) be logged into vB as well.

Ideally I would have a function that I could call that I would pass the Username and password the user has entered (from the other system) into it, have this function authenticate whether it's a good match or not. If it's a good match, it should log the person into vB and return a true value, if it fails, it should return either just false or an error message.

Any help on this would be very much appreciated, thanks!

--------------- Added 1284609922 at 1284609922 ---------------

Ok, I'm getting closer, could use help though! =)

Using the below code in any PHP file, replace the DOMAIN, USERNAME and PASSWORD areas with appropriate info.

When you run it, it says "Thank you USERNAME for logging in." and all looks well. However, you aren't actually logged in. Seems as though it just passes the general verification, but doesn't do any of the session variables and/or cookies.

That's where I need the help, any idea what next?

<?
$forum_root = "http://www.DOMAIN.com/";
$login_page_url = $forum_root."login.php?do=login";
$postfields["vb_login_username"] = "USERNAME";
$postfields["vb_login_password"] = "PASSWORD";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $login_page_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 100);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

$postfields["s"] = "";
$postfields["SECURITYTOKEN"] = "guest";
$postfields["do"] = "login";
//$postfields["vb_login_md5password"] = "";
//$postfields["vb_login_md5password_utf"] = "";

?>
<script type="text/javascript" src="<? echo $forum_root; ?>clientscript/vbulletin_md5.js?v=406"></script>
<SCRIPT LANGUAGE="JavaScript" TYPE="TEXT/JAVASCRIPT">
<!--
md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)
//-->
</SCRIPT>

<?
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
$cdata = curl_exec($ch);
curl_close($ch);

echo "<hr>$cdata<hr>";


?>

--------------- Added 1284666786 at 1284666786 ---------------

No one? Not even a nudge in the right direction?

Nevermind, I got it figure out.

<?
require_once('./global.php');
require("includes/functions_login.php");

// Returns true/false
$res = verify_authentication("USERNAME", "PASSWORD", md5("PASSWORD"), md5("PASSWORD"), true, true);

exit();
?>

Not 100% sure about the second MD5 password field as it's supposed to be UTF(8?) or something. Anyway, all I know is, it worked for me this way. Hope it helps someone else out.

I'm trying to the exact same thing. How did you get it to work exactly?

I'm trying to the exact same thing. How did you get it to work exactly?

Well, the above code I posted works, however, the problem comes into play when vB isn't loaded at all. So you're coming from a completely clean browser cache/session cache.

In which case, as soon as you include these files, vB takes over and loads it's own pages, etc. I tried a few things to silently do the login, but all have failed so far. So... the above isn't really a good solution in that case. At this point, I haven't really solved it.

I've moved on to data synchronization between our systems as that is the more important issue for us and will revisit the single signon after that is complete.

Sorry I don't have a better answer for you, but... that's all I've got. If you find a way to do it, please reply back in this thread for myself and anyone else looking for the answer.