Thread: Force login from external script without vb login form
View Single Post
  #1  
Old 08-30-2008, 10:45 PM
maximized99 maximized99 is offline
 
Join Date: Aug 2008
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Force login from external script without vb login form
I have a custom coded CMS with an ajax login function. I keep two user tables - one for my custom CMS, and the standard user table for vb - but both use identical user names, passwords, salt, etc... everything is created simultaneously during registration.

I need to use the main site login and not the vb form for various reasons.

I capture the securitytoken and hash the vb_password variable, then call the same functions as login.php. This is where it returns an error:

Warning: array_keys() [function.array-keys]: The first argument should be an array in [path]/includes/functions.php on line 4086

Warning: Invalid argument supplied for foreach() in [path]/includes/functions.php on line 4086

Fatal error: Call to a member function query_read_slave() on a non-object in /home/*****/dev/forums/includes/functions.php on line 3093

I've done a ton of debugging and testing to identify the problem, but now I'm just going in circles. I'm hoping someone here has experience with this, or is willing to help walk me through getting it setup. I appreciate any feedback or help you can provide.

Here is the code I'm using to force the login:
Code:
function vbLogin(){

// ####################### SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);

// #################### DEFINE IMPORTANT CONSTANTS #######################
define('THIS_SCRIPT', 'login');
define('CSRF_PROTECTION', true);
define('CSRF_SKIP_LIST', 'login');

// ################### PRE-CACHE TEMPLATES AND DATA ######################
// get special phrase groups
$phrasegroups = array();

// get special data templates from the datastore
$specialtemplates = array();

// pre-cache templates used by all actions
$globaltemplates = array();

// pre-cache templates used by specific actions
$actiontemplates = array(
	'lostpw' => array(
		'lostpw'
	)
);

$_POST['vb_login_username'] = $_REQUEST['user_name'];
$_POST['vb_login_password'] = '';
$_POST['username'] = '';
$_POST['password'] = '';
$_POST['do'] = 'login';
$_POST['vb_login_md5password'] = md5($_REQUEST['password']);
$_POST['vb_login_md5password_utf'] = md5($_REQUEST['password']);
$_POST['s'] = '';

// ######################### REQUIRE BACK-END ############################
chdir(cfg::$setting['docRoot'] . 'forums');
require_once('./global.php');
require_once(DIR . '/includes/functions_login.php');

// #######################################################################
// ######################## START MAIN SCRIPT ############################
// #######################################################################

$vbulletin->input->clean_gpc('r', 'a', TYPE_STR);

// ############################### start do login ###############################
// this was a _REQUEST action but where do we all login via request?
$vbulletin->input->clean_array_gpc('p', array(
	'vb_login_username'        => TYPE_STR,
	'vb_login_password'        => TYPE_STR,
	'vb_login_md5password'     => TYPE_STR,
	'vb_login_md5password_utf' => TYPE_STR,
	'postvars'                 => TYPE_BINARY,
	'cookieuser'               => TYPE_BOOL,
	'logintype'                => TYPE_STR,
	'cssprefs'                 => TYPE_STR,
));

//######################### MORE PROCESSING REQUIRED ##############################
// can the user login?
$strikes = verify_strike_status($vbulletin->GPC['vb_login_username']);

if ($vbulletin->GPC['vb_login_username'] == '')
{
	eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes)));
}

// make sure our user info stays as whoever we were (for example, we might be logged in via cookies already)
$original_userinfo = $vbulletin->userinfo;

if (!verify_authentication($vbulletin->GPC['vb_login_username'], $vbulletin->GPC['vb_login_password'], $vbulletin->GPC['vb_login_md5password'], $vbulletin->GPC['vb_login_md5password_utf'], $vbulletin->GPC['cookieuser'], true))
{
	($hook = vBulletinHook::fetch_hook('login_failure')) ? eval($hook) : false;

	// check password
	exec_strike_user($vbulletin->userinfo['username']);

	if ($vbulletin->GPC['logintype'] === 'cplogin' OR $vbulletin->GPC['logintype'] === 'modcplogin')
	{
		// log this error if attempting to access the control panel
		require_once(DIR . '/includes/functions_log_error.php');
		log_vbulletin_error($vbulletin->GPC['vb_login_username'], 'security');
	}
	$vbulletin->userinfo = $original_userinfo;

	if ($vbulletin->options['usestrikesystem'])
	{
		eval(standard_error(fetch_error('badlogin_strikes', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes)));
	}
	else
	{
		eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'])));
	}
}

exec_unstrike_user($vbulletin->GPC['vb_login_username']);

// create new session
process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']);
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01314 seconds
  • Memory Usage 1,799KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete