vb.org Archive - View Single Post - Login from external app without any redirect

budget_ben · #1 06-29-2009, 09:52 PM

I've tried to read the great variety of login/redirect threads on the board but haven't found anything akin to what I'm trying to do.

I have a flash app that accesses a wide variety of server-side data via php scripts. What I am attempting is to allow the user to 'log in' via the flash application residing on the same server. I put the 'log in' in quotes only because I'm not expecting the user to be able to browse the forums via my wee app, I just need to authenticate a username/password combo and acquire a valid session.

A brief rundown of the sequence of events:
1. user is playing with the flash app and would like to save his/her progress.
2. a dialog box prompts for the username and password.
3. I do a POST to https://mysite.com/handleLogin.php
4. the php page validates the provided data and returns a 'go/no go' string to the flash app.

The problem I am running into is that the login code below does not work without using the do_login_redirect() function. With the correct username and password, it will return 'true' for a success but I'm not really logged in - when I browse to the forum index.php it acts as if I have not logged in.

Code:

function validateLogin( $username, $password )
{
	global $vbulletin;
	
	$vbulletin->input->clean( $username, TYPE_STR );
	$vbulletin->input->clean( $password, TYPE_STR );
	
	$strikes = verify_strike_status($username);
	if ($strikes === false || $strikes >= 5)
	{
		return false; //locked out	
	}	

	if( !verify_authentication($username, $password, '', '', true, false) )
	{
		return $strikes + 1;	//fat-fingered the password?
	}
	else
	{
		//User and pw ok, let's log them in
		exec_unstrike_user($username);

		process_new_login('', true, '');
		
		//*****************************
		//	WHY MUST I REDIRECT?
		//*****************************
		//do_login_redirect();
		
		return true;	
	}
}

So now my questions (finally):
1. Does anyone know why there needs to be a redirect? Does it need one to properly set the cookie/active user list?
2. Is there a way around this?

I appreciate any help you folks can provide.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01318 seconds Memory Usage 1,768KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: