Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 Programming Discussions
  #1  
Old 08-04-2011, 01:57 PM
35mm 35mm is offline
 
Join Date: Jul 2010
Posts: 18
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default auto login to vb when login to main site?

Hi all.
I am developing a site that has it's own user registration and login system. I have got as far as auto creating a forum account for a user when they register to the main site. That's fine. Now I want them to be auto logged into the forum when they are logged into the main site, so they don't have to login twice.

I have searched about for an answer but not found anything definitive for this. I thought it may be as easy as creating the sessions and cookies for VB in my main login system. I.e bb_sessionhash, bb_userid, bb_password etc. However, I am noticing that the current version of vb no longer seems to generate bb_userid and bb_password cookies when logging in directly to vb. However my bb_sessionhash cookie and coresponding db entry generated by my main login script do seem to be correct, but I'm not logged in to vb.

Can some one tell me what the best method is for logging into vb via an other login system?
Reply With Quote
  #2  
Old 08-06-2011, 11:08 AM
35mm 35mm is offline
 
Join Date: Jul 2010
Posts: 18
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Managed to figure it all out and get it working! Once again thank you all so much for the vast number of replies, help, advice and useful information you have all been so keen to provide here. This really is such a great community right here. I just don't know what I would do with out you guys. Big hugs to you all!
Reply With Quote
2 благодарности(ей) от:
BSMedia
  #3  
Old 08-29-2011, 06:08 PM
ingwa ingwa is offline
 
Join Date: Aug 2011
Posts: 3
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

35mm, please let me know how you did it? I am working on an application that has already been developed with it's own auth, along with FB auth, and the forums are an addon for support etc. Ultimately what I would like to do is a kind of FB Connect button but an Application Connect where they click that and it automatically creates an account for them using their application logins. However what I'm not sure how to handle is password changes on the application so the connect button would be a great solution.
Reply With Quote
  #4  
Old 08-29-2011, 08:56 PM
35mm 35mm is offline
 
Join Date: Jul 2010
Posts: 18
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hi Ingwa, my site is not in production yet so I changed the password hashing of the site to use the same hashing method of vb. I also sync the user ID's from both systems. So when a user signs up or changes their password, it also creates/updates their forum account. As the main site also has user profiles and messenger, I didn't want vb user profiles or messenger so re-routed those to the main site's. I also got rid of vb's register page and login.

Now when a user logs into the main site, they are automatically logged into vb too. This is just simply a question of creating the sessions/cookies that vb's login process creates.

I think this is my working code - based on someone else's code example from some other thread here;
PHP Code:
// vBulletin logins
                    
$vbuser "SELECT salt FROM vb_user WHERE userid = '$userID' LIMIT 1";
                    
// add query call here....

                    
if(mysql_num_rows(query) == 1){
                        
$vbsalt mysql_result(query,0,'salt');
                    }
                    
$cookie_salt "xxxxxxxxxxxxxx"// cookie salt - from /forum/inc/functions.php line 30 ish
                    
$cookie_password_salted md5($pass.$cookie_salt);
                    
// grab user's IP here (we called it $alt_ip)
                    
$vbidhash md5($_SERVER['HTTP_USER_AGENT'].$alt_ip); // not too smart using unpurified &_SERVER var there tut tut
                    
$vbsessionhash md5(uniqid(microtime(), true));
                    
mysql_query("DELETE FROM `vb_session` WHERE `userid`='$userID' OR `host`='$ip'",$dbconnect); // delete old session
                    
mysql_query("INSERT INTO `vb_session` (`sessionhash`, `userid`, `host`, `idhash`, `lastactivity`, `location`, `useragent`, `styleid`, `languageid`, `loggedin`, `inforum`, `inthread`, `incalendar`, `badlocation`, `bypass`, `profileupdate`) VALUES ('$vbsessionhash', '$userID', '$alt_ip', '$vbidhash', '$session_time', '$url_path/forums/', '$new_useragent', '0', '0', '2', '0', '0', '0', '0', '0', '0')",$dbconnect);
                    
setcookie('bb_lastvisit',$session_time,$cookie_expire,$url_path.'/',$site_domain); 
                    
setcookie('bb_lastactivity',0,$cookie_expire,$url_path.'/',$site_domain); 
                    
setcookie('bb_sessionhash',$vbsessionhash,$cookie_expire,$url_path.'/',$site_domain); 
                    
setcookie('bb_userid',$userID,$cookie_expire,$url_path.'/',$site_domain); 
                    
setcookie('bb_password',$cookie_password_salted,$cookie_expire,$url_path.'/',$site_domain);
                    
// 
Some obvious things have been removed from the code, but it should give you an idea of the process and what needs to be done.

Some considerations;
You are probably better off giving your vb users the same user id as they have in your main user db, rather than using the auto increment in the vb user table.

For ease of integration I would suggest you use vb's password hashing method for password hashing in your main user database so that their passwords in both databases are the same - have the same hashed result.

In your process for users to change or reset their passwords on your main site, make sure you add code so it also updates their password in vb user table.

Redirect all vb registration requests, login and lost password requests etc to your main site registration, login and password reset etc pages.

I hope this helps!
Reply With Quote
  #5  
Old 08-30-2011, 04:21 PM
ingwa ingwa is offline
 
Join Date: Aug 2011
Posts: 3
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

35mm, thank you so much for sharing your code and experience. At this point we have a main site that has been live for a small time so I'll have to figure out how to handle that. However, you've given me some great direction and I appreciate the time you took to reply.

I'll keep a look out for your posts and try help where I can. Here's hoping I can get this cracked in a few hours and I wish you success with your project too.

Ingwa.
Reply With Quote
  #6  
Old 08-30-2011, 05:44 PM
punterzone punterzone is offline
 
Join Date: Mar 2010
Posts: 21
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Would someone be able to tell me what I'm doing wrong here?

PHP Code:
define('START_CWD','/home/pzone/public_html');
define('CWD','/home/pzone/public_html/forum');
chdir(CWD);
include_once 
CWD.'/includes/class_hook.php';
include_once 
CWD.'/global.php';
chdir(START_CWD);
include_once(
'/home/pzone/public_html/forum/includes/functions_login.php');
$password=$_POST['password'];
$username=mysql_real_escape_string($_POST['username']);
$results=mysql_query("SELECT userid,zip,password,salt,dispid FROM com_user WHERE username='$username' LIMIT 1");
$row=mysql_fetch_assoc($results);
$password=md5(md5($password).$row['salt']);
$md5_pass=md5($_POST['password']);
$check=verify_authentication($_POST['username'], ''$md5_pass$md5_pass'0''1');
if(
$check){
    
exec_unstrike_user($username);
    
process_new_login(''$username'');
    
$vbulletin->url='/index.php';
    
$cookie_salt="kba1j5MmRINZnEnhOEtWrptt0V1ej";
    
$cookie_password_salted=md5($pass.$cookie_salt);
    
$useragent=$_SERVER['HTTP_USER_AGENT'];
    
$userip=$_SERVER['REMOTE_ADDR'];
    
$vbidhash=md5($_SERVER['HTTP_USER_AGENT'].$userip);
    
$vbsessionhash=md5(uniqid(microtime(), true));
    
$session_time=time();
    
$cookie_expire=31536000;
    
$site_domain="punterzone.com.au";
    
$url_path="/forum";
    
mysql_query("DELETE FROM session WHERE userid=1 OR host='$userip'");
    
mysql_query("INSERT INTO session VALUES ('$vbsessionhash', '1', '$userip', '$vbidhash', '$session_time', '/forum/', '$useragent', '0', '0', '2', '0', '0', '0', '0', '0', '0','','')");
    
setcookie('bb_lastvisit',$session_time,$cookie_expire,$url_path.'/',$site_domain); 
    
setcookie('bb_lastactivity',0,$cookie_expire,$url_path.'/',$site_domain); 
setcookie('bb_sessionhash',$vbsessionhash,$cookie_expire,$url_path.'/',$site_domain); 
    
setcookie('bb_userid',$userID,$cookie_expire,$url_path.'/',$site_domain); 
setcookie('bb_password',$cookie_password_salted,$cookie_expire,$url_path.'/',$site_domain); 
    
exec_shut_down();
    
header('Location:/');
    exit;
}else{
    
header('Location:/loginfail');

Logs in fine on my external site, but the user (userid=1) is not logged in when I load the forum

--------------- Added [DATE]1314731113[/DATE] at [TIME]1314731113[/TIME] ---------------

Just noticed I'd set cookie_expire to the past, but I've sorted that and still it does't work.
Reply With Quote
  #7  
Old 04-05-2013, 05:09 PM
Fever905 Fever905 is offline
 
Join Date: Mar 2013
Posts: 4
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Punterzone - did you get it working? I'm trying this now using VB4....
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:02 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07317 seconds
  • Memory Usage 2,260KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (1)post_thanks_box_bit
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete