Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 Programming Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 04-12-2011, 02:44 PM
rlarner's Avatar
rlarner rlarner is offline
 
Join Date: Apr 2011
Posts: 8
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Use External Login

I am trying to integrate vBulletin into existing website, replacing phpbb2. I'd have a requirement to use our existing login to authenticate users into vBulletin as well, but I'd prefer to do this creation lazily rather than have to go through all the existing users and create vBulletin accounts for them.

I've tried adding code to includes/init.php to check for an externally authenticated user. If it finds one I look up that userid in the vb_user table - if it's not there I create one. Once this process is complete I create a session for the user and set cookies.

The problem I'm having is that this session doesn't appear to be valid to the router code. It ends up creating a new session and treating the customer as a visitor.

First question is: am I on the right track?

Second question: what am I missing?

Thanks in advance for any assistance.

Rosco
Reply With Quote
  #2  
Old 04-19-2011, 08:07 AM
Disasterpiece's Avatar
Disasterpiece Disasterpiece is offline
 
Join Date: Apr 2007
Location: GER
Posts: 765
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The idea seems right. I'm not sure what the problem is with creating a script to copy your users into vbulletin since it would solve your problem, but either way, without more info and code snippets it's impossible to give directed answers.
Reply With Quote
  #3  
Old 04-20-2011, 06:06 AM
rlarner's Avatar
rlarner rlarner is offline
 
Join Date: Apr 2011
Posts: 8
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks for the reply, Disasterpiece. Here's some more specifics on my approach. I added the following to vb/init.php immediately after the call to:

Code:
if ($customer_id && !$vbulletin->GPC[COOKIE_PREFIX . 'userid']) {

function fetch_my_salt($length = 30){
    $salt = '';
    for ($i = 0; $i < $length; $i++){
        $salt .= chr(rand(33, 126));
       }
    return mysql_real_escape_string($salt);
}

$userid = $customer_id;
$row_user = mysql_fetch_array(mysql_query("SELECT userid, salt FROM user WHERE userid = '$userid'"));
if (isset($row_user['userid'])) {
    $vb_salt = $row_user['salt'];
} else {
    $row_title = mysql_fetch_array(mysql_query("SELECT * FROM `usertitle` ORDER BY `usertitleid` ASC LIMIT 1"));
    $username = customer::get_avatarname($customer_id);
    $password = customer::get_password($cid);
    $vb_salt = fetch_my_salt();
    $password_salted = md5($password.$vb_salt);
    $passdate = date('Y-m-d');
    $usertitle = $row_title['title']; //get the default first title
    mysql_query("INSERT INTO user (
    userid,
    usergroupid,
    username,
    password,
    passworddate,
    email,
    showvbcode,
    showbirthday,
    usertitle,
    joindate,
    lastactivity,
    lastvisit,
    options,
    ipaddress,
    languageid,
    salt
    ) VALUES (
    '$userid',
    '2',
    '$username',
    '$password_salted',
    '$passdate',
    '$email',
    '1',
    '0',
    '$usertitle',
    '$timestamp',
    '$timestamp',
    '$timestamp',
    '3163223',
    '$ip',
    '1',
    '$vb_salt'
    )") or die(mysql_error());
    
    mysql_query("INSERT INTO `usertextfield` (`userid`) VALUES ('$userid')") or die(mysql_error());
    mysql_query("INSERT INTO `userfield` (`userid`) VALUES ('$userid')") or die(mysql_error());
    
}
$alt_ip = ip::get();
$timestamp = time();
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$idhash = md5($_SERVER['HTTP_USER_AGENT'].$alt_ip);
$sessionhash = md5(uniqid(microtime(), true));
//delete old sessions - a crude but useable method
mysql_query("DELETE FROM `session` WHERE `userid`='$userid' OR `host`='$ip'") or die(mysql_error());
//insert new session
mysql_query("INSERT IGNORE INTO `session` (`sessionhash`, `userid`, `host`, `idhash`, `lastactivity`, `location`, `useragent`, `styleid`, `languageid`, `loggedin`, `inforum`, `inthread`, `incalendar`, `badlocation`, `bypass`, `profileupdate`) 
VALUES ('$sessionhash', '$userid', '$alt_ip', '$idhash', '$timestamp', '/inside/forums/forum.php', '$user_agent', '0', '0', '1', '0', '0', '0', '0', '0', '0')") or die(mysql_error());
//add cookies to link user to session
setcookie('bb_lastvisit',$timestamp);
setcookie('bb_lastactivity',0);
setcookie('bb_sessionhash',$sessionhash);
setcookie('bb_userid',$userid);
$cookie_password_salted = md5(md5($password.$vb_salt).'C6KQEk3jNYBggzqFr0m4uVzFujo');
setcookie('bb_password',$cookie_password_salted); 
}
What happens now is on the first page load I get the message:
Quote:
Your submission could not be processed because you have logged in since the previous page was loaded.<br />
<br />
Please reload the window.
Even though I get this message, it does appear to log the customer in, however subsequent visits do not result in authenticated sessions - the user is treated like a guest.

So, it looks like my problems are two-fold:
1) How do I repress the "logged in since the previous page was loaded" message?

2) How do I properly populate the session table and cookie info on return visits?

Thanks again.

Rosco
Reply With Quote
  #4  
Old 04-21-2011, 05:32 PM
Disasterpiece's Avatar
Disasterpiece Disasterpiece is offline
 
Join Date: Apr 2007
Location: GER
Posts: 765
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

OK, without going into greater details of your code, here are a few things which popped up while I was reading your snippet:

PHP Code:
if ($customer_id && !$vbulletin->GPC[COOKIE_PREFIX 'userid']) { 
looks strange. Generally, you shouldn't trust user-data, cookies included. If you're looking for info if the user is logged in or not, try the $vbulletin->session var, it's more trustworthy, since I could modify my cookies without actually being logged in and vice-versa under certain circumstances.

PHP Code:
$row_user mysql_fetch_array(mysql_query("SELECT userid, salt FROM user WHERE userid = '$userid'")); 
You should not assume, that each user-tables of your two different cms/forum systems have the same ID. Primary IDs, like userid is, increase with every entry.
To create a more flexible script, you should create an additional table which connects $customer_id to a vbulletin $userid so the connection between two user-entries is more accurate. how you determine if two users are equal can you decide like testing usernames and passwords / ips etc.
Reply With Quote
  #5  
Old 04-22-2011, 05:10 PM
rlarner's Avatar
rlarner rlarner is offline
 
Join Date: Apr 2011
Posts: 8
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What in the session var tells me if the user is logged in?

I'll consider adding a join table, but since my script _should_ be the only source of inserts to the vb_user table, and I'm setting the userid during the insert I don't think I'll have syncronization problems.
Reply With Quote
  #6  
Old 04-22-2011, 08:41 PM
Disasterpiece's Avatar
Disasterpiece Disasterpiece is offline
 
Join Date: Apr 2007
Location: GER
Posts: 765
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by rlarner View Post
What in the session var tells me if the user is logged in?
Check if userid is set in session var. For instance...

Quote:
Originally Posted by rlarner View Post
I'll consider adding a join table, but since my script _should_ be the only source of inserts to the vb_user table, and I'm setting the userid during the insert I don't think I'll have syncronization problems.
Dependant if you can modify your table layout, you could add the according vb-userid to your user table. If you used a modified version of a wordpress for example, it wouldn't be so easy to modify the table structure of a retail-cms. That's where my thought came from
Reply With Quote
  #7  
Old 04-22-2011, 10:49 PM
rlarner's Avatar
rlarner rlarner is offline
 
Join Date: Apr 2011
Posts: 8
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great, I'll switch to use the session userid instead. However, I'm still having problems making the session "stick". Where should this custom function live in the grand vBulletin scheme? Also, what are the key pieces of information I need to be setting in the session so that vBulletin will take it for one of it's own and not create a new session further along the page load?
Reply With Quote
  #8  
Old 08-04-2011, 09:50 AM
rlarner's Avatar
rlarner rlarner is offline
 
Join Date: Apr 2011
Posts: 8
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It appears there are better ways to accomplish this without getting my hands dirty in the vBulletin internals:

creating users lazily:
global $vbulletin;
require_once('./includes/init.php');
$newuser =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY);
$newuser->set('userid', $userid_from_existing_site);
$newuser->set('username', $username_from_existing_site);
$newuser->set('email', $email_from_existing_site);
$newuser->set('password', $password_from_existing_site);
$newuser->set('usergroupid', 2);
$newuser->save();

then logging them into vBulletin, once you've already authenticated them in your existing site:
require_once('./includes/functions_login.php');
$vbulletin->userinfo = fetch_userinfo($cid);
$logintype = '';
$cookieuser = '1';
$cssprefs = '';
process_new_login($logintype, $cookieuser, $cssprefs);
set_authentication_cookies(true);
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:14 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04151 seconds
  • Memory Usage 2,249KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_code
  • (2)bbcode_php
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete