The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
|
#1
08-30-2008, 10:45 PM
|
|||
|
|||
Force login from external script without vb login form
I have a custom coded CMS with an ajax login function. I keep two user tables - one for my custom CMS, and the standard user table for vb - but both use identical user names, passwords, salt, etc... everything is created simultaneously during registration.
I need to use the main site login and not the vb form for various reasons. I capture the securitytoken and hash the vb_password variable, then call the same functions as login.php. This is where it returns an error: Warning: array_keys() [function.array-keys]: The first argument should be an array in [path]/includes/functions.php on line 4086 Warning: Invalid argument supplied for foreach() in [path]/includes/functions.php on line 4086 Fatal error: Call to a member function query_read_slave() on a non-object in /home/*****/dev/forums/includes/functions.php on line 3093 I've done a ton of debugging and testing to identify the problem, but now I'm just going in circles. I'm hoping someone here has experience with this, or is willing to help walk me through getting it setup. I appreciate any feedback or help you can provide. Here is the code I'm using to force the login: Code:
function vbLogin(){
// ####################### SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);
// #################### DEFINE IMPORTANT CONSTANTS #######################
define('THIS_SCRIPT', 'login');
define('CSRF_PROTECTION', true);
define('CSRF_SKIP_LIST', 'login');
// ################### PRE-CACHE TEMPLATES AND DATA ######################
// get special phrase groups
$phrasegroups = array();
// get special data templates from the datastore
$specialtemplates = array();
// pre-cache templates used by all actions
$globaltemplates = array();
// pre-cache templates used by specific actions
$actiontemplates = array(
'lostpw' => array(
'lostpw'
)
);
$_POST['vb_login_username'] = $_REQUEST['user_name'];
$_POST['vb_login_password'] = '';
$_POST['username'] = '';
$_POST['password'] = '';
$_POST['do'] = 'login';
$_POST['vb_login_md5password'] = md5($_REQUEST['password']);
$_POST['vb_login_md5password_utf'] = md5($_REQUEST['password']);
$_POST['s'] = '';
// ######################### REQUIRE BACK-END ############################
chdir(cfg::$setting['docRoot'] . 'forums');
require_once('./global.php');
require_once(DIR . '/includes/functions_login.php');
// #######################################################################
// ######################## START MAIN SCRIPT ############################
// #######################################################################
$vbulletin->input->clean_gpc('r', 'a', TYPE_STR);
// ############################### start do login ###############################
// this was a _REQUEST action but where do we all login via request?
$vbulletin->input->clean_array_gpc('p', array(
'vb_login_username' => TYPE_STR,
'vb_login_password' => TYPE_STR,
'vb_login_md5password' => TYPE_STR,
'vb_login_md5password_utf' => TYPE_STR,
'postvars' => TYPE_BINARY,
'cookieuser' => TYPE_BOOL,
'logintype' => TYPE_STR,
'cssprefs' => TYPE_STR,
));
//######################### MORE PROCESSING REQUIRED ##############################
// can the user login?
$strikes = verify_strike_status($vbulletin->GPC['vb_login_username']);
if ($vbulletin->GPC['vb_login_username'] == '')
{
eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes)));
}
// make sure our user info stays as whoever we were (for example, we might be logged in via cookies already)
$original_userinfo = $vbulletin->userinfo;
if (!verify_authentication($vbulletin->GPC['vb_login_username'], $vbulletin->GPC['vb_login_password'], $vbulletin->GPC['vb_login_md5password'], $vbulletin->GPC['vb_login_md5password_utf'], $vbulletin->GPC['cookieuser'], true))
{
($hook = vBulletinHook::fetch_hook('login_failure')) ? eval($hook) : false;
// check password
exec_strike_user($vbulletin->userinfo['username']);
if ($vbulletin->GPC['logintype'] === 'cplogin' OR $vbulletin->GPC['logintype'] === 'modcplogin')
{
// log this error if attempting to access the control panel
require_once(DIR . '/includes/functions_log_error.php');
log_vbulletin_error($vbulletin->GPC['vb_login_username'], 'security');
}
$vbulletin->userinfo = $original_userinfo;
if ($vbulletin->options['usestrikesystem'])
{
eval(standard_error(fetch_error('badlogin_strikes', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes)));
}
else
{
eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'])));
}
}
exec_unstrike_user($vbulletin->GPC['vb_login_username']);
// create new session
process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']);
|
«
Previous Thread
|
Next Thread
»
Threaded Mode
|
|
All times are GMT. The time now is 03:31 PM.