Unique Authentication System across all website/s

[MoneyMakerGroup]

I would love to see a mod that allowed this. I'd be willing to pay well for it

[The Geek]

I would pay as well, but sadly it appears that you can only do this without editing virtually every vB file if you use... IPB

Go figure

[Gendal]

Quote:

Originally Posted by steve@dvdlard

Bit of a long shot but does anyone know If I can reproduce the password in VB.Net. I'm trying to create a 'Post a Comment' link on another site which is .Net, tried all sorts of variations of MD5 but the resulting hash code is never the same as the database.

rarrrr. Zombie thread! Probably too late to help you, but hopefully others will find it while searching.

I was having this exact same problem because .net's inbuilt FormsAuthPasswordFormat doesn't work the same as php. The following crappy snippet I came up with works for me with 3.6.0 and salted passwords.

Code:

ASCIIEncoding ae = new ASCIIEncoding(); 
MD5 md5 = new MD5CryptoServiceProvider();
byte[] data = new byte[ae.GetByteCount(str)];
byte[] result = md5.ComputeHash(ae.GetBytes(str));
password = "";
	
for (int i=0; i<result.Length;i++)
{
	password += (Uri.HexEscape(Convert.ToChar(result[i]))).Remove(0,1).ToLower();
}

[DigitalCrowd]

Hi folks. I gave up on the nay-sayers and did my own project. Requires no modification of VB pages, just a plugin.

http://nowonder.com
http://macosx.com

Share the same forum, you can login to one site, and if you use the top right link to the other site or any link that links directly to the other site without a redirect will keep your same session active.

This works on the same server, can be same or different ips, different servers and in my scenario it shares the same DB. No javascript used or issuing illegal cookies or quick/stupid redirects.

We provide high level forum integration between sites but comes at a fee. If you are interested in this, please IM me with your information and requirements. Everyone has unique needs so we customize solutions for your needs and let you know if its possible. (we don't listen to everyone else that say it isn't)

Scott

[skoTner]

Quote:

Originally Posted by Andreas

Cookie bbpassword is a bit more complicated. This md5(md5(md5('PlaintextPassword'), salt), 'LicenseNo').
PlaintextPassword is the password, salt the value of column salt (in table user) for this user, LicenseNo is you vBulletin license number.

I've been looking for just this, and was very happy to read this. I have a forum under forum.domain.com and another site at www.domain.com, so the domain is the same. But they are to different sites. I want to create ONE login and thought if I made the exact same cookies on the www-site as the forum made I would be all set... I tried setting the userid and password, but didn't help.

Then I found your post. Finally I found the answer and was able to set the bbuserid and bbpassword cookies exactly the same as the forum sets it. But it still doesnt work.

I log in to the main site, the bbuserid and bbpassword cookies are set correctly, but when I go on the forum I'm still not logged in.

Edit:
Seems like this is because the sessionhash cookie isn't correct set... Do you have the recipe for that cookie as well and how that cookie is set up?

[gb1200]

Like the last poster, I am able to authenticate the user fine and set the cookies on the forum server, but for some reason when I got to my forum homepage and hit refresh, the user is not logged in.

I have tried various methods as well but no luck.

-I've tried using cURL and sending my user info to login.php

-I've tried running this function after I set my cookies too: process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']); but no luck

Any help? I'm using the lastest version of VB. Basically the user session is not created.

Thanks.

[amatulic]

This works for me to log in a user. I'm using vBulletin 3.6.8. I pulled the following from a larger module; hopefully I got everything necessary:

PHP Code:

require_once(FORUMPATH.'/includes/init.php');
require_once(FORUMPATH.'/includes/functions.php'); // vbsetcookie, etc.
define('PERMANENT_COOKIE', false);

   function fetch_userinfo_from_username($username)
   {
   // This duplicates the functionality of fetch_userinfo(),
   // only with the user name instead of numeric ID as the argument.
   // Adapted from verify_authentication() in functions_login.php

      global $vbulletin;
      $username = strip_blank_ascii($username, ' ');
      $vbulletin->userinfo = $vbulletin->db->query_first(
         "SELECT userid, usergroupid, membergroupids, infractiongroupids, username, password, salt FROM "
         . TABLE_PREFIX . "user WHERE username = '" .
         $vbulletin->db->escape_string(htmlspecialchars_uni($username)) ."'");
      return $vbulletin->userinfo;
   }


   // ======== USER LOGIN / LOGOFF ========

   function login($username)
   { // password not needed -- assumes you've already authenticated it
      global $vbulletin;
      fetch_userinfo_from_username($username);
      // set cookies
      vbsetcookie('userid', $vbulletin->userinfo['userid'],
         PERMANENT_COOKIE, true, true);
      vbsetcookie('password',
         md5($vbulletin->userinfo['password'].COOKIE_SALT),
         PERMANENT_COOKIE, true, true);
      // create session stuff
      process_new_login('', 1, '');
   }


   function logout()
   {
      process_logout(); // unsets all cookies and session data
   } 


This seems to work pretty well. It cleanly logs on and establishes all the session stuff, and cleanly logs off.

I have a much more complete version of the code above, to create, delete, log on, log off, and modify users in this article.

-A