Calling vb username in another app

[pgowder]

I know that I can require global.php and then call variables like $bbuserid and $bbusername. I've done that on pages I've built before.

What I need now is to pre-populate the form of another app. It's a recipe sharing script.

Here:

www.powwows.com/gathering/cookbook

I want to have the name and email prepopulated on the add recipe page.

I've trying adding require global.php and putting it in the main vb directory, but that apparently messes up it's internal mysql statements.

Is there another way I can call the information from the cookies? Or some other way??

Thanks

[vbmechanic]

Try leaving it in it's original directory and changing directories to vB before calling global.

chdir ('../forum');
require_once ('./global.php');

etc. where the first line contains the relative path to the forums.

[Andreas]

Yes, you can avoid using global.php.

The important cookies are bbuserid and bbpassword.

If you have these cookies you can verify if the combination is valid and retrieve the username from table user.

For vB3

PHP Code:

$userid = intval($_COOKIE[bbuserid]);
$password = addslashes($_COOKIE[bbpassword]);
$result = mysql_query("SELECT username, userid FROM user WHERE userid=$userid AND MD5(CONCAT(password, 'LicenseNo')) = '$password'");
$user = mysql_fetch_array($result);
if ($user[userid])
  // valid
else
  // invalid 


Please note that LicenseNo must be replaced with you vB license number.
You must also make sure that you have selected the correct database before executing this query, if your other tables are in another database.

[pgowder]

Quote:

Originally Posted by vbmechanic

Try leaving it in it's original directory and changing directories to vB before calling global.

chdir ('../forum');
require_once ('./global.php');

etc. where the first line contains the relative path to the forums.

Will I need to change it back to the orignal directory after I call global?

[pgowder]

Quote:

Originally Posted by KirbyDE

Yes, you can avoid using global.php.

The important cookies are bbuserid and bbpassword.

If you have these cookies you can verify if the combination is valid and retrieve the username from table user.

For vB3

PHP Code:

$userid = intval($_COOKIE[bbuserid]);
$password = addslashes($_COOKIE[bbpassword]);
$result = mysql_query("SELECT username, userid FROM user WHERE userid=$userid AND MD5(CONCAT(password, 'LicenseNo')) = '$password'");
$user = mysql_fetch_array($result);
if ($user[userid])
  // valid
else
  // invalid 


Please note that LicenseNo must be replaced with you vB license number.
You must also make sure that you have selected the correct database before executing this query, if your other tables are in another database.

Will this work in vB 2.x??

[vbmechanic]

>>Will I need to change it back to the orignal directory after I call global?

Always a good idea, I meant to add that in my original reply.

[pgowder]

Quote:

Originally Posted by KirbyDE

Yes, you can avoid using global.php.

The important cookies are bbuserid and bbpassword.

If you have these cookies you can verify if the combination is valid and retrieve the username from table user.

For vB3

PHP Code:

$userid = intval($_COOKIE[bbuserid]);
$password = addslashes($_COOKIE[bbpassword]);
$result = mysql_query("SELECT username, userid FROM user WHERE userid=$userid AND MD5(CONCAT(password, 'LicenseNo')) = '$password'");
$user = mysql_fetch_array($result);
if ($user[userid])
  // valid
else
  // invalid 


Please note that LicenseNo must be replaced with you vB license number.
You must also make sure that you have selected the correct database before executing this query, if your other tables are in another database.

I ended up using this and it worked great!!

Anyway to force the nopermission function with this?

Thanks!

[pgowder]

Ok that didn't work exactly how I needed. The two apps are in different databases. So I'm using this code

PHP Code:

//connect to database
$hostname = "localhost";
$username = "username";
$password = "password";
$dbName = "vBulletin";
$conn = MYSQL_CONNECT($hostname,$username,$password) or die(mysql_error());
@mysql_select_db("$dbName") or die("Unable to select database");

$userid = intval($_COOKIE[bbuserid]);
$password = addslashes($_COOKIE[bbpassword]);
$result = mysql_query("SELECT username, userid FROM user WHERE userid=$userid AND MD5(CONCAT(password, 'licensenumber')) = '$password'");
$user = mysql_fetch_array($result); 


Whenc I call $userid I get the right user id of the person logged in. But if I call $username I get the username used to log into MySQL not the vBulletin user???

[pgowder]

Shouldn't this work?? I get userid, but no username??

PHP Code:

<?

//bbusername

//connect to database
$hostname = "localhost";
$dbusername = "username";
$password = "password";
$dbName = "vBulletin";
$conn = MYSQL_CONNECT($hostname,$dbusername,$password) or die(mysql_error());
@mysql_select_db("$dbName") or die("Unable to select database");

$userid = intval($_COOKIE[bbuserid]);
$password = addslashes($_COOKIE[bbpassword]);
$result = mysql_query("SELECT username, userid FROM user WHERE userid=$userid AND MD5(CONCAT(password, 'licensenumber')) = '$password'");
$user = mysql_fetch_array($result);

echo $userid;
echo $username;
echo $user["username"]
?>

[Andreas]

This should work.
Did you check that both cookies are set?
Did you put in the correct license number (you can verify this on top of each PHP file)?
Is $user[userid] set ($userid doesn't mean anything, as this will always be the value from the cookie if set)?

You should add $conn as a second parameter to mysql_query()