Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 Programming Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 06-17-2009, 03:35 PM
Shadeauxe Shadeauxe is offline
 
Join Date: Jun 2009
Posts: 3
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Trying to log someone in through code remotely

I am a ColdFusion programmer. I don't know anything really about PHP. I spent most of yesterday searching for posts about the vbulletin cookies and sessions. I found many useful posts that helped me figure out how all of the cookies got their variables.

I have created all of the cookies that I believe I need to and made an entry in the session table, but I must be missing something because the forum still acts like it doesn't know who I am.

Here's what I have done:

Cookies
  • All cookies are set to .domainname.com and have a path of /
  • bbpassword - md5 hash of password from db and the serial number, my cookie matches the one set when I log in for real exactly
  • bbuserid - set to my userid in the vbf_user table
  • bbsessionhash - md5 hash of timestamp+path+idhash(agent+client IP)+agent+random#, as far as I can tell this is correct but it's impossible to make a match because of the random number
  • bblastactivity - this is set to 0 because that's what it gets set to when I log in, I tried timestamp also but it didn't seem to matter
  • bblastvisit - timestamp (# of seconds since 1/1/1970 at midnight)
Query
(CF uses # for its variables)
Code:
<cfquery name="addsession" datasource="forums">
    INSERT INTO vbf_session
        (sessionhash, userid, host, idhash, lastactivity, 
         styleid, loggedin, bypass, useragent,location)
    VALUES ('#sessionhash#',#getuser.userid#,'#cgi.REMOTE_ADDR#',
                 '#idhash#',#epochdate#,0,2,0,'#cgi.HTTP_USER_AGENT#'
                  ,'/index.php')
    </cfquery>
My idhash exactly matches the one created by vbulletin when I log in normally. "#sessionhash# matches what I put into the cookie. Everything I insert into that table matches what vbulletin adds, except session hash, but that matches my cookie.

Obviously, I am missing something, but I don't know enough about vbulletin's process of verifying sessions to figure out what it is.

I've looked at the core file (I don't remember the full path and exact name) and I see that it compares the session hash in the db with what I assume is the cookie (again I am unfamiliar with php) and checks the last active date against now+timeout and the IP address. I assume that query must be failing somehow or else this would work.

The backup query look like it should use the cookies of userid and password if sessionhash lookup fails, but that doesn't seem to be working for me either even though my cookies are identical.

The only difference between my cookies and the vbulletin cookies is that mine has capital names, which CF is doing on its own. But I didn't think cookie names were case sensitive.

Any help would be very appreciated. I have been researching this for hours and it's been very frustrating. I realize there are other ways for me to accomplish this using php, but I need to use CF because of other stuff that is going on.

--------------- Added [DATE]1245262663[/DATE] at [TIME]1245262663[/TIME] ---------------

I fixed it. My problem was the cookie names. Apparently, even though cookie names should be case insensitive, PHP is case sensitive.

In case anyone else looks this up, to get ColdFusion to make lowercase cookie names, you have to use the cfheader tag...

Code:
<cfheader name="Set-Cookie" value="bblastactivity=0; expires=1;domain=.domainname.com;path=/">
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:21 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03452 seconds
  • Memory Usage 2,165KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_code
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete