Custom page

[Grouper]

I have a custom page outside of the forums that I want to use the vbulletin session / login with. I followed the directions at https://vborg.vbsupport.ru/showthread.php?t=98009 and it seems to be somewhat working, however, even though i am logged into the forums it always returns a userId of 0 and acts as if I am not logged in.

PHP Code:

<?php
chdir('/home/path/to/forums'); 
require_once('./global.php');
if (!is_member_of($vbulletin->userinfo, 6,7,5,9,23) ||
    is_member_of($vbulletin->userinfo, 8)) 
{ 
         print_no_permission();     
}

I am using nodejs so am using port 3000 on my site. I have the php processor working, just can't seem to get the vbulletin session.

What am I doing wrong?

[kh99]

It could be that you need to change the cookie path, in Settings > Options > Cookies and HTTP Header Options > Path to Save Cookies. If you have it set to something below where your custom page is, then the cookie that keeps you logged in will not be sent for your custom page.

Edit: Oh, I don't really understand the nodejs/port 3000 comment you added above. But you need the cookie to be sent or else you need the sessionhash value as a parameter (which is probably difficult to do unless users are getting to the custom page by clicking on a link in another vbulletin page).

[Grouper]

Hi kh99,

So I am able to get the PHPSESSID from the cookie however setting session_id() to that value is not loading in the signed in user. Is there a different way I should be doing this?

[kh99]

Sorry, I'm not quite following what you're doing. I guess setting the cookie path to something else isn't an option? When I said the cookie has to be sent, I meant things have to be set up right for the browser to send the cookie when your custom page is requested, or else the url used to access your custom page (clicking a link, a javascript request, or however it's being done) has to have the sessionhash as a parameter (or as a posted field).

But like I said, it could be that I don't understand the situation.

[Grouper]

kh99,

we are using file sessions in php and we have the forums on our website.com/forums then we are making a nodejs application on website.com:3000 that we want to use the forums account and permissions. While we have access to the cookies on our nodejs application all that we can get is the PHPSESSID because the bb_sessionhash is http only so we cannot read it.

What I have to do is read the cookies with javascript and forward them to a php parser in our nodejs application. So what I am doing is sending over the phpsessionid then setting the session_id() in php hoping it would load in the php session with the users vb account.

--------------- Added [DATE]1429671346[/DATE] at [TIME]1429671346[/TIME] ---------------

kh99,

Ok, i am able to get the bb_sessionhash with $_COOKIE however it doesn't seem to want to read it. Is there a way to force vbulletin to use a bb_sessionhash

--------------- Added [DATE]1429677979[/DATE] at [TIME]1429677979[/TIME] ---------------

Ok, I figured it out. I wasn't using https so the secure cookies were not being read properly by vbulletin