Help - Search - Members - Calendar
Full Version: Login script
Invision Power Services > Community Forums > Community Web Design and Coding
FCB-Mo
Aug 22 2006, 03:04 PM
Basicly, i need to know how to (or some tell me how to do it in very simple step by steps biggrin.gif ) use the ibf_members_converge or ibf_members table on the IPB database to make a login script on my site. Ive tried using IPBSDK but it is causing a lot of errors on my site (more or less down to the fact that all my pages are pulled out of another database). Another thing i wanted is to make the session from the site to have no effect on your forum status (logged in or logged out, etc...)

thanks thumbsup.gif
Pⅇter
Aug 22 2006, 06:51 PM
http://forums.invisionpower.com/index.php?showtopic=203777
FCB-Mo
Aug 22 2006, 07:45 PM
i read that..... but i have no idea what to actually do.
FCB-Mo
Aug 24 2006, 09:28 PM
so... umm... can someone help me?
Antony
Aug 25 2006, 03:07 PM
Have you taken a look at the converge kernel file located at ips_kernel/converge.php?
FCB-Mo
Aug 25 2006, 10:09 PM
yes i have. has it made any sense to me? nope, my php understanding isnt that advance
Antony
Aug 26 2006, 12:08 AM
Do you just want a simple form that redirects to your IPB when a user logs in, or do you want users to be able to surf your site logged in, with permissions etc? The former is possible with HTML but the latter needs a bit of PHP. original.gif
FCB-Mo
Aug 26 2006, 12:28 PM
i want to do the latter
Michael P
Aug 26 2006, 05:06 PM
It's rough round the edges, but should do what you want. I have been working on a newer version - but client work has to prioritise.

http://forums.invisionpower.com/index.php?...=175366&hl=
ellawella
Aug 27 2006, 01:54 AM
QUOTE(Michael P @ Aug 26 2006, 06:06 PM) *
It's rough round the edges, but should do what you want. I have been working on a newer version - but client work has to prioritise.

http://forums.invisionpower.com/index.php?...=175366&hl=

I read some of your code and it looks like you are using a manual system of some kind to authenticate.

For my Admin IP Filter mod I used IPB's in-built Converge system, which is better as you can keep your fingers clean of hashes and such nasties. In my example the variable $username must hold the username entered from the form, and the variable $password must hold the plaintext password (as entered).

CODE
        // Fire up Converge
        require '/path/to/init.php';
        require KERNEL_PATH.'class_converge.php';
        require ROOT_PATH.'sources/ipsclass.php';
        
        $ipsclass = new ipsclass();
        $ipsclass->vars = $INFO;
        $ipsclass->init_db_connection();
        $ipsclass->converge = new class_converge($ipsclass->DB);
        
        // Look up member
        $ipsclass->DB->query ("SELECT m.*, g.* FROM ibf_members m, ibf_groups g WHERE LOWER(name) = '".strtolower($username)."' AND m.mgroup = g.g_id");
        $member = $ipsclass->DB->fetch_row();

        // Check they actually exist
        if (!$ipsclass->DB->get_num_rows()) echo 'doesn't exist';

        // Load the member into Converge
        $ipsclass->converge->converge_load_member ($member['email']);


That loads the member. Then:

CODE
$ipsclass->converge->converge_authenticate_member(md5($password))


can be used to authenticate them (returns true on success, false on failure).

If they get authenticated you just set their cookies up:

CODE
            setcookie ('member_id', $member['id'], time() + 10800, $path);
            setcookie ('pass_hash', $member['member_login_key'], time() + 10800, $path);


and next time they come around you just look in the DB and see if the cookies match:

CODE
        $mid = intval($_COOKIE['member_id']);
        
        // Look up member
        $result = mysql_query("SELECT id, members_display_name, member_login_key FROM ibf_members WHERE id = $mid");
        $member = mysql_fetch_array($result);

        // Authenticate
        if (($member['id'] == $mid) and ($member['member_login_key'] == $_COOKIE['pass_hash']))
        {
        
            echo 'you are logged in';
            
        }


Hope that helped...vaguely..
Michael P
Aug 27 2006, 10:30 AM
I didnt realise you could just use the class directly...that will help with the rewrite! Thanks!
Pⅇter
Aug 27 2006, 11:00 AM
you can just plug in the code from ellawella, you probably won't have to even rewrite it. original.gif
Emrys
Sep 1 2006, 11:35 PM
Hey Ellawella

I just wanted to say thanks for posting that snippet of code. It helped tremendously with kick starting my login class.
I have a question though, since it seems like you've been through this already original.gif.

Do you integrate with the IPB session class too? I can get my class to see the user if they're logged in, and if someone logs out on the forum then they get logged out of the main section of the site too (since I'm checking the cookies). But I can't get the opposite to happen. ie. if someone logs out of the main site then they still seem to be logged in to the forum, even though I remove the cookies.
I could go in and manually remove the session myself, but I was hoping there was a more elegant way of accessing that information.

The converge class doesn't seem to do much more than basic authentication.

Thanks
Marc
ellawella
Sep 2 2006, 02:09 AM
QUOTE(Emrys @ Sep 2 2006, 12:35 AM) *
Hey Ellawella

I just wanted to say thanks for posting that snippet of code. It helped tremendously with kick starting my login class.
I have a question though, since it seems like you've been through this already original.gif.

Do you integrate with the IPB session class too? I can get my class to see the user if they're logged in, and if someone logs out on the forum then they get logged out of the main section of the site too (since I'm checking the cookies). But I can't get the opposite to happen. ie. if someone logs out of the main site then they still seem to be logged in to the forum, even though I remove the cookies.
I could go in and manually remove the session myself, but I was hoping there was a more elegant way of accessing that information.

The converge class doesn't seem to do much more than basic authentication.

Thanks
Marc

The converge class is only ever authentication. If you want to set a session up, you'll need to add some more code.

You are probably staying logged into your board after "logging out" of the main site because you are leaving the session_id cookie intact. Try removing that, see if it helps. Properly logging out of an IPB takes more than just clearing cookies though...again, have a look through the source files, they hold the clues.
Emrys
Sep 2 2006, 09:29 PM
I certainly don't mind more code original.gif, I was just wondering if you'd made use of the built in session class at all.

I think the easiest solution would be to get rid of the session_id cookie and clear the session from the database too. Definitely not optimal, but it should work just fine. I have my own db session class for the main site anyway since I need to be storing extra info, so all I really need it for is for login purposes.

Thanks again
<M
jramirez
Mar 19 2007, 11:43 PM
Hello,

Where do I modify this code? I'd like to try this.


Thanks

QUOTE(ellawella @ Aug 26 2006, 08:54 PM) *
I read some of your code and it looks like you are using a manual system of some kind to authenticate.

For my Admin IP Filter mod I used IPB's in-built Converge system, which is better as you can keep your fingers clean of hashes and such nasties. In my example the variable $username must hold the username entered from the form, and the variable $password must hold the plaintext password (as entered).

CODE
        // Fire up Converge
        require '/path/to/init.php';
        require KERNEL_PATH.'class_converge.php';
        require ROOT_PATH.'sources/ipsclass.php';
        
        $ipsclass = new ipsclass();
        $ipsclass->vars = $INFO;
        $ipsclass->init_db_connection();
        $ipsclass->converge = new class_converge($ipsclass->DB);
        
        // Look up member
        $ipsclass->DB->query ("SELECT m.*, g.* FROM ibf_members m, ibf_groups g WHERE LOWER(name) = '".strtolower($username)."' AND m.mgroup = g.g_id");
        $member = $ipsclass->DB->fetch_row();

        // Check they actually exist
        if (!$ipsclass->DB->get_num_rows()) echo 'doesn't exist';

        // Load the member into Converge
        $ipsclass->converge->converge_load_member ($member['email']);


That loads the member. Then:

CODE
$ipsclass->converge->converge_authenticate_member(md5($password))


can be used to authenticate them (returns true on success, false on failure).

If they get authenticated you just set their cookies up:

CODE
            setcookie ('member_id', $member['id'], time() + 10800, $path);
            setcookie ('pass_hash', $member['member_login_key'], time() + 10800, $path);


and next time they come around you just look in the DB and see if the cookies match:

CODE
        $mid = intval($_COOKIE['member_id']);
        
        // Look up member
        $result = mysql_query("SELECT id, members_display_name, member_login_key FROM ibf_members WHERE id = $mid");
        $member = mysql_fetch_array($result);

        // Authenticate
        if (($member['id'] == $mid) and ($member['member_login_key'] == $_COOKIE['pass_hash']))
        {
        
            echo 'you are logged in';
            
        }


Hope that helped...vaguely..
bfarber
Mar 20 2007, 01:20 PM
You guys might want to take a look at this:

http://www.ipsbeyond.com/forums/index.php?...mp;showfile=696

I made an api file for logins specifically. In the support topic, we've discussed it further to add support for sessions. It might help some of you. original.gif

There is a sample php script in the zip showing how to use the api file as well.
NeoGrant
Nov 3 2008, 04:20 PM
I get this back:


QUOTE
Warning: require(./sources/api/api_core.php) [function.require]: failed to open stream: No such file or directory in /home/content/c/o/n/conflictgamers/html/test.php on line 8

Fatal error: require() [function.require]: Failed opening required './sources/api/api_core.php' (include_path='.:/usr/local/php5/lib/php') in /home/content/c/o/n/conflictgamers/html/test.php on line 8
NeoGrant
Nov 5 2008, 06:41 PM
sad.gif
tamplan
Nov 5 2008, 08:03 PM
Hi,

You have this original code :
CODE
if( $_POST['username'] != '' )
{
    require './sources/api/api_core.php';
    require './sources/api/api_login.php';
    
    $api = new api_login();
    $api->path_to_ipb = dirname( __FILE__ ).'/';
    $api->api_init();

With this code, the file 'test.php' is assuming be in the root forum folder.

If it's not the case, you must change like this for example :
CODE
if( $_POST['username'] != '' )
{
    require '../forums/sources/api/api_core.php';
    require '../forums/sources/api/api_login.php';
    
    $api = new api_login();
    $api->path_to_ipb = '../forums/';
    $api->api_init();

I have :
- E:\xampp\htdocs\www\tng\forums => IPB forums
- E:\xampp\htdocs\www\tng\api => test script file

You must update the line 13 in your 'test.php' file.

Hope this help wink.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.