Passing authentificator using own login

Passing authentificator using own login Hi, i know that this is the thousands thread about intergrating phorum in a selfmade site. I read mostly all others threads about that topic, but now im stuck at a point where even that doenst help me anymore. After many frustrating hours and several coffees I finally made it to set the phorums session and cookie using the userid from my session. The embed-module by mkay was a big help until here. But I still can't write messages or go to my profile in phorum, because of the authenticator (i think it is in user.php). I really dont know how to say phorum, after I loaded cookie and session and fed GLOBAL[PHORUM][user] and [LOGGEDIN] and [PHOURM_SESSION_LONGTERM] with the right values, that the user is really logged in and so it doesnt have to show the login-form and send the user directly to the desired page. I could have used the embed-module but there are used to many functions i just dont need. I simply get a user_id from another session and log in the user with this id in phorum. The rest still should be handled by phorum itself. Hope you can help, luki https://www.phorum.org/phorum5/read.php?28,121035,121035#msg-121035 Sat, 14 Mar 2026 01:58:07 -0400 Phorum 5.2.22 https://www.phorum.org/phorum5/read.php?28,121035,121081#msg-121081 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121081#msg-121081
One thought: isn't the site which you are integrating with depending on cookies? So see if get_user_id() is really returning the user_id that you are expecting there. If you made a direct copy of my code, then it sounds like get_user_id() is return NULL instead of a valid user_id.]]> Maurice Makaay Phorum Integration Thu, 22 Mar 2007 07:12:17 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121077#msg-121077 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121077#msg-121077 luuuki Phorum Integration Thu, 22 Mar 2007 05:02:49 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121069#msg-121069 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121069#msg-121069 Maurice Makaay Phorum Integration Wed, 21 Mar 2007 14:17:22 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121065#msg-121065 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121065#msg-121065
Hope this was my last question! Thanks again for your great help.

Lukas]]> luuuki Phorum Integration Wed, 21 Mar 2007 13:42:13 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121061#msg-121061 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121061#msg-121061 Maurice Makaay Phorum Integration Wed, 21 Mar 2007 09:21:45 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121060#msg-121060 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121060#msg-121060
Cookies are set, Database written and $GLOBALS[PHORUM]["args"][PHORUM_SESSION_LONG_TERM] set to current session id (as in database). But phorum only shows me as logged in user, when I set LOGGEDIN and FULLY_LOGGEDIN to 1. What could I do else?

Edit: Sorry, my fault. Changed the name of the function to common_pre but not the hook (before the pipe). Nearly as worse as forgetting a semicolon (;). Shame on me. :(

Edit2: Hmm but now, when I click a link phorum always sends the sessionid with the link (sessionid is visible). I thought thats only when cookies are disabled?]]> luuuki Phorum Integration Wed, 21 Mar 2007 09:13:04 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121059#msg-121059 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121059#msg-121059 Maurice Makaay Phorum Integration Wed, 21 Mar 2007 08:23:32 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121058#msg-121058 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121058#msg-121058 luuuki Phorum Integration Wed, 21 Mar 2007 08:17:12 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121052#msg-121052 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121052#msg-121052 Maurice Makaay Phorum Integration Wed, 21 Mar 2007 07:30:40 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121050#msg-121050 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121050#msg-121050
I think I did the same you do in your module too. Any ideas?]]> luuuki Phorum Integration Wed, 21 Mar 2007 07:00:40 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121048#msg-121048 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121048#msg-121048

Quote

Is that the row where you fake the URI? Because I use that too, but its not enough to convince phorum that the usewr is logged in.

Maybe you do it too late. I handle this from the common_pre hook, so the URI auth is set at a really early stage.

Quote

Edit: What happens in your module when you deactivate cookies in your browser?

Depends on the master application. Phorum does not care, since it gets the authentication handed over from the master. If the master handles authentication without cookies, then so does Phorum. The only thing is that without cookies, the embedding code will not be able to store the embedding session cookie. This will not affect the functionality of the module. It will only cause some code to be run less efficient.]]> Maurice Makaay Phorum Integration Wed, 21 Mar 2007 06:48:59 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121046#msg-121046 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121046#msg-121046 $GLOBALS["PHORUM"]["args"][PHORUM_SESSION_LONG_TERM] = $sessid;

Is that the row where you fake the URI? Because I use that too, but its not enough to convince phorum that the usewr is logged in.

The reaon why I dont use your module, although it is great :) , is that still need some things controled by phorum. For example I have no need of the module feature where it puts phorum in an outputbuffer to place it between my other page. phorum still runs on an own subdomain and just have to know which user is logged in at the mainpage.

Security. Thats one point where im still not sure if my module is good. Well, I just get a user_id from a session, use that user_id to create/load a phorum session and cookie and fake a logged in user. Could that be wrong? I dont know that much about security and phorum to be sure that my method is secure.

Edit: What happens in your module when you deactivate cookies in your browser?]]> luuuki Phorum Integration Wed, 21 Mar 2007 05:29:48 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121038#msg-121038 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121038#msg-121038
You now have followed a different path to convince Phorum that the user is authenticated. Based on the description, it doesn't look like a really bad method. The difference between the embed module and your method is that the embed module tries to setup a minimal fake URI authentication where Phorum will setup the correct environment after that. So I don't have to tinker with the authentication related environment variables myself from the module. In the long run, that might be the safest way, because no adaption to new internal code is needed that way.]]> Maurice Makaay Phorum Integration Tue, 20 Mar 2007 14:50:26 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121036#msg-121036 Re: Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121036#msg-121036 luuuki Phorum Integration Tue, 20 Mar 2007 14:02:34 -0400 https://www.phorum.org/phorum5/read.php?28,121035,121035#msg-121035 Passing authentificator using own login https://www.phorum.org/phorum5/read.php?28,121035,121035#msg-121035
i know that this is the thousands thread about intergrating phorum in a selfmade site. I read mostly all others threads about that topic, but now im stuck at a point where even that doenst help me anymore.

After many frustrating hours and several coffees I finally made it to set the phorums session and cookie using the userid from my session. The embed-module by mkay was a big help until here.
But I still can't write messages or go to my profile in phorum, because of the authenticator (i think it is in user.php). I really dont know how to say phorum, after I loaded cookie and session and fed GLOBAL[PHORUM][user] and [LOGGEDIN] and [PHOURM_SESSION_LONGTERM] with the right values, that the user is really logged in and so it doesnt have to show the login-form and send the user directly to the desired page.

I could have used the embed-module but there are used to many functions i just dont need. I simply get a user_id from another session and log in the user with this id in phorum. The rest still should be handled by phorum itself.

Hope you can help,

luki]]> luuuki Phorum Integration Tue, 20 Mar 2007 13:40:17 -0400