Firefox PHP

Module: External Authentication

Posted by Joe Curia 
Re: Module: External Authentication
May 13, 2009 12:35AM
Joe or David,

Thanks again for your help previously. I now have the information that i am passing to variables: username, password, email and admin. It seems to be authenticating to Phorum and signing the user in. It is losing its styles and not working beyond homepage of forum. It is giving me this error in event logging:

PHP error: phorum_api_user_save(): the username field for a user record cannot be empty

and these notices:

PHP notice: Undefined variable: password
PHP notice: Undefined variable: username

Thanks again for your help!



Edited 1 time(s). Last edit at 05/21/2009 06:04PM by Chris M..
Re: Module: External Authentication
May 13, 2009 12:38AM
To help here is the hook_user_session_restore.php file contents:

Language: PHP
<?php /* This file is used on each Phorum page to check the external application';s user session and create a session for the current user in Phorum.   Please note, that any time you want to end the script (perhaps because an error occurs) you must use the command: return $session_data;   Below is an example of various possible needs for your plugin   */   // Make sure that this script is loaded inside the Phorum environment. DO NOT // remove this line if (!defined("PHORUM")) return;   // If you need to run php code located in the external application';s server path // you can use the following code as an example   // no need to continue if the external app path is not set.   if (empty($PHORUM["phorum_mod_external_authentication"]["app_path"])) return $session_data;   // save the working directory and move to the external application';s directory $curcwd = getcwd(); chdir($PHORUM["phorum_mod_external_authentication"]["app_path"]);   // include the necessary code from your external application   // get the session for the external application   $user_data["username"] = $username; $user_data["password"] = $password; $user_data["email"] = $email; $user_data["admin"] = "0";     // if there is no user data, then no need to continue if (empty($user_data)) { // change back to the Phorum directory chdir($curcwd); // clear the previous session in case the user logged out of the external application and Phorum login is disabled if (!empty($PHORUM["phorum_mod_external_authentication"]["disable_phorum_login"])) { $session_data[PHORUM_SESSION_LONG_TERM] = FALSE; $session_data[PHORUM_SESSION_SHORT_TERM] = FALSE; } return $session_data; }   //switch back to our working directory chdir($curcwd);   // get the api code for various user-related functions include_once("./include/api/user.php");   // it is best to use the external application';s username to authenticate to // Phorum as that should be unique and avoids the hassle of dealing with // Phorum';s serquential user_id assignment for new users $username = $user_data["username"];   // use the external username to get a Phorum user_id $user_id = phorum_api_user_search("username",$username); // then get the Phorum user data from that user_id $phorum_user_data = phorum_api_user_get($user_id);   // if the Phorum user does not exist then we need to create them if (empty($phorum_user_data)) { $phorum_user_data = array( // The user_id must be NULL to create a new user "user_id" => NULL, "username" => $username, // by transferring the password, we are ensuring that the user will be // able to login if the admin enables Phorum login "password" => $user_data["password"], // Phorum requires an email. If the external application does not, // a fake email should be used. "email" => $user_data["email"], // By default, create a non-admin user. Admin status is handled later. "admin" => $user_data["admin"], "active" => PHORUM_USER_ACTIVE, );   // if the admin wants to automatically transfer admin status if (!empty($PHORUM["phorum_mod_external_authentication"]["transfer_admin_status"])) { // and the user is an admin in the external application, then make the // phorum user an admin. Please note this is just and example. Each // application may have a different way to establish admin status if ($user_data["admin"]) { $phorum_user_data["admin"] = 1; } } // create the new user and get the user_id with which to create a session. // Please note, most applications will give you the md5 of the user';s // password. The constant PHORUM_FLAG_RAW_PASSWORD tells Phorum that the // password is already in md5. If you need to create a user with a plain // text password, simply omit the second variable in this call $user_id = phorum_api_user_save($phorum_user_data, PHORUM_FLAG_RAW_PASSWORD);   // however, if the user exists but is not active, then we should not log them in } elseif (empty($phorum_user_data["active"])) { return $session_data; // or, if the user exists, then run some check on the user';s data } else { // if the extenal application user';s password has changed, update the phorum // user';s password if ($phorum_user_data["password"] != $user_data["password"]) { $phorum_user_data["password"] = $user_data["password"]; // save the updated user data, again with a preset md5 password $user_id = phorum_api_user_save($phorum_user_data,PHORUM_FLAG_RAW_PASSWORD); }   // if the admin wants to automatically transfer admin status and the // external user has been upgraded to admin, upgrade the phorum user, again // assuming the external application establishes admin status this way if ($user_data["admin"] && empty($phorum_user_data["admin"]) && !empty($PHORUM["phorum_mod_external_authentication"]["transfer_admin_status"])) { $phorum_user_data["admin"] = 1; // save the updates user data $user_id = phorum_api_user_save($phorum_user_data); // if the admin wants to automatically transfer admin status and the // external user has been downgraded from admin, downgrade the phorum user } elseif (!$user_data["admin"] && !empty($phorum_user_data["admin"]) && !empty($PHORUM["phorum_mod_external_authentication"]["transfer_admin_status"])) { $phorum_user_data["admin"] = 0; // save the updates user data $user_id = phorum_api_user_save($phorum_user_data); } }   //we have a legit user, so set there session info $session_data[PHORUM_SESSION_LONG_TERM] = $user_id; $session_data[PHORUM_SESSION_SHORT_TERM] = $user_id;   ?>



Edited 1 time(s). Last edit at 05/21/2009 06:06PM by Chris M..
Re: Module: External Authentication
May 13, 2009 12:51AM
Could you please provide the full Event Logging error/notice details? As these can get long, please copy them into a text file and upload that to a post. Thanks.


Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
Re: Module: External Authentication
May 13, 2009 12:58AM
Joe,

Here is the event log of the issue I am having.

Thanks!

Great, yes that is what was planning on doing once you had a chance to grab it.



Edited 2 time(s). Last edit at 05/13/2009 01:08AM by occdeveloper.
Re: Module: External Authentication
May 13, 2009 01:10AM
I believe your issue is with calling this hook for the css page. Please edit this line near the beginning of your code:
if (empty($PHORUM["phorum_mod_external_authentication"]["app_path"])) return $session_data;
to read:
if (empty($PHORUM["phorum_mod_external_authentication"]["app_path"]) || (defined("phorum_page") && (phorum_page == "css" || phorum_page == "javascript"))) return $session_data;


Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
Re: Module: External Authentication
May 13, 2009 01:28AM
That seemed to work to correct javascripting and styles issue.
What is really puzzling me is after passing username, is why it would be erroring on the username being empty.
But thanks for all your help in advance, you have already been a great help!
Re: Module: External Authentication
May 13, 2009 08:19PM
Here's my latest take on the Apache authentication plugin. It now supports fetching full name and email address from LDAP, adding newly created users to a specific group, and copying the Apache password (if known) into the Phorum user. Also, all its configurable settings now get handled through the module admin page.

For more information, refer to the README file inside the zip.

EDIT (Joe Curia): Attachment deleted. Please download the newest version, apache_ldap_plugin-0.2.zip



Edited 1 time(s). Last edit at 10/29/2009 05:00PM by Joe Curia.
Re: Module: External Authentication
May 14, 2009 06:08PM
Joe,

Can I not pass the username and password via a query string in a development environment for testing?

It appears if I pass these 2 strings via the query string and get them within the script the whole script errors.

Language: PHP
// get the user info from the external application $username = ($_GET[';username';]); $password = ($_GET[';password';]); $email = $username; $user_data["admin"] = "0";

Do you know a work around for this.

When I set strings internally within the script it seems to work fine.
Language: PHP
$username = "chris@test.com"; $password = "testthisthing"; $email = $username; $user_data["admin"] = "0";



Edited 1 time(s). Last edit at 05/21/2009 06:07PM by Chris M..
Re: Module: External Authentication
May 14, 2009 06:21PM
Are you sure that the username and password are actually available as $_GET variables?


Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
Re: Module: External Authentication
May 14, 2009 07:51PM
I get the variables and print them out on the page when I use the $_GET variable but it breaks phorum and gives me this error message:

PHP error: phorum_api_user_save(): the username field for a user record cannot be empty
details:

I also grab the username and pass a static password like above and print it out on the page but it also breaks phorum and gives me the same error.



Edited 1 time(s). Last edit at 05/21/2009 06:08PM by Chris M..
Sorry, only registered users may post in this forum.

Click here to login