Home
>
Outdated forums
>
Phorum 3 forums (READ ONLY)
>
Finished Mods and Plug-ins (READ ONLY)
>
Topic
Login site integration trick
Posted by Scott
Login site integration trick December 12, 2003 09:09AM |
If your site already has login capability and uses cookies, here's an easy fix to integrate the phorum with the rest of the site with a minimal amount of modding.
STEP 1:
When someone first signs up on your site, add this to your existing signup code:
$forumpasswd=md5($passwd);//only if you don't crypt your password already
$sql="insert into forums_auth(id, username, password, name, email) values
($id,'$user','$forumpasswd','$first_name','email')";
$result=mysql_query($sql);
This will put the user in the phorum auth db. Don't worry about the other variables, as users can add those in later if they click on edit profile.
This is fine and dandy if you are just starting a site, but if you already have users, you should put some code in your site login section that checks if the user is in forum_auth(or whatever you named the table) and if they aren't to add them using something like the code above.
STEP 2:
Set the auth cookie during site login.
Example if your login function takes user and pass as parameters:
$sessionID="$user:".md5($pass);
SetCookie("phorum_cookieauth", "$sessionID", time()+86400*365);
Make sure you do this at the top level so the path is "/" and it's available to the phorum in your forum directory.
STEP 3
In header.php which should contain the top of your site page, you will check for user login in whatever fashion you do on the rest of your site.
For example if you're using classes:
$logged=$user->checklog();
If the user isn't logged in, you don't let them view the forum. Maybe something like this:
if(!$logged){ echo "You must be logged in before you can use the phorum!!!";
include phorum_get_file_name('footer'); exit;}
STEP 4
Lastly since the only time a user will view the forum is when he is logged in, you don't want him to log out from the forum, only from your main site. You don't have to do anything extra in your logout since it isn't neccessary to delete the forum auth cookie. You'll need to comment out one line of code from your main phorum files. ie
list.php, read.php, post.php, profile.php, and register.php. Here's the line:
addnav($menu2, $lLogOut, "login.$ext?logout=1$GetVars");
Now the logout option won't show up. You should have a main logoff somewhere on your site.
The security setting should be on need login to post.
However, as you can see your mods prevent anyone who is logged in from access to the forum.
Cheers
[:]DRINK[/:]
STEP 1:
When someone first signs up on your site, add this to your existing signup code:
$forumpasswd=md5($passwd);//only if you don't crypt your password already
$sql="insert into forums_auth(id, username, password, name, email) values
($id,'$user','$forumpasswd','$first_name','email')";
$result=mysql_query($sql);
This will put the user in the phorum auth db. Don't worry about the other variables, as users can add those in later if they click on edit profile.
This is fine and dandy if you are just starting a site, but if you already have users, you should put some code in your site login section that checks if the user is in forum_auth(or whatever you named the table) and if they aren't to add them using something like the code above.
STEP 2:
Set the auth cookie during site login.
Example if your login function takes user and pass as parameters:
$sessionID="$user:".md5($pass);
SetCookie("phorum_cookieauth", "$sessionID", time()+86400*365);
Make sure you do this at the top level so the path is "/" and it's available to the phorum in your forum directory.
STEP 3
In header.php which should contain the top of your site page, you will check for user login in whatever fashion you do on the rest of your site.
For example if you're using classes:
$logged=$user->checklog();
If the user isn't logged in, you don't let them view the forum. Maybe something like this:
if(!$logged){ echo "You must be logged in before you can use the phorum!!!";
include phorum_get_file_name('footer'); exit;}
STEP 4
Lastly since the only time a user will view the forum is when he is logged in, you don't want him to log out from the forum, only from your main site. You don't have to do anything extra in your logout since it isn't neccessary to delete the forum auth cookie. You'll need to comment out one line of code from your main phorum files. ie
list.php, read.php, post.php, profile.php, and register.php. Here's the line:
addnav($menu2, $lLogOut, "login.$ext?logout=1$GetVars");
Now the logout option won't show up. You should have a main logoff somewhere on your site.
The security setting should be on need login to post.
However, as you can see your mods prevent anyone who is logged in from access to the forum.
Cheers
[:]DRINK[/:]
Re: Login site integration trick December 12, 2003 09:12AM |
Re: Login site integration trick December 21, 2003 06:47PM |
Anonymous User
Re: Login site integration trick December 22, 2003 04:10PM |
A question... December 31, 2003 12:43PM |
Re: Login site integration trick January 25, 2004 03:40PM |
Registered: 20 years ago Posts: 5 |
dotBoB
Re: Login site integration trick May 18, 2004 05:29AM |
richardh
Re: Login site integration trick May 19, 2004 12:52PM |
Re: Login site integration trick May 20, 2004 08:47PM |
For some reason I had a lot of problems getting my site to accept the above changes.
What I found is that if I added the 'setcookie' line with my user and md5 pass to the include/header.php of phorum, everything worked again. I have phorum in a subdirectory so it might have had something to do with the cookie path.
This might be useful for the nuke people too.
Ross.
(Don't forget to duplicate the user and md5 pass into phorum_auth)
What I found is that if I added the 'setcookie' line with my user and md5 pass to the include/header.php of phorum, everything worked again. I have phorum in a subdirectory so it might have had something to do with the cookie path.
This might be useful for the nuke people too.
Ross.
(Don't forget to duplicate the user and md5 pass into phorum_auth)
Richardh
Re: Login site integration trick May 22, 2004 06:21PM |
Re: Login site integration trick June 15, 2004 11:25AM |
Sorry, you do not have permission to post/reply in this forum.