Recent Topics

1 Aug 08, 2005 23:02    

Greetings !

I need to find the variables that hold usernames and passwords when b2evo requests a user to login ... in which file can I find those, please ?

I need this to try and implement NTLM authentication with b2evolution, I'll call the NTLM headers containing the username and password and try to "pass" them to the b2evolution variables in the login "script".

Be wary that the above explanation is still at a theoric stage, Im not sure how exactly I'm gonna do this but this is how I see thus far.

Topanga, if you read this, I might come up with a solution for both of us soon... I hope ;)

2 Aug 09, 2005 12:54

Thx ;)
In 2 or 3 weeks, the new version (poenix) will get released.
isn't it better to wait till then, befor digging into the code ?

3 Aug 09, 2005 15:09

Personally I have no choice, our weblog is going "live" thursday of this week and we want NTLM. Also, I guess that if it's possible to do in "Amsterdam" version then it's gonna be approximately the same in "Phoenix" version.

Plus, I heard it's not that complicated but the one who told me that was using ASP.NET ... Im not worried since PHP can do the same things as ASP.NET.

Back to my question: I doubt the information I need is in admin/b2login.php, my guess is its in htsrv/login.php but it could be somewhere else ? Anyone can confirm please ?

4 Aug 09, 2005 22:38

I think I'm not clear enough.

I know that the username and password input are made in the "_login_form.php" file but once we click the "Log in!" button, in which variables are the password and username stored, and also where are they sent and processed ?!

I think I have a solution but now I have to get an answer to these questions since I couldnt figure it out by myself :(

If you can answer that, yer a life savor with more flavor !

5 Aug 09, 2005 23:47

The usernames and passwords are of course stored in the database and are probably passed with the same variable name as the input elements in the login page are named.

6 Aug 10, 2005 15:19

Yes thats right, they are stored in the database.

But what I need to be confirmed is whats the login page file (is it htsrv/_login_form.php, in htsrv/login.php or in admin/b2login.php ??) and also what are the variable names in which the user input will be stored.

It will be easy to setup NTLM authentication once I know in which variable (and in which file) is the user input informations stored right after the user gives it in the login form.

I didnt have time to check it out yet, thats why I asked here but Im gonna check it this morning. I'd still appreciate it if someone could tell me so I can be sure of how the login system works, since I'm not sure I'll find it by myself (Im far from being an expert in PHP).

Thanks strangnet, I'd thank you even more if you'd give me the file and variables names :lol:

7 Aug 10, 2005 16:20

ok let's get more technical:

I have come to the conclusion that the file htsrv/login.php is the script that is called when we click on the login link on a weblog.

Embedded into the login page there's the login form which is "made" by the htsrv/_login_form.php file (that's where the input fields and Log in! button (amongst others) are "located"). In short, the htsrv/login.php file calls the htsrv/_login_form.php.

Ok so in the htsrv/_login_form.php there's this little bit of code that creates two input fields (one for username other for password):


//the first fieldset is the one to input the username
<fieldset>
<div class="label"><label for="log"><?php echo T_('Login:') ?></label></div>
<div class="input"><input type="text" name="log" id="log" size="16" maxlength="20" value="<?php echo format_to_output($log, 'formvalue'); ?>" class="large" /></div>
</fieldset>

//the second fieldset is the one to input the password
<fieldset>
	<div class="label"><label for="pwd"><?php echo T_('Password:') ?></label></div>
	<div class="input"><input type="password" name="pwd" id="pwd" size="16" maxlength="20" value="" class="large" /></div>
</fieldset>

So my guess is that the user input for the username is stored in the "log" variable and the user input for the password is stored in the "pwd" variable ... am I right ??


Form is loading...