Recent Topics

1 Oct 24, 2005 19:49    

Hey guys! how are you? hope you are fine ... well, i browse a little bit the forums a few days ago and i see you are all doing a nice work sharing hacks and that stuff, so i think its my time to share a little bit :P

Basically, what i was needing was a blogs solution just like b2evolution to integrate it to a dating site i'm about to launch ... What i needed was that b2evolution's login were totally transparent, basically i wanted that my dating site users login into their account and then just hit the blogs button and this way access v2evolution without any additional authentication ...

So i have it almost finished ... i just need some information about how to replicate b2evolution users into the DB cause i'm too tired now to search it by myself :P

Well, here is the technical information to make the integration with your solution, oh!, btw, my dating site is in ASP, so a little bit more work was needed :P

Starting the integration :P
=================

_main.php seems to be included on all the blog files so here is were we will ensure everyuser needs to be logged before accessing any blog's files. The variable $login_required must be set to true, then when _main.php is called it will always check this variable and if its true it will autenticate the user using the function: veriflog( $login_required ).
So the first thing you will need is to set inside _main.php the variable $login_required to true. So as this file is called on all blog pages in some way, you will always require to autenticate to access any page :P ( At least that is what i needed )

So now what ? well, now we must change our verifylog() function in order to do our required authentication and not the one done by default with the login form :P. Inside verifylog is were b2evolution checks out if the user is already logged in, if not, it just sends the user to the login form. What we will do is just do our authentication and check if the user already logged in on our dating site, if not, we will just drop a message that says that the user must login inside the dating site and exit instead of taking him to the login form :).

This is the code i put inside the verifylog function:

global $cookie_user, $cookie_pass, $cookie_expires, $cookie_path, $cookie_domain, $error, $core_dirout;
global $user_login, $user_pass_md5, $userdata, $user_ID, $user_nickname, $user_email, $user_url;
global $current_User;
global $DB, $tableusers;

// Reset all global variables in case some tricky stuff is trying to set them otherwise:
// Warning: unset() prevent from setting a new global value later in the func !!! :((
$user_login = '';
$user_pass_md5 = '';
$userdata = '';
$user_ID = '';
$user_nickname = '';
$user_email = '';
$user_url = '';

// Check if user is trying to login right now:
/*
if( isset($_POST['log'] ) && isset($_POST['pwd'] ))
{ // Trying to log in with a POST
$log = strtolower(trim(strip_tags(get_magic_quotes_gpc() ? stripslashes($_POST['log']) : $_POST['log'])));
$user_pass_md5 = md5(trim(strip_tags(get_magic_quotes_gpc() ? stripslashes($_POST['pwd']) : $_POST['pwd'])));
unset($_POST['pwd']); // password is hashed from now on
}
elseif( isset($_GET['log'] ) && isset($_GET['pwd'] ))
{ // Trying to log in with a GET
$log = strtolower(trim(strip_tags(get_magic_quotes_gpc() ? stripslashes($_GET['log']) : $_GET['log'])));
$user_pass_md5 = md5(trim(strip_tags(get_magic_quotes_gpc() ? stripslashes($_GET['pwd']) : $_GET['pwd'])));
unset($_GET['pwd']); // password is hashed from now on
}*/

// XXX: Blog authentication with AA
if ( !isset( $_COOKIE["RandomID"] ) || (!aablog_Authenticated ( $_SERVER['REMOTE_ADDR'], $_COOKIE["RandomID"] ) ) ) {
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");

return T_('You must log in into your dating site account first!<BR>RandomID Cookie: '.$_COOKIE["RandomID"].'<BR>Client IP: '.$_SERVER['REMOTE_ADDR'].'<BR>');
exit();
}

/*
* Login info is OK, we set the global variables:
*/
// echo 'LOGGED IN';
$userdata = get_userdatabylogin ( aablog_GetUser ( $_SERVER['REMOTE_ADDR'], $_COOKIE["RandomID"] ) );
print_r ( aablog_GetUser ( $_SERVER['REMOTE_ADDR'], $_COOKIE["RandomID"] ) );
$current_User = new User( $userdata ); // COPY!
//echo $current_User->disp('login');

$user_ID = $userdata['ID'];
$user_nickname = $userdata['user_nickname'];
$user_email = $userdata['user_email'];
$user_url = $userdata['user_url'];

return 0;

How my authentication works ? simple, when the user logs into the dating site, i generate a random hash for it and set it in a cookie. Then i save that random hash in a table inside the blogs database with the clients IP address and its associated user on the blogs. The associated user is just the login name of the user inside the dating site with which it can get their credentials to login into the blogs ... For example, just when developing it to test this integration, i used the "demouser" account associated with my dating site account so when i clicked inside the blogs link i got login with the demouser account :P This way for example i could just put for me and my partner the blogs' admin account associated with our usersname on the dating site and we could manage the blogs :P

Well, so now, everytime the user access any page inside the blogs, the verifylog() function is called (Remember we set require_login to true :P), and this function checks out if the client connecting was previously logged in into the dating site by checking if it has the random hash in a cookie and if that random hash was generated for the IP from within its connecting :P if everything matches, i just get the associated account to login into the blogs and walla :) everything is fine ... If that didn't match, verifylog just exits with a message that says that the user must login into the dating site :)

Well guys, hope that helped someone, i'm not good explaining myself in my natural language, imagine how difficult its in english, haehahe

btw, it would be great if someone could tell me exactly what files and inserts on the database i should do to create new users from within my dating site so i can replicate them when they register their account in the dating site :)

thanks a lot, hope thaat helped someone, if i didn't express correctly on something, just ask and i will try to be more clear :P bye bye
/s

2 Oct 24, 2005 22:31

Found it :)

Want to automatically create a user on the blogs from within your shell scripts or something like that ???

Simple, do the following post:

http://www.yourblog.com/admin/b2users.php?action=userupdate&edited_user_oldlogin=login&edited_user_ID=0&edited_user_level=0&edited_user_grp_ID=4&edited_user_login=login_name&edited_user_firstname=FirstName&edited_user_lastname=LastName&edited_user_nickname=NickName&edited_user_idmode=nickname&edited_user_locale=es-MX&edited_user_email=&edited_user_url=&edited_user_url=&edited_user_icq=&edited_user_aim=&edited_user_msn=&edited_user_yim=&edited_user_notify=0&edited_user_pass1=password&edited_user_pass2=password

Just replace the values and you are done ... user will be created :P if you have any problems within the authentication, just modify the b2users.php in order to enable you to do what you want just by adding a field to the post with an administration password :)

Well, i think i'm done with all the work i needed to do with b2evolution :P just let me know guys if you need any help and what you think about this post, was it understood ?

good luck, take care, bye bye
/s


Form is loading...