1 champ Jul 12, 2006 16:22
3 champ Jul 12, 2006 17:33
Well you can't possibly pass username & password in your url can you?
I'm sure some php guru can think of something else...
4 balupton Jul 12, 2006 17:35
champ wrote:
Well you can't possibly pass username & password in your url can you?
Why not?
champ wrote:
I'm sure some php guru can think of something else...
balupton wrote:
Unless you plan to do some serious mods, that's your best option (as far as i know)
5 champ Jul 12, 2006 18:07
Because the username & password would be visible then and is a security flaw.
6 champ Jul 12, 2006 18:08
Btw, such extensive Modification even if I was to do, is it even supported ?
7 yabba Jul 12, 2006 18:08
Damn, you beat me to it :p
¥
8 balupton Jul 12, 2006 18:11
Well b2evo STILL needs its own user database, you simply cannot merge them. They need to be seperate.
Yeh, the option i suggested would be the best option.
And of course you would add some encryption when passing over the password. But i figured that thought would cross your mind, as well as how to do it.
9 yabba Jul 12, 2006 18:16
If the password is in the url (encrypted or not) then somebody who uses a public computer risks having their user hijacked. All the next person would need to do is call up the history (you can change your password on most systems, once logged in, by entering your new password twice, b2evo is no different to most).
¥
10 balupton Jul 12, 2006 18:19
Then send it via POST instead of GET.
11 yabba Jul 12, 2006 18:23
or - you could continue to investigate the alternative authentication hooks and come up with a solution that's server side?
¥
12 balupton Jul 12, 2006 18:24
Go for it then.
Edit:
Yeh, add support for the parent sites session cookie in b2evo, and vice verser, then login the user using the others session cookie.
Saves you having to modify the links.
13 yabba Jul 12, 2006 18:35
Sorry Champ, it would appear that we've hijacked your thread a tad, but if you end up with a solution then all's cool right?
Balupton : See it as a challenge, how many people want to be able to integrate forum logins etc?
If I was you though, I'd also look into how to use other systems user tables to authenticate an evo user (which is how I think the hooks are meant to be used, but I really haven't looked into it).
¥
14 balupton Jul 12, 2006 18:41
If I was you though, I'd also look into how to use other systems user tables to authenticate an evo user (which is how I think the hooks are meant to be used, but I really haven't looked into it).
Maybe you should.
I've given a method, two methods, that will do the job just fine.
Getting a bit roudy we are, so settle this over beers and a arm wrestle i say ;) - still personman's shout right ;)
15 yabba Jul 12, 2006 18:44
lol, I'd arm wrestle yah but it's a tad hard with a beer in each hand ...... *hands beer* lets drink these first huh? ;)
¥
16 balupton Jul 12, 2006 18:47
Ahh, see, now thats a skill worth picking up ;)
Instead of all this so called "php" thing :p
Or we grab some spectators to hold our beers, you up for it Champ? :D
17 yabba Jul 12, 2006 19:14
We have spectators? Are any of the cute cheap partying women from hell .... urm perth.... watching? :D
¥
18 balupton Jul 12, 2006 19:15
¥åßßå wrote:
We have spectators? Are any of the cute cheap partying women from hell .... urm perth.... watching? :D
¥
Ready to be swayed aye B)
19 yabba Jul 12, 2006 19:30
See those yellow stars? They mean that yer no longer on fire ;)
So "ladies" ......
¥
20 balupton Jul 12, 2006 19:43
Yeh yeh, i'm just on fire backstage now B)
21 edb Jul 13, 2006 00:44
Integrating App-A with App-B has been asked for many times. The problem as I see it is keeping up with two changing packages. Also deciding which is the 'parent' application. Personally, and this is mostly because we're on a b2evolution forum, I'd say b2evolution is the parent and registering with it would automagically register you with the domain owner's other features (like phpbb - the most common 'mutual login' request.
I tried it once and gave up because I'm a lowly little hack who can't create anything new, and because it was a total nightmare to begin coding. Shortly after I gave up phpbb came up with a new release. I didn't look at it in detail but wondered if their change would have trashed the effectiveness of my hack.
----------------
To answer the "is it supported" question: Yes and No. b2evolution itself is released "as is" with no promise as to functionality or performance. That's normal practice for anyone writing free code. Here in the forums if we weren't allowed to hack and support hacks most of us would go away, so officially it's not official but in forum-land it'd be supported till it was right or everyone gave up.
22 bdnicho Aug 25, 2006 22:14
champ wrote:
Hello
I'm sorry if this has been asked before, I could not find it in FAQ/Forum.
I'm just looking at b2evolution and it looks fantastic, I found it in the fantastico scripts with my webhost.
Now, I do have a website, which has its own membership database.
So users are logging in to use various things like quiz and history & all..
now asking them to log in again for blogs is not a good design, but I dont' see how else can this work..
So my question is:
Can I use other authentication methods for b2evolution ? If so how...
Thanks
I am currently in a similar situation. The site I am working on has a membership database to allow/deny access to software product downloads, but needed a forum and a blog system as well. I've managed to integrate PunBB into the system, and am now starting work on b2. To integrate the forum I left both database tables intact. Not quite the best way to do it since any maintenance would need to be done over two tables, but I wanted to leave the forum software code as untouched as possible to ease future upgrading. Then, I removed (commented out) all login funcitonality in the forum software. Finally, when the user logs in to the main site, I just update both tables with separate database queries. Not the most efficient performance wise, but seems to get the job done for now. If it ends up being too slow I'll have to make some major modifications to the forum though.
heres my suggestion;
Port over your existing user database over to b2evolution.
Make it so when on a link coming from the parent site, and include the login information in the url;
/blogs/index.php?login=theirusername&pwd=theirpassword
Unless you plan to do some serious mods, that's your best option (as far as i know)