Closed GoogleCodeExporter closed 9 years ago
from my understanding for basic access to "user" function is easy
$joomlaBase = dirname(__FILE__);
define( ‘_JEXEC’, 1 );
define(‘JPATH_BASE’, $joomlaBase);
require_once ( JPATH_BASE .’/includes/defines.php’ );
require_once ( JPATH_BASE .’/includes/framework.php’ );
$mainframe =& JFactory::getApplication(‘administrator’);
$mainframe->initialise();
if (JFactory::getUser()->id == 0) {
// this means user is not logged in
}
im guessing the "user id" is all you need. ill be happy to test or help with
anything you may need (keep in mind im only 'mid' level when it comes to php)
Original comment by game...@gmail.com
on 12 May 2013 at 3:03
So the bulletin board plugin (if you're using any) does use standard users?
In that case the code is close to what I need, but not sufficient by how the
raidplaner handles external users.
Anyway - I'll have a look at their source and see what I can do.
Original comment by arne.cl...@gmail.com
on 12 May 2013 at 3:42
from what i can tell just from the quick looks at your code. you verify/work
via sql, not via modules/function (from plugin point of view). this may save
you a few hr's then. here's a example of how you can verify u/p via sql
<?php
$host="localhost"; // Host name
$username="db_username"; // Mysql username
$password="dbpassword"; // Mysql password
$db_name="dbname"; // Database name
$tbl_name="jos_users"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT name,username,password FROM $tbl_name WHERE
username='$myusername'";
$result=mysql_query($sql);
$row = mysql_fetch_array($result, MYSQL_NUM);
//get array parts
$joom_name = $row[0];
$joom_user = $row[1];
$joom_pass = $row[2];
//explode pass on colon
$parts = explode( ':', $joom_pass );
$pass = @$parts[0];
$salt = @$parts[1];
// make up the new md5 password using the user submitted password and salt from
above
$genpassword = md5($mypassword . $salt) . ":" . $salt;
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername, table row must be 1 row
if($count!=1){
echo "<font color='#FF0000' size='5'>Wrong Username Entered!</font><p>
The incorrect username you entered is: <font color='#FF0000'
size='4'>$myusername</font><p>";
return;
}
//if passwords match set session vars and redirect to new page
if ($genpassword == $joom_pass){
session_start();
$_SESSION['entered_username'] = $myusername;
$_SESSION['entered_password'] = $mypassword;
$_SESSION['joom_name'] = $joom_name;
$_SESSION['joom_user'] = $joom_user;
$_SESSION['joom_pass'] = $joom_pass;
$_SESSION['pass'] = $pass;
$_SESSION['salt'] = $salt;
$_SESSION['gen_pass'] = $genpassword;
header("location:login_success.php");
}
else {
echo "<font color='#FF0000' size='5'>Wrong Password Entered!</font><p>
The incorrect password you entered is: <font color='#FF0000'
size='4'>$mypassword</font><p>";
?>
Original comment by game...@gmail.com
on 12 May 2013 at 4:04
Yes, this actually saves some time as I don't have to search that myself (which
is actually the most annoying part when writing a connector).
Original comment by arne.cl...@gmail.com
on 12 May 2013 at 6:51
Implemented in 0.9.8 development branch.
I also simplified the way plugins are registered for 0.9.8, so it will be
easier to write new ones.
The downside of this is, that 0.9.8 plugins would have to be down-ported to
0.9.7 which is doable but takes some time (and testing). As of this I'm not
including a 0.9.7 compatible plugin in this report.
If you cannot wait, I suggest you to pull the 0.9.8 branch, but be aware that
a) this branch is not fully tested and b) there might be some extra work when
upgrading to the final 0.9.8 version.
Original comment by arne.cl...@gmail.com
on 12 May 2013 at 8:45
man you good, works like a charm. will be sure to buy you a few beers on my
next pay check.
Original comment by game...@gmail.com
on 13 May 2013 at 9:11
Found one... bug? seeing a joomla is a CMS. the best way to integrate your
script in it, is to change the theme to "portal_integration" and embed it in to
a module via a frameless iframe. That work fine right out the box (minus small
css tweaks, see integrate.jpg).
The problem happens when the use logs in or out of joomla, its not syncing with
raidplanner. If you logout of joomla you still logged in raidplanner and via
versa.
the problem with trying to sync with joomla is that joomla encrypteing user
session/cookie data, so only way to check that is via joomla function. the good
news is that you want have to rewrite everything to get that to work (at least
from what i can tell).
From what i can tell... the way you loggin via plugin is that you search the
joomla user data for a user that match the u/p combo. if one is found it pulls
the "user id" and compares that to raidplanner database. if it finds a user
with that "user id" it pull its info/settting if not it create the user.
if thats the case then something like this would work.....
private checkLoginStatus()
{
$joomlaBase = "/"; // would have to ask the user what the base location of
joomla and use that
define( ‘_JEXEC’, 1 );
define(‘JPATH_BASE’, $joomlaBase);
require_once ( JPATH_BASE .’/includes/defines.php’ );
require_once ( JPATH_BASE .’/includes/framework.php’ );
$mainframe =& JFactory::getApplication(‘site’);
$mainframe->initialise();
return JFactory::getUser()->id;
}
if the function return "0" you no the user is NOT logged, if it return anything
but "0" you now have the "user id" to continue with the script/program. I hope
im not to way off.
Also on a side not you can ask the user (during setup) if he would like to sync
login /out and only use that if the user wants to....
just my 2 cents (go easy on me XD)
Original comment by game...@gmail.com
on 13 May 2013 at 12:15
Attachments:
[deleted comment]
i was able to pull it with some what of a hack job. here's the 2 files that i
changed to get it to work, i comment the changes. hope they understandable, if
you have any question fill free to ask.
P.S. almost forgot, the first time you login (account not made in raidplanner
yet). you have to login via raidplanner but after that if will auto log you in
and out ^^
Original comment by game...@gmail.com
on 14 May 2013 at 12:33
Attachments:
Checking on the "currently logged in external user" is not implemented with any
of the login bindings.
The raidplaner was originally build a separate tool next to e.g. forum. The
whole portal integration thing came up just recently so it's not a very clean
experience, yet.
Using an already logged in external user will require some extra work as this
feature would have to be added to all bindings across the board. This does
require some extra thinking on my side to avoid security holes and other side
effects. I'll schedule that request for 1.1 as it fits quite nicely with the
other automation tasks.
Original comment by arne.cl...@gmail.com
on 14 May 2013 at 2:26
Original comment by arne.cl...@gmail.com
on 26 May 2013 at 9:41
Original issue reported on code.google.com by
game...@gmail.com
on 12 May 2013 at 10:38