I have a login script I wrote, and I am trying to integrate a session script for PHPBB I found into it, Can someone help me with this, I cant figure out how to make it work as the session end is over my head. Ill list the 3 sections of code below. Thanks for any help. If it helps the session detection at the beginning works fine. This one (I found it on another site)
[php]
// Start session management
$userdata = session_pagestart($user_ip, PAGE_PROFILE);
init_userprefs($userdata);
// End session management
// session id check
if (!empty($HTTP_POST_VARS[‘sid’]) || !empty($HTTP_GET_VARS[‘sid’]))
{
$sid = (!empty($HTTP_POST_VARS[‘sid’])) ? $HTTP_POST_VARS[‘sid’] : $HTTP_GET_VARS[‘sid’];
}
else
{
$sid = ‘’;
}
//
[/php]
The Login Script
[php]
<?php
define('IN_PHPBB', true);
$phpbb_root_path = './forums/';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
include('PHPBB_Login.php');
mysql_connect("*****", "*****", "*****") or die(mysql_error());
mysql_select_db("*****") or die(mysql_error());
// Start session management
$userdata = session_pagestart($user_ip, PAGE_PROFILE);
init_userprefs($userdata);
// End session management
// session id check
if (!empty($HTTP_POST_VARS['sid']) || !empty($HTTP_GET_VARS['sid']))
{
$sid = (!empty($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : $HTTP_GET_VARS['sid'];
}
else
{
$sid = '';
}
//
if (isset($_POST['login']))
{
if(!$_POST['username'] | !$_POST['password'])
{
die('You did not fill in a required field.');
}
if (!get_magic_quotes_gpc())
{
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM phpbb_users WHERE username = '".$_POST['username']."'")or die(mysql_error());
$check2 = mysql_num_rows($check);
if ($check2 == 0)
{
die('That user does not exist in our database.
Click Here to Register');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['username'] = stripslashes($_POST['username']);
$_POST['password'] = stripslashes($_POST['password']);
$info['user_password'] = stripslashes($info['user_password']);
$info['username'] = stripslashes($info['username']);
$_POST['password'] = md5($_POST['password']);
if ($_POST['password'] != $info['user_password'])
{
echo "Incorrect password, please try again.";
die;
}
else
{
if ($_POST['username'] == $info['username'])
{
//echo "Correct login";
//
//!!!ENTER THE SESSION START HERE!!!
?>
Login Correct
<?php
}
}
}
}
//
if ( $userdata[‘session_logged_in’] )
{
echo('Hi ’ . $userdata[‘username’] . ‘You are already logged in!’);
}
else
{
?>
Register
|
|
|
|
|
Not Signed In. |
|
Username |
|
Password |
|
|
|
|
|
|
|
|
<?php
}
?>
[/php]
PHPBB_Login.php
[php]
<?
/*
* PHPBB_Login allows you to integrate your own login system
* with phpBB. Meaning that you can have one login valid across
* both your website and phpBB.
*
* To take full advantage of this PHPBB_Login class you just
* need to modify your own login system to include a call
* to the relevant methods in here.
*
* This system is reliant on the website username being exactly
* the same as the phpBB username. To insure this, I recommend
* disabling the ability to change usernames from within the
* phpBB admin control panel.
*
* Distributed under the LGPL license:
* http://www.gnu.org/licenses/lgpl.html
*
* Duncan Gough
* 3rdSense.com
*
* Home http://www.suttree.com
* Work http://www.3rdsense.com
* Play! http://www.playaholics.com
*/
class PHPBB_Login {
function PHPBB_Login() {
}
function login( $phpbb_user_id ) {
global $db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
// Setup the phpbb environment and then
// run through the phpbb login process
// You may need to change the following line to reflect
// your phpBB installation.
require_once( './forum/config.php' );
define('IN_PHPBB',true);
// You may need to change the following line to reflect
// your phpBB installation.
$phpbb_root_path = "./forum/";
require_once( $phpbb_root_path . "extension.inc" );
require_once( $phpbb_root_path . "common.php" );
return session_begin( $phpbb_user_id, $user_ip, PAGE_INDEX, FALSE, TRUE );
}
function logout( $session_id, $phpbb_user_id ) {
global $db, $lang, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
// Setup the phpbb environment and then
// run through the phpbb login process
// You may need to change the following line to reflect
// your phpBB installation.
require_once( './forum/config.php' );
define('IN_PHPBB',true);
// You may need to change the following line to reflect
// your phpBB installation.
$phpbb_root_path = "./forum/";
require_once( $phpbb_root_path . "extension.inc" );
require_once( $phpbb_root_path . "common.php" );
session_end( $session_id, $phpbb_user_id );
// session_end doesn't seem to get rid of these cookies,
// so we'll do it here just in to make certain.
setcookie( $board_config[ "cookie_name" ] . "_sid", "", time() - 3600, " " );
setcookie( $board_config[ "cookie_name" ] . "_mysql", "", time() - 3600, " " );
}
}
?>
[/php]
The example logins given with session code
[php]
<?
/*
* These examples show you how to integrate the phpBB
* login in and authentication system with your website.
*
* Since we quite like our login system and it's proven
* itself to be very extensible, we don't want to replace
* but we do want to have a universal login system for
* both our website *and* the forum.
*
* To take full advantage of this PHPBB_Login class you'll
* need to modify your own login system to include a call
* to the relevant login or logout methods.
*
* This way, you can handle all of the website login as normal,
* and also log the user into phpBB in the same step.
*
* This system is reliant on the website username being exactly
* the same as the phpBB username. To insure this, I recommend
* disabling the ability to change usernames from within the
* phpBB admin control panel.
*
* Distributed under the LGPL license:
* http://www.gnu.org/licenses/lgpl.html
*
* Duncan Gough
* 3rdSense.com
*
* Home http://www.suttree.com
* Work http://www.3rdsense.com
* Play! http://www.playaholics.com
*/
/* Example 1: Logging in */
session_start();
/* First, login the user using your own login system, for example; */
$user = new User();
// username and password are implied here,
// they will most likely be form variables
$user->login( $username, $password );
// Then login the user to the forum
$phpBB = new PHPBB_Login();
$phpbb->login( $user->id );
/* Example 2: Logging out */
session_id();
$user = new User();
/* First, logout the user from the forum */
$phpBB = new PHPBB_Login();
$phpbb->logout( session_id(), $user->id) ;
/* Then logout the user from your own login system */
$user->logout( $user->id );
?>
[/php]