Kieran Posted February 28, 2010 Report Posted February 28, 2010 Hello, This script is going well, but I have hit a brick wall for the time being. It is near impossible to include BOTH the phpBB Config files AND the phpVMS config files. This is because both of those config files contain further includes. No matter where you put this forum registration script, the sub-includes will always produce an error because they are missing. eg. AutoReg.php is in /home/ ppBB's config is in /home/forum/includes/ when including phpBB's file, it wants something in includes/, but because it is in /home/, it looks in /home/includes/ which is not correct. If anybody has advice on overcoming the issue then I would be grateful and release the script. Kieran 2 Quote
Administrators simpilot Posted February 28, 2010 Administrators Report Posted February 28, 2010 You should just be able to give the path like -> include'forum/includes/yourfile.php'; If you need to move up to a directory above your phpVMS install you can add ../ for each directory up you need to go. include'../forum/includes/yourfile.php'; 2 Quote
sean212 Posted February 28, 2010 Report Posted February 28, 2010 Well if you want to do it the down and dirty way, you could just include the config.php file and setup a MySQL connection that way, but that isn't very preferable since phpBB supports MySQL and a few other DB solutions. Let me look at this... 1 Quote
Kieran Posted February 28, 2010 Author Report Posted February 28, 2010 I wish it was, but unfortunately, it isn't that simple... The include files have includes inside those. Eg. includes/functions.php might look for a /config.php. Because includes/functions.php is in the 'includes' folder, then its OK. But trying to access /home/forum/includes/functions.php externally means that it tries to look in /home/forum/config.php which, of course, is wrong. 1 Quote
Moderators mark1million Posted February 28, 2010 Moderators Report Posted February 28, 2010 I had this working for phpbb, but the only addition that was needed was inclusion in a group, you can use the functions but you have to define these before hand ie, <?php define('IN_PHPBB', true); $phpbb_root_path = 'pathtoroot/'; $phpEx = substr(strrchr(__FILE__, '.'), 1); include($phpbb_root_path . 'common.php'); include($phpbb_root_path . 'includes/functions_user.php'); include($phpbb_root_path . 'includes/ucp/ucp_register.php'); $password='pword'; $username='uname'; $username_clean=strtolower($username); $user_email='email@email.net'; $sql_ary = array( 'username' => $username, 'username_clean' => $username_clean, 'user_password' => phpbb_hash($password), 'user_pass_convert' => 0, 'user_email' => $user_email, 'user_email_hash' => crc32(strtolower($user_email)) . strlen($user_email), 'group_id' => 2, 'user_type' => 0, ); user_add($sql_ary); ?> I kept getting a template error but never managed to find the time to sort it out. Clearly you would add in the variables from the defined vms data not whats above. Quote
sean212 Posted February 28, 2010 Report Posted February 28, 2010 Well first off, I would go by the method that phpBB has to create a user. Try this function to create one. http://wiki.phpbb.com/Add_users Now, to load phpBB's functions... Since your saying you file is located in: /home/ And you forums directory is: /home/forum/ phpBB requires that you define a few things before you load it. You need this: <?php define('MY_ROOT', dirname(__FILE__)); // This the the AutoReg.php file location. define('IN_PHPBB', true); // Checked by phpBB $phpEx = substr(strrchr(__FILE__, '.'), 1); // Needed by phpBB $phpbb_root_path = MY_ROOOT . '/forum/'; // The forums root. include($phpbb_root_path . 'common.' . $phpEx); // The file loader. include($phpbb_root_path . 'includes/functions_user.php'); include($phpbb_root_path . 'includes/ucp/ucp_register.php'); // Now do what you please.... From there, you can either user that user_add() function or whatever you would like. Quote
Kieran Posted February 28, 2010 Author Report Posted February 28, 2010 However we need to include core/codon.config.php as well. I get this template error though... Fatal error: Call to undefined method template::SetTemplatePath() in /home/kieranm1/public_html/lv/core/app.config.php on line 293 When trying to include /core/classes/Template.class.php, this happens: Fatal error: Cannot redeclare class template in /home/kieranm1/public_html/lv/forum/includes/template.php on line 2 I think we need Nabeel's expertise on this one... 1 Quote
sean212 Posted March 1, 2010 Report Posted March 1, 2010 Well, the thing is that phpBB has a template class just as phpVMS does, so I guess you can't do it that way. You can just do a SQL query and insert the user into the DB. You can use MD5 as the hash because it is programmed to change it to the phpPass hash upon login. I post what I did for SimCOA if you'd like.... phpBB code doc - http://area51.phpbb.com/docs/code/ Quote
Kieran Posted March 1, 2010 Author Report Posted March 1, 2010 Phpbb no longer uses md5 hashes, ans an SQL query is out of range because there are about 5 or 6 tables that get updated then a user registers. Quote
sean212 Posted March 1, 2010 Report Posted March 1, 2010 For the MD5 hash, yes they use the phpPass class just as SimCOA does. But you can insert it in with a MD5 password and the system will update that password to the correct hash upon login. And yes there are a few tables, but I did manage to do it. Quote
Kieran Posted March 1, 2010 Author Report Posted March 1, 2010 My testing suggests otherwise, putting an MD5 hash into the phpBB database will not work, as phpBB does not use MD5 at all. I would rather stick to both the phpBB and phpVMS API if possible. Quote
Moderators mark1million Posted March 1, 2010 Moderators Report Posted March 1, 2010 MD5 does work, im currently using that method now. Quote
Kieran Posted March 1, 2010 Author Report Posted March 1, 2010 You may be on a version of phpBB older than 3.0.6. Now, they use phpBB's own cryptology method. Quote
Moderators mark1million Posted March 1, 2010 Moderators Report Posted March 1, 2010 its crazy, they have just released a new version....... more teting Quote
Administrators Nabeel Posted March 1, 2010 Administrators Report Posted March 1, 2010 For VMS you just want to pull a user from the DB table? I guess you can pull that from the pilots table, that's essentially all findPilots() does anyway. You have to do this though, to load in the config (sans API) for phpvms (haven't tested it, but it should be close) - place it in the root of the phpvms install (where index.php is) To load configs for phpVMS define('SITE_ROOT', dirname(__FILE__)); include SITE_ROOT.'/core/classes/Config.class.php'; include SITE_ROOT.'/core/local.config.php'; But an alternate solution might be this... this file called userregister.php, in the phpvms root (can be wherever, really, even in the phpBB root, but somewhere the public won't look, for security... /public_html/some/secret/path/userregister.php) // Include phpBB stuff $email = $_POST['email']; $password = $_POST['password1']; //etc What you could do is this, from within your module/event listener, its registering the user, send the request to the above page $cws = new CodonWebService(); $result = $cws->post('http://your-site.com/your/secret/path/userregister.php', $userinfo); // For debug you can output $result, returns whatever the above page outputs Which is sending $_POST (basically a form submit) to the userregister.php file. Not the most secure thing, unless you setup an htaccess to allow only your local webserver access to the userregister file. I'm sure there are better ways to sandbox the userregister, but the above comes out to be the simplest. If PHP had namespaces support earlier... oh well. Two potential problems with this is configuration, but you'd have to do two things: In userregister.php - make sure paths to phpBB are correct In phpVMS - have the user add a setting called PHPBB_REGISTER_SCRIPT_URL which is the URL to the above script And an htaccess to prevent outside access (which is tricky because you'd have to know the proper IP it will access from). I'll think about this some more and see if there's a better way. Quote
Administrators Nabeel Posted March 1, 2010 Administrators Report Posted March 1, 2010 Actually one solution to security might be, in local.config.php, also have them enter a secret password: PHPBB_REGISTRATION_SECRET_WORD Config::Set('PHPBB_REGISTRATION_SECRET_WORD', 'somethingsomethingdarkside'); Then also pass that: [code] $cws = new CodonWebService(); $userinfo['secret_key'] = Config::Get('PHPBB_REGISTRATION_SECRET_WORD'); $result = $cws->post('http://your-site.com/your/secret/path/userregister.php', $userinfo); Then in the userregister: if($_POST['secret_key'] !== 'somethingsomethingdarkside') { die(); } // Otherwise continue the student add So there's then three things the user needs to do to get it to work but it'll be a little more secure Quote
Kieran Posted March 1, 2010 Author Report Posted March 1, 2010 Thanks for pointing me in the right direction, i'll get back to you shortly... There doesn't seem to be an event for when a user is approved... We wouldn't want a declined user to have a forum account, now, would we? Quote
Kieran Posted March 1, 2010 Author Report Posted March 1, 2010 Do you think it might be safer to work through a database? Ie. The reg script passes information to the table phpvms_forumRegForProcessing, On registration approval, the script gets data from the table and uses it to create a phpBB forum account. Might be safer than throwing variables all over the show. 1 Quote
Administrators Nabeel Posted March 1, 2010 Administrators Report Posted March 1, 2010 I can add an event, but it might be tricky since that's on the admin side, and the event system isn't setup to cross that way, I haven't tested it and might have to hack the core a bit.. which I'm a bit weary of (they're completely sectioned off, save for the data classes)... but I guess in worse case having to delete a user from the forum shouldn't be (too big) of a deal. And what do you mean work through a database? It's best to go through the API whenever possible... on my side or the phpBB side. Pending users can change on my side (I'm planning on changing the tables, but I don't know for when). The example I gave you hands off data from the phpVMS API (through the user registration event), and then passes it to a script where you can use the phpBB api to complete it. It might be a bit of a pain initially, but it does beat having to manually update however many tables they write to... they wrote that code so let them handle it Quote
Kieran Posted March 1, 2010 Author Report Posted March 1, 2010 Just taking another glance at what you said earlier, about including both phpBB and phpVMS together. The only conflict, at the moment, is a Template class (see the error above). If we could somehow overcome this, then both APIs could work in harmony. Quote
Administrators Nabeel Posted March 1, 2010 Administrators Report Posted March 1, 2010 What's the code you're using right now? Can you pastebin that? 1 Quote
Kieran Posted March 2, 2010 Author Report Posted March 2, 2010 <?php // We're in phpBB define('IN_PHPBB', true); $phpbb_root_path = 'forum/'; $phpEx = substr(strrchr(__FILE__, '.'), 1); include($phpbb_root_path . 'common.php'); include($phpbb_root_path . 'includes/functions_user.php'); include('core/codon.config.php'); ?> This code is the part in question, it hasn't been modified since the thread started. Quote
Administrators Nabeel Posted March 2, 2010 Administrators Report Posted March 2, 2010 I mean the entire module... I mean, this is going into a registration hook module, right? You wouldn't have to include the codon.inc.php since it's within it. I think the way I said would be the best route... Quote
Kieran Posted March 29, 2010 Author Report Posted March 29, 2010 This is perhaps what I'm thinking... Because I have to accept registrations manually, using the event + hook isn't ideal. User 'Confirms Password' in a form on the prc somewhere > form details passed to external php script , along with email and username > script creates account > script redirects to confirmation page. Perhaps a bit of AJAX thrown in there to smooth it all out? AJAX isn't my strong point so I'd have to do a bit of research. 1 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.