Customizing SMF > SMF Coding Discussion
Converting SA_auth to SMF
wargames:
So what do I do to convert this registerauthentication page to smf?
--- Code: ---1.
<?php
2.
session_start();
3.
4.
$forum_path = '/var/www/vhosts/gooncave.com/msw/forums/';
5.
6.
define( 'IPB_THIS_SCRIPT', 'public' );
7.
define( 'IPS_ENFORCE_ACCESS', 'true' );
8.
9.
require_once( $forum_path . 'initdata.php' );
10.
require_once( IPS_ROOT_PATH . 'sources/base/ipsRegistry.php' );
11.
require_once( IPS_ROOT_PATH . 'sources/base/ipsController.php' );
12.
13.
$ipbRegistry = ipsRegistry::instance();
14.
$ipbRegistry->init();
15.
16.
$cookieData =& $ipbRegistry->member()->fetchMemberData();
17.
18.
echo "<html>
19.
<head>
20.
<title>MSW - SA Authorization</title>
21.
<link rel='shortcut icon' type='image/x-icon' href='/favicon.ico'>
22.
<link rel='stylesheet' type='text/css' media='screen,print' href='http://www.maraudershewrote.org/forums/public/min/index.php?ipbv=32006&f=public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css,public/style_css/css_4/ipb_styles.css' />
23.
</head>
24.
<body>
25.
<h3 class='pagetop'>SA Authorization</h3>
26.
<div class='content navigation'>
27.
</div>\n<br><br><br>
28.
<div class='wrapper'><div class='content'>
29.
<div id='content' class='clearfix'>
30.
<div class='guestMessage'><center>";
31.
32.
33.
if ( $cookieData['member_id'] )
34.
{
35.
if ( $cookieData['member_group_id'] == 3 ) // Allow only member_group_id == 3, which is 'Unauthorized Members'
36.
{
37.
# Forums Info
38.
$mswUsername = $cookieData['name'];
39.
$mswMemberID = $cookieData['member_id'];
40.
41.
# Start of SomethingAwful Auth
42.
if ( !$_POST )
43.
{
44.
# Generate a key to verify the user
45.
$key = sha1(rand(1000000, 9999999));
46.
$_SESSION['auth_key'] = $key;
47.
$_SESSION['auth_done'] = "no";
48.
$_SESSION['auth_action'] = "signup";
49.
50.
echo "<script language='Javascript'>
51.
function validate()
52.
{
53.
if ( !document.auth.sausername.value )
54.
{
55.
alert('You must enter your SA username');
56.
return false;
57.
} else
58.
return true;
59.
}
60.
</script>
61.
<b>Welcome to the Marauder She Wrote forums!</b><br>
62.
We're open to all SA forum members. Use this page to verify that you're an SA forum member.<br><br>
63.
64.
To do this, <a href='http://forums.somethingawful.com/member.php?s=&action=editprofile' target='_blank'>edit your SA profile</a>, and add this key to your Interests field:<br>
65.
<b>" . $key . "</b><br>
66.
(notice: this key changes each refresh)
67.
<br/><br/>
68.
Once you've done that, enter your SA username below, and click Continue.
69.
<br/><br/>
70.
<form name='auth' method='post'>
71.
Your SA Username: <input type='text' name='sausername'>
72.
<input type='hidden' name='auth_key' value='" . $_SESSION['auth_key'] . "'>
73.
<input type='submit' onclick='return validate()' name='submit' value='Continue'>
74.
</center>
75.
</form>
76.
</div></div></div></div>";
77.
}
78.
else
79.
{
80.
if ( !isset( $_SESSION['auth_key'] ) )
81.
{
82.
83.
echo "<div class='content warning'>Sorry, looks like your key expired. Press Back and try again.</div>";
84.
exit();
85.
} elseif ( $_SESSION['auth_key'] != $_POST['auth_key'] )
86.
{
87.
echo "<div class='content warning'>Key mismatch. Press back and try again.</div>";
88.
exit();
89.
}
90.
91.
# The user we want to check, and they key to check
92.
$user = $_POST['sausername'];
93.
$key = $_SESSION['auth_key'];
94.
95.
# Setup values to use in the CURL operation
96.
$en = 'action=getinfo&username=' . urlencode($user);
97.
$profile_encode = 'http://forums.somethingawful.com/member.php?' . $en;
98.
$login = array('action' => 'login', 'username' => 'Solysh', 'password' => 'Micro%20Hax0r');
99.
100.
# Logfile Access
101.
//$logfile = '/var/www/vhosts/gooncave.com/msw/debug.txt';
102.
//$open = fopen($logfile, 'w');
103.
104.
# These aren't necessary, but it helps to prevent setting off any alarms
105.
$useragent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0';
106.
$referer = 'http://forums.somethingawful.com/usercp.php?s=';
107.
108.
# Initialize CURL and start collecting the output buffer
109.
$ch = curl_init();
110.
111.
# Setup CURL options
112.
curl_setopt($ch, CURLOPT_URL, "http://forums.somethingawful.com/account.php");
113.
curl_setopt($ch, CURLOPT_POST, TRUE);
114.
curl_setopt($ch, CURLOPT_POSTFIELDS, $login);
115.
curl_setopt($ch, CURLOPT_HEADER, TRUE);
116.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
117.
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
118.
//curl_setopt($ch, CURLOPT_STDERR, $open);
119.
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
120.
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
121.
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
122.
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
123.
curl_setopt($ch, CURLOPT_REFERER, $referer);
124.
$result = curl_exec ($ch);
125.
126.
curl_setopt($ch, CURLOPT_HTTPGET, TRUE);
127.
curl_setopt($ch, CURLOPT_URL, "http://forums.somethingawful.com/index.php");
128.
$response = curl_exec ($ch);
129.
130.
curl_setopt($ch, CURLOPT_URL, $profile_encode);
131.
curl_setopt($ch, CURLINFO_HEADER_OUT, TRUE);
132.
$response = curl_exec ($ch);
133.
$headers = curl_getinfo($ch, CURLINFO_HEADER_OUT);
134.
135.
# SA Scrape Debug
136.
//echo $headers;
137.
//echo "<hr />";
138.
//echo $profile_encode;
139.
//echo "<hr />";
140.
//echo $result2;
141.
//echo "<hr />";
142.
143.
$x = curl_version();
144.
if ( $response == "" )
145.
{
146.
echo "<div class='content warning'>The signup system is down! Please report this to Solysh. (No response from SA forums: " . curl_errno($ch) . " " . curl_error($ch) .")</div>";
147.
} elseif ( strpos($response, 'This user has not registered and therefore does not have a profile to view.') )
148.
{
149.
echo "<div class='content warning'>I could not find your profile, did you type your nickname correctly? Press back and try again.</div>";
150.
} elseif ( strpos($response, 'You are not logged in') )
151.
{
152.
echo "<div class='content warning'>The signup system is down! Please report this to Solysh. (Could not log in)</div>";
153.
} elseif ( strpos($response, 'Special Message from Senor Lowtax') )
154.
{
155.
echo "<div class='content warning'>There was a problem checking your nickname against the forums. (Special message from Senor Lowtax - forums down?)</div>";
156.
} elseif ( strpos($response, $key) )
157.
{
158.
# Begin session cleanup
159.
$_SESSION['auth_done'] = 'yes';
160.
$_SESSION['auth_username'] = $_POST['sausername'];
161.
unset( $_SESSION['auth_key'] );
162.
163.
# Load their Userinfo from the IPB Database
164.
$dbInfo = IPSMember::load( $cookieData['member_id'], 'pfields_content' );
165.
166.
# Change users forum group to 'Members' (7) and adds their SA Name to their profile
167.
$update = IPSMember::save( $cookieData['member_id'], array( 'members' => array( 'member_group_id' => '7' ), 'pfields_content' => array( 'field_11' => $user ) ) );
168.
169.
# Congrats!
170.
echo "<h3>Well done, " . $cookieData['name'] . "!</h3>\n<div class='content current'>\nThank you, you have now been verified as a forum member.\n
171.
<b>First, <a href='http://forums.somethingawful.com/member.php?s=&action=editprofile'>edit your SA profile</a> again, and remove the key.</b><br><br></div>";
172.
} else
173.
{
174.
echo "<div class='content warning'>I couldn't see your key ( <b>" . $_SESSION['auth_key'] . "</b> ) in your profile. Press Back and try again.</div>";
175.
}
176.
curl_close($ch);
177.
}
178.
} else {
179.
echo "ERROR: User is not an 'Unauthorized Member'<br><br>\n";
180.
181.
// Forums Info
182.
echo "Forums Username: " . $cookieData['name'] . "<br>\n";
183.
echo "Forums memberID: " . $cookieData['member_id'] . "<br>\n";
184.
echo "Forums Group ID: " . $cookieData['member_group_id'] . "<br>\n";
185.
}
186.
} else {
187.
echo "User is not logged into the MSW forums.<br>\n";
188.
}
189.
?>
190.
</div></div></div></div>
--- End code ---
emanuele:
Hello wargames and welcome to sm.org!
Do you have a version without all the line numbers and empty lines?
That would help a bit...at least it would help me... ;)
In general, one thing you could do is:
--- Code: ---<?php
require_once('/path/to/smf/SSI.php');
if ($user_info['is_guest']))
{
// the user is not logged in
}
else
{
// the user is logged in
}
if (in_array(3, $user_info['groups']))
{
// member belongs to group 3
}
else
{
// member doesn't belong to group 3
}
--- End code ---
wargames:
This should help. But the main thing that I really want from this is that it makes a random code, and looks for that random code on a differant forum, before you can register. Hope that helps and thanks in advance.
--- Code: ---<?php
session_start();
$forum_path = '/var/www/vhosts/gooncave.com/msw/forums/';
define( 'IPB_THIS_SCRIPT', 'public' );
define( 'IPS_ENFORCE_ACCESS', 'true' );
require_once( $forum_path . 'initdata.php' );
require_once( IPS_ROOT_PATH . 'sources/base/ipsRegistry.php' );
require_once( IPS_ROOT_PATH . 'sources/base/ipsController.php' );
$ipbRegistry = ipsRegistry::instance();
$ipbRegistry->init();
$cookieData =& $ipbRegistry->member()->fetchMemberData();
echo "<html>
<head>
<title>MSW - SA Authorization</title>
<link rel='shortcut icon' type='image/x-icon' href='/favicon.ico'>
<link rel='stylesheet' type='text/css' media='screen,print' href='http://www.maraudershewrote.org/forums/public/min/index.php?ipbv=32006&f=public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css,public/style_css/css_4/ipb_styles.css' />
</head>
<body>
<h3 class='pagetop'>SA Authorization</h3>
<div class='content navigation'>
</div>\n<br><br><br>
<div class='wrapper'><div class='content'>
<div id='content' class='clearfix'>
<div class='guestMessage'><center>";
if ( $cookieData['member_id'] )
{
if ( $cookieData['member_group_id'] == 3 ) // Allow only member_group_id == 3, which is 'Unauthorized Members'
{
# Forums Info
$mswUsername = $cookieData['name'];
$mswMemberID = $cookieData['member_id'];
# Start of SomethingAwful Auth
if ( !$_POST )
{
# Generate a key to verify the user
$key = sha1(rand(1000000, 9999999));
$_SESSION['auth_key'] = $key;
$_SESSION['auth_done'] = "no";
$_SESSION['auth_action'] = "signup";
echo "<script language='Javascript'>
function validate()
{
if ( !document.auth.sausername.value )
{
alert('You must enter your SA username');
return false;
} else
return true;
}
</script>
<b>Welcome to the Marauder She Wrote forums!</b><br>
We're open to all SA forum members. Use this page to verify that you're an SA forum member.<br><br>
To do this, <a href='http://forums.somethingawful.com/member.php?s=&action=editprofile' target='_blank'>edit your SA profile</a>, and add this key to your Interests field:<br>
<b>" . $key . "</b><br>
(notice: this key changes each refresh)
<br/><br/>
Once you've done that, enter your SA username below, and click Continue.
<br/><br/>
<form name='auth' method='post'>
Your SA Username: <input type='text' name='sausername'>
<input type='hidden' name='auth_key' value='" . $_SESSION['auth_key'] . "'>
<input type='submit' onclick='return validate()' name='submit' value='Continue'>
</center>
</form>
</div></div></div></div>";
}
else
{
if ( !isset( $_SESSION['auth_key'] ) )
{
echo "<div class='content warning'>Sorry, looks like your key expired. Press Back and try again.</div>";
exit();
} elseif ( $_SESSION['auth_key'] != $_POST['auth_key'] )
{
echo "<div class='content warning'>Key mismatch. Press back and try again.</div>";
exit();
}
# The user we want to check, and they key to check
$user = $_POST['sausername'];
$key = $_SESSION['auth_key'];
# Setup values to use in the CURL operation
$en = 'action=getinfo&username=' . urlencode($user);
$profile_encode = 'http://forums.somethingawful.com/member.php?' . $en;
$login = array('action' => 'login', 'username' => 'wargames', 'password' => '');
# Logfile Access
//$logfile = '/var/www/vhosts/gooncave.com/msw/debug.txt';
//$open = fopen($logfile, 'w');
# These aren't necessary, but it helps to prevent setting off any alarms
$useragent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0';
$referer = 'http://forums.somethingawful.com/usercp.php?s=';
# Initialize CURL and start collecting the output buffer
$ch = curl_init();
# Setup CURL options
curl_setopt($ch, CURLOPT_URL, "http://forums.somethingawful.com/account.php");
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $login);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
//curl_setopt($ch, CURLOPT_STDERR, $open);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_REFERER, $referer);
$result = curl_exec ($ch);
curl_setopt($ch, CURLOPT_HTTPGET, TRUE);
curl_setopt($ch, CURLOPT_URL, "http://forums.somethingawful.com/index.php");
$response = curl_exec ($ch);
curl_setopt($ch, CURLOPT_URL, $profile_encode);
curl_setopt($ch, CURLINFO_HEADER_OUT, TRUE);
$response = curl_exec ($ch);
$headers = curl_getinfo($ch, CURLINFO_HEADER_OUT);
# SA Scrape Debug
//echo $headers;
//echo "<hr />";
//echo $profile_encode;
//echo "<hr />";
//echo $result2;
//echo "<hr />";
$x = curl_version();
if ( $response == "" )
{
echo "<div class='content warning'>The signup system is down! Please report this to wargames. (No response from SA forums: " . curl_errno($ch) . " " . curl_error($ch) .")</div>";
} elseif ( strpos($response, 'This user has not registered and therefore does not have a profile to view.') )
{
echo "<div class='content warning'>I could not find your profile, did you type your nickname correctly? Press back and try again.</div>";
} elseif ( strpos($response, 'You are not logged in') )
{
echo "<div class='content warning'>The signup system is down! Please report this to wargames. (Could not log in)</div>";
} elseif ( strpos($response, 'Special Message from Senor Lowtax') )
{
echo "<div class='content warning'>There was a problem checking your nickname against the forums. (Special message from Senor Lowtax - forums down?)</div>";
} elseif ( strpos($response, $key) )
{
# Begin session cleanup
$_SESSION['auth_done'] = 'yes';
$_SESSION['auth_username'] = $_POST['sausername'];
unset( $_SESSION['auth_key'] );
# Load their Userinfo from the IPB Database
$dbInfo = IPSMember::load( $cookieData['member_id'], 'pfields_content' );
# Change users forum group to 'Members' (7) and adds their SA Name to their profile
$update = IPSMember::save( $cookieData['member_id'], array( 'members' => array( 'member_group_id' => '7' ), 'pfields_content' => array( 'field_11' => $user ) ) );
# Congrats!
echo "<h3>Well done, " . $cookieData['name'] . "!</h3>\n<div class='content current'>\nThank you, you have now been verified as a forum member.\n
<b>First, <a href='http://forums.somethingawful.com/member.php?s=&action=editprofile'>edit your SA profile</a> again, and remove the key.</b><br><br></div>";
} else
{
echo "<div class='content warning'>I couldn't see your key ( <b>" . $_SESSION['auth_key'] . "</b> ) in your profile. Press Back and try again.</div>";
}
curl_close($ch);
}
} else {
echo "ERROR: User is not an 'Unauthorized Member'<br><br>\n";
// Forums Info
echo "Forums Username: " . $cookieData['name'] . "<br>\n";
echo "Forums memberID: " . $cookieData['member_id'] . "<br>\n";
echo "Forums Group ID: " . $cookieData['member_group_id'] . "<br>\n";
}
} else {
echo "User is not logged into the MSW forums.<br>\n";
}
?>
</div></div></div></div>
--- End code ---
emanuele:
Okay, that seems a bit different.
The procedure should be:
1) forum1 is where the user already exists
2) forum2 is the forum where the user should register
3) forum2 at registration (or better the code you are posting) checks the cookie of forum1 and if it's present, the code provides a random code and asks the user to introduce that code into the appropriate field in forum1
4) forum2 then needs to retrieve this code from forum1 and verify that is the same and act in accordance.
Is it correct?
If so, SMF is on forum1, forum2 or both?
wargames:
Yes that is what I am looking for except for the lack of cookie at step 3. SMF is forum 2 and forum 1 is Something Awful.
Navigation
[0] Message Index
[#] Next page
Go to full version