Reading SMFCookie262 for Login

Started by Minecraft Manager, October 16, 2015, 03:23:13 PM

Previous topic - Next topic

Minecraft Manager

I would like to know how to read the SMFCookie262 cookie so I can make a plugin for my website so I don't have to make a separate cookie for the plugin I'm developing.

I know how to get to it but I don't know how to phase the cookie to get the information I need so my plugin can verify and connect to the server and get the data for the users.

I need the method to:
- phase the SMFCookie262 (to get the information)
- read the cookie information
- write the cookie if they login from the plugin page

Thank you,
MrVelocity (@mcmanger_ @Mr_Velocity1577)

Kindred

let's take a step BACK and talk about what you are actually trynig to accomplish rather than how you think it should be accomplished...

Although you COULD read the cookie, I suspect there is a better (server-side) way to accomplish your end goal (SSI, API, Hooks)
(especially since the cookie name can change)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

I'm making a web panel that uses the SMF database to verify a few things.

- User is valid and can login with correct credentials
- User main group
- User information to display on the plugin page
- and to be able to check and see if they are logged in on either page

There is more but would be able to do it knowing how to read the cookie to make it easier for the user to login.

Kindred

you don't need to read the cookie.
Everything you ask for can be done through SSI
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

Can you show me how I would login and return user information please?

Kindred

<?php
require_once('path/to/forum/SSI.php');

ssi_login();
?>



You can then user the variable arrays of $context and $user_info to get the user data and display it any way you want
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

#6
That will work on subdomains right?
My forum is under forum.url.com [nofollow] but the plugin is under plugin.url.com [nofollow].

I think I know what I need to do but how do I call specifics so I can get RealName & custom fields I may have?

Can you give me a login example if that's not to much to ask please? (only to login or check the user is logged in and return the users public name)

Kindred

If you turn off local cookies and turn on subdomain independent cookies... Yes

The login is what I posted above...

To check, you can use is_guest() or is_logged
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

Will this be able to return users logged in IP as I'm also making a C# application which the client will need to be logged into to speak between the server if they are not on the same local network as the application.

Minecraft Manager

Sorry disregard my last post! What I was going to ask is will this be able to get custom database fields that have been added other than SMF database fields and how can I edit it to include them if it doesn't because I have a few extra bits of information I need to retrieve and check to validate my software application.

Kindred

So, yes and no.., 

No... It won't pull that information directly, because the custom fields are not loaded into the user info array normally...   However, once SSI is loaded, you can use the smcfunc function to call the database and pull the field(s)...

Custom profile fields ar stored in the smf_themes table by field name and userid...
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

So:

function ssi_checkUserAccess($id = null, $is_username = false)
{
global $db_prefix, $sourcedir, $smcFunc;

// If $id is null, this was most likely called from a query string and should do nothing.
if ($id === null)
return;

$request = $smcFunc['db_query']('', '
SELECT member_ip, product_key
FROM {db_prefix}members
WHERE ' . ($is_username ? 'member_name' : 'id_member') . ' = {string:id}
LIMIT 1',
array(
'id' => $id,
)
);
list ($memip, $prdkey) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);

return $member_ip == $memip && $product_key == $prdkey;
}

Kindred

is product_key a new column you have added to the members table?

If product_key is a custom profile field -- then you need to pull from the smf_themes table, not the members table
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

#13
It shows up in the users profile though like The CounrtyFlags mod does.

Kindred

Yes, that is correct... Because the profile pulls from the correct tables.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

So it is in the correct table then as it is shown in the users profile.

Kindred

It depends...   If that field is added by a mod, then it MIGHT be in the members table...   If it was added by using the custom profile fields feature, then it most definitely IS NOT in the members table.

You have missed the point... Just because it is displayed on thenoofile page does not mean that it is in the members table, since the profile code will pull content for, the members table, the themes table and possibly several other tables, spending on the mods installed.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

Sorry forgot to say it was a mod I am using to add this into the users profile area.

It is a feild in {prefix}member that contains the column product_key which is generated when the member is in the correct group.

Minecraft Manager


<? php
require(dirname(__FILE__) . '/SSI.php');

function ssi_checkUserAccess($id = null, $is_username = false)
{
global $db_prefix, $sourcedir, $smcFunc;

// If $id is null, this was most likely called from a query string and should do nothing.
if ($id === null)
return;

$request = $smcFunc['db_query']('', '
SELECT member_ip, product_key
FROM {db_prefix}members
WHERE ' . ($is_username ? 'member_name' : 'id_member') . ' = {string:id}
LIMIT 1',
array(
'id' => $id,
)
);
list ($memip, $prdkey) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);

return $member_ip == $memip && $product_key == $prdkey;
}

if (!($memip == null && $prdkey == null))
echo "$member_ip : $product_key";
else
echo "data incorrect: ";
?>


My example above fails to find a user, can you help me please?

Kindred

try the following:


<?php
include('SSI.php');
echo 
'<hr />';
echo 
'<h2>$USER_INFO</h2>';
echo 
'<pre>'print_r($user_info); echo '</pre>';
echo 
'<hr />';
echo 
'<h2>$CONTEXT</h2>';
echo 
'<pre>'print_r($context); echo '</pre>';

?>



Basically - in your code below, you have two variables passed, $id and $is_username...   but where are you populating those values from?

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

Ok that defiantly works but how can I get the product key as well?

Kindred



global $context;

$request = $smcFunc['db_query']('', '
SELECT member_ip, product_key
FROM {db_prefix}members
WHERE ' . ('id_member') . ' = {string:id}
LIMIT 1',
array(
'id' => $context['user']['id'],
)
);


or $user_info['id'] instead of $context['user']['id']
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager


function ssi_getProductKey()
{
if ($id === null)
return "user id invalid";

$request = $smcFunc['db_query']('', '
SELECT member_ip, product_key
FROM {db_prefix}members
WHERE ' . ('id_member') . ' = {string:id}
LIMIT 1',
array(
'id' => $user_info['id'],
)
);

$prd_key = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);

return $product_key == $prd_key;
}
echo '[product_key] => '  . ssi_getProductKey();


this doesn't work as the "user id invalid" catch is returned.

Illori

change global $context;
to

global $context, $user_info;

Minecraft Manager

nope still the same result.

Right this is my full code:
<?php
require(dirname(__FILE__) . '/SSI.php');
ssi_login();
$product_key null;

global 
$db_prefix$sourcedir$smcFunc;

global 
$context$user_info;

function 
ssi_getProductKey()
{
if ($id === null)
return "user id invalid";

$request $smcFunc['db_query']('''
SELECT member_ip, product_key
FROM {db_prefix}members
WHERE ' 
. ('id_member') . ' = {string:id}
LIMIT 1'
,
array(
'id' => $user_info['id'],
)
);

$prd_key $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);

return $product_key == $prd_key;
}

echo 
'<pre>';
print_r($user_info);
echo 
'[product_key] => ' ssi_getProductKey();
echo 
'</pre>';
?>

Illori

you are not defining $id, so it will always be undefined. remove that if statement and try again.

Minecraft Manager

the output is just: "Array"

tbh I don't want it in an Array because I just need the value.

Kindred

ummm....   well, you did select TWO objects....  so, of course it is an array


Why did you select the IP address as well if all you want is the product key?
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

No I don't need member_ip now if it's in the $user_info but I do need the product_key.
Also ssi_login(); doesn't work with _POST from a C# application.

Kindred

that is because all of the SSI functions. like everything else with SMF is php script.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Minecraft Manager

Ok but I need to be able to login with my C# Application before I can get the users information. Can you help with maybe a _POST method to login and return this information back please.

Advertisement: