SMF Login with custom code?

[alanthing]

As posted previously, I'm trying to integrate SMF into our company's CMS. I haven't gotten much help here, but I have been asking rather broad questions. Now that I've had a couple of weeks to play around with various scripts, I'm getting closer. Here's my question:

If I have a user joe existing in the SMF user database and my own CMS, how do I log joe into SMF with my own PHP script?

Our CMS has a token and some other stuff so I can write my own PHP to make sure the user is still logged in. I just somehow want to do something to the effect of sending the username and password to SMF to log them in and them forward them to the forum index.

Can someone please help me out?

[alanthing]

Can someone please help me out here!?

I looked at the php for some of the login functions for SMF but I'm not exactly sure what to do with it. I included one page and displayed a function but it just made a handful of empty text boxes and a label-less button.

Maybe some code from one of the bridges could help, but can someone at least point me in the right direction?

[Orstio]

If I have a user joe existing in the SMF user database and my own CMS, how do I log joe into SMF with my own PHP script?

Maybe some code from one of the bridges could help, but can someone at least point me in the right direction?

The bridges use SMF's login to log you into the CMS.  Without using that, you can probably use the setLoginCookie function:

setLoginCookie($cookie_length, $ID_MEMBER, sha1($password.$salt));

[alanthing]

Thank you! I'm feeling like I can start to move on this.

My plainest attempt to log in didn't work. I used phpMyAdmin to look at the database...
ID_MEMBER = 2
passwd = b18e3bce5bdd7ecf69d9d81dce129ddab444e540, which is 'Test!234' ran through sha1 I guess, and
passwordSalt = 63fa

I found the function setLoginCookie in Sources/Subs-Auth.php. Here's my plain, but broken, PHP...

Code Select Expand

<?php
require("/var/www/html/smf/Sources/Subs-Auth.php");

setLoginCookie(60, 2, 'b18e3bce5bdd7ecf69d9d81dce129ddab444e54063fa');

?>
<a href="../smf/index.php">SMF</a>
Here are the variants I tried of setLoginCookie, that didn't work...

Code Select Expand

setLoginCookie(60, 2, 'b18e3bce5bdd7ecf69d9d81dce129ddab444e54063fa');
setLoginCookie(60, 2, 'b18e3bce5bdd7ecf69d9d81dce129ddab444e540'.'63fa');
setLoginCookie(60, 2, sha1('b18e3bce5bdd7ecf69d9d81dce129ddab444e540'.'63fa'));
setLoginCookie(60, 2, sha1('b18e3bce5bdd7ecf69d9d81dce129ddab444e54063fa'));
setLoginCookie(60, 2, sha1('Test!234'.'63fa'));
setLoginCookie(60, 2, sha1('Test!23463fa'));


What should my final argument be? Am I not including enough Source php files? Perhaps my first argument, 60, is not in the right format?

Thanks in advance for the help! I'm excited to move forward with this.

[Orstio]

You're probably best just to include SSI.php, and let it handle the rest of the includes.

Subs-Auth.php has a bit of code at the beginning that will keep it from working that way:

Code Select Expand

if (!defined('SMF'))
die('Hacking attempt...');

[alanthing]

I commented out those two lines that would detect a hacking attempt.

If I include SSI.php, which format do I use to set the password? I used 7 different versions and since none worked I don't know which one is right.

I really hope I can get this to work. If I can't manually set the cookie I'm going to have to try another forum, which I don't want to because SMF is awesome.

Thanks!

[acidjazz]

ok i read this post, reverse engineer'ed the way smf does it, and figured this out :

Code Select Expand

 
$query = "select ID_MEMBER,passwd,passwordSalt FROM forum_members where memberName = '".$_SESSION['user']['name']."'";
  $results = $db->query($query);
  $results = $results[0];
  setLoginCookie(60 * 3153600, $results['ID_MEMBER'], sha1($results['passwd'].$results['passwordSalt']));


this works for me 100%. 

[Orstio]

Looks perfect.  Good job. 

[alanthing]

Which SMF files did you include?

I'll give it a shot when I get back to work on Tuesday.

Thank you!!

[alanthing]

Which files did you include? Thanks!

[Orstio]

All you need to include is SSI.php.  SSI.php will include all the other relevant SMF files for you, so you don't need to worry about including any others.

[alanthing]

If I only include SSI.php, the page breaks when I call setLoginCookie(). If I add Sources/Subs-Auth.php (with the die thing commented out), the page will load but the cookie doesn't set. How did you get it to work, acidjazz?

[Orstio]

What do you mean by "the page breaks"?  Can you describe how it breaks?

[alanthing]

It doesn't load. I don't know how to debug PHP but I just get the white screen. I had some text typed up so I could tell if the page loads successfully or not but it won't load one bit.

[Orstio]

And there is nothing in your error log?

[alanthing]

Sorry for being noob-ish, but where's the error log?

[alanthing]

I'm sorry for not being timely with this thread. Work has been pretty busy lately and this is a side-project among my other tasks.

Nevermind the error-log, I just enabled display errors in php.ini.

Using phpMyAdmin, I pulled the following information
ID_MEMBER=2
passwd=a47fad6950efd628113376fd9448f216bbdbc964
passwordSalt=42e0

Rather than run a Sql statement, I want to manually get it working and then build up.

Apparently including SSI.php is not enough. If the following is my code...

Code Select Expand

<?php
require('SSI.php');
setLoginCookie(60 * 3153600, 2, sha1(a47fad6950efd628113376fd9448f216bbdbc96442e0));
?>
<a href="index.php">SMF</a>
<br><br><br>
<?php ssi_latestMember(); ?>

... I get the following error...

Fatal error: Call to undefined function setLoginCookie() in /var/www/html/smf/test.php on line 3

I commented out the hacking attempt lines in Sources/Subs-Auth.php, since that's where the setLoginCookie() function appears and updated my code. The code is now...

Code Select Expand

<?php
require('SSI.php');
require('Sources/Subs-Auth.php');
setLoginCookie(60 * 3153600, 2, sha1(a47fad6950efd628113376fd9448f216bbdbc96442e0));
?>
<a href="index.php">SMF</a>
<br><br><br>
<?php ssi_latestMember(); ?>
...and my output is now...

Notice: Use of undefined constant a47fad6950efd628113376fd9448f216bbdbc96442e0 - assumed 'a47fad6950efd628113376fd9448f216bbdbc96442e0' in /var/www/html/smf/test.php on line 4
SMF [nofollow]


Please welcome joeuser [nofollow], our newest member.

So SSI.php is working, but something still isn't right with the way I'm calling the function. I guess I'll try the SQL statements but I honestly don't see how it can change this error. Undefined constant? I'm not calling a $variable or $constant- it's letters and numbers- a string!

I so desperately want this to work. We're taking this project to SR sometime next week. Please help! Thanks

[alanthing]

Nevermind, I got it to work!!! The value in the sha1 function needed single quotes... boy do i feel silly...

Thanks for everyone who helped out on this! I'm sure I'll be asking other questions as time goes on but I tackled this particular problem and can retire this post 

[chrisonline]

Hello i have the same problem!?!?!
Can you pleas help me?

My Code:

Code Select Expand

<?php 
define("SMF", null);

require('SSI.php');
require('Sources/Subs-Auth.php');
include("Sources/Load.php");
include("Sources/Subs.php");
include("Sources/LogInOut.php");
setLoginCookie(60 * 3153600, 2, sha1('8946c007f7194ae1a8970fa1bba6df4b'));
?>
<a href="index.php">SMF</a>
<br><br><br>
<?php ssi_latestMember(); ?>

I have tried all things in that thread, but it wont work... *grrr*

Database Information:
ID_MEMBER    memberName    passwd                                                  passwordSalt
2                  chrisonline       8946c007f7194ae1a8970fa1bba6df4b    

Please help me....
The user isnt logged in after that script....

Thanks


I use SMF 1.0.9

[Petr1fied]

1.0.9 uses md5_hmac() instead of sha1(), you should only need:

Code Select Expand

setLoginCookie(3153600, 2, '8946c007f7194ae1a8970fa1bba6df4b');