integrate_login - How this hook work?

[drool]

Hi,

I have a custom made CMS/portal that I want to use to login to SMF and to my CMS as well, but when I'm trying to redirect into my homepage all the session variables has been deleted?

Please let me know if I'm correct on this one..

First I have this 2 files:
loginform.php - the form I used to login to my site but now I redirected it  to  a php page (integrate_smf.php)
integrate_smf.php - with the hook function "integrate_login"

loginform.php from my CMS site
the form is submitted using this action:
<form action="../integrate_smf.php?action=login2" method="post">

with the username and password as input text

integrate_smf.php   -please look at the code sample below ---->

Code Select Expand


global $context, $pref;

// define the integration
define('SMF_INTEGRATION_SETTINGS', serialize(array(
'integrate_login' => 'integrate_login'
)));


include(DIR."/members/forum/index.php");

function integrate_login ($username, $password, $cookietime)
{
mysql_select_db($db_name);
$query = mysql_query("
SELECT memberName
FROM {$db_prefix}members
WHERE memberName = '" . $username . "'");
list($memberName) = mysql_fetch_row($query);

if ($memberName){
                   // if member exist in SMF then check CMS if it exist...
                   if member exist{
                            retrieve username and access level for the CMS site and write into a session variable
                            Session variables should exist!!!! - BUT THIS DOES'NT WORK, when i try to redirect it to my home page
                            header("Location: http://homepage.com/index.php");
                   }else{
                     // register....
                   } 
                }

          }


I'm using a logger/echo to log the session variables, but nothing's there?

let me know if you have two cents on this one.....

Thank you  very much!!!

[danp_canucks]

This is exactly what I was trying to do.

I got excellent help on the topic

view this thread

http://www.simplemachines.org/community/index.php?topic=248420.0

BTW

SMF resets the SESSION when a login takes place, and for some other actions.  The SESSION get's cleared after this hook runs. So everything gets wiped. 


Possible solutions

1 Use a cookie to store your CMS SESSION data
2 If you are confindent in you CMS authentication procedures.  Use SMF's  integrate_verify_user hook and have SMF use your CMS's authentication procedure.
3.  Read SMF's cookie to set the SESSION data of your CMS once the user leaves the FORUM
4. ?

[drool]

This is exactly what I was trying to do.

I got excellent help on the topic

view this thread

http://www.simplemachines.org/community/index.php?topic=248420.0

BTW

SMF resets the SESSION when a login takes place, and for some other actions.  The SESSION get's cleared after this hook runs. So everything gets wiped. 


Possible solutions

1 Use a cookie to store your CMS SESSION data
2 If you are confindent in you CMS authentication procedures.  Use SMF's  integrate_verify_user hook and have SMF use your CMS's authentication procedure.
3.  Read SMF's cookie to set the SESSION data of your CMS once the user leaves the FORUM
4. ?

Thanks for a quick response!!!!!.....

[drool]

Possible solutions

1 Use a cookie to store your CMS SESSION data
2 If you are confindent in you CMS authentication procedures.  Use SMF's  integrate_verify_user hook and have SMF use your CMS's authentication procedure.
3.  Read SMF's cookie to set the SESSION data of your CMS once the user leaves the FORUM
4. ?

I did the possible solutions. here's my results:

1. Not use it yet, because I have to do a lot of tweaking on my login authentication .

2. When I use the integrate_verify_user hook, I did retrieve the $ID_MEMBER, but how am I gonna use it?, and also it redirected me in the SMF login page, supposedly I should be redirected in my CMS members home page...

3.
Set the CMS session from the cookie that was set by SMF upon login using your function,

first I have to check if the cookie's have values-->

using the $data=unserialize($_COOKIE['SMF_COOKE']), I did not retrieve any values from it:
echo $data[0];  //null
echo $data[1];  //null
echo $data[2];  //null
echo $data[3];  //null

(put this code in  at the bottom of the integrate_login function just to check if it has values)

from Orstio's post:

When using any form of integration local cookies should always be off.  I think the term "local" in this case can be misinterpreted -- It means the cookies are stored on the server where SMF resides, not on the user's computer.

Please let me know if I'm doing right......

and always your response is very much appreciated!!

[ExcalibursZone]

I have been integrating a LOT of applications (web apps actually) with SMF. One of the things that REALLY irritated me with the login function was that it would never send me to the page that I specified in the call.

After some research in these forums, I found a quick fix to your #2 issue of redirecting to the SMF login:

Code Select Expand


<?php
// Copied from my MyBookmarks site that uses SMF for the user base.
$_SESSION['login_url'] = $mybookmarks_config['login_url'];
?>

What I've done is set up a config file for each of my applications, each with the login url set up (as you can see above). This works very well with my custom login page where I've set the form attributes to:

Code Select Expand


//$scripturl is your forum's root url: http://www.example.com/smf/index.php is an example.
<form id="login_form" action="<?= $scripturl ?>?action=login2" method="post" accept-charset="<?= $context['character_set'] ?>">

What I might suggest is this:
1) In your integration script, use the SSI.php found in your forum's root directory (by following the SSI.php instructions found elsewhere on these forums. Basically, just add it to the beginning of your page with an include or require).

2) Set the $_SESSION['login_url'] to the page you want to go to when you've logged in. Perhaps something like http://www.example.com/login-success.html which has a value of 1 or 2 or possibly some JavaScript.

3) Use whatever form you want to log in, just set the form attributes so the action points to index.php?action=login2. You could make this an AJAX call and upon receiving the response from login-success.html, execute the JavaScript which could dump you to the page you want to go to in the first place.

This is a suggestion.
What do I do?
I have everything housed in an index file. I include SSI.php and check to see if the person is already logged in. If the user is, I continue with the rest of the page, generating content as normal. If the user isn't, I instead include the login page and stop the script after that, allowing the user to login. It works very well and I can have any type of form I want for the login.

Why do I suggest doing this? Well, for one, using this method, you could use PHP's JSON functionality to JSON encode your session info for your CMS stuff, return it with the successful login, then reintroduce it through your redirect back into the session. It might get a bit tricky, but that's a possible way to get around the wiping of the session when SMF does its thing.

Then again, when the login page comes up and you've got all the CMS stuff set in the session, you could also write a quick database insert/update to save the session info in a separate table and reintroduce it that way as well. Just some ideas.

[Orstio]

This:

$data=unserialize($_COOKIE['SMF_COOKE'])

Is NEVER going to return anything, because not only is the word "COOKIE" spelled incorrectly, you need to replace "SMF_COOKIE" with your actual SMF cookie name.

[ExcalibursZone]

Ah, yeah, I didn't catch that one you could instead replace it with $cookiename, which you may need to make global if you're trying to do this within a function.

[drool]

ExcalibursZone, thanks I'll try your suggestion

Orstio, thanks I missed that one, - yup  its working now...