Problem integrating SMF Login Check into Wordpress!!!!

[wushdishmeen]

I have been having issues with the way my site is setup ever since I moved to a new web host and added the WP Super Cache plugin to my blog.

I currently have an SMF Forum setup as the core of my entire site's user system.  I have been adding the SMF Login Check by requiring the SSI.php in the header's of all of my other subdomains that are outside of my SMF Forum.

For instance,  I have my SMF Forum in http://forum.mydomain.com and a Wordpress blog in http://blog.mydomain.com.  In the header.php file of the Wordpress blog I have added the following:

Code Select Expand

<?php
require_once('/home/xxxxxx/public_html/forum/SSI.php');
$ssi_ban = true;
is_not_banned();
ob_start();
is_not_guest('Access Denied');
?>

Before I moved hosts I had NO issues.  This code would make sure that the visitor was logged into my SMF forum before allowing them to view the blog.  If they weren't logged in it would redirect them to the SMF Login page.  If they were logged in the blog would display normally.

NOW,  after I moved and also installed WP Super Cache to save bandwidth I've been having issues and had to remove the code.  Leaving my blog wide open to the public.  What happens is that if a user is not logged in it will block the user from viewing the blog,  BUT if they ARE logged in it still shows the SMF Login page and keeps showing it on a LOOP.  Basically,  everytime a logged in user goes to the blog they are logged out of SMF and forced to login.  Once they do it just keep showing the login page.

I thought maybe it had something to do with pages being cached since it keeps serving the non-logged in file or something.  But even turning off WP Super Cache or deleting the cache in between trying to login it still does the same thing.  I tried removing WP Super Cache altogether and I'm still getting this issue.

Does ANYONE have any clue on what is happening here and how to fix it?  Thanks in advance for any help.

WORDPRESS VERSION: 3.0
SMF FORUM VERSION: SMF 2.0 RC2

[Kill Em All]

I would probably suggest trying to reinstall/reconfigure the bridge that you are using. SMF can't support the third party bridge, you will probably get better support over at their support forums.

[wushdishmeen]

This is the SMF support forums, is it not?  I'm also not using a bridge I am simply including the SSI.php with a require function and calling to the authentication functions in the header so that people who are not logged into my forum cannot use any subdomains on my site either.

It has worked with my other subdomains just fine but ever since I switched my Wordpress over to WP Super Cache plugin I am having issues.  My guess is that maybe caching pages removes the ability for wordpress to determine your login session when switching pages or something?  Since they are being served the same file over and over until it's updated it may interfere with the SSI.php function's ability to know whether the person is logged in or not.

BUT even when I removed the cache plugin it didn't work.  But I didn't try removing the plugin code from my .htaccess so could that be it?

[Kindred]

yes, anything that messes with the .htaccess and caching can screw up sessions.

Make sure that you also have subdomain independent cookies turned ON in the SMF admin > server settings

[wushdishmeen]

I have the "use subdomain independant cookies" turned on but still have the issue.

Anyone else have any ideas on what's going on here?

OTHERWISE....is there a way to migrate all of the users from SMF to wordpress so I can have my users just login to my wordpress with their exact same forum login details?    I would settle for it working manually by running a script or something.   But if I can get it so that anytime an account is created on SMF it's also added to the wordpress automatically that would be awesome.

But I'm not picky... I'll settle for having to manually update the wordpress accounts every so often.  ANY help at all is appreciated because this is a very big deal that I get this wordpress secured.

I've checked out some of the bridges and integrators but unfortunately they haven't worked.

I'm using SMF 2.0 RC2 and Wordpress 3.0.3

[wushdishmeen]

bump...  can anyone help?

I've since upgraded to SMF 2.0 RC3 and WordPress 3.1 and still having the issue after all this time.  I could REALLY use the help.

I'm using the following plugins:
WP Super Cache 0.9.9.9
WP Smush.it 1.3.4
WP Minify 1.0.4
Collapsing Archives 1.3.2

I suspect that WP Super Cache is the one that's messing with this but the weird part is I've been using that all along and this method worked at one point.

Code Select Expand


<?php
require_once('/home/mydomain/public_html/forum/SSI.php');
$ssi_ban = true;
is_not_banned();
is_not_guest('Access Denied');
?>

That's the code that I put at the top of the header.php on my wordpress blog and basically it's like it's starting a new session separate from the real SMF session whenever you visit the blog.   It shows the Login screen for my SMF forum and when you login it simply just takes you to my SMF Forum and if you go back to the wordpress blog it shows the login screen again.   BUT you can tell it's an entirely separate session because if you go to the wordpress and it shows the SMF login page and then I load my SMF forum it shows me as already logged in on SMF.

So clearly Wordpress is starting a new login session that is stuck on a loop and it's not matching the actual genuine SMF login session.  If this makes ANY sense to someone please help me figure this out because I need my Wordpress blog blocked off from people who are not members of my SMF forum.

[wushdishmeen]

bump...still looking for help.   It's really important that I block people who are not a member to my SMF forum from viewing my wordpress blog.    The PHP coding works for every other subdomain and script on my site except for wordpress.  Just keep getting an SMF login loop that works of a completely different session then the genuine one that logs you into SMF.

[wushdishmeen]

STILL looking for help.... please???

[wushdishmeen]

It seems to be just the is_not_guest('Access Denied'); function that is causing the issue with the endless login loop.  I can keep people who are banned in my SMF forum from viewing the wordpress blog using the is_not_banned function but when I use the is_not_guest function it screws up the wordpress blog and it never gets past the SMF login page.

Is there any chance that maybe wordpress has a is_not_guest function also and it's colliding with eachother?  I would appreciate some help!!

I'd even offer some money for whoever can figure out why this specific function is causing a problem and how to fix it?

[Kindred]

There is indeed a possibility of overlap/conflicting names...
Luckily, you an try using a different function or variable  from SMF, like is_logged

[wushdishmeen]

I'm aware of that function but how would I implement that into a wordpress blog so that the entire page doesn't show if you're not logged into my SMF forum?

I actually tried doing the is_logged function with an If statement but I couldn't figure out where in my wordpress theme to put any of the code.   Anything I tried resulted in PHP errors.

If you could give me a general idea of what exactly I can do I would appreciate it.   What's odd is that the is_not_guest function used to work perfectly by just slapping it at the top of my header.php file on my wordpress blog.   It seems like it stopped working at some point maybe after an upgrade?   I don't think they would rename a function in wordpress to is_not_guest though do you?  Why rename it at all.

So many people have looked at this thread and I've had no answers.   I really need the help as it is important I get the blog secured.

[Andre N]

Use the api and call the function that checks if a user is online. There won't be any function naming clashes because all the functions start with smfapi_

If you need further clarification let me know

[wushdishmeen]

I think my main concern is where in the wordpress do I place the coding so that the entire site doesn't show if they are not logged in and instead redirects them to my SMF login.   It works on all other subdomains on my site by simply using the is_not_guest function but with the wordpress it just keeps resetting itself back to the login screen everytime you login.   Almost like the login session is completely separate from the actual SMF login session and even after you login it just keeps looping back as if you never did.

Wordpress is made up of many different PHP files.  What I used to do was place the is_not_guest along with the require function of SSI.php in the header.php at the very top.   That blocked off the entire site automatically because the coding effects the rest of the page.  But with the user is logged function it requires you to place the coding throughout the page in order to block the whole thing and it has to be in the right places otherwise it'll clash with wordpress.

[Andre N]

Put the require_once SSI.php and the is_not_guest function at the very top of the header file.
That's how it should be... does it clash with Wordpress?

You could try this:
Download the api (smf_2_api.php)

Put it on your server somewhere.

in the Wordpress header, instead of the SSI.php file, use require_once to include the api file

then do your check like this:

Code Select Expand


if ($user_info['is_guest']) {
    //redirect to smf login
}


When you include the api file it will check the smf cookie and session to see if the user is logged into smf or not and generate the $user_info array.

[wushdishmeen]

Put the require_once SSI.php and the is_not_guest function at the very top of the header file.
That's how it should be... does it clash with Wordpress?

That's exactly how I was doing it and it used to work but it does not work anymore.   The $ssi_ban = true; and is_not_banned(); functions work as they should it's just the is_not_guest function that causes the login loop to happen.

I will try what you said as it seems like a good idea but what is the exact function to redirect to the smf login page?   You only put "// redirect to smf login" and not the actual code.   If you could let me know that would help.

Thanks

[Andre N]

The SSI.php file loads a LOT of functions, most of SMF it seems like. Maybe the variable names clash and are being overwritten of there is a function name collision somewhere.

Try what I said, it will work. As for the redirect, there is no function in the api that will redirect you to the smf login page, but you could use the php header function

Code Select Expand


header('Location: http://www.yourdomain.com/path/to/smf/index.php?action=login');


[wushdishmeen]

Yea but what's odd is with calling the SSI.php the is_not_banned and $ssi_ban functions work perfectly.  It's only when I try to use the is_not_guest function like I do everywhere else on my site.   That single function seems to clash somehow and cause some weird login loop separate from the actual SMF login session.

I did what you said though.

Code Select Expand

<?php
require_once('/home/xxxxxx/public_html/forum/smf_api.php');
if ($user_info['is_guest']) {
header('Location: http://forum.mydomain.com/index.php?action=login');
}
?>


I put it at the top of my header.php and it redirects to the login whether im logged in or not.

I also tried redirectexit function in place of the "header" function and it redirected me to the SMF login whether I was logged in or not.  Same thing.

So clearly something is missing because the ($user_info['is_guest']) function is not recognizing whether I'm logged in or not.

[Andre N]

Could your smf cookie settings be set for your smf path only?

[SlammedDime]

The WP Super Cache plugin will not help you save bandwidth, so if that's the only reason you installed it, might as well uninstall it.  You should probably re-read the plugin's page on Wordpress' site to understand it's purpose.  What you are wanting to accomplish while using the WP Super Cache plugin is not easily done by any stretch of the imagination.

[Andre N]

Just read above, and you said you have them set correctly. Can you include the api, and dump out $user_info and see what you are getting?