smf 2.0 api

[Andre N]

I was wondering about if you got this fixed.

What is md5apis? is that the api file?

If it's not working from another location, the odds are very very good that the other location can't see your smf cookie.

From the place you want to use the api:

1. include (require_once) the api file

2. make sure you can get the cookie data. Try

Code Select Expand


$cookie = $_COOKIE[$GLOBALS['cookiename']];
echo $cookie;

make sure you get some output, which should be an array with the member id and password hash serialized

3. If you don't get anything, check the path your cookie is set on. Make sure it is set on '/'. Check your settings to make sure you are using subdomain independent cookies, and store cookie locally is unchecked. Delete the cookie because it might be using the old settings. Log in again. Then retry. Use firecookie to see the cookie data.

4. Get the member id from the cookie and use that by sending it to the functions.

looking at this code:

Code Select Expand


list ($id_member, $hash) = unserialize($_COOKIE[SMFCookie11]);
echo $id_member;

SMFCookie11 is not a constant, use ['SMFCookie11']. better yet would be to use $GLOBALS[$cookiename] after you include the api.

If you still have issues with this pm me an ftp login, a test smf login and where exactly you are trying to use this code and I'll check it out for you

[fastpay]

Send PM.

[Andre N]

Update: to anyone with a similar issue as above, the serialized data had quotes that had been escaped '\', probably because of magic_quotes_gpc in the server configuration. The slashes had to be removed for the data to unserialize properly. You can manually use stripslashes or str_replace on the data before you unserialize it, or fix your server configuration and let the api do the work for you
So to sum it up, if you are able to get the cookie data, but not loading any user info this could be the cause

[dreison27]

Can I use this to register a user (Silently without email activation)? I Mean a customer buys a product using Download Guard(DLG) and DLG will output the user name and password ( I got this part) and then automatically Creates a user on the SMF Database with the details user name and password or possibly even email like DLG outputs.

DLG Outputs Details ----> Homemade Script to Create a user on SMF(using API) = Single login.

So this eliminates the process of having to login in to DLG and then SMF because I protect the SMF forum using DLG (so this is a single login). Makes sense?

There are a lot of People Wanting this Function but when somebody asked this they are always slapped with Documentation that really never is a solution. Because it is the other way around. SMF will be an add in on the Main Site not the other way around so it is so important to have a way to create a user using the Main sites registration process.

[Andre N]

Yes, you can use this to do exactly that

Code Select Expand


require_once #path to the api file

$regOptions = array('member_name' => $name, 'email' => $email, 'password' => $password);

smfapi_registerMember($regOptions);


There are a lot more registration options you can specify, but those are the only required ones

[dreison27]

Wow thanks. I'll try that one. 

[dreison27]

Ok. I tried it like this :

DLG-SMF-bridge.php

<?php
require_once($_SERVER['DOCUMENT_ROOT'] . '/forum/smf_2_api.php');

$name = "AKM-name";
$email = "[email protected]";
$password = "0054321";

$regOptions = array('member_name' => $name, 'email' => $email, 'password' => $password);

smfapi_registerMember($regOptions);
?>

and in browser - http://auctionkeywordmaster.com/forum/DLG-SMF-bridge.php [nofollow]

I thought nothing happened. Page only turned Blank White
and I looked at member list and realized I have set the registration setting to "member approval". After approving member it worked fine.

Thank you very much.

Another question, how can I give a created user a member group? example: I want the member that purchased a DLG product to have rights to view the VIP boards. So I need a way to assign them the VIP member group on user creation. Makes Sense?

[Andre N]

Hi, what you're saying makes perfect sense. There is a plethora of other variables you can add to the $regOptions array to register new members however you want. For setting the membergroup you would use $regOptions['memberGroup']. So when you're setting up the $regOptions array just add

Code Select Expand


'memberGroup' => (int group code),

or if you've already set up the $regOptions array

Code Select Expand


$regOptions['memberGroup'] = (int)your group code;


As for the registration settings for confirmation required and approval, the variable is called $regOptions['require']. There are 3 settings for this. 'nothing' will register the user and nothing else is required, (no confirmation, no approval). 'activation' means the account requires activation. Anything other than those two strings will result in activation necessary for the account. So, for example if you want the newly registered accounts to be ready to use you would set

Code Select Expand


$regOptions['require'] = 'nothing';

and if you wanted them to be user activated by their confirmation code you would use

Code Select Expand


$regOptions['require'] = 'activation';

and if you didn't specify anything the account would require admin approval.

If you go through the smfapi_registerMember() function, there are lots of other account details you could add, depending on how much information you want/need to share between smf and the other system

[dreison27]

You're God sent. THank you very much.

I made a mistake by using this before---> on the array 'membergroup' instead of the correct one 'memberGroup' this broke it but I realized the mistake and made the changes. Now it works. All I've got to do now is get the POST output from DLG and all will be fine.

Thank you Again.

Now Another question. I need to know how to make a single login work on DLG and SMF since they will have the same user data because of the DLG-SMF-registration.

So When they login on DLG they will also automatically be logon on SMF. and Also same is true with Logout.

[Andre N]

I'm not 100% sure what you're asking but it sounds like you want to log users in and out from DLG (whatever that is). The API has functions for login and logout too, and they're much easier to use than registration

Code Select Expand


    bool   smfapi_login(mixed $identifier, int $cookieLength)
        - sets cookie and session for user specified
        - will accept email address, username or member id
        - does no authentication; do that before calling this

    bool   smfapi_authenticate(mixed $username, string $password, bool $encrypted)
        - authenticates a username/password combo
        - will accept email address, username or member id

    bool   smfapi_logout(string $username)
        - logs the specified user out
        - will accept email address, username or member id


so you could use

Code Select Expand


smfapi_login($email);
or
smfapi_login($smfMemberId);
or
smfapi_login($smfUserName);

If you care how long the cookie is set for, set it using the second variable to match your other system.
For logout, same thing
Don't forget to require_once the API file before you call the API functions, and remember that the login function will do absolutely no authentication whatsoever, it will just log that user in. So make sure you authenticate them in DLG first, or use the authenticate function first

[dreison27]

I don't really know how cookies work. I haven't gotten that far on php.

This is the senario. As I login to DLG site i get logged in but I also want to be able to logged in on SMF silently using your API. But how do I extract the $_post data from the DLG form and send it silently to the Homemade Login Script and then passing that to API? CURL? I read about this but do not have any knowledge about this. Can't it be done using php? I know how forms work but this is something I haven't done before passing it to another PHP file silently after it logs in on DLG.

So this will basically be a single log-in/log-out system with DLG and SMF integrated.

Can you give example.   

[dreison27]

I tried this and works and logs me in on SMF but, Doesn't want me to logged in on DLG.

Code Select Expand

<?php if (is_page('members') || is_page('download-akm') || is_page('bonuses') || is_page('training-videos') || is_page('create-license')) { 
  $pathToDLG = "dlg2a/";
  $dlgMemberGroup = "1";
  include ($pathToDLG."members/dlgmembers.php");
  include ($_SERVER['DOCUMENT_ROOT'] . '/Jay-DLG-SMF-Bridge/cookieview.php');
  
 } ?>


The added line to login on SMF using cookieview.php-->

Code Select Expand

include ($_SERVER['DOCUMENT_ROOT'] . '/Jay-DLG-SMF-Bridge/cookieview.php');

DLG works without the above line.

Cookieview.php Contents :

Code Select Expand

<?php require_once($_SERVER['DOCUMENT_ROOT'] . '/Jay-DLG-SMF-Bridge/smf_2_api.php');

    if (isset($_SESSION['username'])){
    echo "User : ".$_SESSION['username'];

$email = $_SESSION['username'];
smfapi_login($email);
exit();
    } 


?>

This is what it looks before:

Code Select Expand

<?php if (is_page('members') || is_page('download-akm') || is_page('bonuses') || is_page('training-videos') || is_page('create-license')) { 
  $pathToDLG = "dlg2a/";
  $dlgMemberGroup = "1";
  include ($pathToDLG."members/dlgmembers.php");
 } ?>

I haven't authenticated yet. Is it really important? Can I skip it?

[Andre N]

You can skip authentication if you've already authenticated the login in DLG.

Try using this api file attached. I have modified it a little to not screw with the sessions of other systems; it won't even try to start a session if one is going. That might help. I also fixed a few things in it. Would love to upload this version if I ever get it approved :p

You need to find the location in your code where DLG has already authenticated the user and is ready to log them in, and use the login function then. Most likely just before DLG logs them in because it will probably redirect after. I don't know where that would be, but you could find it easily enough by looking for the file that the login form posts to. The API login function will just log the (valid) user in if you pass it the email. It will put the session info in the db and set the SMF cookie. It won't check anything.

As for the cookie settings, that value is the cookie length, or time to set the cookie for. How long do you want the cookie to hold the session as active? It would be ideal to match that with DLG. When they login, do you want them logged in forever? For 1 hour? If you don't know you can safely ignore it

[dreison27]

It still won't work.

This what works in DLG and enables me to login on DLG -->

Code Select Expand

<?php
 if (is_page('members') || is_page('download-akm') || is_page('bonuses') || is_page('training-videos') || is_page('create-license')) { 
  $pathToDLG = "dlg2a/";
  $dlgMemberGroup = "1";
  include ($pathToDLG."members/dlgmembers.php");
   
 } ?>

Now I include ---> include ($_SERVER['DOCUMENT_ROOT'] . '/Jay-DLG-SMF-Bridge/cookieview.php'); as in --->

Code Select Expand

<?php
 if (is_page('members') || is_page('download-akm') || is_page('bonuses') || is_page('training-videos') || is_page('create-license')) { 
  $pathToDLG = "dlg2a/";
  $dlgMemberGroup = "1";
  include ($pathToDLG."members/dlgmembers.php");
  include ($_SERVER['DOCUMENT_ROOT'] . '/Jay-DLG-SMF-Bridge/cookieview.php'); // this is the one added. Code to get session username of DLG and pass it to SMF API to login.

 } ?>

Because I want to get DLG session 'username' which is the email(username is email) and pass it to API using smfapi_login($email)

But when I do this DLG won't login anymore and just shows me the login form and looking at forum I refresh it and shows that I am successfully logged in.

http://www.mysite.com [nofollow] --> main site --> mainlogin using DLG
http://www.mysite.com/forum [nofollow]  ---> SMF ---> my script (cookieview.php) rides on DLG login via include

Yes I was thinking it might be the session is interfering with DLG because the API will start another session when I looked at API code.

The updated API you sent still won't work. I cannot modify or do anything on the DLG side. It is a paid script that protects a webpage by showing a login form to anyone who access the page and unlocking it if you buy membership on it. DLG just outputs username and password and secret key when a customer buys thus I used that to register a new member also on SMF by using API function smfapi_registerMember($regOptions);

This coding stuff gives me headaches haha 

[Andre N]

Why are you including cookieview.php? That might be preventing the login functionality of DLG rather than the API...
Can you post the code on the page your login form submits to? Won't it contain the email address in the $_POST data?

[dreison27]

Cookieview Contents:

Code Select Expand

<?php require_once($_SERVER['DOCUMENT_ROOT'] . '/Jay-DLG-SMF-Bridge/smf_2_api.php');

    if (isset($_SESSION['username'])){
  
$email = $_SESSION['username'];
smfapi_login($email);
exit();
    } 


?>

Cookieview.php gets the username(email is DLG username) from DLG session andthen just past it to API with the function smfapi_login($email);

Don't confuse the name of cookieview. I forgot to change it to something else. So it doesn't view any cookies. Yes that's what I was thinking but why does it prevents DLG to login, it's just a simple code to get session username for the API to use it.

Maybe I can just extract $username and just directly pass it silently to API without using that session thing. Can this be done? How? I mean If I use <form></form> It will not pass the data silently to the php file that contains  smfapi_login($email); that then passses to API? How to extract username when logging in to DLG? That's why I used that $email = $_SESSION['username']; to get the username. Am I coding it all wrong?

[dreison27]

The login form is built in to dlg. DLG is a protection script that protects a page. You protect a page by including DLG script like <?php include(path/DLG.php); ?> so I thought I can just include my script after DLG script like:

Code Select Expand


<?php include(path/DLG.php);
include(path/cookieview.php); ?>

cookieview.php content are just requiring the API like require(path/smf_api_2.php);
then getting the username on DLG by username:

$email = $_session[username]; //$email is used because DLG usernames are the email address
and calling function smfapi_login($email); to pass $email to API and call SMF to login.

So I was thinking that since DLG is the first to get login then after that is the SMF login code. I am thinking that SMF API might interrupting the DLG session login and then logging in to SMF.

But since you just fixed the API it is out of the question and it is not the culprit. I don't really now if i'm doing this right.

DLG is a commercial script so it cannot be modified. I got the registration fixed because once a customer buys in DLG - DLG has a setting to place a IPN script to call and post user details when a successful buy has been made. So I made the IPN using your API to create a user on SMF and is successful but login is another story.

[supportasian]

That's great idea.

[dreison27]

Ok I found what's happening.

I tried logging to DLG FIRST not using the SINGLE LOGIN SYSTEM/SCRIPT and then logging to SMF FOrum. THis is what I found out, I went back to DLG and found out I was automatically logged out after i login on SMF.

bug on SMF 2.0?

Can you confirm this?

[Andre N]

Ok I found what's happening.

I tried logging to DLG FIRST not using the SINGLE LOGIN SYSTEM/SCRIPT and then logging to SMF FOrum. THis is what I found out, I went back to DLG and found out I was automatically logged out after i login on SMF.

bug on SMF 2.0?

Can you confirm this?

How is DLG managing it's session?