Integrating Login_ssi into my homepage. Help.

Started by Fedelrick, November 15, 2012, 11:06:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Fedelrick

November 15, 2012, 11:06:40 PM
I would just like to start by saying i am new to php but have a fair bit of experience with css and html which was what i was using in my site until i discovered php :D...
So i started with index.php and added :
<?php require("/home/content/27/10080727/html/forum/SSI.php");
?>
to the very top of my php document.
I then added:
<?php
if ($context['user']['is_guest'])
{
   ssi_login();
}
else
{
   ssi_logout();
}
?>
To the header of my html as that is where i am putting the login just to test it.
Issue Number 1: I would log in and it would automatically redirect me to the forum but when i went back to my home page i would be logged out. I solved this by going into the administration controls and changing the cookies.

Issue Number 2: Now that the log in and returning to the home page were working i tried to log out and i get an error message staying "Session verification failed. Please try logging out and back in again, and then try again."
So how can i fix this?

Issue Number 3: I have been trying without success to stop it from redirecting to the forum and instead keep it on the page used to log in, whether that be the home page or page 1. So far i have added:
<?php require("/home/content/27/10080727/html/forum/SSI.php");
   $_SESSION['login_url']='mysiteurl'.$_SERVER['PHP_SELF'];
   $_SESSION['logout_url']='mysiteurl'.$_SERVER['PHP_SELF'];
?>
to the top of my php file, but it still redirects me to the forum.
Could anyone suggest a solution??

Thanks in advance and sorry if there is another post similar to this.

Kindred

#1
November 15, 2012, 11:15:11 PM
Well, I believe that the redirect option is currently broken. It will always direct to the forum, because of that.

Other issue, turn on subdomain independent cookies in the SMF  admin  server settings
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Fedelrick

#2
November 15, 2012, 11:26:00 PM
Yeah i have enabled the subdomain cookies, thats how i solved the first issue. Thanks :D...
So there is no hope in fixing the redirect issue?

Kindred

#3
November 16, 2012, 12:16:49 AM
I don't think it was ever fixed
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Fedelrick

#4
November 16, 2012, 03:20:54 AM
Damn. Oh well, ill have to find a php developer later down the line and get them to help me out... How about the logging out problem? :/

Kindred

#5
November 16, 2012, 07:57:40 AM
try deleting your cookies and starting fresh....
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

EvoGamer

#6
January 02, 2013, 07:27:26 PM
Quote from: Fedelrick on November 15, 2012, 11:26:00 PM
So there is no hope in fixing the redirect issue?
Quote from: Kindred on November 16, 2012, 12:16:49 AM
I don't think it was ever fixed

If you read SSI.php for yourself (it's well commented), you'll notice that instead of reading the url from $_SESSION['login_url'], it reads it from the first argument to ssi_login().

Thus
Code Select
<?php ssi_login 'mysiteurl'.$_SERVER['PHP_SELF'] ); ?> should solve your problems.

Please note that I haven't tested this, I just read the code.

Kindred

#7
January 02, 2013, 07:51:13 PM
EvoGamer,

No it does not work...   that's part of the problem...
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

EvoGamer

#8
January 02, 2013, 11:39:02 PM
You're right, Kindred.

On further investigation, I believe I tracked down the appropriate code block. The only time in the entirety of the SMF codebase (not counting any addons) that $_SESSION['login_url'] is passed to any command is in Login2() in Sources/LogInOut.php:
Code (Lines 130-133) Select

$temp = $_SESSION['login_url'];
unset($_SESSION['login_url']);

redirectexit($temp);


This leads to redirectexit() from Sources/Sub.php which is used all over the place. Specifically within redirectexit() is:
Code (Lines 2680-2735) Select

function redirectexit($setLocation = '', $refresh = false)
{

// Stuff that doesn't affect us right now

$add = preg_match('~^(ftp|http)[s]?://~', $setLocation) == 0 && substr($setLocation, 0, 6) != 'about:';

// More Stuff that's unimportant to this problem

elseif ($add)
$setLocation = $scripturl . ($setLocation != '' ? '?' . $setLocation : '');

// The rest of the function, blah, blah
}


This appears to mean that unless $_SESSION['login_url'] starts with 'ftp(s)://' or 'http(s)://' or 'about:';, then it will append the url to $scripturl (which is set as $boardurl.'/index.php' - $boardurl is set in Settings.php). Thus:
Code Select
$_SESSION['login_url'] = 'mypage.php';
will cause the redirect to send you to:
Code Select
$boardurl.'/index.php?mypage.php'

PS: The 'if ($context['user']['is_guest'])' check in the OP is redundant, since that exact check already takes place inside both ssi_login() and ssi_logout(). Thus:
Code Select
<?php ssi_login(); ssi_logout(); ?> is sufficient.

EvoGamer

#9
January 03, 2013, 01:05:38 PM Last Edit: January 03, 2013, 05:18:30 PM by EvoGamer
A possible hotfix might be to replace line 2688 in Subs.php
Code Select
$add = preg_match('~^(ftp|http)[s]?://~', $setLocation) == 0 && substr($setLocation, 0, 6) != 'about:';
with
Code Select
$add = preg_match('~^(ftp|http|about)[s]?:~', $setLocation) == 0 && strpos($setLocation, '=') !== false;

This should allow relative urls to slip through unfiltered without breaking existing code (which currently assumes all urls will be either 'http://' absolutes, or 'action=post' internal links). It will still trip up if you attempt to pass $_GET vars to your relative urls (as the = sign will trigger the old behaviour).

Deadfire

#10
March 14, 2013, 05:26:12 PM Last Edit: March 14, 2013, 05:56:53 PM by Deadfire
I was looking at a way to do this as well and the option that Evogamer provided seems not to work. It results it a sucessful login but does not redirect instead gives you a blank page (sitename.net/index.php?action=login2;sa=check;member=*). However this may be my own issue with my code:

Code Select

require_once("sitename/forum/SSI.php");
global $context;
$_SESSION['login_url']='http://sitename.net'.$_SERVER['PHP_SELF'];
$_SESSION['logout_url']='http://sitename.net'.$_SERVER['PHP_SELF'];


Code Select

echo '<div id="user">
<p><img src="ui/social-map.png" alt="" />';

global $context;
if ($context['user']['is_guest'])
{
echo '
<a href="', $boardurl, '?action=register"><span>New?</span>Register</a>';
ssi_login($redirect_to = 'http://sitename.net', $output_method = 'array');
echo '<a href="', $boardurl, '?action=login;' . $context['session_var'] . '=' . $context['session_id'] . '"><span>Not?</span>Login</a></p>';
}
else{
echo ' <a href="', $boardurl, '?action=profile;u=', $member['id'], '"><span>Self?</span>Profile</a>';
ssi_logout($redirect_to = 'http://sitename.net', $output_method = 'array');
echo'<a href="', $boardurl, '?action=logout;' . $context['session_var'] . '=' . $context['session_id'] . '"><span>Later?</span>Logout</a></p>';
}
echo'</div>';



Is there another solution?
Print
Go Up Pages1
User actions
Advertisement: