Récuparation variables user pour authentification
ben.popeye Membre non connecté
-
Modérateur
- Voir le profil du membre ben.popeye
- Inscrit le : 04/08/2005
- Site internet
- Groupes :
-
Equipe Historique
Reprise du message précédent
Tous les liens intéressants pointent vers une page 404.Le projet a l'air en effet abandonné. Je ne sais pas si c'est une bonne idée de se lancer dans l'intégration d'un projet qui n'est plus presque plus maintenu.
killerman31 Membre non connecté
-
Booster Minigun
- Voir le profil du membre killerman31
- Inscrit le : 25/11/2010
Code PHP :
// login function for vBulletin function pLogin() { global $pConfig_auth; // redirect to Vbulletins's login form, with a return to this page. header("Location: " . $pConfig_auth['vBulletin_url']); exit; } // logout function for vBulletin function pLogout() { global $vbulletin,$pConfig_auth; // unset the session and remove all cookies foreach($_SESSION as $key=>$value) unset($_SESSION[$key]); // vBulletin session kill include_once($pConfig_auth['vBulletin_path'].'includes'.DIRECTORY_SEPARATOR.'functions_login.php'); process_logout(); } // Hack checking if (isset($_GET['pConfig_auth[vBulletin_path]']) || isset($_POST['pConfig_auth[vBulletin_path]'])) { // add logging when availible here. die('Hack attempt.'); } else { // setup vBulletin user integration define('VB_AREA', 'Forum'); define('CWD', $pConfig_auth['vBulletin_path']); include_once($pConfig_auth['vBulletin_path'].'includes'.DIRECTORY_SEPARATOR.'init.php'); // Get vBulletin userinfo $user = $vbulletin->userinfo; $pMain = new Mainframe(pVerify($user));
ben.popeye Membre non connecté
-
Modérateur
- Voir le profil du membre ben.popeye
- Inscrit le : 04/08/2005
- Site internet
- Groupes :
-
Equipe Historique
killerman31 Membre non connecté
-
Booster Minigun
- Voir le profil du membre killerman31
- Inscrit le : 25/11/2010
Je n'ai peut être pas été assez clair.
Pour personnaliser l'authentification, il faut créer 3 fichiers.
Je vais te mettre ceux qui ont été réalisés pour joomla par exemple.
Le premier (configure.php) est basique:
Caché :
Code PHP :
<?php // options for the user to change // users will have control over these variables $auth_option = array( array( 'text'=>'Joomla URL', 'description'=>'URL of your Joomla site', 'variable'=>'register_url', 'value'=>'http://'.$_SERVER['HTTP_HOST'].'/'), array( 'text'=>'Joomla Path', 'description'=>'Path to your installed Joomla, including trailing slash!', 'variable'=>'joomla_path', 'value'=>RAIDER_BASE_PATH.'joomla'.DIRECTORY_SEPARATOR) ); // hard coded options specific to the login script // users will not have control over these variables $auth_default = array( 'use_login'=>0 ); ?>
Le second functions.php sert à définir les fonctions qui seront appelées par la suite (comme Plogin/PLogout).
Voici l'exemple toujours pour Joomla:
Caché :
Code PHP :
<?php // no direct access defined('_VALID_RAID') or die('Restricted Access'); function pVerify($user) { global $db_raid, $pConfig; $userdata = array(); if (isset($user) && $user->id>0) { $sql['SELECT'] = '*'; $sql['FROM'] = 'profile'; $sql['WHERE'] = 'profile_id='.intval($user->id); $db_raid->set_query('select', $sql, __FILE__, __LINE__); unset($sql); // if nothing returns we need to create profile // otherwise they have a profile so let's set their ID // we'll just use the Joomla user id as the profile ID to simplify things if($db_raid->sql_numrows() == 0) { // are they a super user? $sql['SELECT'] = '*'; $sql['FROM'] = 'profile'; $sql['WHERE'] = 'profile_id>0'; $check = $db_raid->set_query('select', $sql, __FILE__, __LINE__); unset($sql); // nothing returned, create profile $sql['INSERT'] = 'profile'; $sql['VALUES'] = array( 'profile_id'=>intval($user->id), 'user_email'=>$user->email, 'password'=>'', 'group_id'=>(($db_raid->sql_numrows($check) == 0)?1:$pConfig['default_group']), 'username'=>$user->username, 'join_date'=>time()); $db_raid->set_query('insert', $sql, __FILE__, __LINE__); $userdata['group_id'] = $sql['VALUES']['group_id']; $userdata['timezone'] = 0; $userdata['dst'] = 0; } else { // profile exists set group $data = $db_raid->fetch(); $userdata['group_id'] = $data['group_id']; $userdata['timezone'] = $data['timezone']; $userdata['dst'] = $data['dst']; } $userdata['profile_id'] = $user->id; $userdata['session_logged_in'] = 1; $userdata['username'] = $user->username; $userdata['user_email'] = $user->email; } return $userdata; } function pLogin() { global $pConfig,$pConfig_auth; // handle redirection because we're not using login_form pRedirect($pConfig_auth['register_url']); exit; } function pLogout() { // unset the session and remove all cookies global $mainframe, $dbf; $mainframe->logout(); foreach($_SESSION as $key=>$value) unset($_SESSION[$key]); setcookie('username'); setcookie('password'); session_destroy(); } // Hack checking if (isset($_GET['pConfig_auth[joomla_path]']) || isset($_POST['pConfig_auth[joomla_path]'])) { // add logging when availible here. die('Hack attempt.'); } else { // Set flag that this is a parent file define( '_VALID_MOS', 1 ); require_once($pConfig_auth['joomla_path'].'configuration.php'); require_once($pConfig_auth['joomla_path'].'includes'.DIRECTORY_SEPARATOR.'joomla.php'); $mainframe = new mosMainFrame( $database, '', $pConfig_auth['joomla_path'] ); $mainframe->initSession(); $ses = $mainframe->get('_session'); // Make sure we don't have an anonymous user. if (isset($ses) && $ses->guest == 0) { $userdata = $mainframe->getUser(); $pMain = new Mainframe(pVerify($userdata)); } else { $pMain = new Mainframe(); } } ?>
Et le dernier (install.php) sert à gérer l'installation:
Caché :
Code PHP :
<?php // SECURITY MEASURE DO NOT REMOVE!! defined('_VALID_SETUP') or die('Restricted Access'); include(RAIDER_BASE_PATH.'authentication'.DIRECTORY_SEPARATOR.'joomla10'.DIRECTORY_SEPARATOR.'joomla10.configure.php'); include(RAIDER_BASE_PATH.'configuration.php'); // add to database $link = mysql_connect($pConfig['db_server'], $pConfig['db_user'], $pConfig['db_pass']); if(!$link) { $output .= '<font color=red>Unable to connect to database.</font><br>'; $error = 1; } if(!mysql_select_db($pConfig['db_name'])) $output .= '<font color=red>Unable to select database.</font><br>'; else $output .= '<font color=green>Database selected.</font><br>'; $result = mysql_query("SELECT * FROM {$pConfig['db_prefix']}profile"); $count = mysql_num_rows($result); // setup output $output = '<form method="post" action="install.php?option='.$i.'">'; if($count == 0) { $output .= '<strong>THE FIRST USER TO VISIT PHPRAIDER AFTER LOGGING INTO THE FORUMS WILL BE SET AS AN ADMINISTRATOR!!!</strong><br><br>'; } // each field for configuration $output .= "<div class=contentHeader>Setup Authentication Method</div><br> <div class=contentBody> <div align=center> <table width=100% cellpadding=3 cellspacing=1 border=0>"; for($j=0; $j<count($auth_option); $j++) { if(empty($_POST[$auth_option[$j]['variable']])) { $name = $auth_option[$j]['text']; } else { $name = $_POST[$auth_option[$j]['variable']]; } $output .= '<tr> <td width="30%" valign="top"><div align="right"><strong>'.$auth_option[$j]['text'].':</strong><br>'.$auth_option[$j]['description'].'</div></td> <td width="70%" valign="top"> <div align="left"> <input type="text" name="'.$auth_option[$j]['variable'].'" value="'.$auth_option[$j]['value'].'" class="post" style="width:200px"> </div> </td> </tr>'; } $output .= "</table></div><br></div><div align=center><br><input type=submit name=submit value=Submit class=mainoption></div>"; // introduction file if($task == '') { if(empty($_POST)) { $p->assign($_POST); $p->assign('output', $output); // display form $p->display($option.'.tpl'); } else { // do the auth options for($j=0;$j<count($auth_option);$j++) { $sql = sprintf("REPLACE INTO %sconfig_auth" . "n (`name`, `value`)" . "n VALUES ('%s','%s');" ,$pConfig['db_prefix'],$auth_option[$j]['variable'],(get_magic_quotes_gpc())?$_POST[$auth_option[$j]['variable']]:addslashes($_POST[$auth_option[$j]['variable']])); mysql_query($sql) or die(mysql_error()); } // do the auth required foreach($auth_default as $key=>$value) { $sql = sprintf("REPLACE INTO %sconfig_auth" . "n (`name`, `value`)" . "n VALUES ('%s','%s');" ,$pConfig['db_prefix'],$key,$value); mysql_query($sql) or die(mysql_error()); } mysql_close($link); header('Location: install.php?option='.$next_option); exit; } } else { printError($pLang['invalidOption']); } ?>
Par contre, la ou je n'ai peut être pas été très clair, c'est que ces 3 fichiers ne sont que "l'étape personnalisation de l'installation".
Il y a au préalable quelques étapes (install de la DB par exemple) qui sont génériques quelque soit le type d'authentification.
Je vais donc te les linker, ca te sera peut être utile:
Install.php
Caché :
Code PHP :
<?php // set flag for parent component define('_VALID_SETUP',1); // setup base paths (added in 1.0.2 to simplify directories) define('RAIDER_BASE_PATH', str_replace('install'.DIRECTORY_SEPARATOR,'',dirname(__FILE__).DIRECTORY_SEPARATOR)); // buffering ob_start(); // start session to store variables we need later session_start(); isset($_GET['upgrade']) ? $_SESSION['upgrade'] = 1 : false; clearstatcache(); if (file_exists(RAIDER_BASE_PATH.'templates_c') && is_writeable(RAIDER_BASE_PATH.'templates_c')) { // setup smarty template object include(RAIDER_BASE_PATH.'includes'.DIRECTORY_SEPARATOR.'classes'.DIRECTORY_SEPARATOR.'smarty'.DIRECTORY_SEPARATOR.'Smarty.class.php'); include(RAIDER_BASE_PATH.'includes'.DIRECTORY_SEPARATOR.'classes'.DIRECTORY_SEPARATOR.'smarty'.DIRECTORY_SEPARATOR.'SmartyValidate.class.php'); global $p; $p = &new Smarty; $p->cache_dir = '../cache'; $p->compile_dir = '../templates_c'; $p->caching = false; // setup common variables isset($_GET['task']) ? $task = $_GET['task'] : $task = ''; isset($_GET['option']) ? $option = $_GET['option'] : $option = ''; // Make sure variables are initialized to avoid warnings. if (!isset($pConfig['template'])) { $pConfig['template'] = 'default'; } $output = ''; $sql = ''; $scripts = ''; // header include('header.php'); isset($_GET['option']) ? $i = $_GET['option'] : $i = 1; $next_option = $i+1; include($i.'.php'); include('footer.php'); } else { echo 'The directory ''.RAIDER_BASE_PATH.'templates_c' either doesn't exist or it's not writeable.<br>'; echo 'Please read the file docsREADME.html before you continue.'; } ob_flush(); ?>
1.php
Caché :
Code PHP :
<?php // no direct access defined('_VALID_SETUP') or die('Restricted Access'); function in_Open_Basedir_path($path, $open_basedir) { $result = false; $open_basedirs = explode(PATH_SEPARATOR,strtolower($open_basedir)); $path = strtolower($path); foreach ($open_basedirs as $dir) { if ($dir == '.') { $dir = strtolower(dirname(__FILE__)); } if (substr($dir,-1)!=DIRECTORY_SEPARATOR) { $dir .= DIRECTORY_SEPARATOR; } if (strpos($path, $dir) === 0) { $result = true; break; } } return $result; } // introduction file if($task == '') { $base_path = str_replace('install', '', dirname(__FILE__)); $open_basedir = ini_get('open_basedir'); in_Open_Basedir_path('C:\Webdev\Site\phpRaider_svn\trunk\install\', $open_basedir); if (!$CONCAT(open_basedir , in_Open_Basedir_path)($base_path, $open_basedir)) { $phpraider = ''; if(is_writable($base_path.'templates_c')) { $templates = '<div style="color: lime">The <strong>templates/</strong> directory is writeable.</div>'; } else { $templates = '<div style="color: red">The <strong>templates/</strong> directory IS NOT writable!</div>'; } if(is_writable($base_path.'cache')) { $cache = '<div style="color: lime">The <strong>cache/</strong> directory is writeable.</div>'; } else { $cache = '<div style="color: red">The <strong>cache/</strong> directory IS NOT writable!</div>'; } if (file_exists($base_path.'configuration.php')) { if(is_writable($base_path.'configuration.php')) { $configuration = '<div style="color: lime">The <strong>configuration.php</strong> file is writeable.</div>'; } else { $configuration = '<div style="color: red">The <strong>configuration.php</strong> file IS NOT writable!</div>'; } } else { // File doesn't exist, file should be writeable if the directory is writeable. if(is_writable($base_path)) { $configuration = '<div style="color: lime">The <strong>configuration.php</strong> file is writeable.</div>'; } else { $configuration = '<div style="color: red">The <strong>configuration.php</strong> file doesn't exist!</div>'; $phpraider = '<div style="color: red">The <strong>phpRaider/</strong> directory IS NOT writable!</div>'; } } } else { $phpraider = '<div style="color: red">PHP's <a href="http://www.php.net/manual/en/ini.core.php#ini.open-basedir">open_basedir</a> restrictions is set to "'.$open_basedir.'" this will interfer with phpRaider, please add "'.$base_path.'" to your open_basedir setting.</div>'; $templates = ''; $cache = ''; $configuration = ''; } // Get the path for php.ini for later use. $php_configuration_file = get_cfg_var('cfg_file_path'); // Checks the error reporting settings. $errorReporting = error_reporting(); $errorReportingNotice = $errorReporting & 8; if ($errorReportingNotice != 0) { $php_error_reporting = '<div style="color: red">Your PHP setup is reporting notices as well as errors. This is a development setting in PHP.</div>'; } else { $php_error_reporting = ''; } // Check if session cookies are enabled $session_use_only_cookies = ini_get('session.use_only_cookies'); if ($session_use_only_cookies == 1) { $session_cookie = '<div style="color: lime">Session cookies are used.</div>'; $session_trans_sid = '<div style="color: lime">Session trans_sid are not used.</div>'; } else { $session_cookie_enabled = ini_get('session.use_cookies'); if ($session_cookie_enabled == 1) { $session_cookie = '<div style="color: lime">Session cookies are used.</div>'; } else { $session_cookie = '<div style="color: red">Session cookies are disabled.!</div>'; } $session_trans_sid_enabled = ini_get('session.use_trans_sid'); if ($session_trans_sid_enabled == 1) { $session_trans_sid = '<div style="color: red">Session trans_sid are used, this setting isn't recomended,since it's a safety risk.</div>'; } else { $session_trans_sid = '<div style="color: lime">Session trans_sid are not used.</div>'; } } // Check if session save path is configured. $session_save_path = ini_get('session.save_path'); if (!empty($session_save_path)) { // Session save path is defined, let's check if it's writeable. if (!preg_match('/\'.DIRECTORY_SEPARATOR.'$/',$session_save_path)) { $session_save_path .= DIRECTORY_SEPARATOR; } if (!$CONCAT(open_basedir , in_Open_Basedir_path)($session_save_path, $open_basedir)) { if (file_exists($session_save_path)) { if( is_writable($session_save_path)) { $session_path = '<div style="color: lime">The session save path <strong>'.$session_save_path.'</strong> directory is writeable.</div>'; } else { $session_path = '<div style="color: red">The session save path <strong>'.$session_save_path.'</strong> directory IS NOT writable!</div>'; } } else { $session_path = '<div style="color: red">The session save path <strong>'.$session_save_path.'</strong> directory doesn't exist!</div>'; } } else { $session_path = '<div style="color: orange">Can not determine if session save path <strong>'.$session_save_path.'</strong> is writeable because <a href="http://www.php.net/manual/en/ini.core.php#ini.open-basedir">open_basedir</a> restricts the allowed php paths to "'.$open_basedir.'"</div>'; } } else { // Session save path not defined. $session_path = '<div style="color: red">The session save path is not defined in your php.ini '.(empty($php_configuration_file)?'':'('.$php_configuration_file.') ').'file!</div>'; } // Check if register_globals is enabled or disabled. if (ini_get('register_globals')) { $register_globals = '<div style="color: red">register_globals is on. For your own safety, it's better to turn this option off.</div>'; } else { $register_globals = '<div style="color: lime">register_globals is off.</div>'; } $p->assign( array( 'templates' => $templates, 'cache' => $cache, 'phpraider' => $phpraider, 'configuration' => $configuration, 'php_error_reporting' => $php_error_reporting, 'session_cookie' => $session_cookie, 'session_trans_sid' => $session_trans_sid, 'session_path' => $session_path, 'register_globals' => $register_globals, 'next_option'=>$next_option ) ); $p->display('1.tpl'); } else { printError($pLang['invalidOption']); } ?>
2.php
Caché :
3.php
Caché :
Code PHP :
<?php // no direct access defined('_VALID_SETUP') or die('Restricted Access'); // introduction file if($task == '') { if(empty($_POST)) { // setup install types $install = '<select name="install" class="post">'; $install .= '<option value="install">Fresh Installation</option>'; $install .= '<option value="upgrade">Upgrade</option>'; $install .= '</select>'; } else { if($_POST['install'] == 'install') { header("Location: install.php?option=4"); exit; } else { header("Location: upgrade.php"); } } $p->assign('install',$install); $p->assign('next_option',$next_option); $p->display($option.'.tpl'); } else { printError($pLang['invalidOption']); } ?>
4.php
Caché :
Code PHP :
<?php // no direct access defined('_VALID_SETUP') or die('Restricted Access'); // introduction file if($task == '') { if(empty($_POST)) { // setup defaults (crude) $_POST['pConfig_db_server'] = 'localhost'; $_POST['pConfig_db_name'] = 'phpraider'; $_POST['pConfig_db_prefix'] = 'phpraider_'; $p->assign($_POST); // new form, we (re)set the session data SmartyValidate::connect($p, true); // register our validators SmartyValidate::register_validator('hostname', 'pConfig_db_server', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('name', 'pConfig_db_name', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('username', 'pConfig_db_user', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('prefix', 'pConfig_db_prefix', 'notEmpty', false, false, 'trim'); // display form $p->display($option.'.tpl'); } else { // validate after a POST SmartyValidate::connect($p); $error = 0; // verify that database connection succeeds $link = @mysql_connect($_POST['pConfig_db_server'], $_POST['pConfig_db_user'], $_POST['pConfig_db_pass']); if(!$link) { $error = 1; $error_msg = '<div class="errorBody">Unable to connect to database!<br>'.mysql_error().' ('.mysql_errno().')</div>'; } else { if(!mysql_select_db($_POST['pConfig_db_name'])) { $error = 1; $error_msg = "<div class=errorBody>Unable to select database {$_POST['pConfig_db_name']}. Verify that it exists!</div>"; } else { if (function_exists('mysql_get_server_info')) { $mysqlVersion = mysql_get_server_info($link); } else { $result = @mysql_query('SELECT version()'); $mysqlVersion = @mysql_result($result,0); @mysql_free_result($result); } if ($mysqlVersion) { $myVersion = explode('.',$mysqlVersion); if ($myVersion[0]<4) { $error = 1; $error_msg = "<div class=errorBody>The database server at {$_POST['pConfig_db_server']} is version: {$mysqlVersion}, needs to be at least 4.1.</div>"; } elseif ($myVersion[0]==4 && $myVersion[1]<1) { $error =1; $error_msg = "<div class=errorBody>The database server at {$_POST['pConfig_db_server']} is version: {$mysqlVersion}, needs to be at least 4.1.</div>"; } } } } if($error) $p->assign($_POST); if ($link) { mysql_close($link); } if(SmartyValidate::is_valid($_POST) && $error == 0) { // no errors, done with SmartyValidate SmartyValidate::disconnect(); foreach($_POST as $key => $value) $_SESSION[$key] = $value; // make sure pConfig_db_pers is saved also. if (isset($_POST['pConfig_db_pers'])) { $_SESSION['pConfig_db_pers'] = 1; } else { $_SESSION['pConfig_db_pers'] = 0; } if (isset($_POST['pConfig_db_newlink'])) { $_SESSION['pConfig_db_newlink'] = 1; } else { $_SESSION['pConfig_db_newlink'] = 0; } header('Location: install.php?option='.$next_option); exit; } else { // error, redraw the form $p->assign('error',$error_msg); $p->assign('next_option',$next_option); $p->display($option.'.tpl'); } } } else { printError($pLang['invalidOption']); } ?>
5.php
Caché :
Code PHP :
<?php error_reporting('NONE'); // no direct access defined('_VALID_SETUP') or die('Restricted Access'); // setup output $output = "<?phpn// This file is generated automaticallyn// Do not alter unless instructed to do so!nn"; $output .= "global $pConfig;n"; foreach($_SESSION as $key=>$value) { if (substr($key, 0, 8) == 'pConfig_') { $output .= "$pConfig['".substr($key, 8)."'] = '{$value}';n"; } } $output .= "?>"; // setup output $output_html = nl2br(htmlspecialchars($output)); // write configuration file $fd = fopen(RAIDER_BASE_PATH.'configuration.php', 'w+'); if(!$fd) { $p->assign('error',"<div align=center> <div class=errorBody> Unable to write configuration file. Please follow the instructions below to create the file manually. <ol> <li> Create a blank file named <strong>configuration.php</strong>. </li> <li> Copy and paste the following inside the file you just created <table width=75% cellpadding=5 cellspacing=0 border=1 style=border:1px solid #ffffff> <tr style=background-color:#ffffff> <td>".$output_html."</td> </tr> </table> </li> <li> Save the file. </li> <li> Upload the file to your webserver in the base directory <strong>".RAIDER_BASE_PATH."</strong> </li> </ol> Aftewards, click <a href=install.php?option={$next_option}>here</a> to continue. </div> </div>"); } else { $p->assign('next_option',$next_option); $p->assign('error','<div align="left" style="color:lime"> Configuration file written successfully! </div> <div style="text-align:left"> <a href="install.php?option='.$next_option.'">Continue</a> </div>'); fwrite($fd, $output); fclose($fd); } $p->display($option.'.tpl'); ?>
6.php
Caché :
Code PHP :
<?php // no direct access defined('_VALID_SETUP') or die('Restricted Access'); include(RAIDER_BASE_PATH.'configuration.php'); include(RAIDER_BASE_PATH.'includes'.DIRECTORY_SEPARATOR.'functions.db.php'); // writing information to database $link = mysql_connect($pConfig['db_server'], $pConfig['db_user'], $pConfig['db_pass']); if(!$link) { $output .= '<font color=red>Unable to connect to database.</font><br>'; $error = 1; } if(!mysql_select_db($pConfig['db_name'])) $output .= '<font color=red>Unable to select database.</font><br>'; else $output .= '<font color=lime>Database selected.</font><br>'; // parse the sql file $sqlErrors = sqlFromFile(RAIDER_BASE_PATH.DIRECTORY_SEPARATOR.'install'.DIRECTORY_SEPARATOR.'schema'.DIRECTORY_SEPARATOR.'install'.DIRECTORY_SEPARATOR.'install.sql'); if ($sqlErrors) { if (is_array($sqlErrors)) { foreach ($sqlErrors as $sqlError) { $output .= '<font color=red><strong>Error:</strong> '.$sqlError['error_message'].' ('.$sqlError['error_number'].')</font> with sql <b>'.$sqlError['sql'].'</b><br>'; } } else { $output .= $sqlErrors; } } else { $output .= '<font color=lime>SQL execution complete.</font><br><br>Click <a href=install.php?option='.$next_option.'>here</a> to continue.'; } // update a few configuration settings $self = str_replace('/install/install.php','', $_SERVER['PHP_SELF']). '/'; mysql_query("UPDATE ".$pConfig['db_prefix']."config SET `value`='http://{$_SERVER['HTTP_HOST']}{$self}' WHERE `name`='site_url'"); mysql_close($link); $p->assign('next_option',$next_option); $p->assign('output',$output); $p->display('6.tpl'); ?>
7.php
Caché :
Code PHP :
<?php // no direct access defined('_VALID_SETUP') or die('Restricted Access'); // setup authentication list $dh = opendir(RAIDER_BASE_PATH.'authentication'.DIRECTORY_SEPARATOR); while(false != ($filename = readdir($dh))) { if (preg_match("/^[w-]+$/si", $filename) == 1) { if (is_dir(RAIDER_BASE_PATH.'authentication'.DIRECTORY_SEPARATOR.$filename)) { if (file_exists(RAIDER_BASE_PATH.'authentication'.DIRECTORY_SEPARATOR.$filename.DIRECTORY_SEPARATOR.$filename.'.functions.php')) { $files[] = $filename; } } } } natcasesort($files); if(empty($_POST) || !in_array($_POST['authentication'],$files)) { $games = '<select name="authentication">'; foreach($files as $value) { if($value == 'phpraider') { $name = $value.' [default]'; $selected = 'selected'; } else { $selected = ''; $name = $value; } $games .= '<option value="'.$value.'"'.$selected.'>'.$name.'</option>'; } $games .= '</select>'; $p->assign('games', $games); unset($files); // template file $p->assign('auth_method',$games); $p->assign('next_option',$next_option); $p->display('7.tpl'); } else { include(RAIDER_BASE_PATH.'configuration.php'); // set authentication method $link = mysql_connect($pConfig['db_server'], $pConfig['db_user'], $pConfig['db_pass']); mysql_select_db($pConfig['db_name']); mysql_query("UPDATE `{$pConfig['db_prefix']}config` SET `value`='{$_POST['authentication']}' WHERE `name`='authentication'"); $_SESSION['pConfig_authentication'] = $_POST['authentication']; header("Location:install.php?option=".$next_option); exit; } ?>
8.php
Caché :
Code PHP :
<?php // no direct access defined('_VALID_SETUP') or die('Restricted Access'); // get auth method include(RAIDER_BASE_PATH.'configuration.php'); // run authentication installation file include(RAIDER_BASE_PATH.'authentication'.DIRECTORY_SEPARATOR.$_SESSION['pConfig_authentication'].DIRECTORY_SEPARATOR.$_SESSION['pConfig_authentication'].'.install.php'); ?>
9.php
Caché :
Code PHP :
<?php // no direct access defined('_VALID_SETUP') or die('Restricted Access'); $p->display('9.tpl'); session_destroy(); ?>
En espérant avoir pu t'aider!!!
En tout cas, merci de tout coeur de ton aide
Édité par killerman31 Le 04/01/2011 à 17h16
ben.popeye Membre non connecté
-
Modérateur
- Voir le profil du membre ben.popeye
- Inscrit le : 04/08/2005
- Site internet
- Groupes :
-
Equipe Historique
Quelques questions : configure.php contient des variables utilisées par functions.php si j'ai bien compris ?
Que fait install.php ? En quoi l'installation de la galerie est spécifique au CMS ?
killerman31 Membre non connecté
-
Booster Minigun
- Voir le profil du membre killerman31
- Inscrit le : 25/11/2010
Citation :
configure.php contient des variables utilisées par functions.php si j'ai bien compris ?
Tu as bien compris!
Citation :
Que fait install.php?
En fait , Il faut faire gaffe, il y a 2 fichiers install.php.
Le fichier install.php de mon calendrier, qui lui est totalement indépendant du CMS et qu'il faut "lancer" en premier durant l'installation (c'est le 4eme fichier que je t'ai linké sur le post précédent).
Et ensuite, un install.php spécifique pour chaque CMS (3ème fichier que je t'ai linké hier). J'ai l'impression que cet install.php est le fichier "chapeau" de l'authentification (à savoir que c'est lui qui appelle et utilise les fichiers configure.php et functions.php). En regardant de plus prêt, j'ai l'impression que c'est presque un fichier générique, quasiment identique pour tous les CMS.
Je t'en link quelques uns:
Joomla10
Caché :
Code PHP :
<?php // SECURITY MEASURE DO NOT REMOVE!! defined('_VALID_SETUP') or die('Restricted Access'); include(RAIDER_BASE_PATH.'authentication'.DIRECTORY_SEPARATOR.'joomla10'.DIRECTORY_SEPARATOR.'joomla10.configure.php'); include(RAIDER_BASE_PATH.'configuration.php'); // add to database $link = mysql_connect($pConfig['db_server'], $pConfig['db_user'], $pConfig['db_pass']); if(!$link) { $output .= '<font color=red>Unable to connect to database.</font><br>'; $error = 1; } if(!mysql_select_db($pConfig['db_name'])) $output .= '<font color=red>Unable to select database.</font><br>'; else $output .= '<font color=green>Database selected.</font><br>'; $result = mysql_query("SELECT * FROM {$pConfig['db_prefix']}profile"); $count = mysql_num_rows($result); // setup output $output = '<form method="post" action="install.php?option='.$i.'">'; if($count == 0) { $output .= '<strong>THE FIRST USER TO VISIT PHPRAIDER AFTER LOGGING INTO THE FORUMS WILL BE SET AS AN ADMINISTRATOR!!!</strong><br><br>'; } // each field for configuration $output .= "<div class=contentHeader>Setup Authentication Method</div><br> <div class=contentBody> <div align=center> <table width=100% cellpadding=3 cellspacing=1 border=0>"; for($j=0; $j<count($auth_option); $j++) { if(empty($_POST[$auth_option[$j]['variable']])) { $name = $auth_option[$j]['text']; } else { $name = $_POST[$auth_option[$j]['variable']]; } $output .= '<tr> <td width="30%" valign="top"><div align="right"><strong>'.$auth_option[$j]['text'].':</strong><br>'.$auth_option[$j]['description'].'</div></td> <td width="70%" valign="top"> <div align="left"> <input type="text" name="'.$auth_option[$j]['variable'].'" value="'.$auth_option[$j]['value'].'" class="post" style="width:200px"> </div> </td> </tr>'; } $output .= "</table></div><br></div><div align=center><br><input type=submit name=submit value=Submit class=mainoption></div>"; // introduction file if($task == '') { if(empty($_POST)) { $p->assign($_POST); $p->assign('output', $output); // display form $p->display($option.'.tpl'); } else { // do the auth options for($j=0;$j<count($auth_option);$j++) { $sql = sprintf("REPLACE INTO %sconfig_auth" . "n (`name`, `value`)" . "n VALUES ('%s','%s');" ,$pConfig['db_prefix'],$auth_option[$j]['variable'],(get_magic_quotes_gpc())?$_POST[$auth_option[$j]['variable']]:addslashes($_POST[$auth_option[$j]['variable']])); mysql_query($sql) or die(mysql_error()); } // do the auth required foreach($auth_default as $key=>$value) { $sql = sprintf("REPLACE INTO %sconfig_auth" . "n (`name`, `value`)" . "n VALUES ('%s','%s');" ,$pConfig['db_prefix'],$key,$value); mysql_query($sql) or die(mysql_error()); } mysql_close($link); header('Location: install.php?option='.$next_option); exit; } } else { printError($pLang['invalidOption']); } ?>
Joomla15
Caché :
Code PHP :
<?php // SECURITY MEASURE DO NOT REMOVE!! defined('_VALID_SETUP') or die('Restricted Access'); include(RAIDER_BASE_PATH.'authentication'.DIRECTORY_SEPARATOR.'joomla15'.DIRECTORY_SEPARATOR.'joomla15.configure.php'); include(RAIDER_BASE_PATH.'configuration.php'); // add to database $link = mysql_connect($pConfig['db_server'], $pConfig['db_user'], $pConfig['db_pass']); if(!$link) { $output .= '<font color=red>Unable to connect to database.</font><br>'; $error = 1; } if(!mysql_select_db($pConfig['db_name'])) $output .= '<font color=red>Unable to select database.</font><br>'; else $output .= '<font color=green>Database selected.</font><br>'; $result = mysql_query("SELECT * FROM {$pConfig['db_prefix']}profile"); $count = mysql_num_rows($result); // setup output $output = '<form method="post" action="install.php?option='.$i.'">'; if($count == 0) { $output .= '<strong>THE FIRST USER TO VISIT PHPRAIDER AFTER LOGGING INTO THE FORUMS WILL BE SET AS AN ADMINISTRATOR!!!</strong><br><br>'; } // each field for configuration $output .= "<div class=contentHeader>Setup Authentication Method</div><br> <div class=contentBody> <div align=center> <table width=100% cellpadding=3 cellspacing=1 border=0>"; for($j=0; $j<count($auth_option); $j++) { if(empty($_POST[$auth_option[$j]['variable']])) { $name = $auth_option[$j]['text']; } else { $name = $_POST[$auth_option[$j]['variable']]; } $output .= '<tr> <td width="30%" valign="top"><div align="right"><strong>'.$auth_option[$j]['text'].':</strong><br>'.$auth_option[$j]['description'].'</div></td> <td width="70%" valign="top"> <div align="left"> <input type="text" name="'.$auth_option[$j]['variable'].'" value="'.$auth_option[$j]['value'].'" class="post" style="width:200px"> </div> </td> </tr>'; } $output .= "</table></div><br></div><div align=center><br><input type=submit name=submit value=Submit class=mainoption></div>"; // introduction file if($task == '') { if(empty($_POST)) { $p->assign($_POST); $p->assign('output', $output); // display form $p->display($option.'.tpl'); } else { // do the auth options for($j=0;$j<count($auth_option);$j++) { $sql = sprintf("REPLACE INTO %sconfig_auth" . "n (`name`, `value`)" . "n VALUES ('%s','%s');" ,$pConfig['db_prefix'],$auth_option[$j]['variable'],(get_magic_quotes_gpc())?$_POST[$auth_option[$j]['variable']]:addslashes($_POST[$auth_option[$j]['variable']])); mysql_query($sql) or die(mysql_error()); } // do the auth required foreach($auth_default as $key=>$value) { $sql = sprintf("REPLACE INTO %sconfig_auth" . "n (`name`, `value`)" . "n VALUES ('%s','%s');" ,$pConfig['db_prefix'],$key,$value); mysql_query($sql) or die(mysql_error()); } mysql_close($link); header('Location: install.php?option='.$next_option); exit; } } else { printError($pLang['invalidOption']); } ?>
Phpbb3
Caché :
Code PHP :
<?php // SECURITY MEASURE DO NOT REMOVE!! defined('_VALID_SETUP') or die('Restricted Access'); include(RAIDER_BASE_PATH.'authentication'.DIRECTORY_SEPARATOR.'phpbb3'.DIRECTORY_SEPARATOR.'phpbb3.configure.php'); include(RAIDER_BASE_PATH.'configuration.php'); // add to database $link = mysql_connect($pConfig['db_server'], $pConfig['db_user'], $pConfig['db_pass']); if(!$link) { $output .= '<font color=red>Unable to connect to database.</font><br>'; $error = 1; } if(!mysql_select_db($pConfig['db_name'])) $output .= '<font color=red>Unable to select database.</font><br>'; else $output .= '<font color=green>Database selected.</font><br>'; $result = mysql_query("SELECT * FROM {$pConfig['db_prefix']}profile"); $count = mysql_num_rows($result); // setup output $output = '<form method="post" action="install.php?option='.$i.'">'; if($count == 0) $output .= '<strong>THE FIRST USER TO VISIT PHPRAIDER AFTER LOGGING INTO THE FORUMS WILL BE SET AS AN ADMINISTRATOR!!!</strong><br><br>'; // each field for configuration $output .= "<div class=contentHeader>Setup Authentication Method</div><br> <div class=contentBody> <div align=center> <table width=100% cellpadding=3 cellspacing=1 border=0>"; for($j=0; $j<count($auth_option); $j++) { if(empty($_POST[$auth_option[$j]['variable']])) { $name = $auth_option[$j]['text']; } else { $name = $_POST[$auth_option[$j]['variable']]; } $output .= '<tr> <td width="30%" valign="top"><div align="right"><strong>'.$auth_option[$j]['text'].':</strong><br>'.$auth_option[$j]['description'].'</div></td> <td width="70%" valign="top"> <div align="left"> <input type="text" name="'.$auth_option[$j]['variable'].'" value="'.$auth_option[$j]['value'].'" class="post" style="width:200px"> </div> </td> </tr>'; } $output .= "</table></div><br></div><div align=center><br><input type=submit name=submit value=Submit class=mainoption></div>"; // introduction file if($task == '') { if(empty($_POST)) { $p->assign($_POST); $p->assign('output', $output); // display form $p->display($option.'.tpl'); } else { // add to database $link = mysql_connect($pConfig['db_server'], $pConfig['db_user'], $pConfig['db_pass']); if(!$link) { $output .= '<font color=red>Unable to connect to database.</font><br>'; $error = 1; } if(!mysql_select_db($pConfig['db_name'])) $output .= '<font color=red>Unable to select database.</font><br>'; else $output .= '<font color=green>Database selected.</font><br>'; // do the auth options for($j=0;$j<count($auth_option);$j++) { $sql = sprintf("INSERT INTO %sconfig_auth" . "n (`name`, `value`)" . "n VALUES ('%s','%s');" ,$pConfig['db_prefix'],$auth_option[$j]['variable'],(get_magic_quotes_gpc())?$_POST[$auth_option[$j]['variable']]:addslashes($_POST[$auth_option[$j]['variable']])); mysql_query($sql) or die(mysql_error()); } // do the auth required foreach($auth_default as $key=>$value) { $sql = sprintf("INSERT INTO %sconfig_auth" . "n (`name`, `value`)" . "n VALUES ('%s','%s');" ,$pConfig['db_prefix'],$key,$value); mysql_query($sql) or die(mysql_error()); } mysql_close($link); header('Location: install.php?option='.$next_option); exit; } } else { printError($pLang['invalidOption']); } ?>
Phpraider (install par défaut)
Caché :
Code PHP :
<?php // SECURITY MEASURE DO NOT REMOVE!! defined('_VALID_SETUP') or die('Restricted Access'); $fields = array( array( 'text'=>'Username:', 'variable'=>'username', 'value'=>'username' ), array( 'text'=>'E-mail:', 'variable'=>'email', 'value'=>'you@yourdomain.com' ), array( 'text'=>'Password:', 'variable'=>'password', 'value'=>'password' ) ); include(RAIDER_BASE_PATH.'authentication'.DIRECTORY_SEPARATOR.'phpraider'.DIRECTORY_SEPARATOR.'phpraider.configure.php'); include(RAIDER_BASE_PATH.'configuration.php'); // add to database $link = mysql_connect($pConfig['db_server'], $pConfig['db_user'], $pConfig['db_pass']); if(!$link) { $output .= '<font color=red>Unable to connect to database.</font><br>'; $error = 1; } if(!mysql_select_db($pConfig['db_name'])) $output .= '<font color=red>Unable to select database.</font><br>'; else $output .= '<font color=green>Database selected.</font><br>'; $result = mysql_query("SELECT * FROM {$pConfig['db_prefix']}profile"); $count = mysql_num_rows($result); // setup output $output = '<form method="post" action="install.php?option='.$i.'">'; if($count == 0) { $output .= ' <div class="contentHeader">phpRaider Installation - Create administrative account</div> <div class="contentBody"> <div align="center"> <table width="100%" cellpadding="3" cellspacing="1" border="0">'; // each field for superuser foreach($fields as $field) { if(!empty($_POST[$field['variable']])) $field['value'] = $_POST[$field['variable']]; $output .= '<tr> <td width="25%"><div align="right"><strong>'.$field['text'].'</strong></div></td> <td width="75%"> <div align="left"> <input type="text" name="'.$field['variable'].'" value="'.$field['value'].'" class="post"> </div> </td> </tr>'; } $output .= '</table></div></div><br>'; } // each field for configuration $output .= "<div class=contentHeader>Setup Authentication Method</div><br> <div class=contentBody> <div align=center> <table width=100% cellpadding=3 cellspacing=1 border=0>"; for($j=0; $j<count($auth_option); $j++) { if(empty($_POST[$auth_option[$j]['variable']])) { $name = $auth_option[$j]['text']; } else { $name = $_POST[$auth_option[$j]['variable']]; } $output .= '<tr> <td width="30%" valign="top"><div align="right"><strong>'.$auth_option[$j]['text'].':</strong><br>'.$auth_option[$j]['description'].'</div></td> <td width="70%" valign="top"> <div align="left"> <input type="text" name="'.$auth_option[$j]['variable'].'" value="'.$auth_option[$j]['value'].'" class="post" style="width:200px"> </div> </td> </tr>'; } $output .= "</table></div><br></div><div align=center><br><input type=submit name=submit value=Submit class=mainoption></div>"; // introduction file if($task == '') { if(empty($_POST)) { $p->assign($_POST); $p->assign('output', $output); // display form $p->display($option.'.tpl'); } else { if($count == 0) { // superuser $sql = "INSERT INTO {$pConfig['db_prefix']}profile" . "n (`username`, `password`, `join_date`," . "n `raids_attended`, `raids_cancelled`, `group_id`, `user_email`)" . " VALUES ('{$_POST['username']}', '".md5($_POST['password'])."'," . "n '".time()."', '0', '0', '1', '{$_POST['email']}')"; mysql_query($sql) or die(mysql_error()); } // do the auth options for($j=0;$j<count($auth_option);$j++) { $sql = "INSERT INTO {$pConfig['db_prefix']}config_auth" . "n (`name`, `value`)" . "n VALUES ('{$auth_option[$j]['variable']}','{$_POST[$auth_option[$j]['variable']]}');"; mysql_query($sql) or die(mysql_error()); } // do the auth required foreach($auth_default as $key=>$value) { $sql = "INSERT INTO {$pConfig['db_prefix']}config_auth" . "n (`name`, `value`)" . "n VALUES ('{$key}','{$value}');"; mysql_query($sql) or die(mysql_error()); } mysql_close($link); header('Location: install.php?option='.$next_option); exit; } } else { printError($pLang['invalidOption']); } ?>
Citation :
En quoi l'installation de la galerie est spécifique au CMS?
Qu'appelles tu la galerie?
ben.popeye Membre non connecté
-
Modérateur
- Voir le profil du membre ben.popeye
- Inscrit le : 04/08/2005
- Site internet
- Groupes :
-
Equipe Historique
Je n'ai pas encore compris à quoi servait install.php, il faut que je me penche plus profondément sur ce problème.
Si il y avait une documentation, on gagnerait beaucoup de temps, mais ça ne semble pas être le cas.
killerman31 Membre non connecté
-
Booster Minigun
- Voir le profil du membre killerman31
- Inscrit le : 25/11/2010
Phpraider est un calendrier.
Il s'installe (à la manière de phpboost) en exécutant via navigateur un fichier install.php.
Ce fichier lance le processus d'installation qui a plusieurs étapes (copie de la BD, écriture du fichier config,etc).
Une de ces étapes est le choix de l'authentification.
Soit le calendrier ne s'intègre pas spécialement dans un CMS et il va avoir sa propre méthode d'authentification, sa propre BD, son propre cookie.
Dans ce cas la, c'est le répertoire PHPRAIDER (et donc les 3 fichiers : configure.php, functions.php et install.php spécifiques au calendrier) qui seront utilisés.
Soit le calendrier s'inscrit dans le cadre d'une utilisation avec un CMS, et le but est de ne pas demander aux utilisateurs de s'inscrire/se connecter 2 fois au lieu d'une.
En gros, il faut que si les utilisateurs qui sont inscrits/connectés sur Phpboost, n'aient pas besoin de le refaire sur Phpraider.
Pour permettre ça, lors de l'installation du calendrier, on a le choix entre plusieurs méthodes d'authentification.
Ce que je cherche à faire c'est mettre en place une méthode authentification alternative à celle de phpraider (comme il en existe pour phpbb, joomla, ou d'autres CMS).
Le but est donc de créer les 3 fichiers (configure.php, functions.php, install.php) spécifiques à phpboost, qui permettent à mon calendrier de ne pas redemander une inscription/connexion supplémentaire à celle de PHPraider.
Alors ensuite, je ne sais pas comment c'est géré techniquement (c'est le contenu des 3 fichiers) et j'espérais qu'ici on puisse me dire, en regardant par analogie ce qui a déjà été fait pour les autres CMS, comment faire.
D'après ce que j'ai compris de ma lecture des 3 fichiers, le install.php et le configure.php sont des fichiers "génériques" ou il n'y a très peu de modification, et que j'ai pu adapter assez simplement.
Par contre, pour adapter le functions.php, il faut bien connaitre le fonctionnement du CMS (c'est surtout la que j'ai besoin de vous
)Si on détaille un peu le fichier:
On vérifie si l'utilisateur existe:
Code PHP :
// no direct access defined('_VALID_RAID') or die('Restricted Access'); function pVerify($user) { global $db_raid, $pConfig; $userdata = array(); if (isset($user) && $user->id>0) { $sql['SELECT'] = '*'; $sql['FROM'] = 'profile'; $sql['WHERE'] = 'profile_id='.intval($user->id); $db_raid->set_query('select', $sql, __FILE__, __LINE__); unset($sql); // if nothing returns we need to create profile // otherwise they have a profile so let's set their ID // we'll just use the Joomla user id as the profile ID to simplify things if($db_raid->sql_numrows() == 0) { // are they a super user? $sql['SELECT'] = '*'; $sql['FROM'] = 'profile'; $sql['WHERE'] = 'profile_id>0'; $check = $db_raid->set_query('select', $sql, __FILE__, __LINE__); unset($sql);
Sinon, on crée l'utilisateur ou si l'utilisateur existe on l'insère dans le bon groupe.
Code PHP :
// nothing returned, create profile $sql['INSERT'] = 'profile'; $sql['VALUES'] = array( 'profile_id'=>intval($user->id), 'user_email'=>$user->email, 'password'=>'', 'group_id'=>(($db_raid->sql_numrows($check) == 0)?1:$pConfig['default_group']), 'username'=>$user->username, 'join_date'=>time()); $db_raid->set_query('insert', $sql, __FILE__, __LINE__); $userdata['group_id'] = $sql['VALUES']['group_id']; $userdata['timezone'] = 0; $userdata['dst'] = 0; } else { // profile exists set group $data = $db_raid->fetch(); $userdata['group_id'] = $data['group_id']; $userdata['timezone'] = $data['timezone']; $userdata['dst'] = $data['dst']; } $userdata['profile_id'] = $user->id; $userdata['session_logged_in'] = 1; $userdata['username'] = $user->username; $userdata['user_email'] = $user->email; } return $userdata; }
Fonction login (si je comprends bien, on renvoi sur l'inscription de phpboost)
Code PHP :
function pLogin() { global $pConfig,$pConfig_auth; // handle redirection because we're not using login_form pRedirect($pConfig_auth['register_url']); exit; }
Fonction logout (si j'ai bien compris, c'est la même chose que le déconnexion sur phpboost)
Code PHP :
function pLogout() { // unset the session and remove all cookies global $mainframe, $dbf; $mainframe->logout(); foreach($_SESSION as $key=>$value) unset($_SESSION[$key]); setcookie('username'); setcookie('password'); session_destroy(); }
Et pour finir (et c'est je pense la partie ou il faut une bonne connaissance de phpboost), on vérifie que ce n'est pas une tentative de hack:
Code PHP :
// Hack checking if (isset($_GET['pConfig_auth[joomla_path]']) || isset($_POST['pConfig_auth[joomla_path]'])) { // add logging when availible here. die('Hack attempt.'); } else { // Set flag that this is a parent file define( '_VALID_MOS', 1 ); require_once($pConfig_auth['joomla_path'].'configuration.php'); require_once($pConfig_auth['joomla_path'].'includes'.DIRECTORY_SEPARATOR.'joomla.php'); $mainframe = new mosMainFrame( $database, '', $pConfig_auth['joomla_path'] ); $mainframe->initSession(); $ses = $mainframe->get('_session'); // Make sure we don't have an anonymous user. if (isset($ses) && $ses->guest == 0) { $userdata = $mainframe->getUser(); $pMain = new Mainframe(pVerify($userdata)); } else { $pMain = new Mainframe(); } }
ben.popeye Membre non connecté
-
Modérateur
- Voir le profil du membre ben.popeye
- Inscrit le : 04/08/2005
- Site internet
- Groupes :
-
Equipe Historique
Le problème c'est que j'ai pas beaucoup de temps et je ne connais pas ou très peu le code des autres CMS. Je ne peux pas me permettre de chercher à comprendre précisément ce que fait le code de chaque CMS pour deviner ce que je dois faire. C'est pour cela que je déplore l'absence de documentation, c'est pourtant crucial ! Ca nous fairait gagner un temps fou !
Alors pour pVerify, si je comprends bien ça vérifie que l'utilisateur existe, sinon ça le crée à partir de $user. D'où sort $user ? A quel endroit on crée l'utilisateur ? Normalement c'est par PHPBoost et pas par le calendrier qu'on devrait créer des utilisateurs.
Pour pLogin et pLogout, je comprends.
Pour vérifier que ce n'est pas une tentative de hacking, je comprends pas bien le code qui est écrit et qui semble correspondre à Joomla!. Aurais-tu plus d'informations à ce sujet ?
Je suis désolé mais je n'ai pas beaucoup de temps. On va peut-être finir par y arriver si j'arrive à résoudre tous les points qui sont encore flous pour moi.
killerman31 Membre non connecté
-
Booster Minigun
- Voir le profil du membre killerman31
- Inscrit le : 25/11/2010
Je te la linke :
Citation :Hi phpboost in a great CMS. But how can i adapt the authentification with phpraider?
you can find Phpboost here : http://www.phpboost.com/download/fil...0-complete.php
I have read what has be done for V bulletin (for example) and my question is, what information content the $user/$vbulletin/$pmain?
Can you explain me how is done the authentification with a CMS (with a cookie, with variables, with bd) ?
Thanks a lot
Et voici la réponse :
Citation :
$pmain is the phpRaider user object for the currently logged on user.
$vbulletin is the mail vBulletin object
$user is the vBulletin user object.
$vbulletin and $user is set by vBulletin and not phpRaider, as you can see here:
Code PHP :include_once($pConfig_auth['vBulletin_path'].'includes'.DIRECTORY_SEPARATOR.'init.php');
init.php is a vBulletin code file that happens to initialize the $vBulletin object.
Code PHP :$user = $vbulletin->userinfo;
is a call to vBulletin to get the currently logged on user.
So how to get the currently logged on user depends on the forum/cms software.
The way I figure out this is to follow the code of the forum/cms to see what functions gets called/what objects are used when a user logs on.
Then I try to replicate the code part needed in the phpRaider authentication module.
For vBulletin, I found out that for vBulletin to authenticate a user for me, I needed this:
Code PHP :
Then I changed the code in the pVerify function of the phpRaider authentication module to fetch the data I need from the $user object that vBulletin creates.
Est ce que ça t'aide?
ben.popeye Membre non connecté
-
Modérateur
- Voir le profil du membre ben.popeye
- Inscrit le : 04/08/2005
- Site internet
- Groupes :
-
Equipe Historique
killerman31 Membre non connecté
-
Booster Minigun
- Voir le profil du membre killerman31
- Inscrit le : 25/11/2010
Non,non, c'est pas pressé
killerman31 Membre non connecté
-
Booster Minigun
- Voir le profil du membre killerman31
- Inscrit le : 25/11/2010
okegima Membre non connecté
-
Booster Fuzil
- Voir le profil du membre okegima
- Inscrit le : 29/06/2010
merci
ReidLos Membre non connecté
-
Modérateur
- Voir le profil du membre ReidLos
- Inscrit le : 27/02/2009
- Site internet
- Groupes :
-
Equipe Développement
Répondre
Vous n'êtes pas autorisé à écrire dans cette catégorie