Bridging a login between two scripts

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Longhorn
Forum Newbie
Posts: 1
Joined: Sun Oct 12, 2008 12:03 pm

Bridging a login between two scripts

Post by Longhorn »

I am attempting to bridge a log in between an undisclosed script and phpBB3. I already completed a registration bridge but cannot figure out the log in part. I am an experienced programmer but kind of new to php and databases - I will post what I have tried with the bridge.

Here is the original login.php:

Code: Select all

session_start();
require_once('./includes/incglobal.php');
 
function exec_redirect($header = 'Redirecting', $message = 'Please wait while we redirect you...', $delay = 5, $url = 'index.php')
{
    global $config;
    
    return "
        <br />
        <META HTTP-EQUIV=\"refresh\" content=\"{$delay};URL={$config['scripturl']}/{$url}\">
        <table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\" style=\"background-color:black;text-align:center;\">
            <tr style=\"background-color:{$config['altcolora']};\">
                <td width=\"100%\" valign=\"middle\" colspan=\"2\" style=\"background:url({$config['bg']});text-align:center;\">
                    <strong>{$header}</strong>
                </td>
            </tr>
            <tr style=\"background-color:{$config['altcolorb']};\">
                <td width=\"100%\" valign=\"middle\" style=\"text-align:center;\">
                    {$message}
                </td>
            </tr>
        </table><br /><br /><br /><br />
    ";
}
 
/**
 * randomString() - Generates a random string of an arbitrary length (default = 8); used in Hash and SessionID generations
 * 
 * @param integer $length
 * @return
 */
function randomString($length = 8)
{
    $chars = "abcdefghijklmnopqrstuvwxyz0123456789";
    srand((double)microtime()*1000000);
    $i = 0;
    $foo = '';
 
    while ($i < $length)
    {
        $num = rand() % 33;
        $tmp = substr($chars, $num, 1);
        $foo = $foo . $tmp;
        $i++;
    }
    
    return $foo;
}
 
 
 
switch($act)
{
    case 'setlogin':
        set($login);
        break;
    case 'logout':
        logout();
        break;
    case 'forgotpw':
        forgotpw($login);
        break;
    case 'sendpass':
        sendpass();
        break;
    default:
        login($mes);
        break;
}
 
function login($mes)
{
    global $config;
 
    if (isset($_COOKIE['user']))
    {
        $out['body'] .= "
            <br />
            <table width=\"90%\" border=\"0\" cellspacing=\"1\" cellpadding=\"1\" style=\"background-color:black;text-align:center;\">
            <tr style=\"background-color:{$config['altcolora']};\">
                <td width=\"100%\" valign=\"middle\" colspan=\"2\" style=\"background:url({$config['bg']});text-align:center;\">
                    <strong>Login</strong>
                </td>
            </tr>
            <tr style=\"background-color:{$config['altcolorb']};\">
                <td width=\"100%\" valign=\"middle\" style=\"text-align:center;\">
                    <strong>You are already logged in!</strong>
                </td>
            </tr>
            </table>
            <br /><br /><br /><br />
        ";
    }
    else
    {
        $out['body'] .= "
            <br />
            <form method=\"post\" action=\"./login.php\">   
            <table align=\"center\" width=\"400\" border=\"0\" cellspacing=\"1\" style=\"background-color:black;\" cellpadding=\"1\">
            <tr style=\"background-color:{$config['altcolor']};\">
                <td style=\"background:url({$config['bg']});text-align:left;\" width=\"100%\" valign=\"middle\" colspan=\"2\">
                    <strong>Login</strong>
        ";
        
        if(isset($mes))
        {
            $out['body'] .= "<span style=\"color:red;\">(Incorrect Login)</span>";
        }
        
        $out['body'] .= "
                </td>
            </tr>
            <tr style=\"background-color:{$config['altcolorb']};\">
                <td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">
                    Username
                </td>
                <td width=\"60%\" valign=\"middle\" style=\"text-align:left;\">
                    <input type=\"text\" name=\"login[name]\" class=\"input\" value=\"{$login['name']}\" size=\"32\" maxlength=\"15\" />
                </td>
            </tr>
            <tr style=\"background-color:{$config['altcolorb']};\">
                <td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">
                    Password
                </td>
                <td width=\"60%\" valign=\"middle\" style=\"text-align:left;\">
                    <input type=\"password\" class=\"input\" name=\"login[pass]\" value=\"\" size=\"32\" maxlength=\"20\" />
                </td>
            </tr>
            <tr style=\"background-color:{$config['altcolorb']};\">
                <td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">Login Length</td>
                <td width=\"60%\" valign=\"middle\" style=\"text-align:left;\">
                    &nbsp;&nbsp;
                    <select class=\"button\" name=\"login[clength]\">
                        <option value=\"60\">1 Hour</option>
                        <option value=\"1440\">1 Day</option>
                        <option value=\"10080\">1 Week</option>
                        <option value=\"43200\">1 Month</option>
                        <option value=\"83200\" selected=\"selected\">Forever</option>
                    </select>
                </td>
            </tr>
            <tr style=\"background-color:{$config['altcolorb']};\">
                <td>
                    <a href=\"./register.php\">Register Now!</a>
                </td>
                <td width=\"100%\" valign=\"top\" style=\"text-align:right;\">
                    <input type=\"hidden\" name=\"act\" value=\"setlogin\" />
                    <input type=\"submit\" class=\"button\" name=\"submit\" value=\"Login >>\" />
                </td>
            </tr>
            </table>
            </form><br /><br />
            
            <form method=\"post\" action=\"./login.php\">           
            <table align=\"center\" width=\"400\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\" style=\"background-color:black;text-align:center;\">
                <tr style=\"background-color:{$config['altcolora']};\">
                    <td width=\"100%\" valign=\"middle\" colspan=\"2\" style=\"background:url({$config['bg']});text-align:left;\">
                        <strong>Forgot Password?</strong>
                    </td>
                </tr>
                <tr style=\"background-color:{$config['altcolorb']};\">
                    <td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">
                        E-Mail
                    </td>
                    <td width=\"60%\" valign=\"middle\" style=\"text-align:center;\">
                        <input type=\"text\" name=\"login[email]\" class=\"input\" value=\"\" size=\"25\" maxlength=\"50\" />
                    </td>
                </tr>
                <tr style=\"background-color:{$config['altcolorb']};\">
                    <td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">
                        <img src=\"./includes/captcha.php\" alt=\"Captcha!\" />
                    </td>
                    <td width=\"60%\" valign=\"middle\" style=\"text-align:center;\">
                        Enter the text you see in the image.<br />
                        <input class=\"input\" type=\"text\" name=\"login[capt]\" value=\"\" size=\"40\" maxlength=\"13\" />
                    </td>
                </tr>
                <tr style=\"background-color:{$config['altcolorb']};\">
                    <td width=\"100%\" valign=\"top\" style=\"text-align:right;\" colspan=\"2\">
                        <input type=\"hidden\" name=\"act\" value=\"forgotpw\" />
                        <input type=\"submit\" class=\"button\" name=\"submit\" value=\"Resend >>\" />
                    </td>
                </tr>
            </table>
            </form><br /><br />
        ";
    }
 
    require_once($config['html']);
}
 
function set($login)
{
    global $config;
 
    $login['pass'] = md5(md5($login['pass']));
 
    $foo = mysql_query("
        SELECT id, act
        FROM members
        WHERE name = '{$login['name']}' AND password = '{$login['pass']}'
    ");
 
    if(!mysql_num_rows($foo))
    {
        error('You have specified an Invalid Login ID and or Password!');
    }
    
    $bar = mysql_fetch_array($foo, MYSQL_ASSOC);
 
    if(!$bar['act'])
    {
        error('Your account has not yet been activated. To activate your account, you must click the link provided in your welcome email.');
    }
 
    //Set Cookies
    setcookie('tid', $bar['id'], time() + (60 * $login['clength']));
    setcookie('user', $login['name'], time() + (60 * $login['clength']));
    setcookie('pass', $login['pass'], time() + (60 * $login['clength']));
 
    $out['body'] = exec_redirect('Login', 'Please wait while you are logged in', 0, 'index.php?action=myhome');
 
    require_once($config['html']);
}
 
function logout()
{
    global $config;
 
    setcookie('tid', '', time() - (60 * 83200));
    setcookie('user', '', time() - (60 * 83200));
    setcookie('pass', '', time() - (60 * 83200));
 
    $out['body'] = exec_redirect('Logout', 'You have been successfully logged out', 2, 'index.php');
 
    require_once($config['html']);
}
 
function forgotpw($login)
{
    global $config;
 
    $members = mysql_query("SELECT id, name, password, email FROM members WHERE email='{$login['email']}'");
    $member = mysql_fetch_array($members);
 
    $code = md5(md5($member['password']));
 
    if(!mysql_num_rows($members))
    {
        error('Unable to find member.');
    }
 
    if ($_SESSION['capt'] != $login['capt'])
    {
        error('The text you entered for verification was wrong.');
    }
    
    $email['body'] = "
        Hello {$member['name']},\n
 
        If you did not request your password, disregard this email.
        A password reset has been requested for your account. To reset your password, click the following link. 
        {$config['sitelink']}/login.php?act=sendpass&id={$member['id']}&code={$code}
 
        Thanks,
        {$config['sitename']}
        {$config['sitelink']}
    ";
    
    $email = array(
        'toname'     => $member['name'],
        'toemail'    => $login['email'],
        'subject'    => "{$config['sitename']} Password Reset Request",
        'fromname'   => $config['sitename'],
        'fromemail'  => $config['sitemail'],
        'replyname'  => $member['name'],
        'replyemail' => $member['email'],
        'body'       => str_replace("\t", "", ltrim($email['body'])),
    );  
    
    email($email);  
 
    $out['body'] .= "
        <br />
        <table width=\"450\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"2\" style=\"background-color:black;text-align:center;\">
        <tr style=\"background-color:{$config['altcolora']};\">
            <td width=\"100%\" style=\"background:url({$config['bg']});text-align:center;\" valign=\"middle\" colspan=\"5\">
                <b>{$config['sitename']} Forgot Password</b>
            </td>
        </tr>
        <tr style=\"background-color:{$config['altcolor']};\">
            <td width=\"100%\" style=\"background-color:{$config['tablex']};text-align:center;\" valign=\"middle\" colspan=\"5\">
                Your password reset link has been sent to your email.
            </td>
        </tr>
        </table>
        <br /><br /><br />
    ";
 
    require_once($config['html']);
}
 
function sendpass()
{
    global $config, $id, $code;
 
    $member = mysql_query("SELECT * FROM members WHERE id='{$id}'");
    $member = mysql_fetch_array($member);
    $oldpass = md5(md5($member['password']));
 
    if($code != $oldpass)
    {
        error('Invalid Link');
    }
 
    $password = randomString(); 
    
    $hash = md5(md5($password));
    $update = mysql_query("UPDATE members SET password = '{$hash}' WHERE id = '{$id}'");
 
    $email['body'] = "
        Hello {$member['name']},\n
        Your new password is as follows: {$password}
        Please write it down or store it somewhere safe.\n
        Thanks,
        {$config['sitename']}
        {$config['sitelink']}
    ";
    
    $email = array(
        'toname'     => $member['name'],
        'toemail'    => $member['email'],
        'subject'    => "{$config['sitename']} New Password",
        'fromname'   => $config['sitename'],
        'fromemail'  => $config['sitemail'],
        'replyname'  => $member['name'],
        'replyemail' => $member['email'],
        'body'       => str_replace("\t", "", ltrim($email['body'])),
    );
    
    email($email);
 
    $out['body'] .= "
        <br />  
        <table width=\"450\" border=\"0\" align=\"center\ cellspacing=\"1\" cellpadding=\"2\" style=\"background-color:black;text-align:center;\">
        <tr style=\"background-color:{$config['altcolor']};\">
            <td width=\"100%\" style=\"background:url({$config['bg']});text-align:center;\" valign=\"middle\" colspan=\"5\">
                <strong>{$config['sitename']} Forgot Password</strong>
            </td>
        </tr>
        <tr style=\"background-color:{$config['altcolor']};\">
            <td width=\"100%\" style=\"background-color:{$config['tablex']};text-align:center;\" valign=\"middle\" colspan=\"5\">
                Your password has been reset. Your new password is {$password}.
            </td>
        </tr>
        </table><br /><br /><br />
    ";
 
    require_once($config['html']);
}
 
?>
Here is the login bridge I attempted (which i put right at the end):

Code: Select all

 
define( "IN_PHPBB", true );
$phpbb_root_path = './forum/';
$phpEx = substr( strrchr( __FILE__, "." ), 1 );
require($phpbb_root_path . "common." . $phpEx );
require($phpbb_root_path . "includes/functions_user." . $phpEx );
require($phpbb_root_path . "includes/functions_module." . $phpEx );
$user->session_begin();
 
$result = $auth->login( $login['name'], $login['pass']);
 
if ( $result[ "status" ] == LOGIN_SUCCESS )
{
// redirect
}
I'm not sure if my coding is wrong, if my variables are wrong, or if this will even work. I have been at this for about a week, so any help would be appreciated.
Post Reply