As my forums are a subdirectory (/forums) of my main site, I decided to use a SESSION to work out if a user is currently signed into my current system.
To get the sessions to work in PHPBB (it doesn't use sessions by default), I had to add session_start(); to the index.php
This allowed me to be able to use the sessions from my current system in PHPBB.
Now the below code (I called it dashboard.php), allows a user to user the sign in to PHPBB with my dashboard login details, and also create a user if one didn't exist. If the user didn't exist it would also add the custom profile field called display_name (you have to add this as a custom_field in the ACP), which if you see my other page on changing the display name Click Here it will allow user to use there custom name from your own application on PHPBB.
I have edited out the SQL queries as there for my system, but hopefully the below should give you an idea on how to do it. You can follow these instructions on how to install it
namespace phpbb\auth\provider;
class dashboard extends \phpbb\auth\provider\base
{
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext)
{
$this->db = $db;
$this->config = $config;
$this->passwords_manager = $passwords_manager;
$this->request = $request;
$this->user = $user;
$this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $php_ext;
$this->phpbb_container = $phpbb_container;
}
public function login($username = null,$password = null)
{
$username = filter_var(trim($username),FILTER_SANITIZE_EMAIL);
$password = filter_var(trim($password),FILTER_SANITIZE_STRING);
if(!$password)
{
return array('status' => LOGIN_ERROR_PASSWORD,'error_msg' => 'NO_PASSWORD_SUPPLIED','user_row' => array('user_id' => ANONYMOUS));
}
if(!$username)
{
return array('status' => LOGIN_ERROR_USERNAME,'error_msg' => 'LOGIN_ERROR_USERNAME','user_row' => array('user_id' => ANONYMOUS));
}
// SQL QUERY TO YOUR OWN DB Goes here, user this to work out who the user is based on the username / password
$q = "";
$result = $this->db->sql_query($q);
$userDetails = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
if(!empty($userDetails))
{
return $this->format_userdetails($userDetails,$password);
}
return array('status' => LOGIN_ERROR_EXTERNAL_AUTH,'error_msg' => 'EXTERNAL_AUTH_FAILURE','user_row' => array('user_id' => ANONYMOUS));
}
public function autologin()
{
// Check if Current User is signed in
if(!empty($_SESSION["secure"]))
{
$user = $_SESSION["secure"];
if(!empty($user["user_id"]) && !empty($user["user_uid"]))
{
// SQL Query to your own db here, I use a $_SESSION called secure with a unique user_id and uid to find user if logged in
$q = "";
$result = $this->db->sql_query($q);
$userDetails = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
if(!empty($userDetails))
{
$results = $this->format_userdetails($userDetails,$userDetails["password"]);
if(empty($results["error_msg"]) AND !empty($results["user_row"]) AND !empty($results["status"]))
{
if($results["status"] == LOGIN_SUCCESS) // If Success Auto Login
{
return $results["user_row"];
}
}
}
}
}
return array();
}
/**********************************
Internal Functions
**********************************/
// Format Remote User Details, Find user on Forums or return new
private function format_userdetails($remoteUser,$password = null)
{
$forumUser = $this->find_user($remoteUser["email"]);
// User Exists on System
if(!empty($forumUser))
{
// Inactive User
if($forumUser["user_type"] == USER_INACTIVE || $forumUser["user_type"] == USER_IGNORE)
{
return array("status" => LOGIN_ERROR_ACTIVE,"error_msg" => "ACTIVE_ERROR","user_row" => $forumUser);
}
}
else // New User
{
$newUser["username"] = $remoteUser["email"];
$newUser["user_password"] = phpbb_hash($password);
$newUser["user_email"] = $remoteUser["email"];
$newUser["user_type"] = USER_NORMAL;
$newUser["group_id"] = 5; // Set this to what you want your default group to be
// Create New User then return data Again
if (!function_exists('user_add'))
{
include($this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext);
}
user_add($newUser,array("pf_display_name" => $remoteUser["display_name"])); // argument for custom data (array key)
$forumUser = $this->find_user($remoteUser["email"]);
}
if(empty($forumUser["group_id"]))
{
return array("status" => LOGIN_ERROR_ACTIVE,"error_msg" => "ACTIVE_ERROR","user_row" => $forumUser);
}
$status["status"] = LOGIN_SUCCESS;
$status["error_msg"] = false;
$status["user_row"] = $forumUser;
return $status;
}
private function find_user($email)
{
$q = "SELECT * FROM " . USERS_TABLE . " WHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($email)) . "' LIMIT 1";
$result = $this->db->sql_query($q);
$forumUser = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
return $forumUser;
}
}
No comments:
Post a Comment