Created
October 26, 2015 06:50
-
-
Save heiswayi/4ff54a8e12942f97600c to your computer and use it in GitHub Desktop.
PunBB Login Integration from Other Site
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// FILENAME: auto_signin_to_punbb.php | |
// WRITTEN BY: Heiswayi Nrird | |
// Define the path to the forum root | |
define('FORUM_ROOT', './punbb/'); | |
require FORUM_ROOT.'include/common.php'; | |
($hook = get_hook('li_start')) ? eval($hook) : null; | |
// Load the login.php language file | |
require FORUM_ROOT.'lang/'.$forum_user['language'].'/login.php'; | |
// USER INFO CONFIG FROM YOUR SITE DATABASE | |
// IDEA: YOU MAY QUERY YOUR USER DATABASE FROM YOUR SITE AND OUTPUT FOR USERNAME | |
// AND CREATE CUSTOM KEY AS SECOND PASSWORD FOR PUNBB... | |
// MAKE IT AS ANOTHER COLUMN IN YOUR USER TABLE (YOUR SITE) | |
$ishare_username = 'admin'; // USERNAME FROM YOUR SITE MUST BE SAME AS USERNAME IN PUNBB | |
$ishare_keypass = 'password'; // WILL BE USED AS USER PASSWORD IN PUNBB | |
// PunBB config | |
$punbb_url = 'http://localhost/bb/punbb/'; // YOUR LOCATION OF PUNBB INSTALLED | |
$redirect_url = forum_htmlencode($punbb_url); | |
$form_action = forum_link($forum_url['login']); | |
$csrf_token = generate_form_token($form_action); | |
$form_sent = 1; | |
// Initiate integration with PunBB database | |
if ($form_sent == 1) | |
{ | |
$form_username = $ishare_username; | |
$form_password = $ishare_keypass; | |
$save_pass = 0; | |
($hook = get_hook('li_login_form_submitted')) ? eval($hook) : null; | |
// Get user info matching login attempt | |
$query = array( | |
'SELECT' => 'u.id, u.group_id, u.password, u.salt', | |
'FROM' => 'users AS u' | |
); | |
if (in_array($db_type, array('mysql', 'mysqli', 'mysql_innodb', 'mysqli_innodb'))) | |
$query['WHERE'] = 'username=\''.$forum_db->escape($form_username).'\''; | |
else | |
$query['WHERE'] = 'LOWER(username)=LOWER(\''.$forum_db->escape($form_username).'\')'; | |
($hook = get_hook('li_login_qr_get_login_data')) ? eval($hook) : null; | |
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__); | |
list($user_id, $group_id, $db_password_hash, $salt) = $forum_db->fetch_row($result); | |
$authorized = false; | |
if (!empty($db_password_hash)) | |
{ | |
$sha1_in_db = (strlen($db_password_hash) == 40) ? true : false; | |
$form_password_hash = forum_hash($form_password, $salt); | |
if ($sha1_in_db && $db_password_hash == $form_password_hash) | |
$authorized = true; | |
else if ((!$sha1_in_db && $db_password_hash == md5($form_password)) || ($sha1_in_db && $db_password_hash == sha1($form_password))) | |
{ | |
$authorized = true; | |
$salt = random_key(12); | |
$form_password_hash = forum_hash($form_password, $salt); | |
// There's an old MD5 hash or an unsalted SHA1 hash in the database, so we replace it | |
// with a randomly generated salt and a new, salted SHA1 hash | |
$query = array( | |
'UPDATE' => 'users', | |
'SET' => 'password=\''.$form_password_hash.'\', salt=\''.$forum_db->escape($salt).'\'', | |
'WHERE' => 'id='.$user_id | |
); | |
($hook = get_hook('li_login_qr_update_user_hash')) ? eval($hook) : null; | |
$forum_db->query_build($query) or error(__FILE__, __LINE__); | |
} | |
} | |
($hook = get_hook('li_login_pre_auth_message')) ? eval($hook) : null; | |
if (!$authorized) | |
$errors[] = sprintf($lang_login['Wrong user/pass']); | |
// Did everything go according to plan? | |
if (empty($errors)) | |
{ | |
// Update the status if this is the first time the user logged in | |
if ($group_id == FORUM_UNVERIFIED) | |
{ | |
$query = array( | |
'UPDATE' => 'users', | |
'SET' => 'group_id='.$forum_config['o_default_user_group'], | |
'WHERE' => 'id='.$user_id | |
); | |
($hook = get_hook('li_login_qr_update_user_group')) ? eval($hook) : null; | |
$forum_db->query_build($query) or error(__FILE__, __LINE__); | |
// Remove cache file with forum stats | |
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) | |
{ | |
require FORUM_ROOT.'include/cache.php'; | |
} | |
clean_stats_cache(); | |
} | |
// Remove this user's guest entry from the online list | |
$query = array( | |
'DELETE' => 'online', | |
'WHERE' => 'ident=\''.$forum_db->escape(get_remote_address()).'\'' | |
); | |
($hook = get_hook('li_login_qr_delete_online_user')) ? eval($hook) : null; | |
$forum_db->query_build($query) or error(__FILE__, __LINE__); | |
$expire = ($save_pass) ? time() + 1209600 : time() + $forum_config['o_timeout_visit']; | |
forum_setcookie($cookie_name, base64_encode($user_id.'|'.$form_password_hash.'|'.$expire.'|'.sha1($salt.$form_password_hash.forum_hash($expire, $salt))), $expire); | |
($hook = get_hook('li_login_pre_redirect')) ? eval($hook) : null; | |
redirect(forum_htmlencode($punbb_url).((substr_count($redirect_url, '?') == 1) ? '&' : '?').'login=1', $lang_login['Login redirect']); | |
} | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment