[BETA]External phpBB Login

Released 06-12-06

Hey,

This mod I made was simple and very usefull to many that I know.

It allow you to integrate phpBB login system with your website that supports PHP.

It also can display user info when they are logged in, such as private messages, or other info. But it not in phpBB, its either on a outside website or a sub directory to phpBB.

I attached the file with a sample file to test it out with.

You have to edit the phpbb_login.php

where its shows

Code:

Code:

$phpbb_root_path = 'forum/'; // Must be defined to your board location

Make sure it point to your board direcory

If you need more help contact me.

*Update
I have updated the codes, so it should handle better now with your forum, incase a wrong password or username is used.

Also I have added an extra feature, which will let you display forum "Online Statistic" externally. That feature was requested, so I decided to add it aswell, now its one of the external features. I would be glad to take a few more request before I move along with another project.

-Kam

phpBB2.de User Anmeldungsdatum: 02.12.2003 Beiträge: 125 Wohnort: JUBAIL

Very nice mod

thank you

phpBB2.de User Anmeldungsdatum: 21.03.2006 Beiträge: 4

When my $phpbb_root_path is set to a http:// address.
For example http://foobar.com/forums
I get his error

Code:

Hacking attempt
Fatal error: Call to undefined function session_pagestart() in /home2/noveisne/public_html/bill/site/login.php on line 9

Any help?

It must be based on folder directory.

For example
Your main site is "public_html\", and your forum is "public_html\forum\", you would put "./forum/" for $phpbb_root_path. I hope its not confusing.

phpBB2.de User Anmeldungsdatum: 21.03.2006 Beiträge: 4

Edit: I've got it working.
Thanks for the awesome script!

phpBB2.de User Anmeldungsdatum: 21.03.2006 Beiträge: 4

I've got a new problem now, when the script redirects you back to the page you set it too.
It has the variable sid with it.
But once you click a different link, that variable isn't in the address bar anymore, and the page acts like the user is logged out(shows the login form) even when they are still logged in.

When you create the login form, did you use the varibles $user_logged_in?

For example this is how your form can look like.

Code:

<?
if($user_logged_in) // User is logged in
{
echo $user['username']; //prints the username
}

if(!$user_logged_in) // User is not logged in
{
?>
Your form here
<?
}
?>

phpBB2.de User Anmeldungsdatum: 21.03.2006 Beiträge: 4

It works on my personal computer (that's setup with apache etc)
But on my web host it does not, so what are you using in the script that a webhost would turn off for security reasons?

The scripts runs based on your phpBB forum cookies. In the phpBB ACP, make sure the cookie domain is set like this.

Code:

Cookie domain: .<yourdomain.com>
Cookie name: phpbb2mysql
Cookie path: /
Cookie secure: Disabled
Session length [ seconds ]: 3600

For cookie domain there must be a dot in front, so it will allow, subdomains and folders as well.

When you look at the phpbb.php file that you get with this mod you will se

Zitat:

Useage: You must create an PHP document to use this script.
Linking it by using include("phpbb.php"); .

Usable Varibles:
$online_userlist - Displays logged in users
$l_online_users - Display online stats

If you do not know how, feel free to use this one, just save it as a php file:

Code:

<?php
include("phpbb.php");
?>

<html dir="ltr">
<head>
</head>
<body bgcolor="#000000">

<?php
if(!$userdata['session_logged_in'])
{
?>


<form action="phpbb.php" method="post">



<table width="150" BORDERCOLOR="Black" border="1" align="center">

<tr>
<td><table border="0" cellpadding="3" cellspacing="1" width="100%">
<tr>
<td width="45%" align="center"><span class="gen"><font face="arial" size="2" color="#C00000">Username:</font></span></td>
</tr>
<tr>
<td align="center">
<input type="text" name="username" size="10" maxlength="40" value="" />
</td>
</tr>
<tr>
<td align="center"><span class="gen"><font face="arial" size="2" color="#C00000">Password:</font></span></td>
</tr>
<tr>
<td align="center">
<input type="password" name="password" size="10" maxlength="32" />
</td>
</tr>
<tr align="center">
<td colspan="2"><span class="gen"><font face="arial" size="2" color="#C00000">Automatic login</font> <input type="checkbox" name="autologin" /></span></td>
</tr>
<tr align="center">
<td colspan="2"><input type="hidden" name="redirect" value="" /><input type="submit" name="login" class="mainoption" value="Log in" /></td>
</tr>
<tr align="center">
<td colspan="2"><span class="gensmall"><a href="profile.php?mode=sendpassword" class="gensmall"> <font face="arial" size="2">I forgot my password</font></a></span></td>
</tr>
</table>


</form>
<?php
}
?>


<tr>
<td>
<center>

<?php
if($userdata['session_logged_in'])
{
print'Welcome';
echo "<br />";
$avatar_img = ( $board_config['allow_avatar_upload'] ) ? '<img src="http://' . $board_config['server_name'] . $board_config['script_path'] . $board_config['avatar_path'] . '/' . $userdata['user_avatar'] . '" alt="" border="0" />' : '';
print($avatar_img);

echo "<br />";
print('<a href="phpbb.php?logout">'.$userdata['username'].'</a>');

}
?>
</center>
<br>
<hr>
<?php
{
echo "<br />";
print $online_userlist;
}
?>
<br>
<hr>
<?php
{
echo "<br />";
print $l_online_users;
}
?>
</td>
</tr>
</table>

</font>


</td>
</tr>
</table>

</body>
</html>

phpBB2.de User Anmeldungsdatum: 25.09.2006 Beiträge: 3

I am pretty sure that this is the solution I'm looking for. I've tested it out using the two pages you provided (original download and login code provided in subsequent post).

Here is what I would like to do with it:

Include a snippet of php code on several pages which I want reserved for "members only" section of my site.

When someone attempts to view any members only pages their login status is checked by the code snippet.

If they are logged in, they are allowed to view the page.

If they are not logged in, they are redirected to the login page.

Upon successful login, they are redirected back to the original page they were trying to view.

This solution seems to do 80% of what I need it to as-is. I've tested out a half-dozen other solutions in the last couple of weeks and this one is by far superior, and easier to implement than any of the others.

Is this possible to do what I want, and if so, what would be the code I need to include on a secured webpage? How would I modify the login page to redirect back to entry page?

Thanks.

Since the session varible is global you can use the same method from phpBB.

Code:

if(!$userdata['session_logged_in'])
{
redirect($phpbb_root_path."login.php?redirect=../".$HTTP_SERVER_VARS['PHP_SELF']);
}

Put that along with

Code:

include("phpbb.php");

to any external page you want, only for members. If they are not logged in, they will be redirected to the login page and after logging in, redirected back to the page.

Let me know if thats the way you want it.

phpBB2.de User Anmeldungsdatum: 25.09.2006 Beiträge: 3

Thanks for your help. What you've described looks to be exactly what I want. It seems to be working, sort of. When I'm logged in, I can view the page fine with no issues. But when I've logged out, I get the following errors/warnings:

Zitat:

Warning: Cannot modify header information - headers already sent by (output started at /home/content/m/a/c/macosx86/html/login/testpage.php:2) in /home/content/m/a/c/macosx86/html/phpBB2/includes/sessions.php on line 366

Warning: Cannot modify header information - headers already sent by (output started at /home/content/m/a/c/macosx86/html/login/testpage.php:2) in /home/content/m/a/c/macosx86/html/phpBB2/includes/sessions.php on line 367

Warning: Cannot modify header information - headers already sent by (output started at /home/content/m/a/c/macosx86/html/login/testpage.php:2) in /home/content/m/a/c/macosx86/html/phpBB2/includes/functions.php on line 941

Now, I'm thinking that I missed an easy step somewhere but I can't seem to find it.

I'm using three files to test this:

phpbb.php <- with $phpbb_root_path set to "../phpBB2"
login.php <- using the example code specified above by stebbi67
testpage.php <- using the code snippet first thing in the page as you specified.

The code snippet on testpage.php is:

Code:

<?php
include("phpbb.php");
if(!$userdata['session_logged_in'])
{
redirect($phpbb_root_path."login.php?redirect=../".$HTTP_SERVER_VARS['PHP_SELF']);
}
?>

My folder structure is as follows:

/public_html/
../login
...../phpbb.php
...../login.php
...../testpage.php
../phpBB2/

When accessed directly, the login.php page works great; it actuates a login to the forum as expected. However the testpage.php is the one producing the aforementioned warnings when I am not logged in. As I'm looking at testpage.php code, I don't see that there is a hook to redirect to login.php, which is what I would like. How would I add that?

Any ideas on the errors?

Thanks.

The error show because you have the code snipplet somewhere in the middle of the script.

It should be the first line of the script, for example.

Code:

<?php
include("phpbb.php");
if(!$userdata['session_logged_in'])
{
redirect($phpbb_root_path."login.php?redirect=../".$HTTP_SERVER_VARS['PHP_SELF']);
}
?>

There cant be any spaces before <?php

phpBB2.de User Anmeldungsdatum: 25.09.2006 Beiträge: 3

Thank you!

I had a comment field above the code. I've removed it and things work perfectly now.