[geeklog-devtalk] phpBBBridge
Turias
geeklog at sebastiancelis.com
Tue Aug 24 00:30:28 EDT 2004
Blaine,
I do have to execute some session restore logic on each page load, but I
do that in a short snippet at the top of my functions.inc file, which is
included at the end of each lib-common load. But this is different than
the initial login. The CMS Bridge would actually sync the user databases
and login on each page load, but I found that to be quite excessive.
Instead, I only login to phpBB when the user logs in to the system. Once
Geeklog confirms that the user is who they say they are (by checking the
user's password), my plugin runs some phpBB code to initiate the session.
The session is kept alive though cookies, a sessions table in the
database, and a couple function calls at the top of functions.inc. This
is exactly how phpBB keeps sessions alive when you install it by itself.
The examples I gave are indeed Geeklog code. I didn't put any phpBB code
in my previous e-mail. I was just giving suggestions as to where I
thought the new plugin API calls should go. Sorry if it was confusing.
You mentioned custom API hooks for add/edit/delete user. I do use those,
but they weren't enough. For example, let's say that a root user clicks
on the user administration page, and then on the username for user1. The
root user wants to manually change user1's password (which I have had to
do for some of my less technically inclined users who did not trust the
"Forget Password" function). There is no plugin hook for this action.
But, I need there to be one so that I can update the password field in the
phpBB database no matter who changes it.
I agree that the preferences hooks should mimic the 4 account information
hooks. I've been thinking, though, is it necessary to split these
prefs/account information into 2 categories? Both me and some of my users
have occasionally gotten confused as to which options are located on which
page. This is probably because other systems (like phpBB and vBulletin)
put all of these on a single page. Maybe it would be more helpful to
create a single page for Geeklog's options, as well? Or maybe one main
options page that links to smaller, more refined options pages? But I
guess that's a different topic, altogether. :)
- Turias
> Turias,
>
> It may be handy to have a Plugin API call for login and logout but I
> wonder
> .. do you not have to execute this session restore logic on every page
> load
> for security reasons and since the $_USER array is reloaded by Geeklog ?
>
> The logic that you noted below for example 1 looks like Geeklog code from
> lib-sessions so I'm confused if this is PHPBB session code or not.
>
> There are the Custom API hooks already for add/edit/delete user that
> support
> both the user self-registration, moderation and admin user admin
> operations.
> I wonder why you would not use these hooks. It's what I use when I
> integrate
> GL into another application.
>
> We have the API's that are called to display/edit/save Profile related
> screen changes but not the preferences page. I've sometimes wanted the
> Preferences page as well and ended up just adding it to the Profile page.
> We
> would probally need to implement something similar that Dirk did when he
> added the (4) Profile related API calls.
>
> Blaine
> ----- Original Message -----
> From: "Turias" <geeklog at sebastiancelis.com>
> To: <geeklog-devtalk at lists.geeklog.net>
> Sent: Monday, August 23, 2004 8:20 PM
> Subject: [geeklog-devtalk] phpBBBridge
>
>
> Greetings, everyone.
>
> I recently posted the following thread on www.geeklog.net:
> http://www.geeklog.net/forum/viewtopic.php?forum=8&showtopic=39370
>
> It discusses a phpBB-GeekLog integration that I have in the works. In
> that thread, I mentioned that it requires a few small changes to the core
> (just some extra plugin API calls). Dirk suggested I post them here so
> that they might make it into the core by 1.3.10 or the following version.
>
> First, I need an API call for each time a user logs in or out of GeekLog.
> This is so that I can run the appropriate phpBB session-handling code. I
> placed both of these in users.php.
>
> API call #1 (users.php):
> if (!empty($passwd) && $mypasswd == md5($passwd)) {
> DB_change($_TABLES['users'],'pwrequestid',"NULL",'username',$loginname);
> $userdata = SESS_getUserData($loginname);
> $_USER=$userdata;
> $sessid = SESS_newSession($_USER['uid'], $REMOTE_ADDR,
> $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
> SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'],
> $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'],
> $_CONF['cookiesecure']);
>
> PLG_callFunctionForAllPlugins ('plugin_login_');
>
>
>
> API call #2 (users.php):
> case 'logout':
> if (!empty($_USER['uid']) AND $_USER['uid'] > 1) {
> SESS_endUserSession($_USER['uid']);
> }
> setcookie ($_CONF['cookie_session'], '', time() - 10000,
> $_CONF['cookie_path'], $_CONF['cookiedomain'],
> $_CONF['cookiesecure']);
> setcookie ($_CONF['cookie_name'], '', time() - 10000,
> $_CONF['cookie_path'],
> $_CONF['cookiedomain'], $_CONF['cookiesecure']);
>
> PLG_callFunctionForAllPlugins ('plugin_logout_');
>
> $display = COM_refresh($_CONF['site_url'] . '/index.php?msg=8');
> break;
>
>
> Ideally, there needs to be a plugin API call made each time a user's info
> is changed. If a user changes their main account information (password,
> homepage, email address, etc), I can leverage plugin_profileextrassave_,
> even if that isn't what it was made for.
>
> I did need 2 calls to determine any time an existing user is edited by an
> admin, especially when they are granted or denied root privileges. So, I
> did the following:
>
> API call #3 (admin/user.php):
> DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE
> (ug_uid = $uid) AND " . $whereGroup);
> if (!empty($groups)) {
> for ($i = 1; $i <= sizeof($groups); $i++) {
> if (in_array (current ($groups), $UserAdminGroups)) {
> if ($_USER_VERBOSE) COM_errorLog("adding
> group_assignment " . current($groups) . " for
> $username",1);
> $sql = "INSERT INTO
> {$_TABLES['group_assignments']} (ug_main_grp_id,
> ug_uid) VALUES (" . current($groups) . ",$uid)";
> DB_query($sql);
> }
> next($groups);
> }
> }
>
> PLG_callFunctionForAllPlugins ('plugin_savedusergroups_');
>
>
>
>
> API call #4 (admin/user.php):
> DB_query("UPDATE {$_TABLES['users']} SET username =
> '$username', fullname = '$fullname', passwd = '$passwd', email
> = '$email', homepage = '$homepage', photo = '$curphoto' WHERE
> uid = $uid");
> if ($_CONF['custom_registration'] AND
> (function_exists('custom_usersave'))) {
> custom_usersave($uid);
> }
>
> PLG_callFunctionForAllPlugins ('plugin_adminediteduser_');
>
>
>
> Finally, I needed a call to tell me when the user had updated their
> preferences. This isn't necessary, as users can always update their
> preferences on both systems, but it makes it much more convenient for the
> user to simply edit their preferences in one place.
>
>
> API call #4 (usersettings.php):
> DB_query("UPDATE {$_TABLES['userprefs']} SET
> noicons='{$A['noicons']}', willing='{$A['willing']}',
> dfid='{$A['dfid']}', tzid='{$A['tzid']}',
> emailfromadmin='{$A['emailfromadmin']}',
> emailfromuser='{$A['emailfromuser']}', showonline='{$A['showonline']}'
> WHERE uid='{$_USER['uid']}'");
>
> PLG_callFunctionForAllPlugins ('plugin_userprefssaved_');
>
>
>
> Thanks,
> Turias
> _______________________________________________
> geeklog-devtalk mailing list
> geeklog-devtalk at lists.geeklog.net
> http://lists.geeklog.net/listinfo/geeklog-devtalk
>
> _______________________________________________
> geeklog-devtalk mailing list
> geeklog-devtalk at lists.geeklog.net
> http://lists.geeklog.net/listinfo/geeklog-devtalk
>
More information about the geeklog-devtalk
mailing list