Jump to content



Photo
- - - - -

pbpBB2 and osC shared account creation


  • Please log in to reply
213 replies to this topic

#61   digi100

digi100
  • Members
  • 18 posts
  • Real Name:Gustl

Posted 03 January 2007 - 19:50

I too was confused by this.

The way I do it now is to install oscommerce first, then instantly delete John Doe and create a new user which will be the root login he will get customer_id 2

then when you install phpbb2 it will give your admin user user_id 2 by default so no need to change anything in phpMyAdmin


Alex, Ross,
Thankl for your assistance! I'll try it and let you know.
Daniel

#62   rossoe

rossoe
  • Members
  • 58 posts
  • Real Name:Ross

Posted 03 January 2007 - 20:04

Alex

When I go onto the forum as a guest and click on for example the memberlist and try to click on any user - The login section comes up as it should and I fill in and click login - it then takes me back to the the forum ! is it possible for the file to remember where the user wanted to go (members profile section) instead of defaulting to main forum page ?

Ross

#63   rossoe

rossoe
  • Members
  • 58 posts
  • Real Name:Ross

Posted 05 January 2007 - 15:56

Alex

I'm in the process of installing "Paypal WPP Direct Payments & Express Checkout contrib" which actually creates a new user account in oscommerce based on info provided by Paypal - since your contrib has added a new field "User name" for forum purposes is this going to upset the WPP contrib when it automatically creates these new accounts ?

based on the information returned from Paypal, an account will automatically be created for them and the account details emailed to their email address


Ross

#64   rossoe

rossoe
  • Members
  • 58 posts
  • Real Name:Ross

Posted 06 January 2007 - 20:52

Alex

a question for you, if I delete a user in oscommerce admin the synchronisation between database users get's out of whack ie "customer_id" and "user_id" don't match anymore. so it means if I login with one user in oscommerce and go into the forum it's logged in with a diff user !

Is there any way that when you delete a cust from oscommerce it also deletes the appropriate account in phpbb2 ? or should I just never delete any users.

sorry for so many queries but I'll be using this great contrib and I want it working perfectly and securely.

Ross

#65   AlexStudio

AlexStudio
  • Members
  • 1,092 posts
  • Real Name:Alex Li
  • Gender:Male
  • Location:Taipei, Taiwan

Posted 06 January 2007 - 21:32

Alex

a question for you, if I delete a user in oscommerce admin the synchronisation between database users get's out of whack ie "customer_id" and "user_id" don't match anymore. so it means if I login with one user in oscommerce and go into the forum it's logged in with a diff user !

Is there any way that when you delete a cust from oscommerce it also deletes the appropriate account in phpbb2 ? or should I just never delete any users.

sorry for so many queries but I'll be using this great contrib and I want it working perfectly and securely.

Ross

If you delete a customer account in osC, you need to delete the corresponding user in phpbb, and all his posts as well. I will include this feature in next update, which to delete customers in osC admin and clean up all corresponding records in phpbb2.
Super Download Shop, PayPal Express Checkout IPN, Selling Downloads, Visual Validation (preventing robotic flood), phpBB2 Integration

Yes, I'm willing to help, but please ask in the right place. Think twice before trying to PM me, it might be ignored.

#66   AlexStudio

AlexStudio
  • Members
  • 1,092 posts
  • Real Name:Alex Li
  • Gender:Male
  • Location:Taipei, Taiwan

Posted 06 January 2007 - 21:38

Alex

I'm in the process of installing "Paypal WPP Direct Payments & Express Checkout contrib" which actually creates a new user account in oscommerce based on info provided by Paypal - since your contrib has added a new field "User name" for forum purposes is this going to upset the WPP contrib when it automatically creates these new accounts ?
Ross

I don't see any problem with that.
Super Download Shop, PayPal Express Checkout IPN, Selling Downloads, Visual Validation (preventing robotic flood), phpBB2 Integration

Yes, I'm willing to help, but please ask in the right place. Think twice before trying to PM me, it might be ignored.

#67   AlexStudio

AlexStudio
  • Members
  • 1,092 posts
  • Real Name:Alex Li
  • Gender:Male
  • Location:Taipei, Taiwan

Posted 06 January 2007 - 21:45

Alex

When I go onto the forum as a guest and click on for example the memberlist and try to click on any user - The login section comes up as it should and I fill in and click login - it then takes me back to the the forum ! is it possible for the file to remember where the user wanted to go (members profile section) instead of defaulting to main forum page ?

Ross

phpBB2 doesn't have that feature. In the genuine phpBB2, you always get to the index page after login. Only those pages require login will send guest users to login and then send them back. I have done this with the private message and user profile pages. If you find any pages else which send users to login but not back to it, please let me know.
Super Download Shop, PayPal Express Checkout IPN, Selling Downloads, Visual Validation (preventing robotic flood), phpBB2 Integration

Yes, I'm willing to help, but please ask in the right place. Think twice before trying to PM me, it might be ignored.

#68   rossoe

rossoe
  • Members
  • 58 posts
  • Real Name:Ross

Posted 17 January 2007 - 21:39

Hi Alex

can you tell me which file I should look at when I want to change the redirect after login. As you may remember I need to change index.php to portal.php as that is my main page.

I've looked through login.php and changed them all in there but I'm still being sent to index.php ??

Thanks

Ross

#69   AlexStudio

AlexStudio
  • Members
  • 1,092 posts
  • Real Name:Alex Li
  • Gender:Male
  • Location:Taipei, Taiwan

Posted 17 January 2007 - 21:53

can you tell me which file I should look at when I want to change the redirect after login. As you may remember I need to change index.php to portal.php as that is my main page.

I've looked through login.php and changed them all in there but I'm still being sent to index.php ??

It's in the phpbb2/includes/page_header.php around line 75:
//
// Generate logged in/logged out status
//
if ( $userdata['session_logged_in'] )
{
	  $u_login_logout = 'login.'.$phpEx.'?logout=true&sid=' . $userdata['session_id'];
	$l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]';
}
else
{
//// BOF osCommerce phpBB2 Integration v1.0
//	$u_login_logout = 'login.'.$phpEx;
	$u_login_logout = HTTPS_SERVER . DIR_WS_HTTP_CATALOG . 'login.php?redirect=index.php';
//// BOF osCommerce phpBB2 Integration v1.0
	$l_login_logout = $lang['Login'];
}
you need to change that 'login.php?redirect=index.php' to something else you want.

hope this helps.
Super Download Shop, PayPal Express Checkout IPN, Selling Downloads, Visual Validation (preventing robotic flood), phpBB2 Integration

Yes, I'm willing to help, but please ask in the right place. Think twice before trying to PM me, it might be ignored.

#70   rossoe

rossoe
  • Members
  • 58 posts
  • Real Name:Ross

Posted 17 January 2007 - 23:05

Excellent that's sorted my Login, but the "logout" is still going to index.php.

#71   AlexStudio

AlexStudio
  • Members
  • 1,092 posts
  • Real Name:Alex Li
  • Gender:Male
  • Location:Taipei, Taiwan

Posted 17 January 2007 - 23:27

Excellent that's sorted my Login, but the "logout" is still going to index.php.

hmmm....this portal stuff is really tricky... /blink.gif' class='bbc_emoticon' alt=':blink:' />

Here is a try-out, in your phpbb2/login.php (the one modified by this contrib) around line 205:
header('Location: ' .HTTPS_SERVER . DIR_WS_HTTP_CATALOG . 'logoff.php?redirect=index.php&osCsid=' . $osCsid);
Do the same thing as you did to the login redirect target, I think it will work. Let me know if it didn't. /wink.gif' class='bbc_emoticon' alt=';)' />
Super Download Shop, PayPal Express Checkout IPN, Selling Downloads, Visual Validation (preventing robotic flood), phpBB2 Integration

Yes, I'm willing to help, but please ask in the right place. Think twice before trying to PM me, it might be ignored.

#72   Optimalkiller

Optimalkiller
  • Members
  • 64 posts
  • Real Name:OptimalKiller
  • Gender:Male

Posted 17 January 2007 - 23:39

can any one help me I seem to be getting this error message when try to register.

insert into phpbb_users (user_id, user_active, username, user_password, user_session_time, user_session_page, user_lastvisit, user_regdate, user_level, user_posts, user_timezone, user_style, user_lang, user_dateformat, user_new_privmsg, user_unread_privmsg, user_last_privmsg, user_emailtime, user_viewemail, user_attachsig, user_allowhtml, user_allowbbcode, user_allowsmile, user_allowavatar, user_allow_pm, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_rank, user_avatar, user_avatar_type, user_email, user_icq, user_website, user_sig, user_sig_bbcode_uid, user_aim, user_yim, user_msnm, user_occ, user_interests, user_actkey, user_newpasswd) values ('3', '1', 'OptimalKiller', 'c19db471ac6e12cdcff7816477d1222d', '1169076903', '0', '', '1169076903', '0', '0', '0', '0', 'danish', 'D M d, Y g:i a', '0', '0', '0', '', '0', '1', '0', '1', '1', '1', '1', '1', '0', '1', '1', '0', '', '0', 'optimalkiller@optimalkiller.com', '', '', '', '', '', '', '', '', '', '', '')

[TEP STOP]

it seem to register my details under custerms database but nothing is listed in the phpbb users table. Also can seem one explain about the user id value as I'm not sure whoch one to delete. any help would be appreciated.

#73   Optimalkiller

Optimalkiller
  • Members
  • 64 posts
  • Real Name:OptimalKiller
  • Gender:Male

Posted 18 January 2007 - 00:00

problem fixed

The "Out of range value adjusted for column ..." mysql errors are due to MySQL 5 running with a strict sql-mode.


You need to edit /etc/my.cnf and change sql-mode to something like:

sql-mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"

Problem now fixed. still need help with this user thing!!!!

#74   rossoe

rossoe
  • Members
  • 58 posts
  • Real Name:Ross

Posted 18 January 2007 - 00:32

Do you mean within this block ? :

//// BOF phpBB2 Integration v1.0
$login_action = 'action=process';
if( isset($HTTP_GET_VARS['redirect']) ) {
$forward_to = $HTTP_SERVER_VARS['QUERY_STRING'];
if( preg_match("/redirect=([a-z0-9\.#\/\?&=\+\-_]+)/si", $forward_to, $forward_matches) ) {
$forward_to = $forward_matches[0];
$forward_match = explode('&', $forward_to);
if(count($forward_match) > 1) {
for($i = 1; $i < count($forward_match); $i++) {
if( !ereg("sid=", $forward_match[$i]) ) {
if( $forward_page != '' ) $forward_page .= '&';
$forward_page .= $forward_match[$i];
}
}
$forward_page = $forward_match[0] . '&' . $forward_page;
} else $forward_page = $forward_match[0];
}
$forward_page = str_replace('?', '&', $forward_page);
$login_action = $login_action . '&' . $forward_page;
}
//// EOF phpBB2 Integration v1.0

I know your telling me it's tricky !!! I've been at it since christmas lol but I really appreciate your help - I've pestered you alot sorry. I will leave you alone soon I promise /wink.gif' class='bbc_emoticon' alt=';)' />

#75   AlexStudio

AlexStudio
  • Members
  • 1,092 posts
  • Real Name:Alex Li
  • Gender:Male
  • Location:Taipei, Taiwan

Posted 18 January 2007 - 00:42

Do you mean within this block ? :

//// BOF phpBB2 Integration v1.0
$login_action = 'action=process';
if( isset($HTTP_GET_VARS['redirect']) ) {
$forward_to = $HTTP_SERVER_VARS['QUERY_STRING'];
if( preg_match("/redirect=([a-z0-9\.#\/\?&=\+\-_]+)/si", $forward_to, $forward_matches) ) {
$forward_to = $forward_matches[0];
$forward_match = explode('&', $forward_to);
if(count($forward_match) > 1) {
for($i = 1; $i < count($forward_match); $i++) {
if( !ereg("sid=", $forward_match[$i]) ) {
if( $forward_page != '' ) $forward_page .= '&';
$forward_page .= $forward_match[$i];
}
}
$forward_page = $forward_match[0] . '&' . $forward_page;
} else $forward_page = $forward_match[0];
}
$forward_page = str_replace('?', '&', $forward_page);
$login_action = $login_action . '&' . $forward_page;
}
//// EOF phpBB2 Integration v1.0

I know your telling me it's tricky !!! I've been at it since christmas lol but I really appreciate your help - I've pestered you alot sorry. I will leave you alone soon I promise /wink.gif' class='bbc_emoticon' alt=';)' />

wrong file man..... try phpbb2/login.php...... /sad.gif' class='bbc_emoticon' alt=':(' />
Super Download Shop, PayPal Express Checkout IPN, Selling Downloads, Visual Validation (preventing robotic flood), phpBB2 Integration

Yes, I'm willing to help, but please ask in the right place. Think twice before trying to PM me, it might be ignored.

#76   AlexStudio

AlexStudio
  • Members
  • 1,092 posts
  • Real Name:Alex Li
  • Gender:Male
  • Location:Taipei, Taiwan

Posted 18 January 2007 - 00:50

problem fixed

The "Out of range value adjusted for column ..." mysql errors are due to MySQL 5 running with a strict sql-mode.
You need to edit /etc/my.cnf and change sql-mode to something like:

sql-mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"

Problem now fixed. still need help with this user thing!!!!

It seems to me that when you tried to register a new account, it used the next available customers_id=3, but the user_id #3 in phpbb2 user table has already been taken.

I will put this into my note and add some lines in the code to check phpbb_users table for the next available user_id. The fix of this issue will be included in the next upgrade.

If you have more phpbb2 users than osCom customers, currently this contrib will not work for you. This contrib only works if you have more osCom customers than phpbb2 users.
Super Download Shop, PayPal Express Checkout IPN, Selling Downloads, Visual Validation (preventing robotic flood), phpBB2 Integration

Yes, I'm willing to help, but please ask in the right place. Think twice before trying to PM me, it might be ignored.

#77   Optimalkiller

Optimalkiller
  • Members
  • 64 posts
  • Real Name:OptimalKiller
  • Gender:Male

Posted 18 January 2007 - 01:02

All problems have been resolved. user error. I made sure that I have the exact amount of users onthe forum and osCommerce. All working now. BTW A big thank you to you for a great mod.

Cheers

Edited by Optimalkiller, 18 January 2007 - 01:04.


#78   anderskiel

anderskiel
  • Members
  • 22 posts
  • Real Name:Anders

Posted 18 January 2007 - 19:40

This is sligtly off topic, but could maybe be incorpoated as an antispam measure!

AlexStudio you seem to be quite familiar with this code by now. I seem to be getting an awful lot of spam-users in the forum. Some register to promote websites others just seem to be pointless bot-registrations. Due to the redirecting for registration i have a feeling that these bots simply search for the

www.yoursite.com/phpbb2/profile.php?mode=register&agreed=true

page. Currently registrations go via the "agree to terms page" to the osc registration page. Then via an ekstra link to phpbb2 registration.


What i'm thinking is... If we change the name of the phpbb2 registration page we might be able to keep the bots trom registration. My problem is that I can't find the place to change that url. Any advise?

Anders

#79   rossoe

rossoe
  • Members
  • 58 posts
  • Real Name:Ross

Posted 18 January 2007 - 20:15

Ok so login using the link in the header works but the login box on the portal's front page that you helped me with still redirects to index.php

and any attempt to logoff also takes me to index.php

Here's my current phpbb2/login.php
I've highlighted in red wherever I've added portal.php

I can't understand why if I'm setting

'logoff.php?redirect=portal.php

how can it still goto index.php after logging out ??

<?php
/***************************************************************************
* login.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : © 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: login.php,v 1.47.2.25 2006/12/16 13:11:24 acydburn Exp $
*
*
***************************************************************************/

/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/

//
// Allow people to reach login page if
// board is shut down
//
define("IN_LOGIN", true);

define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);

//// BOF osCommerce phpBB2 Integration v1.0
include($phpbb_root_path . 'includes/trans_osc.php');
//// EOF osCommerce phpBB2 Integration v1.0

//
// Set page ID for session management
//
$userdata = session_pagestart($user_ip, PAGE_LOGIN);
init_userprefs($userdata);
//
// End session management
//

// session id check
if (!empty($HTTP_POST_VARS['sid']) || !empty($HTTP_GET_VARS['sid']))
{
$sid = (!empty($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : $HTTP_GET_VARS['sid'];
}
else
{
$sid = '';
}

if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && (!$userdata['session_logged_in'] || isset($HTTP_POST_VARS['admin'])) )
{
$username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';

$sql = "SELECT user_id, username, user_password, user_active, user_level, user_login_tries, user_last_login_try
FROM " . USERS_TABLE . "
WHERE username = '" . str_replace("\\'", "''", $username) . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
}

if( $row = $db->sql_fetchrow($result) )
{
if( $row['user_level'] != ADMIN && $board_config['board_disable'] )
{
redirect(append_sid("portal.$phpEx", true));
}
else
{
// If the last login is more than x minutes ago, then reset the login tries/time
if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $row['user_last_login_try'] < (time() - ($board_config['login_reset_time'] * 60)))
{
$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']);
$row['user_last_login_try'] = $row['user_login_tries'] = 0;
}

// Check to see if user is allowed to login again... if his tries are exceeded
if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $board_config['max_login_attempts'] &&
$row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts'] && $userdata['user_level'] != ADMIN)
{
message_die(GENERAL_MESSAGE, sprintf($lang['Login_attempts_exceeded'], $board_config['max_login_attempts'], $board_config['login_reset_time']));
}

if( md5($password) == $row['user_password'] && $row['user_active'] )
{
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;

$admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0;
$session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin);

// Reset login tries
$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']);

if( $session_id )
{
$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "portal.$phpEx";
redirect(append_sid($url, true));
}
else
{
message_die(CRITICAL_ERROR, "Couldn't start session : login", "", __LINE__, __FILE__);
}
}
// Only store a failed login attempt for an active user - inactive users can't login even with a correct password
elseif( $row['user_active'] )
{
// Save login tries and last login
if ($row['user_id'] != ANONYMOUS)
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_login_tries = user_login_tries + 1, user_last_login_try = ' . time() . '
WHERE user_id = ' . $row['user_id'];
$db->sql_query($sql);
}
}

$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
$redirect = str_replace('?', '&', $redirect);

if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url'))
{
message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
}

$template->assign_vars(array(
'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">")
);

$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("portal.$phpEx") . '">', '</a>');

message_die(GENERAL_MESSAGE, $message);
}
}
else
{
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "";
$redirect = str_replace("?", "&", $redirect);

if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url'))
{
message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
}

$template->assign_vars(array(
'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">")
);

$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("portal.$phpEx") . '">', '</a>');

message_die(GENERAL_MESSAGE, $message);
}
}
else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] ) ///////////////// LOG OUT START HERE /////////////////////////
{
// session id check
if ($sid == '' || $sid != $userdata['session_id'])
{
message_die(GENERAL_ERROR, 'Invalid_session');
}

if( $userdata['session_logged_in'] )
{
//// BOF osCommerce phpBB2 Integration v1.0
$sql = "select osCsid, sess_uid, sess_uip, sess_logged, sess_trans from trans_phpbb where sess_uid = '" . $userdata[ 'user_id' ] ."'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error in obtaining transata', '', __LINE__, __FILE__, $sql);
}
if( $row = $db->sql_fetchrow($result) )
{
$osCsid = $row[ 'osCsid' ]; //// <----------------------------------------Prepare to logoff osC
$sql = "update trans_phpbb set sess_trans = '' where sess_uid = '" . $userdata[ 'user_id' ] . "'";
$db->sql_query($sql); //// <----------------------------------------------Cleanup phpBB session data in trans_phpbb table
}
//// EOF osCommerce phpBB2 Integration v1.0
session_end($userdata['session_id'], $userdata['user_id']);
}

if (!empty($HTTP_POST_VARS['redirect']) || !empty($HTTP_GET_VARS['redirect']))
{
$url = (!empty($HTTP_POST_VARS['redirect'])) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : htmlspecialchars($HTTP_GET_VARS['redirect']);
$url = str_replace('&', '&', $url);
redirect(append_sid($url, true));
}
//// BOF osCommerce phpBB2 Integration v1.0
else if( isset( $HTTP_GET_VARS[ 'trans' ]) && $HTTP_GET_VARS[ 'trans' ] == 'yes' )
{
header('Location: ' .HTTP_SERVER . DIR_WS_HTTP_CATALOG . 'index.php');
session_write_close();
exit();
}
else
{
header('Location: ' .HTTPS_SERVER . DIR_WS_HTTP_CATALOG . 'logoff.php?redirect=portal.php&osCsid=' . $osCsid);
session_write_close();
exit();
//// EOF osCommerce phpBB2 Integration v1.0
}
}
else
{
$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "portal.$phpEx";
redirect(append_sid($url, true));
}
}
else
{
//
// Do a full login page dohickey if
// user not already logged in
//
if( !$userdata['session_logged_in'] || (isset($HTTP_GET_VARS['admin']) && $userdata['session_logged_in'] && $userdata['user_level'] == ADMIN))
{
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);

$template->set_filenames(array(
'body' => 'login_body.tpl')
);

$forward_page = '';

if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
{
$forward_to = $HTTP_SERVER_VARS['QUERY_STRING'];

if( preg_match("/^redirect=([a-z0-9\.#\/\?&=\+\-_]+)/si", $forward_to, $forward_matches) )
{
$forward_to = ( !empty($forward_matches[3]) ) ? $forward_matches[3] : $forward_matches[1];
$forward_match = explode('&', $forward_to);

if(count($forward_match) > 1)
{
for($i = 1; $i < count($forward_match); $i++)
{
if( !ereg("sid=", $forward_match[$i]) )
{
if( $forward_page != '' )
{
$forward_page .= '&';
}
$forward_page .= $forward_match[$i];
}
}
$forward_page = $forward_match[0] . '?' . $forward_page;
}
else
{
$forward_page = $forward_match[0];
}
}
}

$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';

$s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />';
$s_hidden_fields .= (isset($HTTP_GET_VARS['admin'])) ? '<input type="hidden" name="admin" value="1" />' : '';

make_jumpbox('viewforum.'.$phpEx);
$template->assign_vars(array(
'USERNAME' => $username,

'L_ENTER_PASSWORD' => (isset($HTTP_GET_VARS['admin'])) ? $lang['Admin_reauthenticate'] : $lang['Enter_password'],
'L_SEND_PASSWORD' => $lang['Forgotten_password'],

//// BOF osCommerce phpBB2 Integration v1.0
// 'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"),
'U_SEND_PASSWORD' => HTTP_SERVER . DIR_WS_HTTP_CATALOG . 'password_forgotten.php',
//// EOF osCommerce phpBB2 Integration v1.0

'S_HIDDEN_FIELDS' => $s_hidden_fields)
);

$template->pparse('body');

include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
else
{
redirect(append_sid("portal.$phpEx", true));
}

}

?>



#80   rossoe

rossoe
  • Members
  • 58 posts
  • Real Name:Ross

Posted 18 January 2007 - 20:25

**** UPDATE TO POST ABOVE ****

I just changed -
'S_LOGIN_ACTION' => append_sid(HTTPS_SERVER . DIR_WS_HTTP_CATALOG . 'login.php?action=process&redirect=portal.php'),

in "page_header" which solved the login from the box on portal front page.


My last problem is any attempt to logoff still takes me back to index.php

I can't understand why if I'm setting

'logoff.php?redirect=portal.php

as you told me to - how can it still goto index.php after logging out ??