| Author |
 Topic  |
|
Rahanini
Starting Member
35 Posts |
 Posted - 02 January 2003 : 01:32:10
|
Hi,
I want to integrate the snitz forum within my site, however I have a seperate login/logout procedure to access my site. I want to modify the login/logout method on snitz so that when a user uses my general sites login/logout method he will be logged into my databases and when he/she wants to use the snitz forum a session variable will be passed when he/she clicks on the link to the forum which will determine if this person is a member of my site. If this person is a member then, the forum will recognize him and he will be logged into the snitz forum.
Could anyone direct me how I might be able to accomplish this. |
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 02 January 2003 : 09:54:10
|
| Login is accomplished by lines 164-208 in inc_header.asp. Basically it has to do with reading cookie values for username and password and checking them against the database. From a practical point of view all you'd need to do would be to set the proper cookie values from your code and that should do it. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
 |
|
|
barrymagee
Starting Member
Ireland
1 Posts |
Posted - 03 January 2003 : 13:40:04
|
Hi Guys
I have the same dilemma but surely the problem remains if you maintain two independent databases on the website?
That is on DB for the 'main' site and another 'forum' DB. Unless the DBs are synchronized surely you're requiring your users to register twice on your site? Otherwise how will passing a Session Var with the correct values from on DB login work equally with a second DB buried in the forum?
Surely the ideal is to have your forum cookies set sitewide and for the pages in the 'outer' part of the site to be able to identify 'forum' members as members of the overall site too?
My prob is that I'm using Dreamwaever UD4/MX and I can imagine it getting messy with a load of session variables knocking around - i.e. - it's 'Restrict Access' Server Behaviour prob won't pick up on the Snitz written forum cookie etc. etc.
Any ideas?
FYI site URL is http://www.dalkeyunited.com
Thx in advance
Barry |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Rahanini
Starting Member
35 Posts |
Posted - 03 January 2003 : 16:55:11
|
Well, i am actually planning on making just one member table becuase of the synching issues you described. Also I dont want redundant information in my database, that gets meessy at the site grows.
I am trying to understand the login/logout code ruirib described and was having some trouble. The way i see it is what I can do is once i get the session variable from the URL, i check the sessionvariable in my database and say the person is a member of my site, i extract the username from my database and set the variables:
strDBNTUserName, strDBNTFUserName to that user name, and the forum will thing it has found a cookie and log the person into the forum?
would this jerry rigging the forum work?
thanks. |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 03 January 2003 : 17:05:22
|
Not really. You see, when a login is done through cookies, the lines# 201-208 are the ones that do the authentication job:
if trim(strDBNTUserName) <> "" and trim(Request.Cookies(strUniqueID & "User")("Pword")) <> "" then
chkCookie = 1
mLev = cLng(chkUser(strDBNTUserName, Request.Cookies(strUniqueID & "User")("Pword"),-1))
chkCookie = 0
else
MemberID = -1
mLev = 0
end if
So, you do need to set the value of strDBNTUserName, but not the other variable. You also need to set the value for the user password, so that you pass both the username and the password value to chkUser function. This is the function that will authenticate the user against the DB and that sets the value for the MemberID and mlev values. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
Alex White
Starting Member
23 Posts |
Posted - 10 January 2003 : 08:47:22
|
I saw this thread early on, and it matched something that I wanted to do with the forums, and I've had partial success, but still some way from getting it right.
Anyone that has previously logged in to the private area on my site will have had two session variables set - their username and password.
So at the start of the cookie-handling process I added the following two lines in order to poke appropriate information into the cookie before it gets checked:
Response.Cookies(strUniqueID & "User")("Name") = Session("MM_Username")
Response.Cookies(strUniqueID & "User")("Pword") = Session("MM_Password")
This comes just before the lines
strDBNTUserName = Request.Cookies(strUniqueID & "User")("Name")
strDBNTFUserName = trim(chkString(Request.Form("Name"),"SQLString"))
The good news is that the forum page recognises the person and treats them as logged on. The bad news is that I've missed something out, since if I try to add a new topic I get an error "Invalid UserName or Password!" and if I try to reply to a topic I get the error "Invalid Password or User Name"
Obviously I'm doing something wrong... any helpful hints about what?
Regards,
|
|
|
|
DavidRhodes
Senior Member
United Kingdom
1222 Posts |
Posted - 10 January 2003 : 08:59:45
|
Response.Cookies(strUniqueID & "User")("Name") = Session("MM_Username")
Response.Cookies(strUniqueID & "User")("Pword") = Session("MM_Password")
Are these snitz usernames and passwords that you are getting from the session variables? If they're not then you are setting strDBNTUserName to the session variable underneath. |
The UK MkIVs Forum |
|
|
|
Alex White
Starting Member
23 Posts |
Posted - 10 January 2003 : 09:47:20
|
quote:
Originally posted by DavidRhodes
Are these snitz usernames and passwords that you are getting from the session variables? If they're not then you are setting strDBNTUserName to the session variable underneath.
Forgive me if I haven't grasped the question, but I'll answer what I think the question is...
The session variables contain a username and password that has been checked in a different database, but which matches up exactly with the username and password in the snitz database table.
(I have restricted registration, and at the point at which I register and entry is made for them in my generic security table and at the same time in the snitz FORUM_MEMBERS table.)
So basically, yes it is snitz usernames and passwords that I'm getting from the session variables.
I have the feeling that I may be missing something or doing my cookie-poking at the wrong point in time though... |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Alex White
Starting Member
23 Posts |
Posted - 10 January 2003 : 11:58:44
|
I grabbed the code from what I found in DoCookies... I think I'm not placing it in the right place though - perhaps that the cookie gets overwritten with something else after I've assigned my values into it (that would explain the behaviour I see at present at any rate)
Regards, |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Alex White
Starting Member
23 Posts |
Posted - 13 January 2003 : 10:31:30
|
quote:
Originally posted by ruirib
You're not setting the path for the cookies.
Could you expand on this answer please? I'm fairly new to cookie manipulation, and I'll need a little bit extra help to get this sorted out...
(The cookies are set to "website" rather than "forum" if this is significant)
Regards, |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 13 January 2003 : 10:34:11
|
| Look at the code, that's what I told you before. In the code there is a statement that sets the cookie's path and you decided not to copy it, even after I told you to look at it! Use it and see if it fixes the problem. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
Edited by - ruirib on 13 January 2003 10:34:37 |
|
|
|
Alex White
Starting Member
23 Posts |
Posted - 13 January 2003 : 10:39:11
|
As additional interest, I added some text to the header to display the value of the cookies on the page (plus the mLev and MemberID) and it shows that the expected user and password values are properly held there, and that it is being validated and returning the expected mLev and MemberID.
That being the case, I wonder why the add/reply to topic is coming up invalid?
Ideas? |
|
|
|
Alex White
Starting Member
23 Posts |
Posted - 13 January 2003 : 11:12:58
|
As a further datum, I modified the error message when the reply-to fails, so instead of just "Invalid Password or User Name" it now includes the SQL string, which turns out to be
SELECT MEMBER_ID, M_LEVEL, M_EMAIL, M_LASTPOSTDATE, M_NAME, M_PASSWORD FROM FORUM_MEMBERS WHERE M_NAME = 'AlexWhite' AND FORUM_MEMBERS.M_STATUS = 1 AND M_PASSWORD = ' '
Now it seems to me that the problem is presumably on the password front, since M_PASSWORD is being set to blank.
 |
|
|
|
Topic |
|
Topic Locked
