Thank you :)
Sea[hr]
Quote:
Originally Posted by jthm0138
My statement was not intended to be an attack at you in any way, and I am well aware of the fact that the script works (and works well) on your site. My question as to if anyone else has managed to get it working was to determine if .... well... anyone other than you has managed to get a functional bridge out of this script. I am pretty sure the answer to that is going to be no.
It appears that you have custom database fields to start with (I have fixed this I think), some custom cookie settings, and possibly even some custom encryption routines. As the user tables for your script, and the user tables that everyone else has do not match this script is all but worthless to the community. However there is some light at the end of the tunnel. The fix I mentioned before will correct the table injection errors. There is still a conflict registered on usersync however, and I am not sure what is causing the new one, as no data on the error is given now.
That being said the users do pass to the adoptables database, but the dual login is not functioning. This could be caused by custom encryption on your script (something that I am not going to be able to fix) or it could be caused by custom cookie setting in your script, if so I have yet to find the right cookie settings.
As for real life, I am truly sorry for your loss.
|
Thank you.
As for the cookie settings, I have found them to be very touchy and server specific. I have the Jfusion Bridge installed on 2 different sites for the PHPBB3 Forum and could not use the same cookie settings on both.
The plugin above was working, but the one thing that bothered me on it is that when you tried to use the JFusion module to see how many people were on line & such it would always show the PHPAdoptables as empty because of the session cookies. This was fixed by adding
PHP Code:
include("config.php");
$sess_life = 18000;
//Connect to the database first
connect();
// ***********************
// Connect
// ***********************
//This function simply connects us to the database and is the session open function
function connect()
{
include("config.php");
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die('Error connecting to MySQL');
mysql_select_db($dbname) or die('Cannot select database');
return true;
}
//This function simply disconnects us from the database and is the session close function
function disconnect()
{
include("config.php");
mysql_close();
return true;
}
//This function retrieves session values from the database
function sess_read($sessid)
{
include("config.php");
$sql = "SELECT `values` FROM " . $prefix . "sessions WHERE sid = '$sessid' AND expire>=" . time();
$query = mysql_query($sql) or die(mysql_error());
if (list($value) = mysql_fetch_row($query)) {
$expire = time() + $sess_life;
$usql = "UPDATE " . $prefix . "sessions SET expire = $expire WHERE sid = '$sessid'";
$uquery = mysql_query($usql) or die(mysql_error());
return $value;
}
return "";
}
//This function stores session values into the database
function sess_write($sessid, $values)
{
include("config.php");
$expire = time() + $sess_life;
$value = addslashes($values);
$uidc = $cprefix . "u";
$uid = $_COOKIE[$uidc];
if ($uid) {
$usql = "SELECT username FROM " . $prefix . "users WHERE uid='$uid'";
$username = mysql_query($usql) or die(mysql_error());
} else {
$username = "";
}
$sql = "INSERT INTO " . $prefix . "sessions VALUES ('$sessid', '$username', $expire, '$value') ON DUPLICATE KEY UPDATE `expire`='$expire', `values`='$value'";
$query = mysql_query($sql) or die(mysql_error());
return $qid;
}
//This function deletes a session from the database
function sess_destroy($sessid)
{
include("config.php");
$qry = "DELETE FROM " . $prefix . "sessions WHERE sid = '$sessid'";
$qid = mysql_query($qry) or die(mysql_error());
return $qid;
}
//This function is session garbage collection
function sess_gc($maxlifetime)
{
include("config.php");
$qry = "DELETE FROM " . $prefix . "sessions WHERE expire < " . time();
$qid = mysql_query($qry) or die(mysql_error());
return mysql_affected_rows();
}
// This registers the above functions as the handlers for the various operations on session data.
session_set_save_handler("connect", "disconnect", "sess_read", "sess_write", "sess_destroy", "sess_gc");
//As this file is included in all others, begin the session with no caching.
session_cache_limiter('nocache');
$name = $cprefix . "sid";
session_name($name);
session_start();
to the beginning of the functions file & then making these changes
PHP Code:
//Function to determine if user is logged in.
//Set up our login info...
$username = "";
//$password = "";
$cname = $cprefix . "u";
//Check for cookie
if (isset($_COOKIE[$cname])) {
$userid = $_COOKIE[$cname];
//$username = $_COOKIE['auser'];
//$password = $_COOKIE['apass'];
//$username = preg_replace("/[^a-zA-Z0-9\\040.]/", "", $username);
//$username = secure($username);
//$password = secure($password);
//Run login operation
//$query = "SELECT * FROM ".$prefix."users WHERE username = '$username'";
$query = "SELECT username FROM " . $prefix . "users WHERE uid = '$userid'";
$result = mysql_query($query);
$num = mysql_numrows($result);
//Loop out code
//$i=0;
//while ($i < 1) {
//
//$luser=@mysql_result($result,$i,"username");
//$lpass=@mysql_result($result,$i,"password");
//
//$i++;
//}
//if($username == $luser and $password == $lpass){
if ($num > 0) {
$isloggedin = "yes";
$username = mysql_result($result, 0, 0);
}
else {
//if (isset($_COOKIE['auser'])){
//$past = time() - 10;
//setcookie("auser",$username,$past);
//}
//
//if (isset($_COOKIE['apass'])){
//$past = time() - 10;
//setcookie("apass",$password,$past);
//}
$isloggedin = "no";
}
}
else {
//User is not logged in
$isloggedin = "no";
}
//Return our user data
$userdata[loginstatus] = $isloggedin;
$userdata[username] = $username;
return $userdata;
}
I hope that helps to lead you in the right direction.
Sea