Session integration with phpBB3

Hello everybody,

I’m trying to create a site with Yii which need to have a forum and i choose phpBB3.

I spent the last 2 days looking for a solution in order to use the same login and password for both, now i’m able to login from Yii with the user and password from the forum but i’m stucked here.

Now the question is, how i can share the same cookie from Yii to phpBB3 and viceversa?

I read some thread where was suggested to work with cookie and session value of Yii but i don’t know how i can handle it, could please someone walk me through it?

Thanks,

Dado.

You’re going to need to look at how phpbb3 authenticates users and then migrate that code over to Yii. It should be fairly straightforward provided both the forum and your Yii application are hosted on the same domain.

Though, you do present an interesting dilemma - your Yii powered application now relies on phpbb3 methodology to authenticate and manage users, which I personally have a bit of an issue with :P I dislike the idea of modelling your website’s code and functionality around a piece of 3rd party software, particularly if it’s only a small extension of the site. I analysed possible solutions a couple of months ago, and decided to just write my ow in Yii - http://mixxi.com/forum (still WIP).

I understand your dilemma but i’m forced to use phpBB3… <_<

I thing i understand how i can handle this, phpBB3 store a cookie called “cookie-name”_sid which contain a string of character that is the session id, this string is also stored under the table `phpbb_sessions’.

I can read and modify this table, so my idea is the follow:

On site load check if there is an identity with the same sid stored inside the cookie (if present) under the table `phpbb_sessions’, if yes user_id is identified.

If there’s no sid stored you need to login, so on login create a sid with the assocated user_id inside table `phpbb_sessions’ and also create a cookie.

I know this could be a forced solution but is the best i have found :D

How i can procede to translate this into a code?

Thanks,

Dado.

Dado, that solution sounds about right.

I’m currently implementing phpBB and Yii together. I’m building a site which will use the forum part (phpBB) as the login handling, so I’ll only check for that cookie. I’ll post a code example (or perhaps extension) for this later.

If you can live with having phpBB handling the login/logout part, you don’t have to write your own cookies from Yii. That way, it’s almost solved already!

Edit:

Here’s a filter I’m using to auth my forum.domain.com vs my Yii site at www.domain.com.

AuthFilter.php:




<?php


class AuthFilter extends CFilter

{

    protected function preFilter($filterChain)

    {

    	$errorCode = 0;

		if(isset($_COOKIE['phpbb3_127vf_sid']) && isset($_COOKIE['phpbb3_127vf_u']))

		{

			$user = Yii::app()->db->createCommand()

			    ->select('user_id, username')

			    ->from('phpbb_users')

			    ->where('user_id=:id', array(':id'=>$_COOKIE['phpbb3_127vf_u']))

			    ->queryRow();

			$liveSession = Yii::app()->db->createCommand()

				->select('session_id,session_user_id')

				->from('phpbb_sessions')

				->where('session_id=:id', array(':id'=>$_COOKIE['phpbb3_127vf_sid']))

				->queryRow();

				

			if($liveSession['session_user_id'] == $user['user_id'] && $user['user_id'] != 1)

			{

				$errorCode=0;

			} else {

				$errorCode=1;

			}

			

		} else {

			$errorCode=1;

		}

		

		if($errorCode>0)

		{

			Yii::app()->getRequest()->redirect('/index.php?r=site/pleaselogin');

		} else {

			$filterChain->run();

		}

    }

 

}

As you can see it’s extremely barebone and perhaps not secure, but it should get you started.

I’m not kidding, the code might actually be a bit confusing with all the errorCode stuff and whatnot that makes no sense.

If I put up something cleaner I’ll report back.

Thank you tackle, i don’t even consider the possibility to create a filter :P

Actually now i’m working on a component that is an extension of CDbHttpSession and i’m closer to a final solution! :o

Actually there is an easier way to it. Phpbb also provides an api. None the less, without a filter, here’s the approach.

in index.php of yii, right the following at the very top





<?php


define('IN_PHPBB', true);

$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './PHPBB3/';

$phpEx = substr(strrchr(__FILE__, '.'), 1);

include($phpbb_root_path . 'common.' . $phpEx);

include($phpbb_root_path . 'includes/functions_display.' . $phpEx);


// Start session management

$user->session_begin();

$auth->acl($user->data);

$user->setup();

$config_new = $config;


?>




as Yii has its own $config variable, its better to assign phpbbs $config to something else before Yii overwrites it. (it comes very handy if you use the api).

in the controller:




<?php


public function actionTest(){

    global $user;


    print_r($user->data);// will give you all the data associated with the logged in user or ANNONYMUS

}


?>






Here’s what [color="#FF0000"]$user->data[/color] array contains:




user_id

user_type

group_id

user_permissions

user_perm_from

user_ip

user_regdate

username

username_clean

user_password

user_passchg

user_pass_convert

user_email

user_email_hash

user_birthday

user_lastvisit

user_lastmark

user_lastpost_time

user_lastpage

user_last_confirm_key

user_last_search

user_warnings

user_last_warning

user_login_attempts

user_inactive_reason

user_inactive_time

user_posts

user_lang

user_timezone

user_dst

user_dateformat

user_style

user_rank

user_colour

user_new_privmsg

user_unread_privmsg

user_last_privmsg

user_message_rules

user_full_folder

user_emailtime

user_topic_show_days

user_topic_sortby_type

user_topic_sortby_dir

user_post_show_days

user_post_sortby_type

user_post_sortby_dir

user_notify

user_notify_pm

user_notify_type

user_allow_pm

user_allow_viewonline

user_allow_viewemail

user_allow_massemail

user_options

user_avatar

user_avatar_type

user_avatar_width

user_avatar_height

user_sig

user_sig_bbcode_uid

user_sig_bbcode_bitfield

user_from

user_icq

user_aim

user_yim

user_msnm

user_jabber

user_website

user_occ

user_interests

user_actkey

user_newpasswd

user_form_salt

user_new

user_reminded

user_reminded_time

session_id

session_user_id

session_forum_id

session_last_visit

session_start

session_time

session_ip

session_browser

session_forwarded_for

session_page

session_viewonline

session_autologin

session_admin

is_registered

is_bot




Use the options as for your needs. (I am not fan of this global keyword but it is a easier solution)

I am only stucked in login part. The auth class in phpbb handles the main login procedure but it creates errors on including fils. I am a bit new to yii. How yii inclues files with what reference? Controller? Yiibase? I tried to use absolute path but even then it fails. If someone can point some direction on this, my own login is done.

Bump for justice!

Hello guys, sorry if i’m not really present but i was a bit busy…

Anyway, i try your solution Itachi, if i understood correctly when i login from the forum i should get the user data inside [color="#FF0000"]$user->data[/color] varibale but i always get the user anonymous data not the user i logged in.

Thanks,

Dado.