Geekly Articles each Day
📜 ⬆️ ⬇️

Integration phpBB site (Codeigniter). Pass-through authorization

image A few weeks ago, for some need, it was necessary to add a forum to a newly written site. The site at the stage of completion, users one-two and miscalculated. The site was written on Codeigniter. PhpBB was chosen as the forum as one of the common free forum version 3.1.1 . After simple manipulations, the forum was installed without any problems. It became more interesting when it came to users.

First of all, I decided to look for a ready-made solution in order not to waste either my time or my client's time. A working link to the phpBB3_library library was found, plugins for WP, and other engines were found, but I wanted to make the integration painless for myself and my brainchild (site) and forum.

Not a lot of time googling, I found this article , from which my immersion into the depths of phpBB user functionality began.
')

Formulation of the problem


  1. Make a painless integration. There must be one implementing class. No changes in the forum engine, so that when you update the forum, nothing has flown away.
  2. Maximum use of forum functions in our class. You don't want to ride a bicycle.
  3. Implement joint registration, password change, authorization, session end, blocking and unlocking a user based on the existing forum functionality.

Analysis


After reading the docks, it became clear that user management functions are placed in <forum root> /includes/functions_user.php, and authorization in <forum root> / phpbb / auth / provider. This folder contains functions for several authorization options. The authorization type is set in the forum administration panel, section “General -> Authentication”. I set the default value to Db.

In principle, I found the necessary functionality in these two files, in addition to updating user data. Next, proceed to the implementation.

Initial data


  1. Site implemented using codeigniter.
  2. Forum phpBB.
  3. Table with users of the site - USERS.
  4. The table with forum users is phpbb_USERS.
  5. Registration / authorization of users on the site - Codeigniter Auth library reworked for their needs.

Decision


The task is set, it must be done.

Before the start - a few nuances.
  1. It is necessary to disable the registration of users on the site. This is done in the admin panel (General -> user registration -> Allow user name change -> No). We allow the user to register only on the site.
  2. We prohibit changing the user name (General -> User Registration -> Account Activation -> Disabled).
  3. Forbid authorization from the forum. Authorization and exit do only from the site. Made a "head on" - in the file <root of the forum> /ucp.php made redirects to the corresponding pages on the site. (see the lines "case 'login':", "case 'login_link':", "case 'logout':". Redirect "header ('Location: / auth / login');" and "header ('Location: / auth / logout '); ").
  4. On the site (if there is a redirect () function), replace the redirect () function, for example, with ciredirect (), in order to avoid name conflicts - there is a function with the same name in phpBB.

For codeigniter I create the library my_phplib.php (the library in codeigniter is a kind of auxiliary plugin class located in the application / libraries folder. There is nothing unusual in it, so users of other engines / frameworks do not be discouraged).

So, the contents of the library:

Library my_phplib.php
<?php if (!defined('BASEPATH')) exit('No direct script access allowed'); class My_phpbblib { public $phpBB_user; public $phpBB_auth; public $phpBB_db; public $table_prefix; public function __construct(){ //   . global $phpbb_root_path, $phpEx, $user, $auth, $cache, $db, $config, $template, $table_prefix, $request, $phpbb_container, $symfony_request, $phpbb_filesystem, $phpbb_log, $phpbb_path_helper, $phpbb_dispatcher; //   ... define('IN_PHPBB', TRUE); //   . $phpbb_root_path = './forum/'; //   .    - php $phpEx = substr(strrchr(__FILE__, '.'), 1); //   //   include($phpbb_root_path . 'common.' . $phpEx); include($phpbb_root_path . 'config.php.' . $phpEx); //      include($phpbb_root_path . 'includes/functions_user.' . $phpEx); //    ... $request->enable_super_globals(); //    $user->session_begin(); $auth->acl($user->data); $this->phpBB_user = $user; $this->phpBB_auth = $auth; $this->phpBB_db = $db; $this->table_prefix = $table_prefix; } //  public function registration($data = array()) { //   ,      if(count($data) < 3){ //     3  - ,   email return false; } $new_phphBB_user = array(); //  . if(isset($data['username'])) return false; $new_phphBB_user['username'] = $data['username']; //   if(isset($data['user_password'])) return false; $new_phphBB_user['user_password'] = phpbb_hash($data['user_password']); // email  if(isset($data['user_email'])) return false; $new_phphBB_user['user_email'] = $data['user_email']; //  . //    phpBB3   // - 1 - GUESTS -  ( ) // - 2 - REGISTERED -   // - 3 - REGISTERED_COPPA -   COPPA // - 4 - GLOBAL_MODERATORS - - // - 5 - ADMINISTRATORS -  // - 6 - BOTS -  // - 7 - NEWLY_REGISTERED -  . //    NEWLY_REGISTERED $new_phphBB_user['group_id'] = isset($data['group_id']) ? $data['group_id'] : 7; //  . //  4  // - 0 -   // - 1 -  .  . // - 2 -   () // - 3 -  //      . $new_phphBB_user['user_type'] = isset($data['user_type']) ? $data['user_type'] : 1; //     . $phphBB_user_id = user_add($user_row, false); //  id    phpBB return $phphBB_user_id; } //  public function login($data = array()){ $this->phpBB_user->setup('ucp'); //   $username = $data['username']; //   $password = $data['user_password']; //   $autologin = $data['autologin']; //     $viewonline = true; //   phpBB $result = $this->phpBB_auth->login($username, $password, $autologin, $viewonline); // result   // array( // 'status' => status-code(int), // 'error_msg'=> status-message-id(text), // 'user_row'=> user-row(array), // ); //  // 1 -    // 3 -   // 10 -   // 11 -   // 12 -   // 13 -     return $result; } //  public function logout(){ $this->phpBB_user->session_kill(); $this->phpBB_user->session_begin(); } //   public function delete_user($mode = 'remove', $user_name = '') { // $mode = remove/retain -      //     id,    ,  id    -     . $sql = 'SELECT user_id, username FROM phpbb_users WHERE username_clean = "'.utf8_clean_string($user_name).'"'; $result = $this->phpBB_db->sql_query($sql); if (!($row = $this->phpBB_db->sql_fetchrow($result))) { $db->sql_freeresult($result); } do { $user_id_ary[] = $row['user_id']; } //  . $this->phpBB_db->sql_freeresult($result); if($user_id_ary){ //    -  return user_delete($mode, $user_id_ary, $retain_username = true); } return false; } //  . public function ban_user($user_name = '', $ban_minutes = 432000, $ban_reason = ''){ //   -     //  -   (user),   (ip),  email (email) return user_ban('user', $user_name, $ban_minutes, $ban_len_other = '', $ban_exclude = false, $ban_reason, $ban_give_reason = ''); } //  . public function unban_user($user_name = ''){ //   -     //  -   (user),   (ip),  email (email) //     id  $sql = 'SELECT b.ban_id, u.user_id FROM phpbb_users u, phpbb_banlist b WHERE u.username_clean = "'.utf8_clean_string($user_name).'" AND u.user_id = b.ban_userid'; $result = $this->phpBB_db->sql_query($sql); if (!($row = $this->phpBB_db->sql_fetchrow($result))) { $this->phpBB_db->sql_freeresult($result); } do { $user_ban_id_ary[] = $row['ban_id']; } $this->phpBB_db->sql_freeresult($result); return user_unban('user', $user_ban_id_ary); } //   . public function edit_user_pass($user_name ='', $user_pass) { if (empty($user_name) || empty($user_pass)){ return false; } $sql = 'UPDATE ' . $this->table_prefix . 'users SET user_password="' . md5($user_pass) . '" WHERE username_clean = "'.utf8_clean_string($user_name).'"'; $this->phpBB_db->sql_query($sql); return true; } }


Use in codeigniter - standardly - we connect library in the controller responsible for authorization.

Use my_phplib.php
  function __construct(){ parent::__construct(); $this->load->library('my_phpbblib'); } //  public function login(){ /*   */ $data = array(); $data['username'] = $this->input->post('login'); $data['user_password'] = $this->input->post('pass'); $data['autologin'] = $remember; //     . $registration_result = $this->my_phpbblib->login($data); /*   */ } //  public function registration(){ /*   */ $user_row['username'] = $user_login; $user_row['user_password'] = phpbb_hash($user_pass); $user_row['user_email'] = $user_email; $user_row['group_id'] = 2; $user_row['user_type'] = 0; //     $forum_id = $this->my_phpbblib->registration($user_row); /*   */ } //  public function logout() { /*   */ $this->my_phpbblib->logout($data); /*   */ } //  . public function delete($id = 0){ /*   */ $this->my_phpbblib->delete_user('remove', $user_login); /*   */ } //    public function change_pass(){ /*   */ //     $this->my_phpbblib->edit_user_pass($user_login, $user_pass); /*   */ } //  . public function ban(){ /*   */ //     . $b = $this->my_phpbblib->ban_user($user_login, 432000, $ban_reason); /*   */ } //  . public function unban(){ /*   */ $ub = $this->my_phpbblib->unban_user($user_login); /*   */ }


This method was done with phpBB 3.1.1 and phpBB 3.1.3 (after the update, no intervention was required).

Thanks for attention.

I would be glad if the article will help someone.

Source: https://habr.com/ru/post/253773/

More articles:


All Articles