1
sudhaker
Autologin Hack for 2.0.10-beta2
  • 2005/3/28 21:08

  • sudhaker

  • Not too shy to talk

  • Posts: 117

  • Since: 2003/2/6 2


Orig Ref: http://xoops.biz/x7/modules/myhacks/index.php?id=2

---

Hack: Remember Me + Login using Email + Register with Real Name (for xoops-2.0.9.2 & xoops-2.0.10.b2)

Hi Xoopsers,

This is my first XOOPS hack released to public. This hack is highly influenced by GIJOE auto-login hack. This does exactly same thing but my approach is little refined (I think so, feel free to disagree).


Features:

1. Similar to gMail's "don't ask for my password for 2 weeks", your members will get an option for activating "auto-login". This which will keep them logged on a browser for next one week even after the browser was closed. If member browses the site within a week, the duration will get extended (tell me if it is good or bad)?

2. Members get option of using any of loginid or email to login.

3. New members will be asked for 'Real Name' at the time of registration. I found many people too lazy to update their profile, so now their profile will have their name for sure. Also an invalid or garbage name strongly indicates the ill-intention of newly registered user, who can be banned immediately to prevent any possible misuse. Why core team has this great feature commented


Followings are major difference from GIJOE hack:

1. In place of making a localized code change, I also changed "kernel/member.php" and added two new methods loginUserAuto (auto-login someone using saved cookies) and loginUserEmail (login someone using email as username).

2. I am using value stored in actkey column for auto-login feature. I too am totally against of storing the MD5 of real password in user cookies (like the author of original auto-login and several other people). So here is perhaps the safer work-around. MD5 of actkey is sent to user's browser as cookies and the same is matched for auto-login. I found this column useless after user activation - so why don't we use it. With recent patch - actkey is getting new random value every time user changes the password - so saved cookies will become invalid. SAFER NOW

Minor differences:

1. I had to change "kernel/user.php" also as it was not persisting actkey column for any existing user. This column useless after user activation

2. _MB_SYSTEM_REMEMBERME is not used. Rather global variable _REMEMBERME is used to render 'system_userform.html' and 'system_block_login.html' both. It is not duplicated and more consistent like other constants _USERNAME and _PASSWORD.

3. Using cookie name 'autologin_key' in place of 'autologin_pass'

4. Using xoops's standard function checkEmail() to test if email was passed as userId.

Looking forward to get feedback from people

------------------------------------------------------

Q. How to install hack?

A. You should know what you are doing.

Get files from http://xoops.biz/x7/modules/mydownloads/

* This patch is tested to work on version 2.0.9.x only and just overwrite original files with the supplied ones. (For older versions, search for the word "SRAJ" in hacked files and merge the changes manually).

Updated: There is a patch available for 2.0.10.b2. Please report me any bug or problems. This will help me releasing well tested code for 2.0.10

* After overwriting files, don't forget to update system module.

Check GIJOE documentation for more options.

Done, Enjoy...

Cheers,
Sudhaker

2
sudhaker
Re: Autologin Hack for 2.0.10-beta3
  • 2005/4/1 7:22

  • sudhaker

  • Not too shy to talk

  • Posts: 117

  • Since: 2003/2/6 2


Updated for beta3 too.

Cheers,

3
fredski
Re: Autologin Hack for 2.0.10-beta3
  • 2005/4/1 13:45

  • fredski

  • Quite a regular

  • Posts: 265

  • Since: 2004/1/26


Im currently using XOOPS 2.0.9.2 and would like to install the auto login hack. The thing is I don't use the login block, instead I have the following code in my theme template leaving the space free for other blocks:
<table width="100%" border="0" cellspacing="0" cellpadding="0">
            <
tr
              <
td valign="baseline"> <{if $xoops_isuser}>&nbsp;&nbsp;&nbsp;&nbsp;Welcome Back&nbsp;<a href="<{$xoops_url}>/user.php"><{$xoops_uname}>a
                <{else}>
<
form action="<{$xoops_url}>/user.php" method="post">
                  <
div align="right"><span class="navtext">Namespan
                    <
input type="text" name="uname" class="navinput" size="12" />
                    <
span class="navtext"Passspan 
                    <
input type="password" name="pass" class="navinput" size="12" />
                    <
input type="hidden" name="op" value="login" />
                    <
input type="submit" value="login" class="button" />
                    &
nbsp;&nbsp;
                    <
input type="checkbox" name="rememberme" value="On" class="formButton" />
                    &
nbsp;Remember Me? &nbsp;&nbsp;<a href="<{$xoops_url}>/user.php#lost">Lost 
                    Password
?a> | <a href="<{$xoops_url}>/register.php">Register!a>&nbsp;&nbsp
                  div>
                form>
                <{/if}>td>
            tr>
          table>td>

        tr>

Would I need to make any changes to the above code for this hack to work? If so what would need altering and to what?

Any help as allways would be much appreciated.
Thanks

4
sudhaker
Re: Autologin Hack for 2.0.10-beta3
  • 2005/4/1 15:23

  • sudhaker

  • Not too shy to talk

  • Posts: 117

  • Since: 2003/2/6 2


You are good to go

The only needed form field is following:

<input type="checkbox" name="rememberme" value="On" class ="formButton" /> <{$block.lang_rememberme}><br /><{* autologin hack SRAJ *}>


And all this hack will care is getting rememberme=On when login form is submitted. Form's look and feel is only limited to your imaginations

Cheers,

5
fredski
Re: Autologin Hack for 2.0.10-beta3
  • 2005/4/1 16:00

  • fredski

  • Quite a regular

  • Posts: 265

  • Since: 2004/1/26


Cheers :)

6
sudhaker
Re: Autologin Hack for 2.0.10-RC
  • 2005/4/4 15:11

  • sudhaker

  • Not too shy to talk

  • Posts: 117

  • Since: 2003/2/6 2


Updated for 2.0.10.RC too. Please keep me posted with any suggestions / bugs.

Info: http://xoops.biz/x7/modules/myhacks/index.php?id=2

Download: http://xoops.biz/x7/modules/mydownloads/viewcat.php?cid=1

Cheers,

7
sudhaker
Re: Autologin Hack for 2.0.10-RC2
  • 2005/4/13 15:21

  • sudhaker

  • Not too shy to talk

  • Posts: 117

  • Since: 2003/2/6 2


Updated for 2.0.10.RC2 Please keep me posted with any suggestions / bugs.

Info: http://xoops.biz/x7/modules/myhacks/index.php?id=2

Download: http://xoops.biz/x7/modules/mydownloads/viewcat.php?cid=1

Cheers,

8
sudhaker
Autologin Hack for Xoops-2.0.10 is Ready.
  • 2005/4/25 17:14

  • sudhaker

  • Not too shy to talk

  • Posts: 117

  • Since: 2003/2/6 2


Autologin Hack for Xoops-2.0.10 is Ready.
Please check

Page: http://xoops.biz/x7/modules/myhacks/index.php?id=2

Download: http://xoops.biz/x7/modules/mydownloads/

Thanks,

Login

Who's Online

199 user(s) are online (108 user(s) are browsing Support Forums)


Members: 0


Guests: 199


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits