1
PlaneGuy
is username/pass saved accessible via a session variable
  • 2007/9/9 7:22

  • PlaneGuy

  • Just popping in

  • Posts: 10

  • Since: 2004/11/1


I have an existing web application, that is currently not integrated intro Xoops, however is using the xoops_user table for its user login information.

ie the web app is hosted in the same domain, but is not integrated. What I'd like to do is this;

if a user logs in to the XOOPS website, and then goes to the webapp, the web app, can extract the XOOPS username/password (I presume it'll be hashed in some way) from a session or cookie or similar. This will save the user logging in twice.

(I want to do as little editing of this web app as possible at this stage, so am not aiming for full integration at this time, nor even including XOOPS authentication (the web app uses a lot of custom authentication)

2
PlaneGuy
Re: is username/pass saved accessible via a session variable
  • 2007/10/1 13:44

  • PlaneGuy

  • Just popping in

  • Posts: 10

  • Since: 2004/11/1


Does anyone know?

3
rlankford
Re: is username/pass saved accessible via a session variable
  • 2007/10/1 15:02

  • rlankford

  • Not too shy to talk

  • Posts: 158

  • Since: 2004/8/27


I'm probably not understanding you correctly, so I apologize if this post wastes your time.

Yes, there is a session created by XOOPS during authentication. The session look like this on my local debugger:

Resized Image

Beyond that, once you've included '/mainfile.php' at the top of any given php page, XOOPS sets up all kinds of nice object variables that contains important information. Specifically, there is an object called $XoopsUser that looks like this:

Resized Image

Notice that the 'vars' array contains both the user id and the hashed password of the current user. This is retained from page to page via the session. So, if a user comes to your XOOPS site, logs in, and then follows a link to another php page that, technically, isn't really apart of your XOOPS site, then all you need to do is include the mainfile.php file at the top of each of your php pages in your other application. You can then do things like:

$uid = !empty($xoopsUser) ? $xoopsUser->getVar("uid") : "";
$upw = !empty($xoopsUser) ? $xoopsUser->getVar("pass") : "";


to get access to these values.

For extra credit, if you've already gone to the trouble to add in an include for mainfile.php, you might as well give the site the appearance of being a XOOPS module. You can do this with 2 more lines. In general, you can wrap any html (or php) page into your XOOPS layout by doing the following:

<!-- This goes at the top of your html file -->
<?php
include_once '../mainfile.php';                // Load basic XOOPS environment (required).
include_once XOOPS_ROOT_PATH.'/header.php';        // Load page header (required).
?>


<!-- Whatever html or php content that is already in your file goes here -->

<!-- This goes at the bottom of your html file -->
<?php
include XOOPS_ROOT_PATH '/footer.php';        // Load page foot (required).
?>


Hope this helps...

4
PlaneGuy
Re: is username/pass saved accessible via a session variable
  • 2007/10/8 9:31

  • PlaneGuy

  • Just popping in

  • Posts: 10

  • Since: 2004/11/1


Thanks rlankford, however I seem to have hit a snag.

I include mainfile, however, I get the following error;
Quote:
PHP Fatal error: Call to a member function on a non-object in /var/www/vhosts/wodenses.org.au/httpdocs/include/common.php on line 35


This equates to the following line in common.php
Quote:
$xoopsSecurity->checkSuperglobals();


Sorry but objects in PHP are a bit past my debugging skills.

5
rlankford
Re: is username/pass saved accessible via a session variable
  • 2007/10/8 11:02

  • rlankford

  • Not too shy to talk

  • Posts: 158

  • Since: 2004/8/27


What do you get if you save the following file:

<!-- This goes at the top of your html file -->
<?php
include_once '../mainfile.php';                // Load basic XOOPS environment (required).
include_once XOOPS_ROOT_PATH.'/header.php';        // Load page header (required).
?>

<h1>Hello, world!</h1>
<p>This page should show up and be wrapped inside your XOOPS theme and such to look like any standard XOOPS page.</p>

<!-- This goes at the bottom of your html file -->
<?php
include XOOPS_ROOT_PATH '/footer.php';        // Load page foot (required).
?>


and save it as:

/var/www/vhosts/wodenses.org.au/httpdocs/helloworld.php

Then view it by going tohttp://wodenses.org.au/helloworld.php to see what it looks like.

Do you get the same error??

6
suico
Re: is username/pass saved accessible via a session variable
  • 2007/10/8 11:14

  • suico

  • Friend of XOOPS

  • Posts: 374

  • Since: 2003/7/24


Hi rlankford,

What tool do you use for debugging? I liked a lot the sessions displayed like this
Yogurt Social Network Service
Visit:http://www.marcellobrandao.eti.br/

7
rlankford
Re: is username/pass saved accessible via a session variable
  • 2007/10/8 18:34

  • rlankford

  • Not too shy to talk

  • Posts: 158

  • Since: 2004/8/27


Zend Studio.

http://www.zend.com/store/software/zend_studio/lp_on

Login

Who's Online

178 user(s) are online (95 user(s) are browsing Support Forums)


Members: 0


Guests: 178


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits