Clever Geek Handbook

Application using phpBB session data - cannot use shortcode

I have created web applications before using phpBB session and user data. The general move is to use code like this:

define('IN_PHPBB', true);
//replace $phpbb_root_path with path to your forum
$phpbb_root_path = '../forum/';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);

// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();

However, with the inclusion common.php

, I bring with me a bunch of other methods that run into other methods I have installed.

In my example, I am launching an application using CodeIgniter, which already has a "redirect" method. This question should apply to those who have pre-built methods that can work in phpBB methods.

Basically, all I have to do is:

  • Make sure the user is signed in $user->data[username] == Anonymous

  • Use data from "$ user-> data" such as user id, screen name, etc.

Can I grab the array $user->data

and somehow save it to my session? Anyone have any ideas on this? Thanks in advance!

+1


source to share


2 answers


You are facing the main reason I hate the frame. You never know what exactly is included. Especially when the code is not object oriented. (much better if your function belongs to objects rather than floating in global space.)

Assuming your code already has a session handler installed, there is nothing to prevent you from using regular session commands.

for example: $ _SESSION ['user_data_array'] = $ user-> data;

and then using the session data



$ data = $ _SESSION ['user_data_array'];

When a session handler is written, it replaces the current session handler. (I am assuming this is done so that the session is stored in the database and not on the server.)

If it hasn't been replaced, you can still use PHP's default session handler. Always remember that session data is saved in a folder on the current web server. Therefore, if your application runs on multiple servers, the session data will not be available if the user is served by another server on a subsequent visit. (hence the need to write session handlers to persist session data across multiple servers.)

+1


source


phpBB changed the algorithm for checking the password stored in the database from version 2.x to 3.0. (It was just an MD5 feature.) But if you can find their URL with a semi-SDK (don't have it handy), there are posts on how to use their user validation at a higher level of abstraction than you describe.

This is a case where, if you are going to use your resource, you need to do it your way (which is more explicit in this case than before).



I agree with this in a dizzying decision; especially since phpBB doesn't have a particularly great record of design quality.

+1


source






More articles:


All Articles