sincronizing phpbb with asp website

[RFH Customer: terraqueotenaz]

Hi,

I have an asp based website. I use phpbbforum. I know there is a similiar to it like webwiz forum. Which one do you think has a better administration? I think phpbb, that´s why I preffer it.

Anyway, I´m trying to sinchronize the forum with my site. I tried using cookies, since using sessions for both it´s impossible.

Suppose that you login a user using asp:
and you create this cookie after the login verification. This cookie is supposed to be read by phpbbforum (I took it from it)

Code:

<%
Response.Cookies("phpbb2mysql_data").Expires = Date + 7
Response.Cookies("phpbb2mysql_data") = "a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A32%3A%2235a863da4dc5c3c700ed7ebdffec83ee%22%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D"
 
%>

A simple php code will read the cookie and log the user.

Code:

 
<?php 
$hostname = "localhost";		 
$username = "username";	 
$password = "password";
$usertable = "users";
$dbName = "bd";
MYSQL_CONNECT($hostname, $username, $password) OR DIE("Unable to connect to database"); 
@mysql_select_db( "$dbName") or die( "Unable to select database"); 
 
if(isset($HTTP_COOKIE_VARS["usNick"]) && isset($HTTP_COOKIE_VARS["usPass"])) 
{ 
$result = mysql_query("SELECT * FROM usuarios WHERE nick='".$HTTP_COOKIE_VARS["usNick"]."' AND password='".$HTTP_COOKIE_VARS["usPass"]."'"); 
if($row = mysql_fetch_array($result)) 
{ 
setcookie("usNick",$HTTP_COOKIE_VARS["usNick"],time()+7776000); 
setcookie("usPass",$HTTP_COOKIE_VARS["usPass"],time()+7776000); 
$loginCorrecto = true; 
$idUsuarioL = $row["id"]; 
$nickUsuarioL = $row["nick"]; 
$emailUsuarioL = $row["email"]; 
$nombreUsuarioL = $row["nombre"]; 
} 
else 
{ 
//Destruimos las cookies. 
setcookie("usNick","x",time()-3600); 
setcookie("usPass","x",time()-3600); 
} 
mysql_free_result($result); 
} 
 
 
if($loginCorrecto) 
{ 
echo "You are identified as ".$nickUsuarioL .$nombreUsuarioL; 
} 
else 
{ 
echo "Welcome Guest, the system did not recognize you"; 
} 
?>

This is in theory how pbpbbforum would read the cookie and automatically log the user to the forum, isn´t it?

I don´t know the real php code of the forum when it comes to read cookies. Anybody has an idea? I already tried this, but it seems that phpbb forum codifies passwords and prints user session in cookie. How can I dow the same codifiying of passwords and include that kind of session in cookies created with an asp page?

Anybody had an experience to share?

Thank you for your time

[Staff: Warren Ashcroft]

Hello There,
I think PHPbb secures its cookie session, making them almost impossible to recreate in ASP for example.

However, there are a few threads on the PHPbb forum that show how to add a login form onto your website, away from your forum. Does they help?

Regards,
Warren Ashcroft

[RFH Customer: terraqueotenaz]

Hi,

I want to tell you that I tried a different method:

submit.htm

Code:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Usuario</title>
</head>
<body>
<form action="foro/login.php" method="post">
<input type="hidden" name="redirect" value="../check.asp">
Usuario:&nbsp;<input type="text" name="username" size="10" /><br>
Contrase&ntilde;a:&nbsp;<input type="password" name="password" size="10" maxlength="32" /><br />
&nbsp;&nbsp; &nbsp;&nbsp;Entrar automáticamente en cada visita
	  <input class="text" type="checkbox" name="autologin" />
	  &nbsp;&nbsp;&nbsp;
	  <input type="submit" class="mainoption" name="login" value="Login" />
</form>
</body>
</html>

This submits username and password into phpbb´s database. Logs the user and redirects immediatley back to an aps page called check.asp. The phpbb page generated a session id, which was output like this: ...?sid=2892838sd829230 When it´s redirected back to check.asp takes the sid string with it.

check.asp

Code:

<% 
numsess=request.querystring("sid")
If numsess="" then
	response.write "<center>No se ha logueado"
	response.write "<form>"
	response.write "<input type='button' value='Return to Form' onclick=history.go(-1)>"
	response.write "</form></center>"
Else
Session("sessionid")= numsess
Response.Write "<SCRIPT LANGUAGE='JavaScript'>ss = 'micuenta.asp'; redirectionTime = '5000';redirectionURL = ss; function redirectionTimer() { self.setTimeout('self.location.href = redirectionURL;',redirectionTime); }</script><html><head></head><body onLoad='redirectionTimer()'><body>"
Response.Write "Tu numero de sesion es " & Session("sessionid")
%>
</body>
</html>
<%
End If
%>

Pick up the sid string and validate. If it´s empty write "you are not logged" else: makes a session, I will use this session for my asp website, and has the same value as the session id generated from phpbb forum.

At this point you could go to your phpbbforum and see that you are logged in.

But what happens if you go back to check.asp? Well, it will tell you that you are not logged in because you don´t have the sessionid string anymore.

That´s why I created a redirection in check.asp to micuenta.asp (myaccount.asp) This is where the user will have it´s account information extracted form the same phpbb forum db.

micuenta.asp (myaccount.asp)

Code:

<%
If Session("sessionid")= "" then
	response.write "<center>No se ha logueado"
	response.write "<form>"
	response.write "<input type='button' value='Return to Form' onclick=history.go(-1)>"
	response.write "</form></center>"
Else
dim conn 
dim conn_string 
conn_string = "DRIVER={MySQL ODBC 3.51 Driver};SERVER=localhost;"_ 
						& " DATABASE=forum;UID=user;PWD=pass; OPTION=16387"
Set conn = Server.CreateObject("ADODB.Connection") 
conn.Open(conn_string) 
strQuery = "SELECT phpbb_users.username FROM phpbb_users, phpbb_sessions WHERE phpbb_users.user_id=phpbb_sessions.session_user_id AND phpbb_sessions.session_id= '" & numsess & "'"
Set RS = conn.Execute(strQuery) 
%>
<html>
<head>
<title>New Page 2</title>
</head>
<body>
<%
Response.Write "Bienvenido " & RS("username") & " estas logueado en sitio y foro. "
%>
<br> 
</body>
</html>
<%
RS.Close
Set RS = Nothing
End If
%>

It used to work a moment ago. it seems like it´s a session problem. At this point I´m supposed to be reading the session created in the asp page.

I get the error:
Error type:
(0x80020009)
An exception occured.
/micuenta.asp, línea 27

I think that´s it, it should be a minor problem. Hope anybody can cooperate and get their phpbbforum sinchronized like I´m doing.

Note: I´m running this in my computer right now.

Thank you for your time and interest.

[RFH Customer: terraqueotenaz]

Hi,

I want to tell you that I tried a different method:

submit.htm

Code:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Usuario</title>
</head>
<body>
<form action="foro/login.php" method="post">
<input type="hidden" name="redirect" value="../check.asp">
Usuario:&nbsp;<input type="text" name="username" size="10" /><br>
Contrase&ntilde;a:&nbsp;<input type="password" name="password" size="10" maxlength="32" /><br />
&nbsp;&nbsp; &nbsp;&nbsp;Entrar automáticamente en cada visita
	 <input class="text" type="checkbox" name="autologin" />
	 &nbsp;&nbsp;&nbsp;
	 <input type="submit" class="mainoption" name="login" value="Login" />
</form>
</body>
</html>

This submits username and password into phpbb´s database. Logs the user and redirects immediatley back to an aps page called check.asp. The phpbb page generated a session id, which was output like this: ...?sid=2892838sd829230 When it´s redirected back to check.asp takes the sid string with it.

check.asp

Code:

<% 
numsess=request.querystring("sid")
If numsess="" then
	response.write "<center>No se ha logueado"
	response.write "<form>"
	response.write "<input type='button' value='Return to Form' onclick=history.go(-1)>"
	response.write "</form></center>"
Else
Session("sessionid")= numsess
Response.Write "<SCRIPT LANGUAGE='JavaScript'>ss = 'micuenta.asp'; redirectionTime = '5000';redirectionURL = ss; function redirectionTimer() { self.setTimeout('self.location.href = redirectionURL;',redirectionTime); }</script><html><head></head><body onLoad='redirectionTimer()'><body>"
Response.Write "Tu numero de sesion es " & Session("sessionid")
%>
</body>
</html>
<%
End If
%>

Pick up the sid string and validate. If it´s empty write "you are not logged" else: makes a session, I will use this session for my asp website, and has the same value as the session id generated from phpbb forum.

At this point you could go to your phpbbforum and see that you are logged in.

But what happens if you go back to check.asp? Well, it will tell you that you are not logged in because you don´t have the sessionid string anymore.

That´s why I created a redirection in check.asp to micuenta.asp (myaccount.asp) This is where the user will have it´s account information extracted form the same phpbb forum db.

micuenta.asp (myaccount.asp)

Code:

<%
If Session("sessionid")= "" then  <------- 1st error was Here too-------------------------
	response.write "<center>No se ha logueado"
	response.write "<form>"
	response.write "<input type='button' value='Return to Form' onclick=history.go(-1)>"
	response.write "</form></center>"
Else
dim conn 
dim conn_string 
conn_string = "DRIVER={MySQL ODBC 3.51 Driver};SERVER=localhost;"_ 
						& " DATABASE=forum;UID=user;PWD=pass; OPTION=16387"
Set conn = Server.CreateObject("ADODB.Connection") 
conn.Open(conn_string) 
strQuery = "SELECT phpbb_users.username FROM phpbb_users, phpbb_sessions WHERE phpbb_users.user_id=phpbb_sessions.session_user_id AND phpbb_sessions.session_id= '" & numsess & "'"  <------------ " 2 error Was here
Set RS = conn.Execute(strQuery) 
%>
<html>
<head>
<title>New Page 2</title>
</head>
<body>
<%
Response.Write "Bienvenido " & RS("username") & " estas logueado en sitio y foro. "
%>
<br> 
</body>
</html>
<%
RS.Close
Set RS = Nothing
End If
%>

It used to work a moment ago. it seems like it´s a session problem. At this point I´m supposed to be reading the session created in the asp page.

I get the error:
Error type:
(0x80020009)
An exception occured.
/micuenta.asp, línea 27

I think that´s it, it should be a minor problem. Hope anybody can cooperate and get their phpbbforum sinchronized like I´m doing.

Note: I´m running this in my computer right now.

Thank you for your time and interest.

The first erros has to be replaced with:
autorizado = Session("sessionid")
If autorizado= "" then
response.write "<center>No se ha logueado"
response.write "<form>"
...........

The second erros has to be replaced with:
'" & autorizado & "'"

Now, it´s a matter of spending more hours to develop a complete sinchronized system