It is currently Sun Apr 30, 2017 12:49 pm




 Page 1 of 1 [ 1 post ] 
Author Message
 Post subject: Integration with Joomla!
PostPosted: Fri Aug 27, 2010 6:01 am 
Support Staff

Joined: Fri Nov 01, 2002 4:06 am
Posts: 43
Below is the user authentication script that will be called by the ChatBlazer server. Place the script in the base directory of your Joomla! installation.

Tested on Joomla! 2.5.

<?php
/**
* External user integration script for Joomla!
*
* Place this script in the base directory of your Joomla! installation.
*
* Joomla! Version: 1.5.18
* Last Update: 2010-06-10
*/

// Configuration
// If DEBUG is true, this script will accept HTTP GET requests. Use this for
// testing. Turn off for production!
$DEBUG = FALSE;
// If USE_SESSION is true, password supplied is actually session ID.
$USE_SESSION = FALSE;
// Invalidate session ID after this timeout (in seconds)
$SESSION_TIMEOUT = 1800;

// DO NOT EDIT BELOW THIS LINE ///////////////////////////////////////

$joomla_root_path = dirname(__FILE__) . '/';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
require_once($joomla_root_path . 'configuration.' . $phpEx);

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
   $username = $_POST['username'];
   $password = $_POST['password'];
}
elseif ($DEBUG) {
   $username = $_GET['username'];
   $password = $_GET['password'];
}

$ok = FALSE;
$config = new JConfig();

if ($username && $password) {
   $db = mysql_connect($config->host, $config->user, $config->password) or die(mysql_error());
   mysql_select_db($config->db, $db) or die('Select database failed: ' . mysql_error());

   if ($USE_SESSION) {
      $sql = 'SELECT u.username, u.block, t.time FROM ' . $config->dbprefix
         . 'session t LEFT JOIN ' . $config->dbprefix . 'users u ON t.userid = u.id WHERE t.session_id = \''
         . mysql_escape_string($password) . "'";

      $result = mysql_query($sql, $db) or die('mysql_query: ' . mysql_error());
      $row = mysql_fetch_assoc($result);
      if ($row && $row['block'] == '0') {
         // check time...
         $last = intval($row['time']);
         if (time() - $last < $SESSION_TIMEOUT) {
            $ok = TRUE;
            $username = $row['username'];
         }
      }
   }
   else {
      $sql = 'SELECT username, password, block FROM ' .$config->dbprefix
         . 'users WHERE username = \'' . mysql_escape_string($username) . "'";

      $result = mysql_query($sql, $db) or die('mysql_query: ' . mysql_error());
      while ($row = mysql_fetch_assoc($result)) {
         // Is user blocked?
         if ($row['block'] != 0) {
            continue;
         }
         $parts = explode(':', $row['password']);
         $crypt = $parts[0];
         $salt   = $parts[1];
         // crypt := md5(password + salt)

         if (strcmp($crypt, md5($password . $salt)) == 0) {
            $ok = TRUE;
            break;
         }
      }
   }
   if ($result) {
      @mysql_free_result($result);
   }
}

header('Content-Type: text/plain');
if ($ok) {
   $reply = array('username' => $username);
   echo http_build_query($reply);
}
?>



_________________
Samuel
ChatBlazer Support
Offline
 Profile  
 
Display posts from previous:  Sort by  
 Page 1 of 1 [ 1 post ] 


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

cron