ChatBlazer Support
http://customer.chatblazer.com/forums/

Integration with Joomla!
http://customer.chatblazer.com/forums/viewtopic.php?f=33&t=822
Page 1 of 1

Author:  samuel [ Fri Aug 27, 2010 6:01 am ]
Post subject:  Integration with Joomla!

Below is the user authentication script that will be called by the ChatBlazer server. Place the script in the base directory of your Joomla! installation.

Tested on Joomla! 2.5.

<?php
/**
* External user integration script for Joomla!
*
* Place this script in the base directory of your Joomla! installation.
*
* Joomla! Version: 1.5.18
* Last Update: 2010-06-10
*/

// Configuration
// If DEBUG is true, this script will accept HTTP GET requests. Use this for
// testing. Turn off for production!
$DEBUG = FALSE;
// If USE_SESSION is true, password supplied is actually session ID.
$USE_SESSION = FALSE;
// Invalidate session ID after this timeout (in seconds)
$SESSION_TIMEOUT = 1800;

// DO NOT EDIT BELOW THIS LINE ///////////////////////////////////////

$joomla_root_path = dirname(__FILE__) . '/';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
require_once($joomla_root_path . 'configuration.' . $phpEx);

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
   $username = $_POST['username'];
   $password = $_POST['password'];
}
elseif ($DEBUG) {
   $username = $_GET['username'];
   $password = $_GET['password'];
}

$ok = FALSE;
$config = new JConfig();

if ($username && $password) {
   $db = mysql_connect($config->host, $config->user, $config->password) or die(mysql_error());
   mysql_select_db($config->db, $db) or die('Select database failed: ' . mysql_error());

   if ($USE_SESSION) {
      $sql = 'SELECT u.username, u.block, t.time FROM ' . $config->dbprefix
         . 'session t LEFT JOIN ' . $config->dbprefix . 'users u ON t.userid = u.id WHERE t.session_id = \''
         . mysql_escape_string($password) . "'";

      $result = mysql_query($sql, $db) or die('mysql_query: ' . mysql_error());
      $row = mysql_fetch_assoc($result);
      if ($row && $row['block'] == '0') {
         // check time...
         $last = intval($row['time']);
         if (time() - $last < $SESSION_TIMEOUT) {
            $ok = TRUE;
            $username = $row['username'];
         }
      }
   }
   else {
      $sql = 'SELECT username, password, block FROM ' .$config->dbprefix
         . 'users WHERE username = \'' . mysql_escape_string($username) . "'";

      $result = mysql_query($sql, $db) or die('mysql_query: ' . mysql_error());
      while ($row = mysql_fetch_assoc($result)) {
         // Is user blocked?
         if ($row['block'] != 0) {
            continue;
         }
         $parts = explode(':', $row['password']);
         $crypt = $parts[0];
         $salt   = $parts[1];
         // crypt := md5(password + salt)

         if (strcmp($crypt, md5($password . $salt)) == 0) {
            $ok = TRUE;
            break;
         }
      }
   }
   if ($result) {
      @mysql_free_result($result);
   }
}

header('Content-Type: text/plain');
if ($ok) {
   $reply = array('username' => $username);
   echo http_build_query($reply);
}
?>

Page 1 of 1 All times are UTC - 5 hours [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/