FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum » How To » using the forum _inside_ another php script
Show: Today's Messages :: Unread Messages :: Show Polls :: Message Navigator
| Subscribe to topic | Bookmark topic 
Switch to threaded view of this topic Create a new topic Submit Reply
using the forum _inside_ another php script [message #16050] Mon, 12 January 2004 20:18 Go to next message
hello-world is currently offline  hello-world   India
Messages: 47
Registered: December 2003
Karma: 0
Member
add to buddy list
ignore all messages by this user
Hi,

When trying to use fudforum as feedback mechanism, I tried calling the forum _inside_ another php
script.

something like.

readfile("http://" . $_SERVER["SERVER_NAME"] . "/forum/?t=tree&th=2");

This - quite unexpectedly - doesn't work. Actually, it works, but the user information gets lost
and it shows as anonymous. I guess the problem lies in setting up the cookies.

Could you tell me if there is a simple way out of this? Or do I need to go into detailed php cookie
handling?

I am not sending any output before the "readfile". In fact, if I replace "readfile" with a
redirection "header()", it works fine.


Thanks.

[Updated on: Tue, 13 January 2004 00:32]

Report message to a moderator

Re: using the forum _inside_ another php script [message #16052 is a reply to message #16050] Tue, 13 January 2004 01:09 Go to previous messageGo to next message
hello-world is currently offline  hello-world   India
Messages: 47
Registered: December 2003
Karma: 0
Member
add to buddy list
ignore all messages by this user

I figured this much out:

The cookies are set only for the path /forum and not for the script
from which I call the forum.

So I changed the COOKIE_PATH variable to "/" but then the whole damn
thing stopped working. I mean, no more logging in.

So now the question is: how do I use the same cookies for the whole
site?, that every one of the scripts should get the cookies set by the
forum.

Thanks.


[Updated on: Tue, 13 January 2004 01:13]

Report message to a moderator

Re: using the forum _inside_ another php script [message #16053 is a reply to message #16052] Tue, 13 January 2004 01:34 Go to previous messageGo to next message
hello-world is currently offline  hello-world   India
Messages: 47
Registered: December 2003
Karma: 0
Member
add to buddy list
ignore all messages by this user


php manual says setting the cookie path to "/" would make the cookie
valid for the whole domain.

So is there something more to be done.

My requirement is simple. I need the cookie set by fudforum to be
available to all the other scripts.

Thanks.
Re: using the forum _inside_ another php script [message #16057 is a reply to message #16053] Tue, 13 January 2004 08:59 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
Change the cookie path from what it is now to /

FUDforum Core Developer
Re: using the forum _inside_ another php script [message #16077 is a reply to message #16057] Tue, 13 January 2004 11:42 Go to previous messageGo to next message
hello-world is currently offline  hello-world   India
Messages: 47
Registered: December 2003
Karma: 0
Member
add to buddy list
ignore all messages by this user

But then it stopped working altogether. I mean, when I do that, I
can't login. I get logged out immediately.

So there must be some other problem?


Re: using the forum _inside_ another php script [message #16078 is a reply to message #16077] Tue, 13 January 2004 11:44 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
Check that the cookie is being set.

FUDforum Core Developer
Re: using the forum _inside_ another php script [message #16079 is a reply to message #16078] Tue, 13 January 2004 11:48 Go to previous messageGo to next message
hello-world is currently offline  hello-world   India
Messages: 47
Registered: December 2003
Karma: 0
Member
add to buddy list
ignore all messages by this user
OK.

But will fudforum be able to get the cookie variables if called as

readfile("forum/?t=tree&th=22");

Or maybe I should do the cookie processing and set the user_id
variable before I call readfile. I will see.

Yeah, I think readfile might create a whole new set of data, and
fudforum may not be getting any cookies at all. I have to figure out
the exact workings of readfile.


THe feedback system works if I use a redirection to the forum,
instead of calling readfile, but I wanted to make it absolutely
transparent. This would have been the ideal solution.

I will get some info and come back.

Thanks.

[Updated on: Tue, 13 January 2004 12:01]

Report message to a moderator

Re: using the forum _inside_ another php script [message #16083 is a reply to message #16079] Tue, 13 January 2004 13:07 Go to previous messageGo to next message
hello-world is currently offline  hello-world   India
Messages: 47
Registered: December 2003
Karma: 0
Member
add to buddy list
ignore all messages by this user


Hey I got it.

Cookies are not passed through a call to readfile().

So I do a cookie processing before that and convert it into session
variables and call fudforum as

readfile(http://fudforum/?djlf. "&S=" . _COOKIE["$GLOBALS['COOKIE_NAME']").

It works fine. Absolutely. It has to anyway.

But I need to know what is the "SQ" variable, and how to create it using the cookie values.

And I am sorry to post like this in bits and pieces, but I am fucking learning the damn php along
the way.

Thanks a lot.

[Updated on: Tue, 13 January 2004 13:11]

Report message to a moderator

Re: using the forum _inside_ another php script [message #16087 is a reply to message #16083] Tue, 13 January 2004 14:10 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
SQ is generated automatically, you don't need to worry about it.

FUDforum Core Developer
Re: using the forum _inside_ another php script [message #16088 is a reply to message #16087] Tue, 13 January 2004 14:40 Go to previous messageGo to next message
hello-world is currently offline  hello-world   India
Messages: 47
Registered: December 2003
Karma: 0
Member
add to buddy list
ignore all messages by this user


But it doesn't work if I don't use the "SQ" variable.

It works, when I manually cut and pasted the "SQ" from a link in the
forum,

But when I simply give "S=_cookie_", it is still showing Anonymous
user. The forum isn't getting _any_ cookies, it just gets the
session_id=_cookie_number.

Thanks.
Re: using the forum _inside_ another php script [message #16092 is a reply to message #16088] Tue, 13 January 2004 17:04 Go to previous messageGo to next message
hello-world is currently offline  hello-world   India
Messages: 47
Registered: December 2003
Karma: 0
Member
add to buddy list
ignore all messages by this user



There is something called as "strict SQ match" in index.php.

I gave a "return $u" just before that and it works fine.

I don't know if it will engender some unsavoury side effects, but now
it is going to be damn transparent.


Thanks.
Re: using the forum _inside_ another php script [message #16107 is a reply to message #16092] Wed, 14 January 2004 11:38 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
The forum is not getting any cookies because when you do readfile() the request comes from PHP and not you, so no cookies are being sent.

When URL sessions are in use strict checks are done, which means SQ is validated on every page. The lack of SQ is preventing you from 'appearing' as a registered user. There is no easy way to fetch SQ because a new one is generated every request.


FUDforum Core Developer
Re: cookies for the whole domain [message #16134 is a reply to message #16057] Thu, 15 January 2004 14:31 Go to previous messageGo to next message
Wild_Cat is currently offline  Wild_Cat   Ukraine
Messages: 144
Registered: November 2002
Location: Odessa, Ukraine
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
I have a similar wish for cookies to be valid for the whole domian. When I set the path to / the cookies stop being set. Although the old cookie continues to be read fine after this change, but when I delete the cookie, the new one is not set. The question is - why? It's not about browser permissions - I gave absolute permissions for cookies manipulations to the localhost site!

BUT - when I leave the cookie host empty string, the cookies begin to work with cookie domain / !!! As far as I understand, the browser starts accepting cookies when its domian is not proposed by the script but taken by browser itself?

And I swear I would never think of leaving the cookie domain string empty if this was not the state the FUDforum 2.6.0 installation wrote it by default...


Lady of Avalon
Re: cookies for the whole domain [message #16143 is a reply to message #16134] Fri, 16 January 2004 11:05 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
You should not leave the cookie host empty, that may cause problems in various browsers.

FUDforum Core Developer
Re: cookies for the whole domain [message #16160 is a reply to message #16143] Fri, 16 January 2004 16:33 Go to previous messageGo to next message
Wild_Cat is currently offline  Wild_Cat   Ukraine
Messages: 144
Registered: November 2002
Location: Odessa, Ukraine
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
Ilia () , 16 2004 18:05

You should not leave the cookie host empty, that may cause problems in various browsers.

As far as we see, setting the cookie host to what it should be while trying to make cookies valid for the whole domain actually causes such problems for 3 most used browsers that we can't login any more! What should we do then? How to make the cookie work for the whole doamin otherwise and be accepted by the browser too??? (Just a tiny note once more: it doesn't set any cookies even when the domain in question is explicitely given maximum permissions in browser cookie and/or security settings!)


Lady of Avalon

[Updated on: Fri, 16 January 2004 16:34]

Report message to a moderator

Re: cookies for the whole domain [message #16162 is a reply to message #16160] Fri, 16 January 2004 16:38 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
At max permissions all cookies are rejected, at max - 1 your website needs to have a special setting that validates cookies (at least in IE).

Check what cookie header is being sent by PHP and post it (including the actual domain name).


FUDforum Core Developer
Re: cookies for the whole domain [message #16166 is a reply to message #16162] Fri, 16 January 2004 19:27 Go to previous messageGo to next message
Wild_Cat is currently offline  Wild_Cat   Ukraine
Messages: 144
Registered: November 2002
Location: Odessa, Ukraine
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
I didn't mean max settings in IE, I meant accept all cookies from this site in Mozilla cookie manager & inclusion in trusted sites in IE, both browsers security for cookies is set to accept cookies for the domain they are sent from - that's my level, but I just added localhost as especially trusted sites when I had login problems yet with local version of 2.5.0. Opera set to accept all cookies from all sites does not even try to create the cookie, it seems - no error alerts for invalid paths or domains... nothing as if the cookie was not being sent

(Well, I wander too why is that your installer is leaving domain empty if it shouldn't be done Wink )

I am running for now 2.6.0 on localhost (no wish to experiment with alive forum)

Here is what I have for cookies while path is set to / & domain left empty (working logins):

Set-Cookie: fud_session_148542139=59d490552689e2c4546ca5cf43a7ec2b; expires=Fri, 30-Jan-04 22:20:21 GMT; path=/[/face]
response
Cookie: fud_session_148542139=59d490552689e2c4546ca5cf43a7ec2b[/face]

If I set path to / & domain to localhost while the cookie still exists, I can login & all OK. But if I destroy the cookie with such settings the cookie doesn't want to be set:

Set-Cookie: fud_session_148542139=7d7a7013f5cd56045f0e4c83bd167075; expires=Fri, 30-Jan-04 22:36:34 GMT; path=/; domain=localhost
[/face]

and that's all, no new cookie appears in my browser!

The same thing happens when path is set to /forum/ anyway!

Set-Cookie: fud_session_148542139=f8e46c57174d2f3b2c7aa0965b1365fd; expires=Fri, 30-Jan-04 22:39:24 GMT; path=/forum/; domain=localhost[/face]

So if the cookie does not already exist, it doesn't want to be created this way!

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
LiveHHTP Headers extension for Mozilla used (I don't know how to capture them otherwise)

But what browsers are having problems with omitting the domain if they should use the same domain wich sets the cookies according to standards? Or is it a security issue? Or localhost one?...


Lady of Avalon

[Updated on: Fri, 16 January 2004 20:01]

Report message to a moderator

Re: cookies for the whole domain [message #16167 is a reply to message #16166] Fri, 16 January 2004 19:30 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
You cannot set a cookie on localhost it's not a valid domain because it does not contain @ least 2 dots. In this case you should not be using a cookie domain, set it to "" inside GLOBALS.php

FUDforum Core Developer
Re: cookies for the whole domain [message #17313 is a reply to message #16167] Wed, 24 March 2004 09:03 Go to previous messageGo to next message
spyder is currently offline  spyder   Germany
Messages: 5
Registered: March 2004
Karma: 0
Junior Member
add to buddy list
ignore all messages by this user
I entered another domain name for 127.0.0.1 in c:/windows/system32/drivers/etc/hosts (www.domain.loc) and set this as the ServerName in apache's httpd.conf.

Still, FUDforum doesn't set any cookies and continues with url sessions.

In http://www.domain.loc/forum/adm/admglobal.php I set Cookie Path: /forum/ and Cookie Domain: .domain.loc and every other setting default. My Browser (Mozilla) is instructed to accept all cookies.

What could be my problem.

TIA

PS: I just realized, that it's not the cookie any more, but the SQ= thing. But if I use index.php/f/1/2/ instead of index.php/f/1/2/?SQ=2aaf... it works as well. So, why can't I get rid of the SQ= thing?

PPS: I asked the same question in http://fud.prohost.org/forum/index.php?t=msg&th=3254, maybe this is a better place to answer.

[Updated on: Wed, 24 March 2004 11:05]

Report message to a moderator

Re: cookies for the whole domain [message #17315 is a reply to message #17313] Wed, 24 March 2004 20:06 Go to previous messageGo to next message
Wild_Cat is currently offline  Wild_Cat   Ukraine
Messages: 144
Registered: November 2002
Location: Odessa, Ukraine
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
It was discussed before (don't remember where) - a security measure, omitting out of question, i'm still thinking about a hack Smile

Lady of Avalon
@ Wildcat [message #17331 is a reply to message #16050] Thu, 25 March 2004 22:20 Go to previous message
spyder is currently offline  spyder   Germany
Messages: 5
Registered: March 2004
Karma: 0
Junior Member
add to buddy list
ignore all messages by this user
Quote:

It was discussed before (don't remember where)...


Unfortunately I cannot search for "SQ" and I don't know any other technical term for it.

Quote:

... - a security measure, omitting out of question, i'm still thinking about a hack


Ilia gave me a short answer about the importance of the SQ value in this thread: http://fud.prohost.org/forum/index.php?t=msg&th=3254 and I described a rough layout, how it could be transported by means of cookies. If you have any suggestions, they will be welcome.

[Updated on: Thu, 25 March 2004 22:24]

Report message to a moderator

Quick Reply
Formatting Tools:   
  Switch to threaded view of this topic Create a new topic
Previous Topic: Translation of QUOTE
Next Topic: Name instead of Login
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Mon Dec 18 02:16:13 EST 2017

Total time taken to generate the page: 0.01072 seconds