73 replies to this topic

[Ralph]

johnCarlson, on Mar 5 2007, 02:42 PM, said:

I have a new question that I haven't found on the forums yet but here it is.

I have the authenticate user snippet in my template so that it is on all pages. (maybe this is the first problem)

but then I am making another snippet for a newsletter and I have a form for the visitor to fill out and then submit to subscribe to the newsletter, but when you submit the form it returns the alert for the login form. I'm not sure what is going on.

<<< SNIP >>>
EDIT: this only happens when there is no user logged in!

EDIT: Well I figured this one out on my own . OK here is the issue, the snippet looks for $_POST['submit'] which is the submit button. , well I fixed my newsletter form by just changing the name of the submit button to nsubmit, so that when I submit that form it doesn't find the $_POST['submit'] variable

Yep, you found the reason behind the problem... A better fix would be to edit the authenticate_visitor snippet to use an alternate name for the submit, like auth_submit, as you will most likely have the same issue with other forms unless you make every one of them different than the standard submit...

[Bjarne]

I have played a little with the opportunities the if($_SESSION['validated']) make, and have integrated a link to the login page in my main menu, that switches from "log in" to "log out" when $validated == true. This looks good, but I think it is on click to much as long as you have to go to the page where the autenticate_visitor snippet resides to click the logout button. How can I make the user logged out simply by clicking the "log out" in the main menu, no matter wich page he is reading? Do I have to call the snippet in the template, and remove the output? Something like <a href="#" onClick="logout.submit()">Log out</a> should do the trick, but how?

Edited by Bjarne, 20 March 2007 - 05:46 PM.

[Jelmer]

Luckely "someone" already created a snippet for this

It's attached at the bottom of this post: http://www.etomite.com/index.php?sh...d&pid=39232

[Bjarne]

Jelmer, on Mar 20 2007, 06:59 PM, said:

Luckely "someone" already created a snippet for this

It's attached at the bottom of this post: http://www.etomite.com/index.php?sh...d&pid=39232

Excellent. Just what I needed. I only had to make a small adjustment, so the user stays put if it is an unprotected page, and to the loginpage if it is an protected one.

[Cris D.]

I am studting this snippet in an attempt to understand how forms are submitted. I'm a little confused with the line 95.

  // create the <form> element
  $_openform = $form->openform(array(
	'id'=>'authenticate_visitor',
	'action'=>'',
	'method'=>'post',
   Line 95... 'onsubmit'=>'return v.exec()'
	)
  );

Where is this function v.exec(), defined? Is it part of the closing tage of the
//$form->openform() ? It doesnt look like it, as it is part of the array. This also is not mentioned in the New formclass page on Ralph's site. I also can't find it referred to else where in the snippett. And I cant find reference to it in the php site. Hmmmm.
[EDITED 6/5/07] Anyone?
EDIT 8/7/07 Found it: part of the Tigra Validation calling to execute the script.

Edited by Cris D., 08 July 2007 - 12:18 PM.

[Ralph]

Version 1.1 (Final - Modified) with a revision date of 2007-07-02 has been uploaded as a replacement to the original snippet code in the first post of this thread... The code now allows sending both login and logout redirect parameters...

[Jim Browski]

Ralph, on Jul 2 2007, 08:58 PM, said:

Version 1.1 (Final - Modified) with a revision date of 2007-07-02 has been uploaded as a replacement to the original snippet code in the first post of this thread

Most welcome!
But why don't you post it to the new snippet gallery?
It would be easier to find and to keep track of new versions.

[Ralph]

Jim Browski, on Jul 2 2007, 06:21 PM, said:

Most welcome!
But why don't you post it to the new snippet gallery?
It would be easier to find and to keep track of new versions.

I have several potential candidates for the new snippet library that should be appearing soon... They all need a final review before they are released...

[Wiper2007]

Ralph, on Jul 2 2007, 11:21 PM, said:

I have several potential candidates for the new snippet library that should be appearing soon... They all need a final review before they are released...

Hi Ralph

used the new snippet and the Logout now works fine - Thanks !

Edited by Wiper2007, 03 July 2007 - 06:21 AM.

[Moishe]

For some reason when I use curl to post to an "authenticate_visitor" page passing the same vars... the login does not happen. Does etomite check the referrer?

[Ralph]

Moishe, on Aug 6 2007, 12:01 PM, said:

For some reason when I use curl to post to an "authenticate_visitor" page passing the same vars... the login does not happen. Does etomite check the referrer?

No, Etomite isn't checking the referrer when testing authentication... Explain "when I use curl" as it relates to your code and maybe we can be of more help...

[Moishe]

Ralph, on Aug 6 2007, 01:14 PM, said:

No, Etomite isn't checking the referrer when testing authentication... Explain "when I use curl" as it relates to your code and maybe we can be of more help...

I'm trying to make a login script that will login into etomite and vbulletin at the same time and then redirect to a etomite page requiring the login.

I thought I'd try curl (http://us3.php.net/m...en/ref.curl.php)

$curl_handle=curl_init();
curl_setopt($curl_handle,CURLOPT_URL,'http://example.com/loginpage.html');
curl_setopt($curl_handle,CURLOPT_POSTFIELDS,"location=http://example.com
/restrictedpage.html&username=uname&password=xxx&rememberme=0&");
curl_exec($curl_handle);
curl_close($curl_handle);

Since the authenticate_visitor snippet posts to itself (the form has no action) I thought I could simply post a custom form to an etomite page that had the snippet on it (i.e. loginpage.html) and the snippet would pick up the vars and process the login. Of course assuming I pass the same vars as the auth_visitor form.
I get no login... I guess I may have to include the necessary etomite stuff and directly access the userLogin api

[Moishe]

and yes, I am using the post type (just forgot to include it in the last post)
curl_setopt($curl_handle, CURLOPT_POST, 1);

Edited by Moishe, 06 August 2007 - 06:07 PM.

[Ralph]

@Moishe

I think most of your problem is due to the fact that Etomite and vBulletin use separate sessions and the authentication in Etomite relies on the session throughout the login process as well as throughout the parsers entire rendering process... I'm not familiar with the CURL library so I can't be of any help along those lines...

[Moishe]

Ralph, on Aug 6 2007, 03:37 PM, said:

@Moishe

I think most of your problem is due to the fact that Etomite and vBulletin use separate sessions and the authentication in Etomite relies on the session throughout the login process as well as throughout the parsers entire rendering process... I'm not familiar with the CURL library so I can't be of any help along those lines...

Ralph, thanks. I'm pretty sure I should be able to login to both (separately) and then navigate between them without having to re-login to either. I'm just trying to get one login screen to do both at the same time.

Since I use the authenticate_visitor snippet I figured that I could post a custom form to a page using that snippet and have it login... It makes sense to me that it would work... Thanks anyways. When i figure this out I may end up writing a snippet that will process both logins at once. From my research I can tell that single-signon is a fairly popular topic.

[Bjarne]

Is it possible to add a "Remember me" function to the Authenticate_visitor snippet?

[Ralph]

Bjarne, on Aug 8 2007, 05:19 AM, said:

Is it possible to add a "Remember me" function to the Authenticate_visitor snippet?

You could just as easily set the entire Etomite session to last longer than it does by using the custom session handling features within your manager/includes/config.inc.php file as long as you are running Etomite 0.6.1.3 or newer... I usually have my system set to save sessions for a week, a month, or forever... However, this can only be done successfully if you use a custom session_save_path, otherwise a general cleanup triggered by any other script on the server might thwart your efforts at retaining sessions for a longer period of time than the default set in the servers php.ini file... The config.inc.php file should have adequate documentation on how to reconfigure it for longer sessions...

If you are intent on using a Remember Me checkbox there are several articles on the net that can be found by Googling "remember me checkbox" that might help determine what code to add to the snippet... I seem to recall someone mentioning that they implemented this feature a while back... Maybe they can share the code... I, personally, simply don't have the time right now to add what is probably just several lines of code...

[Bjarne]

Thank you for your answer. It is the check box I think I would prefer. I'll guess I'll just wait to see if anyone can provide the neccessary code for me here, before I start bugging my PHP-buddies. :-)

Anyone?

Edited by Bjarne, 08 August 2007 - 09:54 PM.

[pixelstyle]

I just installed this snippet and for logging in and autentication of pages it works great, my users will be really happy with it.

The logout button however, doesn't do anything. I tested it in FF2 and IE7. Same result. Are there any known problems with the logout button?

Edit: Replacing [[ ]] with [! !] did the trick.

Edited by pixelstyle, 12 October 2007 - 11:37 AM.

[Opal]

I'm having some javascript problems (I think?) in IE, when the password is incorrect.

In Firefox, I get a single pop-up informing me that the username or password is incorrect. I click OK, and return to the same login form.
In IE, I get the pop-up twice, and then get pushed back to whatever page I was on before clicking to the form.

The snippet call: [!authenticate_visitor?use_captcha=0&use_logout=1&login_id=310&logout_id=311!]

Any suggestions? I've poked around in the Tigra bits briefly and don't see a reason for the double-fire.