Jump to content

phpBB registration -> Game Account

Guest Mythos

By Guest Mythos
in OldGeneral discussion

 Share

Recommended Posts

Mythos Member

Mythos

Posted
Posted

Good morning,

I ask you guys, is it possible to edit the registration of a 3.0.5 phpbb forum?

If a user creates an account in the forums, it will be created in the MaNGOS db, too.

If yes, can you tell me, how to do this?

I would be grateful for help. :)

Mythos

Link to comment
Share on other sites
Mythos Member

Mythos

Posted
Posted

How do you do that with custom profile fields?

Please tell me more^^

/edit:

Some misc infos:

I use PBWoW for my forums (http://wowcrackz.ath.cx/forum <- Demo) which makes phpbb3 to Blizzard Forums ;)

Blizzard has the "Please log in with your World of Warcraft or Battle.net account" notice so game account = forums account.

Would be nice if it can be, too. Forums account -> Game Account is a bit stupid, so lets change my question^^

I wanna know how to add your Game Account to your phpbb3 forums?

Link to comment
Share on other sites
Gotisch Advanced Member

Gotisch

Posted
Posted

we have this enabled. Its just a matter of adding code to access gameserver database at 3-4 places max. most of it are in ucp/ folder.

well thats for the phpbb -> mangos version for the mangos -> phpbb version you would probably need, dunno some more changes?

Link to comment
Share on other sites
PunKeD_GuRu Advanced Member

PunKeD_GuRu

Posted
Posted

Id love to know how to do this aswel!

I have a phpbb3 forum setup on the same server

along with file sharing

just so all the uni folks have access to my movies/music/a forum to request/and a forum for bugs on the wow server

currently i create each account manually as the mmfm seems to have stopped updating and im not good enough at this kinda stuff to do it myself =(

if someone was to share how they have theirs i could prob smooth of some corners on it! =)

Link to comment
Share on other sites
PunKeD_GuRu Advanced Member

PunKeD_GuRu

Posted
Posted
Perhaps this could be of use to some of you. It's a plug-in to phpBBs authentication system that should allow MaNGOS to phpBB and vice-versa. I haven't yet been able to test it, but when I do I'll post back with results.

http://www.phpbb.com/community/viewtopic.php?f=71&t=1598865

<?php
/**
* External Database auth plugin for phpBB3
* Based on phpbb's ldap auth plugin.
* Pedro Dias - [email][email protected][/email]
* [url]http://pedrodiasgeekyblog.blogspot.com/2008/11/external-database-authentication-for.html[/url]
*/

/*
Credit goes to Pedro for posting the example on his blog. I made some changes to the script,
since I was getting a connections error. The changes I made will help people who install
phpbb3 into its own separate database.
I can assist with some help pm acctman on phpbb3
p.s. I am not Pedro, I'm just giving him credit for his work. I modified the script to make
it work better.
*/

/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
exit;
}

function login_extdb(&$username, &$password)
{
global $db, $config, $user;

if (!$password)
{
 return array(
  'status' => LOGIN_ERROR_PASSWORD,
  'error_msg' => 'NO_PASSWORD_SUPPLIED',
  'user_row' => array('user_id' => ANONYMOUS),
 );
}

if (!$username)
{
 return array(
  'status' => LOGIN_ERROR_USERNAME,
  'error_msg' => 'LOGIN_ERROR_USERNAME',
  'user_row' => array('user_id' => ANONYMOUS),
 );
}

//// START HERE //// change where you see FILL IN

/// This is the connection for my existing member database
$dbhost1 = 'localhost';
$dbuser1 = 'FILL IN'; //this is the mysql login for your existing member db
$dbpass1 = 'FILL IN';
$dbname1 = 'FILL IN';

$conn = mysql_connect($dbhost1, $dbuser1, $dbpass1) or die ('Error connecting to mysql');

mysql_select_db($dbname1);

// We need to select the required fields, check you member table and write down the 
// following USERNAME, PASSWORD, EMAIL field names. Example my existing member fields are called
// m_user, m_pass and m_email yours will be different. If you're lazy you can also do a SELECT *
// I would replace with SELECT  m_user, m_pass, m_email
// This is how my query looks:
// $query  = "SELECT m_user,m_pass,m_email FROM rate_members WHERE m_user = '".$username."'";

$query  = "SELECT * FROM FILL_IN_MEMBER-TABLE WHERE FILL_IN_USERNAME_FIELD = '".$username."'";
$result = mysql_query($query);

$num_rows = mysql_num_rows($result);

if($num_rows == 1){
 $row = mysql_fetch_array($result, MYSQL_ASSOC);
 $extuser = $row['FILL IN']; //user field from existing db member table
 $extpass = $row['FILL IN']; //pass field from existing db member table
 $extmail = $row['FILL IN']; //email field from existing db member table
}

if ($num_rows == 1)
{
 if (strcmp($extuser,$username) == 0 && strcmp($extpass,md5($password)) == 0)
 {

/// This is the connection for phpBB3's database. The next 6 lines can be removed only if you've installed phpBB3 into you existing site db.
/// I decided to keep things separate to make it easier to backup/restore.
$dbhost = 'localhost';
$dbuser = 'FILL IN'; // you can get the info from the config.php file in your forum root
$dbpass = 'FILL IN';
$dbname = 'FILL IN';

//// END HERE //// you do not have to change anything else for the script to work

$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql');     
mysql_select_db($dbname);

  $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type
               FROM phpbb_users' . "
   WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
  $result = $db->sql_query($sql);
  $row = $db->sql_fetchrow($result);
  $db->sql_freeresult($result);

  if ($row)
  {
   if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
   {
    return array(
     'status'  => LOGIN_ERROR_ACTIVE,
     'error_msg'  => 'ACTIVE_ERROR',
     'user_row'  => $row,
    );
   }

   return array(
    'status'  => LOGIN_SUCCESS,
    'error_msg'  => false,
    'user_row'  => $row,
   );
  }
  else
  {
   $sql = 'SELECT group_id
    FROM ' . GROUPS_TABLE . "
    WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
     AND group_type = " . GROUP_SPECIAL;
   $result = $db->sql_query($sql);
   $row = $db->sql_fetchrow($result);
   $db->sql_freeresult($result);

   if (!$row)
   {
    trigger_error('NO_GROUP');
   }

   $extdb_user_row = array(
    'username'  => $username,
    'user_password' => phpbb_hash($password),
    'user_email' => $extmail,
    'group_id'  => (int) $row['group_id'],
    'user_type'  => USER_NORMAL,
    'user_ip'  => $user->ip,
   );

   return array(
    'status'  => LOGIN_SUCCESS_CREATE_PROFILE,
    'error_msg'  => false,
    'user_row'  => $extdb_user_row,
   );
  }
 }
 else
 {
  return array(
   'status'  => LOGIN_ERROR_PASSWORD,
   'error_msg'  => 'LOGIN_ERROR_PASSWORD',
   'user_row'  => array('user_id' => ANONYMOUS),
  );
 }
}

return array(
 'status' => LOGIN_ERROR_USERNAME,
 'error_msg' => 'LOGIN_ERROR_USERNAME',
 'user_row' => array('user_id' => ANONYMOUS),
);
}
?>

and for the SHA1 passwords:

<?php
/**
* External MySQL auth plug-in for phpBB3
*
* Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
*
* @package login
* @version $Id: auth_dbext.php 8602 2009-04-09 16:38:27Z nzeyimana $
* @copyright NONE: use as you see fit but no guarantees
* @license NONE: use as you see fit but no guarantees
*
*/

/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
   exit;
}

/**
*
* @return boolean|string false if the user is identified and else an error message
*/

function init_dbext()
{
   // TODO: do any needed initialization
}

/**
* Login function
*/
function login_dbext(&$username, &$password)
{
   global $db;

   // do not allow empty password
   if (!$password)
   {
       return array(
           'status'    => LOGIN_ERROR_PASSWORD,
           'error_msg'    => 'NO_PASSWORD_SUPPLIED',
           'user_row'    => array('user_id' => ANONYMOUS),
       );
   }

   if (!$username)
   {
       return array(
           'status'    => LOGIN_ERROR_USERNAME,
           'error_msg'    => 'LOGIN_ERROR_USERNAME',
           'user_row'    => array('user_id' => ANONYMOUS),
       );
   }

   /////////////////////////////////////////////////////////////////////////////////////////////////////////////
   // Note: on my systems, I include these following lines from an external file that is not web-accessible 
   /////////////////////////////////////////////////////////////////////////////////////////////////////////////
   $db_host      = "localhost"; // Here goes the MySQL server address, hostname or IP
   $db_user      = "username";  // Here goes the MySQL user allowed to read the table below (GRANT SELECT ON ....)
   $db_password  = "passwd";    // Here should go the password associated with the above user
   $db_database  = "dbName";    // Here goes the Database containing the table below
   $db_table     = "tblUsers";  // Here will goes the table list users allowed to login into PHPBB   
   ////////////////////////////////////////////////////////////////////////////////////////////////////////////
   $col_username = "username";
   $col_password = "password";
   $hashMethod   = "sha1"; // Can be one of:  md5, sha1, plain
                           // In case you choose to use a non-standard hashing function, be 
                           // sure to change below where the $hashedPassword variable is created

   $objMySqli = new mysqli($db_host, $db_user, $db_password, $db_database);

   /* check connection */
   if (mysqli_connect_errno()) 
   {
       return array(
           'status'    => LOGIN_ERROR_EXTERNAL_AUTH ,
           'error_msg'    => 'LOGIN_ERROR_EXTERNAL_AUTH ',
           'user_row'    => array('user_id' => ANONYMOUS),
       );
   }

   // Check the User/Password
   if($hashMethod == 'sha1')
   {
       $hashedPassword = sha1($password);
   } elseif($hashMethod == 'md5') {
       $hashedPassword = md5($password);
   } else {
       $hashedPassword = $password;
   }
   $sql = 
       "SELECT 11 as ID 
       FROM " . $db_table . " 
       WHERE 
           " . $col_username . " = '" . mysqli_real_escape_string($username)          . "' AND 
           " . $col_password . " = '" . mysqli_real_escape_string($hashedPassword) . "' 
           ";

   if ( $result = $objMySqli->query($sql) )
   {
       if ( $result->num_rows <= 0 )
       {
           return array(
               'status'    => LOGIN_ERROR_USERNAME,
               'error_msg'    => 'LOGIN_ERROR_USERNAME',
               'user_row'    => array('user_id' => ANONYMOUS),
           );
       }

       $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
           FROM ' . USERS_TABLE . "
           WHERE username = '" . $db->sql_escape($username) . "'";
       $result = $db->sql_query($sql);
       $row = $db->sql_fetchrow($result);
       $db->sql_freeresult($result);

       if ($row)
       {
           // User inactive...
           if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
           {
               return array(
                   'status'        => LOGIN_ERROR_ACTIVE,
                   'error_msg'        => 'ACTIVE_ERROR',
                   'user_row'        => $row,
               );
           }

           // Successful login...
           return array(
               'status'        => LOGIN_SUCCESS,
               'error_msg'        => false,
               'user_row'        => $row,
           );
       }

       // this is the user's first login so create an empty profile
       return array(
           'status'        => LOGIN_SUCCESS_CREATE_PROFILE,
           'error_msg'        => false,
           'user_row'        => user_row_dbext($username, sha1($password)),
       );
   } else {
       // TODO: Handle this situation
   }

   // Not logged in using the external DB
   return array(
       'status'        => LOGIN_ERROR_EXTERNAL_AUTH,
       'error_msg'        => 'LOGIN_ERROR_EXTERNAL_AUTH',
       'user_row'        => array('user_id' => ANONYMOUS),
   );
}

/**
* This function generates an array which can be passed to the user_add function in order to create a user
*/
function user_row_dbext($username, $password)
{
   global $db, $config, $user;
   // first retrieve default group id
   $sql = 'SELECT group_id
       FROM ' . GROUPS_TABLE . "
       WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
           AND group_type = " . GROUP_SPECIAL;
   $result = $db->sql_query($sql);
   $row = $db->sql_fetchrow($result);
   $db->sql_freeresult($result);

   if (!$row)
   {
       trigger_error('NO_GROUP');
   }

   // generate user account data
   return array(
       'username'        => $username,
       'user_password'    => phpbb_hash($password), // Note: on my side, I don't use this because I want all passwords to remain on the remote system
       'user_email'    => '', // You can retrieve this Email at the time the user is authenticated from the external table
       'group_id'        => (int) $row['group_id'],
       'user_type'        => USER_NORMAL,
       'user_ip'        => $user->ip,
   );
}

?>

Link to comment
Share on other sites
Mythos Member

Mythos

Posted
Posted

Does not work.

The first script causes this errors:

[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3858: Cannot modify header information - headers already sent by (output started at /includes/auth/auth_extdb.php:1)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3860: Cannot modify header information - headers already sent by (output started at /includes/auth/auth_extdb.php:1)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3861: Cannot modify header information - headers already sent by (output started at /includes/auth/auth_extdb.php:1)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3862: Cannot modify header information - headers already sent by (output started at /includes/auth/auth_extdb.php:1)

And I don't know how to choose the table "account" from the realmd db...

Please help!

/edit:

Here's my extdb code. Database passwords are changed ;)

   <?php
   /**
   * External Database auth plugin for phpBB3
   * Based on phpbb's ldap auth plugin.
   * Pedro Dias - [email][email protected][/email]
   * [url]http://pedrodiasgeekyblog.blogspot.com/2008/11/external-database-authentication-for.html[/url]
   */

   /*
   Credit goes to Pedro for posting the example on his blog. I made some changes to the script,
   since I was getting a connections error. The changes I made will help people who install
   phpbb3 into its own separate database.
   I can assist with some help pm acctman on phpbb3
   p.s. I am not Pedro, I'm just giving him credit for his work. I modified the script to make
   it work better.
   */

   /**
   * @ignore
   */
   if (!defined('IN_PHPBB'))
   {
   exit;
   }

   function login_extdb(&$username, &$password)
   {
   global $db, $config, $user;

   if (!$password)
   {
     return array(
      'status' => LOGIN_ERROR_PASSWORD,
      'error_msg' => 'NO_PASSWORD_SUPPLIED',
      'user_row' => array('user_id' => ANONYMOUS),
     );
   }

   if (!$username)
   {
     return array(
      'status' => LOGIN_ERROR_USERNAME,
      'error_msg' => 'LOGIN_ERROR_USERNAME',
      'user_row' => array('user_id' => ANONYMOUS),
     );
   }

   //// START HERE //// change where you see FILL IN

   /// This is the connection for my existing member database
   $dbhost1 = 'localhost';
   $dbuser1 = 'root'; //this is the mysql login for your existing member db
   $dbpass1 = 'DaTaBaSePaSsWoRd';
   $dbname1 = 'realmd';

   $conn = mysql_connect($dbhost1, $dbuser1, $dbpass1) or die ('Error connecting to mysql');

   mysql_select_db($dbname1);

   // We need to select the required fields, check you member table and write down the
   // following USERNAME, PASSWORD, EMAIL field names. Example my existing member fields are called
   // m_user, m_pass and m_email yours will be different. If you're lazy you can also do a SELECT *
   // I would replace with SELECT  m_user, m_pass, m_email
   // This is how my query looks:
   // $query  = "SELECT m_user,m_pass,m_email FROM rate_members WHERE m_user = '".$username."'";

   $query  = "SELECT username,sha_pass_hash,email FROM account WHERE username = '".$username."'";
   $result = mysql_query($query);

   $num_rows = mysql_num_rows($result);

   if($num_rows == 1){
     $row = mysql_fetch_array($result, MYSQL_ASSOC);
     $extuser = $row['username']; //user field from existing db member table
     $extpass = $row['sha_pass_hash']; //pass field from existing db member table
     $extmail = $row['email']; //email field from existing db member table
   }

   if ($num_rows == 1)
   {
     if (strcmp($extuser,$username) == 0 && strcmp($extpass,md5($password)) == 0)
     {

   /// This is the connection for phpBB3's database. The next 6 lines can be removed only if you've installed phpBB3 into you existing site db.
   /// I decided to keep things separate to make it easier to backup/restore.
   $dbhost = 'localhost';
   $dbuser = 'root'; // you can get the info from the config.php file in your forum root
   $dbpass = 'DaTaBaSePaSsWoRd';
   $dbname = 'forum';

//// END HERE //// you do not have to change anything else for the script to work
   $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql');     
   mysql_select_db($dbname);

      $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type
                   FROM phpbb_users' . "
       WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
      $result = $db->sql_query($sql);
      $row = $db->sql_fetchrow($result);
      $db->sql_freeresult($result);

      if ($row)
      {
       if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
       {
        return array(
         'status'  => LOGIN_ERROR_ACTIVE,
         'error_msg'  => 'ACTIVE_ERROR',
         'user_row'  => $row,
        );
       }

       return array(
        'status'  => LOGIN_SUCCESS,
        'error_msg'  => false,
        'user_row'  => $row,
       );
      }
      else
      {
       $sql = 'SELECT group_id
        FROM ' . GROUPS_TABLE . "
        WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
         AND group_type = " . GROUP_SPECIAL;
       $result = $db->sql_query($sql);
       $row = $db->sql_fetchrow($result);
       $db->sql_freeresult($result);

       if (!$row)
       {
        trigger_error('NO_GROUP');
       }

       $extdb_user_row = array(
        'username'  => $username,
        'user_password' => phpbb_hash($password),
        'user_email' => $extmail,
        'group_id'  => (int) $row['group_id'],
        'user_type'  => USER_NORMAL,
        'user_ip'  => $user->ip,
       );

       return array(
        'status'  => LOGIN_SUCCESS_CREATE_PROFILE,
        'error_msg'  => false,
        'user_row'  => $extdb_user_row,
       );
      }
            }
     else
     {
      return array(
       'status'  => LOGIN_ERROR_PASSWORD,
       'error_msg'  => 'LOGIN_ERROR_PASSWORD',
       'user_row'  => array('user_id' => ANONYMOUS),
      );
     }
   }

   return array(
     'status' => LOGIN_ERROR_USERNAME,
     'error_msg' => 'LOGIN_ERROR_USERNAME',
     'user_row' => array('user_id' => ANONYMOUS),
   );
   }

   ?>

Link to comment
Share on other sites
DasBlub Advanced Member

DasBlub

Posted
Posted

you already send something to the client and then you try to send a header again. according to the HTTP protocol this isn't possible.

but if you still need to do it you can use the output buffering, then php stores everything locally until you flush the buffer (or you delete it) and sends it then to the client (if you flush).

this could look like this:

<?php
ob_start(); // start output buffering

echo('bla'); // we write something out

if(!secMgr->checkLogin()) { // check if the user is logged in
 header('Location: login.php'); // user not logged in -> send redirect to login.php
 exit(); // stop here, we don't need to run the rest of the code (increases performance if the user isn't logged in)
}

echo('bla'); // again an output

ob_end_flush(); // stop output buffering, send all data to the client
?>

this is just an example how my code usually looks like, didn't test it, but it shows, how to use the ob.

for further informations look here: http://php.net/manual/en/book.outcontrol.php

Link to comment
Share on other sites
switchy Newbie

switchy

Posted
Posted

The EASIEST way to pull this off would be to include a simplified version of your existing account creation page for Mangos (provided it is in php) at the end of the PHPBB registration page. Start a new mysql connection with a unique identifier, and do all the queries using mysql_query from there (none of PHPBBs native database abstraction).

Add similar code for password change.

PHPBB uses MD5, IIRC Mangos is a strangely hashed SHA1. Instead of trying to merge the auth systems, leave them separate and do duplicate data (one registration in the PHPBB, one in the Mangos)

Obviously there are things such as bans that need to be accounted for, but if someone really wanted to take the time, they could pull that off.

I believe there is also a way to link tables in a MyISAM MySQL DB, so that certain fields are mirrored, (not a vanilla mysql thing)

Link to comment
Share on other sites
  • 6 months later...
 Share
Go to topic listing

Contact Us

To contact us click here
You can also email us at [email protected]

Privacy Policy | Terms & Conditions

Repositories

The Link to the master list
of MaNGOS repositories:
Copyright © getMaNGOS. All rights Reserved.

This website is in no way associated with or endorsed by Blizzard Entertainment®
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Privacy Policy Terms of Use