MyBB Community Forums

Full Version: integration with existing site
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
So I have an existing site based on the php-login framework. I have thousands of users so switching to mybb's login system or some other single-sign-on tool isn't an option. The login system is robust and I don't get robots or anything creating users

PHP-Login is fairly standard in that it uses $_SESSION variables to store information. My plan then is to write a plugin that detects my existing session variables, and then automatically registers (if the user doesn't already exist) and logs in the user. That way I don't need to copy thousands of users into the mybb database - only users who are interested in the forum get an entry, but those users who are interested don't need to register separately. 

So I've started playing with this and I noticed that, despite a little research saying that mybb doesn't use php $_SESSION, mybb and my site do appear to be running separate sessions. 

So, my question then is, is the above plan viable? And, if so, how do I force mybb to use the existing session (currently my forum is just in a /forum/ subdirectory off of the public_html root).

If it isn't viable, what's a better solution? I suppose the cookie might work if the session transfer isn't going to work easily, but then users would need cookies enabled to user the forum.

Thanks!
(2017-03-03, 11:35 PM)Malkleth Wrote: [ -> ]I suppose the cookie might work if the session transfer isn't going to work easily, but then users would need cookies enabled to user the forum.

Your users already need cookies enabled to use your login. If they don't, they will be starting up new PHP sessions on every HTTP request handled by PHP that calls "session_start" function.

The session id could be propagated thought the URL, but I've never seen it implemented on a production environment.
I did just figure out how to read the session data in mybb, turns out I just needed to call session_start, har. 

As for the url thing: supposedly (I haven't experimented) php automatically switches to url-encoded sessions if the user doesn't have cookies enabled.