MyBB Community Forums

This wouldn't suffice?

setcookie("mybb[password]", $password, $time + 3600);

That doesn't set $password.

You start using $password on the third line of your code you posted. Where is it set?

Set means:

$password = ??????

Ah, thought you where talking about the cookies:

$user = SafeAddSlashes($_POST['user']);
$password = SafeAddSlashes(md5($_POST['password']));

Forgot to include it, but it's at the top under the require ('inc/config.php');

Can you post the full code then?

Alright here's the entire code:

In login.php (where the form processes):

<?php session_start();
require ('inc/config.php');
$user = SafeAddSlashes($_POST['user']);
$password = SafeAddSlashes(md5($_POST['password']));
$check_pw = md5(md5($user['salt']).md5($password));
$time = time();
$check = ($_POST['setcookie']);

$query = mysql_query("SELECT uid,password,salt FROM mybb_users WHERE username='$username' LIMIT 1");
$user = mysql_fetch_array($query);
if(!$user['uid']) {
echo "User doesn't exist!";
}
 	if(mysql_num_rows($user)) {
	$_SESSION['loggedin'] = 1;
	}
	if ($check_pw == $user['password'] && ($check)) {
	setcookie("mybb[username]", $username, $time + 3600);
	setcookie("mybb[password]", $password, $time + 3600);
   	header('Location: index.php');
	}
	else {
   	header('Location: index.php?inv=1');
   	exit();
	}

?>

Here's index.php (where the form is located):

<?php session_start();
require ('inc/config.php');
if(isset($_COOKIE['mybb'])) {
$username = $_COOKIE['mybb']['username'];
$password = $_COOKIE['mybb']['password'];

$query = mysql_query("SELECT uid,password,salt FROM mybb_users WHERE username='$username' LIMIT 1");
$result = mysql_query($query, $db);
if(mysql_num_rows($result)) {
	$_SESSION['loggedin'] = 1;
	header('Location: home.php');
$_SESSION['valid_user'] = $username;
      }
	exit();
} 

?>

the form code:

	<div class="righttxt">
	<p>
	<form method="post" name="login" action="login.php">
	<label>Username:</label><br />
	<input type="text" name="user" class="boxes" />
	<br /><label>Password:</label><br />
	<input type="password" name="password" class="boxes" /> 
  	<input type="submit" name="login" value="Login" class="submit" />
	</form>
	</p>
<br />

More php (has nothing to do with connecting to mybb):

<?php
if (isset($_GET['error'])) 
 {
	echo '<div class="error">';
	echo 'No Valid session found!';
	echo '</div>';
 }
if (!empty($_GET['inv'])) {
	echo '<div class="error">';
	echo 'Invalid Username or Password!';
	echo '</div>';
 }
?>

I might be being ignorant here, but why can't you just have a form and pass the information to your forums "member.php" and have that log you in and then redirect you back to where you were?

MrDoom Wrote:I might be being ignorant here, but why can't you just have a form and pass the information to your forums "member.php" and have that log you in and then redirect you back to where you were?

Because it doesn't solve the cookie problem and it won't be independent from the MyBB software anymore. I'm trying to avoid using MyBB files to login for the sake of easy connectivity.

Actually, it would solve your cookie problem since it would use the MyBB code to set the cookie. However, if you are trying to keep your code loosely coupled from MyBB code then it will present you a problem.

MrDoom Wrote:Actually, it would solve your cookie problem since it would use the MyBB code to set the cookie. However, if you are trying to keep your code loosely coupled from MyBB code then it will present you a problem.

See it would set the cookie, but won't keep the cookie when it returns to the page that requires login. Unless I could get the cookie that it keeps to place it into the files that I have which require login. With keeping it independent from the MyBB cookie, I can customize the way it sets the cookie for that specific login.

Huh? If you have your forums cookie set so it can be accessed from the place you are trying to access it from, it will "stay". I'm not sure, you've confused the hell out of me now.