2008-07-23, 05:04 AM
I know this in not implemented into the current mybb (1.2), but I was just wondering if anyone has successfully added Session to the current Cookie authentication.
We get an unbelievable amount of complaints of users not being able to login to our site. (I have integrated the forum with the rest of the site).
I have been trying to hack a few files to get them to read from the current session table, with no success....its driving me nuts!!
These are the files I think need to be hacked;
- member.php (need to get this to add the password to mybb_sessions
- class_session.php (need to get this to add the uid and password to mybb_sessions)
This should then load user using session data rather than cookie data if cookie does not exists.
Will this work.....am I on the right track???
OK, I've got a little further with this.
If I make the following if statement in 'class_session.php'
// Attempt to find a session id in the cookies.
if(isset($_COOKIE['sid']))
{
$this->sid = $db->escape_string($_COOKIE['sid']);
}
Something like the following;
// Attempt to find a session id in the cookies.
if(isset($_COOKIE['sid']))
{
$this->sid = $db->escape_string($_COOKIE['sid']);
}
else
{
//if cookies are not enabled then get session id
$this->sid = $_SESSION['nocookies'];
}
Then it works! I tested this by manually setting the sid to whatever it was in the database at the time.
The problem is, I set the session Id within the do_login procedure, but by the time the page refreshes and performs class_session, my session variable has already been cleared?
Any ideas??
Still no luck with this, I can get it to login using sessions, (I had to create another table), but it's not very stable. Sometimes it works, sometimes it doesn't, but most time it takes 3 attempts to login....WHY???? I'm not sure!
I can safely say, this will be the LAST time I use myBB. Support for Sessions is appalling!
You can't even create sessions variables to pass between pages, because something is clearing them (which I cannot find!)
It's totally ignorant to expect all users to have cookies turned on!
I am looking for alternatives at the moment, spent WAY too much time trying to get this to work!
We get an unbelievable amount of complaints of users not being able to login to our site. (I have integrated the forum with the rest of the site).
I have been trying to hack a few files to get them to read from the current session table, with no success....its driving me nuts!!
These are the files I think need to be hacked;
- member.php (need to get this to add the password to mybb_sessions
- class_session.php (need to get this to add the uid and password to mybb_sessions)
This should then load user using session data rather than cookie data if cookie does not exists.
Will this work.....am I on the right track???
OK, I've got a little further with this.
If I make the following if statement in 'class_session.php'
// Attempt to find a session id in the cookies.
if(isset($_COOKIE['sid']))
{
$this->sid = $db->escape_string($_COOKIE['sid']);
}
Something like the following;
// Attempt to find a session id in the cookies.
if(isset($_COOKIE['sid']))
{
$this->sid = $db->escape_string($_COOKIE['sid']);
}
else
{
//if cookies are not enabled then get session id
$this->sid = $_SESSION['nocookies'];
}
Then it works! I tested this by manually setting the sid to whatever it was in the database at the time.
The problem is, I set the session Id within the do_login procedure, but by the time the page refreshes and performs class_session, my session variable has already been cleared?
Any ideas??
Still no luck with this, I can get it to login using sessions, (I had to create another table), but it's not very stable. Sometimes it works, sometimes it doesn't, but most time it takes 3 attempts to login....WHY???? I'm not sure!
I can safely say, this will be the LAST time I use myBB. Support for Sessions is appalling!
You can't even create sessions variables to pass between pages, because something is clearing them (which I cannot find!)
It's totally ignorant to expect all users to have cookies turned on!
I am looking for alternatives at the moment, spent WAY too much time trying to get this to work!