MyBB Community Forums
When does the $plugins->run_hooks fire it's instance? - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Community Archive (https://community.mybb.com/forum-106.html)
+--- Forum: Archived Forums (https://community.mybb.com/forum-143.html)
+---- Forum: Archived Development and Support (https://community.mybb.com/forum-155.html)
+----- Forum: MyBB 1.6 (https://community.mybb.com/forum-138.html)
+------ Forum: 1.6 General Support (https://community.mybb.com/forum-127.html)
+------ Thread: When does the $plugins->run_hooks fire it's instance? (/thread-122056.html)



When does the $plugins->run_hooks fire it's instance? - bowkilled - 2012-07-07

Hello,

I got a question regarding the usage of hooks, i need to know how and when hooks are kicked into action, can a admin hook be used if a user isn't logged in? Or do they only work if a super user is recognized with a active session?

Furthermore,

I would like to use the admin_user_users_edit hook within a function called in a file outside mybb to change some user data on the $_POST method.

$plugins->run_hooks('admin_user_users_edit');

How do i reach a specific field, e.g if i only wish to edit the username of a user, how do i do? and what code may i use?

Let me know, i appreciate any help or advice given here.
Thanks.


RE: When does the $plugins->run_hooks fire it's instance? - pavemen - 2012-07-07

The the code reaches a run_hook function, the plugin class then cycles through all functions listed as related to that hook (those from all plugins that call add_hook for that hook name).

It is up to the developer to determine if the requested function works for guests or not. A hook can only be run when the code reaches that line. If the user is not logged in and the code is stopped before run_hook is reached, then the hook will never be run.

Why would you want to run an external file? Create a plugin file that uses

$plugins->add_hook('admin_users_users_edit', 'your_function_name_here'); and create a function of the same name and then modify the user content there.


RE: When does the $plugins->run_hooks fire it's instance? - bowkilled - 2012-07-07

Because i am developing a SSO (single sign-on) system used with mybb, i am halfway through all neccessary functions but i need to update a password of a mybb user after a password reset, as my frontend system only generates a new password after a reset and not for the mybb user, therefore i made a plugin to force users to change their password within the frontend system.

Once the frontend user updates and saves their "new password" it does not update the mybb user's password since the mybb user was not logged in when the password change process was done and therefore the password for mybb was never set.

I am able to update the password for a mybb user when both systems are authenticated at the same time but not when mybb is not authenticated.

Should i update the password with a simple mysql query update function? Because this is the only way that i can think of that works without being logged in since the password change is happening straight through php into mysql and not in mybb into mysql.

Since mybb disagrees the usage of admin hooks while not authenticated as a super user or administrator.

Give me some advice on what to do, I'd appreciate it very much.
Thanks.


RE: When does the $plugins->run_hooks fire it's instance? - pavemen - 2012-07-07

in your frontend code where you are forcing the reset and have the plain text password, just replicate the mybb password hash routine from the member.php do_login action and directly update the mybb database directly from your code.

this would be the same password hash routine you are using for SSO authentication

include the mybb config.php file so you have the credentials to the DB and then connect to it and update the user table. be sure to generate a new salt during the reset and update the user table with the new salt and the new password hash.

btw, what i am saying is that you dont need any hooks, just directly manipulate the DB


RE: When does the $plugins->run_hooks fire it's instance? - bowkilled - 2012-07-08

(2012-07-07, 04:52 PM)pavemen Wrote: in your frontend code where you are forcing the reset and have the plain text password, just replicate the mybb password hash routine from the member.php do_login action and directly update the mybb database directly from your code.

this would be the same password hash routine you are using for SSO authentication

include the mybb config.php file so you have the credentials to the DB and then connect to it and update the user table. be sure to generate a new salt during the reset and update the user table with the new salt and the new password hash.

btw, what i am saying is that you dont need any hooks, just directly manipulate the DB

I have both systems on the same db, however, i am thinking about using the password function for mybb and then use a mysql insert statement to update the password once the external password reset function have generated the new password and the user has activated it through their retrieval mail.

How about using this function within my external password reset function file? (taken from functions_user.php in /inc/:

//If there are no mybb authentication
if (!$this->mybb->user['uid'] != 0){
  update_password();
}
else{
//If there is a mybb authentication
$userhandler = new UserDataHandler('update');
$data = array(
  'uid' => intval($user_id),
  'password' => $password
);
$userhandler->set_data($data);
 if (!$userhandler->validate_user()){
 $errors = $userhandler->get_friendly_errors();
  return ($inline_error === true) ? inline_error($errors) : $errors;
      }
  $userhandler->update_user();
   return true;
}

functions_user.php
 153  function update_password($uid, $password, $salt="")
 154  {
 155      global $db, $plugins;
 156  
 157      $newpassword = array();
 158  
 159      // If no salt was specified, check in database first, if still doesn't exist, create one
 160      if(!$salt)
 161      {
 162          $query = $db->simple_select("users", "salt", "uid='$uid'", array('limit' => 1));
 163          $user = $db->fetch_array($query);
 164          if($user['salt'])
 165          {
 166              $salt = $user['salt'];
 167          }
 168          else
 169          {
 170              $salt = generate_salt();
 171          }
 172          $newpassword['salt'] = $salt;
 173      }
 174  
 175      // Create new password based on salt
 176      $saltedpw = salt_password($password, $salt);
 177  
 178      // Generate new login key
 179      $loginkey = generate_loginkey();
 180  
 181      // Update password and login key in database
 182      $newpassword['password'] = $saltedpw;
 183      $newpassword['loginkey'] = $loginkey;
 184      $db->update_query("users", $newpassword, "uid='$uid'", 1);
 185  
 186      $plugins->run_hooks("password_changed");
 187  
 188      return $newpassword;
 189  }

Remember, i need to update the user's password when the user is not authenticated with mybb. To get the correct user id to be used within the mysql update statement i would need to use the external user id within it.


RE: When does the $plugins->run_hooks fire it's instance? - bowkilled - 2012-07-10

Solved it.