WordBB - Little Code Hacking
#1
I have made many changes and now one more change is left for me according to my plans.I tried reading the wordbb code again and again but I couldn't comprehend the code.

Here is what I am trying,
WordBB posts blog comments in the forum as 'Guest'.I was trying to fix this issue by editing some part of the code.

WordBB Code for posting comments:
function wordbb_comment_on_post($comment_post_ID)
{
	global $wordbb;

	$bridge=wordbb_get_bridge(WORDBB_POST,$comment_post_ID);
	if(!empty($bridge))
	{
		// post this reply to the corresponding thread

		$comment_content = ( isset($_POST['comment']) ) ? trim($_POST['comment']) : null;

		$params=array();
		$params['message']=stripslashes($comment_content);
		$params['uid']=$wordbb->loggeduserinfo->uid;
		$params['tid']=$bridge->mybb_id;
		$params['ip']=wordbb_get_ip();
		$ret=wordbb_do_action('create_post',$params);

		$pid=$ret['pid'];

		if(get_option('wordbb_redirect_mybb')=='on')
			$location=$wordbb->mybb_url.'/showthread.php?tid='.$bridge->mybb_id.'&pid='.$pid.'#pid'.$pid;
		else
			$location=get_permalink($comment_post_ID).'#comment-'.$pid;

		header('Location: '.$location);

		exit;
	}
}

And the do action code:
function wordbb_do_action($action,$params)
{
	global $wordbb;

	$params['wordbb_mybb_abs']=get_option('wordbb_mybb_abs');
	$params['_wordbbnonce']=wordbb_create_nonce($action);

	// uses parse_url to validate data
	// tnx to Tikitiki
	$url = parse_url($wordbb->action_url);
	if(!$url['host'])
	{
		return false;
	}
	if(!$url['port'])
	{
		$url['port'] = 80;
	}
	if(!$url['path'])
	{
		$url['path'] = "/";
	}
	if($url['query'])
	{
		$url['path'] .= "?{$url['path']}";
	}

	$reqbody = "";
	$reqbody.= "action=".urlencode($action);
	foreach($params as $key=>$val)
	{
		if (!empty($reqbody)) $reqbody.= "&";
		$reqbody.= $key."=".urlencode($val);
	}

	$contentlength = strlen("$reqbody\r\n"); // tnx to Rog
	// tnx to mike for letting me discover the Host \r\n bug
	$reqheader =  "POST {$url['path']} HTTP/1.0\r\n".
	"Host: {$url['host']}\r\n". "User-Agent: PostIt\r\n". "Connection: Close\r\n".
	"Content-Type: application/x-www-form-urlencoded\r\n".
	"Content-Length: $contentlength\r\n\r\n".
	"$reqbody\r\n";
	
	$socket = @fsockopen($url['host'], $url['port'], $errno, $errstr);
	@stream_set_timeout($socket, 10);
	if(!$socket)
	{
		return false;
	}

	fputs($socket, $reqheader);

	while(!feof($socket))
	{
		$result .= fgets($socket, 12800);
	}

	fclose($socket);
	
	//separate header and content
	$data = explode("\r\n\r\n", $result, 2);
	//$result=array('header'=>$data[0],'body'=>$data[1]);
	$result=unserialize($data[1]);
	if($result===false)
		$result=$data[1];
	
	return $result;
}

I don't get which part of the plugin is responsible for creating the posts in the forum.I'd like to know which part does it and how can I provide a user who posted not 'Guest'.

If you wish to see the whole code then go here:https://github.com/wp-plugins/wordbb/blob/master/wordbb.php

Thanks
Reply
#2
Try logging in as another user that has been created since the bridge was installed.

My guess is that the uid does not exist so it is posting as a guest

  $params['uid']=$wordbb->loggeduserinfo->uid;

I wrote my own way of doing this. I created a REST client which checks for a randomized shared secret code from a pool of shared codes that can only be used once.

I generate them in batches of about 5000 randomized unique strings, once it is used it is logged in the DB as used and removed from the pool so that it can never be used again.

Wordpress posts the teaser (everything before the <!--more-->) into a forum post in mybb.

I then use the replies in the mybb thread as the comments in wordpress. So the user never has to login to wordpress. The way I generate the comments for wordpress to pick up is I generate an RSS feed of each posts through custom code and then I use the wordpress SimplePie class to interperet these and simple post them as comments.

You can see it all at http://www.silvertails.net

In the end it was better for me to write the code myself, I knew it would work how I had it and it was much more secure as well
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)