PHP Mysql Coding

D

DsBalsak

Senior Member
Joined
Nov 25, 2011
Messages
515
Reaction score
42
Location
Mountain View
Hey guys,

I'm trying to integrate phpbb3 into my existing site and user database and got an auth plugin from phpbb3 forum, now the problem that i picked up in my googling for this error is that MySQLi sort of doesn't exist anymore and this is what this plugin uses to function on if i can put it like that

Code: 
<?php
/**
* External MySQL auth plug-in for phpBB3
*
* Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
*
* @package login
* @version $Id: auth_dbext.php 8602 2009-04-09 16:38:27Z nzeyimana $
* @copyright NONE: use as you see fit but no guarantees
* @license NONE: use as you see fit but no guarantees
*
*/

/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
    exit;
}

/**
*
* @return boolean|string false if the user is identified and else an error message
*/

function init_dbext()
{
    // TODO: do any needed initialization
}

/**
* Login function
*/
function login_dbext(&$username, &$password)
{
    global $db;
    
    // do not allow empty password
    if (!$password)
    {
        return array(
            'status'    => LOGIN_ERROR_PASSWORD,
            'error_msg'    => 'NO_PASSWORD_SUPPLIED',
            'user_row'    => array('user_id' => ANONYMOUS),
        );
    }

    if (!$username)
    {
        return array(
            'status'    => LOGIN_ERROR_USERNAME,
            'error_msg'    => 'LOGIN_ERROR_USERNAME',
            'user_row'    => array('user_id' => ANONYMOUS),
        );
    }
    
    /////////////////////////////////////////////////////////////////////////////////////////////////////////////
    // Note: on my systems, I include these following lines from an external file that is not web-accessible 
    /////////////////////////////////////////////////////////////////////////////////////////////////////////////
    $db_host      = "dphost"; // Here goes the MySQL server address, hostname or IP
    $db_user      = "dbuser";  // Here goes the MySQL user allowed to read the table below (GRANT SELECT ON ....)
    $db_password  = "dbpassword";    // Here should go the password associated with the above user
    $db_database  = "database";    // Here goes the Database containing the table below
    $db_table     = "dbtable";  // Here will goes the table list users allowed to login into PHPBB   
    ////////////////////////////////////////////////////////////////////////////////////////////////////////////
    $col_username = "username";
    $col_password = "password";
    $hashMethod   = "sha1"; // Can be one of:  md5, sha1, plain
                            // In case you choose to use a non-standard hashing function, be 
                            // sure to change below where the $hashedPassword variable is created
    
    $objMySqli = new mysqli($db_host, $db_user, $db_password, $db_database);
    
    /* check connection */
    if (mysqli_connect_errno()) 
    {
        return array(
            'status'    => LOGIN_ERROR_EXTERNAL_AUTH ,
            'error_msg'    => 'LOGIN_ERROR_EXTERNAL_AUTH ',
            'user_row'    => array('user_id' => ANONYMOUS),
        );
    }
    
    // Check the User/Password
    if($hashMethod == 'sha1')
    {
        $hashedPassword = sha1($password);
    } elseif($hashMethod == 'md5') {
        $hashedPassword = md5($password);
    } else {
        $hashedPassword = $password;
    }
    $sql = 
        "SELECT 11 as ID 
        FROM " . $db_table . " 
        WHERE 
            " . $col_username . " = '" . mysqli_real_escape_string($username)          . "' AND 
            " . $col_password . " = '" . mysqli_real_escape_string($hashedPassword) . "' 
            ";
    
    if ( $result = $objMySqli->query($sql) )
    {
        if ( $result->num_rows <= 0 )
        {
            return array(
                'status'    => LOGIN_ERROR_USERNAME,
                'error_msg'    => 'LOGIN_ERROR_USERNAME',
                'user_row'    => array('user_id' => ANONYMOUS),
            );
        }

        $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
            FROM ' . USERS_TABLE . "
            WHERE username = '" . $db->sql_escape($username) . "'";
        $result = $db->sql_query($sql);
        $row = $db->sql_fetchrow($result);
        $db->sql_freeresult($result);

        if ($row)
        {
            // User inactive...
            if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
            {
                return array(
                    'status'        => LOGIN_ERROR_ACTIVE,
                    'error_msg'        => 'ACTIVE_ERROR',
                    'user_row'        => $row,
                );
            }
    
            // Successful login...
            return array(
                'status'        => LOGIN_SUCCESS,
                'error_msg'        => false,
                'user_row'        => $row,
            );
        }

        // this is the user's first login so create an empty profile
        return array(
            'status'        => LOGIN_SUCCESS_CREATE_PROFILE,
            'error_msg'        => false,
            'user_row'        => user_row_dbext($username, sha1($password)),
        );
    } else {
        // TODO: Handle this situation
    }

    // Not logged in using the external DB
    return array(
        'status'        => LOGIN_ERROR_EXTERNAL_AUTH,
        'error_msg'        => 'LOGIN_ERROR_EXTERNAL_AUTH',
        'user_row'        => array('user_id' => ANONYMOUS),
    );
}

/**
* This function generates an array which can be passed to the user_add function in order to create a user
*/
function user_row_dbext($username, $password)
{
    global $db, $config, $user;
    // first retrieve default group id
    $sql = 'SELECT group_id
        FROM ' . GROUPS_TABLE . "
        WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
            AND group_type = " . GROUP_SPECIAL;
    $result = $db->sql_query($sql);
    $row = $db->sql_fetchrow($result);
    $db->sql_freeresult($result);

    if (!$row)
    {
        trigger_error('NO_GROUP');
    }

    // generate user account data
    return array(
        'username'        => $username,
        'user_password'    => phpbb_hash($password), // Note: on my side, I don't use this because I want all passwords to remain on the remote system
        'user_email'    => '', // You can retrieve this Email at the time the user is authenticated from the external table
        'group_id'        => (int) $row['group_id'],
        'user_type'        => USER_NORMAL,
        'user_ip'        => $user->ip,
    );
}

?>

Does anybody know what function replaces $objMySqli in this plugin ? As my coding skills is limited to my trusty friend google, or is there a beter way of integrating an existing user database into phpbb3 ?

Edit : Here is my server specs Web server

Apache/2.2.16 (Debian)
MySQL client version: 5.1.73
PHP extension: mysqli

and the topic i got it from

https://www.phpbb.com/community/viewtopic.php?t=1598865

If that is of any help
 
Last edited:
"$objMySqli = new mysqli($db_host, $db_user, $db_password, $db_database);"

It is calling on a class called mysqli. This is not native to PHP, seems to be something that is part of phpbb3. It is not included in the file you pasted here. Ensure that it is included in run time or its going to complain as you have mentioned.
 
Last edited:
DsBalsak said:
Hey guys,

I'm trying to integrate phpbb3 into my existing site and user database and got an auth plugin from phpbb3 forum, now the problem that i picked up in my googling for this error is that MySQLi sort of doesn't exist anymore and this is what this plugin uses to function on if i can put it like that

/snip

Does anybody know what function replaces $objMySqli in this plugin ? As my coding skills is limited to my trusty friend google, or is there a beter way of integrating an existing user database into phpbb3 ?

Edit : Here is my server specs Web server

Apache/2.2.16 (Debian)
MySQL client version: 5.1.73
PHP extension: mysqli

and the topic i got it from

https://www.phpbb.com/community/viewtopic.php?t=1598865

If that is of any help
Click to expand...

What errors are you getting exactly? Are you certain the mysqli module is loaded (what does phpinfo() say)?

IndigoIdentity said:
"$objMySqli = new mysqli($db_host, $db_user, $db_password, $db_database);"

It is calling on a class called mysqli. This is not native to PHP, seems to be something that is part of phpbb3. It is not included in the file you pasted here. Ensure that it is included in run time or its going to complain as you have mentioned.
Click to expand...

mysqli does indeed exist as a loadable module for php (http://www.php.net/manual/en/class.mysqli.php).
 
Thanks so far guys here is an extract from phpinfo

mysqli

MysqlI Support => enabled
Client API library version => 5.1.73
Active Persistent Links => 0
Inactive Persistent Links => 0
Active Links => 0
Client API header version => 5.1.49
MYSQLI_SOCKET => /var/run/mysqld/mysqld.sock

Directive => Local Value => Master Value
mysqli.allow_local_infile => On => On
mysqli.allow_persistent => On => On
mysqli.default_host => no value => no value
mysqli.default_port => 3306 => 3306
mysqli.default_pw => no value => no value
mysqli.default_socket => no value => no value
mysqli.default_user => no value => no value
mysqli.max_links => Unlimited => Unlimited
mysqli.max_persistent => Unlimited => Unlimited
mysqli.reconnect => Off => Off


The only error it displays is this nothing specific :

General Error
Authentication method not found
Please notify the board administrator or webmaster
 
DsBalsak said:
Thanks so far guys here is an extract from phpinfo

mysqli

MysqlI Support => enabled
Client API library version => 5.1.73
Active Persistent Links => 0
Inactive Persistent Links => 0
Active Links => 0
Client API header version => 5.1.49
MYSQLI_SOCKET => /var/run/mysqld/mysqld.sock

Directive => Local Value => Master Value
mysqli.allow_local_infile => On => On
mysqli.allow_persistent => On => On
mysqli.default_host => no value => no value
mysqli.default_port => 3306 => 3306
mysqli.default_pw => no value => no value
mysqli.default_socket => no value => no value
mysqli.default_user => no value => no value
mysqli.max_links => Unlimited => Unlimited
mysqli.max_persistent => Unlimited => Unlimited
mysqli.reconnect => Off => Off


The only error it displays is this nothing specific :

General Error
Authentication method not found
Please notify the board administrator or webmaster
Click to expand...

I'm not really familiar with phpbb, what do the php/apache error logs say? Should be much more descriptive.
 
DsBalsak,

Your DB connection is probably fine. The error you mentioned is pointing you to the fact that phpbb does not know how to authenticate users. Meaning, it has no idea what to do when someone tries to log in.

I have no idea how to solve that problem since you're trying to use a custom auth module, but I can point you to:
https://www.phpbb.com/community/viewtopic.php?f=46&t=1252135
and you can try reseting your phpbb config back to using "db" for its auth_method. Hopefully your custom auth plugin will override the default one.

Or, you have missed some instructions on the forum where you got your custom auth plugin.
Or, your DB setup for phpbb3 is bad
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X