Problem with Remember me in CB login

11 years 7 months ago #78649 by AJStevens
Wow, wasn't sure anyone would still be interested in this thread, ok where to start.

Urm, firstly, I'd like to politely remind everyone to make sure their post is relevant to this thread, otherwise please start your own thread, as I've seen several that don't fit in here.

Swiftek
Like most, we're reluctant to upgrade or change anything since it's taken effort to put this together.

Yes it does seem to be a problem with the CB and the Joomla legacy, therefore I'm guessing Fireboard is also operating in legacy mode.

My understanding was that legacy mode provides the old values $my and the code that generates it alongside the newer Joomla 1.5 $user object, and the problem being the $my information is cleared/lost and requires a refresh to reinitialise it.

beat
Putting in a refresh command is a possibility (which lets face it is bad coding, I had a similiar issue designing my own external login page for a site that had phpbb, but corrected my coding), and it's hardly good coding practice to stick a refresh in the code to do it for the user, more so web statistics will be double what they should.

I don't see any options for the sessions management, if it times out, surely it's doing that on instruction from Joomla?

Swiftek
Well, I put the code in the top of the template index.php file, and fireboard is opened through index.php as an option, so if fireboard is relying on pulling in info from $my, surely it should have been able to do it, the cblogin on the left hand side certainly seems to stay logged in now.

Swiftek, we're going to have to look through the code to find out what Fireboard is doing session/user wise, I'll let you know if I find anything in the code here.
11 years 7 months ago #78652 by AJStevens
ok, well looking in fireboard.php I see these two bits:

[code:1]// Permissions: Check for administrators and moderators
if ($my->id != 0)
{
$aro_group = $acl->getAroGroup($my->id);
$is_admin = (strtolower($aro_group->name) == 'super administrator' || strtolower($aro_group->name) == 'administrator');
}
else
{
$aro_group = 0;
$is_admin = 0;
}

$is_moderator = fb_has_moderator_permission($database, $thisCat, $my->id, $is_admin);
[/code:1]

[code:1]//Get the userid; sometimes the new var works whilst $my->id doesn't..?!?
$my_id = $my->id;[/code:1]

After that everything seems to use the $my_id.

So, this is interesting, I would haev thought FEENDISH's code in the temlpate index file would have worked, unless the template is loaded after fireboard is.

What we should probably do is insert Feendish's code after where-ever Joomla 1.5's $user is created but before anything else (cblogin or fireboard), so that right after the $my is also populated, this should logicaly correct it for all 1.0 legacy pluggins, right?

Post edited by: AJStevens, at: 2008/10/31 10:36
11 years 7 months ago #78691 by Swiftek
AJ, (can I call you AJ?)

It is obvious to me that your level of programming knowledge is far beyond mine, so I'm afraid I'm not going to be much help until I get up to speed (if ever).

Since Fireboard is a component, it does not have a legacy mode. I would think that it takes it's authentication cues from the Joomla OS. That is about as far as my little brain can get without some more heavy research.

I just noticed on my 'flagship site' that if you load the Fireboard page first (rather than starting at my home page and clicking the forum link), you will see that it says "Guest" at the top, but you ARE in fact logged in and CAN post, reply, etc. So, the problem seems to be with Fireboard SHOWING that you are logged in rather than actually LOGGING you in.

Regarding upgrading:
OH, Come on:ohmy: !! The upgrade from Joomla 1.0 to 1.5 is simplicity itself! Refusing to do so is CRAZY, and anyone who doesn't deserves what they get!

Would you walk everywhere you go because learning to drive a car is too much trouble?

Besides, the problem you and I are discussing, AJ, does NOT effect Joomla 1.0, period. belsberg's issue has NOTHING to do with this thread. I really don't understand why he keeps posting here. It's been explained several times.

Got Tech?
11 years 7 months ago #78692 by Swiftek
OOPS! I spoke too soon. Fireboard is NOT logged in, it just shows the "Reply Topic" link to non-logged users.
(open mouth, insert foot)mmmmmfmffffhthmmmffff!

Got Tech?
11 years 7 months ago #78695 by AJStevens
Swiftek, sure AJ is fine.

Yeah it's usually best to stay ontop, particularly as 1.5 is no small improvement and there's plenty of good pluggins for 1.5 native now, and many that do both 1.0 and 1.5 native. We started with 1.5, but unfortunately some of these plugins/modules/components whatever are still 1.0. It's a shame, but I suppose if you want a regularly updated product you have to pay.

Back on topic, yes, while fireboard may do it's own bits afterwards, it still starts with Joomla.

Full Joomla 1.5 compatibility in legacy mode - now approved by us!

from wiki.bestofjoomla.com/com_fireboard/release_1.0/1.0.4/start

So sounds like it was native 1.0 and now wors in 1.5 in legacy mode as of 1.0.4 stable version (which is what we're using).

Just to blow what beat said clear out of the water, try this:

Open two tabs on your site, one in the fireboard forum somewhere and the other in a non-fireboard part of the site (homepage? perhaps), now walk away and leave for a good 20-30mins (whatever it takes to timeout on your settings).

Now, we already know that using feendish's code, if you refresh the homepage, the cblogin will now correctly show you as logged in. Without feendish's code, it will show as logged out, another refresh and it's logged in. The reason is clear that the $my information is not populated (god knows why, or maybe CB/Joomla).

Now, if you where instead to refresh the fireboard page instead when it timed out, you'll see that (with feendish's code) the cblogin shows logged in, but the fireboard forum shows Guest (or in the case you where in a restricted forum, it tells you access denied!). One more refresh and you're logged in and can access again.

Now, here's the kicker, beat, same thing again, only this time, refresh the homepage, then go to your fireboard tab and refresh, if what beat said was true you'd expect this to show Guest until you refreshed again... it DOESN'T, it shows you as logged in and all fine and dandy.

Explain that one then!

I've also been looking around and found this in a legacy.php file located in pluggins, system.

[code:1] /**

* Legacy global, use JFactory::getUser() [JUser object] instead

* @name $my

* @deprecated As of version 1.5

*/

$user =& JFactory::getUser();



$GLOBALS = (object)$user->getProperties();

$GLOBALS->gid = $user->get('aid', 0);
[/code:1]

Which looks to be doing (or should be) what feendish's code does. Now either it isn't doing it soon enough (hence the refresh needed), or it's not doing enough (all the values?).

This may point it to Joomla more than CB, but I don't believe Joomla has any built in "remember me" option, it was provided by CB, so really CB have not accounted for this flaw in Joomla (if it is definately a Joomla flaw) in their provision for a remember me, so it is a CB problem whereever the the main problem resides.

Thanks Swiftek, I know some, but of course I'm just following footsteps or breadcrumbs trying to backtrack through these Joomla and CB files to find out what happens when, and I'm only getting pieces, I can't see an overall picture of when what part gets processed/loaded and where we need to insert a fix. Feendish is on the right lines, but evidently in the template index.php file is not suitable, nor the cblogin if we hope to fix this site wide.

Post edited by: AJStevens, at: 2008/10/31 18:02
11 years 7 months ago #78837 by AJStevens
Interestingly, I did a search about Joomla Legacy $my and I found this on the joomla forum:

forum.joomla.org/viewtopic.php?f=473&t=335837

Which then points to this bug:
joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=6009 which looks have been submitted by our very own beat. Although believed to have been confusion, Toivo Talikka on 16 Oct 2008 would seem to say it should be get('gid' not get('aid' which would makes sense (g for group).

Now, it's specifically about the code above I posted, and that the group value attached to it is incorrect, this may not be related (surely it's not going by group != anon to prove the user is logged in?) still it's probably something to check, I'll make the the change and see what happens.

Post edited by: AJStevens, at: 2008/11/03 10:32
Moderators: beatnantkrileon
Time to create page: 0.414 seconds

Facebook Twitter LinkedIn