If you came from search engine, I bet you have read this guide “phpBB 3 cross-site session integration” at phpBB website. If you haven’t, please read if you need to understand the codes better (more descriptions at the page).
NOTE : if you need to integrate session for a custom file in the same folder as the forum, read this guide instead.
Recently I looked into this matter because I need to integrate the forum’s session with my premium themes area (which should be up in 24-48 hours).
This tutorial has 2 parts:
- Session Integration for phpBB 3 in Different Folders
- Session Integration for phpBB 3 in Different Subdomains
You need to follow session integration for Different Folders first before going for Different Subdomains.
Let’s look into “Different Folder” first. In my case, I created a new folder outside the forums folder. In other words, my forum directory is public_html/mysite/forums and my new folder is at public_html/mysite/testing.
Create a file called ‘index.php’ inside ‘testing’ folder and paste the following codes into the file:
<?php define('IN_PHPBB', true); define('ROOT_PATH', "../forums"); $forumurl = 'http://mysite.com/forums'; $newurl = 'http://mysite.com/testing'; if (!defined('IN_PHPBB') || !defined('ROOT_PATH')) { exit(); } $phpEx = "php"; $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : ROOT_PATH . '/'; include($phpbb_root_path . 'common.' . $phpEx); $user->session_begin(); $auth->acl($user->data); ?> |
If you want to show all your stored user data variable, use this :
echo '<pre>'; var_dump($user); echo '</pre>';
Edit line 4 with the path to forums folder. In my case, it is ../forums.
Edit line 5 with the URL to the forum.
Edit line 6 with the URL to the new folder.
The codes below explain it all.
<?php if ($user->data['user_id'] == ANONYMOUS) { ?> // content for guests <?php } else { ?> // content for members <?php } ?> |
This is where I stopped following the guide because the login and logout method does not work for me. I added a login form myself:
<form action="<?php echo $forumurl; ?>ucp.php?mode=login" method="post"> <input type="text" name="username" value="" /><br /> <input type="password" name="password" value="" /><br /> <input type="checkbox" name="autologin" value="1" /> Remember Me<br /> <input type="hidden" name="redirect" value="<?php echo $newurl; ?>" /> <input type="submit" name="login" value="Login" /> </form> Not a member? <a href="<?php echo $forumurl; ?>ucp.php?mode=register">Register now</a>! |
Note that the form has a username field and a password field, a checkbox with “remember me” option, a link to register and it redirects back to the new folder after login.
Logging out would need your session id. You can get that id from $user->data['session_id']. This is the logout link :
<a href="<?php echo $forumurl; ?>ucp.php?mode=logout&sid=<?php echo $user->data['session_id']; ?>&redirect=<?php echo $newurl; ?>">Log Out</a> |
So until here, I have this codes in my public_html/mysite/testing/index.php.
<?php define('IN_PHPBB', true); define('ROOT_PATH', "../forums"); $forumurl = 'http://mysite.com/forums'; $newurl = 'http://mysite.com/testing'; if (!defined('IN_PHPBB') || !defined('ROOT_PATH')) { exit(); } $phpEx = "php"; $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : ROOT_PATH . '/'; include($phpbb_root_path . 'common.' . $phpEx); $user->session_begin(); $auth->acl($user->data); ?> <?php if ($user->data['user_id'] == ANONYMOUS) { ?> // content for guests - login form <form action="<?php echo $forumurl; ?>ucp.php?mode=login" method="post"> <input type="text" name="username" value="" /><br /> <input type="password" name="password" value="" /><br /> <input type="checkbox" name="autologin" value="1" /> Remember Me<br /> <input type="hidden" name="redirect" value="<?php echo $newurl; ?>" /> <input type="submit" name="login" value="Login" /> </form> Not a member? <a href="<?php echo $forumurl; ?>ucp.php?mode=register">Register now</a>! <?php } else { ?> // content for members - logout link <a href="<?php echo $forumurl; ?>ucp.php?mode=logout&sid=<?php echo $user->data['session_id']; ?>&redirect=<?php echo $newurl; ?>">Log Out</a> <?php } ?> |
It displays a login form for guest and a logout link for member.
Login redirect is already done if you followed my codes above. It was done using a hidden input with name “redirect”. However, logout redirect need some tweaks to work.
Open ucp.php from your forum’s main folder and look for:
meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); |
Replace with :
meta_refresh(3, append_sid(request_var('redirect', "{$phpbb_root_path}index.$phpEx"))); |
Look for :
$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a> '); |
Replace with :
$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid(request_var('redirect', "{$phpbb_root_path}index.$phpEx")) . '">', '</a> '); |
Explaination : The meta refresh now check for $_GET['redirect'] and use the value if it is found.
You need to follow the guide above for the edits in ucp.php.
This is the guide to use same session for different subdomains. EG: your forum URL is http://forums.mysite.com and new subdomain is http://testing.mysite.com
Based on the codes above, I changed line 5 and 6 to my new URL:
$forumurl = 'http://forums.mysite.com/'; $newurl = 'http://testing.mysite.com/'; |
This step is a must for different subdomains.
Login into admin panel > Server configuration > Cookie settings
Change the cookie domain to your main domain with a dot in front. In my case, my cookie domain is
.mysite.com
This edit makes cookie visible on all subdomains of mysite.com
If you noticed, the redirect after login or logout does not work anymore. This is because the redirect() and meta_refresh() functions in phpBB do not allow external redirect by default.
Open includes/functions.php from forum’s folder :
Look for :
function redirect($url, $return = false, $disable_cd_check = false) |
Replace with :
function redirect($url, $return = false, $disable_cd_check = true) |
Look for :
function meta_refresh($time, $url, $disable_cd_check = false) |
Replace with :
function meta_refresh($time, $url, $disable_cd_check = true) |
EXPLAINATION : Why don’t I add third argument with value of “boolean true” in the redirect() function in ucp.php?
I tried but it doesn’t work. Maybe it is a bug? To achieve what I want, I have to edit the third argument’s default value in functions.php.
Hope this helps you. All comments are appreciated. If I missed something, tell me.
Hey there, welcome to Zen's Design Blog!
I make free themes, premium themes and plugins for wordpress. Besides, I distribute free downloadable resources that might help you in your design and much more.
ZenVerse is Zen's web journal about web design and development.
Zen is from Malaysia.
More about Zen »
Thanks for the info
This is a very good website. I am bookmarking it at the moment
this is the very good artcile i dont know why this site doesnt ranks up in log in integration….i everything worked fine for me but when i log out..it takes me to the forum and log out ends there it is not redirecing me to index page of the site…what cab be wrong with log out?
hey ok it worked also everything worked great this article is complete..why people arent getting here to read all this ,only one comment before me..great article.you helped me a lot.thanks
Hey there I have to get a proper anti-virus.. someone used my desktop and I managed to get some sort of trojan, that i cant get rid of! I need ideas of where to start, please tell me if i will be able to get something to dispose of it for nothing?
regards