的Joomla! 2.5.19外部用户登录
[英]Joomla! 2.5.19 external user login
问题描述
不幸的是,我找不到与此Joomla相关的主题! 版。 在尝试了一些代码之后,我决定打开一个新主题,在这里问您专家。 :)
我们正在使用具有基本身份验证检查功能的脚本。 我们更新到Joomla之后! 2.5.19,旧的md5方法不再起作用。 PHP脚本如下:
session_start();
$db = mysql_connect("localhost", "root", "");
mysql_select_db("sql1",$db);
//Joomla user and pass check start
$sql = "SELECT * FROM j25_users WHERE username='".$_POST['user']."'";
$result = mysql_query($sql,$db);
$userdata = mysql_fetch_array($result);
list ($md5pass, $saltpass) = split (":", $userdata['password']);
$POSTPW = crypt ( 'xxgu952rjyiL', 'Xh2loHgxxi5ijuNbGI' );
echo "<br><br>";
$joomlapw=$userdata[password];
echo "POST PW= $POSTPW
<br>
Joomla - PW = $joomlapw
<br>
salt = $saltpass
<br>
";
if(((md5($_POST['pa'].$saltpass))==$md5pass) and ($userdata['usertype']=="Super Administrator" or $userdata['usertype']=="Editor"))
{
echo "success!";
$jommlapruefung="success";
}
echo "<br>$_POST[user] und $_POST[pa]";
//Joomla user and pass check complete
$dom =str_replace("lager.","",$_SERVER["HTTP_HOST"]);
$_GET['getdir']=str_replace(chr(92),"",$_GET['getdir']);
$_GET['getdir']=str_replace("//","/",$_GET['getdir']);
$_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']);
$_GET['getdir']=str_replace(".","_",$_GET['getdir']);
if ($_GET['getdir']==NULL) $_GET['getdir']="/";
if ( ($_GET['getdir']=="") || ($_GET['getdir']=="/") )
{
if ($jommlapruefung!="success" & $_SESSION['best']!='gogo')
{
die("<FORM ACTION=index.php METHOD=POST>
Username: <INPUT TYPE=text NAME=user LENGTH=25 SIZE=25>
Password: <INPUT TYPE=password NAME=pa LENGTH=25 SIZE=25>
<input type='submit' name='submit' value='Submit'><br>
</FORM>");
}
}
if ($jommlapruefung="success")
{
$_SESSION['best'] = 'gogo';
}
if($_SESSION['best']='gogo')
{
// HERE COMES THE SCRIPT AFTER LOGIN!!
// ...
}
?>
这段代码已经有两年历史了,它不是我创建的。 一些细节已清除。 您知道如何将此脚本从md5更新为bcrypt身份验证吗? 我感谢您为我提供的任何帮助! :)
1 个解决方案
解决方案1
0 2014-07-18 15:59:27
我不确定您的问题是否完整。 但是,如果您尝试使用另一个网站上的表单登录joomla,则可以在joomla的根目录中创建一个脚本,例如joomlalogin.php看起来像这样:
第一部分,使用以下命令启动joomla界面:
// START: Initialize Joomla framework
define( '_JEXEC', 1 );
define( 'DS', DIRECTORY_SEPARATOR );
define('JPATH_BASE', dirname(__FILE__) );
// Including Required Files
require_once ( JPATH_BASE.DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE.DS.'includes'.DS.'framework.php' );
// Create the Application
$mainframe =& JFactory::getApplication('site');
$mainframe->initialise();
$user =& JFactory::getUser();
// END: Initialize Joomla framework
然后验证并登录用户:
$app = JFactory::getApplication();
// Populate the data array:
$data = array();
$data['return'] = base64_decode(JRequest::getVar('return', '', 'POST', 'BASE64')); //Page user is returned to after a successfull login
$data['username'] = JRequest::getVar('username', '', 'method', 'username');
$data['password'] = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
// Set the return URL if empty.
if (empty($data['return'])) {
$data['return'] = 'index.php'; //If return page not set... set one.
}
// Set the return URL in the user state to allow modification by plugins
$app->setUserState('users.login.form.return', $data['return']);
// Get the log in options.
$options = array();
$options['remember'] = JRequest::getBool('remember', false);
$options['return'] = $data['return'];
// Get the log in credentials.
$credentials = array();
$credentials['username'] = $data['username'];
$credentials['password'] = $data['password'];
// Perform the log in.
if (true === $app->login($credentials, $options)) {
// Success
$app->setUserState('users.login.form.data', array());
$app->redirect(JRoute::_($app->getUserState('users.login.form.return'), false));
} else {
// Login failed !
$data['remember'] = (int)$options['remember'];
$app->setUserState('users.login.form.data', $data);
$app->redirect('index.php', false));
}
我没有测试过这段代码。 我只是使用您现有的网站来放置此getter。 因此,如果您遇到问题,或者我应该改善/修正答案,请告诉我。
您无法在joomla数据库中解密密码。 但是您可以使用此方法进行验证。 这将在用户安装了joomla的同一域上创建将用户登录到joomla的会话cookie。
如何在joomla 2.5中使用外部文件访问登录用户数据?
[英]How can I access login user data using external files in joomla 2.5?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.