的Joomla! 2.5.19外部用戶登錄
[英]Joomla! 2.5.19 external user login
問題描述
不幸的是,我找不到與此Joomla相關的主題! 版。 在嘗試了一些代碼之后,我決定打開一個新主題,在這里問您專家。 :)
我們正在使用具有基本身份驗證檢查功能的腳本。 我們更新到Joomla之后! 2.5.19,舊的md5方法不再起作用。 PHP腳本如下:
session_start();
$db = mysql_connect("localhost", "root", "");
mysql_select_db("sql1",$db);
//Joomla user and pass check start
$sql = "SELECT * FROM j25_users WHERE username='".$_POST['user']."'";
$result = mysql_query($sql,$db);
$userdata = mysql_fetch_array($result);
list ($md5pass, $saltpass) = split (":", $userdata['password']);
$POSTPW = crypt ( 'xxgu952rjyiL', 'Xh2loHgxxi5ijuNbGI' );
echo "<br><br>";
$joomlapw=$userdata[password];
echo "POST PW= $POSTPW
<br>
Joomla - PW = $joomlapw
<br>
salt = $saltpass
<br>
";
if(((md5($_POST['pa'].$saltpass))==$md5pass) and ($userdata['usertype']=="Super Administrator" or $userdata['usertype']=="Editor"))
{
echo "success!";
$jommlapruefung="success";
}
echo "<br>$_POST[user] und $_POST[pa]";
//Joomla user and pass check complete
$dom =str_replace("lager.","",$_SERVER["HTTP_HOST"]);
$_GET['getdir']=str_replace(chr(92),"",$_GET['getdir']);
$_GET['getdir']=str_replace("//","/",$_GET['getdir']);
$_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']);
$_GET['getdir']=str_replace(".","_",$_GET['getdir']);
if ($_GET['getdir']==NULL) $_GET['getdir']="/";
if ( ($_GET['getdir']=="") || ($_GET['getdir']=="/") )
{
if ($jommlapruefung!="success" & $_SESSION['best']!='gogo')
{
die("<FORM ACTION=index.php METHOD=POST>
Username: <INPUT TYPE=text NAME=user LENGTH=25 SIZE=25>
Password: <INPUT TYPE=password NAME=pa LENGTH=25 SIZE=25>
<input type='submit' name='submit' value='Submit'><br>
</FORM>");
}
}
if ($jommlapruefung="success")
{
$_SESSION['best'] = 'gogo';
}
if($_SESSION['best']='gogo')
{
// HERE COMES THE SCRIPT AFTER LOGIN!!
// ...
}
?>
這段代碼已經有兩年歷史了,它不是我創建的。 一些細節已清除。 您知道如何將此腳本從md5更新為bcrypt身份驗證嗎? 我感謝您為我提供的任何幫助! :)
1 個解決方案
解決方案1
0 2014-07-18 15:59:27
我不確定您的問題是否完整。 但是,如果您嘗試使用另一個網站上的表單登錄joomla,則可以在joomla的根目錄中創建一個腳本,例如joomlalogin.php看起來像這樣:
第一部分,使用以下命令啟動joomla界面:
// START: Initialize Joomla framework
define( '_JEXEC', 1 );
define( 'DS', DIRECTORY_SEPARATOR );
define('JPATH_BASE', dirname(__FILE__) );
// Including Required Files
require_once ( JPATH_BASE.DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE.DS.'includes'.DS.'framework.php' );
// Create the Application
$mainframe =& JFactory::getApplication('site');
$mainframe->initialise();
$user =& JFactory::getUser();
// END: Initialize Joomla framework
然后驗證並登錄用戶:
$app = JFactory::getApplication();
// Populate the data array:
$data = array();
$data['return'] = base64_decode(JRequest::getVar('return', '', 'POST', 'BASE64')); //Page user is returned to after a successfull login
$data['username'] = JRequest::getVar('username', '', 'method', 'username');
$data['password'] = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
// Set the return URL if empty.
if (empty($data['return'])) {
$data['return'] = 'index.php'; //If return page not set... set one.
}
// Set the return URL in the user state to allow modification by plugins
$app->setUserState('users.login.form.return', $data['return']);
// Get the log in options.
$options = array();
$options['remember'] = JRequest::getBool('remember', false);
$options['return'] = $data['return'];
// Get the log in credentials.
$credentials = array();
$credentials['username'] = $data['username'];
$credentials['password'] = $data['password'];
// Perform the log in.
if (true === $app->login($credentials, $options)) {
// Success
$app->setUserState('users.login.form.data', array());
$app->redirect(JRoute::_($app->getUserState('users.login.form.return'), false));
} else {
// Login failed !
$data['remember'] = (int)$options['remember'];
$app->setUserState('users.login.form.data', $data);
$app->redirect('index.php', false));
}
我沒有測試過這段代碼。 我只是使用您現有的網站來放置此getter。 因此,如果您遇到問題,或者我應該改善/修正答案,請告訴我。
您無法在joomla數據庫中解密密碼。 但是您可以使用此方法進行驗證。 這將在用戶安裝了joomla的同一域上創建將用戶登錄到joomla的會話cookie。
如何在joomla 2.5中使用外部文件訪問登錄用戶數據?
[英]How can I access login user data using external files in joomla 2.5?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.