chive

how to include host;user;psswd;db datas for automatic login ?

Asked by Marc CORREIA

how to include host;user;psswd;db datas for automatic login ?
I tried something in the index.php and /protected/config/main.php but it doesn't work.
I have a php file where my db settings are stored.
Where to place the 'include' line and how to integrate this?

In the index.php line 25, there's a
if(!$app->user->isGuest) but I don't know how to tell that user is .... something like $user.

Where to manually fix $app...?

Please kindly help me.
Regards

Question information

Language:
English Edit question
Status:
Solved
For:
chive Edit question
Assignee:
No assignee Edit question
Solved by:
Marc CORREIA
Solved:
Last query:
Last reply:
Revision history for this message
David Roth (davrot) said : 		#1

In index.php @Line 34

elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
{

Include the following code:

$identity = new UserIdentity("root","password","localhost");

if($identity->authenticate())
{
 Yii::app()->user->login($identity);
 $app->request->redirect(Yii::app()->homeUrl);
}

Revision history for this message
Marc CORREIA (marcoolenium) said : 		#2

Thanks for your proposition.
Doesn't work.

1-
First, I'd lke to advise that
 elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
is @Line 33 for me. CHIVE 3. index.php

2-
Second, I need to include 4 fields:
host_server,
db_user,
db_password,
db_name

3-
This is the code I replaced according to your propostions. Is it correct?:
elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
{
 $identity = new UserIdentity("root","password","localhost");
 if($identity->authenticate())
 {Yii::app()->user->login($identity);$app->request->redirect(Yii::app()->homeUrl);}
 elseif($app->request->isAjaxRequest)
 {
  $response = new AjaxResponse();
  $response->redirectUrl = Yii::app()->createUrl('site/login');
  $response->send();
 }
 else
 {
  $app->request->redirect(Yii::app()->createUrl('site/login'));
 }
}

// Language
......

Revision history for this message
Marc CORREIA (marcoolenium) said : 		#3

Thanks for your proposition.

Doesn't work.

1-

First, I'd lke to advise that

 elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
is @Line 33 for me. CHIVE 3. index.php

2-

Second, I need to include 4 fields:

host_server,

db_user,

db_password,

db_name

3-

This is the code I replaced according to your propostions. Is it correct?:

elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
{
 $identity = new UserIdentity("root","password","localhost");
 if($identity->authenticate())
 {Yii::app()->user->login($identity);$app->request->redirect(Yii::app()->homeUrl);}
 elseif($app->request->isAjaxRequest)
 {
  $response = new AjaxResponse();
  $response->redirectUrl = Yii::app()->createUrl('site/login');
  $response->send();
 }
 else
 {
  $app->request->redirect(Yii::app()->createUrl('site/login'));
 }
}

// Language

Regards

> To: <email address hidden>
> From: <email address hidden>
> Subject: Re: [Question #127192]: how to include host; user; psswd; db datas for automatic login ?
> Date: Tue, 28 Sep 2010 18:19:59 +0000
>
> Your question #127192 on chive changed:
> https://answers.launchpad.net/chive/+question/127192
>
> Status: Open => Answered
>
> David Roth proposed the following answer:
> In index.php @Line 34
>
> elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
> {
>
> Include the following code:
>
> $identity = new UserIdentity("root","password","localhost");
>
> if($identity->authenticate())
> {
> Yii::app()->user->login($identity);
> $app->request->redirect(Yii::app()->homeUrl);
> }
>
> --
> If this answers your question, please go to the following page to let us
> know that it is solved:
> https://answers.launchpad.net/chive/+question/127192/+confirm?answer_id=0
>
> If you still need help, you can reply to this email or go to the
> following page to enter your feedback:
> https://answers.launchpad.net/chive/+question/127192
>
> You received this question notification because you are a direct
> subscriber of the question.

Revision history for this message
David Roth (davrot) said : 		#4

The code is alright.
Have you required your config file before the creation of the UserIdentity class and modified the according line?

....
require('path_to_config_file.php')
.....
$identity = new UserIdentity($db_user, $db_password, $_host);

Revision history for this message
Marc CORREIA (marcoolenium) said : 		#5

I've tried with:
include('path_to_config_file.php');
Is it supposed to work with 'include' too or only with 'require' instruction?

In addition, what about the $db_name ?
$db_name is required in my mutualised server case, otherwise I would see all dabatases (thousands) which is useless and heavy loading at first login.

Revision history for this message
David Roth (davrot) said : 		#6

Require and Include are identical except upon failure they will produce different errors (warning or fatal) - so it makes no difference here.
The autologin only works on the root path e.x. http://localhost/chive/

You could redirect to the appropriate schema:

.....
Yii::app()->user->login($identity);
$app->request->redirect(Yii::app()->homeUrl . "/schema/YOUR_SCHEMA_NAME");

Revision history for this message
Marc CORREIA (marcoolenium) said : 		#7

Still doesn't work.
http://www.mydomain.com/adminsome/chive/ redirects to http://www.mydomain.com/adminsome/chive/site/login
with host = localhost in the form.
Nothing has changed since the original code.
Isn't it because of the user->isGuest?

1-Please check my full code from @Line 25:
if(!$app->user->isGuest)
{
 $app->db->connectionString = 'mysql:host=' . $app->user->host . ';dbname=information_schema';
 $app->db->username= $app->user->name;
    $app->db->password= $app->user->password;
    $app->db->autoConnect = true;
    $app->db->setActive(true);
}
elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
{
 include('../../config/settings.inc.php');
 $db_user = _DB_USER_;
 $db_password = _DB_PASSWD_;
 $db_host = _DB_SERVER_;
 $db_database = _DB_NAME_;
 $identity = new UserIdentity($db_user, $db_password, $_host);
 if($identity->authenticate())
 {Yii::app()->user->login($identity);$app->request->redirect(Yii::app()->homeUrl);}
 elseif($app->request->isAjaxRequest)
 {
  $response = new AjaxResponse();
  $response->redirectUrl = Yii::app()->createUrl('site/login');
  $response->send();
 }
 else
 {
  $app->request->redirect(Yii::app()->createUrl('site/login'));
 }
}

2-I don't understand your autologin root path http://localhost/chive/
isn't it supposed to work on relative path?
What should be then my "/schema/YOUR_SCHEMA_NAME" knowing that chive is installed as follows:
http://www.mydomain.com/adminsome/chive/
which is: relative_root_path/adminsome/chive/

3- Do you mean by "/schema/YOUR_SCHEMA_NAME" :
"/schema/'.$db_database.'" ?

Revision history for this message
Marc CORREIA (marcoolenium) said : 		#8

--AUTOLOGIN WORKS--
I changed $_host to $db_host. Here is full working code from @Line25:
if(!$app->user->isGuest)
{
 $app->db->connectionString = 'mysql:host=' . $app->user->host . ';dbname=information_schema';
 $app->db->username= $app->user->name;
    $app->db->password= $app->user->password;
    $app->db->autoConnect = true;
    $app->db->setActive(true);
}
elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
{
 include('../../config/settings.inc.php');
 $db_user = _DB_USER_;
 $db_password = _DB_PASSWD_;
 $db_host = _DB_SERVER_;
 $db_database = _DB_NAME_;
 $identity = new UserIdentity($db_user, $db_password, $db_host);
 if($identity->authenticate())
 {Yii::app()->user->login($identity);$app->request->redirect(Yii::app()->homeUrl);}
 elseif($app->request->isAjaxRequest)
 {
  $response = new AjaxResponse();
  $response->redirectUrl = Yii::app()->createUrl('site/login');
  $response->send();
 }
 else
 {
  $app->request->redirect(Yii::app()->createUrl('site/login'));
 }
}

--BUT NEW PROBLEM 1--
Log out doesn't work anymore. When clic on 'log out' it reloads the autologin... obvious!
How to solve this? 'die' or something.

--NEW PROBLEM 2--SECURITY--
Any person person going to my chive URL would autologin.
How to get 'autologin' only from a previous URL or cookie or else?
The idea is to clic my_url_to_chive from my other application backoffice.

Revision history for this message
David Roth (davrot) said : 		#9

Yeah that's because this is not a real autologin solution - it's just a hack to keep you permanently logged in with the same user.
A Cookie based Autologin is currently not implemented.
I'm sorry, this is the only hack i can give you for now - a real cookie based autlogin (e.x. with a remember checkbox) would require some work - and unfortunately i do not have enough time to implement bigger tasks for chive at the moment.

Revision history for this message
Marc CORREIA (marcoolenium) said : 		#10

OK David, I understand.
Thank you for your support. You have been very efficient.
In addition, I understood your schema/ proposition.
Here is the final code for interested people.
Warning: without any security, Problem 1 and problem 2 above mentioned unsolved of course.
index.php @Line25 until the //Language, replace with:

if(!$app->user->isGuest)
{
 $app->db->connectionString = 'mysql:host=' . $app->user->host . ';dbname=information_schema';
 $app->db->username= $app->user->name;
    $app->db->password= $app->user->password;
    $app->db->autoConnect = true;
    $app->db->setActive(true);
}
elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
{
 include('../../config/settings.inc.php');
 $db_user = _DB_USER_;
 $db_password = _DB_PASSWD_;
 $db_host = _DB_SERVER_;
 $db_database = _DB_NAME_;
 $identity = new UserIdentity($db_user, $db_password, $db_host);
 if($identity->authenticate())
 {Yii::app()->user->login($identity);
 $app->request->redirect(Yii::app()->homeUrl. "schema/$db_database");}
 elseif($app->request->isAjaxRequest)
 {
  $response = new AjaxResponse();
  $response->redirectUrl = Yii::app()->createUrl('site/login');
  $response->send();
 }
 else
 {
  $app->request->redirect(Yii::app()->createUrl('site/login'));
 }
}

Revision history for this message
Marc CORREIA (marcoolenium) said : 		#11

***NEW HACK FOR AUTOLOGIN OPTION*** ***AUTOLOGIN IMPROVEMENT***
This hack is to autologin from other CMS.
Use the function GET or POST or SESSION to inject variables in the index.php.
This avoids to put an 'include' or 'require' function in the index.php.

In my example I use GET function.
First modify the above code,
From:
 include('../../config/settings.inc.php');
 $db_user = _DB_USER_;
 $db_password = _DB_PASSWD_;
 $db_host = _DB_SERVER_;
 $db_database = _DB_NAME_;
$identity = new UserIdentity($db_user, $db_password, $db_host);
 if($identity->authenticate())
 {Yii::app()->user->login($identity);
 $app->request->redirect(Yii::app()->homeUrl. "schema/$db_database");}

To:
 $db_user = $_GET[db_user];
 $db_password = $_GET[db_password];
 $db_host = $_GET[db_host];
 $db_database = $_GET[db_database];
$identity = new UserIdentity($db_user, $db_password, $db_host);
 if($identity->authenticate() && $db_database)
 {Yii::app()->user->login($identity);
 $app->request->redirect(Yii::app()->homeUrl. "schema/$db_database");}

Then, in your other CMS file calling Chive's index.php, you need to include and adapt these lines accordingly to your program language:
 include "../path_to_your_settings/settings.inc.php";
  $db_user = _DB_USER_;
  $db_password = _DB_PASSWD_;
  $db_host = _DB_SERVER_;
  $db_database = _DB_NAME_;
 <strong><a href="../modules/prestachive/chive/index.php?db_user='.$db_user.'&db_password='.$db_password.'&db_host='.$db_host.'&db_database='.$db_database.'" target="_blank" style=" font-weight:bolder">ENTER</a></strong><br/>';

The CMS file sends our 4 variables to index.php.
It works for me.

Two last interesting points regarding security:
- Log Out works correctly and cuts the session properly.
- Impossible to autolog directly throw the index.php.

Remark:
To change language after autologin, first logout, then choose language, then use your autologin CMS page again.

Final code for me:
if(!$app->user->isGuest)
{
 $app->db->connectionString = 'mysql:host=' . $app->user->host . ';dbname=information_schema';
 $app->db->username= $app->user->name;
    $app->db->password= $app->user->password;
    $app->db->autoConnect = true;
    $app->db->setActive(true);
}
elseif(!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request)))
{
 $db_user = $_GET[db_user];
 $db_password = $_GET[db_password];
 $db_host = $_GET[db_host];
 $db_database = $_GET[db_database];
 $identity = new UserIdentity($db_user, $db_password, $db_host);
 if($identity->authenticate() && $db_database)
 {Yii::app()->user->login($identity);
 $app->request->redirect(Yii::app()->homeUrl. "schema/$db_database");}
 elseif($app->request->isAjaxRequest)
 {
  $response = new AjaxResponse();
  $response->redirectUrl = Yii::app()->createUrl('site/login');
  $response->send();
 }
 else
 {
  $app->request->redirect(Yii::app()->createUrl('site/login'));
 }
}

//Language .................