[eluser]Vik[/eluser]
(Continued from previous post).
Code:
//SMF calls this routine and provides the $username as a parameter.
function login_to_CI_App($username, $hash_password, $cookieTime)
{
// SMF has validated the user. So, log the user in, by
// setting a cookie and putting a matching entry in the ci_sessions database.
//
// ACCESS GLOBALS FROM SMF
global $user_settings, $db_name, $system_folder;
// LOAD CONFIG INFO
define('BASEPATH', $system_folder.'/');
include($_SERVER['DOCUMENT_ROOT'] . '/' . $system_folder . '/application/config/config.php');
include($_SERVER['DOCUMENT_ROOT'] . '/' . $system_folder . '/application/config/database.php');
// SET THE COOKIE
$theCookieName = $config['sess_cookie_name'];
$theSessionID = '';
while (strlen($theSessionID) < 32)
{
$theSessionID .= mt_rand(0, mt_getrandmax());
}
$theSessionID = md5(uniqid($sessid, TRUE));
$now = get_current_time($config);
$theExpireTime = $config['sess_expiration'] + $now;
$theCookiePath = $config['cookie_path'];
$theDomain = $config['cookie_domain'];
setcookie(
$theCookieName,
$theSessionID,
$theExpireTime,
$theCookiePath,
$theDomain,
0
);
// INSERT THE MATCHING ENTRY INTO THE CI_SESSIONS DATABASE
$hostname = $db['default']['hostname'];
$user = $db['default']['username'];
$password = $db['default']['password'];
$thedatabase = $db['default']['database'];
// $db_link = mysql_connect($hostname, $user, $password);
mysql_select_db($thedatabase);
// Get the info that needs to go into the ci_sessions database.
// Some of it we can get from the browser.
$theIPAddress = get_ip_address();
$theUserAgent = ( ! isset($_SERVER['HTTP_USER_AGENT']) ? FALSE : $_SERVER['HTTP_USER_AGENT']);
$theUserAgent = substr($theUserAgent, 0, 50);
// Some of it we get from the fa_user database
$email = $user_settings['emailAddress'];
$theQuery = "SELECT id, user_name, country_id, email, role, last_visit, created, modified FROM fa_user WHERE email = '$email'";
$result = mysql_query($theQuery);
$theUserData = mysql_fetch_array($result, MYSQL_ASSOC);
$theSerializedUserData = serialize($theUserData);
// Insert the data into the ci_sessions table
$theQuery = "INSERT INTO ci_sessions (session_id, ip_address, user_agent, last_activity, session_data) VALUES ('$theSessionID', '$theIPAddress', '$theUserAgent', '$now', '$theSerializedUserData')";
$result = mysql_query($theQuery);
// return database to SMF in a state it expects
mysql_select_db($db_name);
// mysql_close($db_link);
}
//This is the valid_ip function in system/libraries/input.php
function valid_ip($ip)
{
$ip_segments = explode('.', $ip);
// Always 4 segments needed
if (count($ip_segments) != 4)
{
return FALSE;
}
// IP can not start with 0
if (substr($ip_segments[0], 0, 1) == '0')
{
return FALSE;
}
// Check each segment
foreach ($ip_segments as $segment)
{
// IP segments must be digits and can not be
// longer than 3 digits or greater then 255
if (preg_match("/[^0-9]/", $segment) OR $segment > 255 OR strlen($segment) > 3)
{
return FALSE;
}
}
return TRUE;
}
//Adapted from the ip_address function in system/libraries/input.php
function get_ip_address()
{
$ip_address = FALSE;
if (isset($_SERVER['REMOTE_ADDR']) AND isset($_SERVER['HTTP_CLIENT_IP']))
{
$ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
elseif (isset($_SERVER['REMOTE_ADDR']))
{
$ip_address = $_SERVER['REMOTE_ADDR'];
}
elseif (isset($_SERVER['HTTP_CLIENT_IP']))
{
$ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
$ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
if ($ip_address === FALSE)
{
$ip_address = '0.0.0.0';
return $ip_address;
}
if (strstr($ip_address, ','))
{
$x = explode(',', $ip_address);
$ip_address = end($x);
}
if ( !valid_ip($ip_address))
{
$ip_address = '0.0.0.0';
}
return $ip_address;
}
So that approach can be used to handle events that happen in the forum, so as to make sure your CI app is in sync with those events.
(Continued next post).