homepage Welcome to WebmasterWorld Guest from 54.205.144.231
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Intergrate PHP forum for a members area
Member area already built and need a forum without having to log in twice.
lasko




msg:3581191
 3:46 pm on Feb 21, 2008 (gmt 0)

I've never attempted this before but we already have a basic member area with MD5 Encrypted Password stored in a Mysql Database and we need to allow the member to access a forum so they can communicate with other members.

Can anyone point me into the right direction on to implement this?

Will I just need to create a cookie for the user?

Any open source php forum available that would be handle this?

Appreciate any advice.

Cheers

 

eelixduppy




msg:3581214
 4:11 pm on Feb 21, 2008 (gmt 0)

>> Will I just need to create a cookie for the user?

Yes, that is a start. You are going to need to use cookies and/or sessions to accomplish this task.

>> Any open source php forum available that would be handle this?

I'm sure you can use most of the popular open-source php forum applications for this, however, you are going to have to dissect the login code a little bit and possibly alter it to fit your standing application's login routine. You should make it check the cookie/session for the correct login credentials, and if correct, proceed to allowing them to view the forum, etc...but if not, prompt for a login.

henry0




msg:3581283
 4:55 pm on Feb 21, 2008 (gmt 0)

In such a case I will do as eelix suggests' but the reverse...
most reputable forums, carts etc.. do have pretty efficient registration/login system
so I will do a "post mortem" on the forum and extend its reg/login to fit the rest of your application instead of relying on your application login.

PHP_Chimp




msg:3581460
 7:35 pm on Feb 21, 2008 (gmt 0)

If you are going to use other code for the basis of yours then you need to make sure that you dont fall into the same traps that others have fallen into. Also make sure that you use an appropriate level of checking.

If you are allowing people to post personal details then you need to be quite careful that the person logging in as who there cookie says they are. If like this site you basically dont allow any personal contact details then you dont need to be so careful (as there is almost no information for people to get).

Also dont store the password in the cookie...like a forum very close to here does (look at your cookie and you will see what I mean) :p

For setting the cookie id there is a useful function uniqid [uk.php.net] as storing there id as it appears in the database is not such a good idea (assuming you are using a sequential id). As if your cookie id is 257 you can be fairly sure that there is a user 256 and 258, so you are already half way to faking there login. A random id is better...it also avoids the very old admin = 1 problem, as admin will be just as random as everyone else.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved