You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 258 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - hMailServer/Squirrelmail integration with PHPNuke [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

 
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
Poll :: If I were to finish this would anyone be interesting in implementing the system?

Yes
100%
 100%  [ 3 ]
No
0%
 0%  [ 0 ]
Total Votes : 3


Author Message
Crash_Maxed
Nuke Cadet
Nuke Cadet


Joined: Nov 15, 2005
Posts: 4


PostPosted: Tue Nov 15, 2005 4:18 am Reply with quoteBack to top

I am currently running PHPNuke 7.8 (heavily modded of course Smile). I am working on a mod that will semi-integrate Squirrelmail's (a PHP based webmail system) user/password MySQL database with PHPNuke's user database. The way it works follows. hMailServer has its tables named hm_*whatever* in the database called nuke. One of these is called hm_accounts. It stores account names, passwords, inbox max size, etc for a given user. It uses the same MD5 hashing as the password stores of PHPNuke. Hence the stored password hash for a user in PHPNuke is the same as a stored password hash for a user on hMailServer. I created the following lines of code to be used at around line 150 in the Your_Account/index.php file:
Code:

#Mod for hMailServer integration - insert new user
   $inboxsize = "25"; //size in MB of account inbox
   $getuserid = $db->sql_fetchrow($db->sql_query("SELECT user_id from ".$user_prefix."_users where username='$username'"));
   $storeduserid = stripslashes($getuserid['user_id']);
   $getuserpw = $db->sql_fetchrow($db->sql_query("SELECT user_password from ".$user_prefix."_users where username='$username'"));
   $storeduserpw = stripslashes($getuserpw['user_password']);
   $db->sql_query("INSERT INTO hm_accounts VALUES ($storeduserid, 1, 0, '{$username}@crashanime.com', '$storeduserpw', 1, 0, '', '', $inboxsize, 0, '', '', 2)");
#End of hMailServer mod to insert new user

These lines of code effectively add a user into the hm_accounts table using the same information the user provided at the time of signup on the site (this chunk of code is in function activate section of the file). This code comes into play just after the user is fully activated and just before the users information is taken out of nuke_users_temp. So for example...
User A comes along and registers on the site with a username of coolguy33 with a password of "temporary" (temporary = d5197d93c063a2b1e22d1630a39b7aef after it is thrown through md5 hashing). Even though the function of user_id in nuke_users in NULL, which means it takes the next available number in a sequence, we can get this number by using these 2 lines:
Code:

   $getuserid = $db->sql_fetchrow($db->sql_query("SELECT user_id from ".$user_prefix."_users where username='$username'"));
   $storeduserid = stripslashes($getuserid['user_id']);

Now that we have the user_id tag we have 3 pieces of info:
user_id, username, and userpassword (md5 of course). Lets just say that the user_id was 500. The following line....
Code:

   $db->sql_query("INSERT INTO hm_accounts VALUES ($storeduserid, 1, 0, '{$username}@crashanime.com', '$storeduserpw', 1, 0, '', '', $inboxsize, 0, '', '', 2)");

... inserts a new user into the hm_accounts table with the same user_id as the PHPNuke user's that was just added. It also adds the username as username@domain.com (where domain.com can be changed to whatever the site's domain is and username is the username coolguy33 in this ex). So in this case it adds the account name of coolguy33@crashanime.com. Finally, the variable $storeduserpw is the MD5 hash of the user's password and it is stored as the password for that user in hmail (So now above and beyond a new PHPNuke user we also have a new e-mail address for him with the same password as his PHPNuke account). The next part of the mod is to make it so that when the user changes his password in Your_Account it changes his hMailServer account password too. This is accomplished at around line 1250 of Your_Account/index.php with the following lines of code:
Code:

      #hMailServer account password update mod
      $getuserpw = $db->sql_fetchrow($db->sql_query("SELECT user_password from ".$user_prefix."_users where username='$username'"));
      $storeduserpw = stripslashes($getuserpw['user_password']);
      if ($ccpass == $storeduserpw) {
         } else {
         $db->sql_query("UPDATE `hm_accounts` SET accountpassword='$storeduserpw' WHERE accountid='$user_id'");
         }
      #End hMailServer account mod
      Header("Location: modules.php?name=$module_name");

Note: the final line ( Header("Location: modules.php?name=$module_name"); ) had to be moved to the end or else it wouldn't work for quite obvious reasons (it would get redirected before ever crunching my code). The variable $ccpass is a variable made available to us at the beginning of the profile page form. It holds the MD5 hash of the user's PHPNuke account password, regardless of whether or not we update the password of the account. Furthermore, this variable stays at what the user's password's MD5 hash was before submitting account info updates. So in other words even after updating nuke_users accountpassword with a new hash this variable will contain the password hash that existed before the newly updated password was put into the table. $storeduserpw variable just holds whatever the password is at the end of all updates. So simply put the if statement compares the passwords before and after user profile updates and if the password was changed, it executes the SQL commands to update the hm_accounts record for that user.

Now, all seems to be going smoothly right? Well..it is...except one thing. We have to disable or update all password changing systems in PHPNuke and Squirrelmail to update both the hm_accounts password and the nuke_users password. In Squirrelmail this is easily remedied by just redirecting the user to modules.php?name=Your_Account&op=edituser, which if you remember was just modified to change both passwords. The final brick in the block is the Forums (bb2nuke) profile page. We cannot just simply disable it because that would prevent users from using the avatar upload system. The simplest solution to me seems to be to delete the code that shows the Registration Information chunk at the top of the profile page. This section includes the username, email, and of course the password changing section. If we were to just delete the code that displays those password boxes we could remedy the situation (by virtue of disabling password changing capabilities). The problem is that I cannot find the location of the code within the forums module that displays these boxes. Does anyone know the location of this code so that I could modify or delete it? Also, if I were to successfully get this project finished, would anyone be interested in actually using it on their site? If I get enough "yes" responses from people I might host it on my site and improve upon the design (EX: add code to autologin to squirrelmail when the user is already logged into PHPNuke). The only drawback to this is that it is specifically coded for hMailServer e-mail server. The design approach could be applied to any SQL based mail server, it would only take a few modifications.
Find all posts by Crash_MaxedView user's profileSend private message
v3x
Support Mod
Support Mod


Joined: Oct 19, 2004
Posts: 1041

Location: UK

PostPosted: Tue Nov 15, 2005 5:21 am Reply with quoteBack to top

Good work!

I wouldnt use it personally as I have no use for it, but I can imagine it being quite popular.

When you have it released, contact me and I would be happy to mirror it on my site.
Find all posts by v3xView user's profileSend private messageVisit poster's website
Crash_Maxed
Nuke Cadet
Nuke Cadet


Joined: Nov 15, 2005
Posts: 4


PostPosted: Tue Nov 15, 2005 3:02 pm Reply with quoteBack to top

I got college in the afternoon and work overnight so it might be a little while before it's complete. Thank you for the offer too, I'll definitely take you up on that one.
Find all posts by Crash_MaxedView user's profileSend private message
Crash_Maxed
Nuke Cadet
Nuke Cadet


Joined: Nov 15, 2005
Posts: 4


PostPosted: Thu Nov 24, 2005 6:45 pm Reply with quoteBack to top

Newest piece of code in. Even though it's only one line of code I finally figured out where the update function was in the scripting of the forum's (bb2nuke) profile page was. I found the update function and added my code:
Code:

                        $sql = "UPDATE " . USERS_TABLE . "
                                SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = '$viewemail', user_aim = '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = '$attachsig', user_allowsmile = '$allowsmilies', user_allowhtml = '$allowhtml', user_allowbbcode = '$allowbbcode', user_allow_viewonline = '$allowviewonline', user_notify = '$notifyreply', user_notify_pm = '$notifypm', user_popup_pm = '$popup_pm', user_timezone = '$user_timezone', user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = '$user_style', user_active = '$user_active', user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . "
                                WHERE user_id = '$user_id'";
                              
                        #hMailServer account password update mod
                        if (isset($new_password)) {
                        $db->sql_query("UPDATE hm_accounts SET accountpassword='$new_password' WHERE accountid='$user_id'");
                        }
                        #End hMailServer account mod
                        
                        if ( !($result = $db->sql_query($sql)) )
                        {
                                message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql);
                        } else {

The line in between the commented lines (The commented lines are the ones that say hMailServer account password update mod and the one that says End hMailServer account mod) is the added code. This is around line 520 of the file includes/user_cpregister.php. Integration is going well and the next thing up to fix is the password changer within SquirrelMail. It, like the Your_Account and Forums modules, must be updated with code to update the nuke_users user_password field and the hm_accounts accountpassword field at the same time. Once that is complete I will work on fixing ease of skinning/theming of the system. As is I'm having a hard time locating the code for the login error page of squirrelmail. The login page has been figured out and was easily re-coded to a theme. After all is done on modifying the main code I'll start on a theme system for the login/error page. The current theme system that SquirrelMail uses for itself will remain intact. If anyone out there knows where the code that renders the SquirrelMail login error page resides (what file, what lines, etc) please mail me at admin@crashanime.com.
Find all posts by Crash_MaxedView user's profileSend private message
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.058 Seconds - 101 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::