Remote CPG login or session start Remote CPG login or session start
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Remote CPG login or session start

Started by oscar_rocha, May 29, 2007, 12:09:44 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

oscar_rocha

May 29, 2007, 12:09:44 PM
Hi guys,

I'm running a website in JSP, that implements "a multimedia gallery feature" (CPG) to the members (doing this by a link to the folder where CPG lives), I already have the login feature (user athentication) implemented from the JSP side and would like that when a user starts a session in my portal and clicks the "gallery" link could be recognized as a "logged in user" in Coppermine (both db's user tables are syncronized) without having to login again. Can this be possible?(maybe creating a cookie from the JSP side or starting a session var...)

Any ideas?... thanx in advance

Sonya*

#1
October 22, 2007, 04:51:56 PM
Hello,

I was looking for exact the same code to log user in Coppermine through SOAP without visiting any coopermine page first and without using any bridge. This code works for me:

Code Select
<?php

// PUT YOUR VALUES HERE
$uid 1;
$cookie_name 'coppermine';
$site_url "http://yoursite/copper/";
$cm_root '/copper/';

// login user
include ($_SERVER['DOCUMENT_ROOT'].$cm_root.'include/config.inc.php');
include ($_SERVER['DOCUMENT_ROOT'].$cm_root.'include/functions.inc.php');

// create cookie value
$randnum md5uniqidmicrotime(), ));
$USER=array('ID' => $randnum,'am' => 1);

// create session
$sessionstable =  '`' $CONFIG['dbname'] . '`.' $CONFIG['TABLE_PREFIX'] . 'sessions';
$client_id md5($_SERVER['HTTP_USER_AGENT'].$_SERVER['SERVER_PROTOCOL'].$site_url); // the name for sessioncookie
// Create the session id by concat(session_cookie_value, client_id)
$session_id $randnum.$client_id;
$sql =  'insert into '.$sessionstable.' (session_id, user_id, time, remember) values ';
$sql .= '("'.md5($session_id).'", '.$uid.', "'.time().'", 0);';
mysql_query($sqlcpg_db_connect());

$data base64_encode(serialize($USER));
// set the session cookie
setcookie$client_id$randnumtime() + 604800'/' );
setcookie($cookie_name.'_data'$datatime()+86400*30'/');

?>

P.S. For developers of Coppermine. First of all you are doing a great work. Thank you. I have only one suggestion to make such integrations easier. Define a global $cp_root and put it in every require and include. For my part, I had to define some values new because I was not able to include Coppermine files from non-Coppermine-root location. :) And again - your gallery is excellent!

Joachim Müller

#2
October 23, 2007, 12:37:04 PM
Coppermine is not suppossed to be included, as we need to manipulate the header.

Sonya*

#3
October 23, 2007, 12:59:40 PM
Quote from: GauGau on October 23, 2007, 12:37:04 PM
Coppermine is not suppossed to be included, as we need to manipulate the header.

I would not like to include entire Coppermine :) I would just include some classes to make remote login and user creation easier and more integrated. Coppermine is not the first application I include this way via SOAP. But Coppermine is the only one of them which doesn't have defined root path :) I cannot see any problem in defining root in the applications so far. Just to prevent other to include classes? Hm...

And it was NOT my intention to instruct you or offend you in any way. It was just a suggestion. You are doing a great work here and I like your application. Thank you!
Print
Go Up Pages1
User actions