Custom cookies and include files Custom cookies and include files
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Custom cookies and include files

Started by Philip, December 12, 2012, 12:01:56 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Philip

Hi

I'm currently working on a new website on my home computer and have successfully integrated Coppermine with SMF.
I also have tng (a genealogy software) and Mediawiki integrated with SMF. So all programs is using the same login system.

I have two problems.

1. My website will be multilingual and for that reason I have created a simple form with buttons where the users click on the flag of their choice to change the language. In the same time the form is creating a cookie with the selected language in it.
I have successfully integrated this language system into the other software's but not into Coppermine and that is because I simply can't read the cookie from inside the coppermine directory. This is not the first time I'm working with cookies so I know how it should work.

btw, I'm aware of coppermines auto language selector based on the visitors language setting in the browser and it does work as intended.
But I can't use it in the other software's since I don't know on which page the visitor lands. That is why I made the custom language form.

I'm guessing that my problem with reading custom cookies in coppermine is due to it's security measures, cage and supercage.
So how do I read a cookie from within the coppermine folder?



2. The other problem I'm having is also related to coppermine and it's enhanced security and it's include the SSI.php file from smf.
I need this to display user info in the header banner but when I include it it says it can't find the files.

the files it can't find is required in SSI using the following code:


// Fix for using the current directory as a path.
if (substr($sourcedir, 0, 1) == '.' && substr($sourcedir, 1, 1) != '.')
$sourcedir = dirname(__FILE__) . substr($sourcedir, 1);

// Load the important includes.
require_once($sourcedir . '/QueryString.php');
require_once($sourcedir . '/Subs.php');
require_once($sourcedir . '/Errors.php');
require_once($sourcedir . '/Load.php');
require_once($sourcedir . '/Security.php');


where $sourcedir is a global variable. Note that this is working in all other software's except in coppermine.
I have tried to use set_include_path('path to smf'); before I call the SSI script but it does not help.

The error I get is:

Fatal error: require_once(): Failed opening required '/QueryString.php' (include_path='.:/usr/share/php:/usr/share/pear') in /home/www/forum/SSI.php on line 62
line 62 is: require_once($sourcedir . '/QueryString.php');

I have searched the forum and documentation but can't find any answer to my question.


/Philip

Αndré

Quote from: Philip on December 12, 2012, 12:01:56 PM
So how do I read a cookie from within the coppermine folder?
$superCage->cookie->getRaw('your_cookie_name');


Quote from: Philip on December 12, 2012, 12:01:56 PM
include the SSI.php file from smf.
Please post the code you added to the Coppermine files.

Philip

Hi

Thanks for your quick reply, and your tip worked so that problem is fixed :)

I'm using include files as templates for my web page design.

so in my top-page.php file I have added:


require('/www/forum/SSI.php');
echo '<span id="left_profile">';
if ($context['user']['is_logged']){
echo $txt['hello_member_ndt'],'<em> ', $context['user']['name'],'</em><br /><br />', $txt['bksmf_welcome_back'],'
<br />
<br />
<span id="left_messages">
<a href="index.php?action=pm">';
$oa_messtext = (($context['user']['unread_messages'] == 0) ? "inga" : $context['user']['unread_messages']);
echo ''.$txt['oa_unread_messages_pre'].' '.$oa_messtext.' ',$txt['oa_unread_messages_post'],'.</a></span>';
}else{
        echo $txt['bksmf_hello'],'<em> ', $txt['guest'],'</em><br /><br />', $txt['bksmf_welcome_to'],' <em>', $context['forum_name'],'</em>';
}


This file, top-page.php is included on all pages in all software's and works fine in the other parts.


Αndré

Try what happens if you toggle
// Set $strict to false to make the superglobals available
$strict = TRUE;

in include/init.inc.php.

Philip

Hi

I did a quick test and no change.
I'm a little busy at work right now but I will do a better test when I get home after gym.


Philip

Hi

You are, not surprisingly, on the right track regarding the globals.
I could get past the fatal error If I entered the path way to smf source dir: $sourcedir = "/homw/www/smf/Sources/"; and placed the variable above the previous posted code in SSI.php.
But the it said my db had to many connections but that's totally untrue.

So now we know what the problem is, the question is how we solve it.

I could also use an iframe for my welcome/messages display to bypass the globals trouble in coppermine, i think.
It was a long time ago I used iframe but it should work....

I guess coppermine is to secure ?  :)




Philip

Hi

I "solved" it by using an iframe,
I just added target="_top" to the link in the iframe and it worked, it redirects the page to smf profile page so you can view the new messages.

The full code I use, if anyone wants to do the same, is:

First create a new php file and call it what you want, maybe smfCustomProfileDisplay.php, and place it in the root folder of smf.

add this to the php:

<?php
require_once(
'/home/www/forum/SSI.php'); 
echo '<span id="left_profile">';
if ($context['user']['is_logged']){
echo $txt['hello_member_ndt'],'<em> '$context['user']['name'],'</em><br /><br />'$txt['bksmf_welcome_back'],'
<br />
<span id="smfiframe">
<a href="index.php?action=pm" target="_top">'
;
$messtext = (($context['user']['unread_messages'] == 0) ? "no" $context['user']['unread_messages']);
echo ''.$txt['unread_messages_pre'].' '.$messtext.' ',$txt['unread_messages_post'],'.
</a>
</span>'
;
}else{
echo $txt['bksmf_hello'],'<em> '$txt['guest'],'</em><br />'$txt['bksmf_welcome_to'],' <em>'$context['forum_name'],'</em>';
}
echo '</span>';
?>



where

$txt['unread_messages_pre'] = "You have";
$txt['unread_messages_post'] = "new messages";


and then add this to your template.html file in your favorite coppermine theme:

<iframe src="/forum/smfCustomProfileDisplay.php" width="220px" height="100px" scrolling="no" frameborder="0" ></iframe>


And you will get a display like:


Hello Philip

Welcome back
You have 4 new messages


or


Hello Guest

Welcome to My Forum



/Philip

phill104

Thanks for detailing what you did. I wish more users were as thorough.

Could you mark your thread as solved? There is a little tick at the top that marks them. It makes searching for good answers easier.
It is a mistake to think you can solve any major problems just with potatoes.

Philip

Hi

I can mark it as solved but can't find the 'little tick' :)  you are talking about.
I can't edit my posts either so I have very limited options.

You can solve it for me :)


/Philip

Αndré