Hey there! I'm creating a website that uses a login system in which users can create their profiles. Problem is, I'm not sure how to merge phpBB with this login system.

I'm using the following code for user registration:

<?php
	require_once('settings.php');

if ( array_key_exists ( '_submit_check', $_POST ) )
{
	if ( $_POST['username'] != '' && $_POST['password'] != '' && $_POST['password'] == $_POST['password_confirmed'] && $_POST['email'] != '' && valid_email ( $_POST['email'] ) == TRUE )
	{
		if ( ! checkUnique ( 'Username', $_POST['username'] ) )
		{
			$error = 'Username already taken. Please try again!';
		}
		elseif ( ! checkUnique ( 'Email', $_POST['email'] ) )
		{
			$error = 'The email you used is associated with another user. Please try again or use the "forgot password" feature!';
		}
		else {		
			$query = $db->query ( "INSERT INTO " . DBPREFIX . "users (`Username` , `Password`, `date_registered`, `Email`, `Random_key`) VALUES (" . $db->qstr ( $_POST['username'] ) . ", " . $db->qstr ( md5 ( $_POST['password'] ) ).", '" . time () . "', " . $db->qstr ( $_POST['email'] ) . ", '" . random_string ( 'alnum', 32 ) . "')" );

			$getUser = "SELECT ID, Username, Email, Random_key FROM " . DBPREFIX . "users WHERE Username = " . $db->qstr ( $_POST['username'] ) . "";

			if ( $db->RecordCount ( $getUser ) == 1 )
			{			
				$row = $db->getRow ( $getUser );

				$subject = "Activation email from " . DOMAIN_NAME;

				$message = "Dear ".$row->Username.", this is your activation link to join our website. In order to confirm your membership please click on the following link: <a href=\"" . APPLICATION_URL . "confirm.php?ID=" . $row->ID . "&key=" . $row->Random_key . "\">" . APPLICATION_URL . "confirm.php?ID=" . $row->ID . "&key=" . $row->Random_key . "</a> <br /><br />Thank you for joining";

				if ( send_email ( $subject, $row->Email, $message ) ) {
					$msg = 'Account registered. Please check your email for details on how to activate it.';
				}
				else {
					$error = 'I managed to register your membership but failed to send the validation email. Please contact the admin at ' . ADMIN_EMAIL;
				}
			}
			else {
				$error = 'User not found. Please contact the admin at ' . ADMIN_EMAIL;
			}
		}							
	}
	else {		
		$error = 'There was an error in your data. Please make sure you filled in all the required data, you provided a valid email address and that the password fields match one another.';	
	}
}
?>

With the form:

<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
		<input type="hidden" name="_submit_check" value="1"/> 

	<label for="username">Username</label>
	<input class="input" type="text" id="username" name="username" size="32" value="<?php if(isset($_POST['username'])){echo $_POST['username'];}?>" />

	<label for="password">Password</label>
	<input class="input" type="password" id="password" name="password" size="32" value="" />

	<label for="password_confirmed">Re-Password</label>
	<input class="input" type="password" id="password_confirmed" name="password_confirmed" size="32" value="" />

	<label for="email">Email</label>
	<input class="input" type="text" id="email" name="email" size="32" value="<?php if(isset($_POST['email'])){echo $_POST['email'];}?>" />

	<input type="image" name="register" value="register"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
	<div class="clear"></div>
</form>

I'm not sure how I could mod this registration form to add a user to the phpBB database as well as the standard log in system's database. I've tried and couldn't get it to work right. This is really bugging me, after all, who wants to sign up for two separate accounts, am I right? Moving on, I'm using this script to log the user in:

<?php
	require_once ( 'settings.php' );

if ( array_key_exists ( '_submit_check', $_POST ) )
{
	if ( $_POST['username'] != '' && $_POST['password'] != '' )
	{
		$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );

		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			if ( $row->Active == 1 )
			{
				set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
				header ( "Location: " . REDIRECT_AFTER_LOGIN );
			}
			elseif ( $row->Active == 0 ) {
				$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
			}
			elseif ( $row->Active == 2 ) {
				$error = 'You are suspended!';
			}
		}
		else {		
			$error = 'Login failed!';		
		}
	}
	else {
		$error = 'Please use both your username and password to access your account';
	}
}
?>

With the form:

<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">

		<input type="hidden" name="_submit_check" value="1"/> 

		<div style="margin-top:12px; margin-bottom:10px">
			<img src="images/username.gif" alt="username" border="0" />
			<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
		</div>
		<div style="margin-bottom:6px">
			<img src="images/password.gif" alt="password" border="0" />
			<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
		</div>
		<?php if ( ALLOW_REMEMBER_ME ):?>
		<div style="margin-bottom:6px">
			<input type="checkbox" name="remember" id="remember" />
			<label for="remember">Remember me</label>
		</div>
		<?php endif;?>
		<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
		<br class="clear" />
		<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>

	</form>

And finally, for the logout form, I simply link the user to a page with the following code:

<?php
	require_once ( 'settings.php' );
	//don't echo out anything before this function
	logout ();
?>

Is it even possible to mod this so that I can use it with phpBB3 so that my users can register just one single account for use on the whole website? Or will I have to use both? Thanks for any help you may be able to give me!

    Rather than create two redundant sets of records for each user -- one in your db and one in phpbb -- you may want to augment the phpBB account info with any additional information that you gather. In other words, just use the phpBB login process for folks to register and then add your own 'extra' information to it and store that info in new tables which have a user_id.

    If you don't do this, then I would recommend registering a new user in an empty phpBB database and then looking to see which database tables have changed. The down side to this approach is that you have to change your data in two different places when a user changes some account info. Also, if you are using your own forms to let users change their account info, you'll need to go and modify all the phpBB forms to use your form instead.

    Either way, you have a good amount of work to do.

      Write a Reply...