i am going to integrate phpBB registration system with my own site reg system..
here is the code
<?php
require_once("includes/functions.php");
$last_id = $_GET['id'];
$usr = decrypt($_GET['variable1']);
$passwd = decrypt($_GET['variable2']);
$em = decrypt($_GET['variable3']);
//echo 'last id: '.$last_id.' usr: '.$usr.' passwd: '.$passwd.' em: '.$em;
//exit();
define('IN_PHPBB', true);
/* set scope for variables required later */
global $phpbb_root_path;
global $phpEx;
global $db;
global $config;
global $user;
global $auth;
global $cache;
global $template;
# your php extension
$phpEx = substr(strrchr(__FILE__, '.'), 1);
$phpbb_root_path = 'forum/';
/* includes all the libraries etc. required */
require($phpbb_root_path ."common.php");
//$user->session_begin();
//$auth->acl($user->data);
/* the file with the actual goodies */
require($phpbb_root_path ."includes/functions_user.php");
/* All the user data (I think you can set other database fields aswell, these seem to be required )*/
$user_row = array(
'username' => $usr,
'user_password' => md5($passwd),
'user_email' => $em,
'group_id' => 2/*$default_group_id*/,
'user_timezone' => '5.00',
'user_dst' => 0,
'user_lang' => 'en',
'user_type' => '0',
'user_actkey' => "",
'user_dateformat' => 'd M Y H:i',
'user_style' => '',
'user_regdate' => time(),
);
/* Now Register user */
$phpbb_user_id = user_add($user_row);
if(!empty($phpbb_user_id)) {
echo 'success';
//redirect_to("register_status.php?id={$last_id}");
} else {
echo 'Error';
}
the error is The file utf_normalizer.php could not be found.
I'm guessing from the error that you've copied phpBB's functions.php to another part of the site? That won't work because it is linked to several other files in the includes path. For example, utf_normalizer.php is used during login to clean any non-English characters our of the username for easier comparison.
Check the Sessions Integration page out over at phpbb.com for an already working solution.
Related
Basically in trying to create an inbox message which "read details" should redirect the user to a custom controller, however i can see the desired url in the browser for a second and then it redirects to the dashboard; this is how, currently, im trying to achieve that:
$myId = $myJson['id'];
$title = "Title of my notice";
$description = $myJson['text'];
$url= Mage::helper("adminhtml")->getUrl('My_Module/Controller/index', array('id' => $myId));
$sendingMessage = Mage::getModel('adminnotification/inbox')->addNotice($title,$description,$url);
The code above successfully adds the message to the inbox, however as i said before, i can see the desired URL in the browser before it gets redirected to the dashboard.
I'm accessing the same controller from another one and it does it as expected, the one that is actually working is a Grid and it looks something like this:
$this->addColumn('action',
array(
'header' => __('Answer'),
'width' => '100',
'type' => 'action',
'getter' => 'getId',
'actions' => array(
array(
'caption' => __('Answer'),
'url' => array('base'=> '*/Controller'),
'field' => 'id'
)),
'filter' => false,
'sortable' => false,
'index' => 'stores',
'is_system' => true,
));
So, am i missing something here ?
BTW, is there any way to make the "read details" link to open in the same page instead of a new tab?
==================================================================
UPDATE
Disabling the "Add Secret Key to URLs" in the security options allowed me get it work, however i would like to make use of the secret keys.
The URLs i'm generating in the first code block actually have a key/value in the URLs, they look something like this:
https://example.com/index.php/mymodule/Controller/index/id/3963566814/key/f84701848a22d2ef36022accdb2a6a69/
It looks like you're trying to generate an admin URL. In modern versions of Magento, admin urls must use the adminhtml front name, using the Magento Front Name Sharing technique (described in this article). That's must as in if you don't, the URLs won't work. Magento removed the ability to create non-adminhtml URLs in the backend.
Second, here's where Magento generates the secret keys
#File: app/code/core/Mage/Adminhtml/Model/Url.php
public function getSecretKey($controller = null, $action = null)
{
$salt = Mage::getSingleton('core/session')->getFormKey();
$p = explode('/', trim($this->getRequest()->getOriginalPathInfo(), '/'));
if (!$controller) {
$controller = !empty($p[1]) ? $p[1] : $this->getRequest()->getControllerName();
}
if (!$action) {
$action = !empty($p[2]) ? $p[2] : $this->getRequest()->getActionName();
}
$secret = $controller . $action . $salt;
return Mage::helper('core')->getHash($secret);
}
and here's where it validates the secret key
#File: app/code/core/Mage/Adminhtml/Controller/Action.php
protected function _validateSecretKey()
{
if (is_array($this->_publicActions) && in_array($this->getRequest()->getActionName(), $this->_publicActions)) {
return true;
}
if (!($secretKey = $this->getRequest()->getParam(Mage_Adminhtml_Model_Url::SECRET_KEY_PARAM_NAME, null))
|| $secretKey != Mage::getSingleton('adminhtml/url')->getSecretKey()) {
return false;
}
return true;
}
Compare the pre/post hash values of $secret to see why Magento's generating the incorrect key on your page.
I use nginx, PHP 5.5.14, php-fpm, yii2, mac os.
I changed yii config to store session in database (postgress, user is superuser).
This is in my config:
'session' => [
'class' => 'yii\web\DbSession',
'sessionTable' => 'session',
],
And now when I try to register new user I've got this error:
Bad Request (#400)
Unable to verify your data submission
Here is a part of log:
10 17:25:57.434 info yii\db\Command::query SELECT "data" FROM "session" WHERE "expire">1425993957 AND "id"='cfg9sutufqchr1tdose4cack15'
/Users/pupadupa/Dev/www/mint-office-web/components/Controller.php (41)
11 17:25:57.442 info yii\web\Session::open Session started
/Users/pupadupa/Dev/www/mint-office-web/components/Controller.php (41)
12 17:25:57.450 error yii\web\HttpException:400 exception 'yii\web\BadRequestHttpException' with message 'Не удалось проверить переданные данные.' in /Users/pupadupa/Dev/www/mint-office-web/vendor/yiisoft/yii2/web/Controller.php:110
Stack trace:
#0 /Users/pupadupa/Dev/www/mint-office-web/components/Controller.php(41): yii\web\Controller->beforeAction(Object(app\controllers\user\RegistrationAction))
#1 /Users/pupadupa/Dev/www/mint-office-web/vendor/yiisoft/yii2/base/Controller.php(149): app\components\Controller->beforeAction(Object(app\controllers\user\RegistrationAction))
#2 /Users/pupadupa/Dev/www/mint-office-web/vendor/yiisoft/yii2/base/Module.php(455): yii\base\Controller->runAction('registration', Array)
#3 /Users/pupadupa/Dev/www/mint-office-web/vendor/yiisoft/yii2/web/Application.php(83): yii\base\Module->runAction('user/registrati...', Array)
#4 /Users/pupadupa/Dev/www/mint-office-web/vendor/yiisoft/yii2/base/Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))
#5 /Users/pupadupa/Dev/www/mint-office-web/web/index.php(20): yii\base\Application->run()
#6 {main}
13 17:25:57.454 trace yii\base\Controller::runAction Route to run: index/error
BTW,
I've got <?= Html::csrfMetaTags() ?> in head section and I have csrf input in my form. So it seems not the problem
I don't want to do public $enableCsrfValidation = false; because I think it's not solution but workaround.
How could I understand what cause this error?
As I mentioned earlier problem only appears when I store session in database.
Some additional information:
I could set and get variable from session. For example, I put it in beoreAction of Controller.php
Yii::$app->session->set('test', 'qwe');
$t = Yii::$app->session->get('test') ;
var_dump($t);
But after that If I comment first line like this
//Yii::$app->session->set('test', 'qwe');
$t = Yii::$app->session->get('test') ;
var_dump($t);
and refresh the page - I recieve NULL (BTW I could see Cookie:PHPSESSID=cfg9sutufqchr1tdose4cack15 in cookies after refresh).
So it seems there are some problems with session (DbSession) or maybe my php/php-fpm/nginx settings.
My UserController.php:
<?php
namespace app\controllers;
use app\components\Controller;
use app\models\Client;
use app\models\User;
use yii\filters\AccessControl;
use yii\web\BadRequestHttpException;
use yii\web\NotFoundHttpException;
class UserController extends Controller
{
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'only' => ['logout', 'employee'],
'rules' => [
[
'actions' => ['logout',],
'allow' => true,
'roles' => ['#'],
],
[
'actions' => ['employee', 'employee_add'],
'allow' => true,
'roles' => [ROLE_CLIENT_ADMIN],
],
],
],
];
}
public function actions()
{
return [
'login' => 'app\controllers\user\LoginAction',
'logout' => 'app\controllers\user\LogoutAction',
'restore' => 'app\controllers\user\RestoreAction',
'registration' => 'app\controllers\user\RegistrationAction',
'employee' => 'app\controllers\user\EmployeeAction',
'employee_add' => 'app\controllers\user\EmployeeAddAction',
//'passwd' => 'app\controllers\user\PasswdAction',
'captcha' => [
'class' => 'yii\captcha\CaptchaAction',
'fixedVerifyCode' => YII_ENV === 'dev' ? 'testme' : null,
],
];
}
/**
* #param int $clientId
* #return Client
* #throws BadRequestHttpException
* #throws NotFoundHttpException
*/
public function getClient($clientId)
{
if (!\Yii::$app->user->can(ROLE_ADMIN)) {
/* #var User $user */
$user = \Yii::$app->user->identity;
$clientId = $user->client_id;
}
if (!$clientId) {
throw new BadRequestHttpException('Bad request');
}
$client = Client::find()->where(['id' => $clientId])->one();
if (!$client) {
throw new NotFoundHttpException('Компания не найдена');
}
return $client;
}
}
My RegistrationAction.php:
<?php
namespace app\controllers\user;
use app\models\UserConfirm;
use Yii;
use app\components\Action;
use app\forms\RegistrationForm;
use yii\web\NotFoundHttpException;
class RegistrationAction extends Action
{
public function run($key = null)
{
if ($key !== null) {
/* #var UserConfirm $confirm */
$confirm = UserConfirm::find()->andWhere('expire > NOW()')->andWhere([
'key' => $key,
'action' => 'reg'
])->one();
if (!$confirm) {
throw new NotFoundHttpException('Key not found');
}
$user = $confirm->user;
$user->enabled = true;
$user->last_login = date('Y-m-d H:i:s');
$user->save();
$confirm->delete();
Yii::$app->user->login($user, 0);
return $this->controller->goHome();
}
$model = new RegistrationForm();
if ($model->load($_POST) && $model->validate() && $model->register()) {
$subject = Yii::$app->name . ' - Success';
$message = $this->controller->renderPartial(
'//email/registration',
[
'username' => $model->email,
'password' => $model->password,
'key' => $model->key,
'keyExpire' => $model->keyExpire
]
);
$res = Yii::$app->mailer->compose()
->setTo($model->email)
->setFrom([Yii::$app->params['from'] => Yii::$app->params['fromName']])
->setSubject($subject)
->setHtmlBody($message)
->send();
Yii::$app->session->setFlash('registrationFormSubmitted');
return $this->controller->refresh();
}
return $this->controller->render('registration', ['model' => $model]);
}
}
Looks like your session id changes. Check if the value of the session cookie changes after a second request. This happens when you misconfigure the domain that is set for the session cookie, make sure it matches the hostname in your URL.
I think this happens atimes when the server is messed up, all I needed to do was to restart my apache server.
For apache on MacOSx
sudo apachectl restart
For apache on Linux
sudo service apache2 restart
or
sudo service httpd restart
i hv used this while calling logout
$menuItems[] = [
'label' => 'Logout (' . Yii::$app->user->identity->username . ')',
'url' => ['/site/logout'],
// 'linkOptions' => ['data-method' => 'get']
'data-method' => 'get'
];
in main .php change post to get
---------------------------------------------------
and have changes this also
$url = Html::a('Logout',
['/site/logout'],
['class' => 'btn btn-success', 'data-method' => 'get']);
this is also in main.php
--------------------------------------------------------------------
in behaviour of site controller also
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'only' => ['logout', 'signup','index'],
'rules' => [
[
'actions' => ['signup'],
'allow' => true,
'roles' => ['?'],
],
[
'actions' => ['logout','index'],
'allow' => true,
'roles' => ['#'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['get'],
],
],
];
}
change post to get...and it will work....
What I did is, I just make the "csrfParam" different for both backend and frontend and after "php init" command everything is now working fine.
Not sure whether its a bug or we must have to set different "csrfParam" in case if we use DBsession.
Not sure if it's late, but I found this solution which worked for me in a similar case of Yii2 framework spitting 400 Bad Request at POST form requests.
Simply add this code in your form to manually include a CSRF input field for the key and Yii2 will accept the data submission:
<?php
use Yii;
echo Html::tag('input', '', ['type' => 'hidden', 'name' => '_csrf-backend', 'value' => Yii::$app->request->getCsrfToken()]);
?>
Note: this is for the advanced template. In the long run I suggest not to use a framework that bases on short tags as PHPers would know its a curse.
When you upload a product image to Magento that has the same name as an existing image, normal behavior for Magento is to append a "_1" to the end of the new file name. So if I have an image named "myFile.png" and upload a second image to the same product with that same name, Magento will rename it to "myFile_1.png". I would like to eliminate this renaming and have files of the same name replace an existing file.
I think I found the relevant controller at: app/code/core/Mage/Adminhtml/controllers/Catalog/Product/GalleryController.php:
public function uploadAction()
{
try {
$uploader = new Mage_Core_Model_File_Uploader('image');
$uploader->setAllowedExtensions(array('jpg','jpeg','gif','png'));
$uploader->addValidateCallback('catalog_product_image',
Mage::helper('catalog/image'), 'validateUploadFile');
$uploader->setAllowRenameFiles(true);
$uploader->setFilesDispersion(true);
$result = $uploader->save(
Mage::getSingleton('catalog/product_media_config')->getBaseTmpMediaPath()
);
Mage::dispatchEvent('catalog_product_gallery_upload_image_after', array(
'result' => $result,
'action' => $this
));
/**
* Workaround for prototype 1.7 methods "isJSON", "evalJSON" on Windows OS
*/
$result['tmp_name'] = str_replace(DS, "/", $result['tmp_name']);
$result['path'] = str_replace(DS, "/", $result['path']);
$result['url'] = Mage::getSingleton('catalog/product_media_config')->getTmpMediaUrl($result['file']);
$result['file'] = $result['file'] . '.tmp';
$result['cookie'] = array(
'name' => session_name(),
'value' => $this->_getSession()->getSessionId(),
'lifetime' => $this->_getSession()->getCookieLifetime(),
'path' => $this->_getSession()->getCookiePath(),
'domain' => $this->_getSession()->getCookieDomain()
);
} catch (Exception $e) {
$result = array(
'error' => $e->getMessage(),
'errorcode' => $e->getCode());
}
$this->getResponse()->setBody(Mage::helper('core')->jsonEncode($result));
}
I have tried setAllowedRenameFiles() to false. I have also tried commenting it out. But neither of these seems to give the desired results.
Any thoughts on how I can enable Magento to overwrite existing files of the same name?
i am making a custom phpbb3 registration and i am trying to register a user form a external file but it not working . also i checked for errors . there is no error .can anyone help me out with where i am wrong . also if anyone has any easy idea how to add a new user record for phpbb3 please help me out with this .
<?php
$username = $_POST[username];
$password = $_POST[password];
$email_address = $_POST[email];
include('forums/common.php');
require('forums/includes/functions_user.php');
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup('viewtopic');
global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
$user_row = array(
'username' => $username, //REQUIRED IN FORM
'user_password' => md5($password), //REQUIRED IN FORM
'user_email' => $email_address, //REQUIRED IN FORM
'group_id' => 0,//(int) $group_id,
'user_timezone' => $timezone = date(Z) / 3600,//(float) $data[tz],
'user_dst' => date(I),//$is_dst,
'user_lang' => $user->lang_name,//$data[lang],
'user_type' => USER_NORMAL,//$user_type,
'user_actkey' => '',//$user_actkey,
'user_ip' => $user->ip,
'user_regdate' => time(),
'user_inactive_reason' => 0,//$user_inactive_reason,
'user_inactive_time' => 0,//$user_inactive_time,
);
// Register user...
$user_id = user_add($user_row);
?>
You must define
define('IN_PHPBB', true);
In other case your script will exit immediately in common.php and other required files. You can see
if (!defined('IN_PHPBB'))
{
exit;
}
in every required file
I need to create an image upload field for posts in Magento Blog Module (AW blog).
Therefore, each post needs to contain an image.
I edited the following files:
/home/clients/websites/w_gale/public_html/gale/app/code/community/AW/Blog/Block/Manage/Blog/Edit/Tab/Form.php
added fieldset like this:
$fieldset->addField('fileinputname', 'image', array(
'label' => Mage::helper('blog')->__('Upload image'),
'required' => false,
'name' => 'fileinputname',
'required' => true,
'style' => 'height:100px;border:2px solid #999;',
));
on top of this file, in the right place, I defined form like this:
$form = new Varien_Data_Form(array(
'id' => 'edit_form',
'action' => $this->getUrl('*/*/save', array('id' => $this->getRequest()->getParam('id'))),
'method' => 'post',
'enctype' => 'multipart/form-data',
)
);
In Blogcontroller.php I added the following code, just bellow the if ($data = $this->getRequest()->getPost()) { line
if(isset($_FILES['fileinputname']['name']) && (file_exists($_FILES['fileinputname']['tmp_name']))) {
try {
$uploader = new Varien_File_Uploader('fileinputname');
$uploader->setAllowedExtensions(array('jpg','jpeg','gif','png')); // or pdf or anything
$uploader->setAllowRenameFiles(true);
$uploader->setFilesDispersion(false);
$path = Mage::getBaseDir('media') . DS ;
$uploader->save($path, $_FILES['fileinputname']['name']);
$data['imageurl'] = $_FILES['fileinputname']['name'];
} catch(Exception $e) {
}
} else {
if(isset($data['fileinputname']['delete']) && $data['fileinputname']['delete'] == 1)
$data['imageurl'] = '';
else
unset($data['fileinputname']);
}
However, the upload doesn't work. What am I doing wrong?
I added a special row in appropriate field in a database.
The frontend section displays the database value when I enter it manually.
Thanks
This code of method from data helper which uploads image. You need implement method getBaseDir() (which returns dir where you wish store your uploaded files) by yourself.
/**
* Upload image and return uploaded image file name or false
*
* #throws Mage_Core_Exception
* #param string $scope the request key for file
* #return bool|string
*/
public function uploadImage($scope)
{
$adapter = new Zend_File_Transfer_Adapter_Http();
$adapter->addValidator('ImageSize', true, $this->_imageSize);
$adapter->addValidator('Size', true, $this->_maxFileSize);
if ($adapter->isUploaded($scope)) {
// validate image
if (!$adapter->isValid($scope)) {
Mage::throwException(Mage::helper('mycompany_mymodule')->__('Uploaded image is not valid'));
}
$upload = new Varien_File_Uploader($scope);
$upload->setAllowCreateFolders(true);
$upload->setAllowedExtensions(array('jpg', 'gif', 'png'));
$upload->setAllowRenameFiles(true);
$upload->setFilesDispersion(false);
if ($upload->save($this->getBaseDir())) {
return $upload->getUploadedFileName();
}
}
return false;
}
You're using the right code. I solved the problem by using the right MYSQL data type. When I changed the data type from 'text' to 'varchar(255)' it solved the problem
And ... make sure that you add the following code:
$form = new Varien_Data_Form(array(
'id' => 'edit_form',
'action' => $this->getUrl('*/*/save', array('id' => $this->getRequest()->getParam('id'))),
'method' => 'post',
'enctype' => 'multipart/form-data',
)
);
in /app/code/community/AW/Blog/Block/Manage/Blog/Edit/Form.php
NOT: app/code/community/AW/Blog/Block/Manage/Blog/Edit/Tab/Form.php