Joomla！ 2.5.19外部用戶登錄

Question

很抱歉，我無法找到與此Joomla相關的主題！版。在嘗試了幾個代碼之後，我決定打開一個新的話題來問問你的專家。 :)

我們正在使用基本身份驗證檢查腳本。在我們更新到Joomla後！ 2.5.19，舊的md5方法不再有效。 PHP腳本如下：

session_start(); 
    $db = mysql_connect("localhost", "root", ""); 
    mysql_select_db("sql1",$db); 

//Joomla user and pass check start 
$sql = "SELECT * FROM j25_users WHERE username='".$_POST['user']."'"; 
$result = mysql_query($sql,$db); 
$userdata = mysql_fetch_array($result); 
list ($md5pass, $saltpass) = split (":", $userdata['password']); 

$POSTPW = crypt ('xxgu952rjyiL', 'Xh2loHgxxi5ijuNbGI'); 


echo "<br><br>"; 

$joomlapw=$userdata[password]; 

echo "POST PW= $POSTPW 
<br> 
Joomla - PW = $joomlapw 
<br> 
salt = $saltpass 

<br> 
"; 

if(((md5($_POST['pa'].$saltpass))==$md5pass) and ($userdata['usertype']=="Super Administrator" or $userdata['usertype']=="Editor")) 
{ 
echo "success!"; 
    $jommlapruefung="success"; 
} 

echo "<br>$_POST[user] und $_POST[pa]"; 



//Joomla user and pass check complete 

$dom  =str_replace("lager.","",$_SERVER["HTTP_HOST"]); 


$_GET['getdir']=str_replace(chr(92),"",$_GET['getdir']); 
$_GET['getdir']=str_replace("//","/",$_GET['getdir']); 
$_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); 
$_GET['getdir']=str_replace(".","_",$_GET['getdir']); 

if ($_GET['getdir']==NULL) $_GET['getdir']="/"; 

if (($_GET['getdir']=="") || ($_GET['getdir']=="/")) 
{ 
if ($jommlapruefung!="success" & $_SESSION['best']!='gogo') 
    { 
    die("<FORM ACTION=index.php METHOD=POST> 
     Username:&nbsp; <INPUT TYPE=text NAME=user LENGTH=25 SIZE=25> 
     Password:&nbsp; <INPUT TYPE=password NAME=pa LENGTH=25 SIZE=25> 
     <input type='submit' name='submit' value='Submit'><br> 
     </FORM>"); 
    } 
} 
if ($jommlapruefung="success") 
    { 
    $_SESSION['best'] = 'gogo'; 
    } 

if($_SESSION['best']='gogo') 
{ 

// HERE COMES THE SCRIPT AFTER LOGIN!! 
// ... 
} 

?> 

此代碼是幾年前，並不是由我創建的。一些細節已被清除。 你知道如何將這個腳本從md5更新到bcrypt認證嗎？我非常感謝你幫助我！ :)

Answer 1

我不確定是否讓您的問題完成。但是，如果你想使用在其他網站上的表單登錄到Joomla你可以在你的Joomla根目錄的腳本，例如joomlalogin.php，看起來是這樣的：

第一部分啓動時的Joomla接口：

// START: Initialize Joomla framework 
define('_JEXEC', 1); 
define('DS', DIRECTORY_SEPARATOR); 
define('JPATH_BASE', dirname(__FILE__)); 
// Including Required Files 
require_once (JPATH_BASE.DS.'includes'.DS.'defines.php'); 
require_once (JPATH_BASE.DS.'includes'.DS.'framework.php'); 
// Create the Application 
$mainframe =& JFactory::getApplication('site'); 
$mainframe->initialise(); 
$user =& JFactory::getUser(); 
// END: Initialize Joomla framework 

然後驗證和登錄用戶：

$app = JFactory::getApplication(); 
// Populate the data array: 
$data = array(); 
$data['return'] = base64_decode(JRequest::getVar('return', '', 'POST', 'BASE64')); //Page user is returned to after a successfull login 
$data['username'] = JRequest::getVar('username', '', 'method', 'username'); 
$data['password'] = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW); 

// Set the return URL if empty. 
if (empty($data['return'])) { 
    $data['return'] = 'index.php'; //If return page not set... set one. 
} 

// Set the return URL in the user state to allow modification by plugins 
$app->setUserState('users.login.form.return', $data['return']); 

// Get the log in options. 
$options = array(); 
$options['remember'] = JRequest::getBool('remember', false); 
$options['return'] = $data['return']; 

// Get the log in credentials. 
$credentials = array(); 
$credentials['username'] = $data['username']; 
$credentials['password'] = $data['password']; 

// Perform the log in. 
if (true === $app->login($credentials, $options)) { 
    // Success 
    $app->setUserState('users.login.form.data', array()); 
    $app->redirect(JRoute::_($app->getUserState('users.login.form.return'), false)); 
} else { 
    // Login failed ! 
    $data['remember'] = (int)$options['remember']; 
    $app->setUserState('users.login.form.data', $data); 
    $app->redirect('index.php', false)); 
} 

我沒有帶測試的代碼本snipplet。我只是把它用於你現有的網站。所以讓我知道如果你遇到問題，或者如果我應該改進/修復我的答案。

你不能解密joomla數據庫中的密碼。但是你可以使用這種方法來驗證它。這將創建sesssion cookie登錄用戶joomla在您的joomla安裝相同的域名。