Page 1 of 1

Using PHP authentication in application

Posted: Wed Nov 28, 2007 11:26 am
by DelvarWorld
I'm not sure if this falls within the realms of these support forums, it probably doesn't but after a few hours of plugging with nothign to show except for a slighty mushier brain, it can't hurt to try.

My website uses phpbb2 (the latest, .0.22) for the forum. I'm using the logged in session data across the site for things like admin authentication, saving user preferences. These pages are NOT a part of the forum, they are just normal website pages. On the top of every page I use this code for initiating the authentication:

Code: Select all

//Set up phpbb session handling

$phpbb_root_path = $_SERVER['DOCUMENT_ROOT']."/forumLocation/"; // set path to phpBB files
include($phpbb_root_path . ''); 
include($phpbb_root_path . 'common.'.$phpEx); 

$userdata = session_pagestart($user_ip, PAGE_INDEX); // initiate session 
init_userprefs($userdata); // load user prefs 
I know this part is correct because it worked on the old architecture of my site. I have recently rebuilt my site and am testing it, but it seems that script execution is stopping without any feedback somewhere, and I'm not sure why. The only reason I feel this question might belong in this forum is because I'm wondering if anyone can think of any reason why the following would not work, with knowledge of the phpbb framework:

- I instantaite the session handling code as shown above. All is fine, user data is loaded.
- Then my index page does this (echo for debugging):

Code: Select all

echo ' Is there any life after phpbb? ';

$dbx = new Db( [db instantiation stuff] );
$holder->assign('db', $dbx);
echo ' abc ';

$templatex = new Template( [template stuff] );
echo ' defg ';
$holder->assign('template', $templatex);
echo ' ghijk ';
Some code changed to protect the innocent, but the main idea is there. I know this is looking less and less like a phpbb request, but bear with me for a moment. The output of this script looks like this:
Is there any life after phpbb? abc
And that's it. The above code is only an excerpt, the whole thing builds a web page. I know it works because it worked without the phpbb authentication on my localhost, and if I remove the authentication code from the index and fake the variables then it works. But I need the actual phpbb auth stuff. Going back to above, we can see the code stops running here:

Code: Select all

$templatex = new Template( [template stuff] );
because 'defg' is never outputted to the page. The beginning of the tempalte class looks like this:

Code: Select all

Class Templete {
	function __construct( [template stuff] ) {
		echo 'making template';
		$this->[stuff] = [template stuff]
The 'making template' code is also never written to the page, meaning the constructor is never hit. So that's the situation. My question then is this really:

Given the above code used to init the user session, is anyone aware of any methods I may be overwritting in the php files that would be causing a silent script die? Is there an __autoload method defined somewhere, or a Template class already created? Or variable names I could be overwriting that's breaching a security hole?

Woah, that looks like a book. Well, if you read it (god help you), then thanks for any feedback you can provide.

Re: Using PHP authentication in application

Posted: Wed Nov 28, 2007 11:32 am
by ric323

Re: Using PHP authentication in application

Posted: Wed Nov 28, 2007 11:51 am
by DelvarWorld
No sir, but those are excellent links that I wish I had a while ago. I just read both articles and they don't offer any insight to solving my problem unfortunately.

Re: Using PHP authentication in application

Posted: Wed Nov 28, 2007 12:18 pm
by DelvarWorld
Oh sweet, I solved it. I was overwriting a class in phpbb, the Template class. Just renamed my own class. Never figured out why it wasn't throwing an error, especially since error reporting was set to E_ALL, but whatever. Maybe my hair will grow back soon!