Joomla！ 2.5.19外部用户登录

Question

很抱歉，我无法找到与此Joomla相关的主题！版。在尝试了几个代码之后，我决定打开一个新的话题来问问你的专家。 :)

我们正在使用基本身份验证检查脚本。在我们更新到Joomla后！ 2.5.19，旧的md5方法不再有效。 PHP脚本如下：

session_start(); 
    $db = mysql_connect("localhost", "root", ""); 
    mysql_select_db("sql1",$db); 

//Joomla user and pass check start 
$sql = "SELECT * FROM j25_users WHERE username='".$_POST['user']."'"; 
$result = mysql_query($sql,$db); 
$userdata = mysql_fetch_array($result); 
list ($md5pass, $saltpass) = split (":", $userdata['password']); 

$POSTPW = crypt ('xxgu952rjyiL', 'Xh2loHgxxi5ijuNbGI'); 


echo "<br><br>"; 

$joomlapw=$userdata[password]; 

echo "POST PW= $POSTPW 
<br> 
Joomla - PW = $joomlapw 
<br> 
salt = $saltpass 

<br> 
"; 

if(((md5($_POST['pa'].$saltpass))==$md5pass) and ($userdata['usertype']=="Super Administrator" or $userdata['usertype']=="Editor")) 
{ 
echo "success!"; 
    $jommlapruefung="success"; 
} 

echo "<br>$_POST[user] und $_POST[pa]"; 



//Joomla user and pass check complete 

$dom  =str_replace("lager.","",$_SERVER["HTTP_HOST"]); 


$_GET['getdir']=str_replace(chr(92),"",$_GET['getdir']); 
$_GET['getdir']=str_replace("//","/",$_GET['getdir']); 
$_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); $_GET['getdir']=str_replace("//","/",$_GET['getdir']); 
$_GET['getdir']=str_replace(".","_",$_GET['getdir']); 

if ($_GET['getdir']==NULL) $_GET['getdir']="/"; 

if (($_GET['getdir']=="") || ($_GET['getdir']=="/")) 
{ 
if ($jommlapruefung!="success" & $_SESSION['best']!='gogo') 
    { 
    die("<FORM ACTION=index.php METHOD=POST> 
     Username:&nbsp; <INPUT TYPE=text NAME=user LENGTH=25 SIZE=25> 
     Password:&nbsp; <INPUT TYPE=password NAME=pa LENGTH=25 SIZE=25> 
     <input type='submit' name='submit' value='Submit'><br> 
     </FORM>"); 
    } 
} 
if ($jommlapruefung="success") 
    { 
    $_SESSION['best'] = 'gogo'; 
    } 

if($_SESSION['best']='gogo') 
{ 

// HERE COMES THE SCRIPT AFTER LOGIN!! 
// ... 
} 

?> 

此代码是几年前，并不是由我创建的。一些细节已被清除。 你知道如何将这个脚本从md5更新到bcrypt认证吗？我非常感谢你帮助我！ :)

Answer 1

我不确定是否让您的问题完成。但是，如果你想使用在其他网站上的表单登录到Joomla你可以在你的Joomla根目录的脚本，例如joomlalogin.php，看起来是这样的：

第一部分启动时的Joomla接口：

// START: Initialize Joomla framework 
define('_JEXEC', 1); 
define('DS', DIRECTORY_SEPARATOR); 
define('JPATH_BASE', dirname(__FILE__)); 
// Including Required Files 
require_once (JPATH_BASE.DS.'includes'.DS.'defines.php'); 
require_once (JPATH_BASE.DS.'includes'.DS.'framework.php'); 
// Create the Application 
$mainframe =& JFactory::getApplication('site'); 
$mainframe->initialise(); 
$user =& JFactory::getUser(); 
// END: Initialize Joomla framework 

然后验证和登录用户：

$app = JFactory::getApplication(); 
// Populate the data array: 
$data = array(); 
$data['return'] = base64_decode(JRequest::getVar('return', '', 'POST', 'BASE64')); //Page user is returned to after a successfull login 
$data['username'] = JRequest::getVar('username', '', 'method', 'username'); 
$data['password'] = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW); 

// Set the return URL if empty. 
if (empty($data['return'])) { 
    $data['return'] = 'index.php'; //If return page not set... set one. 
} 

// Set the return URL in the user state to allow modification by plugins 
$app->setUserState('users.login.form.return', $data['return']); 

// Get the log in options. 
$options = array(); 
$options['remember'] = JRequest::getBool('remember', false); 
$options['return'] = $data['return']; 

// Get the log in credentials. 
$credentials = array(); 
$credentials['username'] = $data['username']; 
$credentials['password'] = $data['password']; 

// Perform the log in. 
if (true === $app->login($credentials, $options)) { 
    // Success 
    $app->setUserState('users.login.form.data', array()); 
    $app->redirect(JRoute::_($app->getUserState('users.login.form.return'), false)); 
} else { 
    // Login failed ! 
    $data['remember'] = (int)$options['remember']; 
    $app->setUserState('users.login.form.data', $data); 
    $app->redirect('index.php', false)); 
} 

我没有带测试的代码本snipplet。我只是把它用于你现有的网站。所以让我知道如果你遇到问题，或者如果我应该改进/修复我的答案。

你不能解密joomla数据库中的密码。但是你可以使用这种方法来验证它。这将创建sesssion cookie登录用户joomla在您的joomla安装相同的域名。