Home General support

Linking my login form to ZenPhoto / Client Login / Auto Submiting Login Form

viavianci Member
in General support
Hello,

I have integrated ZenPhoto for a client and am having a problem with a feature I'm trying to implement. The client is a photographer, as well as the normal galleries, he has password protected galleries for his clients.

He has a link on his homepage "Client Login", I'd like to link that to a form, take the username and password from the form:-

-Using the username, direct the user to his client gallery
-Use the username and password to log the user in so that he doesn't need to fill in the form that appears when you're not logged in (seeing as that would mean asking for the details twice!)

Is there anyway of doing this?

Comments

  • sbillard Member
    You can create a zenphoto cookie from his usercode and password. The zenphoto login is handled circa line 37 in auth_zp.php. There you will see how the cookie is created when one logs into zenphoto. You will have to create zenphoto admin users with the same user/password for this to work.
  • viavianci Member
    Hello, I'm not the most advanced PHP user - is there any documentation that explains how the cookies are created?
  • sbillard Member
    There is documentation on setcookie in the PHP documents: http://us2.php.net/manual/en/function.setcookie.php. The above reference will show you what zenphoto does.
  • viavianci Member
    Thanks for your help, that was most helpful sbillard - I was able to add the feature I wanted.
  • viavianci Member
    Hi there,

    Actually I've just realised that my solution isn't working yet. My code is as follows:

    <?php

    require_once("http://www.mysite.com/zenphoto/zp-core/lib-utf8.php");
    require_once("http://www.mysite.com/zenphoto/zp-core/functions-db.php");

    $post_user = $_POST["user"];
    $post_pass = $_POST["pass"];

    setcookie("zenphoto_auth", md5($post_user . $post_pass), time()+5184000, "/");

    header('Location: http://www.mysite.com/zenphoto/' . $post_user);

    ?>

    SBillard - do you have idea what I could do to make this work?
  • sbillard Member
    With an installation in the folder 'zenphoto' the cookie path needs to be `zenphoto/`

    so `setcookie("zenphoto_auth", md5($post_user . $post_pass), time()+5184000, "zenphoto/");`
  • viavianci Member
    Hi, I actually sorted the problem by copying the file to /zenphoto and using zp_setcookie.

    Could you please let me know how I can verify the username and password entered by the client is correct before I create the cookie!

    I know the answer is in auth_zp.php file - but I'm having difficulty locating it!

    Thanks in advance!
  • sbillard Member
    `if (checkAuthorization(md5($post_user . $post_pass))) {

    zp_setcookie("zenphoto_auth", md5($post_user . $post_pass), time()+5184000, $cookiepath);

    } else {

    zp_setcookie("zenphoto_auth", "", time()-368000, $cookiepath);

    }`
  • viavianci Member
    Hello,

    Can I ask what is the difference between: checkAuthorization & checkLogon?

    The checkAuthorization does work, but the cookie is not being set (I get the enter username + password form). My code:

    <?php

    require_once("lib-utf8.php");
    require_once("functions-db.php");

    $post_user = $_POST["user"];
    $post_pass = $_POST["pass"];

    if (checkAuthorization(md5($post_user . $post_pass)))
    {
    zp_setcookie("zenphoto_auth", md5($post_user . $post_pass), time()+5184000, "/");
    header('Location: http://www.mysite.com/script/' . $post_user);
    }

    else
    {
    zp_setcookie("zenphoto_auth", "", time()-368000, "/");
    echo "wrong username / password";
    }

    ?>
  • viavianci Member
    Hello,

    Just to add,

    If I login using my login form, the authentication part works fine, it redirects me to the gallery but the cookie is not set as I get the username and password form.

    If I try to login again through my form, it works! It's just the first time that it doesnt work - do you know why this could be?
  • sbillard Member
    Cookies cannot be set after you have generated output. If you echo "wrong username / password" shows up in anything but a blank page then you have already sent headers so your cookie is not saved. This processing must be done before any headers, etc. are sent. So you would have to have some error variable set so that later you can display your error message.

    In answer to your original question, checkLogon() checks a user/password for authentication. checkAuthorization() matches a stored authorization such as a cookie.
  • viavianci Member
    Hi there, I still have the same problem:

    If I visit the plain HTML site, click on my login form, submit the correct user details --> I get the user + password form from Zen, the cookie appears not to be set.

    If I then click on the same login link and try again, I get logged in and the cookie is set.

    My code is as follows - I feel I'm really close to the solution so I hope you can help me wrap things up! :)

    <?php

    require_once("lib-utf8.php");
    require_once("functions-db.php");

    $post_user = $_POST["user"];
    $post_pass = $_POST["pass"];

    if(checkLogon($post_user, $post_pass))
    {
    setcookie("zenphoto_auth", md5($post_user . $post_pass), time()+5184000, "/");
    header('Location: http://www.mysite.com/zenphoto/' . $post_user);
    }

    else
    {
    setcookie("zenphoto_auth", "", time()-368000, "/");
    header('Location: http://www.mysite.com/login-failed.html');
    }

    ?>
  • sbillard Member
    Please try this with the current nightly build. I did find a problem where session information was getting set empty somehow. I have changed the authorization process to ignore empty session autorization codes so it should fetch the cookie properly.
  • viavianci Member
    Hello - the current nightly build (27th July) didn't fix this problem either. Any other suggestions?
  • sbillard Member
    You need to figure out if your cookies are getting sent. If so, make sure the endocing in the cookie matches the auth in the administrators table.
  • viavianci Member
    Hi there,

    I modified the code slightly:
    `

    if(checkLogon($post_user, $post_pass))

    {

    setcookie("zenphoto_auth", md5($post_user . $post_pass), time()+5184000, "/");

    $_zp_loggedin = checkAuthorization(zp_getCookie('zenphoto_auth'));

    if ($_zp_loggedin) {

    header('Location: http://www.mysite.com/script/' . $post_user);

    }

    }

    `
    This results in a blank screen which means the cookie is not being set on the first attempt but does get set on subsequent attempts - I don't understand why this happens!
  • sbillard Member
    I have figured it out. Basically, the cookie does not cross web boundries. I have created a hack that will do what you wish. http://www.zenphoto.org/2008/07/zenphoto-single-login/
  • viavianci Member
    The hack works perfectly, thanks for all your help over the last few days. I'll try and find your email address to send you the URL to the finished site.

    p.s. http://www.zenphoto.org/2008/07/zenphoto-single-login/ < I had some problems copying and pasting the code, there's some formatting errors on the page
  • acrylian Administrator, Developer
    Sorry about the formatting problems, it always can be problematic pasting code from the site (and the forum). We will attach that as a file download later.
Sign In or Register to comment.