Not logged in. · Lost password · Register
Forum: Customising UNB Modifications and plug-ins RSS
Access API with fixed user (instead of deriving the user from the session)
kaig 2007-12-09, 00:20 #1
Member since Oct 2007 · 1 post
Group memberships: Members
Show profile · Link to this post
Subject: Access API with fixed user (instead of deriving the user from the session)
How do I access the UNB API as if by coming from a fixed user id, bypassing the session/cookie stuff that normally happens?

I am trying to integrate UNB with a newspaper website, where I would like a forum thread for each news article.

The newspaper website shows an article with a PHP script, so I augmented that script to invoke UNB API functions to find the right forum and the right thread within that forum and to output a link to that thread beneath the article.  I also added code to auto-create the forum threads (using IThread.Add and IPost.Add, mostly).

So far, so good.  But now it turns out that the new thread and post are added using the credentials of the user sitting in front of the browser (if that user has logged into UNB yet).  But that's not what I want.  I want these auto-created threads and posts to be always from the same user.

But the human sitting in front of the browser should still be allowed to click on a link to the thread, and be authenticated with their own credentials or by their own browser session.  This way, replies added by that person would come from them.

I started reading through the stuff that comes after the session.prelogin hook in common.lib.php, but it made my head swim.

Thanks,
Kai
Avatar
Yves (Administrator) 2007-12-09, 01:11 #2
User title: UNB developer & webmaster
Member since Jan 2004 · 3814 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members
Show profile · Link to this post
The basic thing is to set the variables like $UNB['LoginUserID'], $UNB['LoginUser'] and probably some more to the correct values. The best place to do this is when UNB would call CheckSession(), because after determining the session user (you can follow the code flow from common.lib.php) some other things are done like preparing the ACL cache for the current user. It may also be possible to set the user-related variables and then call those additional functions "by hand" in the same request as handling user stuff. When you're done with your static-user actions, be sure to restore all variables you've changed and again call the functions like ReadACL(). But I guess that's not a very efficient solution.
♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:

Go to forum
This board is powered by the Unclassified NewsBoard software, 20110527-dev, © 2003-2011 by Yves Goergen
Page created in 176.3 ms (88.2 ms) · 41 database queries in 140.5 ms
Current time: 2012-02-07, 20:35:09 (UTC +01:00)