spike210957 Posted January 12, 2016 Share Posted January 12, 2016 I'm trying to force cubecart to auto login if a user has been authenticated by my site.I found this bit of code in user.class.php://If there is a cookie for the username and they are not logged in if (isset($_COOKIE['username']) && !empty($_COOKIE['username']) && !$this->is()) { //If we haven't pushed the user to the login if (!$GLOBALS['session']->get('login_push')) { $GLOBALS['session']->set('login_push', true); //Try to have them login if (!isset($_GET['_a']) || $_GET['_a'] != 'login') { httpredir('index.php?_a=login'); } } }So I though all I needed to do was to create the username cookie in my site and bingo cubecart would pick it up and force a login. But it isn't working and I can't suss why..... Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 12, 2016 Share Posted January 12, 2016 The Session's 'login_push' must be vestigial, as I cannot find any other code that uses it going back to CubeCart 5.1.1. But it may have had something to do with something called OAuth, which was removed from CubeCart many versions ago.So, I think the code snippet above is not the 'droid you're looking for. Quote Link to comment Share on other sites More sharing options...
spike210957 Posted January 12, 2016 Author Share Posted January 12, 2016 (edited) ok I'll have to carry on digging....I think what I need to do is instantiate a cubecart user object at the point that the user get's validated by my web site and set $IS_USER to trueSo here's what I'm trying in my page that calls the store: include('store\ini.inc.php');include('store\classes\cache\memcache.class.php');include('store\classes\user.class.php');include CC_ROOT_DIR.CC_DS.'controllers'.CC_DS.'controller.admin.pre_session.inc.php';////Instantiate a user$myuser = user::getInstance();$IsValid = $myuser->authenticate('[email protected]','mypassword');Trouble is it's falling over with:Class 'Memcache' not found in memcache.class.php on line 35 Edited January 13, 2016 by spike210957 Quote Link to comment Share on other sites More sharing options...
spike210957 Posted January 15, 2016 Author Share Posted January 15, 2016 Well I'm now trying a different approach in the page that opens the store I the code below. However, cubecart is catching my post in sessions.class.php (line 651) and deciding that it's a session hijack, which I suppose it is. Any suggestions for work round? // Post variables.$postdata = array( 'username' => 'value1', 'password' => 'value2' );do_post_request("store/index.php?_a=login", $postdata);function do_post_request($url, $postdata){ $content = ""; // Add post data to request. foreach($postdata as $key => $value) { $content .= "{$key}={$value}&"; } $params = array('http' => array( 'method' => 'POST', 'header' => 'Content-Type: application/x-www-form-urlencoded', 'content' => $content )); $ctx = stream_context_create($params); $fp = fopen($url, 'rb', false, $ctx); if (!$fp) { throw new Exception("Connection problem, {$php_errormsg}"); } $response = @stream_get_contents($fp); if ($response === false) { throw new Exception("Response error, {$php_errormsg}"); } return $response;} Quote Link to comment Share on other sites More sharing options...
spike210957 Posted January 15, 2016 Author Share Posted January 15, 2016 Ok tried another approach and this now works. The code for the page that kicks off the store is below. My only remaining issue is that when I come back to the site from the shop my session variables are gone... <?phpsession_start();echo "<html>";echo "<head>";echo "<script>";echo "function load()";echo "{";echo "document.frm1.submit()";echo "}";echo "</script>";echo "</head>";echo "<body onload='load()'>";echo "<form action= 'store/index.php?_a=login' id='frm1' name='frm1' method='post'>";echo "<input name='username' type='text' value='" . $_SESSION['Store_username'] . "' />";echo "<input name='password' type='text' value='" . $_SESSION['Store_password'] . "' />";echo "</form>";echo "</body>";echo "</html>";?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.