Skip to:
Content
Pages
Categories
Search
Top
Bottom

cookies (subtle bug?) single sign-on bbpress and wordpress


  • horrorshow
    Member

    @horrorshow

    Hi,

    I don’t mean to post twice, but I realized that I replied this to a thread that had already been resolved.. so I am posting a new topic.

    I am trying to integrate bbpress(0.8.3.1) with wordpress mu (1.3.3), and I am having some issues with cookies for login/logout.

    I’ve tried setting this: (“MD5hash” replaced with my MD5)

    $bb->usercookie = 'wordpressuser_MD5hash';
    $bb->passcookie = 'wordpresspass_MD5hash';

    However, that didn’t seem to allow single sign-on login(meaning, if I am log into wp, go to bbpress and find myself already logged and vice versa)

    Watching the cookies during the login/out process on WP MU, I found that the cookie names that WP MU uses are: “wordpresspass” and “wordpressuser”

    So in config.php for bbpress, I used:

    $bb->usercookie = 'wordpressuser';
    $bb->passcookie = 'wordpresspass';

    This works somewhat, let me explain:

    This scenario works:

    Log into WPMU, refresh bbpress page, I find myself already logged into bbpress.

    Log out of WPMU, refresh bbpress page, I find myself logged out of bbpress.

    Log into BBpress, refresh WPMU, I find myself logged into WPMU

    This doesn’t work:

    Log into BBpress, refresh WPMU (I find myself logged into WPMU) AND THEN when I try to log out from WPMU, I can’t log out.

    I refresh BBpress page, and I am not logged out either.

    If I log out from BBpress at this point, then I am logged out of WPMU as well.

    I have a feeling it might be something with WPMU, but I thought I’d post here first since this is where I found all the information about the integration. Thanks for your help. I am appending my config.php relevant to the integration part.

    $bb->wp_table_prefix = 'wp_';
    $bb->wp_home = 'http://achillesblog.com';
    $bb->wp_siteurl = 'http://achillesblog.com';
    $bb->usercookie = 'wordpressuser';
    $bb->passcookie = 'wordpresspass';
    $bb->cookiepath = '/';

    thanks for your help.

Viewing 15 replies - 1 through 15 (of 15 total)

  • _ck_
    Participant

    @_ck_

    You have the right approach if you find that log-outs are out of sync.

    You need to watch the cookie names and paths.

    MAKE SURE you clear ALL cookies while you are experimenting with paths and names. If you leave left overs, you are going to get strange behaviors.

    If you leave the page open, even after clearing cookies you may have form post data or session data in there. Close page, clear cookies, THEN confirm behavior.

    If you find that path names and cookie names are absolutely identical, it’s possible that the logout process for WPMU is not robust enough in the way it resets cookies. ie. doesn’t set the date far enough in the past.

    Following the WPMU tag will probably help you bunches. ie. http://bbpress.org/forums/topic/cookie-hell-wpmu-bbpress-bloodshot-eye-balls


    horrorshow
    Member

    @horrorshow

    _ck_, I cleared all the cookies for this domain when doing the test. I also closed all open pages, and started fresh.

    The three cookies that I see generated when doing this test on both BBPress and WPMU are:

    wordpressuser

    wordpresspass

    wordpress_test_cookie

    I’ll look at the code for logging out of wpmu, and also see if anything gets changed in the database. I’ll then compare that to how BBPress logs out and see if it makes any changes in the database too.

    Thanks for the link, but he basically added:

    $bb->usercookie = ‘wordpressuser’;

    $bb->passcookie = ‘wordpresspass’;

    And I’ve already done that.


    _ck_
    Participant

    @_ck_

    By the way, since the registration and login/out process in wordpress is a bit more advanced than bbPress, many people just change all the bbpress links for such actions to use the WordPress links. WordPress can even redirect back to the point of logout/login.


    horrorshow
    Member

    @horrorshow

    I fixed the problem by making changes to the bb_cookie() and bb_logout() since wpmu and bbpress set cookies differently: (the expire times are different). If anyone wants to me to post the code, please let me know.

    Also, I added the “cookiedomain” to the config.php

    Here’s the full list relevant to the integration.

    $bb->wp_table_prefix = 'wp_';
    $bb->wp_home = 'http://achillesblog.com';
    $bb->wp_siteurl = 'http://achillesblog.com';
    $bb->usercookie = 'wordpressuser';
    $bb->passcookie = 'wordpresspass';
    $bb->cookiepath = '/';
    $bb->cookiedomain = '.achillesblog.com';
    $bb->path='/forum/';


    nolageek
    Member

    @nolageek

    I’m not able to get this working in WPMU/bbpress:

    Using newest versions of both (fresh install 3 days ago)

    Site: http://geekdc.com

    bbpress: http://geekdc.com/forum

    bbpress config.php :

    $bb->wp_table_prefix = 'wp_';  // WordPress table prefix.  Example: 'wp_';
    $bb->wp_home = 'http://geekdc.com'; // WordPress - Options->General: Blog address (URL) // Example: 'http://example.com'
    $bb->wp_siteurl = 'http://geekdc.com'; // WordPress - Options->General: WordPress address (URL) // Example: 'http://example.com'

    //if ( isset( $bb->wp_table_prefix ) ){
    $bb->usercookie = ‘wordpressuser’;
    $bb->passcookie = ‘wordpresspass’;
    $bb->cookiepath = '/';
    $bb->cookiedomain = '.geekdc.com';
    $bb->path='/forum/';
    //}
    /* Stop editing */

    Stock WPMU wp-config.php

    Using the following plugins on WPMU:

    bbpress-integration.php

    http://downloads.wordpress.org/plugin/bbpress-integration.0.74.zip

    Using the following plugins on bbpress:

    wordpress-integration

    http://bbpress.org/plugins/topic/wordpress-integration/

    display name

    http://bbpress.org/plugins/topic/display-name/

    Is there anything else I need to do?

    When I first log in to WPMU I get the following cookies:

    geekdc.com wordpress_test_cookie (content:’ WP+Cookie+check’)

    geekdc.com wordpressuser (content username)

    geekdc.com wordpresspass (content: hash)

    I go to the forum, and I’m not logged in.

    I log into bbpress and I get two more cookies, exactly the same execept for the expiration dates. The WPMU expires at the end of session. The wordpress expires in one week. I do not get another wordpress_test_cookie.


    horrorshow
    Member

    @horrorshow

    nolageek,

    In WPMU, did you put the bbpress-integration.php in the “mu-plugins” directory or the “plugins” directory?

    I want only the site admin to be able to activate the “bbpress Integration” plugin, but it shows up for all users giving them an option to activate the plugin. That’s not good.

    On the bbPress side, I found that the wordpress-integration is not necessary (I’ve asked about this, but no replies so far), and display name plugin requires some code changes to the BBPress code for it to work properly. It causes permission problems, and I had to dig around the forum where it shows you which code to change.. In retrospect, it probably wasn’t worth the trouble. (Gurus, please correct me if I am wrong, as I am new to BBpress)

    If you want me to look for that thread again, let me know.

    To get single sign-on working properly, you need to make code changes on the bbPress side to bb_cookie() and bb_logout() in pluggable.php along with the config changes I mentioned (which you’ve done already).

    function bb_cookie( $name, $value, $expires = 0 ) {
    if ( bb_get_option( 'cookiedomain' ) ){
    setcookie( $name, $value, $expires, bb_get_option( 'cookiepath' ), bb_get_option( 'cookiedomain' ) );
    }else{
    setcookie( $name, $value, $expires, bb_get_option( 'cookiepath' ) );
    }
    }

    function bb_login($login, $password) {
    if ( $user = bb_check_login( $login, $password ) ) {
    bb_cookie( bb_get_option( 'usercookie' ), $user->user_login );
    bb_cookie( bb_get_option( 'passcookie' ), md5( $user->user_pass ) );
    do_action('bb_user_login', (int) $user->ID );
    }
    return $user;
    }

    I hope this helps, and please let me know how it works out.


    harryworld
    Member

    @harryworld

    horrorshow,

    Thanks for the detailed instructions. After,

    1. modifying the config.php as you stated above

    2. modifying bb_cookie() by not sending the time to setcookie()

    I am able to login and logout on either side, in any sequence.

    One more thing that I have notified (even not serious, but worth mentioning), is that if

    1. login on either side

    2. logout on WPMU

    3. visit bbPress, the first time will show up the user is still logged in

    4. refresh the page, or visit any page, it shows the user NO LONGER logged in

    I guess there may be some logic missing in bbPress for checking the existence of cookie and clear the session, on the first attempt.


    harryworld
    Member

    @harryworld

    By the way, I didn’t install any plugin for integration on either side


    Sam Bauers
    Participant

    @sambauers

    If you can wait a couple of days, WordPress/bbPress integration is a lot easier with a combination of WordPress version 2.5 and bbPress version 0.9


    horrorshow
    Member

    @horrorshow

    sambauers,

    Will there be a new release of WordPress MU as well?

    I am not complaining, but I sometimes feel like WPMU is the ugly stepchild in that there is always extra hurdles to get things working with other software. ;)

    Don’t get me wrong, I love WPMU since it allows me to create a blog community and do some really cool things. keep up the good work!


    harryworld
    Member

    @harryworld

    I am with you horrorshow.

    I use WPMU a lot, but the support on plugins and documentation is far from enough. There seems no official support except the core of WPMU.

    In the past few releases, donncha would merge the equivalent WPMU version after the single version was out for several days.


    RoseCitySister
    Member

    @rosecitysister

    Oh, goodie! I’ve already upgraded one of my sites to 2.5 and I love it, but another is integrated with WP (after much heartache and pain) and I don’t want to upgrade if it’s going to break it!


    nolageek
    Member

    @nolageek

    I was using the Display Name plugin, and now I can’t add new forums to the bbpress. Is there anythingI should do to reverse whatever it did to screw up the permissions?

    After a couple of weeks and double checking I did everthing you outlined up there,, I *still* can’t get the cookie thing straightened out. I just cant seem to get single-login to work.. I’ve tried just about everyting I’ve found on the forum. (maybe that’s it… too many things?)


    tgiokdi
    Member

    @tgiokdi

    @nolageek

    just deactivate the “Display Name” plugin and try again, that was the only solution I’ve found. You can reactivate it after you do you changes


    adaptiman
    Member

    @adaptiman

    Horrorshow said >>>

    Also, I added the “cookiedomain” to the config.php

    Here’s the full list relevant to the integration.

    <<<

    There is no config.php file. What file are you talking about? Do you mean wp-config.php in WordPress? If I’m using WPMU, where would these changes go?

    Could you post the entire procedure for integrating bbPress with WPMU?

    Thanks!

Viewing 15 replies - 1 through 15 (of 15 total)

You must be logged in to reply to this topic.