IP.Board vil ikke logge inn på Cookie

21. desember 2013
Hei alle!

Jeg driver fortiden å setter opp mitt IP.Board forum som en såkalt "Slave" for et "Master" script med IPS Connect (http://www.invisionpower.com/support...ps-connect-r27)

Jeg har satt opp alt som jeg skal og mitt Master script sender de riktige Cookiene men IP.Board forumet logger seg ikke inn... Jeg kan ikke skjønne hva feilen er. Jeg har lagt ved IPSConnect.php filen min så dere kan ta en titt.

Sidene er følgende (NB! Disse sidene er under arbeid så feil kan forekomme)
Master: http://simgoodies.com/com/index.php?do=/
Slave: http://simgoodies.com/forum/

Her er min IPSConnect.php fil:
Kode

<?php
class ipsConnect
{
	/**
	 * Constructor
	 *
	 * Use this to do any initiation required by your application
	 */
	public function __construct()
	{
		$this->secret_key = '----';
		
		require_once 'include.php';
		$this->url = 'http://www.simgoodies.com/com';
		$this->url_to_this_file = $this->url . '/ipsconnect.php';
		
		$this->db = $db;
	}

	public function login( $identifier, $identifierValue, $md5Password, $key, $redirect, $redirectHash )
	{
		if ( $redirect )
		{
			$redirect = ( ( $key == md5( $this->masterKey . $identifierValue ) ) and ( $redirectHash == md5( $this->masterKey . $redirect ) ) ) ? $redirect : base64_encode( $this->url );
		}
			
		if ( !$identifier or !$identifierValue or !$md5Password )
		{
			$this->_return( $redirect, array( 'connect_status' => 'MISSING_DATA' ) );
		}
		
		switch ( $identifier )
		{
			case 'id':
				$user = $this->db->query( "SELECT * FROM phpfox_user WHERE user_id=" . intval( $identifierValue ) )->fetch_array();
				break;
				
			case 'username':
				$user = $this->db->query( "SELECT * FROM phpfox_user WHERE user_name='". $this->db->escape_string( $identifierValue ) ."'" )->fetch_array();
				break;
				
			case 'email':
				$user = $this->db->query( "SELECT * FROM phpfox_user WHERE email='". $this->db->escape_string( $identifierValue ) ."'" )->fetch_array();
				break;
		}
		
		echo "Tester";
		echo $user['user_name'];
	
		if ( isset( $user['user_id'] ) )
		{
			if ( $md5Password == $user['password'] )
			{
				if ( $redirect )
				{
					setcookie( 'ipscm_user', $user['user_name'], time()+60*60*24*30, '/' );
					setcookie( 'ipscm_pass', $user['password'], time()+60*60*24*30, '/' );
					setcookie( 'ipsconnect_' . md5( $this->url_to_this_file ), '1', time()+60*60*24*30, '/' );
				}
							
				$this->_return( $redirect, array( 'connect_status' => 'SUCCESS', 'connect_id' => $user['user_id'], 'connect_username' => $user['user_name'], 'connect_displayname' => $user['user_name'], 'connect_email' => $user['email'], 'connect_unlock' => 0 ) );
			}
			else
			{
				$this->_return( $redirect, array( 'connect_status' => 'WRONG_AUTH', 'connect_id' => $user['user_id'], 'connect_username' => $user['user_name'], 'connect_displayname' => $user['user_name'], 'connect_email' => $user['email'], 'connect_unlock' => 0 ) );
			}
		}
		else
		{
			$this->_return( $redirect, array( 'connect_status' => 'NO_USER' ) );
		}
	}
	
	/**
	 * Process Logout
					If blank, will output blank screen
	 */
	public function logout( $id, $key, $redirect, $redirectHash )
	{
		// Check key
		if ( $key != md5( $this->secret_key . $id ) )
		{
			$this->_return( base64_encode( $this->url ) );
		}
			
		setcookie( 'ipscm_user', '', -1, '/' );
		setcookie( 'ipscm_pass', '', -1, '/' );
		setcookie( 'ipsconnect_' . md5( $this->url_to_this_file ), '0', time()+60*60*24*30, '/' );

		// Return
		if ( $redirect )
		{
			$redirect = ( $redirectHash == md5( $this->masterKey . $redirect ) ) ? $redirect : base64_encode( $this->url );		
		}
		$this->_return( $redirect );
	}
	
	/**
	 * Register a new account
	 */
	public function register( $key, $username, $displayname, $md5Password, $email, $revalidateurl )
	{
		// Check key
		if ( $key != $this->secret_key )
		{
			echo json_encode( array( 'status' => 'BAD_KEY', 'user_id' => 0 ) );
			exit;
		}

		if ( !$email or !$md5Password )
		{
			echo json_encode( array( 'status' => 'MISSING_DATA', 'user_id' => 0 ) );
			exit;
		}
		
		// Create the account
		$this->db->query( "INSERT INTO phpfox_user ( user_name, email, password ) VALUES ( '". $this->db->escape_string( $username ) ."', '". $this->db->escape_string( $email ) ."', '". $this->db->escape_string( $md5Password ) ."' )" );
		
		// Return
		echo json_encode( array( 'status' => 'FAIL', 'user_id' => 0 ) );
		exit;
	}
	
	/**
	 * Validate Cookie Data
	 *
	 * @param	string	JSON encoded cookie data
	 * @return	void	Outputs to screen a JSON object with the bollowing properties:
	 *						connect_status		SUCCESS, VALIDATING (successful, but account has not been validated) or FAIL
	 *						connect_id			the ID number in this app
	 *						connect_username	the username
	 *						connect_displayname	the display name
	 *						connect_email		the email address
	 */
	public function cookies( $data )
	{
		$cookies = json_decode( stripslashes( urldecode( $data ) ), TRUE );
		
		if ( isset( $cookies['ipscm_user'] ) )
		{	
			if ( $user = $this->db->query( "SELECT * FROM phpfox_user WHERE user_name='". $this->db->escape_string( $cookies['ipscm_user'] ) ."'" )->fetch_array() )
			{
				if ( $user['password'] == $cookies['ipscm_pass'] )
				{
					echo json_encode( array( 'connect_status' => 'SUCCESS', 'connect_id' => $user['user_id'], 'connect_username' => $user['user_name'], 'connect_displayname' => $user['user_name'], 'connect_email' => $user['email'] ) );
					exit;
				}
			}
		}
		
		echo json_encode( array( 'connect_status' => 'FAIL' ) );
		exit;
	}
	
	/**
	 * Check data
	 *
	 * @param	string	Key - this can be anything which is known only to the applications. Never reveal this key publically.
	 *					For IPS Community Suite installs, this key can be obtained in the Login Management page in the ACP
	 * @param	int		If provided, do not throw an error if the "existing user" is the user with this ID
	 * @param	string	Username
	 * @param	string	Display Name
	 * @param	string	Email address
	 * @return	void	Outputs to screen a JSON object with four properties (status, username, displayname, email) - 'status' will say "SUCCESS" - the remainding 3 properties will each contain a boolean value, or NULL if no value was provided.
	 *					The boolean value indicates if it is OK to register a new account with that data (this may be because there is no existing user with that, or the app allows duplicates of that data)
	 *					If the key is incorrect - 'status' will be "BAD_KEY" and the remaining 3 parameters will all be NULL.
	 */
	public function check( $key, $id, $username, $displayname, $email )
	{
		$return = array( 'user_name' => NULL, 'user_name' => NULL, 'email' => NULL );
		
		// Check key
		if ( $key != $this->secret_key )
		{
			echo json_encode( array_merge( array( 'status' => 'BAD_KEY' ), $return ) );
			exit;
		}
		
		// Check username
		if ( $username )
		{
			if ( $user = $this->db->query( "SELECT * FROM phpfox_user WHERE user_name='". $this->db->escape_string( $username ) ."'" )->fetch_array() )
			{
				$return['user_name'] = FALSE; 
			}
			else
			{
				$return['user_name'] = TRUE;
			}
		}
		
		// Check displayname
		if ( $displayname )
		{
			if ( $username == $displayname )
			{
				$return['displayname'] = $return['username'];
			}
			else
			{
				if ( $user = $this->db->query( "SELECT * FROM phpfox_user WHERE user_name='". $this->db->escape_string( $displayname ) ."'" )->fetch_array() )
				{
					$return['displayname'] = FALSE; 
				}
				else
				{
					$return['displayname'] = TRUE;
				}
			}
		}
		
		// Check Email
		if ( $email )
		{
			if ( $user = $this->db->query( "SELECT * FROM phpfox_user WHERE email='". $this->db->escape_string( $email ) ."'" )->fetch_array() )
			{
				$return['email'] = FALSE; 
			}
			else
			{
				$return['email'] = TRUE;
			}
		}
		
		// Return
		echo json_encode( array_merge( array( 'status' => 'SUCCESS' ), $return ) );
		exit;
	}
	
	/**
	 * Change account data
	 *
	 * @param	int		ID number
	 * @param	string	md5( IPS Connect Key (see login method) . ID number )
	 * @param	string	New username (blank means do not change)
	 * @param	string	New displayname (blank means do not change)
	 * @param	string	New email address (blank means do not change)
	 * @param	string	New password, md5 encoded (blank means do not change)
	 * @param	string	Redirect URL, Base64 encoded
	 * @param	string	md5( IPS Connect Key . $redirect )
	 * @return	mixed	If the redirect URL is provided, this function should redirect the user to that URL with a single paramater - 'status'
	 *					If blank, will output to screen a JSON object with the same parameter
	 *					Values:
	 *						BAD_KEY				Invalid Key
	 *						NO_USER				ID number not match any member account
	 *						SUCCESS				Information changed successfully
	 *						USERNAME_IN_USE		The chosen username was in use and as a result NO information was changed
	 *						DISPLAYNAME_IN_USE	The chosen username was in use and as a result NO information was changed
	 *						EMAIL_IN_USE		The chosen username was in use and as a result NO information was changed
	 *						MISSING_DATA		No details to be changed were provided
	 */
	public function change( $id, $key, $username, $displayname, $email, $md5Password, $redirect, $redirectHash )
	{
		if ( $key != md5( $this->secret_key . $id ) )
		{
			$this->_return( base64_encode( $this->url ), array( 'status' => 'BAD_KEY' ) );
		}
		
		if ( $redirect )
		{
			$redirect = ( $redirectHash == md5( $this->masterKey . $redirect ) ) ? $redirect : base64_encode( $this->url );
		}
		
		$user = $this->db->query( "SELECT * FROM phpfox_user WHERE user_name='". $this->db->escape_string( $_COOKIE['ipscm_user'] ) ."'" )->fetch_array();
		if ( !isset( $user['user_id'] ) )
		{
			$this->_return( $redirect, array( 'status' => 'NO_USER' ) );
		}
		
		$update = array();
	
		if ( $username and $username != $user['user_name'] )
		{
			if ( $_user = $this->db->query( "SELECT * FROM phpfox_user WHERE user_name='". $this->db->escape_string( $username ) ."'" )->fetch_array() )
			{
				$this->_return( $redirect, array( 'status' => 'USERNAME_IN_USE' ) );
			}
			
			$update['user_name'] = $this->db->escape_string( $username );
		}
		
		if ( !$username and $displayname and $displayname != $user['user_name'] )
		{
			if ( $_user = $this->db->query( "SELECT * FROM phpfox_user WHERE user_name='". $this->db->escape_string( $displayname ) ."'" )->fetch_array() )
			{
				$this->_return( $redirect, array( 'status' => 'DISPLAYNAME_IN_USE' ) );
			}
			
			$update['user_name'] = $this->db->escape_string( $displayname );
		}
		
		if ( $email and $email != $user['email'] )
		{
			if ( $_user = $this->db->query( "SELECT * FROM phpfox_user WHERE email='". $this->db->escape_string( $email ) ."'" )->fetch_array() )
			{
				$this->_return( $redirect, array( 'status' => 'DISPLAYNAME_IN_USE' ) );
			}
			
			$update['email'] = $this->db->escape_string( $email );
		}
		
		if ( $md5Password )
		{
			$update['password'] = md5( $md5Password );
		}
		
		if ( empty( $update ) )
		{
			$this->_return( $redirect, array( 'status' => 'MISSING_DATA' ) );
		}
		
		$update['user_name'] = isset( $update['user_name'] ) ? $update['user_name'] : $user['user_name'];
		$update['email'] = isset( $update['email'] ) ? $update['email'] : $user['email'];
		$update['password'] = isset( $update['password'] ) ? $update['password'] : $user['password'];
		$this->db->query( "UPDATE phpfox_user SET user_name='{$update['username']}', email='{$update['email']}', password='{$update['password']}' WHERE user_id={$user['user_id']};" );
		
		if ( $redirect )
		{
			setcookie( 'ipscm_pass', $update['password'], time()+60*60*24*30, '/' );
		}
		$success = TRUE;
		
		$this->_return( $redirect, array( 'status' => 'SUCCESS' ) );
		
	}
	
	/**
	 * Account is validated
	 *
	 * @param	int		ID number
	 * @param	string	md5( IPS Connect Key (see login method) . ID number )
	 */
	public function validate( $id, $key )
	{
		if ( $key != md5( $this->secret_key . $id ) )
		{
			echo json_encode( array( 'status' => 'BAD_KEY' ) );
		}
		
		echo json_encode( array( 'status' => 'SUCCESS' ) );
	}
	
	/**
	 * Delete account(s)
	 *
	 * @param	array	ID Numbers
	 * @param	string	md5(  IPS Connect Key (see login method) . json_encode( ID number ) )
	 */
	public function delete( $ids, $key )
	{
		if ( $key != md5( $this->secret_key . json_encode( $ids ) ) )
		{
			echo json_encode( array( 'status' => 'BAD_KEY' ) );
		}
		
		foreach ( json_decode( $ids, TRUE ) as $id )
		{
			$id = intval( $id );
			$this->db->query( "DELETE FROM phpfox_user WHERE id={$id};" );
		}
		
		echo json_encode( array( 'status' => 'SUCCESS' ) );
	}
	
	/**
	 * Handle redirect / output
	 *
	 * @param	string	Redirect URL, Base64 encoded
	 * @param	array	Params
	 * @return	null	Outputs to screen or redirects
	 */
	protected function _return( $redirect, $params=array() )
	{
		if ( $redirect )
		{
			header( 'Location: ' . base64_decode( $redirect ) . ( ( isset( $_REQUEST['noparams'] ) and $_REQUEST['noparams'] ) ? '' : ( '&' . http_build_query( $params ) ) ) );
			exit;
		}
		else
		{
			if ( !empty( $params ) )
			{
				echo json_encode( $params );
			}
			exit;
		}
	}	
}

/**
 *
 * Map - can modify to add additional parameters, but the IPS Community Suite will only send the defaults
 *
 */
$map = array(
	'login'		=> array( 'idType', 'id', 'password', 'key', 'redirect', 'redirectHash' ),
	'logout'	=> array( 'id', 'key', 'redirect', 'redirectHash' ),
	'register'	=> array( 'key', 'username', 'displayname', 'password', 'email', 'revalidateurl' ),
	'cookies'	=> array( 'data' ),
	'check'		=> array( 'key', 'id', 'username', 'displayname', 'email' ),
	'change'	=> array( 'id', 'key', 'username', 'displayname', 'email', 'password', 'redirect', 'redirectHash' ),
	'validate'	=> array( 'id', 'key' ),
	'delete'	=> array( 'id', 'key' )
	);

/**
 *
 * Process Logic - do not modify
 *
 */ 
$ipsConnect = new ipsConnect();
if ( isset( $_REQUEST['act'] ) and isset( $map[ $_REQUEST['act'] ] ) )
{
	$params = array();
	foreach ( $map[ $_REQUEST['act'] ] as $k )
	{
		if ( isset( $_REQUEST[ $k ] ) )
		{
			$params[ $k ] = $_REQUEST[ $k ];
		}
		else
		{
			$params[ $k ] = '';
		}
	}

	call_user_func_array( array( $ipsConnect, $_REQUEST['act'] ), $params );
}

exit;