IP.Board - Single Sign On in php

Question

I'm developing a small hand made web portal for a community and I want it to have a loggin system with IP.Board (easier for the end user).

I have the forum and the app on the same hosting. For the loggin, the user clicks on a button and is redirected to this page:

<?php
require_once '../www/forum/init.php';
include_once 'includes/functions.php';
error_reporting(E_ALL);
session_start();
    \IPS\Session\Front::i(); 
    print_r( \IPS\Member::loggedIn());
    if(\IPS\Member::loggedIn()->member_id) {
        $name = \IPS\Member::loggedIn()->name;
        if(checkUserExistance($name)==0){                       
            //header("Location: ../index.php"); 
            print("LOGED EXIT!!!!!!!!!!!!!!!!!!!!");
        }else{
            print("LOGED INNNN!!!!!!!!!!!!!!!!!!!!");
            $_SESSION['authenticated'] = 'yes';
            $_SESSION['user'] = $name;
            $userphoto = \IPS\Member::loggedIn()->photo;            
            $result = getUserData($_SESSION['user']);
            $_SESSION['isLeader'] = $result['isLeader'];
            $_SESSION['isAdmin'] = $result['isAdmin'];
        }           
    } else{
        print("LOGED OUT!!!!!!!!!!!!!!!!!!!!");
        $_SESSION['authenticated'] = 'no';
        if(session_destroy()){ // Destroying All Sessions   
            //header("Location: index.php");
        }
    }
    //echo "Auth by LOGIN";

?>

If is not logged in IP.Board session (forum), it goes back to index.php

For now im developing a basic version of it, more improvements will be done once I get this working.

As you can see I have a print for debuging some data. On Edge everything works, but on Firefox or chrome I get a string of 32 characters, each time a diferent one, instead of getting the username. Example of what i get in Firefox and Chrome.

ef5cd2de05387b9b01048efad2173efd

Does any one know why is this?

INFO: I followed: IP.Board SSO Documentation

INFO2: Forum post

I'm using IPS Community Suite as the "Master".

---

EDIT 1: Debug of \IPS\Member::loggedIn()

IPS\Member Object ( [nodeClass:protected] => IPS\awards\Cats [_followData] => [_previousPhotoType:protected] => [_group] => [restrictions:protected] => [modPermissions:protected] => [calculatedLanguageId:protected] => [markers] => Array ( ) [markersResetTimes:protected] => Array ( ) [haveAllMarkers:protected] => [defaultStreamId:protected] => [changedCustomFields] => Array ( ) [previousName:protected] => [_socialGroups:protected] => [sessionData:protected] => [_lang:protected] => [_url:protected] => [profileFields] => [_reputationData:protected] => [_following:protected] => Array ( ) [reportCount:protected] => [ignorePreferences:protected] => [_ppdLimit:protected] => [_data:protected] => Array ( [member_group_id] => 2 [mgroup_others] => [joined] => 1483440989 [ip_address] => 83.36.150.111 [timezone] => UTC [allow_admin_mails] => 1 [pp_photo_type] => [member_posts] => 0 [pp_main_photo] => [pp_thumb_photo] => [failed_logins] => [pp_reputation_points] => 0 [signature] => [auto_track] => {"content":0,"comments":0,"method":"immediate"} ) [_new:protected] => 1 [changed] => Array ( [member_group_id] => 2 [mgroup_others] => [joined] => 1483440989 [ip_address] => 83.36.150.111 [timezone] => UTC [allow_admin_mails] => 1 [pp_photo_type] => [member_posts] => 0 ) [skipCloneDuplication] => )

Answer 1

I decided to use the other option for SSO in IP.Board Te other option, sends the login request to the forum, and does not need to check the sessions. Forum API does it.

Answer 2

Make sure the url (domain part) to your system is the same as IPS, ie www.example.com not only example.com example.com will give that hash, while www.example.com will not.

Spent some time before seeing this....

Edit: and that was not it at all. If I log out of the forum and in, maybe several times, it works in all browsers. I do not see a pattern, except trying several times (at least once). Sorry for poor answer!

Eirik

Answer 3

Well I recognise that this is over two years ago now, but I haverecently ran into the same problem using a localhost installation. In my case, when I tried in a blank new file it did the same problem but eventually fixed itself.

When I tried to actually integrate it with my site, it did this every single time. It turned out in my case that it was something to do with stripping bad UTF-8 characters.

I have absolutely no idea why this made any difference, but as soon as I took the code out that was stripping these characters out of GET, POST and most importantly, COOKIE, it started working perfectly.

For anyone doing this now, there's really nothing you can do other than trial and error in commenting out lines of code until you find it. IPS really aren't helpful at all with this kind of thing and leave you feeling like you're on your own with it (which you virtually are).