I got a question regarding the cross-site session/cookie sharing between my website and the ipb forum on my server.
My question is to ask if it's possible to create a persistent PHP session that can be used on my website and my IPB forum.
Would it just be enough to create a session object after confirming the login and store the session values into my IPB forum database?
I currently use this code for a validation of the user and creating a php session for it:
if ($this->authenticateMember($result_row->members_pass_salt , $md5_once_password , $result_row->members_pass_hash)) {
// write user data into PHP SESSION
$_SESSION['name'] = $result_row->user_name;
$_SESSION['email'] = $result_row->user_email;
$_SESSION['user_login_status'] = 1;
function authenticateMember($salt, $password, $md5_hash){
if ( $md5_hash == self::generateCompiledPasshash( $salt, $password) )
{
return true;
}
else
{
return false;
}
}
/**
* Generates a compiled passhash.
* Returns a new MD5 hash of the supplied salt and MD5 hash of the password
*
* @param string User's salt (5 random chars)
* @param string User's MD5 hash of their password
* @return string MD5 hash of compiled salted password
*/
function generateCompiledPasshash( $salt, $password)
{
return md5( md5( $salt ) . $password);
}
I'm sure it's possible to do so, but I'm a bit baffled when I look at how IPB creates a session, since it uses so many variables across the board.
So if some of you got some tips on how to handle this, that would be greatly appreciated.