Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+1 vote
9.5k views
in Q2A Core by
Hi,

I am admin for the site kulsara.com which is based on Simple Machines Forum (SMF) (see www.simplemachines.org). I would like to use the login information from SMF for SSO with question2answer (QA). But it does not seem to work -- any help or pointers much appreciated.

SMF has its own MySQL database and I am using the same database for QA as well. So in qa-config.php, I have used the parameters corresponding to this database. This part is okay, because after installation, I can see that the 11 QA tables are created in the database. I have also set QA_EXTERNAL_USERS to true.

In qa-external-users.php file, I have edited the qa_get_login_links function, and that seems to be okay. For instance, you can go to www.kulsara.com/qa and upon clicking the login or register links, you are redirected to the login/register pages of the kulsara site.

I think the problem is in the qa_get_logged_in_user function. Here is what my function looks like:

    function qa_get_logged_in_user($qa_db_connection)
    {
        session_start();

        global $context;

        if ($context['user']['is_logged']) {
            $userid=$context['user']['name'];


            $result=mysql_fetch_assoc(
                mysql_query(
                    "SELECT emailAddress FROM smf_members WHERE memberName='".mysql_real_escape_string($userid, $qa_db_connection)."'",
                    $qa_db_connection
                )
            );
           
            if (is_array($result))
                return array(
                    'userid' => $userid,
                    'publicusername' => $userid,
                    'email' => $result['emailAddress'],
                    'level' => ($userid=='admin') ? QA_USER_LEVEL_ADMIN : QA_USER_LEVEL_BASIC
                );
        }
       
        return null;
    }


The qa_get_user_email is as follows:

    function qa_get_user_email($qa_db_connection, $userid)
    {
        $result=mysql_fetch_assoc(
            mysql_query(
                "SELECT emailAddress FROM smf_members WHERE memberName='".mysql_real_escape_string($userid, $qa_db_connection)."'",
                $qa_db_connection
            )
        );
       
        if (is_array($result))
            return $result['emailAddress'];
       
        return null;
    }

The final function that was changed is qa_get_userids_from_public:

    function qa_get_userids_from_public($qa_db_connection, $publicusernames)
    {
        $publictouserid=array();
       
        foreach ($publicusernames as $publicusername)
            $publictouserid[$publicusername]=$publicusername;
       
        return $publictouserid;

    }


Any suggestions on why SSO is not working much appreciated. Thanks.

1 Answer

0 votes
by
 
Best answer
I'm not so familiar with SMF's internals, but I can make a couple of comments on your code based on a quick perusal:

* SMF uses numerical user IDs internally, so it's probably better to use those, rather than using public usernames for the integration. You can then write the functions for mapping between user IDs and public usernames.

* You can't use $context to get information about the currently logged in user, since none of SMF's files have been run when you're within Question2Answer. Instead you need to use the $_COOKIE and/or $_SESSION arrays to get the currently logged in status - see Subs-Auth.php in SMF's files for some clues.
...