New Website

I've made a new website, as lynx.io is dead. You can find it here: http://macr.ae/—it's similar in format to lynx.io, but has better articles, and they're all written by me.

JavaScript disabled

While it will still mostly work, a lot of this site's functionality relies on JavaScript - please enable it for the best experience.

Integrating phpBB sessions into your site

Instead of having two logins to your site, it would be far easier and more efficient to use phpBB's sessions systems. It would also be easier and more secure for your users. You will also be able to use stuff like the permissions system and the templates system if you wish. In this article, I will explain how you can integrate the phpBB session into your website.

First, you will need to add this to the top of every page you want to use with phpBB's sessions:

<?php

define('IN_PHPBB', true);
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);

// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();

If you wish to include a language file, replace $user->setup(); with $user->setup('mods/yourpage');. This will include language/yourlang/mods/yourpage.php automatically and add it to the $user->lang array. Obviously, language files are only useful if your website is in more than one language, but it might be worth using it anyway - it gives you the option to expand your site in the future if required.

The $user->data array

$user->data contains all information about the user currently stored in the phpbb_users table (including the password - be careful). For example, a print_r of the array returns the following on my localhost install:

Array
(
    [user_id] => 2
    [user_type] => 3
    [group_id] => 5
    [user_permissions] => zik0zjzik0zjzik0yo
i1cjyo000000
zik0zjzhb2tc
i1cjyo000000
i1cjyo000000
i1cjyo000000
i1cjyo000000
i1cjyo000000
i1cjyo000000
i1cjyo000000
i1cjyo000000
i1cjyo000000
i1cjyo000000
    [user_perm_from] => 0
    [user_ip] => ::1
    [user_regdate] => 1302370816
    [username] => Callum
    [username_clean] => callum
    [user_password] => $H$9CzcNAWt7iLZKDfYPhTJTEnWGBZVTV.
    [user_passchg] => 1302370881
    [user_pass_convert] => 0
    [user_email] => callum@lynxphp.com
    [user_email_hash] => 216925083818
    [user_birthday] => 19- 5-   0
    [user_lastvisit] => 1302370859
    [user_lastmark] => 0
    [user_lastpost_time] => 1302370975
    [user_lastpage] => ucp.php?i=profile&mode=reg_details
    [user_last_confirm_key] =>
    [user_last_search] => 0
    [user_warnings] => 0
    [user_last_warning] => 0
    [user_login_attempts] => 0
    [user_inactive_reason] => 0
    [user_inactive_time] => 0
    [user_posts] => 1
    [user_lang] => en
    [user_timezone] => 0.00
    [user_dst] => 0
    [user_dateformat] => D M d, Y g:i a
    [user_style] => 1
    [user_rank] => 1
    [user_colour] => AA0000
    [user_new_privmsg] => 0
    [user_unread_privmsg] => 1
    [user_last_privmsg] => 1302370975
    [user_message_rules] => 0
    [user_full_folder] => -3
    [user_emailtime] => 0
    [user_topic_show_days] => 0
    [user_topic_sortby_type] => t
    [user_topic_sortby_dir] => d
    [user_post_show_days] => 0
    [user_post_sortby_type] => t
    [user_post_sortby_dir] => a
    [user_notify] => 0
    [user_notify_pm] => 1
    [user_notify_type] => 0
    [user_allow_pm] => 1
    [user_allow_viewonline] => 1
    [user_allow_viewemail] => 1
    [user_allow_massemail] => 1
    [user_options] => 230269
    [user_avatar] =>
    [user_avatar_type] => 0
    [user_avatar_width] => 0
    [user_avatar_height] => 0
    [user_sig] => Hello world!
    [user_sig_bbcode_uid] => 3uemv9wm
    [user_sig_bbcode_bitfield] =>
    [user_from] => England
    [user_icq] =>
    [user_aim] =>
    [user_yim] => dontmessageme
    [user_msnm] => callumacrae@donotwant.spam
    [user_jabber] =>
    [user_website] => http://lynxphp.com/
    [user_occ] =>
    [user_interests] =>
    [user_actkey] =>
    [user_newpasswd] =>
    [user_form_salt] => d60d1c2b19803efa
    [user_new] => 1
    [user_reminded] => 0
    [user_reminded_time] => 0
    [session_id] => bd4bc099bef6f9e2a6c88d16a0538bf9
    [session_user_id] => 2
    [session_forum_id] => 0
    [session_last_visit] => 1302370817
    [session_start] => 1302370817
    [session_time] => 1302371092
    [session_ip] => ::1
    [session_browser] => Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; en-gb) AppleWebKit/533.19.4 (KHTML, like Gecko) Version/5.0.3 Safari/533.19.4
    [session_forwarded_for] =>
    [session_page] => ucp.php?i=176
    [session_viewonline] => 1
    [session_autologin] => 0
    [session_admin] => 1
    [is_registered] => 1
    [is_bot] =>
)

It should be fairly obvious what each item is. Everything prefixed with user_ is from the user table (hence why stuff like user_password is there).

Checking whether the user is logged in

The following code will check whether the user is logged in:

<?php

if ($user->data['user_id'] == ANONYMOUS) {
    // Not logged in
} else {
    // Logged in
}

 

For example, if we wanted to make a page members-only:

<?php

if ($user->data['user_id'] == ANONYMOUS) {
    trigger_error('You must be logged in to access this page', E_USER_ERROR);
}

 

That's all there is to it. If you want to know more about this, or how to use stuff like the language, permissions, or template system, either check out the phpBB wiki or leave a comment asking me to write an article about it.

Thanks for reading!

About Callum Macrae:

Callum Macrae is the founder of lynx.io and a JavaScript developer from the United Kingdom. He is currently writing his first book, to be published by O'Reilly Media.

You can view more articles by this author here.

Tags: logins sessions phpbb

Comments

Jmac says:

Hello, nice guide! It really helped me develop a recruitment application for my clan's phpBB3 forum. Would you know how to handle a php argument where someone has multiple "group_id" fields?

Here is my basic statement which doesn't seem to work since most of my users are on multiple groups (for good reason):

if ($user-&gt;data['username'] == &quot;Anonymous&quot; || $user-&gt;data['username']== &quot;Guest&quot;)
{
echo &quot;You must be a member to view this page.&quot;;
}
elseif ($user-&gt;data['group_id'] == &quot;10&quot;)
{
echo &quot;You can see this page!!!!&quot;;
}
else
{
echo &quot;You cannot see this page!!!! *sigh*&quot;;
}
Jmac says:

Well I slightly figured out my own problem, but it doesn’t completely solve the issue.

It turns out that the users DEFAULT group is the “group_id”, still any thoughts would be amazing!

Callum Macrae says:

group_id is their default group, you will have to do an SQL query to get the rest of them:

SELECT * FROM  phpbb_user_group WHERE user_id = 1

To get the group names, you can use a join.

Quinn says:

What’s the major differences between username and username_clean?

Callum Macrae says:

username_clean is literally just a cleaned version of username - it removes all special characters and changes it to lowercase. It has a few useful functions:

It's useful for ordering with, as MySQL will return A-Z before a-z, which is obviously incorrect. If you're writing an SEO modification, "/member/Valid 'Username" obviously isn't a valid URL, so we would use the clean username instead - "/member/validusername". It's also a lot easier to work with, as you don't have to escape it as it cannot contain special characters. For example, in a WHERE, instead of using:

$sql .= 'WHERE username = &quot;' . escape_stuff_and_hope_its_correct($username) . '&quot;';

We can use:

$sql .= 'WHERE username_clean = &quot;' . username_clean($username) . '&quot;&quot;;

Those function don't actually exist btw, the code above is just demonstrating how it works :)

Andy says:

and someone knows, how to save own variables temporarily in the session or knows a good tutorial ?

Callum Macrae says:

They’re already in the session :/

Louis says:

How to get the $user->data array? Do I simply do a SQL select from the corresponding PHPBB database table?

Callum Macrae says:

If you’ve got access to the phpBB session (by putting the code at the beginning of the article at the top of every page), then the $user->data array is already initialised.

Alkor says:

When I was still using phpBB for my session management, I actually extracted some parts of it (like the session class) and trimmed it to the basics, since doing

include($phpbb_root_path . 'common.' . $phpEx);

actually loads the whole phpBB environment and chances are you won’t need it (and don’t want those additional queries). For checking whether the user is logged in I simply used to do:

if ($user-&gt;data['is_registered'])

instead of checking for the user id, since checking the user_id would treat bots as logged in users.

Callum Macrae says:

GitHub it? :-D

Mohamed Powhardinshu says:

Hello,

Thank you so much for this post, and I have 2 questions…

1) If I have a site with 30000 users already in it. How do I now add the forum and use this login? Should I use 2 logins?

2) I have to create a new website… should I create a new form for the users to register or register the new users using the phpbb registration form and use the login box from phpbb as my website login and add the necessary custom fields to the phpbb users table?

Thank you in advance, Mohamed

Mohamed Powhardinshu says:

I meant in the 2nd questions. Should I use 2 tables? My own and also copy the registration info manually to the phpbb table?

Callum Macrae says:

1) Same way as you would with a small board – read the article :–D The article explains how you can use the phpBB logins for the rest of the site, meaning that you would only have to have one login.

2) Use the phpBB registration system, and use the phpBB user data on your website instead of having the two logins.

avinash kadam says:

Hi I want when user register on my site, then he/she automatically register to phpBB forum and their is no need of registration on phpBB forum. How should I do this ?

Callum Macrae says:

This article is about using the phpBB login in the rest of your site, instead of having two logins. I would recommend using the phpBB login on your whole site, instead of having two logins (hence the article – read it so you know how).

says:

Add comment

 

You can use markdown in comments (press "m" for a cheatsheet).

Enable JavaScript to post a comment

Markdown Cheat Sheet

# This is an <h1> tag
## This an <h2> tag
###### This is an <h6> tag

Inline markup: _this text is italic_, **this is bold**, and `code()`.

[Link text](link URL "Optional title")
[Google](http://google.com/ "Google!")

![Alt text](image URL)

![This is a fish](images/fish.jpg)

1. Ordered list item 1
2. Ordered list item 2

* Unordered list item 1
* Unordered list item 2
* Item 2a
* Item 2b

And some code:

// Code is indented by one tab
echo 'Hello world!';

Horizontal rules are done using four or more hyphens:

----

> This is a blockquote

This is an <h1> tag

This an <h2> tag

This is an <h6> tag

Inline markup: this text is italic, this is bold, and code().

Link text Google

This is a fish

  1. Ordered list item 1
  2. Ordered list item 2
  • Unordered list item 1
  • Unordered list item 2
    • Item 2a
    • Item 2b

And some code:

// Code is indented by one tab
echo 'Hello world!';

Horizontal rules are done using four or more hyphens:


This is a blockquote

Toggle MarkDown / HTML (t), full reference or close this