Logging in to Joomla 1.5 Using External Form (Not Within Joomla Folder, But on Same Server)

Logging In To Joomla 1.5 Using External Form (not within joomla folder, but on same server)

Ok, in order for this to work here is what needs to be done -

1. Create a new session and get the associated token
2. Pass the username, password, and token to create a logged in session
3. Get the new cookie values for logged in session
4. Transfer cookie to the browser

Here is the code needed to accomplish all of this:

<?php
$uname = $_POST['username'];
$upswd = $_POST['password'];
$url = "http://joomla website.com";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url );
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE );
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE );
curl_setopt($ch, CURLOPT_COOKIEJAR, realpath('./cookie.txt'));
curl_setopt($ch, CURLOPT_COOKIEFILE, realpath('./cookie.txt'));
curl_setopt($ch, CURLOPT_HEADER, TRUE );
$ret = curl_exec($ch);
if (!preg_match('/name="([a-zA-z0-9]{32})"/', $ret, $spoof)) {
    preg_match("/name='([a-zA-z0-9]{32})'/", $ret, $spoof);
}

// POST fields
$postfields = array();
$postfields['username'] = urlencode($uname);
$postfields['passwd'] = urlencode($upswd);
$postfields['option'] = 'com_user';
$postfields['task'] = 'login';
$postfields[$spoof[1]] = '1';
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
$ret = curl_exec($ch);

// Get logged in cookie and pass it to the browser
preg_match('/^Set-Cookie: (.*?);/m', $ret, $m);
$cookie=explode('=',$m[1]);
setcookie($cookie[0], $cookie[1]);
?>

This should work on any Joomla website as long as the URL used in the script has a login form on the page. Once you run this script you should then be able to access the website and be logged in.

logging in to Joomla from external script

I ended up using the AutoLogin-extension which did the job. Not as "elegant" as I wanted it to be (because it requires installation of that plugin), but hey, it works! :-)

Can Joomla site use an external site for sign on?

Yes it can be done. You can do it through cURL, details here -

Logging In To Joomla 1.5 Using External Form (not within joomla folder, but on same server)

In order to get the users to an external login page when Joomla tries to send the user to it's own login page, I would use a simple redirect in htaccess.

If you are not using SEF URLs then the redirect will need to look something like this -

RewriteCond %{QUERY_STRING} (^|&)option=com_user(&|$)
RewriteCond %{QUERY_STRING} (^|&)view=login(&|$)
RewriteRule ^$ http://mySSOsite.com? [R=301,L]

How to log into joomla through an external script?

<?php
//http://domain.com/script/script.php?username=username&passwd=password

define( '_JEXEC', 1 );
define('JPATH_BASE', '../' );
define( 'DS', DIRECTORY_SEPARATOR );
require_once('../configuration.php');
require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );
require_once ( JPATH_BASE .DS.'libraries'.DS.'joomla'.DS.'factory.php' );

/* Create the Application */
$mainframe =& JFactory::getApplication('site');
jimport('joomla.plugin.helper');

$credentials = array();
$credentials['username'] = JRequest::getVar('username', '', 'method', 'username');
$credentials['password'] = JRequest::getVar('passwd', '', 'method', 'passwd');

//perform the login action
$error = $mainframe->login($credentials);
$user = JFactory::getUser();
//now you are logged in

$mainframe->logout();
//now you are logged out

Calling Joomla Authentication plugin to login user in a page outside of joomla?

You can do it 2 ways - by loading the Joomla framework on to the page so you have access to create the necessary token, or you can use cURL to create the session and submit the login remotely. Here's the code for the cURL method: Logging In To Joomla 1.5 Using External Form (not within joomla folder, but on same server)

---

Related Topics