Problem with phpbb2 integration class in LT 1.2

Problem with phpbb2 integration class in LT 1.2

Postby foei on Wed Mar 28, 2007 4:28 pm

Hi there!

We have just decided to port our blogs to the new version 1.2, however, we use phpbb integration. Unfortunately, something goes wrong:

Fatal error: Call to a member function on a non-object in /home/expreszo/www/blogs/class/dao/userdata/phpbb2userdataprovider.class.php on line 203

(see http://www.expreszo.nl/blogs)

Is this a bug? Does someone know a solution to this problem? We tried the class of the old 1.1.6 installation as well, but thatone gave the same error and we have run out of options. Is it safe to go back to 1.1.6? Our site is quite popular, so we're desperate for a quick solution.

Thanks in advance!
foei
 
Posts: 4
Joined: Wed Mar 28, 2007 4:21 pm

Postby phunkphorce on Wed Mar 28, 2007 6:25 pm

Sorry, I think we left some code in there that is making the user data providers crash, not only the phpbb2 one but most of them...

I've uploaded a fix for the phpbb2 provider, it's available here:

http://bugs.lifetype.net/view.php?id=1242

Would you mind testing it and letting us know if it now works?
phunkphorce
Lifetype Expert
 
Posts: 9028
Joined: Mon Aug 25, 2003 6:34 am
Location: Suomessa

Postby foei on Thu Mar 29, 2007 8:09 am

Thank you for your quick reply, unfortunately it’s still not working. The parse errors are gone, but it now fails to authenticate the user. It gives an error just like when you’ve entered your password incorrectly, but I’m sure it’s the correct one. I’ve tried it with different accounts.
foei
 
Posts: 4
Joined: Wed Mar 28, 2007 4:21 pm

Postby phunkphorce on Thu Mar 29, 2007 9:28 am

Do you have the knowledge to track down what's going on in the code? I unfortunately won't have much time in the next couple of days to look into this. Is there anything in file tmp/sql_error.log?
phunkphorce
Lifetype Expert
 
Posts: 9028
Joined: Mon Aug 25, 2003 6:34 am
Location: Suomessa

Postby foei on Thu Mar 29, 2007 10:14 am

I have (a lot of) programming experience in C, C++ and Java, but hardly none in php, so I have no clue on how to debug if the parser returns no errors. This is all the info I can think of:

- the sql_error.log is empty
- setting the debug in PHP does not generate an error
- it used to work in version 1.1.6, so it's not a config error (we didn't change the config file)
- after login, we get a message saying "sorry, no access", for both admins and normal users

It almost seems as if the data retrieval from PHPBB tables works, but for some reason, the parsing to the Lifetype permissions fail. Could it be a change in permissions between 1.1.6 and 1.2 that causes normal users and admins to be classified as deactivated?

As a quick solution, would Lifetype still work if we upload the 1.1.6 files back to the server and delete the 1.2 files? (without rolling back the database?) Or would that cause errors and (in worse case) deletion of database data?
foei
 
Posts: 4
Joined: Wed Mar 28, 2007 4:21 pm

Postby phunkphorce on Thu Mar 29, 2007 10:28 am

Oh... I thinking we're getting somewhere. I think the problem is that wizard.php did not take into account users whose data was stored in an external system when updating them to use the permissions system in 1.2, so the problem now is that all your users are missing a permission login_perm, which prevents them from logging in.

This clearly is a bug on our side and we will have to do something about it to fix it. In the meantime you've got two options:

Option 1: edit the file class/admin/action/adminloginaction.class.php and remove the following code:

Code: Select all
        if( !$userInfo->hasPermissionByName( "login_perm" )) {
               $this->_view = new AdminDefaultView();
                $this->_view->setErrorMessage( $this->_locale->tr("error_cannot_login"));
            $this->setCommonData();
            
            $pm->notifyEvent( EVENT_LOGIN_FAILURE, Array( "user" => $this->_userName ));
                return false;
   }


This will effectively allow any user to log in, even if they don't have the login_perm permission. The lack of permissions will probably cause issues with users who are not blog owners, but at least blog owners should have full access to the interface.

Option 2: restore your database backup and go back to 1.1.6, at least until we can fix the installer.

Sorry about the mess, but if I had to choose I would go for option 2.

I've logged a bug report in our bug-tracking system, I'll upload a patch for wizard.php as soon as we have it: http://bugs.lifetype.net/view.php?id=1247
phunkphorce
Lifetype Expert
 
Posts: 9028
Joined: Mon Aug 25, 2003 6:34 am
Location: Suomessa

Postby foei on Thu Mar 29, 2007 10:58 am

Sorry to bother you with more questions. :)

Option 2 would be okay if we didn't have to update the database. Unfortunately, our backup is from last Saturday and a lot of users have added new entries. If we do not have to update the database, we would definately use option 2. But rolling back the database to last Saturday is something I would rather do if anything fails.

About option 1, will unregistered users be able to start a blog and will blogowners of any kind be able to visit the admin and config area for the whole Lifetype installation? Our site is quite popular, but also amongst people who want to hack. If it poses a big thread or if settings could be altered of the entire Lifetype installation, I am afraid to remove any protection.

Would it be possible to change the table manually? I have checked our database, and these are the values in the phpbb2_users table:

id
phpbb_id
full_name
about
properties
resource_picture_id
status

So there needs to be an extra column to this table called login_perm? And the default value is 1? Or do all the users need to be added to users_permissions table?
foei
 
Posts: 4
Joined: Wed Mar 28, 2007 4:21 pm

Postby phunkphorce on Fri Mar 30, 2007 7:53 am

There are three tables involved in the permissions system: lt_users, lt_permissions (this one contains a list of permissions) and lt_users_permissions, which links user ids with permissions ids.

What you should do first is check how the lt_users_permissions looks like in the database.

Then you should at least grant the permission whose name is "login_perm" to all your user ids, but the user ids are the ones coming from phpbb (not the ones in the lt_phpbb_users table)
phunkphorce
Lifetype Expert
 
Posts: 9028
Joined: Mon Aug 25, 2003 6:34 am
Location: Suomessa

Postby tszming on Sat Mar 31, 2007 12:44 pm

what i am thinking about is should LT has a standardized login/register api?

so when you want to integrate your application with LT, you don't need to have any knowledge abt LT's database schema, you just need to call the API?

even better, this API should be language netural, i.e. called via HTTP get
tszming
 
Posts: 41
Joined: Thu Mar 09, 2006 1:17 pm

Postby phunkphorce on Sat Mar 31, 2007 1:20 pm

That's the way it currently works, your custom code running on top of LT doesn't need to know where the user data is coming from and everything is nicely abstracted by the Users class. What happened here is that wizard.php made some wrong assumptions... I'm currently looking into it and I'm expecting to have a fix for it soon.
phunkphorce
Lifetype Expert
 
Posts: 9028
Joined: Mon Aug 25, 2003 6:34 am
Location: Suomessa

Postby heriniaina on Tue Apr 10, 2007 7:38 am

I don't know if it is already fixed.

If not, you can add this in the adduser() method

Code: Select all
   $perms = new Permissions();
   $loginPerm = $perms->getPermissionByName( "login_perm" );
   $userPerms = new UserPermissions();
   $userPerm = new UserPermission( $serauser->id, 0, $loginPerm->getId());
   $userPerms->grantPermission( $userPerm );


Don't forget to add
Code: Select all
   lt_include( PLOG_CLASS_PATH."class/dao/permissions.class.php" );
   lt_include( PLOG_CLASS_PATH."class/dao/userpermissions.class.php" );   


in the beginning.
heriniaina
 
Posts: 68
Joined: Thu Mar 09, 2006 11:57 am

Postby phunkphorce on Tue Apr 10, 2007 1:44 pm

No it's not fixed yet. It is a major and unfortunate issue but I am a bit short on time lately so I haven't had a look at it yet... In the meantime I would recommend anyone who is running a LT 1.1.x integrated with phpbb2 or any other system not to upgrade and wait until 1.2.1, 1.2.2 or whenever this issue is fixed.
phunkphorce
Lifetype Expert
 
Posts: 9028
Joined: Mon Aug 25, 2003 6:34 am
Location: Suomessa


Return to LifeType 2.0 Development

cron