Codeigniter single site log on_问答_开发者_运维开发者技术经验分享

I am trying to have it so if I log on from 1 part of my site, it will log on to the other parts also.

Some Notes:

All logins connect to the same database... lets call it db1
Site 1's table is phpfox
Site 2's table is vbulletin
Right now it successfully logs into phpfox but I can't figure out how to login to the forums also.... I've added a few lines of code below to try to do this but I can't figure it out:
The problem is I have to keep logging in on each part of my website (using the same username and password)

Here is my current code:

function login($username, $password, $passClean = null)
{

    $this->faildLogins = new DB_FaildLogins();

    $ip = $this->input->ip_address();

    $faildLogins = $this->faildLogins->getFaildLoginsByIp($ip);

    if($faildLogins){
        if($faildLogins->bannedTime > 0){
            $timeElapsed = ($faildLogins->lastTryDate + $faildLogins->bannedTime)-time();
            if($timeElapsed > 0){
                return sprintf('Your ip (%s) was banned for %s please try again after expire ban time!', $this->input->ip_address(), seconds2HumanTimeFormat($timeElapsed));
            }
        }
    }

    $result = $this->user_model->get_login_info($username);

    if ($result) {
        if ($result->status == 'pending') {
            return 'INACTIVE';
        }

        if ($result->status == 'rejected') {
            return 'REJECTED';
        }   


        if ($password === $result->password) {
            $this->CI->session->set_userdata(array('id'=> $result->id));

            $this->user_model->addUserLogin($result->id);

            $faildLogins = $this->faildLogins->getFaildLoginsByIp($ip);
            if($faildLogins){
                $this->faildLogins->resetFaildLoginToIp($ip);
            }
            return TRUE;

        // If passwords don't match
        } else {

        @mysql_connect('localhost', 'db1', 'db1_password') or die ("Can't connect to DB!");
        @mysql_connect('localhost', 'db1', 'db1_password', true) or die ("Can't connect to DB!");
        @mysql_select_db('phpfox') or die ("Can't select DB!");
        @mysql_select_db('vbulletin') or die ("Can't select DB!");

            $phpFoxUser = mysql_fetch_array(mysql_query("SELECT * FROM `phpfox_user` WHERE `user_name` = '{$username}'"), MYSQL_ASSOC);

            if($phpFoxUser['user_name'] == $username AND 
                    $phpFoxUser['email'] == $result->email AND
                    md5(md5($passClean).md5($phpFoxUser['password_salt'])) == $phpFoxUser['password']) {

                $DBUsers = new DB_Users();
                $rows['id']             = $result->id;
                $rows['password']       = md5($passClean);

                if($DBUsers->saveIt($rows)) {
                    $this->开发者_如何学JAVACI->session->set_userdata(array('id'=> $result->id));
                    return TRUE;
                } else {
                    $this->faildLogins->addFaildLoginToIp($ip);
                    return FALSE;
                }
            } else {
                $this->faildLogins->addFaildLoginToIp($ip);
                return FALSE;
            }
        }

    } else {
        @mysql_connect('localhost', 'db1', 'db1_password') or die ("Can't connect to DB!");
        @mysql_connect('localhost', 'db1', 'db1_password', true) or die ("Can't connect to DB!");
        @mysql_select_db('phpfox') or die ("Can't select DB!");
        @mysql_select_db('vbulletin') or die ("Can't select DB!");

        $result = mysql_query("SELECT * FROM `phpfox_user` WHERE `user_name` = '{$username}'");
        $phpFoxUser = mysql_fetch_array($result, MYSQL_ASSOC);

        if($phpFoxUser['user_name'] == $username AND md5(md5($passClean).md5($phpFoxUser['password_salt'])) == $phpFoxUser['password']) {

            $DBUsers = new DB_Users();
            $rows['username']           = $phpFoxUser['user_name'];
            $rows['password']           = md5($passClean);
            $rows['usergroup']          = 'user';
            $rows['email']              = $phpFoxUser['email'];
            $rows['activationCode']     = md5(time());
            $rows['status']             = 'approved';
            $rows['registerDate']       = time();
            $rows['registerIp']         = $this->input->ip_address();
            $rows['hash']               = uniqid(rand().rand().rand(), true);

            $newUserId = $DBUsers->saveIt($rows);

            if($newUserId) {
                $this->CI->session->set_userdata(array('id'=> $newUserId));
                return TRUE;                    
            } else {
                return false;
            }


        } else {
            $this->faildLogins->addFaildLoginToIp($ip);
            return FALSE;
        }

        //md5( md5($sPassword) . md5($sSalt) )
    }

    $this->faildLogins->addFaildLoginToIp($ip);
    return FALSE;
}

Set a session variable to something unique to your user, like userid.

$_SESSION['UserId'] = $id;

Then, check for the session variable at the top of your login function.

if (isset($_SESSION['UserId']) // user already logged in
  $ret = 'ACTIVE';

Then at the bottom of your function

return $ret;

BTW: I would get rid of the multiple returns in your function and use the $ret variable as in my example. Also, don't forget to delete your session variable when the user logs out: