noj75 Posted April 1, 2015 Share Posted April 1, 2015 Hi all, I am creating an external page that pulls the member data from the database, that is no problem. I need to create a logout link on this external page but am unable to do this as I do not know how to get the current (logged in) members CSRF Key. So when I point the link to forum/logout/ I get the The CSRF protection key did not match, error page. Does anyone know how I can get the CSRF key data to be able to log the user out please?Kind regards Link to comment Share on other sites More sharing options...
noj75 Posted April 2, 2015 Author Share Posted April 2, 2015 Anyone please? Link to comment Share on other sites More sharing options...
newbie LAC Posted April 2, 2015 Share Posted April 2, 2015 Hello,\IPS\Session::i()->csrfKey Link to comment Share on other sites More sharing options...
noj75 Posted April 2, 2015 Author Share Posted April 2, 2015 @newbie LAC you are an absolute star! Thank you very much! Link to comment Share on other sites More sharing options...
Vikestart Posted April 2, 2015 Share Posted April 2, 2015 Hello, \IPS\Session::i()->csrfKey I tried this, but my external page shows a different key from the one on the forums, so I'm getting did not match error. Link to comment Share on other sites More sharing options...
noj75 Posted April 3, 2015 Author Share Posted April 3, 2015 I tried this, but my external page shows a different key from the one on the forums, so I'm getting did not match error. Off to work for a few hours but I will post my full code for you when I return. Link to comment Share on other sites More sharing options...
noj75 Posted April 4, 2015 Author Share Posted April 4, 2015 @newbie LAC EDIT: Sorry, I meant @VikestartThe code below works fine for me. Hopefully this will help you out. Sorry for the delay. <?php /* ############### CALL THE IPS MEMBER INFO ############### */ require_once( 'path/to/your/init.php' ); \IPS\Session\Front::i(); $memCSRF = \IPS\Session::i()->csrfKey; $member = \IPS\Member::loggedIn(); /* ### SET THE MEMBER VARIABLES ### */ $memName = $member->name; $memEmail = $member->email; $memID = $member->member_id; /* ############### END IPS MEMBER INFO ############### */ ?> <!doctype html> <html> <head> <meta charset="utf-8"> <title>Untitled Document</title> </head> <body> <p>Hello <?php echo $memName; ?></p> <p><a href="forum/logout/?csrfKey=<?php echo $memCSRF; ?>">Logout</a></p> <!-- ## CHANGE THE LINK TO YOUR LOGOUT PAGE ## --> </body> </html> Link to comment Share on other sites More sharing options...
Vikestart Posted April 4, 2015 Share Posted April 4, 2015 Yeah, I know, I'm using the same code, but I'm getting two different keys The key I'm getting on my external page doesn't match the key generated in the IPS suite.. Link to comment Share on other sites More sharing options...
newbie LAC Posted April 5, 2015 Share Posted April 5, 2015 Yeah, I know, I'm using the same code, but I'm getting two different keys The key I'm getting on my external page doesn't match the key generated in the IPS suite.. Check your cookie settings How to generate the key /* Set ID */ $this->id = session_id(); /* Crate csrf key */ $this->csrfKey = md5( "{$this->member->email}&{$this->member->member_login_key}& " . ( $this->member->member_id ? $this->member->joined->getTimestamp() : 0 ) . '&' . $this->id ); I think you have 2 cookies prefix_IPSSessionFront. For site and for forum. Link to comment Share on other sites More sharing options...
Vikestart Posted April 5, 2015 Share Posted April 5, 2015 What do you mean?My cookie settings are as follows:define('COOKIE_DOMAIN', '.tswdb.com'); define('COOKIE_PREFIX', 'sanctdbforums_'); define('COOKIE_PATH', '/');The main website is http://www.tswdb.com/ and the forums is at http://sanctuary.tswdb.com/ Link to comment Share on other sites More sharing options...
lilgezuz Posted April 8, 2015 Share Posted April 8, 2015 Do any of you know a way to login from an external page? I'm getting it to login but after login I have to visit from forum directory then if I go back to my external page all my info will show up correctly Link to comment Share on other sites More sharing options...
JEFF MACK Posted April 18, 2015 Share Posted April 18, 2015 So what is the final answer here to find the CSRFKEY?md5( email + login key + member_Id + joined + id) ? Link to comment Share on other sites More sharing options...
La-li-lu-le-lo Posted June 4, 2017 Share Posted June 4, 2017 Thank you noj75 and Newbie! Link to comment Share on other sites More sharing options...
JEFF MACK Posted June 5, 2017 Share Posted June 5, 2017 On 4/18/2015 at 6:09 PM, JEFF MACK said: So what is the final answer here to find the CSRFKEY? md5( email + login key + member_Id + joined + id) ? I am not using PHP, can anyone tell me how its put together in layman terms like above? Link to comment Share on other sites More sharing options...
La-li-lu-le-lo Posted June 5, 2017 Share Posted June 5, 2017 I'm not sure how it works as of now I only learned about csrfKeys yesterday but noj75's code allows me to build login, logout and get the member's ID so I can query all the information I need from the database. Do you need help understanding the concept or putting the code (PHP) together? I was planning on learning more about csrfKeys today but I can help you put the code together if that is what you need. Question guys, what is the best way to check for an active session? As of now I'm using: $_SESSION['ips4_member_id'] Would you recommend another method? Thank you. Edit: Actually that's not working. I'm forced to use: if(isset($memID) && !empty($memID)){ } else{ } I'm sure there's a better way. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.