Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
Jason Brown_41238 Posted April 3, 2016 Posted April 3, 2016 Hi I'm trying to create an additional way for people to login using the "External Data" base under "Login Handlers" I filled out everything correct and matched it to the data base but now I am getting this error message. IPS\Db\Exception: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 (1064) What I don't understand is if the problem is in IPB4 or something in the Actually MYSQL data base that i'm trying to reference. Any insight? I feel like I'm really close and this shouldn't be that hard.
bfarber Posted April 8, 2016 Posted April 8, 2016 Check the system logs to verify the full SQL query that errored out. It's hard to say for sure without seeing the full query that triggered the error.
Jason Brown_41238 Posted April 8, 2016 Author Posted April 8, 2016 @bfarber I got most of it to work except for the pass word is not recognized. I posted some of the code and screen shots in another post. Would you b able to give me any further insight. I tried the whole "1 = 1" thing it gets me pass the error code but again the password is not recognized for the login handler user
newbie LAC Posted April 8, 2016 Posted April 8, 2016 On 03.04.2016 at 8:40 AM, Jason Brown_41238 said: IPS\Db\Exception: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 (1064) This error was resolved here 2 hours ago, Jason Brown_41238 said: I got most of it to work except for the pass word is not recognized. See Password Encryption Type (The format that the password is stored in. If using an encryption type not specified, you will need to modify the _External::checkPassword method in the /system/Login/External/External.php file.) @bfarber I don't see the folder External and can't find method _External::checkPassword I found the above setting in system/Login/External.php /** * Encrypt Password * * @param string $password The password * @return bool */ protected function encryptedPassword( $password ) { switch ( $this->settings['db_encryption'] ) { case 'md5': return md5( $password ); case 'sha1': return sha1( $password ); default: return $password; } }
Jason Brown_41238 Posted April 10, 2016 Author Posted April 10, 2016 Hi @newbie LAC Here is a screen shot. I still can't seem to find it. It dead ends at Login, but I do not see an "external.php" folder. thanks in advance for your help. I know I'm really close.
Daniel F Posted April 11, 2016 Posted April 11, 2016 There's no external folder. The external login handler is a file located in system\Login\External.php
bfarber Posted April 11, 2016 Posted April 11, 2016 On 4/10/2016 at 9:13 AM, Jason Brown_41238 said: Hi @newbie LAC Here is a screen shot. I still can't seem to find it. It dead ends at Login, but I do not see an "external.php" folder. thanks in advance for your help. I know I'm really close. How are passwords stored in your front end system you are connecting to? Are they plain text, MD5 hashed, sha1 hashed, or stored in some other manner?
Jason Brown_41238 Posted April 11, 2016 Author Posted April 11, 2016 @bfarber it is a Wordpress site and is stored in MD5 which I have set as the password type in the "password encryption" box. So I would imagine I do not have to edit the PHP file if I ever found it lol... After some more reading I am understanding that the password is hashed in MD5 with Salt? ... I feel like I'm going int to never never land now...
bfarber Posted April 11, 2016 Posted April 11, 2016 Well, the file is at system/Login/External.php, and actually you may need to modify it because I think Wordpress salts its hashes (similar to what we do), but to simplify things you may be interested in this instead:
Daniel F Posted April 11, 2016 Posted April 11, 2016 I have found a bug in the external login handler, which will be fixed in 4.1.12
Ryan Ashbrook Posted April 11, 2016 Posted April 11, 2016 @bfarber is correct - WordPress used to do simple md5() hashing on the password, however have since migrated to a much more secure method. For reference, you can take a look at the file at /system/Login/Convert.php - the wordpress() method here. It accommodates for both. But yes, as an alternative there is a pre-built WordPress SSO plugin available in the marketplace as noted.
Jason Brown_41238 Posted April 11, 2016 Author Posted April 11, 2016 @Ryan Ashbrook thanks Ryan. I feel like I keep buying stuff and it doesn't work how it's being sold. When I purchased IPB4 it seems the login handler would be simple to configure but it's not, so no problem. I bought the commerce link as it's sold that it will handle your membership registrations and payments so I don't have to rely on my Wordpress registration, and it does not function the way Invision Powers check out pages work. It takes a person to click on the item, add the item to the cart, confirm the cart, check out of the cart.. It's like 4-5 steps before they can even pay. It's not smooth like when I purchased my IPB4. Now theres this Wordpress plugin that I'm not so confident in buying knowing none of these come with a refund and there is little support on how it all works.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.