How to use the SMF user system outside of SMF

From Online Manual

Jump to: navigation, search

Hooking the SMF user system with external applications is a common issue people have. This document will help explain how to accomplish this. The first thing you will need to do is change the files that you are going to implement this on into php files. So if you have a .html or .htm extension proceding the filename of the file, rename the file with the extension at the end being .php. The reason for this is so that the php content can get parsed as php and not as html. You may ask yourself: By doing this, will it have any effects on my current page? Well the answer is no. Everything will show just the way it did before.

Call SSI.php before anything else

Before you do anything else you must call the SSI.php included with SMF. This is usually added to a header.php file (if you have one). If you do not have a header file add it to the index.php or *.php file that you are using this on. NOTE: This must be added before anything else on the file. Even before the <html> tag.

<?php
require_once('/path/to/forum/SSI.php');
?>

This is what handles the users and a few other things. If you are interested in other functions take a look at ssi_examples.php located on your forums root Dir. If you need help finding the path to your file, please view the file ssi_examples.php through your web browser adding it to the root location to your forum address, so for example: name.com/forums/ssi_examples.php will show at the top the path you will need to use.

How do I show a login/logout form?

The first that you have to do is add a login box if they are not logged in. If they are logged in show a log out link. To do this you will need to use the $context['user']['is_guest']. This is an SMF variable that checks if the user is a guest. Other variables that are available are $context['user']['is_admin'], $context['user']['is_mod'].

This is how you would show the login form.

<?php
if ($context['user']['is_guest'])
{
	ssi_login();
}
else
{
	//You can show other stuff here.  Like ssi_welcome().  That will show a welcome message like.
	//Hey, username, you have 552 messages, 0 are new.
	ssi_logout();
}
?>

Add this where ever you want the login/logout form to show on your page.

How do I redirect users after they login/logout?

Sometimes you want to redirect your users to a specific page after they login/logout using the ssi_login()/ssi_logout() functions. To do this you need to edit the call for SSI.php. So if you have:

<?php
require_once('/path/to/forum/SSI.php');
?>

It will become. (NOTE: Do not include a trailing slash with your domain)

<?php
require_once('/path/to/forum/SSI.php');
$_SESSION['login_url']='http://yoursite.com'.$_SERVER['PHP_SELF'];
$_SESSION['logout_url']='http://yoursite.com'.$_SERVER['PHP_SELF'];
?>

If you have a query string on the link ex. (index.php?action=hello) use this:

$_SESSION['login_url'] = 'http://yoursite.com' . $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
$_SESSION['logout_url'] = 'http://yoursite.com' . $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];

How do I restrict access to certain areas of my pages?

With SMF you can restrict access to certain areas of your pages. To do this you will have to make use of $context['user']['is_logged'], $user_info['groups'] and with SMF permission system.

This will be the example that we will use.

<html>
	<head>
		<title>Some Title<title>
	<head>
	<body>
		<div>
			Some stuff here.
		</div>
		<div>
			Some other stuff here that you want to protect.
		</div>
	<body>
<html>

Simple check if the user is admin.

<html>
	<head>
		<title>Some Title<title>
	<head>
	<body>
		<div>
			Some stuff here.
		</div>
		<?php
		if ($context['user']['is_admin'])
		{
			echo'
				<div>
					Some other stuff here that you want to protect.
				</div>';
		}
		?>
	<body>
<html>

Basically what that does is it checks if the user is an administrator, if they are, show the content, otherwise do not show anything at all to the user. If you want to show something if they are not admin just add an else statement after the } bracket. To change from just admin access to being logged in, change $context['user']['is_admin'] to $context['user']['is_logged'].

How to restrict access to certain membergroups. To do this you will need to find out the id of a group. To find out the ID, go to Admin > Membergroups and go over the membergroup and it will give you the ID. Admin is always 1, but is better to use $context['user']['is_admin'].

<html>
	<head>
		<title>Some Title<title>
	<head>
	<body>
		<div>
			Some stuff here.
		</div>
		<?php
		if (in_array(1, $user_info['groups']))
		{
			echo'
				<div>
					Some other stuff here that you want to protect.
				</div>';
		}
		else
		{
			echo 'Sorry you are not allowed to see this.';
		}
		?>
	<body>
<html>

The check here is in_array(IDx,$user_info['groups']). That checks if id x is in the $user_info['groups'] array. If you want to use more that one user group you can change ID number to an $allowed_groups array. Then before that you do a foreach loop. It should look like this.

<html>
	<head>
		<title>Some Title<title>
	<head>
	<body>
		<div>
			Some stuff here.
		</div>
		<?php
		$allowed_groups = array(1, 2, 3, 4, 5, 6);
		$can_see = FALSE;
		foreach ($allowed_groups as $allowed)
			if (in_array($allowed, $user_info['groups']))
			{
				$can_see = TRUE;
				break;
			}
			
		if ($can_see)
		{
			echo'
				<div>
					Someotherstuffherethatyouwanttoprotect.
				</div>';
		}
		else
		{
			//message or section to show if they are not allowed.
			echo 'Sorry you are not allowed to see this.';

			//If you want to redirect the user to another place you can use the redirectexit() function.
			redirectexit('www.simplemachines.org');
		}
		?>
	<body>
<html>

The last method is with SMF permissions. Take a look at this. Basically what you need to do is change the if statement to if(allowedTo('my_permission')). The topic linked to above will give you more details on SMF permissions.

Extras

  • If you want to redirect you users to a certain page if they are not allowed there you can use the redirectexit(). This is similar to the login/out redirect but you can use it to redirect guests as well.
  • If you do not want to allow ban members to see content you can add is_not_banned(); after the call to SSI.php.
  • If you want to block the page completely from guest access add is_not_guest('messageorreasontologin'); After the call for SSI.php.

For support involving what this guide has documented, please refer to this support topic at the SMF online community.