Integrating to my own login system

[kirsch]

I'm integrating phpfreechat (o. to my website (good job guys! this is exactly what I had been waiting for for a long time!).

So I have the nick stored in a php variable and I set it. This works. But if the user logs out (through my system) and logs in again, the old nick shows up, even though I know for a fact that I'm passing the new nick to phpfreechat. If I delete phpfreechat's cookie, the chat gets the right nick.

It seems like the cookie is taking precedence over the passed in nick (through php). Is this intended behavior and if such, is there an official way to do what I'm trying to do that I'm missing? Am I doing something wrong? Or is this a bug?

Congratulations on a great and useful thing!

Marcos

[phpfreechat]

the simple solution is to remove the phpfreechat session cookie when you logout on through your system.

try something like that :

Code: Select all

unset($_COOKIE["phpfreechat"]);

[kirsch]

This will work if user logs out. But what if user simply closes the window and lets his login timeout? Then someone logs in with a different user name in the same browser.... Any ideas?

[phpfreechat]

Then don't allow users to change their login.
Use the "frozen_nick" parameter.

However, this parameter is not totaly secure in 0.8. Wait for 1.0 for a better security.

[kirsch]

Well, it is not really viable for me to do that, because the users rarely logout, they just close the window 99% of the time and let their sesion expire.

I set the nick through:
<code>$params["nick"] = iconv("ISO-8859-1", "UTF-8", $yo['login']);</code>

I think that if the user sets the nick like this, that should overrule the cookie's value. It just makes sense. Am I wrong to think that the current behavior (cookie wins) is a bug?

[phpfreechat]

The cookies must have the priority because the nicknames can be changed by the user.

If the cookies don't have the priority then the user will not be able to change his nickname because $params["nick"] = "...."; will take priority on it.

Am I clear ?

[kirsch]

ok, makes sense...

Then, the priority should be reversed only when frozen_nick is true.

I tried unsetting the cookie and I still have problems with old nicks sticking. I'm going to do some more tests.

Marcos

[phpfreechat]

Then, the priority should be reversed only when frozen_nick is true.

No, if frozen_nick is true then it just means the initial nickname can't be changed.

If the cookie is killed, the corresponding nickname will not be disconnected from the chat. You need to wait for the timeout to be sure the user is really disconnected.
A further solution would be to add the abality to disconnect programaticaly a user from the chat : quitting the chat and cleaning his session.
In fact, it's a kind of /kick command.
But this is not yet implemented, be patient or provide a contribute

[pingo]

I've also had that problem! When an other user was logging on the same computer he got the previous nick. While reading the thread, it come to me that I could check for a cookie and if it exsist unset it while logging on. I haven't tryed it out yet!

[kirsch]

Interesting, i'll give that a shot.

Thanks

[kirsch]

OK.... I added

unset($_COOKIE["phpfreechat"]);

after a login to the system... wherever it happens. This seems to solve the "old nick sticking" problem.

I need more testing to make sure though.

pingo did you try it?

[kirsch]

I'm still running into trouble with this issue...
So I thought, instead of just unsetting the cookie variable in PHP when the user logs in, also log him out of the chat.
I believe this means I need to delete the corresponding file from the
data/private/chat/channelname/nicknames directory.
How can I tell which file corresponds to the user's nick so that I can delete it if it exists when the user logs into the system again?

Thanks

[kirsch]

I think I have this working well right now.

The following code should be executed when the user logs in to your system through your system to make sure that they can use phpFreeChat and not get a nick such as kirsch413 when their nick is kirsch (it's 4 AM here so I copy code from my system without too much cleanup):

unset($_COOKIE["phpfreechat"]);
setcookie ("phpfreechat", "", time()-60000);

$config['chat']['inc'] = "phpfreechat-0.9.1/";

$config['chat']['data'] = $config['chat']['inc'].'data/private/chat/';

$config['chat']['nicknameFolder'] = $config['chat']['inc'].'data/private/chat/mychannel/nicknames/';

$config['chat']['sessionFile'] = $config['chat']['nicknameFolder'].base64_encode(urlencode($yo['login']));

if (file_exists($config['chat']['sessionFile'])){
unlink($config['chat']['sessionFile']);
}


This seems to work well. Any comments? Has anyone else tried this?

[shanek]

Hello, all. I've set up our new site, guamislandchat.com, to use phpfreechat 0.9.3. I've had the same problem as other people in this thread; the only difference is, whenever I try to implement any of the above fixes, the chat stops refreshing. What I type goes into the chat, but I don't see it (or what other people type) untill I reload the page in my browser.

If I simply comment out the lines I put in to delete the cookie etc., the chat starts working fine again.

I've tried various permutations, but even the simplest fix of deleting the cookie makes the chat stop refreshing.

Why is this happening, and how can I get the auto-refresh back after deleting the cookie?

[youngcalihottie]

ok now im back at square one. i did more testing and i'm still stuck at the original problem. if a user logs out and a different user logs in, it is still keeping the previous users nick. the fixes so far do not work for me. does Stéphane have any advice for me? i hope!