Linking to existing user table
avinn
so that only the site's registered users are able to comment?
Or (more preferably) a way to differentiate user comments from visitor
comments?
Scott Merrill
> Is it reasonably possible to integrate Habari with an existing website
> so that only the site's registered users are able to comment?
The Habari database class isn't really built to connect to extant
non-Habari tables. We do have a DB::table() method that allows you to
define a table that Habari should be able to use:
DB::table('other_user_table');
This would let you make queries like this:
DB::get_var( 'SELECT foo FROM {other_user_table} where bar=1');
There exists in the User::authenticate() method a call to the
user_authenticate plugin filter, which is intended to be used to allow
plugins to override the default Habari user mechanism. You could
write a plugin that allows folks to log in using their credentials
from the other system; and then write a comment plugin filter that
only permits comments to be saved from people who are logged in (ie:
User::identify() returns a valid user object).
> Or (more preferably) a way to differentiate user comments from visitor
> comments?
There's no firm mechanism for this, because there are quite possibly
lots of people who might use the same nickname when commenting. You'd
need to match all three values of name, email, and URL to reasonably
identify users from regular visitors and even this is imprecise.
Perhaps you could write a plugin that saves a CommentInfo record for
each comment created by a logged-in user? Then you could query for
the existence of that record:
if ( $comment->info->registered_user ) { // do stuff }
Cheers,
Scott
avinn
> each comment created by a logged-in user? Then you could query for
> the existence of that record:
> if ( $comment->info->registered_user ) { // do stuff }
Can I also show a different form for logged-in users, with just one
input field (for the comment)?
My app has a simple User class where $User->logged returns TRUE while
a user is logged in and $User->userid returns their id. So:
if ($User->logged) {// show simplified comment form}
else {// show Habari default comment form}
I'm fresh to coding and PHP OOP so it will take me a while to
understand Habari classes and plugins and be able to make changes. If
you could elaborate on the following record and subsequent query it
would help a lot:
> Then you could query for the existence of that record:
> if ( $comment->info->registered_user ) { // do stuff }
collection script. Can I put it in spamchecker.plugin.php? Then
perhaps:
$comment->info->registered_user = $User->userid; // user id as
record value
And now the query: I haven't found the script that prints out the
comments yet but I assume that's where the query should be? A little
help here would also be great. So here I can use the returned record
value to put a link beside commenter's name to their profile within my
app. And if there's no record the comment is treated as a visitor
comment.
Scott Merrill
>
> > Perhaps you could write a plugin that saves a CommentInfo record for
> > each comment created by a logged-in user? Then you could query for
> > the existence of that record:
> > if ( $comment->info->registered_user ) { // do stuff }
>
> I think this is great.
> Can I also show a different form for logged-in users, with just one
> input field (for the comment)?
You can. You'd need to add a conditional check inside your theme's
commentform.php file (or whatever file contains the form, obviously).
For logged-in users, you should still pass along the username, email
and URL via hidden form fields. (Note: if you inspect
feedbackhandler.php you can determine whether this is absolutely
necessary for logged-in users -- I'm writing off the top of my head
without checking this.)
> I'm fresh to coding and PHP OOP so it will take me a while to
> understand Habari classes and plugins and be able to make changes. If
> you could elaborate on the following record and subsequent query it
> would help a lot:
>
>
> > Then you could query for the existence of that record:
> > if ( $comment->info->registered_user ) { // do stuff }
>
> I assume the record is created by a plugin called by the form
> collection script. Can I put it in spamchecker.plugin.php? Then
> perhaps:
> $comment->info->registered_user = $User->userid; // user id as
> record value
I don't recommend you modify the spamchecker plugin. What you want is
a pretty specific action, so it ought not be too hard to make a plugin
to do just this. Here's a completely untested plugin that shows what
you should do:
http://pastoid.com/r0
Note that you'll need to obtain the $User object somehow inside the
act_comment_insert_after method.
> And now the query: I haven't found the script that prints out the
> comments yet but I assume that's where the query should be? A little
> help here would also be great. So here I can use the returned record
> value to put a link beside commenter's name to their profile within my
> app. And if there's no record the comment is treated as a visitor
> comment.
Inside your theme's comments.php (or whatever file handles the loop
for displaying comments on posts), you'd add a simple conditional:
if ( isset( $comment->info->registered_user ) ) { // show the link }
Cheers,
Scott
Michael C. Harris
--
Michael C. Harris, School of CS&IT, RMIT University
http://twofishcreative.com/michael/blog
avinn
> a pretty specific action, so it ought not be too hard to make a plugin
> to do just this. Here's a completely untested plugin that shows what
> you should do:
> http://pastoid.com/r0
> Note that you'll need to obtain the $User object somehow inside the
> act_comment_insert_after method.
blocking my session data?
$_SESSION['User'] == 0; // returns true within Habari
When I navigate away I can read $_SESSION['User'] again.
Btw, I'm testing on Win localhost with XAMPP. My app is in the root
and Habari in subfolder "blog". I renamed my user class to be
different from Habari's.
Scott Merrill
>> I don't recommend you modify the spamchecker plugin. What you want is
>> a pretty specific action, so it ought not be too hard to make a plugin
>> to do just this. Here's a completely untested plugin that shows what
>> you should do:
>> http://pastoid.com/r0
>> Note that you'll need to obtain the $User object somehow inside the
>> act_comment_insert_after method.
>
> I can't seem to obtain my $User object within Habari. Is Habari
> blocking my session data?
>
> $_SESSION['User'] == 0; // returns true within Habari
>
> When I navigate away I can read $_SESSION['User'] again.
Habari registers its own session handler. See the PHP docs for sessions:
http://us3.php.net/manual/en/ref.session.php
Habari stores session data in the Habari database (in the sessions
table). As such, I don't think Habari has any access to session data
from non-Habari applications (and such applications can't access
Habari's session data).
If possible, I would suggest that you try storing your user IDs in a
cookie, to see if you can then get the cross-pollination between
Habari and your application that you need. If that works, you can
then investigate more secure ways to transmit that data.
Cheers,
Scott
avinn
suggestions I'm still unable to access my app's session data from
within the /blog/ subfolder. Learned a deal about sessions though,
just not enough ;)
I just tried out the cookie suggestion and had better initial results.
The test cookie I set right after loggin in the user is accessible
from blog/system/themes/k2/header.php. Now I'm going to test with real
user IDs and I hope I'm able to access the necessary data from my user
table to make the changes I need to the comment mechanism.
avinn
I finally managed to bridge my app to Habari by storing the user ID in
a cookie. The cookie just tells Habari whether the commenter a
registered user of my main app or not. Some security may be
compromised as a visitor might be able to post a comment as a
registered user, but my main app is safe. I tried to improve on
security by hashing the id with a bit of salt before setting the
cookie. The problem is, even though the hash is different for each
user, it stays the same from login to login. I'm still searching for a
good way to salt by random.
Thank you Scott.