I'm trying the above code to set a message and redirect to a different location like this
and i'm redirecting from
example.com/somewere/index.php
to
example.com
My problem is when i get to example.com drupal doesen't keep the session,
and the message is not shown.
Any idea will be much appreciated.
chdir('../');
require_once './includes/bootstrap.inc';
require_once './includes/common.inc';
require_once './includes/module.inc';
$url = "http://".$_SERVER['SERVER_NAME'];
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
drupal_set_message(t('Your message has been sent'), 'status', TRUE);
drupal_goto($url);
i'm taking a form and some other elements of the page and putting it outside drupal in a bootstrap that has session enable.
in
example.com/somewere/
my message is there
but on example.com/
i dont get the message
the server open me a diffrent session
can it be because i use a diffrent htaccess file in example.com/somewere/
i know messages are session based
is there a way to bypass the problem because there on the same domain and same drupal just different access position ?
I would run session_get_cookie_params to see whether the path is just /. It might be that PHP sets the path to /somewhere for the session cookie and so the Drupal install in your install doesnt have a session cookie after that.
You really don't need to go to these lengths to redirect a Drupal page, something as simple as this in a custom module will do it:
function mymodule_init() {
if ($_GET['q'] == 'index.php') {
$url = "http://".$_SERVER['SERVER_NAME'];
drupal_set_message(t('Your message has been sent'), 'status', TRUE);
drupal_goto($url);
}
}
I'm not entirely sure why you would do this is though, from your message I gather this in response to a form submission? If so you'd be better off setting $form_state['redirect'] = $url in a submission handler for the form.
Related
I'm trying to determine if the user is browsing PWA on server side. On client side I can check if the browser mode is standalone via JavaScript and detect PWA, but on server side this is not an option. So I'm using simple query parameter for that. Start URL in manifest has query param isPwa appended and every time user opens PWA, it goes to https://example.com/?isPwa. What I need now is to keep that parameter while user browses PWA, so I need to set isPwa parameter to next URL that user opens if the referer URL already had isPwa parameter, but my code goes to redirection loop and I'm unable to identify the cause of this. Here's my code:
function addIsPwaQueryArg() {
$referer = wp_get_referer();
if (strpos($referer, 'isPwa') !== false) {
$location = remove_query_arg('isPwa');
wp_redirect(add_query_arg('isPwa', '', $location));
exit;
}
}
add_action('template_redirect', 'addIsPwaQueryArg');
Can someone tell me what's wrong with my code and why is it not working?
Thanks!
I have a form we want users to access only once, anonymously. We hand out randomly generated usernames and passwords to allow anonymity. I would like to delete user, log off and redirect after successful submission.
I am able to delete the user with wp_delete_user($thisId); but alwyas have a "Cannot modify header information - headers already sent" error. I'm not sure how to approach this one.
I am processing in header.php
If you process in header.php it's too late because the server is already sending the page.
Try hooking your "delete_user" function in a previous action such as init or wp like this (in functions.php):
add_action('init', 'my_delete_user_process');
function my_delete_user_process(){
// Do your stuff
$user_id = get_current_user_id()
wp_delete_user($user_id);
// Do your stuff
}
I've looked over hundreds of answers for similar issues to this but can't find anything that seems to help.
I'm running the latest version of the PHP SDK and a login to facebook button which has a generated link from getLoginUrl().
Running on my development laptop and logged in as the application developer it passes me back to the redirect url (Both the callback url when calling getLoginUrl() and the URL set in my application settings are exactly the same) I then do a getUser call which will function in these circumstances.
If i try the same process using my Iphone on the same network, logged in as the same user on facebook getUser() returns 0.
It also does the same for any other user trying to login with facebook.
Sandbox mode is disabled.
my app domains seem to be set up correctly.
I'm really unsure of what to do next.
Many thanks for your responses guys - Turns out the issue was i was sending the request from one page and redirecting back to another. This seems to upset facebook (I'm guessing it will only re-direct back to the page it was called from).
That solved the problem anyway - but many thanks for your responses.
First make sure you are maintaining sessions in your scripts with:
session_start();
at the top of your php file.
Next use something like this to test if you have a fb user and if not, redirect them to the oauth, which will just renew their token if they've already authorized by it's expired.
require_once('facebook/fb.inc');
session_start();
if (!$fbUser) {
$loginUrl = $facebook->getLoginUrl(
array(
'scope' => 'email,publish_stream,user_location',
'redirect_uri' => 'http://scubadivinglog.org/php/fblink.php'
)
);
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
Hope this helps. Let us know and if not post the code you are using.
I implement the facebook in my wordpress website and everything is working ok except one situation.
If I logout from facebook, and then I click logout in website, I get the error:
FB.logout() called without an access token.
So I replace the logout code with this:
return javascript:if(FB.getAccessToken()){FB.logout(function(){location.href='" . $url . "'})}else{location.href='" . $url . "'}";
(This is done in a wordpress hook, so that I can have the wordpress logout url)
But now, when I click logout in this situation I get a js error:
Unsafe JavaScript attempt to access frame...
How can I be able to logout safely from facebook and wordpress.
FB.Logout doesn't have an error callback and doesn't throw any js error, so it's difficult to check that situation.
Thank you!
You need to get the login status first from Facebook, and only if logged in can you call FB.logout. Try the following code.
FB.getLoginStatus(handleSessionResponse);
function handleSessionResponse(response) {
//if we dont have a session (which means the user has been logged out, redirect the user)
if (!response.authResponse) {
return;
}
//if we do have a non-null response.session, call FB.logout(),
//the JS method will log the user out of Facebook and remove any authorization cookies
FB.logout(response.authResponse);
}
I'm new to Drupal6 and spent long time searching how to implement the following feature without success: I use Drupal as front-end/doc board for a web-app. I want to mirror all user account creation, update and deletion on this web-app, i.e. send user name and password.
I started coding a little module implementing hook_user (http://api.drupal.org/api/function/hook_user/6), but I am still wondering on several question concerning this hook:
1) I can't find a doc concerning the $account fields, and thus don't know how to retrieve the user name and password.
2) The insert operation informs that "The user account is being added". Is that triggered when the user query an account or when his/her pending account creation has been approved?
3) User management on the 'slave' webapp is done through a URL interface. I only know the header("Location: http://webapp/users/add?user=martin&pwd=bla") PHP primitive, but I fear this will make a redirection, instead of just hiting the target page and continue code flow. Any suggestion?
Maybe some of you already programmed such a module, or would have links for more documentation?
Thanks in advance,
Martin
Taking a step back and looking at the big picture, you have several options.
Use OpenID (there's a core Drupal module for it) for both sites
Use LDAP (there's a really good Drupal contrib module for it)
Look at other modules offer user login sharing with other apps (such as http://drupal.org/project/phpbb or http://drupal.org/project/moodle or many others) for inspiration
Have your web app use Drupal's user table. This is relatively easy as the username is there in plaintext and the password is just MD5'ed (so no salts or anything to muddy up the waters).
Basically, hook_user is wrong. What you need to do is use hook_form_alter to change the '#validate' parameter of the login form. That way, the validate is passed to your function in your module where you are getting $form_values['username'] and $form_values['password']. You pass that on to your URL via curl. If it returns correctly, return nothing. If it doesn't return, use form_set_error and it will deny the login.
Good luck!
In order to just retrieve a response from a page, you can use drupal_http_request()
And a general security note, make sure you're authenticating and validating the requests between applications. Passing passwords in plain text via GET parameters over HTTP also makes me a little queasy, but I don't know your application set up.
Here is the final piece of code that works. Note that the password is retrieved md5ified, so the slave webapp must be able to do so as well:
function mirror_registration_user($op, &$edit, &$account, $category = NULL) {
$cmd = 'http://www.example.com/register?name='.$account->name.'&pass='.$account->pass;
if($op == 'insert'){
$cmd .= '&op=insert';
drupal_http_request( $cmd );
}
else if($op == 'delete'){
$cmd .= '&op=delete';
drupal_http_request( $cmd );
}
else if($op == 'after_update'){ // 'update' is a "before update event"
$cmd .= '&op=update';
drupal_http_request( $cmd );
}
}
Remark: in our case, registration requires admin approval. In this case, there's an 'update' event. The 'insert' event is triggered as soon as the user queries an account.
Informations for other newbies:
When trying to debug the code, one can echo $cmd to have the content of $cmd writen on top left of the following page.
If you write crapy php code and get a blank page when using the hook, you may add to Drupal/index.php the following calls: error_reporting(E_ALL);
ini_set('display_errors', TRUE);
ini_set('display_startup_errors', TRUE); that allow having debug info.