如何通过外部脚本登录joomla?

时间:2010-01-15 23:03:58

标签: php joomla joomla1.5

我们的网站上有一个独立的脚本,与Joomla 1.5安装相邻。我们使用Joomla身份验证来限制对脚本的访问。此时,我们将任何未经授权的用户重定向到Joomla站点以进行登录。但是,我们希望在脚本中添加登录功能。有谁知道如何使用用户名/密码从外部脚本登录joomla?谢谢!

5 个答案:

答案 0 :(得分:15)

<?php
//http://domain.com/script/script.php?username=username&passwd=password

define( '_JEXEC', 1 );
define('JPATH_BASE', '../' );
define( 'DS', DIRECTORY_SEPARATOR );
require_once('../configuration.php');
require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );
require_once ( JPATH_BASE .DS.'libraries'.DS.'joomla'.DS.'factory.php' );

/* Create the Application */
$mainframe =& JFactory::getApplication('site');
jimport('joomla.plugin.helper');

$credentials = array();
$credentials['username'] = JRequest::getVar('username', '', 'method', 'username');
$credentials['password'] = JRequest::getVar('passwd', '', 'method', 'passwd');

//perform the login action
$error = $mainframe->login($credentials);
$user = JFactory::getUser();
//now you are logged in

$mainframe->logout();
//now you are logged out

答案 1 :(得分:7)

对于Joomla 3.x,下面更干净,更有帮助。下面的代码将验证硬编码的用户名和密码。如果用户存在,则会将其重定向到index.php页面。

<?php
/**
 * Joomla! External authentication script
 *
 * @author vdespa
 * Version 1.0
 *
 * Code adapted from /index.php
 *
 * @package    Joomla.Site
 *
 * @copyright  Copyright (C) 2005 - 2014 Open Source Matters, Inc. All rights reserved.
 * @license    GNU General Public License version 2 or later; see LICENSE.txt
 */

if (version_compare(PHP_VERSION, '5.3.1', '<'))
{
    die('Your host needs to use PHP 5.3.1 or higher to run this version of Joomla!');
}

/**
 * Constant that is checked in included files to prevent direct access.
 * define() is used in the installation folder rather than "const" to not error for PHP 5.2 and lower
 */
define('_JEXEC', 1);

if (file_exists(__DIR__ . '/defines.php'))
{
    include_once __DIR__ . '/defines.php';
}

if (!defined('_JDEFINES'))
{
    define('JPATH_BASE', __DIR__);
    require_once JPATH_BASE . '/includes/defines.php';
}

require_once JPATH_BASE . '/includes/framework.php';

// Instantiate the application.
$app = JFactory::getApplication('site');
jimport('joomla.plugin.helper');

// JFactory
require_once (JPATH_BASE .'/libraries/joomla/factory.php');


// Hardcoded for now
$credentials['username'] = 'admin';
$credentials['password'] = 'admin';


// Get a database object
$db    = JFactory::getDbo();
$query = $db->getQuery(true)
    ->select('id, password')
    ->from('#__users')
    ->where('username=' . $db->quote($credentials['username']));

$db->setQuery($query);
$result = $db->loadObject();

if ($result)
{
    $match = JUserHelper::verifyPassword($credentials['password'], $result->password, $result->id);

    if ($match === true)
    {
        // Bring this in line with the rest of the system
        $user = JUser::getInstance($result->id);

        echo 'Joomla! Authentication was successful!' . '<br>';
        echo 'Joomla! Token is:' . JHTML::_( 'form.token' );

    //perform the login action
    $error = $app->login($credentials);
    $logged_user = JFactory::getUser();
    var_dump($logged_user );
    //redirect logged in user
    $app->redirect('index.php');
    }
    else
    {
        // Invalid password
        // Prmitive error handling
        echo 'Joomla! Token is:' . JHTML::_( 'form.token' ) . '<br>';
        die('Invalid password');
    }
} else {
    // Invalid user
    // Prmitive error handling
    die('Cound not find user in the database');
}

答案 2 :(得分:1)

我建议使用以下解决方案之一:

  • 写一个特定于您脚本的login plugin
  • 在脚本中使用CURL在正常登录表单上执行POST请求(CURL也可以处理cookie。)
  • (最简单):不要通过Joomla!进行身份验证,而是通过.htaccess进行身份验证。

答案 3 :(得分:1)

我做到了这一点并且工作得很好。 假设您的自定义登录脚本是login.php 

-Go to Joomla installation directory
-Copy PasswordHash.php from this directory /root/libraries/phpass/ to your external script's folder 
-Include the PasswordHash.php in login.php 
-Create an instance of PasswordHash like this:

这是php代码片段

$phpass = new PasswordHash(10, true);
$password= "unhashed user password";
$db_password = 'Your hashed password in the database'; 
$ok= $phpass->CheckPassword( $password, $db_password );

&GT;

如果两个密码匹配,那么你就是---检查密码将返回true。 注意:您需要编写一个查询来自动检查数据库。

答案 4 :(得分:1)

在 Joomla 3.9 中推荐使用此代码。

1- 将此脚本上传到您的根文件夹。即 public_html 或 htdocs。

2- 使用您的用户名和密码更改。

3- 在浏览器中运行脚本。您将在站点而非管理员部分自动登录(您可以更改此设置)。

4- 打开受保护的页面。

<?php

define('_JEXEC', 1);

if (file_exists(__DIR__ . '/defines.php'))
{
    include_once __DIR__ . '/defines.php';
}

if (!defined('_JDEFINES'))
{
    define('JPATH_BASE', __DIR__);
    require_once JPATH_BASE . '/includes/defines.php';
}

require_once JPATH_BASE . '/includes/framework.php';

// Instantiate the application.
$app = JFactory::getApplication('site');
jimport('joomla.plugin.helper');

// JFactory
require_once (JPATH_BASE .'/libraries/joomla/database/factory.php');


$result_login = JFactory::getApplication()->login(
                    [
                        'username' => 'demo',
                        'password' => 'demo'
                    ],
                    [
                        'remember' => true,
                        'silent'   => true
                    ]
                );
                
if ($result_login==1) echo 'Login Successful'; else echo 'Invalid Login';
相关问题
最新问题