Jump to content

[Solved]'ish Integrating Prestashop into a pre-developed website


Recommended Posts

Hello All,

 

I am working on trying to access user data from prestashop for external uses on the rest of my website. I am posting it here for anyone's inputs or suggestions and once this is complete (either I figure it out or give up) I will post the results here for others to use.

 

Some Tasks:

1. Use Prestashop's user database for my entire website. Discard my current user database for the time being.

2. Be able to access the cookie/session information for a user when he/she moves throughout the entire website (online store, main site, etc).

3. Keep intact the functionality as best as possible without creating to much custom work to make this happen, for future upgrades. (Be it I know I will have to verify my work everytime there is an update).

 

My first task for myself was to create a basic webpage that a user could goto and login to the online store. So I created the following code to login and redirect the user to the my-account.php page. This code was a combination of hours of searching the forums and google.

 

<?php
if ($_submit_check == 1) {
 /* Login details have been submitted */
 define("DS", '/');
 require(".." . DS . "store" . DS . "config" . DS . "config.inc.php");
 require(".." . DS . "store" . DS . "init.php");
 $passwd = trim($pass);
 $email = trim($email);

 if (empty($email)) {
	  echo "Error: e-mail address is required!";
 } elseif (!Validate::isEmail($email)) {
	  echo "Error invalid e-mail address";
 } elseif (empty($passwd)) {
	  echo "password is required";
 } elseif (Tools::strlen($passwd) > 32) {
	  echo "password is too long.";
 } elseif (!Validate::isPasswd($passwd)) {
	  echo "Password is Invalid";
 } else {
	  global $cookie;
	  $customer = new Customer();
	  $authentication = $customer->getByEmail(trim($email), trim($passwd));
	  if ( $authentication and $customer->id ) {
		   $cookie->logged = 1;
		   $cookie->id_customer = intval($customer->id);
		   $cookie->customer_lastname = $customer->lastname;
		   $cookie->customer_firstname = $customer->firstname;
		   $cookie->passwd = $customer->passwd;
		   $cookie->email = $customer->email;
		   Module::hookExec('authentication');
		   Tools::redirect('my-account.php');
		   //echo "Success! <br><br>";
		   //echo "<a href='ext-login.php'>Click Here</a>";
	  } else {
		   echo "Failure somewhere";
	  }
 }
}
<br><br>
<form action="" method="post">
<input type="text" name="email" id="email">
<input type="password" name="pass" id="pass">
<input type="hidden" name="_submit_check" value="1">
<input type="submit">
</form>

 

The above code does in fact work, despite me not using the errors[] system from prestashop and smarty mainly cause I was having issues and I just wanted to echo out the issues which actually was an error in my typing.

 

From there I tried to make a } else { statement that went along with the above code that would hopefully identify the user if they were logged in or otherwise would tell them to Login. Either way it was going to show them the submission form because of the way I designed the page. I wanted it to be simple for now till I get things figured out.

 

So the following code is to include with the above code and just adding an else statement that I was hoping it would pull some information for me so I can say hello to the user. I actually just wanted to echo out the userid for now as a way to show progress.

 

else {
 define("DS", '/');
 include(".." . DS . "store" . DS . "config" . DS . "config.inc.php");
 include(".." . DS . "store" . DS . "init.php");
 global $cookie, $customerName, $userid, $logged;
 $useSSL = true;  // SSL Management

 if(!$cookie->isLogged()) {
	  echo "Please Login";
 } else {
	  $userid = intval($cookie->id_customer);

	  echo "Your logged in!";
	  echo $userid;

	  Tools::redirect('my-account.php');
 }
}

 

What the above code does and "is" what I am trying to figure out, is it will logout the given user and I am not for sure if it is because I have the wrong files I am including. In all the ways I have tried it just logs out the user, like it will create a new cookie session with no variables or inputed information.

 

From Rocky's website talking about cookies [click here] he talks extensively about the cookies and everything and I thank him for this. He talks about using the following code to access the cookie from outside of Prestashop, which actually in my experience so far just logs out a given user or logs me out when I access the page. It could work just not for me, and if it does work for others please let me know and I can try to adjust my code and test it again.

 

include_once('path_to_prestashop/config/config.inc.php');
include_once('path_to_prestashop/config/settings.inc.php');
include_once('path_to_prestashop/classes/Cookie.php');
$cookie = new Cookie('ps');

 

Mine Looks like the code below since I adjusted it to match my previous code:

 

define("DS", '/');
include_once(".." . DS . "store" . DS . "config" . DS . "config.inc.php");
include_once(".." . DS . "store" . DS . "config" . DS . "settings.inc.php");
include_once(".." . DS . "store" . DS . "classes" . DS . "Cookie.php");
$cookie = new Cookie('ps');

 

Fair enough, I have taken a good part of the day to figure out how the cookie works. I have found that it is encrypted which I am sure most of you will know here. I checked my settings in the Admin area and it is setup as default for Rijndael (instead of Blowfish). So I went through the Rijndael.php file to figure out how it is encrypting things.

 

This is currently where I am standing on my progress, I have created a file called "mcrypt.php" that I was trying to get my configuration information to encrypt to and match up to my cookie information.

 

I have pulled the following variables and pasted them in the mcrypt.php file for testing. I could be missing some or some could be incorrect.

 

[From /config/settings.inc.php]

_COOKIE_KEY_

_COOKIE_IV_

_RIJNDAEL_KEY_

_RIJNDAEL_IV_

 

So I started working on the Rijndael method of encoding and decoding to try to match up the output found in my cookie file with the website's output from farting around with different configurations.

 

The code listed below is what I have done but the output is different and it could be because I don't know what some of the variables are suppose to be. "$plaintext" and "$length" are two variables that I didn't find or have a clue where they are valued out at. I seen in the Blowfish file that it gives the $plaintext some value but no where else.

 

<?php
$cookiekey = "yourcookiekey";
$cookieIV = "yourcookieIV";
$mcryptkey = "yourRIJNDAELKEY";
$mcryptIV = "yourRIJNDAELIVkey";
$mcryptIV2 = base64_decode($mcryptIV);
$length = 0;
$plaintext = "";

if (($length = strlen($plaintext)) >= 1048576) { return false }
// Encrypt
$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $mcryptkey, $plaintext, MCRYPT_MODE_ECB, $mcryptIV2)).sprintf('%06d', $length);

// Decrypt
$plainTextLength = intval(substr($encrypted, -6));
$encrypted = substr($encrypted, 0, -6);
$decrypted = substr(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $mcryptkey, base64_decode($encrypted), MCRYPT_MODE_ECB, $mcryptIV2), 0, $plainTextLength);

// Echo Out Stuff
echo 'Encrypted:' . "\n";
var_dump($encrypted); // "ey7zu5zBqJB0rGtIn5UB1xG03efyCp+KSNR4/GAv14w="
echo "\n";
echo 'Decrypted:' . "\n";
var_dump($decrypted); // " string to be encrypted "

 

It outputs Jibberish like I would assume it needs to it is just not the right jibberish. And like I said above it could be because my variables are incorrect in their values or the code itself is incorrect, I went through the Rjndael file and trying to mimic it's function but not saying I did it correctly.

 

I would hope I am OVER thinking it and spinning my wheels out of control when it should be as simple as Rocky's solution. I do understand that to a point Prestashop and it's code has to be secure and not shared or made unsecure and by doing this method it may make things less secure for whoever uses it or whoever provides it to me. I would like to think that the code itself is secure enough especially if the COOKIE_KEY and RIJNDAEL_KEY and related are kept out of sight and not posted.

 

I will accept any assistance or advice on how stupid I may be in trying to figure this out. If you do know the answer and are laughing at how silly this is or the fact that you went through this whole ordeal before and figured out that is great that you did. If you are willing to help me get the answer I seak I will gladly pay you for that knowledge. I do not want to pay for knowledge of trial and error because I can do that myself.... but if you do know the answer, the key, or related please PM me and we can work out the payment details.

 

Regardless if I pay or if someone answers this and it becomes solved, I will gladly post the solution and my integration techniques and code to everyone here is the moderators/developers approve or are ok with it.

 

I am first going to be making my main site integrate into the prestashop store, but from there I plan on installing phpBB or some other forums software and will work on integrating that as well. Anything that I integrate I have no problem of giving my code away or assisting others in making their sites work (if and when I can).

 

One of the reasons I switched from PinnacleCart to Prestashop was that the forums and support seemed to be more active and everyone did seem to be more willing to help each other and that is awesome. This software will do nothing but get better! I also know that with 1.5 coming around the corner I may have to adjust my current code if I figure this out, I am willing to deal with that but again if it is as simple as what Rocky suggested then I/we shouldn't need too :)

 

Thanks to anyone reviewing this and/or willing to assist on this project.

 

Website: www.ultrasunusa.com

Store: www.ultrasunusa.com/main/store/

 

** you can see at the top of the main website pages there is a drop down login form, that I currently have disabled and you clicking on it will just take you to the register/login page of the store but that is where I want to integrate things, it will say Hello User instead of Hello Guest.

 

Setup of Server/Store:

PrestaShop 1.4.4.0
Server software Version: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a DAV/2

PHP Version: 5.2.16
MySQL Version: 4.1.22-standard

  • Like 1
Link to comment
Share on other sites

Bradley - you are headed down the exact path I want with Prestashop & phpBB3. You're knowledge on the topic is way over my head though :unsure:

 

I'm following this to see the results and can help with testing or other suggestions as I can. I already have a site that included WordPress, Prestashop and phpBB3 as seperate applications.

Link to comment
Share on other sites

Well hopefully the willing and able will help out me/us out and we can move forward on this with ease. phpBB3 should be fairly easy once I figure out this issue I am having. Back when I was working with vBulletin it took some time but figured it out and it was smooth sailing from there, just this code is a little more complicated. I am sure vB is more now as well considering I was on v1 - v3... haha.

Link to comment
Share on other sites

After more research and going through the forums and just flat out google'ing everything I could think of. Also after some assistance with Rocky on a couple of ideas I am still not closer yet but maybe soon with us putting our heads together.

 

From the standpoint of trying to decode and re-encode the cookie's security and everything that does indeed seem overkill to have to do.

 

My idea at this moment is to look at changing the $_path of the cookie to be more domain wide instead of specifically set on a given folder path.

 

I have edited one of the functions in the Cookie.php file but I think there is more I have to do than just this, which I have not yet worked out. If this makes sense to anyone and if someone wants to help feel free.

 

Changed this:

 

/**
* Setcookie according to php version
*/
protected function _setcookie($cookie = NULL)
{
 if ($cookie)
 {
	  $content = $this->_cipherTool->encrypt($cookie);
	  $time = $this->_expire;
 }
 else
 {
	  $content = 0;
	  $time = time() - 1;
 }
 if (PHP_VERSION_ID <= 50200) /* PHP version > 5.2.0 */
	  return setcookie($this->_name, $content, $time, $this->_path, $this->_domain, 0);
 else
	  return setcookie($this->_name, $content, $time, $this->_path, $this->_domain, 0, true);
}

 

To This:

 

/**
* Setcookie according to php version
*/
protected function _setcookie($cookie = NULL)
{
 if ($cookie)
 {
	  $content = $this->_cipherTool->encrypt($cookie);
	  $time = $this->_expire;
 }
 else
 {
	  $content = 0;
	  $time = time() - 1;
 }
 if (PHP_VERSION_ID <= 50200) /* PHP version > 5.2.0 */
	  return setcookie($this->_name, $content, $time, '/', $this->_domain, 0);
 else
	  return setcookie($this->_name, $content, $time, '/', $this->_domain, 0, true);
}

 

Right now all it does is not allow me to login at all in the public area of the store, so there has to be some other piece of code that needs to be adjusted. Granted again I am on v1.4.4.0 and the cookie.php may have changed since then I will look at newer versions when I get a chance tonight.

Link to comment
Share on other sites

Ok, as for now I am going to close this chapter and this topic or make it say [solved] for this round of frustrations. I have not yet installed 1.5 but I setup a secondary system using the latest 1.4.7.0 and I have tested things on three Mac computers, granted I need to try windows (IE, etc) as well as my phone.

 

I have successfully got it to work, but not in the way I am overall wanting to do so. From talking to Rocky who had a great idea for adding sub domains and setting that end up and it should work... I met that road with an impass I think mainly because of the way I have my SSL certificate setup and all that fun stuff. So I had to go against the system and change it a little and most likely it is now a little less secure. I am open to opinions and thoughts on this of course.

 

My site is not directly off the /public_html/ folder, I have it setup in a sub folder '/main/' and the store is in a folder inside that '/main/store/' and life would be ALOT easier if I did this all a different way and put my normal website files inside of the store folder but alas I setup the website years before I did a store and I honestly didn't want to go through and change the template that much to work the way I want it too.

 

So what did I do? I went and changed the Cookie.php file to no longer use the $this->_path command which makes it secure and only valid for the /main/store/ folder and sub directories under that, no .. I changed it to look for the /main/ folder and everything under it instead so that it would incorporate my entire website as it stands. Granted every year or less I get a bug up my butt to change things so I am sure this will all change again, and it may change basically because of 1.5 even though I have read that there will not be major changes just minor changes and bug fixes.

 

So here is what I did and my code, at least I went a simple route of not editing the actual Cookie.php file in the /classes/ folder I made a new cookie.php file for the /override/ folder.

 

Created "Cookie.php" file and put it in the /override/ folder with the following function+code:

 

class Cookie extends CookieCore {
public function __construct($name, $path = '', $expire = NULL)
{
 $this->_content = array();
 $this->_expire = isset($expire) ? (int)($expire) : (time() + 1728000);
 $this->_name = md5($name);
 $this->_path = '/main/';
 $this->_path = rawurlencode($this->_path);
 $this->_path = str_replace('%2F', '/', $this->_path);
 $this->_path = str_replace('%7E', '~', $this->_path);
 $this->_key = _COOKIE_KEY_;
 $this->_iv = _COOKIE_IV_;
 $this->_domain = $this->getDomain();
 if (Configuration::get('PS_CIPHER_ALGORITHM'))
  $this->_cipherTool = new Rijndael(_RIJNDAEL_KEY_, _RIJNDAEL_IV_);
 else
  $this->_cipherTool = new Blowfish($this->_key, $this->_iv);
 $this->update();
}
protected function _setcookie($cookie = NULL)
{
 if ($cookie)
 {
  $content = $this->_cipherTool->encrypt($cookie);
  $time = $this->_expire;
 }
 else
 {
  $content = 0;
  $time = time() - 1;
 }
 if (PHP_VERSION_ID <= 50200) // PHP version > 5.2.0
  return setcookie($this->_name, $content, $time, '/main/', $this->_domain, 0);
 else
  return setcookie($this->_name, $content, $time, '/main/', $this->_domain, 0, true);
}
}

 

If you are going to ask or wonder why I did this or that in this thing I am sorry, I honestly cannot explain why I did what I did, I just played with things till it worked.

 

For example the $this->_path commands that are after my edit of '/main/' were kept intact mainly cause I didn't see any harm in letting them stay there.

 

So for those who are curious and I would not really say try this on a live site unless you don't have many visitors or just like to gamble. you can create the cookie.php file and do what I did.

 

From there I created a file to my testing with the following code:

<?php
define("DS", '/');
include_once("prestashop" . DS . "config" . DS . "config.inc.php");
include_once("prestashop" . DS . "config" . DS . "settings.inc.php");
include_once("prestashop" . DS . "classes" . DS . "Cookie.php");
global $cookie;
$cookie = new Cookie('ps');

if(!$cookie->isLogged()) {
echo "Please Login";
} else {
$userid = intval($cookie->id_customer);
$firstname = $cookie->customer_firstname;
$lastname = $cookie->customer_lastname;
$emailaddress = $cookie->email;
$passw_word = $cookie->passwd;

echo "Your logged in! <br>";
echo "UserID: " . $userid . "<br>";
echo "<br>Hello " . $firstname . " " . $lastname . "<br><br>";
echo "Email: " . $emailaddress . "<br>";
echo "Password: " . $passw_word . "<br>";

Tools::redirect('my-account.php');
}
?>

 

Then I logged into the prestashop store and moved around the my account area make sure that the cookie worked and kept me logged in as I went through my categories and products. Then I went to the URL of my newly created file to see if it would output the information I am asking it to output like my name, password and etc.. and if it said I was logged in then it theoretically worked, so I would go back to the online store (usually have tabs and keep both open and at their different URL's) I would check to make sure it still had me logged in and tried both pages a few more times. Then I tried logging out through the store and made sure it could log out properly and then would refresh the other page to see if it said Please Login. It all worked then I had succeeded in my test... and so far everything worked for me.

 

Feel free to use this nugget of information or discard it, the choice is yours of course. I would however like for a developer, moderator or someone who knows this stuff like the back of their hand to tell me or tell us HOW much less secure this method of eding the cookie code is and if it is overall wiser/safer to find an alternative route. If this is the case please explain why if possible :)

 

Thanks,

 

Bradley

Link to comment
Share on other sites

Bradley,

 

I created the cookie.php file in the override\classes and created test.php. I was able to make test.php work in the root of the prestashop directory (my prestashop directory is named shop off the root). I was not able to make it work in the forum directory off the root. Maybe this is what you were trying to explain using subdomains. This was done on a PC using Firefox, on my live store running 1.4.7.0 that I took off-line to test this.

Link to comment
Share on other sites

Hey Rhapsody, sorry I have been absent getting ready for a trade show in Los Angeles.

 

I have not tried to make it work with forums as of yet, I was making it work with my custom code for my main website, the forums is the next project after I get done with some other stuff. Been tasked with developing some salon software in Visual C++ so gotta completely switch gears till after my wedding in April.

 

I have installed MAMP Pro on my laptop and am currently working on some integration stuff when I have time, going to use phpBB and FluxBB to see which one I like better but I don't know exactly when I will get this all done.

 

If you have prestashop setup as

 

~root/prestashop/

 

and inside that folder is the /forums/ folder (i.e ~root/prestashop/forums/) it should have already theoretically worked for you in the normal way without customization, because my understanding of prestashop is that anything in it's folder or sub directories is associated with prestashop as for the cookie.

 

If you are talking about it otherwise where you have it setup a little different than the cookie code may have to be altered for your use.

 

~root/prestashop (for the store)

~root/forums (for the message forums)

 

if the above is the case then you will need to alter my code to work more for the domain and not a given folder and it's sub folders.

 

I have not tested this I am just merely putting it here as a thought/suggestion, change the Cookie.php file to be:

class Cookie extends CookieCore {
public function __construct($name, $path = '', $expire = NULL)
{
 $this->_content = array();
 $this->_expire = isset($expire) ? (int)($expire) : (time() + 1728000);
 $this->_name = md5($name);
 $this->_path = '/';
 $this->_path = rawurlencode($this->_path);
 $this->_path = str_replace('%2F', '/', $this->_path);
 $this->_path = str_replace('%7E', '~', $this->_path);
 $this->_key = _COOKIE_KEY_;
 $this->_iv = _COOKIE_IV_;
 $this->_domain = $this->getDomain();
 if (Configuration::get('PS_CIPHER_ALGORITHM'))
  $this->_cipherTool = new Rijndael(_RIJNDAEL_KEY_, _RIJNDAEL_IV_);
 else
  $this->_cipherTool = new Blowfish($this->_key, $this->_iv);
 $this->update();
}
protected function _setcookie($cookie = NULL)
{
 if ($cookie)
 {
  $content = $this->_cipherTool->encrypt($cookie);
  $time = $this->_expire;
 }
 else
 {
  $content = 0;
  $time = time() - 1;
 }
 if (PHP_VERSION_ID <= 50200) // PHP version > 5.2.0
  return setcookie($this->_name, $content, $time, '/', $this->_domain, 0);
 else
  return setcookie($this->_name, $content, $time, '/', $this->_domain, 0, true);
}
}

 

If my thoughts on how things are setup for you is different please let me know how it is setup or the theory (without using your folder structure per say for security reasons) and I can come up with maybe a better way of helping you out. :)

 

Best Regards,

Link to comment
Share on other sites

I am only able to make this work if I put test.php in the shop directory. If I put it in the forum directory, it doesn't work, but when I execute test.php in the forum directory, it logs me out of prestashop. I've pasted the two files below

 

Here is the cookie.php file I put in the override:

 

/*

* Bradley Clampitt created from Prestashop 1.4.7.0 classes/cookie.php

*

*

* http://www.prestashop.com/forums/index.php?/topic/156218-solvedish-integrating-prestashop-into-a-pre-developed-website/page__view__findpost__p__762428

*

*

*

*/

 

class Cookie extends CookieCore {

public function __construct($name, $path = '', $expire = NULL)

{

$this->_content = array();

$this->_expire = isset($expire) ? (int)($expire) : (time() + 1728000);

$this->_name = md5($name);

$this->_path = '/';

$this->_path = rawurlencode($this->_path);

$this->_path = str_replace('%2F', '/', $this->_path);

$this->_path = str_replace('%7E', '~', $this->_path);

$this->_key = _COOKIE_KEY_;

$this->_iv = _COOKIE_IV_;

$this->_domain = $this->getDomain();

if (Configuration::get('PS_CIPHER_ALGORITHM'))

$this->_cipherTool = new Rijndael(_RIJNDAEL_KEY_, _RIJNDAEL_IV_);

else

$this->_cipherTool = new Blowfish($this->_key, $this->_iv);

$this->update();

}

protected function _setcookie($cookie = NULL)

{

if ($cookie)

{

$content = $this->_cipherTool->encrypt($cookie);

$time = $this->_expire;

}

else

{

$content = 0;

$time = time() - 1;

}

if (PHP_VERSION_ID <= 50200) // PHP version > 5.2.0

return setcookie($this->_name, $content, $time, '/', $this->_domain, 0);

else

return setcookie($this->_name, $content, $time, '/', $this->_domain, 0, true);

}

}

 

---------------------------------------------------

Here is my test file test.php

 

<?php

/*

* Bradley Clampitt created for testing Prestashop 1.4.7.0 modified classes/cookie.php

*

*

* http://www.prestashop.com/forums/index.php?/topic/156218-solvedish-integrating-prestashop-into-a-pre-developed-website/page__view__findpost__p__762428

*

*

*

*

*/

 

 

define("DS", '/');

include_once("../shop/config" . DS . "config.inc.php");

include_once("../shop/config" . DS . "settings.inc.php");

include_once("../shop/classes" . DS . "Cookie.php");

global $cookie;

$cookie = new Cookie('ps');

 

if(!$cookie->isLogged()) {

echo "Please Login";

 

} else {

$userid = intval($cookie->id_customer);

$firstname = $cookie->customer_firstname;

$lastname = $cookie->customer_lastname;

$emailaddress = $cookie->email;

$passw_word = $cookie->passwd;

 

echo "You're logged in! <br>";

echo "UserID: " . $userid . "<br>";

echo "<br>Hello " . $firstname . " " . $lastname . "<br><br>";

echo "Email: " . $emailaddress . "<br>";

echo "Password: " . $passw_word . "<br>";

Tools::redirect('my-account.php');

}

?>

Link to comment
Share on other sites

Interesting, my solution I knew wouldn't work for everyone and why I put Solved'ish considering no one had any other comments on it.

 

'/' should be everything inside a given domain but I could be wrong in my linking, I just don't tlike '.domainname' would work in any way to suggest that over '/' but it may be how the cookie is handled throughout both forums.

 

I am completely using only the prestashop cookie / security system in my approach and it as of yet is not interacting with anything else and maybe that is the cause unless you are doing the same...

Link to comment
Share on other sites

  • 6 months later...

Hi

Thanks for pointing me in the right direction.

I got this to work with minor modifications in my 1.5 install.

 

I use subdomains so on the server I have :

 

~/shop/ and ~/memberarea/

 

that point to :

 

shop.domain.tld and memberarea.domain.tld

 

I made the Cookie.php override and changed it for my setup, then uploaded it to ~/shop/overrides/classes/

class Cookie extends CookieCore {
public function __construct($name, $path = '', $expire = NULL)
{
 $this->_content = array();
 $this->_expire = isset($expire) ? (int)($expire) : (time() + 1728000);
 $this->_name = md5($name);
 $this->_path = '/';
 $this->_path = rawurlencode($this->_path);
 $this->_path = str_replace('%2F', '/', $this->_path);
 $this->_path = str_replace('%7E', '~', $this->_path);
 $this->_key = _COOKIE_KEY_;
 $this->_iv = _COOKIE_IV_;
 $this->_domain = $this->getDomain();
 if (Configuration::get('PS_CIPHER_ALGORITHM'))
  $this->_cipherTool = new Rijndael(_RIJNDAEL_KEY_, _RIJNDAEL_IV_);
 else
  $this->_cipherTool = new Blowfish($this->_key, $this->_iv);
 $this->update();
}
protected function _setcookie($cookie = NULL)
{
 if ($cookie)
 {
  $content = $this->_cipherTool->encrypt($cookie);
  $time = $this->_expire;
 }
 else
 {
  $content = 0;
  $time = time() - 1;
 }
 if (PHP_VERSION_ID <= 50200) // PHP version > 5.2.0
  return setcookie($this->_name, $content, $time, '/', '.domain.tld', 0);
 else
  return setcookie($this->_name, $content, $time, '/', '.domain.tld', 0, true);
}
}

 

Then I created a file mylogin.php, exactly like the one you ended up using, and uploaded it to ~/memberarea/

 

Now.. visiting memberarea.domain.tld/mylogin.php just logs me out.. but then I realized that it was because the script creates a new cookie that has not been authenticated and thus logs me out.

 

So the solution was simply to remove:

 

global $cookie;
$cookie = new Cookie('ps');

 

This has already been set in the includes anyway so it is not needed.

 

In the end mylogin.php looks like this:

 

<?php
define("DS", '/');
include_once("prestashop" . DS . "config" . DS . "config.inc.php");
include_once("prestashop" . DS . "config" . DS . "settings.inc.php");
include_once("prestashop" . DS . "classes" . DS . "Cookie.php");

if(!$cookie->isLogged()) {
echo "Please Login";
} else {
$userid = intval($cookie->id_customer);
$firstname = $cookie->customer_firstname;
$lastname = $cookie->customer_lastname;
$emailaddress = $cookie->email;
$passw_word = $cookie->passwd;

echo "Your logged in! <br>";
echo "UserID: " . $userid . "<br>";
echo "<br>Hello " . $firstname . " " . $lastname . "<br><br>";
echo "Email: " . $emailaddress . "<br>";
echo "Password: " . $passw_word . "<br>";

Tools::redirect('my-account.php');
}
?>

 

Then It worked perfectly

Edited by kemuel (see edit history)
Link to comment
Share on other sites

  • 1 year later...

Hello, I'm interesting in this way to make a login web, but I have a problem, when I add the next archives at prestashop 1.6X

 

include_once("prestashop" . DS . "config" . DS . "config.inc.php");
include_once("prestashop" . DS . "config" . DS . "settings.inc.php");
include_once("prestashop" . DS . "classes" . DS . "Cookie.php");

 

Are they in the same directory in this version?

Thank you very much.

Link to comment
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...