phpBB WordPress 2.4.0 integration: 1001 ways, 1001 logs - how to

Post a reply


This question is a means of preventing automated form submissions by spambots.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[url] is ON
Smilies are ON

Topic review
   

If you wish to attach one or more files enter the details below.

Maximum filesize per attachment: 1 MiB.

Expand view Topic review: phpBB WordPress 2.4.0 integration: 1001 ways, 1001 logs - how to

Re: phpBB WordPress 2.4.0 integration: 1001 ways, 1001 logs - how to

by axew3 » Wed Dec 15, 2021 10:53 am

Running Integration with mismatching USERNAMES/EMAILS

by axew3 » Sun Dec 27, 2020 10:42 pm

INTEGRATION WITH MISMATCHING USERNAMES/EMAILS
Since 2.4.0 the integration run effectively by email (but also by username, sometime, without wasting resources).
You may need to be sure to have unique email/usernames pairs into phpBB, but maybe not.
Consider that if more users are sharing same email in phpBB, when a profile update is done into wordpress by an user, which email is associated to more different usernames into phpBB, then the update (change email or password), will happen for all these users in phpBB.
That's maybe exactly what you'll want, maybe not.
Also, consider that with mismatching usernames/email pairs, you'll may allow email change for users ONLY into WordPress, because the email change update, when it occur, will happen at same time also into phpBB.

Beware that if an user change email in phpBB, with a mismatching username in WordPress, this can happen:
if the same email and username is not found in WP, a new user will be created in WordPress, when the same user as logged in will visits WP side, or when he will login in WP (may because after purged of unwanted characters the username will result as not existent in WordPress)

Into an integration running with mismatching usernames/emails may it is NOT ALLOWED TO let users to REGISTER, LOGIN AND UPDATE EMAIL ON BOTH PHPBB OR WORDPRESS. You have to choose: it is REQUIRED to allow users REGISTRATION, LOGIN AND change EMAIL ONLY in WordPress.

UPDATING FROM 2.3.9

by axew3 » Tue Dec 22, 2020 2:44 pm

UPDATING FROM 2.3.9

NOTE - iframed page-forum and the WP user ID1 and phpBB user ID2 default install admins
:
WP UID1 and phpBB UID2 are not linked anymore. So if you are logged with the default install admin, remember that you should also update the page-forum.php, rebuilding or substituting it manually with the latest (that fix also another secondary bug), or when visiting the WP page forum, this user will fall into a page reload loop. Nothing dramatic, anyway you are warned that with the user ID1 (ID2 in phpBB) and old page-forum this will happen.

To setup things as required on 2.4.0, this step is required: allow users to update their email only in one CMS. Choosing WordPress, so it is required to disable user's email update in phpBB profiles

DISABLE EMAIL UPDATE IN PHPBB USER'S PROFILES

ACP -> TAB System -> User Control Panel -> click into Profile then for the Edit account settings module, click into Disable to disable the user's account settings module. So the Edit account settings tab, where it is possible to update user's email and password in phpBB ucp, will not be anymore accessible, while all the rest of phpBB profile options will be still available to phpBB users.

It will be your task to avoid user's email update in WordPress if you choose to let users update emails in phpBB.

Remember that if usernames/email pairs are mismatching between phpBB and WP users, then it is required that you avoid email update and registrations for users into phpBB.

WordPress to phpBB integration way

An example updating:

the scenario here, where i'm updating from 2.3.9 is where username/email pairs are all the same (but remember that the integration works by email now, so can be used also with mismatching usernames/email pairs: in this case the configuration require to allow users to register, login and update email ONLY into the same CMS). Here, phpBB do not contains usernames with forbidden chars in WP, so usernames are the same on both WP and phpBB, and if an user register in phpBB, since i setup phpBB ACP option to allow usernames characters as "Only Letters, Numbers and spacers" , the user will be ever added the same in wordpress. It will be the same letting register users in WordPress, they will be added in phpBB the same, without changing any setting in WP. But i do not like this configuration in this case. This is my case/requirement here. You'll see why following to read

If a phpBB username contain forbidden chars in WordPress, as code is at moment, it will be purged, read this to know how it work: viewtopic.php?p=4944#p4944
the verify_credentials function, contain this comment, may useful to read for anyone:
[code] // !!! NOTE IMPORTANT !!!!
// loop if email changed in phpBB and username do not match on both phpBB and WP
// running integration with mismatching usernames/pairs, it is required to allow registration/email update ONLY in WP OR phpBB
// if email changed in phpBB, with mismatching usernames, it will cause a re-login on-fly for the user by the way
// Cases: if also username mismatch, a logout. If phpBB username contain forbidden chars, and do not exist in WP, added as new user, if no email and nor username found in wp.
// May redirection to what it is needed should be added, or wp home will be the redirect to (as code is more below, where user re-logged)
[/code]

Since 2.3.9 it was required that usernames/email pairs were always the same in phpBB and WP. So updating and leaving settings as they are, there is no worry to check for nothing. All is ok as is except ...

Now, i go into ACP, and i disable the possibility for users to update their email in phpBB profile.
To do so, and disable users email update on phpBB, just do this:


DISABLE EMAIL UPDATE IN PHPBB USER'S PROFILES

ACP -> TAB System -> User Control Panel -> click into Profile then for the Edit account settings module, click into Disable to disable the user's account settings module. So the Edit account settings tab, where it is possible to update user's email and password in phpBB ucp, will not be anymore accessible, while all the rest of phpBB profile options will be still available to phpBB users.

Now since there are no duplicated emails and usernames, and the scenario here is the above explained with unique usernames/email pairs existent on both phpBB and WP, i can also allow registration in phpBB, and disable in WP or leave both (the iframe mode will allow to add users at same time on wp when registration done in phpBB, that's another consideration, explained into the iframe help steps guide, where can be argued the meaning of this assertion). Why i need this in this particular case? Because the user's spam check is harder to be broken into the default phpBB. I'm annoyed by spammers, and i do not want to add re-captcha plugins on WP login or registration. I do not disabled the registration in WordPress, i activated the plugin option Swap WordPress default Register and Lost Password links to point to phpBB related pages so when any registration link clicked into WordPress, users will be forced/redirected to the phpBB registration page instead.

That's all. I've check users with 0 posts in phpBB, and related with 0 posts in wordpress through List users with 0 posts in phpBB: delete in WordPress and deactivate in phpBB option, that let me know also if those users, have or not posts in wordpress.
I deleted them in wordpress. Then also removed thousand of deactivated 4 years old users (remember that a deleted user in WordPress, is deactivated in phpBB, NOT deleted, and you can use this as anti spam method, leaving these users deactivated in phpBB, and as explained elsewhere) in one click via phpBB ACP.

From now on, i will have to change the phpBB Q&A question, just in case, as soon i'll see some spam user.

phpBB WordPress 2.4.0 integration: 1001 ways, 1001 logs - how to

by axew3 » Sun Dec 20, 2020 9:08 am


Top