ForumIntegration
 | This page is obsolete. It is kept for historical interest only. It may document extensions or features that are obsolete and/or no longer supported. Do not rely on the information here being up-to-date. |
Done so far:
I've created a table in filmsoc called people_forums that links pid of our system to column in web_users with the user_id in phpBB.
I've created a page on the main website called autologin that looks up the correct user_id, and then redirects to another page called autologin in the forums. This then logs the specified user_id into the forums using a phpBB function called session_begin. A cyptographic token is used to prevent unauthorized use of autologin.
- Automatic phpBB account creation
from website login creation.- This wouldn't neccessarily be very useful - not everybody will want to use the forums
- This could be done on first login redirected from the forums rather than when a website login is created. When they attempt to login to the forums a message pops up saying "Your forum account hasn't been set up, please enter a display name to use".
- That's exactly what happens! Although I should probably write some kind of message to explain to people what's happening.
- Populate people_forums with information for current forum accounts
- Make autologin automatically create a forum account for people without an entry in people_forums, and add a row to it
- Allow autologin to redirect to any forum page, not just the start page (for next part)
- Redirect any login or register page requests on the forums to http://www.filmsoc.warwick.ac.uk/index.php?page=autologin
- Login & register links should be removed from phpBB and be provided solely through the website.
Still to do:
- Mechanism to ensure email address changes get transferred across to phpBB.
- Automatically put people in groups based on statuses
- This can happen when the initial phpBB account is created (DONE - mattrix), however should it also be automatic when a user's status is modified from the member editor (STILL TODO) (or should this page include options for forum membership as well)?
- I've written a script to automatically update the new crew group every day.
The situation with the other groups is more complicated. I knocked out a quick script to compare the website groups and the forum groups, and there are currently people in groups on the forum and not on the website and vice versa, and sometimes for a good reason. Perhaps the best solution would be for me to modify the comparison script to group by forum groups rather than person, and have buttons for quickly correcting any problems. The relevant Exec member could then use this page to keep his forum groups up to date as he sees fit.
- I've written a script to automatically update the new crew group every day.
- This can happen when the initial phpBB account is created (DONE - mattrix), however should it also be automatic when a user's status is modified from the member editor (STILL TODO) (or should this page include options for forum membership as well)?
- Determine what session / cookie settings are required for phpBB login and set it from the filmsoc website.
- I had a quick look at that, they are a abit esoteric as phpBB uses its own session table and logic, and it is difficult to include phpBB files in the website without breaking our things. The autologin system should be almost as seamless. mattrix
Would be nice:
- Make look of forums closer to rest of website
Whould be nice, but particularly difficult:
- Make phpBB use the same user ids as the filmsoc website login
Decide on a policy for transfering people who have different usernames or passwords
- I'm inclined to say let people keep their different usernames - see my email. mattrix
Decide on a policy for people who would like to keep different passwords
- Forum passwords should become irrelevant as there won't be any way to log in to the forums directly. mattrix
Is the facility to have different passwords less important than the facility to have different usernames
- If people have different usernames, why can't they be allowed different passwords
- The use of different passwords for different systems is always recommended from a security point of view. If we have the opportunity to allow the option, why not use it.
- This should be unnecessary since it should essentially be the same system.
- Should the forums be considered as part of a wider AuthenticationStratergy before we jump into what could be a involved, complicated and proprietary system.
