Invision Power Board:Authenticating Members In Your Scripts
From IpbWiki
Contents |
Authenticating IPB Members in your scripts
This article is a primer on how to go about using the IPB member's database to authenticate members in other areas of your website. It assumes you have a working knowledge of PHP and MySQL and are moderately familiar with IPB.
Invision Power Board stores the member information in three tables:
- ibf_member_extra: Miscellaneous member information such as signature, instant messenger information, etc.
- ibf_members_converge: Email, password and core log in information
- ibf_members: IPB specific information, such as IPB preferences
The main table of interest is the "ibf_members_converge" table. This stores the member's email address, password salt and password. The plain text password is never stored and the member's name is stored in "ibf_members" along with their "member_login_key".
Passwords
Invisison Power Board stores the password in the "ibf_members_converge" table in the following format:
The password salt (converge_pass_salt) is a random 5 character string generated from the "ips_kernel/class_converge.php" module. It can include any character except the backslash character.
Getting the member from the database
The preferred way of getting the member from the database is via the user ID. If this is not available, then use the email address as this is unique to each member. If this is not available then use the member's name (although be aware that this is filtered via the "sources/functions.php" clean_value() function to remove HTML entities and such). Also be aware that the IPB stored password will have been initially passed via the clean_value() function before being compiled.
If you are using the member ID, then it is preferable to simply query the "ibf_members_converge" table directly to pull the member's information and then examine the password to ensure its the same as the one entered from a form. The ibf_members_converge.converge_id is the same as the ibf_members.id. This will change when we roll out the converge framework. If you want to remain future compatible, first query the email address from the ibf_members table for that member's id and then query (or join) the ibf_members_converge table for that email address.
IPB 2.1.x DB Schematic
id mediumint(8) NOT NULL default '0',
notes text,
links text,
bio text,
ta_size char(3) default NULL,
photo_type varchar(10) default '',
photo_location varchar(255) default '',
photo_dimensions varchar(200) default '',
aim_name varchar(40) NOT NULL default '',
icq_number varchar(40) NOT NULL default '0',
website varchar(250) NOT NULL default '',
yahoo varchar(40) NOT NULL default '',
interests text NOT NULL,
msnname varchar(200) NOT NULL default '',
vdirs text NOT NULL,
location varchar(250) NOT NULL default '',
signature text NOT NULL,
avatar_location varchar(128) NOT NULL default '',
avatar_size varchar(9) NOT NULL default '',
avatar_type varchar(15) NOT NULL default 'local',
PRIMARY KEY (id)
);
id mediumint(8) NOT NULL default '0',
name varchar(255) NOT NULL default '',
mgroup smallint(3) NOT NULL default '0',
legacy_password varchar(32) NOT NULL default '',
email varchar(60) NOT NULL default '',
joined int(10) NOT NULL default '0',
ip_address varchar(16) NOT NULL default '',
posts mediumint(7) default '0',
title varchar(64) default NULL,
allow_admin_mails tinyint(1) default NULL,
time_offset varchar(10) default NULL,
hide_email varchar(8) default NULL,
email_pm tinyint(1) default NULL,
email_full tinyint(1) default NULL,
skin smallint(5) default NULL,
warn_level int(10) default NULL,
warn_lastwarn int(10) NOT NULL default '0',
language varchar(32) default NULL,
last_post int(10) default NULL,
restrict_post varchar(100) NOT NULL default '0',
view_sigs tinyint(1) default '1',
view_img tinyint(1) default '1',
view_avs tinyint(1) default '1',
view_pop tinyint(1) default '1',
bday_day int(2) default NULL,
bday_month int(2) default NULL,
bday_year int(4) default NULL,
new_msg tinyint(2) default '0',
msg_total smallint(5) default '0',
show_popup tinyint(1) default '0',
misc varchar(128) default NULL,
last_visit int(10) default '0',
last_activity int(10) default '0',
dst_in_use tinyint(1) default '0',
view_prefs varchar(64) default '-1&-1',
coppa_user tinyint(1) default '0',
mod_posts varchar(100) NOT NULL default '0',
auto_track varchar(50) default '0',
temp_ban varchar(100) default '0',
sub_end int(10) NOT NULL default '0',
login_anonymous char(3) NOT NULL default '0&0',
ignored_users text NOT NULL,
mgroup_others varchar(255) NOT NULL default '',
org_perm_id varchar(255) NOT NULL default '',
member_login_key varchar(32) NOT NULL default '',
subs_pkg_chosen smallint(3) NOT NULL default '0',
has_blog tinyint(1) NOT NULL default '0',
members_markers text NOT NULL,
members_editor_choice char(3) NOT NULL default 'std',
members_auto_dst tinyint(1) NOT NULL default '1',
members_display_name varchar(255) NOT NULL default '',
members_created_remote tinyint(1) NOT NULL default '0',
members_cache MEDIUMTEXT default '',
members_disable_pm INT(1) NOT NULL default '0',
PRIMARY KEY (id),
KEY name (name),
KEY mgroup (mgroup),
KEY bday_day (bday_day),
KEY bday_month (bday_month),
KEY members_display_name (members_display_name),
);
- members_disable_pm: 0, no, 1, yes, 2 yes - admin ban
converge_id int(10) NOT NULL auto_increment,
converge_email varchar(250) NOT NULL default '',
converge_joined int(10) NOT NULL default '0',
converge_pass_hash varchar(32) NOT NULL default '',
converge_pass_salt varchar(5) NOT NULL default '',
PRIMARY KEY (converge_id),
KEY converge_email (converge_email)
);