I just need to know... does this api authentication code have to run on the same server hosting the ts3 server? I understand its something you implement into your forum code... but what about people who pay for TS3 hosting? There isn't much detail on your site how you connect ts3 to the authentication process.

1: Is this FRIENDLY when it comes to PHPBB Official Update packages... as in it won't go ape-**** crazy if it patches as they regularly do release updates. (Last API Mod caused me to scrap Databases on a regular basis... utter pain-in-the-ass)

2: Is there a way to shutoff the Teamspeak 3 portion as we do not use TS3 (Shadow Confederation)

3: Is it possible to configure the API checker to multi-corps/multi-alliances?

4: I don't understand the bit about a separate registration page... can you clarify? Will it require modifications to make it work? This also include the ACP As well?

5: Can it be installed on an already active DB/Forums?

6: Last but not least...willing to give me some minor coaching's on some specific customizations such as getting cron to email me? Linux docs can be confusing at times.

Gary:

If you want to make a test board, do whatever you want, but I don't believe a test board will do this justice without a test TS server as well. I also think it's unnecessary, but again, it's your prerogative.

---

Drake:

The more I think about it, the more I'm softening on the idea of making Teamspeak registration optional via the config. I'll see what I can do on it tonight.

No harm will be caused if TS3 is disabled in the right way, so that's another reason I'm thinking about making it easier for everybody.

Yeah. It's not all that easy unless you're already a PHP coder.

Thanks for the great compliment. I've been a PHP/MySQL developer full-time for five years, and I've been tinkering with phpBB and other PHP apps. for many years before that in a hobby capacity.

small price to pay...for added security/convience of API.

Balani: I guess I should put in the requirements that it requires PHP 5.3.0 or greater.

The ( EOL ) sections aren't the problem. It's the ( 'EOL' ) (with a single quote on each side of EOL) that only work in PHP 5.3.0 or greater. You can either upgrade your PHP, or you might be able to just find and replace every occurrence of the second thing with the first thing, and it should work fine, but you might have to put a backslash ( "\" ) before the dollar signs in the javascript section in index.php (located in lines 136 -161). This syntax it's currently using is called Nowdoc in case you're wondering.

The dollar signs don't need backslashes, and there should be absolutely no spaces on the same line after EOL. I would just replace your index.php with the latest copy and replace all the 'EOL' (with single-quote) parts with EOL (without single-quotes).

$query = (less than signs go here)EOL
UPDATE {$config['Forums DB']['Table Prefix']}users
SET user_permissions = ""
WHERE user_id = {$forums_user['ID']}
EOL;
mysql_query($query) or log_message('Error clearing user_permissions. User: ' . $forums_user['Username']);

Drake:

No. The instructions do show you how to quickly grab a list of every corp. in an alliance, but you will have to update your config as corps. join or leave your alliance. I'll think about this and it may be a feature down the road.

---

Hmmmmm - it doesn't seem to be setting my defined groups as default. Any ideas? No doubt it'll be a single switch somewhere...

I've also modified the script to fit into the skin of my website - http://therodents.net/EVE-API-Registration/

Might give you guys some ideas.

Eugene

I understand why you don't want to do that,...

Anything else?

It also makes it harder to maintain (for me), install, and update, and it makes it more prone to breakage with phpBB updates.

I can't see a good reason why Registered Users is a bad group to have them put in, as 100% of your non-bot users should be in the Registered Users group. What setup do you have that some people aren't in that group? I was under the impression that even with Newly Registered Users set up, users are in both anyway? It's not too big of a deal to add the feature, but I'm curious as to why anyone would even need it, and if you don't have a legitimate reason, to me it's just an extra thing to potentially confuse people to have in the config. If you have a reason that I think will have useful application to an even somewhat-wide group of people, I'll add that option.

Fair enough. I know just enough to be dangerous so I didn't know if that would be feasible or not.

Lets just say that when people get kicked or API keys expire too soon I don't want them to be able to do certain things that "registered" users can do.

Every user is a Registered User. A user even with a new, freshly created account, is a Registered User, possibly in addition to other groups (like Newly Registered Users). Normally to give a user extra permissions, they are then added to another group, but they aren't removed from Registered Users. Are not 100% of all your human users in the Registered Users group?

Drake:
Either you haven't had anybody lose their registration and haven't otherwise had errors, or there's a problem. Try editing your entry directly in the EVE Registration table in the database so that your Verification Code is invalid, and set your Cached Until timestamp to something way in the past, and see if it then revokes your privileges and puts an error in the log.

magic_quotes_gpc = Off

allow_url_fopen = On

if (get_magic_quotes_gpc()) {
$_POST = array_map('stripslashes', $_POST);
$_GET = array_map('stripslashes', $_GET);
$_COOKIE = array_map('stripslashes', $_COOKIE);
}

Drake: I don't know why. Mine was filled with log lines of people being deleted, but I didn't lose everybody (since I caught it in time). The moral of the story is that backups are key, always. Sorry for the loss, though. Is it logging other things correctly?

2011-10-11 - 1.57 - Now uses cURL if available or url_fopen wrapper if not. PHP command (path to PHP binary), as used in registration script, is now configurable. Fixed users with single-quotes in names not being able to log in to forums after doing API registration. Fixed name of last poster in a forum not updating when a username is changed due to API registration. In the previous release, the updated index.php (registration script) was accidentally omitted, so the changes mentioned for 1.56 involving it are now in effect. Minor documentation changes.

Although I mentioned some fixes in index.php, I apparently forgot to include the updated index.php in my most recent release, so they actually weren't added, and I'll instead stick it in my next release. The good news is that they weren't critical changes.

Sorry about that.

Drake:
It should have logged, and it logged it all for me. That's what I'm trying to troubleshoot. Does it log errors normally otherwise?

log_message('Check script ran.', FALSE);

Drake:
I have no idea why it would log problems with only one user, it doesn't make sense that that one user would just be you (instead of some other random person), it's not happening for me, and I haven't seen it happen with anyone else.

Something you might try to test: On line 3 of check-users.php, paste the following:

With that, you should get an entry in errors.txt every time check-users.php runs via the cron job or via the registration form. My only guess I can think of is that it might be only logging when it runs via the registration form and not via the cron, but if you said it did show that your registration got deleted during the EVE API downtime, then that may not be it. Either way, that's a good troubleshooting step to make sure it at least can log at the appropriate times.

2011-10-20 - 1.58 - Removed dependency on PHP mbstring module inadvertently caused by last update's single-quote fix. Made registration script force usage of UTF-8 character set when updating a user's username_clean (related to single-quote issue). Added ability to set EVE character avatars as forums avatars (code idea by Rache Le'Bonbon). Minor documentation changes.

There's a basic program plan, and I may soften on the idea eventually, but I don't feel like implementing the feature, given the things I said above and that I don't like the added complexity.

EDIT 2011-10-22:
Apparently corp/MemberTracking.xml.aspx requires a Corporation API key to even work. I didn't notice that. There may be another way to get that info out, though.

A popup saying, "Error getting API data from EVE server." likely means neither the cURL extension for PHP is loaded nor the allow_url_fopen option is available.

Hey all, I installed the scripted and modified the config what i wish but cant get it to run

When i log into the admin site i get

Warning: session_start() [function.session-start]: open(/home/users/web/b1298/ipg.eveowgcom/cgi-bin/tmp/sess_be0264c4b287ca8d34fe847721f5f789, O_RDWR) failed: No such file or directory (2) in /hermes/bosweb/web129/b1298/ipg.eveowgcom/eve-api-reg/admin/index.php on line 5

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /hermes/bosweb/web129/b1298/ipg.eveowgcom/eve-api-reg/admin/index.php:5) in /hermes/bosweb/web129/b1298/ipg.eveowgcom/eve-api-reg/admin/index.php on line 5

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /hermes/bosweb/web129/b1298/ipg.eveowgcom/eve-api-reg/admin/index.php:5) in /hermes/bosweb/web129/b1298/ipg.eveowgcom/eve-api-reg/admin/index.php on line 5

Password:

Warning: Unknown: open(/home/users/web/b1298/ipg.eveowgcom/cgi-bin/tmp/sess_be0264c4b287ca8d34fe847721f5f789, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/home/users/web/b1298/ipg.eveowgcom/cgi-bin/tmp) in Unknown on line 0

any idea?

$api_url = 'https://api.eveonline.com/account/APIKeyInfo.xml.aspx?keyID=' . $_POST['Key_ID'].'&Vcode=' . $_POST['Key_Ver_Code'];
//if (extension_loaded('curl')) {
// $api_handle = curl_init($api_url);
// curl_setopt($api_handle, CURLOPT_RETURNTRANSFER, TRUE);
// if (!($api_xml = curl_exec($api_handle)) or curl_getinfo($api_handle, CURLINFO_HTTP_CODE) != 200) {
// die(json_encode(array('error' => 'Error getting API data from EVE server.')));
// }
// curl_close($api_handle);
//}
//else {
$api_xml = file_get_contents($api_url) or die(json_encode(array('error' => 'Error getting API data from EVE server.')));
//}