Adding New Users from a Different Location
  • WDjoeWDjoe
    Hello,
    I have Tango working almost perfectly to what I want it to do. My problem is that I want to be able to add users myself from a totally different webpage so they can login to my Tango web address. I need this because I am doing a website that tracks distributors for a product but I want them to login to Tango for all the confidential prices and latest news from the company.
    Anyways, I have no problem adding the users information to the "users" table with the email, password, first_name, and last_name, status as active. I can see it all on mysqladmin.
    The problem is when I go to test the login page of Tango with the user information that I put in from the external login form I get this error message:

    Internal ErrorAn internal error has occured and caused the request to halt.
    Please refresh the page to try again.

    --------------------------------------------------------------------------------
    For details of this error, please check your log files. View the debug manual page for more information:
    Troubleshooting/Debug Manual Page


    And no one can login, not even the administrator. If I delete the user that I put in from this external form then everything turns back to normal.

    It looks to me like it's trying to find some other information that goes along with the login credentials (i.e. email and password) but I don't know what or where to look for it.

    What am I missing and what can I do so that the new users that I set up from the different form can logon and not see this error?
    Any help and advise is greatly appreciated.
  • AlexCAlexC
    Hi there,

    Take a look at the 'users_meta' table, there is some details in there required. To see which ones these actually are, you'll get a better understanding by reading the dump file that was created for that error; see the files ./application/logs/zula-dump.xx.log

    You'll also have issues with cache if you're using it within TangoCMS. For example, if you're using the "file" cache you'll have to make sure to remove the cache files, which will be in ./tmp/cache
  • WDjoeWDjoe
    Hello, thank you for your help.

    The 'user_meta" table is empty. I checked the error located as you said at /application/logs/zula-dump.xx.log and I did find the answer of why I was getting a blank screen, it had to do with the user group so I changed it to a "2" and everything went back to normal.

    I think I am on the right track but I still can't get users into the database from an external form. I looked at the "salt" encryption method and I found the "salt" key at config.ini.php and I used that for my external form to use but when I go check out the password in the database it only has 40 characters. I noticed that the first user in the database (me) the admin when you first install Tango has 64 characters. Also, any user I add with the register form from Tango will also get me 64 characters into the password database field.

    I tried logging in with the users with only 40 characters in the password field that I put in from the external form and I always get the warning saying that the email and password do not match.

    I would assume salt just encrypts the password because I registered a users with the Tango registration form and I entered the same password as the admin and the same 64 characters showed up in the database.
  • AlexCAlexC
    We don't encrypt the passwords, we hash them with SHA256 and the HMAC salting algorithm using the per-installation salt (randomly generated upon install). It's very easy with the www.php.net/hash_hmac function, that will get you what you need.
  • WDjoeWDjoe
    That helped out, almost there.
    I now have my 64 character password into the password field of the database. Looks like I am still not doing something right because once I try and login it still says "Username and/or password provided are incorrect"

    This is what I have put in from my external form ( I changed my salt key) to get the 64 character into the password field .

    $algo='sha256';
    $data='$password';
    $key='%+jdguUp>^4';

    hash_hmac ($algo ,  $data ,  $key [ $raw_output = true ] );


    echo hash_hmac('sha256', '$password', '%+jdguUp>^4');

    $hashed= hash_hmac('sha256', '$password', '%+jdguUp>^4');

    echo $hashed;    
       	
    	// Add the user.
    		
    			$query = "INSERT INTO users (email, password, first_name,  last_name, username, company, address, city, state, zip, country, website,  tel_area, tel_three, tel_four, tel_ext, mobile_area, mobile_three, mobile_four, status, joined) VALUES ('$email', '$hashed', '$first_name', '$last_name', '$username', '$company', '$address', '$city','$state','$zip', '$country',  '$website', '$tel_area', '$tel_three', '$tel_four', '$tel_ext', '$mobile_area', '$mobile_three', '$mobile_four', '$status', NOW() )";


    I am not even sure if it is hashing the password itself.

    Any thoughts or am I over my head?
  • AlexCAlexC 
    $ php -a
    Interactive shell

    php > $foo = 'bar';
    php > var_dump($foo, "$foo", '$foo');
    string(3) "bar"
    string(3) "bar"
    string(4) "$foo"
    php >


    I think that should explain it.

    Btw, I would highly advise putting these additional user info into the 'users_meta' table, after all that's it's purpose (meta data).
  • WDjoeWDjoe
    Thanks again for taking the time on trying to get me to work this out.
    I have added the new users to the 'users_meta' table as you said I should.

    Excuse my ignorance with this (only have been coding with PHP for about a year or so) but where would I put this code? Do I place it in the same page as the form? I am a little lost here.


    $ php -a
    Interactive shell

    php > $foo = 'bar';
    php > var_dump($foo, "$foo", '$foo');
    string(3) "bar"
    string(3) "bar"
    string(4) "$foo"
    php >
  • AlexCAlexC
    You don't put that code anyway, that is output from the PHP interactive shell to show you how PHP handles strings and quotes. Read the output of it and how I have done the vars, and ask your self why one of them does not display bar. See www.php.net/string and then look at your code :)
  • WDjoeWDjoe
    Thank you for your help.

    I will have to take this all in slowly and see if I can learn how this all will work together. A lot of this is new to me and I hope I will figure it out soon, I have lost so many hours of sleep over this. :-(
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion