What's Wrong with My Code?

luckyvega

Joined: 2009-10-05
Posts: 8

Posted: Sun, 2009-10-18 14:01

I just want to create the user "henry" then login, but I receive a security violation error. I check the database and find "henry" isn't added. 'Student' is a group I have created.

<?php

/*
 * This is an example of how G2 can be wrapped into your own website
 * If you only want to embed G2 visually in your website, you don't need GalleryEmbed (so this
 * approach is not necessarily what you want). But if you want to embed G2 in your website,
 * including a unified user management, a single login etc., then this is the correct file to
 * start with.
 */

/*
 * runGallery() exits if G2 tells it to so (by isDone = true). It's important that you don't
 * output any html / anything before you call runGallery (which calls
 * GalleryEmbed::handleRequest), else, G2 won't work correctly.
 * Reason: G2 does a lot of redirects. E.g. when you login, it redirects to the next page, etc.
 * and redirects won't work if there was already some output before the redirect call.
 */
$data = runGallery();
$data['title'] = (isset($data['title']) && !empty($data['title'])) ? $data['title'] : 'Gallery';
if (isset($data['bodyHtml'])) {
print <<<EOF
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>{$data['title']}</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
{$data['javascript']}
{$data['css']}
</head>
<body>
{$data['bodyHtml']}
</body>
</html>
EOF;
}


function runGallery() {

    require_once('./photo/embed.php');
    $data = array();	
    $h_user = 'henry';

    // initiate G2 
    $ret = GalleryEmbed::init(array('g2Uri' => '/photo/main.php', 
				    'embedUri' => '/main3.php',
				    'activeUserId' => $h_user, 'fullInit' => true));
    GalleryCapabilities::set('login', true);
    if ($ret) {
        $ret2 = GalleryEmbed::isExternalIdMapped($h_user, 'GalleryUser');
        if ($ret2 && $ret2->getErrorCode='ERROR_MISSING_OBJECT') {
            $ret = GalleryEmbed::createUser($h_user, array('username' => $h_user, 'password' => '123456'));
            GalleryEmbed::addUserToGroup($h_user, 'student');
        }
        $ret3 = GalleryEmbed::login($h_user);
        $data['bodyHtml'] = $ret3->getAsHtml();
        return $data;
    }

    // user interface: you could disable sidebar in G2 and get it as separate HTML to put it into a block
    // GalleryCapabilities::set('showSidebarBlocks', false);

    // handle the G2 request
    $g2moddata = GalleryEmbed::handleRequest();
  
    // show error message if isDone is not defined
    if (!isset($g2moddata['isDone'])) {
      $data['bodyHtml'] = 'isDone is not defined, something very bad must have happened.';
      return $data;
    }
    // exit if it was an immediate view / request (G2 already outputted some data)
    if ($g2moddata['isDone']) {
	exit; 
    }
   
    // put the body html from G2 into the xaraya template 
    $data['bodyHtml'] = isset($g2moddata['bodyHtml']) ? $g2moddata['bodyHtml'] : '';

    // get the page title, javascript and css links from the <head> html from G2
    $title = ''; $javascript = array();	$css = array();
 
    if (isset($g2moddata['headHtml'])) {
      list($data['title'], $css, $javascript) = GalleryEmbed::parseHead($g2moddata['headHtml']);
	  $data['headHtml'] = $g2moddata['headHtml'];
    }
    
    
    /* Add G2 javascript  */
    $data['javascript'] = '';
    if (!empty($javascript)) {
      foreach ($javascript as $script) {
	     $data['javascript'] .= "\n".$script;
      }
    }

    /* Add G2 css  */
    $data['css'] = '';
    if (!empty($css)) {
      foreach ($css as $style) {
	     $data['css'] .= "\n".$style;
      }
    }

    // sidebar block
    if (isset($g2moddata['sidebarBlocksHtml']) && !empty($g2moddata['sidebarBlocksHtml'])) {
      $data['sidebarHtml'] = $g2moddata['sidebarBlocksHtml'];
    }
    
    return $data;
} 

?>

suprsidr

Joined: 2005-04-17
Posts: 6138

Posted: Sun, 2009-10-18 16:10

the activeUserId is the external id of the user, not the gallery id.
use GalleryEmbed::isExternalIdMapped to first check too see if the user is already mapped, then if not, addExternalIdMapEntry to do your initial external mapping(usually when you create)
or getExternalIdMap to retrieve if user is already mapped.
http://gallery.menalto.com/apidoc/GalleryCore/Classes/GalleryEmbed.html

you can also use $gallery->getActiveUser() and $gallery->setActiveUser()
http://gallery.menalto.com/apidoc/GalleryCore/Classes/Gallery.html

Have you seen the Gallery2 embed-o-rator.

-s
FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

luckyvega

Joined: 2009-10-05
Posts: 8

Posted: Mon, 2009-10-19 05:29

I have check the addExternalIdMapEntry() function in the document. But I found that it requires a "$entityId" parameter. How can I get the entityId of a newly created user? Is it like this? ($h_user is an external Id, 'newgroup' is an external groupid.)

GalleryEmbed::createUser($h_user, array('username' => $h_user, 'password' => '123456'));
GalleryEmbed::addUserToGroup($h_user, 'newgroup');
GalleryEmbed::addExternalIdMapEntry($h_user, Gallery::getActiveUser()->getId(), 'GalleryUser');

suprsidr

Joined: 2005-04-17
Posts: 6138

Posted: Mon, 2009-10-19 11:48

GalleryCoreApi::fetchUserByUserName

-s
FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

luckyvega

Joined: 2009-10-05
Posts: 8

Posted: Mon, 2009-10-19 14:33

I called the fetchUserByUserName() function but still had trouble. I think what matters is that after I called the createGroup() and createUser() function, the database had no change.

suprsidr

Joined: 2005-04-17
Posts: 6138

Posted: Mon, 2009-10-19 16:49

You must call GalleryEmbed::done(); to commit your change.

-s
FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

luckyvega

Joined: 2009-10-05
Posts: 8

Posted: Tue, 2009-10-20 02:02

Failed again. Is there any successful example I can learn from? Just a simple login interface is enough, not some complex one like embedding to WordPress or Joomla.

suprsidr

Joined: 2005-04-17
Posts: 6138

Posted: Tue, 2009-10-20 02:28

excerpt from my bridge:

function G2B_CreateG2User($GL_uid) {
    global $gallery,$_TABLES;
    
    if (!isset($gallery)) {
        G2B_G2_init();
    }
    
    // Make sure we are don't already have an user with the same name
    $ret = GalleryEmbed::isExternalIdMapped($GL_uid, 'GalleryUser');
    if (!($ret && ($ret->getErrorCode() & ERROR_MISSING_OBJECT))) {
        return;
    }
    
    $sql = "SELECT uid, username, fullname, passwd, email, language, UNIX_TIMESTAMP( regdate ) AS registration_ts
                FROM {$_TABLES['users']} WHERE uid ='{$GL_uid}' LIMIT 1";
    $result = DB_query($sql);
    $row = DB_fetchArray($result);
    
    $args['fullname'] = $row['fullname'];
    $args['username'] = $row['username'];
    $args['hashedpassword'] = $row['passwd'];
    $args['hashmethod'] = 'md5';
    $args['email'] = $row['email'];
    $args['creationtimestamp'] = $row['registration_ts'];
    $args['language'] = G2B_MapLanguage($row['language']);
    
    $ret = GalleryEmbed::createUser($GL_uid, $args);
    if (!$ret) {
        COM_errorLog("GalleryEmbed::createUser for userId ".$GL_uid);
    }
    
    if (($ret) && ($ret->getErrorCode() & ERROR_COLLISION)) {
        GL_addExternalIdMap($GL_uid);
        COM_errorLog("ERROR_COLLISION, added external ID to map for userId ".$GL_uid);
        return false;
    }
    
    GalleryEmbed::done();
    return true;
}
    
function GL_addExternalIdMap($GL_uid) {
    global $gallery,$_TABLES;
        
    // Fetch username based on $GL_uid
    $sql = "SELECT username FROM {$_TABLES['users']} WHERE uid ='{$GL_uid}' LIMIT 1";
    $result = DB_query($sql);
    $A = DB_fetchArray($result);
        
    list($ret, $user) = GalleryCoreApi::fetchUserByUserName($A['username']);
    if($ret){
        COM_errorLog('Failed to fetchUserByUserName for GL usename ['.$A['username'].']');
        COM_errorLog('   Here is the error message from G2:');
        COM_errorLog($ret->getAsText());
        return false;
    }
        
    $ret = GalleryEmbed::addExternalIdMapEntry($GL_uid, $user->getId(), 'GalleryUser');
    if ($ret) {
        COM_errorLog('Failed to add externalIdMap for GL usename ['.$A['username'].']');
        COM_errorLog('   Here is the error message from G2:');
        COM_errorLog($ret->getAsText());
        return false;
    }
    
    GalleryEmbed::done();
    return true;
}

// Add user to Gallery Admin Group
function G2B_addUserToGroup($GL_uid) {
    global $gallery;
    
    list($ret, $user) = GalleryCoreApi::loadEntityByExternalId($GL_uid, 'GalleryUser');
    if ($ret) {
        COM_errorLog('Failed to loadEntityByExternalId for GL uid ['.$GL_uid.']', 1);
    } else {
        COM_errorLog('retrieved user from G2 '.$user->getUsername(), 1);
    }
    $ret = GalleryCoreApi::addUserToGroup($user->getId(), 3); //G2 admin groupid is 3
    if ($ret) {
        COM_errorLog('Failed to add user to admin group for GL uid ['.$GL_uid.']', 1);
        COM_errorLog('   Here is the error message from G2:', 1);
        COM_errorLog($ret->getAsText(), 1);
        return false;
    } else {
        COM_errorLog('added user with a G2 id of  '.$user->getId().' to admin group 3', 1);
    }
    GalleryEmbed::done();
    return true;
}

-s
FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

luckyvega Joined: 2009-10-05 Posts: 8	Posted: Sun, 2009-10-18 14:01
	I just want to create the user "henry" then login, but I receive a security violation error. I check the database and find "henry" isn't added. 'Student' is a group I have created. <?php /* * This is an example of how G2 can be wrapped into your own website * If you only want to embed G2 visually in your website, you don't need GalleryEmbed (so this * approach is not necessarily what you want). But if you want to embed G2 in your website, * including a unified user management, a single login etc., then this is the correct file to * start with. / / * runGallery() exits if G2 tells it to so (by isDone = true). It's important that you don't * output any html / anything before you call runGallery (which calls * GalleryEmbed::handleRequest), else, G2 won't work correctly. * Reason: G2 does a lot of redirects. E.g. when you login, it redirects to the next page, etc. * and redirects won't work if there was already some output before the redirect call. / $data = runGallery(); $data['title'] = (isset($data['title']) && !empty($data['title'])) ? $data['title'] : 'Gallery'; if (isset($data['bodyHtml'])) { print <<<EOF <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <title>{$data['title']}</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> {$data['javascript']} {$data['css']} </head> <body> {$data['bodyHtml']} </body> </html> EOF; } function runGallery() { require_once('./photo/embed.php'); $data = array(); $h_user = 'henry'; // initiate G2 $ret = GalleryEmbed::init(array('g2Uri' => '/photo/main.php', 'embedUri' => '/main3.php', 'activeUserId' => $h_user, 'fullInit' => true)); GalleryCapabilities::set('login', true); if ($ret) { $ret2 = GalleryEmbed::isExternalIdMapped($h_user, 'GalleryUser'); if ($ret2 && $ret2->getErrorCode='ERROR_MISSING_OBJECT') { $ret = GalleryEmbed::createUser($h_user, array('username' => $h_user, 'password' => '123456')); GalleryEmbed::addUserToGroup($h_user, 'student'); } $ret3 = GalleryEmbed::login($h_user); $data['bodyHtml'] = $ret3->getAsHtml(); return $data; } // user interface: you could disable sidebar in G2 and get it as separate HTML to put it into a block // GalleryCapabilities::set('showSidebarBlocks', false); // handle the G2 request $g2moddata = GalleryEmbed::handleRequest(); // show error message if isDone is not defined if (!isset($g2moddata['isDone'])) { $data['bodyHtml'] = 'isDone is not defined, something very bad must have happened.'; return $data; } // exit if it was an immediate view / request (G2 already outputted some data) if ($g2moddata['isDone']) { exit; } // put the body html from G2 into the xaraya template $data['bodyHtml'] = isset($g2moddata['bodyHtml']) ? $g2moddata['bodyHtml'] : ''; // get the page title, javascript and css links from the <head> html from G2 $title = ''; $javascript = array(); $css = array(); if (isset($g2moddata['headHtml'])) { list($data['title'], $css, $javascript) = GalleryEmbed::parseHead($g2moddata['headHtml']); $data['headHtml'] = $g2moddata['headHtml']; } / Add G2 javascript / $data['javascript'] = ''; if (!empty($javascript)) { foreach ($javascript as $script) { $data['javascript'] .= "\n".$script; } } / Add G2 css */ $data['css'] = ''; if (!empty($css)) { foreach ($css as $style) { $data['css'] .= "\n".$style; } } // sidebar block if (isset($g2moddata['sidebarBlocksHtml']) && !empty($g2moddata['sidebarBlocksHtml'])) { $data['sidebarHtml'] = $g2moddata['sidebarBlocksHtml']; } return $data; } ?>
	XUser login Username: * Password: * Create new account Request new password
suprsidr Joined: 2005-04-17 Posts: 6138	Posted: Sun, 2009-10-18 16:10
	the activeUserId is the external id of the user, not the gallery id. use GalleryEmbed::isExternalIdMapped to first check too see if the user is already mapped, then if not, addExternalIdMapEntry to do your initial external mapping(usually when you create) or getExternalIdMap to retrieve if user is already mapped. http://gallery.menalto.com/apidoc/GalleryCore/Classes/GalleryEmbed.html you can also use $gallery->getActiveUser() and $gallery->setActiveUser() http://gallery.menalto.com/apidoc/GalleryCore/Classes/Gallery.html Have you seen the Gallery2 embed-o-rator. -s FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

luckyvega Joined: 2009-10-05 Posts: 8	Posted: Mon, 2009-10-19 05:29
	I have check the addExternalIdMapEntry() function in the document. But I found that it requires a "$entityId" parameter. How can I get the entityId of a newly created user? Is it like this? ($h_user is an external Id, 'newgroup' is an external groupid.) GalleryEmbed::createUser($h_user, array('username' => $h_user, 'password' => '123456')); GalleryEmbed::addUserToGroup($h_user, 'newgroup'); GalleryEmbed::addExternalIdMapEntry($h_user, Gallery::getActiveUser()->getId(), 'GalleryUser');

suprsidr Joined: 2005-04-17 Posts: 6138	Posted: Mon, 2009-10-19 11:48
	GalleryCoreApi::fetchUserByUserName -s FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

luckyvega Joined: 2009-10-05 Posts: 8	Posted: Mon, 2009-10-19 14:33
	I called the fetchUserByUserName() function but still had trouble. I think what matters is that after I called the createGroup() and createUser() function, the database had no change.

suprsidr Joined: 2005-04-17 Posts: 6138	Posted: Mon, 2009-10-19 16:49
	You must call GalleryEmbed::done(); to commit your change. -s FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

luckyvega Joined: 2009-10-05 Posts: 8	Posted: Tue, 2009-10-20 02:02
	Failed again. Is there any successful example I can learn from? Just a simple login interface is enough, not some complex one like embedding to WordPress or Joomla.

suprsidr Joined: 2005-04-17 Posts: 6138	Posted: Tue, 2009-10-20 02:28
	excerpt from my bridge: function G2B_CreateG2User($GL_uid) { global $gallery,$_TABLES; if (!isset($gallery)) { G2B_G2_init(); } // Make sure we are don't already have an user with the same name $ret = GalleryEmbed::isExternalIdMapped($GL_uid, 'GalleryUser'); if (!($ret && ($ret->getErrorCode() & ERROR_MISSING_OBJECT))) { return; } $sql = "SELECT uid, username, fullname, passwd, email, language, UNIX_TIMESTAMP( regdate ) AS registration_ts FROM {$_TABLES['users']} WHERE uid ='{$GL_uid}' LIMIT 1"; $result = DB_query($sql); $row = DB_fetchArray($result); $args['fullname'] = $row['fullname']; $args['username'] = $row['username']; $args['hashedpassword'] = $row['passwd']; $args['hashmethod'] = 'md5'; $args['email'] = $row['email']; $args['creationtimestamp'] = $row['registration_ts']; $args['language'] = G2B_MapLanguage($row['language']); $ret = GalleryEmbed::createUser($GL_uid, $args); if (!$ret) { COM_errorLog("GalleryEmbed::createUser for userId ".$GL_uid); } if (($ret) && ($ret->getErrorCode() & ERROR_COLLISION)) { GL_addExternalIdMap($GL_uid); COM_errorLog("ERROR_COLLISION, added external ID to map for userId ".$GL_uid); return false; } GalleryEmbed::done(); return true; } function GL_addExternalIdMap($GL_uid) { global $gallery,$_TABLES; // Fetch username based on $GL_uid $sql = "SELECT username FROM {$_TABLES['users']} WHERE uid ='{$GL_uid}' LIMIT 1"; $result = DB_query($sql); $A = DB_fetchArray($result); list($ret, $user) = GalleryCoreApi::fetchUserByUserName($A['username']); if($ret){ COM_errorLog('Failed to fetchUserByUserName for GL usename ['.$A['username'].']'); COM_errorLog(' Here is the error message from G2:'); COM_errorLog($ret->getAsText()); return false; } $ret = GalleryEmbed::addExternalIdMapEntry($GL_uid, $user->getId(), 'GalleryUser'); if ($ret) { COM_errorLog('Failed to add externalIdMap for GL usename ['.$A['username'].']'); COM_errorLog(' Here is the error message from G2:'); COM_errorLog($ret->getAsText()); return false; } GalleryEmbed::done(); return true; } // Add user to Gallery Admin Group function G2B_addUserToGroup($GL_uid) { global $gallery; list($ret, $user) = GalleryCoreApi::loadEntityByExternalId($GL_uid, 'GalleryUser'); if ($ret) { COM_errorLog('Failed to loadEntityByExternalId for GL uid ['.$GL_uid.']', 1); } else { COM_errorLog('retrieved user from G2 '.$user->getUsername(), 1); } $ret = GalleryCoreApi::addUserToGroup($user->getId(), 3); //G2 admin groupid is 3 if ($ret) { COM_errorLog('Failed to add user to admin group for GL uid ['.$GL_uid.']', 1); COM_errorLog(' Here is the error message from G2:', 1); COM_errorLog($ret->getAsText(), 1); return false; } else { COM_errorLog('added user with a G2 id of '.$user->getId().' to admin group 3', 1); } GalleryEmbed::done(); return true; } -s FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

What's Wrong with My Code?

XUser login