Download: uLogin for IPB 3.3.x

[phpony]

File Name: uLogin for IPB 3.3.x

File Submitter: Rainbow Dash

File Submitted: 09 May 2012

File Category: Hooks and Plugins

3rd-party auth with a various social sites through famous Russian uLogin service: http://ulogin.ru/

Installing:
- upload "admin" folder to server;
- ACP > Tools & Settings > Log In Management > uLogin > Install;
- import hook file.

By installing this hook you aree with uLogin terms of serivce published here: http://ulogin.ru/rules.html

Note: uLogin is tracking some statictic from your site with their widget, so you should use it on your own risk!

No additional actions or registrations needed. The plugin will create a complete member's accounts with random passwords, and as long as this hook will be installed and enabled, will allow users to log-in thought 3rd-party services into their permanent accounts. But if you'll remove this hook - users will still be able to reset their password throughout "forgot password" form and gain full access of their accounts.

Don't remove this hook, if you're planning to continue it's usage later, or at least backup {prefix}ulogin table before deletion, cause otherwise you'll lost all connections between your members social accounts and forum profiles, and after reinstalling this hooks a blank new accounts will be created for them!

---

Авторизация через социальные сайты посредством сервиса uLogin: http://ulogin.ru/

Установка:
- загрузить папку admin на сервер,
- АЦ > Модули авторизации > uLogin > включить,
- импортировать хук.

Устанавливая данный хук, вы принимаете условия пользовательского соглашения, размещенные на странице: http://ulogin.ru/rules.html

Внимание! Достоверно известно, что uLogin собирает статистику о ваших посетителях через свой виджет. Используйте на свой страх и риск!

Больше ничего не требуется, сервис заработает сам. Принцип авторизации - на основании предоставляемых социалками данных пользователю создается полноценная учетная запись с рандомным паролем. В дальнейшем пользователь сможет либо снова авторизовываться через ту же социальную сеть, либо сменить/восстановить пароль через механизмы форума и входить напрямую.

Не удаляйте хук после установки "просто так", т.к. это удалит таблицу привязок аккаунтов к социальным сервисам, и после переустановки пользователи будут создавать новые аккаунты, а не входить под старыми!

Click here to download this file

[Aussie Cable]

Unfortunately I have had to uninstall this mod due to my server being too far away from the uLogin server, and it takes 6 seconds to fully load (that's 6 seconds onto my load-time of around ~ 1 second).

Shame really, I like the idea of multiple AIO login authentication method.

[wdport]

Hi!

Thanks a lot for great functionality!

Installed normally but doesn't work properly :sad:

Checked for Google and YouTube.

Plugin is working while communicating with uLogin side - it is asking some extra information but when starting to turn to forum page it gives an error 500 Internal Server Error.

from webserver log:

[Fri Oct 26 16:37:46 2012] [warn] [client ip] mod_fcgid: read data timeout in 40 seconds, referer: http://ulogin.ru/http.html?redirect_uri=http%3A%2F%2Fmydomain.com%2Findex.php%3Fapp%3Dcore%26module%3Dglobal%26section%3Dlogin%26do%3Dautologin&token=***&q=https%3A%2F%2Fulogin.ru%2Fdrop.html%3Fid%3D0%26redirect_uri%3Dhttp%253A%252F%252Fmydomain.com%252Findex.php%253Fapp%253Dcore%2526module%253Dglobal%2526section%253Dlogin%2526do%253Dautologin%26callback%3D%26providers%3Dtwitter%2Cgoogle%2Cyandex%2Clivejournal%2Copenid%2Clastfm%2Clinkedin%2Cliveid%2Csteam%2Cflickr%2Cvimeo%2Cyoutube%2Cwebmoney%26fields%3Dfirst_name%2Clast_name%2Cphoto%2Cemail%26optional%3D%26s%3D1351258700182%26protocol%3Dhttp%26host%3Dmydomain.com%26lang%3Den%26verify%3D

Table 'ulogin' is empty. In 'members' table also no new records. Only admin row created during install.

In accounts which were tried to login I see that uLogin application is connected (for example Google now is not asking for auth again).

One strange thing - browser is trying to get reply from counter.yadro.ru and seems that no luck.

Still could not login successfully yet.

[Zivaka]

А возможно ли как-то настроить социальные сети, через которые возможна авторизация, а также их порядок? Не смог подобного найти в настройках модуля, но вдруг все таки существует подобная функция :)

[wdport]

А возможно ли как-то настроить социальные сети, через которые возможна авторизация, а также их порядок? Не смог подобного найти в настройках модуля, но вдруг все таки существует подобная функция :smile:

В файле hooks/ulogin_top_***хеш***.php прописано формирование div id="uLogin_top" - увидишь список сервисов providers=... через запятую, просто отредактируй.

[wdport]

The issue mentioned above concerning nonworking uLogin is faked - outgoing connections were closed on hosting provider level. Now it is Ok.

[elnomio]

Прекрасно, оказывается, работает и на 3.4! Спасибо огромное! Весь день сегодня мозг ломал, пытаясь сотворить своими руками интеграцию с социалками.

[Sonya*]

This plugin allows creating multiple accounts with the same email. There should be a check like this to prevent duplicate emails:

$double = $this->DB->buildAndFetch(array(
    'select' => 'member_id',
    'from' => 'members',
    'where' => "email='" . $user['email'] . "'"
        )
);


if ($double['member_id']) {
    $this->registry->output->RedirectScreen( $this->lang->words['reg_error_email_taken'], $this->settings['base_url'] . 'app=core&module=global&section=lostpass');
}

[elnomio]

Hmmm. I couldn`t create another account with the same email since installed this app.

[Sonya*]

Hmmm. I couldn`t create another account with the same email since installed this app.

If you use the same social network then you cannot, but if you use the same email address, e. g. for Twitter, Facebook and Google, then you can create 3 different IPS accounts with each of this network. And these accounts will have the same email address.

[elnomio]

Not in my case so far) If I`ve logined by Vkontakte I can`t create account via my Facebook, Google and so on cause they have the same email. May be you can cause you set it up not by checking email?

[Sonya*]

May be you can cause you set it up not by checking email?

Where can I setup that it should check the mail? :unsure:

[Sonya*]

Sorry, I had used the official auth.php from ulogin.ru and not the customized one from this hook. My fault. It works as desired :D

[RPG-support]

Attention! This hook may harm your privacy.

The support topic was deleted from the Russian forum after I submitted information, so I will duplicate it here:

There is probably the privacy leak in this custom hook. I am using the Iron browser and have the 3d party iframe on my site after installing of this hook. I have sent questions to the hook author, ulogin site owner and the aidata.me owner but never got the reply. And the support topic was deleted from the Russian forum where the author had published this hook after I reported this information.

Tested in Iron browser for Windows, any logged in user, "uLogin for IPB 3.3.x" installed but not used for authentication, IP.Board 3.4.5.

Video: https://mega.co.nz/#!bZ5n0D7b!XmDZnUfgcP-YcgXMK2WI8m9r3mEfJSpK0dhzkTkN7Cs

Screen shots:

IP.Downloads 2.5.4

IP.Gallery 5.0.5

[Aiwa]

Ivan,

I'm afraid I'm unable to duplicate this issue. I've examined the source code for this modification and there is nothing in it that would attempt to load content into the editor.

I've also installed the hook and am not experiencing any 'extra' iframes being put into the editor. It would appear another hook or malicious code is causing this.

[RPG-support]

You should try Iron browser for windows. I think that this hook is uploading some uLogin php file. And then this file is causing some problem shown above. I can repeat this on the regular basis. I am not going to prove in other way I have already shown above.

[Aiwa]

I've re-tested after watching your video. I'm able to duplicate using Chrome.

The file has been unapproved temporarily while contacting the author for additional information / clarification.

[RPG-support]

Here is some similar or connected bug. As I could understand the uLogin company who provided the original code for this addon (the author of this IPB addon is using the uLogin original code) has changed the code on their server side to monetize their service. They are collecting infomation about site visitors in order to sell this information to the advertising companies.

In addition, uLogin is not responding to emails on their site.

Here, on this screen from ulogin official tweeter feed we can reed that they have done DMP and are collection information about visitors.

[phpony]

As much as I can see, the uLogin servie have added some tracking code to their authorisation backend. This have nothing to do with my hook, cause all it does is adding uLogin service to IP.Board using the API they provided. I'm neither owner, nor connected with uLogin in any way, and can't comment on why they did this, or is this safe or not to rely on this service. uLogin have "terms of service" on their site - http://ulogin.ru/rules.html - where they are stating the fact that they may collect statictic on usage. Installing this hook should probably mean acceptance of this policy. For clarify, and because of "shop.a108.net" insults, I think it will be a good solution to add this 2 statements into hook description:

- By installing this hook you aree with uLogin terms of serivce published here: http://ulogin.ru/rules.html

- Note: uLogin is tracking some statictic from your site with their widget, so you should use it on your own risk!

Actually, a lot of people are still using uLogin and not considering visitor tracking as something harmfull. And so I do. But in the end - it's up to you to decide - is it safe to let this hook be in IPS Marketplace, or not.

[RPG-support]

For clarify, and because of "shop.a108.net" insults, I think it will be a good solution to add this 2 statements into hook description:

Actually, this is your imagination and seeing yourself in others behavior that you think that there are insults in my reports here. Actually, this hook is ruining the comments fields of the IPS RTE editor and this is independently of your hook code. This ulogin system is not compatible with the IPS products. With your hook or withour it, it is simly not compatible.