alixandru / q2a-open-login Goto Github PK

Hello, thanks for your wonderful plugin, works right away. However I was stupid enough to disable regular login form without linking the admin account with some external account. Is there a way to re-enable regular login, e.g. by changing something in the database directly? Thanks for hints.

I had the previous v2.1.1 installed on my qa 1.63. which was working for my linkedin login, but today that I replaced that copy(v2.1.1) with this v3.0 then asked me to " The Open Login Configuration page module requires some database initialization. "
The I clicked on the link which took me to another page with a button which reads "initialize database".
Clicking on that button geneated the page no found error!
with this GET content:
http://busylazy.com/%3Cbr%20/%3E%3Cb%3EWarning%3C/b%3E:%20%20session_start%28%29%20%5B%3Ca%20href=%27function.session-start%27%3Efunction.session-start%3C/a%3E%5D:%20Cannot%20send%20session%20cache%20limiter%20-%20headers%20already%20sent%20%28output%20started%20at%20/home/appsdepo/public_html/busylazy.com/qa-include/qa-install.php:50%29%20in%20%3Cb%3E/home/appsdepo/public_html/busylazy.com/qa-include/qa-app-users.php%3C/b%3E%20on%20line%20%3Cb%3E150%3C/b%3E%3Cbr%20/%3E./index.php?qa=install

hi there,

I'm using q2a at my sites that working on subdomains like...

http://yemek.neyapmali.org
or
http://bitcoin.neyapmali.org

even I enable facebook and google there is no link for registering or login...
I'm using q2a 1.6.2 and also I tried development branch...

Suppose a user loggeed in via google + to yourDomain.com (this will log the user to his gmail account too)
but logging out from yourDomain.com will not log him out from his gmail account.

So if he logs in to yourDomain and then logs out from yourDomain he has just exposed his gmail account and made it available to other users of that browser

[I noticed the above issue with previous version, have not been able to test it with v3 though]
Please test it with both google+ and gmail

Will this plugin be maintained? None of the branches (master, development) work with the latest version of Question 2 Answers.

Env: Ubuntu 13, LAMP, Q2A 1.6.2
Plugin: v3.0.0 (dev)

All Yahoo logins are assigned the same identifier: https://open.login.yahooapis.com/openid20/user_profile/xrds
Impossible to create new accounts using Yahoo.

just like:

I'm having difficulties getting the Yahoo Callback to work. This only happens the first time authenticating a user. Every time after that it works properly.

After the first authentication, it is redirecting the user to: http://mysite.com/login?login=yahoo
This page is just blank with no content. Manually going to the home page after this, the user is not logged in. If they then click the Yahoo login button again, this time they are logged in and redirected back to the home page.

I cannot find any additional settings for changing the Yahoo callback URL to be: http://mysite.com/?hauth.done=Yahoo

Thank you for the great work !

I have lately installed the open plugin on my q2a site using twitter oauth and have found that the Api do not retreive all user data, namely, user location and short bio.

warmest regards.

I keep getting this error every now and then:

Fatal error: Call to undefined function qa_open_login_get_new_source() in /home/content/55/11349255/html/qa-include/qa-base.php(510) : eval()'d code on line 83

url at the address bar is:

http://www.mysite.com/facebook-login?to=http%3A%2F%2Fwww.mysite.com%2F

Registering one account on a Q2A site with q2a-open-login will create multiple rows in the qa_users table

To be implemented in the layer

The link that the plugin adds ("My logins") to the "My Account" subnavi works only if I have the default q2a subnavi links.
If I add some links with the Subnavi Maker plugin (http://askive.cmsbox.jp/docs-plugin-subnavi-maker), there are some conflicts (the added links disappear when I click on the "My logins" link).
So I would like that the plugin would not add the "My Logins" link, because I can add it manually with the Subnavi Maker plugin (so I do not have any conflicts).
How can I disable it ?
I've commented from line 38 ( https://github.com/alixandru/q2a-open-login/blob/v2.0.2/qa-open-layer.php#L38 ) to line 46 (https://github.com/alixandru/q2a-open-login/blob/v2.0.2/qa-open-layer.php#L46) of the qa-open-layer.php, v 2.0.2.

It seems to work.
Is it ok or are there any side-effects ?

Why not introducing an option in the Open-login admin panel to enable/disable the "add subnavi link" feature ? :-)

I'm experiencing the following issue (not systematic, I've not yet understood how to reproduce it).
After the authentication, I'm redirected to a completely blank page. This is the URL :

http://www.question2answer.com/?hauth.done=Facebook&code=xxxxxx&state=yyyy

On my webserver access log :
"GET /?hauth.done=Facebook&code=xxxxxx&state=yyyy HTTP/1.1" 302 451 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36"

I've seen a similar issue here with hybridauth :
https://groups.google.com/forum/#!msg/hybridauth/cFoktH9oCZ4/TaAzrvZVHeUJ

The last post suggests to set : "display" => 'popup'

Is this a known issue ?

Which is the best way to have a FB login popup window (vs a "page" login approach) on q2a and use this display parameter with 'popup' value ?
(that is, do I have to modify the open-login plugin code ?)

or do you suggest another solution ?

I would submit a pull request for this but I cannot get even the current version of q2a-open-login to work, so I don't want to be responsible for breaking it for everyone else :-)

Specifically, my current problem is that I can login to an existing account but I cannot create a new account with q2a-open-login. However, when updating to a new version of hybridauth I am not even able to login with my existing account.

I am logged in as admin and the My logins tab offers to connect with other OpenID logins, but there is no link or explanation.

Log in using an OpenID provider to connect your current profile with other accounts.

migrated from q2a/question2answer#85

how do i get skills from linkedin user which are resister with linkedin.

If I create a new user via an external provider the qa_users.email field is left blank. This appears to prevent the user logging in using the regular email/password option.

Manually setting the email field allows the user to login using both options with, apparently, no side-effects.

Have I missed something?

I am trying to use the userUpdateStatus function of Hybridauth to post a tweet on behalf of a user. Unfortunatly when setting twitter app permission to read & write ( instead of read only), the app do no longer call back the Q2A website.

Thank you very much !

Users are complaining that session is not kept, and they need to click on login again every time they visit the q2a site back.

Once they click login, they success to have their session restored immedialtly, as they are already login and authorised the app previously.

This behaviour is new, once switched from facebook login default plugin to open login plugin.

In addition to checking if the emails coming from the external login providers are confirmed, the plugin should also make sure that the email from q2a account is verified (check the flags).

This should be at least in

Hi, any way to change the layout from open login section in the user profile?, this my user profile, i like that open login section no change the menu position or disappear the user avatar.

My profile layout: Imgur

Im having troubles with pretty much all the providers. Facebook login button isn't working, and then on the register page the facebook button doesn't work, yet the facebook link does work. Google when returning, just gives a 404 error. Oh and facebook was giving a function missing error also Im not sure why it is not anymore. Anyways I just wanted to check with you before I dive into the code too much :)

I did not know where to ask this, so i posted my question here. My apologies in advance. The question
I would like to disable fb loogin based on some condition. For example if the IP address of the user was 45.170.135.24 disable FB login otherwise leave it enabled. ( I already know how to read the IP etc, so checking if the condition is met is not an issue, disabling fb login in my code is whati dont know)
I am doing this because in some countries the fb is blocked an if i dont disable the fb login completely the entire website will be blocked. However if i disable the fb login from admin then visitors from other countries can not take advantage of fb login.
I looked into the php source but couldn't find out where I should modify the code.

Thank you in advance

Hi
i am facing problem with following plug in
https://github.com/alixandru/q2a-open-login

at my site http://ask.xtremedevelop.com/
after integrating i am able to login with facebook, google and yahoo, but even after l successful login, neither it shows logout button nor the member name
how ever it is working properly with Github and default login

hi, I made some small changes to make this plugin compatible with Q2A 1.6
commit:
https://github.com/Towhidn/q2a-open-login/commit/c26b60c6364a69a5adbc2f2549d4001f2892f4d5
git:
https://github.com/Towhidn/q2a-open-login/

thanks for your work :)

I do not see a button, but I see a text link :

I have checked "Don't inline CSS. I included the styles in my theme's CSS file", and copied the contents of the file qa-open-login.css into the file qa-styles.css of my current theme (Snow theme).
The file (qa-styles.css) is loaded at runtime, and I can see the new content also.
I have checked "Show Facebook button in the header".
I have checked "Enable Facebook".
What did I do wrong ?

ps
if I do not check "Don't inline CSS. I included the styles in my theme's CSS file" AND I check "Use Zocial buttons" I can see the button.
I use the v2.0.2, with q2a 1.6.2 (downloaded from the development branch - but also with the master there is the same behaviour)

Hi Alixandru,
After using open-login-master for a while, facebook logins stopped working, error log shows "CSRF state token does not match one provided" error. I have seen same issue discussed here : http://stackoverflow.com/questions/22424409/facebook-sso-state-check-csrf-state-token-does-not-match-one-provided. Please is the solution mentionned on stackoverflow worth trying on q2a-open-login.

Thank you !

Live no longer allows query parameters as part of its redirect_uri which means all authentication against new Live Applications fail.

I am seeing invalid_client error from Google when trying to login with Google client to Question2Answer:

When I login with my Google Account to our question2answer site, my displayName shows up at "Baker Jeremy". I believe this is caused by line 121 of https://github.com/hybridauth/hybridauth/blob/master/hybridauth/Hybrid/Provider_Model_OpenID.php#L121

if( ! $this->user->profile->displayName ) {
  $this->user->profile->displayName = trim( $this->user->profile->lastName . " " . $this->user->profile->firstName );
}

This is an issue with HybridAuth, but I figured I would post it here so that:

• people could find it easier
• the hybrid auth code could be updated in this repo

1. Provide documentation about how to acquire API keys in plugin options(all are listed in 'Supported Providers' column in http://hybridauth.sourceforge.net/userguide.html but most users cant find it)
2. 'Windows live' zocial login & logout button is not correctly styled. it should have 'windows' class instead of 'live'. adding this code in 'qa-open-login.php' in 'printCode()' function after getting '$showInHeader' value can solve the problem.
   if ($key=="live") $key="windows";
3. while logging with Google it stops at "mysite.com/?provider=Google&code=404" without logging in. is this because of "callback URL"? how can I solve this?

thanks & best regard.

When setting Google App ID: and Google App Secret: instruction is given

For information on how to setup your application with Google see the Registering application section from http://hybridauth.sourceforge.net/userguide/IDProvider_info_Google.html.

On this page, the generic advice is given:

1. Provide this URL as the Callback URL for your application: http://mywebsite.com/path_to_hybridauth/?hauth.done=Google

Please provide more information that I will need when filling out this page:

Firstable, thank you for the greta

I have read on twitter dev documentation that twitter don't provide access to their users emails. Api clients should rather ask users for it. Since email is very important in Q2A. Have you planned to add this feature ( asking users to input their emails after twitter signup) to q2a-open-plugin ?

Thank you in advance

If the q2a site is created in a directory other than the web root, the style for .open-login-button of background: url(/qa-plugin/open-login/loginsprites.png) no-repeat; does not point to loginsprites.png.

If you install the qa in a subforlder (e.g. yourDomain.com/qa) the icons of the social networks (facebook login icon, linkedin login icon etc) will not be displayed, only the hyperlinks will be there

After a user has created an account, there doesn't seem to be a way to connect with other login providers.

It appears that this is what the My Logins page is intended for. It says:

No other connected accounts for your profile

followed by

Log in using an OpenID provider to connect your current profile with other accounts.

But no login providers are shown. It doesn't matter how many providers are enabled and whether the user initially came through a provider or registered directly.

Say the Admin, for example, has last loggedin using his regular email account and now he has hidden the regular login , and for same reason he cannot log in via yourDomain.com/login, what is he supposed to do now?
IMO, would work better to give two separate options to the admin
1- Disable regular register
2- hide regular login

-This way if the admin only checks no1, then the users who already registered via regular login can continue to login, but new users have to register via social logins.

No2 only hides the login text boxes from front page, therefor the admin can still login via yourDomain.com/login.
So If the admin selects both 1 and 2, he can still be fine.
(if you argue same way regular users can login in too, i would say only the ones already logged in and dont want ofcourse to be kicked out after we use your plugin)
Also:
Say at the begging of the launch of website the only user is admin, he select both, this way no new regular user will register, let alone logs in.

When I want to connect an account to an existing one, the following message is displayed :

*The selected logins will be associated with your current profile and their initial profiles will be permanently deleted. Reputation points belonging to these profiles will not be migrated, and previous activity will be marked as annonymous.*

Why do I loose the points, the profile, and everything belonging to the first account ?
Isn't it possible to merge the 2 accounts instead of deleting the first one ? (making his posts as "anonymous" ....)
Isn't it possible to update some qa_tables using the first userid in order to mantain his own data ?
Or is there any issue that I do not see ?
I think it's not correct to delete the first user's data when he just want to have a second way of logging into q2a. It should be possible to mantain his data.
If it's an enhancement request, I vote for it ! :-)

Could you please add in the documentation (in the instructions for the setup of the App ID and App Secret of the provider) a little info about the callback URL for this plugin. I used Google a little bit and it appears this is the right format of the callback url: http://domain.com/qa-plugins/open-login/Hybrid/Auth.php?hauth.done=Twitter
but it wouldn't hurt to mention that in the settings page.

you are invited to bitbucket
please see bitbucket.org/q2a

I see that the email is lost when I want to share a unique q2a account logging in with 2 social account having the same email.
I think the email should be kept.
I can notice this behaviour with the following steps.
On the qa_users table there are no records with email=[email protected].
When I register/login with my first account (e.g. : linkedin account, email : [email protected]), the fields in the qa_users table are correctly populated (userid=123, email=[email protected], oemail=[email protected]).
Also in the qa_userlogins table I think that everythink is ok. There is one row with userid=123, and source=linkedin, oemail=[email protected].

When I login with my second account (e.g. google account, email : [email protected]), I have the notice : "Confirm the connected accounts".
I check the option to connect to my previous Linkedin account (I want to share the profile), and click on the button "Connect selected account".
The userid = 123 has been deleted from the qa_users table and a new userid (the connected one) has been created : userid=124.
The qa_userlogins table has now 2 rows, both with userid=124, and oemail field (=[email protected]) : ok, correct.
But in the qa_users table the email field is '"" (empty string) (while oemail is correctly = [email protected]). I think that this is not correct.
It should be email=[email protected] also in the qa_users table, should't it ?
If I connect again with linkedin, my email has been lost.....

(there is the same behaviour if I register first the google account and then the linkedin account...)

I installed your wonderful plugin, and when I add my Facebook app information, enable Google and click save, the following warning displays at the top of my admin site in q2a and the Login button does not use these services, only Facebook is visible.

Warning: file_put_contents(/var/www/q2a/qa-plugin/q2a-open-login-master/providers.php): failed to open stream: Permission denied in /var/www/q2a/qa-plugin/q2a-open-login-master/qa-open-page-logins.php on line 424

how can I fix this?

thanks,
Chris

When using q2a-open-login, I would like to hide and disable the normal email/password login.

I am sorry if this post is the wrong place, also posted to q2a/question2answer#88

Hi,
I've followed the instructions and successfully installed this plugin, but when I clicked the "Login using Google" link, I get a start page, with URL pointing to: /index.php?qa=questions&provider=Google&code=404

I installed this plugin using:
git clone git://github.com/alixandru/q2a-open-login.git open-login
into qa-plugin/ directory and then initialized the database (all successful).

What could be the issue here?

Thanks in advance,
Mladen.

I've managed to setup the FB login but... I cannot logout :)
I've tried to follow the logout phase and I see that, in case of Google, it simply directs to ./logout, which in turn will call qa_set_logged_in_user(null); and the cookie/session data get destroyed.
In case of FB it redirects to the FB logout page, then the return url is simply the root site.

1 - Why does it try to logout from FB? I think it should simply log me out from the site, not from FB globally
2 - I've tried to forse the next url to ./logout, but nothing happens, the cookie is still around.
3 - Inside qa-open-login-facebook.php I see the function "do_logout" which is never called...

Does it work for you?

User login works perfect.
If i logout i get redirected to http://www.lategamers.com/facebook-login?to=http%3A%2F%2Fwww.lategamers.com%2F (a blank page) . This redirection only works in google chrome.

On IE, SAFARI, FIREFOX i can't logout. (it does nothing).

Only the facebook login doesn't work, the normal login works perfect.

I'm using the latest QA version.

Thankyou