Rowan Collins wrote:
Well, one thing that occurs to me that you could do a little bit better/simpler is to just generate the appropriate login cookies, rather than actually posting the login forms for both. The only thing I'm not sure about there, though, is how PHP sessions work, and whether you'd need to actually process those "properly", rather than
Bowsing both MediaWiki's code (nice) and phpBB's code (incredibly messy) it looks like the easiest option is to just hack the phpBB code and add the user to the the MediaWiki database when the account is created for phpBB. It seems like this is the least intruisive as doing it the other way around takes more work (phpBB has a zillion of user preferences). The generation of session vars / cookies etc seems all a bit risky to me - and I'm building a site which will be used by many people.
People will have to physicaly log in twice - but aw well...
Is there an easy way of preventing people to create logins in MediaWiki?
The other thing worth mentioning, in terms of longer term planning on this topic, is that a "single login" system for multiple instances of MediaWiki should be coming at some point. The exact details have yet to be finalised, due to the problems of migrating the huge number of existing users on all the Wikimedia projects (several hundred different wikis, once you've counted every language version of each project); but, eventually, it will probably lead to a user management architecture that would be more amenable to this kind of hack.
Good to know MediaWiki is going towards a more generalized login system (phpBB should too, I have about 5000 different phpBB logins), but I kind of need it now.
Thanks for making my brain work! If anyone has a better and clean idea on how to go about this - let me know.
- bram
PS: yes, I know this will generate a mess if accounts are deleted and things like that, but... oh well :-)