Wow ...
I am the developer who originally created this module for Drupal. I had no idea there was so much interest in integrating these two products. After some time away from this project, I think I am ready to step back up and move forward. I would of fessed up sooner, if I knew that people where actually interested.
So here is the deal people ... I have quite a bit of experience with both Mantis and Drupal. I am intimitaly faimilar with the source code for both of these projects. I am going to take another crack at this ... but this time I am going to integrate a mantis API and use Drupal for presentation.... this is going to be a big project but the results will definitely worth the resources. So if there is a group of people who are serious about seeing this integration happen, and are willing to sponsor this work, please contact me and we will see if we can get this rolling again. If you choose to work with me, I do insist on there being some sort of mutual respect.
Thanks,
Trevor Mckeown
The only author of bugbits ....
Drupal Integration - any ideas ?
Moderators: Developer, Contributor
Re: Drupal Integration - any ideas ?
Hi NT,NT wrote:Hi naeemp
I have mantis installed in a separate folder in my website Document root, so I have folders /var/www/html/mantis and /var/www/html/drupal and access them with http://mysite/mantis and http://mysite/drupal.
If you have drupal installed in your document root, still install mantis in a subfolder of the document root, ie accessing drupal as http://yoursite/ and mantis as http://yoursite/mantis.
Get mantis working with the userids that you require before changing anything. So if you require drupal user fred to use mantis, you will need to create a fred user in mantis.
My index.php (in my case /var/www/html/mantis/index.php) is :-
- Once everything is working make copies of index.php and login_page.php (just in case...)
- Copy drupal.php to the mantis core subdirectory (remembering to change the settings in function drupal_find_username to match your drupal installation.
- make the changes to index.php and login_page.php (do not change any of your drupal files).
- login to your drupal site
- visit your mantis front page.
My login_page.php (in my case /var/www/html/mantis/login_page.php) is :-Code: Select all
<?php # Mantis - a php based bugtracking system # Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org # Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev@lists.sourceforge.net # Mantis is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # Mantis is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: index.php,v 1.16.2.1 2007-10-13 22:33:15 giallu Exp $ # -------------------------------------------------------- require_once( 'core/drupal.php' ); $t_drupal_user = drupal_find_username(); require_once( 'core.php' ); if ( $t_drupal_user && drupal_login($t_drupal_user) ) { print_header_redirect( config_get( 'default_home_page' ) ); } if ( auth_is_user_authenticated() ) { print_header_redirect( config_get( 'default_home_page' ) ); } else { print_header_redirect( 'login_page.php' ); } ?>Code: Select all
<?php # Mantis - a php based bugtracking system # Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org # Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev@lists.sourceforge.net # Mantis is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # Mantis is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: login_page.php,v 1.57.2.1 2007-10-13 22:33:19 giallu Exp $ # -------------------------------------------------------- # Login page POSTs results to login.php # Check to see if the user is already logged in require_once( 'core/drupal.php' ); $t_drupal_user = drupal_find_username(); require_once( 'core.php' ); if ( $t_drupal_user && drupal_login($t_drupal_user) ) { print_header_redirect( config_get( 'default_home_page' ) ); } if ( auth_is_user_authenticated() && !current_user_is_anonymous() ) { print_header_redirect( config_get( 'default_home_page' ) ); } $f_error = gpc_get_bool( 'error' ); $f_cookie_error = gpc_get_bool( 'cookie_error' ); $f_return = gpc_get_string( 'return', '' ); # Check for HTTP_AUTH. HTTP_AUTH is handled in login.php if ( HTTP_AUTH == config_get( 'login_method' ) ) { $t_uri = "login.php"; if ( !$f_return && ON == config_get( 'allow_anonymous_login' ) ) { $t_uri = "login_anon.php"; } if ( $f_return ) { $t_uri .= "?return=" . urlencode( $f_return ); } print_header_redirect( $t_uri ); exit; } html_page_top1(); html_page_top2a(); echo '<br /><div align="center">'; # Display short greeting message # echo lang_get( 'login_page_info' ) . '<br />'; # Only echo error message if error variable is set if ( $f_error ) { echo '<font color="red">' . lang_get( 'login_error' ) . '</font>'; } if ( $f_cookie_error ) { echo lang_get( 'login_cookies_disabled' ) . '<br />'; } echo '</div>'; ?> <!-- Login Form BEGIN --> <br /> <div align="center"> <form name="login_form" method="post" action="login.php"> <table class="width50" cellspacing="1"> <tr> <td class="form-title"> <?php if ( !is_blank( $f_return ) ) { ?> <input type="hidden" name="return" value="<?php echo string_html_specialchars( $f_return ) ?>" /> <?php } echo lang_get( 'login_title' ) ?> </td> <td class="right"> <?php if ( ON == config_get( 'allow_anonymous_login' ) ) { print_bracket_link( 'login_anon.php', lang_get( 'login_anonymously' ) ); } ?> </td> </tr> <tr class="row-1"> <td class="category" width="25%"> <?php echo lang_get( 'username' ) ?> </td> <td width="75%"> <input type="text" name="username" size="32" maxlength="32" /> </td> </tr> <tr class="row-2"> <td class="category"> <?php echo lang_get( 'password' ) ?> </td> <td> <input type="password" name="password" size="16" maxlength="32" /> </td> </tr> <tr class="row-1"> <td class="category"> <?php echo lang_get( 'save_login' ) ?> </td> <td> <input type="checkbox" name="perm_login" /> </td> </tr> <tr> <td class="center" colspan="2"> <input type="submit" class="button" value="<?php echo lang_get( 'login_button' ) ?>" /> </td> </tr> </table> </form> </div> <?php PRINT '<br /><div align="center">'; print_signup_link(); PRINT ' '; print_lost_password_link(); PRINT '</div>'; # # Do some checks to warn administrators of possible security holes. # Since this is considered part of the admin-checks, the strings are not translated. # # Warning, if plain passwords are selected if ( config_get( 'login_method' ) === PLAIN ) { echo '<div class="warning" align="center">'; echo '<p><font color="red"><strong>WARNING:</strong> Plain password authentication is used, this will expose your passwords to administrators.</font></p>'; echo '</div>'; } # Generate a warning if administrator/root is valid. $t_admin_user_id = user_get_id_by_name( 'administrator' ); if ( $t_admin_user_id !== false ) { if ( user_is_enabled( $t_admin_user_id ) && auth_does_password_match( $t_admin_user_id, 'root' ) ) { echo '<div class="warning" align="center">'; echo '<p><font color="red"><strong>WARNING:</strong> You should disable the default "administrator" account or change its password.</font></p>'; echo '</div>'; } } # Check if the admin directory is available and is readable. $t_admin_dir = dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'admin' . DIRECTORY_SEPARATOR; if ( is_dir( $t_admin_dir ) && is_readable( $t_admin_dir ) ) { echo '<div class="warning" align="center">', "\n"; echo '<p><font color="red"><strong>WARNING:</strong> Admin directory should be removed.</font></p>', "\n"; echo '</div>', "\n"; # since admin directory and db_upgrade lists are available check for missing db upgrades # Check for db upgrade for versions < 1.0.0 using old upgrader $t_db_version = config_get( 'database_version' , 0 ); # if db version is 0, we haven't moved to new installer. if ( $t_db_version == 0 ) { if ( db_table_exists( config_get( 'mantis_upgrade_table' ) ) ) { $query = "SELECT COUNT(*) from " . config_get( 'mantis_upgrade_table' ) . ";"; $result = db_query( $query ); if ( db_num_rows( $result ) < 1 ) { $t_upgrade_count = 0; } else { $t_upgrade_count = (int)db_result( $result ); } } else { $t_upgrade_count = 0; } if ( $t_upgrade_count > 0 ) { # table exists, check for number of updates if ( file_exists( 'admin/upgrade_inc.php' ) ) { require_once( 'admin/upgrade_inc.php' ); $t_upgrades_reqd = $upgrade_set->count_items(); } else { // can't find upgrade file, assume system is up to date $t_upgrades_reqd = $t_upgrade_count; } } else { $t_upgrades_reqd = 1000; # arbitrarily large number to force an upgrade } if ( ( $t_upgrade_count != $t_upgrades_reqd ) && ( $t_upgrade_count != ( $t_upgrades_reqd + 10 ) ) ) { # there are 10 optional data escaping fixes that may be present echo '<div class="warning" align="center">'; echo '<p><font color="red"><strong>WARNING:</strong> The database structure may be out of date. Please upgrade <a href="admin/upgrade.php">here</a> before logging in.</font></p>'; echo '</div>'; } } # Check for db upgrade for versions > 1.0.0 using new installer and schema require_once( 'admin/schema.php' ); $t_upgrades_reqd = sizeof( $upgrade ) - 1; if ( ( 0 < $t_db_version ) && ( $t_db_version != $t_upgrades_reqd ) ) { if ( $t_db_version < $t_upgrades_reqd ) { echo '<div class="warning" align="center">'; echo '<p><font color="red"><strong>WARNING:</strong> The database structure may be out of date. Please upgrade <a href="admin/install.php">here</a> before logging in.</font></p>'; echo '</div>'; } else { echo '<div class="warning" align="center">'; echo '<p><font color="red"><strong>WARNING:</strong> The database structure is more up-to-date than the code installed. Please upgrade the code.</font></p>'; echo '</div>'; } } } ?> <!-- Autofocus JS --> <?php if ( ON == config_get( 'use_javascript' ) ) { ?> <script type="text/javascript" language="JavaScript"> <!-- window.document.login_form.username.focus(); // --> </script> <?php } ?> <?php html_page_bottom1a( __FILE__ ) ?>
I think I have finally been able to integrate Mantis with Drupal. That is now it uses the same drupal login to mantis as well.
Your suggestions above proved quite helpful.
When a user registers on drupal I make necessary entries in the mantis user table as well with the required access level. Also when user logs out of the drupal site I terminate the mantis login as well.
It still has some issues on carrying the session from Drupal to Mantis. I am still testing it.
The drupal.php where the function drupal_find_username was written required few changes. Let know if they are correct.
1. Where is the below cookie part of the code used, I have presently commented it
Code: Select all
if ( !isset( $_COOKIE[$t_cookie_name] ) ) {
#error_log("drupal cookie ($t_cookie_name) not found" );
return false;
}
Code: Select all
$t_sql = "SELECT u.name FROM " . $t_drupal_db_prefix . "users u INNER JOIN " . $t_drupal_db_prefix . "sessions s ON u.uid = s.uid";
// $t_result = $t_db->Execute( $t_sql, array( $_COOKIE[$t_cookie_name] ) );
$t_result = mysql_query($t_sql);
/*if ( $t_result === false ) {
#error_log("drupal fetch record failed" );
return false;
}*/
$t_row = mysql_fetch_array($t_result);
/*if ( !$t_row ) {
#error_log("drupal no session record found on database" );
return false;
}*/
Code: Select all
# set the cookies
auth_set_cookies( $t_user_id, false );
// auth_set_tokens( $t_user_id );
return true;
Code: Select all
$t_sql = "SELECT u.name FROM " . $t_drupal_db_prefix . "users u INNER JOIN " . $t_drupal_db_prefix . "sessions s ON u.uid = s.uid WHERE s.sid = ?";
Re: Drupal Integration - any ideas ?
Hi naeemp
I'm pleased that you found my post useful.
In answer to your questions.
1) Not all of my Mantis users have Drupal accounts, so this code checks if the user is logged into Drupal. If not then I want the normal Mantis authentication process to be used.
2) This code was to fetch the Drupal username from the session identifier stored in the cookie. I think that your changes will fetch the first username it finds in the Drupal database.
The 'WHERE s.sid = ?"' part of the query matches the value stored by drupal in the cookie to identify the user.
This value is supplied by the '$t_db->Execute( $t_sql, array( $_COOKIE[$t_cookie_name] ) );' statement which in effect replaces the '?' with the value of the cookie (after escaping its value to stop sql injection attacks).
3) The auth_set_tokens has been copied from the standard mantis login code.
If you are having problems, then my error_log statements that I used to debug my code have been left in (commented out).
NT
I'm pleased that you found my post useful.
In answer to your questions.
1) Not all of my Mantis users have Drupal accounts, so this code checks if the user is logged into Drupal. If not then I want the normal Mantis authentication process to be used.
2) This code was to fetch the Drupal username from the session identifier stored in the cookie. I think that your changes will fetch the first username it finds in the Drupal database.
The 'WHERE s.sid = ?"' part of the query matches the value stored by drupal in the cookie to identify the user.
This value is supplied by the '$t_db->Execute( $t_sql, array( $_COOKIE[$t_cookie_name] ) );' statement which in effect replaces the '?' with the value of the cookie (after escaping its value to stop sql injection attacks).
3) The auth_set_tokens has been copied from the standard mantis login code.
If you are having problems, then my error_log statements that I used to debug my code have been left in (commented out).
NT
Re: Drupal Integration - any ideas ?
People looking for a simple single signon can use my module for Drupal.
can be found at www.nuy.info/downloads.
Since I like mantis a lot,i have made quite a lot of those for various cms'ses.
cas
can be found at www.nuy.info/downloads.
Since I like mantis a lot,i have made quite a lot of those for various cms'ses.
cas
Re: Drupal Integration - any ideas ?
I Love This Site
enjoy your stay!
congratulations!!
Yes good point.
enjoy your stay!
congratulations!!
Yes good point.
-
shadowhitman
- Posts: 1
- Joined: 01 Sep 2008, 07:24
Re: Drupal Integration - any ideas ?
Dear NT,
Thanks for wonderful post, really helps me.
I tried this in my server where drupal and mantis are in the different folder,just like your example,
and it is working very well.
However when I tried in other server to install mantis as a folder inside drupal, it doesn't work.
I got this error in the error log.
Please Advise.
Thank you very much
Thanks for wonderful post, really helps me.
I tried this in my server where drupal and mantis are in the different folder,just like your example,
and it is working very well.
However when I tried in other server to install mantis as a folder inside drupal, it doesn't work.
I got this error in the error log.
Following are my config in drupal.php[client 127.0.0.1] drupal cookie (SESSf3bfeb3387c38d7a557be4d864d67f39) not found
Code: Select all
$t_drupal_cookie_domain = '';
$t_drupal_url_path = ''; # for a drupal path of http://myhost/testsite6
$t_drupal_db_type = 'mysql';
$t_drupal_db_host = 'localhost';
$t_drupal_db_userid = 'root';
$t_drupal_db_password = '';
$t_drupal_db_database = '***intranet';
$t_drupal_db_prefix = '***intra_';
Thank you very much
Re: Drupal Integration - any ideas ?
Hi shadowhitman
Could you you changing the following code in drupal.php
from
to
I have not been able to test this fully, but this will get past the error that you are getting.
Thanks
NT
Could you you changing the following code in drupal.php
from
Code: Select all
# get the cookie that drupal uses for authentication
if ( $t_drupal_cookie_domain != '' ) {
$t_cookie_name = $t_drupal_cookie_domain;
} else {
$t_path = $_SERVER['SERVER_NAME'] . '/' . $t_drupal_url_path;
$t_cookie_name = 'SESS'. md5( $t_path );
}
Code: Select all
# get the cookie that drupal uses for authentication
if ( $t_drupal_cookie_domain != '' ) {
$t_cookie_name = $t_drupal_cookie_domain;
} else {
if ($t_drupal_url_path == '') {
$t_path = $_SERVER['SERVER_NAME'];
} else {
$t_path = $_SERVER['SERVER_NAME'] . '/' . $t_drupal_url_path;
}
$t_cookie_name = 'SESS'. md5( $t_path );
}
Thanks
NT