tbenyon

You could try adding an error_log to the top of your functions.php file to see if we’re not getting to where we put the logs in the other file.

At that point, if you can’t see the log there’s not a lot I can do to help you as it’s really about your server configuration. You could ask your hosting provider for help locating the logs.

No worries @stikekar and thanks for getting back with more info. All sounds good to me.

The next route of debugging this issue is to look at the data coming back from your database and check that it is what you expect to see.

I’m going to ask you add some additional logging into the app.

IMPORTANT!!! This will log the personal information of the user that you are fetching information for. For this reason, you should do this with test data to ensure that your users’ information does not appear in your logs.

Please look for the following while loop at line 131 in the following path:
wp-content/plugins/external-login/plugin-files/login/db.php

Below is the same code with some additional log lines.

while( $userData = sqlsrv_fetch_array($stmt)) {
    error_log('EXLOG----------------------->>>> START');
    $user_specific_salt = false;

    if (exlog_get_option('external_login_option_db_salting_method') == 'all') {
        $user_specific_salt = $userData[$db_data["dbstructure_salt"]];
    }

    error_log('EXLOG----------------------->>>> 1');
    error_log(var_export($userData, true));
    $valid_credentials = exlog_validate_password($password, $userData[$db_data["dbstructure_password"]], $user_specific_salt);
    
    error_log('EXLOG----------------------->>>> 2');
    error_log(var_export($valid_credentials, true));
    if ($valid_credentials) {
        $wp_user_data = exlog_build_wp_user_data($db_data, $userData);
        $wp_user_data["exlog_authenticated"] = true;
        return $wp_user_data;
    }
    error_log('EXLOG----------------------->>>> END');
}

Please update the code to look like this and then come back to me with the answer to these questions:

• Did you see the logs messages appear in your logs?
• Does the hash in the logged data match the hash that is stored for your user with the updated password?

Thanks,

Tom

Hey Steve,

Locked myself out of WordPress so many times during development ☺️

I feel the pain!!! 😊

Yep! Lived in Burgess Hill forever. I’ve got so much family here I can’t leave …and the last couple of weeks has given another factor keeping me locked here ☺️

Thank you for generosity! Genuinely made my day. 😊 I’m actually going to use it for a Beer52 order.😊

If you have any further issues please don’t hesitate to get in contact.

Stay safe 😊

Tom

Hey @gonzosdrummer,

The plugin will always try and find the user on the external system first. If they can be found, they are validated and because you disabled them they would no longer be authenticated.

However, if the user is not found, or if the connection to the external data fails, the plugin will fall back to login users with the WordPress database (at which point they would be validated). You can however disable falling back to local login. There is a check box for this.

If you have any further issues or questions please get back to me 😊

If it all works I’d be grateful if you could write a review or even buy me a beer.

Thanks!

Tom

Hey @gassi,

Apologies for the delay in getting back to you.

Sounds like you’ve solved your problem – awesome 🙂

Thanks,

Tom

Hi @blazer380,

Unfortunately I don’t. Due to the huge number of different database providers out there I can’t provide these details for every system. However, if you go to the settings page of the plugin you will see the details that you will need to fill in.

In the first instance, all you’ll have to find is the hostname, database name, database user, database password and port.

Your provider should be able to give you this information.

If any questions about the plugin please don’t hesitate to get back in contact.

Thanks,

Tom 🙂

Hey @axharkhan,

Just wanted to update you. I’ve done a fair bit of reading and have gained a fair bit of understanding but I just don’t have the time to keep investing in this right now. It would involve me reading up a lot more on C# and then have to implement that in PHP.

I do have a ticket for this in the backlog so I hope to get round to it in the future.

I think if you need this now your best option is to pay a developer to write this part of the solution (unless you have the time to learn it yourself and implement it yourself). I am not allowed to offer paid work here unfortunately but I think this is something someone would happily pick up. Probably quite straight forward for someone with more C# understanding than I.

What you would need is someone that can write a PHP function that takes the hash you gave me in the last message, and a string for a password. It would then return true if the user was valid or false if it was not.

This is then easily implemented for you without any changes to the plugin. You can find some basic information how in the FAQ about hooks on the plugin but it would looks something like this:

function myExlogHashAuthenticator($password, $hashFromDatabase) {
    return someFunctionToCheckHashAgainstPassword($password, $hashFromDatabase);
}

add_filter('exlog_hook_filter_authenticate_hash', 'myExlogHashAuthenticator', 10, 2);

If you did get someone to get this far, and you wanted the code added to the plugin, feel free to share it back here and, as long as it is the standard implementation for all ASP.net users, I’ll add in settings for it.

Thanks @axharkhan,

Tom