Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By dovry on
Hello,
I'd like to integrate drupal into another CMS system on a site I maintain, and wonder how to do this with a minimum of coding.
What I'd like to start with is to have users log in only one place. So what I'd like to do is to set up a custom function in drupal where users are logged in without having to submit username/password.
From looking at the drupal code, It looks like the best solution would be to make a change in the function user_load in the drupal-user module:
from
foreach ($array as $key => $value) {
if ($key == 'uid' || $key == 'status') {
$query[] = "$key = %d";
$params[] = $value;
}
else if ($key == 'pass') {
$query[] = "pass = '%s'";
$params[] = md5($value);
}
else {
$query[]= "LOWER($key) = LOWER('%s')";
$params[] = $value;
}
to simply
$query[] = "name = " . $_SESSION['login_other_system'];
Where existing uid is supplied, the user will always log in successfully to drupal. In addidtion changing the code, it will never be possible to log in except through the other system. And the security will hopefully be taken care of by insuring the integrity of the session variable (session logged with IP and timeout)
Do you think this is a feasible solution?
If this works, I have to think of a way of calling the function from 'outside' of drupal in a clean way.
I would appreciate all help and comment regarding this!
Comments
not good news?
I'll be quite frank. I haven't attempted this. I'm pretty familiar with Drupal, however, and have, on my own, written at least 4 complete CMS systems from scratch (some of which have been pretty full-featured and advanced). All told, people in my company probably have another 5 or 6 more. So - the point is - we know Drupal, we've had compelling reasons to try this sort of thing ourselves.
This would give me the heebie-jebies. Drupal is very modular, but overrunning core files is not a great idea. There may be other things you want to do that expect core to work as core. They shouldn't... but they might. And you might be very unhappy trying to solve those issues. Once you fork, you can end up heading down a long and lonely road.
I've had inquiries over the last several weeks from some folks who've literally spent months in the wilderness after making 'why-not' decisions on forking core and are realizing they may need to write-off tons of work because they made the easy-fast choice without taking time to understand Drupal and the possible cost/benefit results of forking. Now - none of this is terribly easily grasped if this is your first time out on a Drupal site - there's a steep learning curve (I know - I've been there). But I personally don't see any good long-term solution that forks core. The learning curve stinks - but once you're over it, there's HUGE power in the system. It's worth it.
So - work with the Drupal mindset if you want to use Drupal -- that's it's power. Otherwise, grab Joomla (or something else) and rip the guts and/or hack the bajesus out of it - that's their power.
So -- my question would be -- what is the other CMS doing that can't be done in Drupal? (and, by corollary, what does Drupal have that the other doesn't?). In my experience, you'll have better luck building on top of Drupal than attempting to circumvent it. Not necessarily the greatest news, but certainly my $.02.
Drew Gorton
Gorton Studios
Some of our Drupal Sites
Thanks
Thanks for your reply, Drew!
Unfortunately, the other system is better described as an CRM app, with lots of legacy code and integration with 3rd party systems, so I don't think drupal could replace it. What I am trying to accomplish is to replace some parts of the system related to CMS with drupal. We've been using some other BB and wiki software in the past, but I have not been 100% happy with the results.
Could you or someone familiar with the core of drupal comment on the following: Would it be possible to log in to drupal by calling the relevant functions in the core, leaving out anything returning content to the browser, after populating the necessary variables with the login information (simulate a POST)? And thereby avoiding any changing of or forking the core?
found a solution
I think I've found a solution, by modifying index.php, removing all code that prints to the browser, and manually adding the login information to the $_POST array, so as to 'simulate' a post:
adding
between
and
It's a hack, but it works, and does not require any changes of core code.