Hi,

I do understand that probably there is/was a security issue here, but I need to do some jobs periodically in a bunch of nodes that it's better programming than trying to use the VBO/Rules resources.

I had seen some examples for a registered user's (admin) cron run, but I found then very unsecure since they pass username and password by GET.

So, how can I make it work?

Thanks for attention!

Comments

Vuds’s picture

Vuds commented
Version: 6.x-1.9 » 6.x-1.10

The version assigned was wrong, I'm in the latest...

infojunkie’s picture

infojunkie
Location Vancouver
commented

Look into using Drush with VBO's Drush integration (vbo-execute command). You can invoke drush vbo-execute from your system cron, instead of relying on cron.php.

geek-merlin’s picture

geek-merlin
Primary language German
Location Freiburg, Germany
commented

sub

infojunkie’s picture

infojunkie
Location Vancouver
commented
Status: Active » Closed (works as designed)

@axel.rutz: did you try my suggestion? Since I haven't heard back from OP, I might close this thread very soon.

geek-merlin’s picture

geek-merlin
Primary language German
Location Freiburg, Germany
commented

i use drush on several sites and i suppose your suggestion should work IF you secify a --user argument to drush.

the reason why i subbed is, i have a customer who cannot use drush for cron at their host, but need to have a wget based cron.

infojunkie’s picture

infojunkie
Location Vancouver
commented

The drush command vbo-execute logs into Drupal as uid = 1, so no need to specify --user argument.

Otherwise, you might want to consider running cron as a privileged user, like this article describes. http://www.zimplicit.se/knowledge/running-cron-administrator-or-another-...

geek-merlin’s picture

geek-merlin
Primary language German
Location Freiburg, Germany
commented

good point, i thought it would be something like this.
which leads me to the question, why cron.php doesn't do this when called with authorization key?
maybe a d8 issue.

samuelet’s picture

samuelet commented

In Drupal 6.x, this is the way i run a vbo in a cron job as a registered user (uid 1 in the example):

1) Create your VBO view.
2) Create a new Rule for the "Cron maintenance tasks are performed" event.
3) Create a "DO" element as "Execute custom PHP code" named "Act as UID 1 user", and put this code:

global $user,$original_user;
$original_user = $user;
$old_state = session_save_session();
session_save_session(FALSE); // D7: use drupal_save_session(FALSE);
$user = user_load(array('uid' => 1));   // The uid of user that will run the rule.

4) Create a second "DO" element as "Execute a VBO programmatically on user" select your VBO view, the operation to execute on it and, if you need, the set the other options.
5) Creare a third "DO" element as "Execute custom PHP code" named "Act as original user" and put this code:

global $user,$original_user;
$user = $original_user;
session_save_session($old_state);

6) Optionally create an IF element to run the rule only on a specified event, for example to run it only at midnight create an "Execute custom PHP code" IF element containing this code:

return date("H") == "00";