For those of you wondering how to make restricted pages so that only members of your vB can view them, here is a quick code example to do so. Just require this file as the very first line of whatever file that you want to require a user to have logged into the vB in order to view. Copy this code into a file and save it into the forums directory (same directory as index.php, members.php, etc.) and name it whatever you want.

Its a REALLY simple script that just checks to see if the vB cookie exist. Nothing special at all, but for those of you with no programming experience it's something to work with.


<?php

/* Here we check to see if the vBulletin cookie exist.
If it doesn't, we prompt the user to either log in or
sign up*/

if (!$HTTP_COOKIE_VARS["bbuserid"]) {
?>

<table border="0" width="600" cellspacing="0" cellpadding="2" align="center">
<tr>
<td valign="top">
<center><h2>Unathorized Access</h2></center>
If the users cookie isn't set, here is where your error message, or whatever message, will be.
</td>
<td valign="top" bgcolor="#D2D2D2">
<form action="index.php" method="post">
<table border="0" width="100%" cellpadding="2">
<tr>
<td width="50%" valign="top"><b>username</b></td>
<td width="50%" valign="top"><input maxLength="25" name="username" size="10"></td>
</tr>
<tr>
<td width="50%" valign="top"><b>password</b></td>
<td width="50%" valign="top"><input maxLength="13" name="password" size="10" type="password" value></td>
</tr>
<tr>
<td width="100%" valign="top" colspan="2">
<p align="center"><input type="submit" value="Login!"></td>
</tr>
</table>
</form>
</td>
</tr>
</table>

<?php
exit;
}
?>


[Edited by Krucifyx on 06-22-2000 at 07:02 AM]

This is great! I think I would incorporate this onto my own site! Thanks krucifyx

Thanks for the code. It's given me a good start on password protecting other pages on my site.

However, I'm having some problems.

I need secure pages to check if there's a vb cookie, and if there's not they can sign in using their vb username and password. Then they would see the protected pages.

This code posts login information to the vb index.php file, but after logging in it dumps the user at the forum. I need to have the user dumped at the page they were trying to view. Also, if an incorrect login is used the user is just dumped at the forum.

Any help would be greatly appreciated.

I've been out of the vb coding scene for a while but perhaps I can help you out.

What do you mean by it dumping you back to the screen? did you try putting this on all viewed scripts, not just forumdisplay.php?

Sorry about my previous post being a little vague.

I'm trying to create a file upload section to my website, but I only want registerd users from my forum to be able to upload. So I'm trying to password protect those upload pages using the vb login and cookies system.

If a vb cookie is already present the user should see the upload page. However, if they aren't logged in, the user should see a page that says, "You need to be a registered user to upload files. Enter username and password or register here." After they login on that screen they should see the upload page.

However, using the code at the top of this thread, the user doesn't see the upload page after logging in -- they are dumped at my forum's index page. An incorrect login has the same result (user is dumped at the forum index page).

In short, if the user is logging in from the forum, they should end up at the forum. If the user is logging in from the upload page, they should end up at the upload page.

Does that make sense?

Sorry for the long post.

[Edited by mferrell on 10-15-2000 at 11:05 AM]

Anyone got any pointers for the above post?

<?
require("global.php");

if ($bbuserid == 0)
{
eval("echo standarderror(\$bbtitle,\"".gettemplate("error_nopermission")."\");");
exit;
}

if ($bbusername == "" || (isset($bbusername))==0)
{
$getusername=$DB_site->query_first("SELECT username FROM user WHERE userid=$bbuserid");
$username=$getusername[username];
$bbusername = $username;
}
else
{
$username = $bbusername;
}

// Your Code to ul goes here

Thanks! That works but I'm having one problem. When I login with the following code, I'm dumped at my websites index page. How do I get it so that it shows the page that's trying to be viewed?

Here's what I've got now:

__________________________________
<?
chdir($DOCUMENT_ROOT . "/bulletinboard");
require($DOCUMENT_ROOT . "/bulletinboard/global.php3");

if ($bbuserid == 0)
{
eval("echo standarderror(\$bbtitle,\"".gettemplate("error_nopermission")."\");");
exit;
}

if ($bbusername == "" || (isset($bbusername))==0)
{
$getusername=$DB_site->query_first("SELECT username FROM user WHERE userid=$bbuserid");
$username=$getusername[username];
$bbusername = $username;
}
else
{
$username = $bbusername;
}

// Your Code to ul goes here

?>

<html>
<title>Secure Area</title>
<body><font face=verdana,arial,sans-serif size=2>You should only be able to see this if you're logged in.<p>
</font>
</body>
</html>
____________________________

Thanks again for the help.

Well that is supposed to send you to whatever page you were trying to access after logging in.. hmm..

Does this file have to be located in the bulletinboard directory? My forum resides in bulletinboard, but the file I'm trying to protect is in the root directory.

That seems to be the problem. The file has to be in the bulletinboard directory (where global.php3 is located). Is there anyway around this?

Anyone get an answer to this question? I'm looking to do the same thing on one of my sites.

When I use the code in the top example I get the login box on the screen, but I also see this error just above it.

Warning: Undefined index: bbuserid in c:\inetpub\wwwroot\dealerforge\vbulletin\homelogin .php on line 7

When I am logged into the forums, I go straight to the page, when I am not logged in I am presented with a login box with the error above, however when I try to login on that page I get this:

CGI Error
The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are:

and the error ends there.

Any help would be appreciated in fixing this, but otherwise it is exactly what I am looking for, thank you!

mashby, all you need to do is put in the path that the global.php is stored in, and check that it is ch-mod'd correctly, it shouldnt give you any problems, you just need to make sure all the paths correspond.