forcerm
06-19-2011, 07:15 PM
I have built my website around vbulletin, i use the include globals.php hack so that i can work with vb on external pages.
I also have an admin area to go with this, now rather than create a separate login to secure this i decided to limit admin area access to the vbulletin admin usergroup.
if($this->vbulletin->getUserGroupId()!="6")
redirect(base_url());
//admin code here...
So this is saying, if usergroup isn't 6, then redirect to the base_url (home) or continue...
This does work, but since it's not actually checking if the user is logged in, rather it's just looking for a usergroup id... is it secure enough?
If the user is not logged in, what will it return? NULL? 0?
I also have an admin area to go with this, now rather than create a separate login to secure this i decided to limit admin area access to the vbulletin admin usergroup.
if($this->vbulletin->getUserGroupId()!="6")
redirect(base_url());
//admin code here...
So this is saying, if usergroup isn't 6, then redirect to the base_url (home) or continue...
This does work, but since it's not actually checking if the user is logged in, rather it's just looking for a usergroup id... is it secure enough?
If the user is not logged in, what will it return? NULL? 0?