PDA

View Full Version : Intergrate VB security to non-vB page


certify
04-02-2002, 10:00 PM
This is a simple Hack which will utilize VB security and will automatically foward back to the referrer url after login or register. Enjoy! :)

We have been using this hack for almost 8 months now on our online exam
http://www.certifyexpress.com/exam/microsoft/mcse/

kineda
04-04-2002, 09:29 PM
I tried installing this hack on a test page but it doesn't work.

Here's the error:
Warning: Failed opening 'home/kinedac/www/forums/global.php' for inclusion (include_path='') in /home/kinedac/public_html/new2/index_test.php on line 8

Warning: Cannot add header information - headers already sent by (output started at /home/kinedac/public_html/new2/index_test.php:7) in /home/kinedac/public_html/new2/index_test.php on line 14

the url is: http://www.kineda.com/new2/index_test.php

Psychdrone
04-04-2002, 10:04 PM
I like it, but havn't tried to install it yet!

Dose it work??

kineda
04-04-2002, 11:16 PM
Still not working... I wish it did.

I've gotten past the first error that I posted, and now I'm getting this one:

Fatal error: Failed opening required './admin/config.php' (include_path='') in /home/kinedac/public_html/forums/global.php on line 78

Please help!

http://www.kineda.com/new2/index_test.php

certify
04-05-2002, 07:37 AM
Can you post the code for index_test.php?

E
04-05-2002, 08:14 AM
yea he needs too certify that its right :)

kineda
04-05-2002, 02:54 PM
<?
include_once("../forums/global.php");
if ($bbuserinfo[userid]==0)
{
$thispage=urlencode("$PHP_SELF?quiz=$quiz");
header("Location:http://www.kineda.com/forums/usercp.php?urloverride=1&prevpage=".$thispage);
}
?>
<html>
<head>
<title>Kineda::Give into the TemptAsian</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="style.css" type="text/css">
</head>

<body bgcolor="#FFFFFF" text="#000000" background="images/background.gif" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">



Here's the first part of it. The rest of it is exactly the same as;
www.kineda.com/new2/index.html

certify
04-08-2002, 09:01 AM
remove this line ?quiz=$quiz as this is an example.

kineda
04-08-2002, 05:39 PM
<?
include_once("../forums/global.php");
if ($bbuserinfo[userid]==0)
{
$thispage=urlencode("$PHP_SELF");
header("Location:http://www.kineda.com/forums/usercp.php?urloverride=1&prevpage=".$thispage);
}
?>
<html>
<head>
<title>Kineda::Give into the TemptAsian</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="style.css" type="text/css">
</head>



Still getting the same error and I've removed that code section you mentioned.

kineda
04-09-2002, 09:52 PM
Bump. TTT.

Any word on why this is still giving me an error?

Thanks.

certify
04-10-2002, 08:37 AM
What is the code in

/home/kinedac/public_html/forums/global.php on line 78

Sparkz
04-10-2002, 09:34 AM
Don't have time to test this now, but I think he could do 1 of 2 things.

1. Enter an absolute path for the admin/config.php in the global.php file, ie /home/kinedac/www/forums/admin/config.php or something to that extent.

2. Change directory before including the file. Something like this:

$curdir = getcwd ();
chdir ("/home/kinedac/www/forums");
include_once ("global.php");
chdir ($curdir);


I think the last one, if working, would be the cleanest way, since it does not involve editing a vbulletin file.

Again, I have not tested this...

-Sparkz

kineda
04-10-2002, 08:42 PM
Thanks Sparkz! It works fine now!

Sparkz
04-10-2002, 08:43 PM
My pleasure :)

CloakSim
04-12-2002, 01:29 AM
Any clue on how to set this to a certain user group?

TheCaver
04-13-2002, 03:50 PM
Why does it return to the Users CP rather than the referring page?

JC

x69
04-21-2002, 08:15 PM
I'm having some problems getting this working..
heres my test.php file
<?php
echo "before";
//Begin VB Security Intergration Hack
include_once("/www/vhosts/vcdquality.com/html/forum/global.php");

if ($bbuserinfo[userid]==0)
{

$thispage=urlencode("$PHP_SELF");
header("Location:http://www.vcdquality.com/forum/usercp.php?urloverride=1&prevpage=".$thispage);

}
//End VB Security Intergration Hack
echo "after";
?>
some code here

I get no errors or anything.. all my script outputs is 'before'
what am i doing wrong? Thanks in advance

http://www.vcdquality.com/test.php

ThoughtDiver
05-10-2002, 01:41 AM
When I execute my nonvb page with the code in it, whether I'm logged in or not, it just goes to the page and it's a blank white screen.

#!/usr/local/bin/php
<?php
//Begin VB Security Intergration Hack
include_once("/full/home/path/html/forums/global.php");

if ($bbuserinfo[userid]==0)
{

$thispage=urlencode("$PHP_SELF");

header("Location:http://www.site.com/forums/usercp.php?urloverride=1&prevpage=".$thispage);

}
//End VB Security Intergration Hack
?>
[HTML PAGE HERE]

Any ideas?
Thanks,
Scott

certify
05-10-2002, 07:56 AM
Originally posted by TheCaver
Why does it return to the Users CP rather than the referring page?

JC

You need to add the below code in global.php

===Find this====
$ipaddress=$REMOTE_ADDR;
$scriptpath=$REQUEST_URI;

===And add this after the line above===
if(!$urloverride) { $scriptpath=$REQUEST_URI; }
else { $scriptpath=urldecode($prevpage); }

certify
05-10-2002, 08:07 AM
x69,

Change to this and test it again.

include_once($DOCUMENT_ROOT . "/forum/global.php");
echo "before";

mars
05-28-2002, 10:51 AM
lo :)
Same prob as x69..tried all the variations within this thread & still no luck...just end up on a blank white page

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

Code in my Global.php
................................................
$ipaddress=$REMOTE_ADDR;
$scriptpath=$REQUEST_URI;
//Begin VB Security Intergration Hack
if(!$urloverride) { $scriptpath=$REQUEST_URI; }
else { $scriptpath=urldecode($prevpage); }
//end VB Security Intergration Hack
if ($scriptpath=='') {
..............................................
Code on Protected page
..............................................
<?php include_once($DOCUMENT_ROOT . "/forum/global.php");
if ($bbuserinfo[userid]==0)
{
$thispage=urlencode("$PHP_SELF");
header("Location:http://www.ev0lution.co.uk/forum/usercp.php?urloverride=1&prevpage=".$thispage);
}
?>
<html>


Asked certify about it on his forums..but he's a busy man !.....Anyone got any ideas ?

Thanx in advance :)

mars
05-29-2002, 08:50 AM
* mars pats himself on the back...sorted don't worry :)

CGarson
06-05-2002, 01:40 PM
It wont work for me. I have the code entered in BEFORE my HTML tag. Even if I have text in the body, I don't get any output.

Thanks in advance

xamu
06-06-2002, 02:03 PM
Originally posted by CloakSim
Any clue on how to set this to a certain user group? I'd like to know the answer to this too. I have free sections of my site and parts I want restricted to paying members. I created a user group called "Certified Member" and only they should have access to these restricted pages.

ryans
07-26-2002, 07:02 PM
Can I get the full code for this script? It seems not to work.

Highlander
11-26-2002, 04:21 AM
yes. for me also .. a pretty BLANK WHITE page.. its really not so easy to get it working :) ...

i also made all changes (global.php) but nthing happens if i load the test.php

Rushy
12-15-2002, 04:13 PM
Yep I am having problems and I need to get this working asap :( I put the code in and it starts going to open the page but I then get a 404 even though the url is coprrect. I am not sure if it's because the page is calling an action ...

http://blah.com/maps.php?id=1162

or if I mess with the include path I get the white page problem

Any ideas, I am depserate for this to work and would really appreciate some help from someone.

Rampag33
03-01-2004, 04:57 AM
Is there an update for vb3 rc4 on this. really needed.