I am looking to make certain non-vB pages on my site accessible on various levels (i.e. Certain parts are displayed for Registered Users, additional parts are displayed for Mods/Admins, and Guests are brought to the vB login screen,) using the vBulletin cookie, but I have no idea about:

1) How to require the cookie for access.

2) How to make certain parts accessible to certain user-levels.

Any help would be greatly appreciated. Thanks

Try these two hacks maybe?

http://www.vbulletin.org/hacks/index.php?s=&action=showhack&hackid=548

http://www.vbulletin.org/hacks/index.php?s=&action=showhack&hackid=282

- miSt

Those seem to use sessions, and I am looking to use cookies so users don't have to re-login every time. I want to have users login/register from the vB board itself, while the non-vB pages verify the cookie generated by vB. Is using the vB cookie on non-vB pages relatively safe, or is it opening a potential 'can of worms' of security risks?

Saw something about cookies in this thread:

https://vborg.vbsupport.ru/showthread.php?s=&threadid=43014

That seems to just be a login portal for vB, but doesn't use the cookie for access to non-vB pages. What I am looking for (not a "hack" per se) is something that will allow me to do this on non-vB pages:


//Not using literal PHP syntax

if (vBulletin cookie is present)
{

if (user is a registered user)
{echo Regular user content;}
elseif (user is a moderator)
{echo Mod content;}
elseif (user in an administrator)
{echo Admin-only content;}

}

else {echo "You must be a registered user to view this page. Please login or register";}

I think you'll like WebTemplates (https://vborg.vbsupport.ru/showthread.php?s=&threadid=36419)

I am not really looking to hack up my vB, especially since vB3 is due out any month now. I noticed this bit of code in the thread for your hack:

<?php
// Default Information - Start with this
error_reporting(7);

$templatesused='forumhome_welcometext,forumhome_lo goutcode,forumhome_newposts,forumhome_todayposts,f orumhome_logincode';

require('./global.php');

$permissions=getpermissions();
if (!$permissions['canview']) {
show_nopermission();
}
// Default Information - End

// if user is know, then welcome
if ($bbuserinfo['userid']!=0) {
$username=$bbuserinfo['username'];
eval("\$welcometext = \"".gettemplate('forumhome_welcometext')."\";");
eval("\$logincode = \"".gettemplate('forumhome_logoutcode')."\";");
eval("\$newposts = \"".gettemplate('forumhome_newposts')."\";");

} else {
$welcometext = "";
eval("\$newposts = \"".gettemplate('forumhome_todayposts')."\";");
eval("\$logincode = \"".gettemplate('forumhome_logincode')."\";");
}

eval("dooutput(\"".gettemplate('home')."\");");


?>


Would something like this be adequate for permissions on non-vB pages?

If you are ready to manually edit/update permissions per .php file without any user interface for administration, yes you can just insert:

require('./global.php');

at the begining of your .php file (assumed its in the forum dir), then check the permissions with "if" commands like:


if ($bbuserinfo['userid']>0)
{
//do something
}
else
{
//do another thing
}


etc.

Is it possible to do this using a file that is not in my forums directory?

My directory structure is:

public_html
-forums
---admin
---images
---mod

I'm getting this error

Warning: main() [function.main]: Unable to access ./admin/config.php in /home/virtual/www/public_html/forums/global.php on line 129

Warning: main(./admin/config.php) [function.main]: failed to create stream: No such file or directory in /home/virtual/www/public_html/forums/global.php on line 129

and I'm using this code to get the global.php file:

require('/home/virtual/www/public_html/forums/global.php');

chdir('/home/virtual/www/public_html/forums/');
require('./global.php');

I put the code on a page called test.php. If I open the browser and go to test.php in the browser session before I go to my forum index, I get the following error:

Warning: Cannot modify header information - headers already sent by (output started at '/home/virtual/www/public_html/test.php:23)
in '/home/virtual/www/public_html/forums/admin/functions.php on line 1628

the member verification notes ("You are not logged in", "Welcome back, $username") still display, but the above error appears.

If I visit the forum index, however, then reload test.php after that, the error message will be gone. Why is this?

you have to put:


chdir('/forums/');
require('global.php');


all the way at the top of the file, below <?php


if you are sending another header on the php file then you need to put that code above below it.

It worked. I had a header include for the page which I had above the chdir and require code, but I moved it to the top and it seems to be working. Thanks

Two more questions...

1) How do I get the sessionhash to appear on non-vB pages?

2) Is there any way to access the cookied non-vB pages if I turn off the board through the Admin CP?

1) once you include the code above any of your pages you can add this to your links:


file.php?s=$session[sessionhash]



2) if you include global.php into any script when you turn off the board it'll cause any of those pages to shut down as well.

I have test.php in a different directory than my forums, so when I close the board and go to test.php as a non-admin user, it gives me the "Please call back later" page but all of the URL and image paths are incorrect for obvious reasons (e.g. http://www.mydomain.com/forums/images/ will resolve to http://www.mydomain.com/images/ on this error page). Is there any way to get around the incorrect paths without moving test.php into the /forums/ directory?

Set the images folder to the direct path. Set all smilies to the direct path.

But what about all of the URLs left on the page? For instance, http://www.mydomain.com/forums/usercp.php shows up as http://www.mydomain.com/usercp.php

Can this be circumvented without having to do a massive editing of the templates?

go in the admin cp, and change the image path for the template.. for instance, if its forums/images change it to /forums/images


or /full/path/to/forums/images

the above should work since that is how i have it setup on my site.. just add a forward slash / to the path.

as for the links, its not really that much to edit.. all you have to edit is the template header for the links, just add a / to the links. It only takes 2 minutes :)

if you are integrating your forums with the rest of the site it takes a few minutes, you can't expect to hit one button and have it integrated, its well worth the couple seconds it takes. :p

02-23-03 at 07:06 AM Mist said this in Post #4 (https://vborg.vbsupport.ru/showthread.php?postid=357074#post357074)
Saw something about cookies in this thread:

https://vborg.vbsupport.ru/showthread.php?s=&threadid=43014

Hi Mist,

Couldnt find the reference about cookies in that thread!

Could you help me out!

Which is better? Cookies or sessions?

What does vbulletin use as standard?

02-25-03 at 06:16 PM Logician said this in Post #8 (https://vborg.vbsupport.ru/showthread.php?postid=358267#post358267)
If you are ready to manually edit/update permissions per .php file without any user interface for administration, yes you can just insert:

require('./global.php');

at the begining of your .php file (assumed its in the forum dir), then check the permissions with "if" commands like:


if ($bbuserinfo['userid']>0)
{
//do something
}
else
{
//do another thing
}


etc.


How do you include more than one usergroup?

if (($bbuserinfo['userid']>0) || ($bbuserinfo['userid']>USERGROUPNUMBER))

Try that

Hi Mist,

Couldnt find the reference about cookies in that thread!

Could you help me out!

Which is better? Cookies or sessions?

What does vbulletin use as standard?

Cookies
- Keeps your login information stored on the local system
- User can close browser and come back to site and still be logged in
- User must have cookies enabled on their web browser options

Sessions
- Every browser generally supports this without options being on or off
- The session is lost when the web browser is closed, logging them out