PDA

View Full Version : vbauth.php for non vb page vb 3.0


Timmmmmy
02-04-2004, 09:06 PM
<a href="https://vborg.vbsupport.ru/showthread.php?t=34690" target="_blank">https://vborg.vbsupport.ru/showthread.php?t=34690</a> thats the original hack, but it doesnt work with vb3.0 im not sure whats different its supposed to be md5 right?

Timmmmmy
02-05-2004, 08:44 AM
Here is what mine looks like now

<?php
include("/home/*****/public_html/dbConfig.php");


$encryptedpw ="true";

$realm = "This site is private!";

$auth = false; // Assume user is not authenticated

if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {

// Connect to MySQL

mysql_connect( $host, $user, $password )
or die ( 'Unable to connect to server.' );



mysql_select_db( $forum_database )
or die ( 'Unable to select database.' );


$sql = " SELECT * FROM user WHERE
username='$PHP_AUTH_USER' AND
password = MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt))";

// Execute the query and put results in $result

$result = mysql_query( $sql )
or die ( 'Unable to execute query.' );

// Get number of rows in $result.

$num = mysql_numrows( $result );

if ( $num != 0 ) {

// A matching row was found - the user is authenticated.

$auth = true;

}

}

if ( ! $auth ) {

header( "WWW-Authenticate: Basic realm=\"$realm\"" );
header( "HTTP/1.0 401 Unauthorized" );
echo 'Authorization Required - EMPL Owners Only!';
exit;
}

?>