vb.org Archive
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Member Archives (https://vborg.vbsupport.ru/forumdisplay.php?f=202)
-   -   Finally, a non-vb Hack...but... (https://vborg.vbsupport.ru/showthread.php?t=15822)

Overgrow 05-03-2001 07:24 PM
Can I make a suggestion that would require some modification? It would help all of your code in general if you....

Eliminate hard coded http:// inside of the code. Learn to use $PHP_SELF and getenv("variables"). Either that or make a $scriptLocation="http://..." variable at the top that you have the user set before they start the script. That way you don't have to mess with hard coded URLs all throughout the script.

Instead of using multiple files (incorrectpass.php,incorrectusername.php) which will complicate the install and maintenance-- make one error function and call it with variables. if(user fails passwordcheck) { error(2)} Then error 2 would print the appropriate message.

Instead of creating a whole file system try to make them generic functions that anyone can include in any script. As it is now anyone wishing to use this would have to incorporate their script into yours, the other way around, or put their look on your file. It would be easier if this were a library that you could call from your own forms.

I have a vb-login script like this for myOvergrow but it's hardcoded into my site and not appropriate for release because it's not written as functions.

good luck

Overgrow 05-03-2001 07:41 PM
Here is my function, extracted... no guarantees on this, I ripped out some parts. This function is called at the beginning of any script you want to make sure they are a proper VB user

PHP Code:
function checkLogin() {

    global $db,$db_connection,$bbuserid,$bbusername,$bbpassword,$userid,$username,$password,$newpassword;

    if(strlen($newpassword) > 0)
        $bbpassword=$newpassword;

    if ((!isset($bbuserid) or $bbuserid or $bbuserid=="") and (!isset($bbpassword) or $bbpassword=="")) {

        loginForm();
        exit;

    } else {

        if($bbuserid and strlen($bbusername) < 1)
            $whereclause "WHERE userid='$bbuserid'";
        else
            $whereclause "WHERE username='$bbusername'";

        $query "SELECT userid,username,password FROM user $whereclause";

        $query_results mysql_query($query,$db_connection);

        if (!$query_results){
            
            print "failed: $query<br>\n";

        } else {

            while ($row mysql_fetch_array($query_results)) {

                $userid=$row[userid];
                $username=$row[username];
                $password=$row[password];

            }
        }

        if ($userid 1) {
            //setcookie("bbuserid","",0);
            //setcookie("bbpassword","",0);
            loginForm("No such username in the database:");
            exit;
        }

        if ($password!=$bbpassword and $bbpassword!=substr(md5($password),0,strlen($password))) {
            //setcookie("bbuserid","",0);
            //setcookie("bbpassword","",0);
            loginForm("Incorrect Password entered:");
            exit;
        }

        if (isset($userid) and $userid!="" and $userid and $bbuserid!=$userid) {

            setcookie("bbuserid",$userid,0,"/");
            setcookie("bbuserid",$userid,mktime(0,0,0,0,0,2020),"/");
            
            setcookie("bbpassword",substr(md5($password),0,strlen($password)),0,"/");
            setcookie("bbpassword",substr(md5($password),0,strlen($password)),mktime(0,0,0,0,0,2020),"/");

            $bbuserid=$userid;
        }
    }

You can send it from your forms either

$bbuserid or $bbusername

and

$newpassword

The possible outcomes=

1) no data sent, it calls another function loginForm() with no variable
2) no such user name, calls loginForm("no such user name")
3) wrong password, calls loginForm("wrong pass")

etc...

MoJo85 05-03-2001 09:18 PM
thank you Overgrow for the help. I got it to work and I will hopfully launch this hack probaly by end of this week once I get the little bugs out..


All times are GMT. The time now is 04:45 PM.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01213 seconds
  • Memory Usage 1,753KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_php_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (3)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete