vb.org Archive
Page 2 of 7 1 2 34 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 2.x Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=4)
-   -   [release vb2] Database Password Encryption (https://vborg.vbsupport.ru/showthread.php?t=18868)

kdog316 06-03-2001 03:48 AM
does the dbencrypt.php do all the table altering and replacing of the other php files for me

dabean 06-03-2001 01:04 PM
Updated: (15:05 BST)

Improvements:
- Database update script, delete it after using it. Thanks tubedogg but i'd already writen my own to go with this improved version.
- Encypted passwords option at registration

Bug fixes:
- Members can no longer follow a password regeneration link more than once.

kdog316 06-04-2001 03:00 AM
i ran the encyption file but i dont see any make password encrypted field on registering

dabean 06-04-2001 03:11 AM
As the text file "password_encryption.txt" contained in the zip states all the installer does it make the database changes for you. You still have to modify the code and templates by following the instructions in the file.

kdog316 06-04-2001 09:36 PM
ok something wrong is going on here when ever i edit my member.php file the way you say i get this error when i try to access my change password, edit options or any thing else that has to do with the user profile and this is the error

Fatal error: Call to undefined function: getuserinfo() in /home/photo/public_html/tmbps/member.php on line 101

and here is line 101 on member.php


PHP Code:
    $bbuserinfo=getuserinfo($userid); 

dabean 06-04-2001 10:04 PM
hmm, you've obviously made a mistake in altering the code.

the following lines should exist starting at line 47.

PHP Code:
if ($action=="login") {
  include("./global.php");
  if (isset($username)) { 
if these lines do exist then have another look at precise structure of the alterations you made.

If you'd made any changes to global.php or admin\functions.php as part of any other hacks you have added you may also want to double check them.

kdog316 06-04-2001 10:17 PM
there at line 42 right after

// ############################### start login ###############################

here is what the code looks like for that section tell me if anything needs to be switched


PHP Code:
if ($action=="login") {
  include("./global.php");
  if (isset($username)) {
    // get userid for given username
    if ($user=$DB_site->query_first("SELECT userid,username,password,cookieuser,encryptedpass FROM user WHERE username='".addslashes(htmlspecialchars($username))."'")) {
      // secure passwords
      if ($user[encryptedpass]==1) {
        if ($user[password]!=md5($password)) {  // check secure password
          eval("standarderror(\"".gettemplate("error_wrongpassword")."\");");
          exit;
        }
      } else {
        if ($user[password]!=$password) {  // check standard password
          eval("standarderror(\"".gettemplate("error_wrongpassword")."\");");
          exit;
        }
      }
      $userid=$user[userid];
    } else { // invalid username entered
       eval("standarderror(\"".gettemplate("error_wrongusername")."\");");
       exit;
    } // end secure passwords
      $userid=$user[userid];
    } else { // invalid username entered
       eval("standarderror(\"".gettemplate("error_wrongusername")."\");");
       exit;
    }

    if ($user['cookieuser']==1) {
      vbsetcookie("bbuserid",$user['userid']);
      vbsetcookie("bbpassword",md5($user['password']));
    }

    $DB_site->query("DELETE FROM session WHERE sessionhash='".addslashes($session[dbsessionhash])."'");

    $session['sessionhash']=md5(uniqid(microtime()));
    $session['dbsessionhash']=$session['sessionhash'];
    $DB_site->query("INSERT INTO session (sessionhash,userid,host,useragent,lastactivity,styleid) VALUES ('".addslashes($session['sessionhash'])."','$userid','".addslashes($session['host'])."','".addslashes($session['useragent'])."','".time()."','$session[styleid]')");
    vbsetcookie("sessionhash",$session['sessionhash'],0);
    $username $user['username'];
  }

  $url=ereg_replace("sessionhash=[a-z0-9]{32}&","",$url);
  $url=ereg_replace("\\?sessionhash=[a-z0-9]{32}","",$url);
  $url=ereg_replace("s=[a-z0-9]{32}&","",$url);
  $url=ereg_replace("\\?s=[a-z0-9]{32}","",$url);

  if ($url!="" and $url!="index.php" and $url!=$HTTP_REFERER) {

    if (strpos($url,"?")>0) {
      $url.="&s=$session[dbsessionhash]";
    } else {
      $url.="?s=$session[dbsessionhash]";
    }
    //header("Location: $url");

    $url str_replace("\""""$url);
    eval("standardredirect(\"".gettemplate("redirect_login")."\",\"$url\");");
  } else {
    $bbuserinfo=getuserinfo($userid);
    eval("standardredirect(\"".gettemplate("redirect_login")."\",\"index.php?s=$session[dbsessionhash]\");");


dabean 06-04-2001 10:30 PM
hmm you've repeated the same block of code twice.

PHP Code:
    // end secure passwords
      $userid=$user[userid];
    } else { // invalid username entered
       eval("standarderror(\"".gettemplate("error_wrongusername")."\");");
       exit;
    } 
should be changed to
PHP Code:
 // end secure passwords 

kdog316 06-04-2001 10:47 PM
now i am getting this erorr
Parse error: parse error in /home/photo/public_html/tmbps/member.php on line 1370

and here are lines 1366-1370

PHP Code:
eval("standarderror(\"".gettemplate("error_invalidsecureid")."\");");
  }
}

? > 
withput the space between the ? and the > of course

dabean 06-04-2001 11:13 PM
okay take a look at
PHP Code:
// ############################### start secure email password ###############################
if ($action=="securepw") { 
check that ?> doesn't appear above it.


All times are GMT. The time now is 07:38 AM.
Page 2 of 7 1 2 34 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01218 seconds
  • Memory Usage 1,778KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (7)bbcode_php_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete