[QUOTE]Originally posted by timmiman
i had a problem, when i use the right password, he sends the email too! what do i wrong?

o.k thank for your reply, i exactly look at the code again.

sorry for my bad english, i am a german boy:)

ok i found the error. i had the code placed befor not behind the

if (md5($loginpassword)!=$bbuserinfo[password]) {

thanks for your 1a support here :D

[QUOTE]Originally posted by timmiman
ok i found the error. i had the code placed befor not behind the

if (md5($loginpassword)!=$bbuserinfo[password]) {

thanks for your 1a support here :D

Does anyone know where 2 put this in sessions.php of 2.0.3 because the 2.0.3 sessions.php doesnt have this line:

This is because 2.0.3 didn't have password encryption... The line should be

[QUOTE]Originally posted by GameCrash
This is because 2.0.3 didn't have password encryption... The line should be

PHP Code:

---

if ($loginpassword!=$bbuserinfo[password]) { 


---

I don't think I need to install this hack if I use htaccess to protect the directory ..correct?

Because if they don't get past the HTACCESS then they won't be able to trip the code to email me.

You might want to use this hack anyway. If someone does manage to get past the .htaccess password block, you'll never know just from that. But unless you use the same password for the .htaccess block as you do for your admin account, after they break past the .htaccess block, they'll trip this hack next.

I was just thinking about this the other night.

I have other directories on my webserver that are protected by .htaccess, and thought it would be nice to have people who were not able to authenticate within the 3 try limit to be sent to a custom error page that would also send me an email with some information about their IP address.

I know this is not related to vBulletin, but this hack is what got me thinking about that.