vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   User Privileges on non-vB pages (https://vborg.vbsupport.ru/showthread.php?t=49175)

inthezone 02-21-2003 08:44 PM

User Privileges on non-vB pages
 
I am looking to make certain non-vB pages on my site accessible on various levels (i.e. Certain parts are displayed for Registered Users, additional parts are displayed for Mods/Admins, and Guests are brought to the vB login screen,) using the vBulletin cookie, but I have no idea about:

1) How to require the cookie for access.

2) How to make certain parts accessible to certain user-levels.

Any help would be greatly appreciated. Thanks

Dean C 02-22-2003 10:53 AM

Try these two hacks maybe?

http://www.vbulletin.org/hacks/index...ack&hackid=548

http://www.vbulletin.org/hacks/index...ack&hackid=282

- miSt

inthezone 02-22-2003 05:11 PM

Those seem to use sessions, and I am looking to use cookies so users don't have to re-login every time. I want to have users login/register from the vB board itself, while the non-vB pages verify the cookie generated by vB. Is using the vB cookie on non-vB pages relatively safe, or is it opening a potential 'can of worms' of security risks?

Dean C 02-22-2003 06:06 PM

Saw something about cookies in this thread:

https://vborg.vbsupport.ru/showthrea...threadid=43014

inthezone 02-23-2003 08:07 PM

That seems to just be a login portal for vB, but doesn't use the cookie for access to non-vB pages. What I am looking for (not a "hack" per se) is something that will allow me to do this on non-vB pages:

PHP Code:

//Not using literal PHP syntax

if (vBulletin cookie is present)
{

if (
user is a registered user)
{echo 
Regular user content;}
elseif (
user is a moderator)
{echo 
Mod content;}
elseif (
user in an administrator)
{echo 
Admin-only content;}

}

else {echo 
"You must be a registered user to view this page. Please login or register";} 


Logician 02-24-2003 09:27 AM

I think you'll like WebTemplates

inthezone 02-25-2003 01:15 AM

I am not really looking to hack up my vB, especially since vB3 is due out any month now. I noticed this bit of code in the thread for your hack:

PHP Code:

<?php
// Default Information - Start with this
error_reporting(7);

$templatesused='forumhome_welcometext,forumhome_logoutcode,forumhome_newposts,forumhome_todayposts,forumhome_logincode';

require(
'./global.php');

$permissions=getpermissions();
if (!
$permissions['canview']) {
    
show_nopermission();
}
// Default Information - End

// if user is know, then welcome
if ($bbuserinfo['userid']!=0) {
  
$username=$bbuserinfo['username'];
  eval(
"\$welcometext = \"".gettemplate('forumhome_welcometext')."\";");
  eval(
"\$logincode = \"".gettemplate('forumhome_logoutcode')."\";");
  eval(
"\$newposts = \"".gettemplate('forumhome_newposts')."\";");

} else {
  
$welcometext "";
  eval(
"\$newposts = \"".gettemplate('forumhome_todayposts')."\";");
  eval(
"\$logincode = \"".gettemplate('forumhome_logincode')."\";");
}

eval(
"dooutput(\"".gettemplate('home')."\");");


?>

Would something like this be adequate for permissions on non-vB pages?

Logician 02-25-2003 03:16 PM

If you are ready to manually edit/update permissions per .php file without any user interface for administration, yes you can just insert:

PHP Code:

require('./global.php'); 

at the begining of your .php file (assumed its in the forum dir), then check the permissions with "if" commands like:

PHP Code:

if ($bbuserinfo['userid']>0
{
//do something
}
else
{
//do another thing


etc.

inthezone 02-25-2003 07:24 PM

Is it possible to do this using a file that is not in my forums directory?

My directory structure is:

public_html
-forums
---admin
---images
---mod

I'm getting this error

PHP Code:

Warningmain() [function.main]: Unable to access ./admin/config.php in /home/virtual/www/public_html/forums/global.php on line 129

Warning
main(./admin/config.php) [function.main]: failed to create streamNo such file or directory in /home/virtual/www/public_html/forums/global.php on line 129 

and I'm using this code to get the global.php file:

PHP Code:

require('/home/virtual/www/public_html/forums/global.php'); 


Logician 02-25-2003 07:34 PM

PHP Code:

chdir('/home/virtual/www/public_html/forums/');
require(
'./global.php'); 


inthezone 02-26-2003 02:57 AM

I put the code on a page called test.php. If I open the browser and go to test.php in the browser session before I go to my forum index, I get the following error:

PHP Code:

WarningCannot modify header information headers already sent by (output started at '/home/virtual/www/public_html/test.php:23)
in '
/home/virtual/www/public_html/forums/admin/functions.php on line 1628 

the member verification notes ("You are not logged in", "Welcome back, $username") still display, but the above error appears.

If I visit the forum index, however, then reload test.php after that, the error message will be gone. Why is this?

Sebastian 02-26-2003 03:37 AM

you have to put:

PHP Code:

chdir('/forums/');
require(
'global.php'); 

all the way at the top of the file, below <?php


if you are sending another header on the php file then you need to put that code above below it.

inthezone 02-26-2003 03:49 AM

It worked. I had a header include for the page which I had above the chdir and require code, but I moved it to the top and it seems to be working. Thanks

Two more questions...

1) How do I get the sessionhash to appear on non-vB pages?

2) Is there any way to access the cookied non-vB pages if I turn off the board through the Admin CP?

Sebastian 02-26-2003 03:55 AM

1) once you include the code above any of your pages you can add this to your links:

PHP Code:

file.php?s=$session[sessionhash


2) if you include global.php into any script when you turn off the board it'll cause any of those pages to shut down as well.

inthezone 02-26-2003 04:01 AM

I have test.php in a different directory than my forums, so when I close the board and go to test.php as a non-admin user, it gives me the "Please call back later" page but all of the URL and image paths are incorrect for obvious reasons (e.g. http://www.mydomain.com/forums/images/ will resolve to http://www.mydomain.com/images/ on this error page). Is there any way to get around the incorrect paths without moving test.php into the /forums/ directory?

Brad 02-26-2003 04:36 AM

Set the images folder to the direct path. Set all smilies to the direct path.

inthezone 02-26-2003 04:54 AM

1 Attachment(s)
But what about all of the URLs left on the page? For instance, http://www.mydomain.com/forums/usercp.php shows up as http://www.mydomain.com/usercp.php

Can this be circumvented without having to do a massive editing of the templates?

Sebastian 02-26-2003 06:24 AM

go in the admin cp, and change the image path for the template.. for instance, if its forums/images change it to /forums/images


or /full/path/to/forums/images

the above should work since that is how i have it setup on my site.. just add a forward slash / to the path.

as for the links, its not really that much to edit.. all you have to edit is the template header for the links, just add a / to the links. It only takes 2 minutes :)

if you are integrating your forums with the rest of the site it takes a few minutes, you can't expect to hit one button and have it integrated, its well worth the couple seconds it takes. :p

glo 04-29-2003 12:58 PM

Quote:

02-23-03 at 07:06 AM Mist said this in Post #4
Saw something about cookies in this thread:

https://vborg.vbsupport.ru/showthrea...threadid=43014

Hi Mist,

Couldnt find the reference about cookies in that thread!

Could you help me out!

Which is better? Cookies or sessions?

What does vbulletin use as standard?

SVTBlackLight01 07-12-2003 07:54 PM

Quote:

02-25-03 at 06:16 PM Logician said this in Post #8
If you are ready to manually edit/update permissions per .php file without any user interface for administration, yes you can just insert:

PHP Code:

require('./global.php'); 

at the begining of your .php file (assumed its in the forum dir), then check the permissions with "if" commands like:

PHP Code:

if ($bbuserinfo['userid']>0
{
//do something
}
else
{
//do another thing


etc.


How do you include more than one usergroup?

ramprage 04-01-2005 07:57 PM

PHP Code:

if (($bbuserinfo['userid']>0) || ($bbuserinfo['userid']>USERGROUPNUMBER)) 

Try that

Quote:

Originally Posted by glo
Hi Mist,

Couldnt find the reference about cookies in that thread!

Could you help me out!

Which is better? Cookies or sessions?

What does vbulletin use as standard?

Cookies
- Keeps your login information stored on the local system
- User can close browser and come back to site and still be logged in
- User must have cookies enabled on their web browser options

Sessions
- Every browser generally supports this without options being on or off
- The session is lost when the web browser is closed, logging them out


All times are GMT. The time now is 05:02 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01231 seconds
  • Memory Usage 1,815KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (13)bbcode_php_printable
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (21)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 

Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete