vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Possible to authenticate elsewhere on webpage? (https://vborg.vbsupport.ru/showthread.php?t=99158)

mattfl 10-24-2005 02:28 AM
Possible to authenticate elsewhere on webpage?
 
Is it possible to use the vbulletin login elsewhere on a webpage for authentication? Say for instance I have a photo gallery that I want to have people login to see, is there a way I can stick the vbulletin username/password prompt on a login page for the gallery and have it check against the vbulletin database but not log into the forums?

mattfl 10-26-2005 06:50 PM
bump for some help

Wired1 10-26-2005 07:01 PM
Yes, you can use the vB login stuff on another area of the site, however since it's the same login, it will log them into the forums.

mattfl 10-27-2005 06:25 PM
Ok, since that won't work. Is it possible to have vbulletin during the registration proccess insert the username/password into another table but without the encryption? Basically just dump the plain username/password. Or, is it possible to make a simple login/password box in php and have it reference the username/password table in the vbulletin database and authenticate against that?

mattfl 11-03-2005 01:10 PM
one last bump..please anyone!

Marco van Herwaarden 11-03-2005 03:53 PM
The plain password never gets sent from the client to the server. It is already hashed on the clientside.

To make what you want would seriously reduce vB's security level.

mattfl 11-03-2005 04:46 PM
Quote:
Originally Posted by MarcoH64
The plain password never gets sent from the client to the server. It is already hashed on the clientside.

To make what you want would seriously reduce vB's security level.

ok well what about my other option, make my own username/password cgi form, but is there a way to have it authenicate against the vb database? or is that what you were talking about?

mattfl 11-07-2005 08:40 PM
one last bump for the newer question

Marco van Herwaarden 11-08-2005 03:45 PM
Yes, everythig is possible, but it would reduce the level of security.

mattfl 11-10-2005 03:50 PM
Quote:
Originally Posted by MarcoH64
Yes, everythig is possible, but it would reduce the level of security.
Well let's just pretend I'm not worried about security...

How would I go about doing this?

I want to make my own user/password login php page, and have it authenticate against the vb database. I really don't know howto do that, can someone give me some help.

Marco van Herwaarden 11-10-2005 06:39 PM
Do a search on 'salt' here. There might also be a topic on this in the How-To forum.

roosevelt 11-10-2005 07:11 PM
Yes you can authenticate users with the datas stored in the vbulletin database. There are two concepts you have to understand.

Make the user log-in both your site area and the forum or just one module
To do this you will need to study vBulletin sessions system, what algorithm is used to encrypt the password so that it matches the users password in the database. Say your users's id is bob and password is 2005.

For example if vbulletin used md5() hash to encrypt the password the password 2005 would be stored as 2983jdkfsdm23847 in the database.

So, when the user enteres his username, and password on the log-in form you made for your website area... make it check the database and if the values matches you sent the user to his destination else return a error. The actual code will look like:

PHP Code:
<?php
$username $_POST['username'];
$password md5($_POST['password']);

// Use this area to connect to vbulletin database, and select the users table.

$query mysql_query("SELECT username, password FROM users WHERE username = $username, passwod = $password");

if ($query){
    echo "Welcome";
    register_session(.username.);
   //Enter the vbulletin register session if you want him to login the forums aswell
} else {
    echo "Invalid log-in";
}

?>
The code I provided is really crappy but it will help you understand the concept. The thing you should notice is on the variables I surrounded the $_POST['password'] variable with md5() function. So, whatever user's password is, it is encrypted before it is checked on the database. Because the password 2005 doesn't even exist in the database, but if we encrypt is before checking it... then it will see the match and will let the user login right away.

If you are not into PHP, then I recommend study it first... because for someone new session could be a pain. And also understanding the classes and objects in vbulletin system if wish to work with the vbulletin session class.

:)

Here is a mod which will do that: https://vborg.vbsupport.ru/showthread.php?t=91129


All times are GMT. The time now is 08:51 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01050 seconds
  • Memory Usage 1,739KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_php_printable
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (12)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete