vb.org Archive - Block access to vB PHP files by user ID

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vBulletin 3.5 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=113)

- - Block access to vB PHP files by user ID (https://vborg.vbsupport.ru/showthread.php?t=106979)

Block access to vB PHP files by user ID

This mod allows you to block access to the following vB PHP files by specifying what user IDs to block. This works on a per file basis, so you can have different userIDs for different files. You can also block userID 0 to prevent guests or bots from accessing any of the files. No screenshot is necessary, as a blocked user will see the 'you do not have permission to access this page' notice instead of the file output. See post6 for how to add extension files. To install, go to the ACP -> Manage Products -> Add/Import Product, and then go to the ACP -> vBulletin Options.

Code:

ajax.php          announcement.php  attachment.php     calendar.php

cron.php          editpost.php      external.php       faq.php

forumdisplay.php  image.php         index.php          inlinemod.php

joinrequests.php  login.php         member.php         memberlist.php

misc.php          moderator.php     newattachment.php  newreply.php

newthread.php     online.php        payments.php       poll.php

postings.php      printthread.php   private.php        profile.php

register.php      report.php        reputation.php     search.php

sendmessage.php   showgroups.php    showpost.php       showthread.php

subscription.php  threadrate.php    usercp.php         usernote.php

Code:

// in case you block yourself from login, why would you do that, :wink:

// place this in the vB config to completely disable everything

// and then go log in, and then comment this from the vB config



define('DISABLE_HOOKS', true);

Good! :)
is it possible to do with Extension Modifications??

I like this idea...Installed

That's a rather clever idea.

If the extension has both of these, where global is the forum root global:

Code:

define('THIS_SCRIPT', 'uniquename');

require_once('./global.php');

And the extension prints out a text page, go stick this in vB config:

Code:

// change 123.123.123.123 to your IP address

if ($_SERVER['REMOTE_ADDR'] == '123.123.123.123')

{

        $config['Misc']['debug'] = true;

}

Then go to vB Options -> Block File Access Settings -> Add Setting:

Code:

Varname: bfabu_uniquename_uids

Setting Group: Block File Access Settings

Product: Block File Access

Title: Block 'uniquename' Usage

Description: Enter the user IDs to block from using the uniquename.php file. Separate each user ID with a space. Example: 8 16 24

Option Code: leave it blank

Data Validation Type: Free

Default: leave it blank

Display Order: leave as-is

vBulletin Default: Yes

And then remove this from vB config:

Code:

// change 123.123.123.123 to your IP address

if ($_SERVER['REMOTE_ADDR'] == '123.123.123.123')

{

        $config['Misc']['debug'] = true;

}

Note uniquename needs to be unique.

Nice, been waiting for this, great plugin !!

*installs*

Quote:

Originally Posted by calorie

If the extension has both of these, where global is the forum root global:

Code:

define('THIS_SCRIPT', 'uniquename');

require_once('./global.php');

And the extension prints out a text page, go stick this in vB config:

Code:

// change 123.123.123.123 to your IP address

if ($_SERVER['REMOTE_ADDR'] == '123.123.123.123')

{

        $config['Misc']['debug'] = true;

}

Then go to vB Options -> Block File Access Settings -> Add Setting:

Code:

Varname: bfabu_uniquename_uids

Setting Group: Block File Access Settings

Product: Block File Access

Title: Block 'uniquename' Usage

Description: Enter the user IDs to block from using the uniquename.php file. Separate each user ID with a space. Example: 8 16 24

Option Code: leave it blank

Data Validation Type: Free

Default: leave it blank

Display Order: leave as-is

vBulletin Default: Yes

And then remove this from vB config:

Code:

// change 123.123.123.123 to your IP address

if ($_SERVER['REMOTE_ADDR'] == '123.123.123.123')

{

        $config['Misc']['debug'] = true;

}

Note uniquename needs to be unique.

Thanks Calorie ! one of my fav. coders

is it possible to with usergroup instead of userid?

Untested, but for primary usergroups only, find:

Code:

if (in_array($vbulletin->userinfo['userid'], $bfabu_user_ids_array))

And replace with the following:

Code:

if (in_array($vbulletin->userinfo['usergroupid'], $bfabu_user_ids_array))

Or, for both primary and secondary usergroups, replace with the following:

Code:

                        if (in_array($vbulletin->userinfo['usergroupid'], $bfabu_user_ids_array) OR !empty(array_intersect($bfabu_user_ids_array, explode(",", str_replace(" ", "", $vbulletin->userinfo['membergroupids'])))))

X vBulletin 3.8.12 by vBS Debug Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (13)bbcode_code_printable (1)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages:

Phrase Groups Available:

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01157 seconds Memory Usage 1,742KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (13)bbcode_code_printable (1)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: