vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   global.php (https://vborg.vbsupport.ru/showthread.php?t=148597)

Wizardjv 05-31-2007 06:19 PM
global.php
 
Ok so I wrote a private script I only want certain usergroups to see. But the problem im having is when I use the global.php to set the permision like:

HTML Code:
<?php

require('./global.php');  ?>

<?
if (!is_member_of($vbulletin->userinfo, 13))
{
    print_no_permission();

?>
It breaks my php script because of the certain variables set in the global php

Is there any other way I could restrict access by certain usergroups without the global.php. Or maybe someone could tell me exactly what part of the global php is the part that sets the permissions like that. And I could just create a new file to tie the permissions into.

Any help would be greatly appreciated.

Dismounted 06-01-2007 10:29 AM
I would rather change my own script to suit global.php than change global.php to suit my script.

odonel 06-01-2007 10:32 AM
another idea is to copy global.php to global2.php, edit global2.php and require global2.php

Wizardjv 06-03-2007 12:01 AM
Well I found this code by ModShack:
Code:

// To secure a page put this in your php file (and have authvb.php in the same directory)
// require('./authvb.php');


// Variables to edit

$checkservername = "localhost";                // hostname or ip of server
$dbcheckusername = "dbusername";                      // user name
$dbcheckpassword = "dbpasword";                  // user password
$dbcheckbase    = "vBDatabase";                    // name of database
$realm = "Private - no unauthorized access";                // Name of secured area / file
$auth = false;                                  // Assume user is not authenticated



// Check for username and password values and set up MySql connection

if (isset( $_SERVER['PHP_AUTH_USER'] ) && isset($_SERVER['PHP_AUTH_PW'])) {
    mysql_connect( $checkservername, $dbcheckusername, $dbcheckpassword )
        or die ( 'Unable to connect to server.' );
    mysql_select_db( $dbcheckbase )
        or die ( 'Unable to select database.' );


// Password check - get passowrd and salt from db for username specified

$query = "SELECT salt, password, userid FROM user WHERE username='$_SERVER[PHP_AUTH_USER]'";
$result = mysql_query($query) or die("The information you entered does not match our records."); $row=mysql_fetch_array($result);
$dbpassword = $row['password'];
$salt = $row['salt'];
$userid = $row['userid'];
$username = $_SERVER[PHP_AUTH_USER];

// Is the password the same
if ($dbpassword == md5(md5($_SERVER['PHP_AUTH_PW']). $salt)) {

// Check whether user belongs to certain usergroup 5 for supermoderators 6 for admins


// change the usergroupid's to the numbers of the usergroups you want to allow access to the page.

$sql = "SELECT * FROM user WHERE username = '$_SERVER[PHP_AUTH_USER]' AND (usergroupid = '6' or usergroupid = '5' or usergroupid = '
53' or usergroupid = '49') "; $result = mysql_query( $sql ) or die ( 'Unable to execute query.' ); $num = mysql_numrows( $result );
if ( $num != 0 ) { $auth = true;    } 

} else {
//Optional place for stuff about wrong password

 }

}

//If no authoristaion
if ( ! $auth ) {
    header( "WWW-Authenticate: Basic realm=\"$realm\"" );
    header( "HTTP/1.0 401 Unauthorized" );
    echo 'Authorization Required! Credentials have been logged!';
    exit;
}

Which works fine though now I would like to log who logs into that page like: the username and ip addy used.

Does anyone know how I could do this?


All times are GMT. The time now is 10:38 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01021 seconds
  • Memory Usage 1,725KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code_printable
  • (1)bbcode_html_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (4)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete