vb.org Archive - Add security to non VB pages and block user groups

Page 1 of 4

Last »

Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vBulletin 2.x Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=4)

- - Add security to non VB pages and block user groups (https://vborg.vbsupport.ru/showthread.php?t=41833)

mt_100

08-01-2002 10:00 PM

Add security to non VB pages and block user groups

OK, my first "hack"!

I created this because I want to have security and logins for my sites non VB pages but don't want two logins, one for the site and one for the forums.

There are other hacks that do the same thing, but this one is different.

1. It creates a PHP session, which means when the user closes the browser they will have to login to the site again later. It doesn't access the VBulletin cookie at all.

2. The user is prompted to login on any page you include this on, once logged in they are taken to that page minus the security.

3. No modification to the VBulletin code.

4. Uses the VBulletin user table so any information in there can be used, like welcoming them on all pages with their login name or telling the user who they are loggin in as.

5. You can block poeple based on their VBulletin user group! That way only certain user groups can see the rest of your site.

6. RUNS ON WINDOWS 2000 AND IIS!!!!!!

Let me know how you like it!

thirdwatch430

08-02-2002 06:18 PM

I haven't installed it yet but I am looking to, thanks!

Velocd

08-02-2002 06:18 PM

Screenshots, demo's, anything to show us why this hack is different than so many of the other security hacks?

:banana:

Tungsten

08-02-2002 06:33 PM

Quote:

Originally posted by Velocd
Screenshots, demo's, anything to show us why this hack is different than so many of the other security hacks?

Not to seem antagonistic here, but why should the burden of proof fall squarely on the shoulders of MT_100 ? I see this sort of post here all the time -- someone makes a hack and releases it and invariably someone else comes along and "challenges the legitimacy" of that hack.

Variety is the spice of life. Maybe MT_100's code is just cleaner than the rest ... maybe his/hers is the one that works best with Microsoft web servers ... maybe it was created without harming any laboratory animals. Who knows! :D

Chris M

08-02-2002 06:36 PM

Nice:)

Satan

mt_100

08-02-2002 06:38 PM

I doubt it is cleaner, I'm certainly not a pro, but it works.

I saw a great hack for Apache on Unix/Linux with .htaccess that did the same thing and loved it, use it on one of my servers.

I just wanted one that would work the same on IIS, so I made it and wanted to share it.

I did forget that you need to put a file called connect.php in the same folder with membercheck.php with your server connection varioables in it, or hardcode them into membercheck.php.

Later folks, enjoy.

Tungsten

08-02-2002 06:46 PM

Quote:

Originally posted by mt_100
I doubt it is cleaner, I'm certainly not a pro, but it works.

I just wanted one that would work the same on IIS, so I made it and wanted to share it.

Thanks for releasing it. As an IIS person myself, I can assure you that it will come in handy for several of us in the VBulletin community.

The thing that irks me is how some people essentially spit in the face of generosity by expecting a coder to justify the worthiness of his contribution. People are here sharing their code, tricks and tips -- for free. Why look a gift horse in the mouth? ;)

assassingod

08-02-2002 08:40 PM

Thanks:D

Velocd

08-03-2002 04:59 AM

Sorry for the comment earlier, until I actually looked at the code I didn't realize it was so simple enough it didn't need screenshots. I have a dull imagination when it comes to hacks that I'm usually not sure what they do before I install, so I tend to need some visuals.

mt_100

08-08-2002 01:21 PM

Well, to install it.

1. Create a file called connect.php and define the connection variables. Here is an example:

PHP Code:


		
			
<? 

// Variables that are used are the following

// $DB_SERVER : Name of MySql server by default "localhost"

// $DB_USER   : User name taht is used to connect to MySql

// $DB_PASS   : User password for MySQL conenction

// $DB_NAME   : Name of database to use



$DBSERVER = "yourserver here";

$DBUSER = "DB User Name Here";

$DBPASS = "DB Password Here"; 



?>

2. Put the membercheck.php file in the folder with connect.php

3. Put an include for membercheck.php at the top of each page you want to secure.

4. Done!

All times are GMT. The time now is 05:14 AM.

Page 1 of 4

Last »

Show 40 post(s) from this thread on one page

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01694 seconds Memory Usage 1,736KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_php_printable (2)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (2)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: