[Till]

Providing hacks and not supporting them is quite useless. Maybe the moderators could flag hacks that are not supported by the authors as that. Saves time and you don't install stuff that doesn't work right anyway.

I stopped scanning this thread on page 10 or whatever, but I guess since people still have issues, I post my mods.

Here is my setup:
- latest coppermine (1.3.3)
- vbulletin 3.0.6 (German)

The version of Coppermine that I have came with the bridge file for PHP. Since the one provided here didn't work and the file distributed with Coppermine had the cookie fix already applied to, I used it as base of my modifications to make it work.

Warning: The edits are quite techy and I will not support this.

bridge/vbulletin30.inc.php
1) You do all the obvious magic (database settings, ...)
2) Code hacking

Find this (around line 91):

PHP Code:

$got_user = 0;

if ($bbuserid && $bbpassword) {
    // If userid and password exist in cookies we use them to login 


And replace the following query ($sql = ...) and the mysql_num_rows() statement with this:

PHP Code:

$got_user = 0;

if ($bbuserid && $bbpassword) {
    // If userid and password exist in cookies we use them to login
    $sql = "SELECT userid as user_id, username as user_name, usergroupid as mgroup, password, salt ";
    $sql.= "FROM " . $UDB_DB_NAME_PREFIX . VB_TABLE_PREFIX . VB_USER_TABLE . " ";
    $sql.= "WHERE userid='" . addslashes(stripslashes($bbuserid)) . "'";
    if(!($result = db_query($sql, $UDB_DB_LINK_ID))){
        echo 'Error: '.mysql_error().'<br/>';
        echo 'Query: '.$sql.'<br/>';
        echo 'File: '.__FILE__.'<br/>';
        exit;
    }
    if (mysql_num_rows($result) > 0) {
        $USER_DATA = mysql_fetch_array($result);
        if ($bbpassword != md5($USER_DATA['password'] . $USER_DATA['salt'])) {
            $got_user = 1;
        }
    }
... 


So, what did I change here? First of all, I made the $sql query readable. There is an unwritten law that when you write code, you try to break it up after 65 chars (makes printing and reading easier).

Then I added the field "salt" to the SELECT-statement. It's used in vbulletin's login/authentication methods. Last but not least, I changed the if()-statement to check the password stored in the cookie against the password stored in the database.

If you want to have a look at the way vbuelltin does the authentication magic, feel free to browse includes/function-login.php under your vbulletin installation.

Ok, this is it. Not it works for me. Hope this actually helps someone else. If I find anything else, I will post again.

Cheers,
Till