vb.org Archive - View Single Post - How to verify users group membership from VB cookie

void · #2 01-19-2006, 03:07 PM

Ok,

I made the following script

Script 1

PHP Code:


			
<?php

require_once('./global.php');  



$PRIVILIGED = array("5", "6", "7");        // Super Moderator, Admin, Moderator

$TRUSTED = array("9", "10", "11");        // Wiki, VIP, Special

$ALLOWED = False;                    // Default not logged-in and not priviliged/trusted



// Check if user is logged in

if ($vbulletin->userinfo['userid']!=0) 

{

    if (in_array($vbulletin->userinfo['usergroupid'], $PRIVILIGED)) 

        $ALLOWED = True;



    if (!$ALLOWED)

    {

        $memberships = explode(',',$vbulletin->userinfo['membergroupids']); 

        foreach($memberships as $membership)

            if (in_array($membership, $TRUSTED)) 

            {

                $ALLOWED = True;

                break;

            }

    }

}



if ($ALLOWED)

    $var = $vbulletin->userinfo['username'].','.$vbulletin->userinfo['userid'];

else

    $var= 'no';



echo $var;

?>

This works fine when I execute it directly from my browser.

But I need to call script1 from another domain. Script1 above is actually placed in one subdomain like sub1.mysite.com and I need to call script1 from script2 in another subdomain like sub2.mysite.com.

Script 2

PHP Code:


			
<?php



ob_start();

include 'http://sub1.mysite.com/script1.php';

$contents = ob_get_contents();

ob_end_clean();



echo $contents;

?>

But this fails!

When script 2 calls script 1 it echos "no" even though calling script1 directly returns a username and id. I found out that script1 fails at "

PHP Code:


			
if ($vbulletin->userinfo['userid']!=0)

The VB3.53 has its cookie set to ".mysite.com", so that should be ok.

What am I missing here?

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01100 seconds Memory Usage 1,787KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (3)bbcode_php (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: