Simple vB User login and access control on non vB pages

Hack Description

This is a cutdown version of the user authentication and access control system I use on the non vB pages on my website.

This uses the vB 3.5 login system to log you in and out. It allows you to move between your forums and other pages on your site while remaining logged in.

It allows you to do things such as restrict pages by usergroup, display different content depending on a user being logged in or not.
For example, you can have banner Adds displying to non members only, and/or let members access to specific content.

Ive cut it down to the bare minimum that it needs to work, no fancy stuff such as avatars, PM's, or even formating.

I will try and offer support, but work and family commitments mean I dont have much free time.

This code is a mix of my own, and pieces I have used from other hacks that are floating around.

This script has been confirmed as working on

• vB 3.5.x - All Versions

Changelog

Version 1.30 (24th April 2007)

• Fixed - // in paths bug
• Fixed - Javascript warning in some browsers
• Fixed - Tidied up some code

Version 1.20 (2nd December 2006)

• Fixed Logout incorrect path bug
• Made change to reduce compatibility problems with foreign scripts

Version 1.10 (4th Feb 2006)

• Changed login_inc.php so you only need to edit path in one place now.
• Added more commenting to login_inc.php
• Added usage instructions to instructions file
• Added troubleshooting guide with all common problems and fixes to instructions file.

Note: It is NOT necessary to update from 1.0 to 1.10.
There is no functionality changes or bug fixes between these 2 releases.

Version 1.0 (17th November 2005)

• Initial Release

Deluxe Version of this hack is now available
Has Avatars, PM's, Number of Posts etc.

Click Here


Click on Install
If you have this script installed then please click on the install link because;

• You will get notified if any security issues are reported.
• You will get notified when there are any upgrades to this script
• It gives me a warm fuzzy feeling and motivates me to develop more

Donations
First of all, to be clear. This script is 100% free.

However if you feel an urge to donate I'm not going to say no.
Donations can be made at http://www.billspaintball.com/vb3/bd_donate.php

[Billspaintball]

1st up.
Subdomains + scripts + vB are a known problem, and not always fixable.

2nd.
Had a look at the source behind http://www.nrlleague.com/indexnew2.php On the site your links are in the format forums.nrlleague
Change them to the nrlleague.com/forums link and see if that fixes it.

[Sven]

Quote:

Originally Posted by Billspaintball

1st up.
Subdomains + scripts + vB are a known problem, and not always fixable.

2nd.
Had a look at the source behind http://www.nrlleague.com/indexnew2.php On the site your links are in the format forums.nrlleague
Change them to the nrlleague.com/forums link and see if that fixes it.

Have you got any news regarding my problem?

[ausnrl]

O i had them changed but forgot to upload it that was whats wrong. Anyway thanks for the help nice hacks.

so to display things like how many pms htey have we just use the phrases?

[Realm of Horror Comics]

Quote:

Originally Posted by ausnrl

so to display things like how many pms htey have we just use the phrases?

Yeah, I wanna know this too...

[Billspaintball]

Quote:

Originally Posted by ausnrl

O i had them changed but forgot to upload it that was whats wrong.

:laugh: Been there, done that.
Glad that its all working now.

Quote:

so to display things like how many pms htey have we just use the phrases?

This simple one only does stuff like the sample in this post https://vborg.vbsupport.ru/showpost....98&postcount=2
I wanted to keep this to the bare minimum of complexity so anyone can use it with much knowledge of php.

The more fully featured one will have the stuff like avatars and PM's on it like on my site. I havent had time to tidy up the code on it yet. It will be simple to upgrade, just change the login_inc.php file.

[Billspaintball]

Quote:

Originally Posted by Sven

Have you got any news regarding my problem?

Sorry, I havent found any simple way around a cross domain cookie issue like this.
The only way I can think of is if you actually hacked vB's login.php to get it to post the variables back.

[Sven]

Quote:

Originally Posted by Billspaintball

Sorry, I havent found any simple way around a cross domain cookie issue like this.
The only way I can think of is if you actually hacked vB's login.php to get it to post the variables back.

I guess the other way would be to create an own login that is querying the vb database... but I doubt I have the knowledge to do that w/o opening security holes...

Thx anyway... I'm going to stick with my interim solution and use the normal login I created, apart from vB.

[exegete]

Quote:

Originally Posted by Sven

I guess the other way would be to create an own login that is querying the vb database... but I doubt I have the knowledge to do that w/o opening security holes...

Thx anyway... I'm going to stick with my interim solution and use the normal login I created, apart from vB.

If you're modularising this code into sub-functions, don't forget to "global $vbulletin;" at the start, or your script will never realise that anyone is logged in. It took me hours to figure that tiny little thing out. Grr.

Additionally, I have this extension working fine across subdomains (forums on community.mydomain.org with the extension on www.mydomain.org). Make sure you have your cookie domain (Admin CP -> Cookies -> Cookie Domain) set to ".yourdomain.com". I also have this set in my php.ini file (but probably not strictly necessary). I'm not using any other special hacks or modifications to integrate my subdomains either, it's a very standard setup.

Oh, and, one other thing you might want to check: Admin CP -> General Settings -> Post Referrer Whitelist. Make sure ".yourdomain.com" is listed in there too, so your subdomains can post forms to each other without any complaints.

[Billspaintball]

Hack Updated
As of now this hack has been updated from 1.1 to 1.10.

See the changelog in the first post here for details.

[tuanluu]

Is it possible for us to hook 4image using this hack? I try to other 4image interation, but it give too much error and does not work well. I think the code for for that 4image is too busy. I have not heard from that coder lately.

If yes, please show me the step thank ahead