Password Non VB Pages Using VB Member Info

This works on ALL VB version

This was created by an Admin (CyberGaf) on my site for the simple reason we wanted to make non vbull pages passworded and available only to members.

The full install details are in the zip file and TBH if you cant get this up and running its time to give up.

This can also be used on html pages I am told but have not tried it.

You can even set which user groups are allowed to view the page.

# Vbulletin GROUP ID's
# default setting = Admin & Super Moderators
#
# 1 Unregistered / Not Logged In
# 2 Registered
# 3 Users Awaiting Email Confirmation
# 4 (COPPA) Users Awaiting Moderation
# 5 Super Moderators
# 6 Administrator
# 7 Moderators
# 8 Banned
# 9 Moderated
# 10 Gold Member
# 11 Platinum Member

Please note the above usergroups are for our forums and therefor will not be available on your forum.

Or by changing usergroupid = '5') to userid ='users id') you can set the script to allow only specific users to view the pages.

This is not so much a hack but a handy little addon and it DOES work.

HM

[bgtking]

Anybody?

[FlyingDutchman]

works perfectly fine for me!

even on my windows (98SE)/apache test server!


just put

PHP Code:

<?php require('./authvb.php'); ?>

in global.php (ALL OF THEM!!!) to secure your whole board...
(if you do this, upload the authvb.php file also to your admin & mod dir (make changes to the permissions if needed! - ie, admin dir for admins only...)

[bgtking]

I have added that. Where in the document should I put it?

[FlyingDutchman]

oops
sorry, my fault... better instructions this time:

JUST AT THE TOP OF global.php (IMMEDIATELY AFTER <?php or <? ADD:

PHP Code:

require('./authvb.php'); 


see the other post what else you need to do

[bgtking]

How does this help secure my nonvB pages?

[svoec]

this hack works killer!!
thanks --

I'll share the things I found out...

put the require statment above the HTML tag -- if you open this file with front page-- it will screw it up, and you have to fix it back...

[mt_100]

Thank you for the comments, and the tips.

I forgot to note that the new version includes an added feature. I added a column to the user table in the vBulletin database called lastlogin as a date field. Now whenever someone logs into your site that field will be set so you know when they last logged into the non VB areas.

[Aaow AnD wHiTe]

Would it be possible to protect an entire folder using this hack? I'm trying to do it with mod_auth_mysql and .htaccess but everytime I enter a username and password, It shows the prompt again, as if ignoring the password. This is what it looks like:

AuthType Basic
AuthUserfile /dev/null
AuthName "Member Access Only"
AuthType Basic
AuthGroupFile /dev/null
AuthMySQLHost localhost
AuthMySQLCryptedPasswords Off
AuthMySQLUser root
AuthMySQLPassword here I put my db password
AuthMySQLDB vbulletin
AuthMySQLUserTable user
AuthMySQLNameField username
AuthMySQLPasswordField password
AuthMySQLGroupField usergroupid
<Limit GET POST>
require group 2 5 8 7 6
</limit>

[Sebastian]

it prompts for password but it won't accept my username and or password. I edited the usergroup to mines and still doesn't accept it.

[Aaow AnD wHiTe]

That's the same thing that happen to us with the htaccess code posted above. Hope someone can help us