Password Non VB Pages Using VB Member Info

This works on ALL VB version

This was created by an Admin (CyberGaf) on my site for the simple reason we wanted to make non vbull pages passworded and available only to members.

The full install details are in the zip file and TBH if you cant get this up and running its time to give up.

This can also be used on html pages I am told but have not tried it.

You can even set which user groups are allowed to view the page.

# Vbulletin GROUP ID's
# default setting = Admin & Super Moderators
#
# 1 Unregistered / Not Logged In
# 2 Registered
# 3 Users Awaiting Email Confirmation
# 4 (COPPA) Users Awaiting Moderation
# 5 Super Moderators
# 6 Administrator
# 7 Moderators
# 8 Banned
# 9 Moderated
# 10 Gold Member
# 11 Platinum Member

Please note the above usergroups are for our forums and therefor will not be available on your forum.

Or by changing usergroupid = '5') to userid ='users id') you can set the script to allow only specific users to view the pages.

This is not so much a hack but a handy little addon and it DOES work.

HM

[99SIVTEC]

Any reason why this wouldn't work with vbulletin 3.0? I glanced through the file real quick and the code seems simple enough and shouldn't connect to anything vb2 specific. I'll try to test it out when I get home if no one else does first.

[Timmmmmy]

mine is not working with vb 3.0

[Timmmmmy]

I figured out the problem, i took out the variable for check pwd instead just changed the sql query

Here is the fix to that file

Code:

    $sql = "SELECT * FROM user WHERE 
            username = '$PHP_AUTH_USER' AND 
            password = 'MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt))' ";

[Timmmmmy]

Code:

<?php 
    include("/home/****/public_html/dbConfig.php");


$encryptedpw ="true";

$realm = "This site is private!";

$auth = false; // Assume user is not authenticated 

if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) { 

    // Connect to MySQL 

    mysql_connect( $host, $user, $password ) 
        or die ( 'Unable to connect to server.' ); 



    mysql_select_db( $forum_database ) 
        or die ( 'Unable to select database.' ); 


    $sql = " SELECT * FROM user WHERE 
	username='$PHP_AUTH_USER' AND 
	password = MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt))";
            
    // Execute the query and put results in $result 

    $result = mysql_query( $sql ) 
        or die ( 'Unable to execute query.' ); 

    // Get number of rows in $result. 

    $num = mysql_numrows( $result ); 

    if ( $num != 0 ) { 

    // A matching row was found - the user is authenticated. 

        $auth = true; 

    } 

} 

if ( ! $auth ) { 

    header( "WWW-Authenticate: Basic realm=\"$realm\"" ); 
    header( "HTTP/1.0 401 Unauthorized" ); 
    echo 'Authorization Required - EMPL Owners Only!'; 
    exit; 
} 

?>

[jw791]

Any chance on posting a full vb3 version? I tried Timmy's hacks but I'm sure that I'm messing something up.

No workie w/vb3

[gopherhockey]

Quote:

Originally Posted by jw791

Any chance on posting a full vb3 version? I tried Timmy's hacks but I'm sure that I'm messing something up.

No workie w/vb3

I got it to work on vb3 (watch where he has the ' characters, its different in the two code samples)

[Zaeolos]

Quote:

Originally Posted by gopherhockey

I got it to work on vb3 (watch where he has the ' characters, its different in the two code samples)

Ok, give us a better hint on how you got it to work with VB3. I still cannot get it to work.

[blkthndr]

These are the only lines I changed and it works for me with 3.0.0 Gold:

// Formulate the query
// Get rid of these 4 lines or comment them out:
# if ($encryptedpw)
# $chkpw = md5($PHP_AUTH_PW);
# else
# $chkpw = $PHP_AUTH_PW;
// Keep this line
$sql = "SELECT * FROM user WHERE
// Keep this line
username = '$PHP_AUTH_USER' AND
// get rid of this line
# password = '$chkpw' AND
// add this line
password = MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt)) AND usergroupid = '6'";

[BlackxRam]

I am unable to get the Page to load. If i goto the url of authvb.php directly it seems to work fine. However when i include this into a PAGE then it does not AUTH me. I have my cookie set to my domain but i dont know what could be wrong.

[blkthndr]

This is how I am including it:

PHP Code:

<?php require('./authvb.php'); ?>

Hope that helps.