Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 07-30-2007, 08:20 PM
reteep reteep is offline
 
Join Date: Mar 2004
Location: Germany
Posts: 164
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Register someone via Querystring?

Would it be possible to write a very little php script which is using vBulletin classes to register someone via querystring?

For example calling this:
domain.com/forum/regme.php?username=test&pw=testy

Would add the given user to the vBulletin Database by using the vBulletin class for it.

If it's possible, which class do I have to use?

Thanks in advance!
Reply With Quote
  #2  
Old 07-30-2007, 09:29 PM
King Kovifor's Avatar
King Kovifor King Kovifor is offline
 
Join Date: Nov 2004
Location: PA
Posts: 3,872
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You would have to use the vB_DataManager_User class.

This article may help you:

https://vborg.vbsupport.ru/showthread.php?t=82836
Reply With Quote
  #3  
Old 07-31-2007, 07:44 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I would be carefull with that, because it would also allow an atacker to create thousands of user accounts in just a few minutes.
Reply With Quote
  #4  
Old 07-31-2007, 09:59 AM
reteep reteep is offline
 
Join Date: Mar 2004
Location: Germany
Posts: 164
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks for the link!

The script won't be public, I just need something like a hook for an ASP.NET Application to create users on a vBulletin forum.

Best regards,
reteep
Reply With Quote
  #5  
Old 07-31-2007, 10:19 AM
RedTyger's Avatar
RedTyger RedTyger is offline
 
Join Date: Nov 2006
Location: UK
Posts: 1,310
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Public != safe! Even so, add a floodcheck.
Reply With Quote
  #6  
Old 07-31-2007, 11:05 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Not public?

You mean public can not access the script, or would it not be accessible because you hope nobody will ever find the script?
Reply With Quote
  #7  
Old 08-01-2007, 05:02 PM
King Kovifor's Avatar
King Kovifor King Kovifor is offline
 
Join Date: Nov 2004
Location: PA
Posts: 3,872
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Add several levels of security. Place it in an obscure location (for example, I once didn't want anyone to find pictures except people I wanted so I placed them in... /pictures/nobody/sees/these/asdf/never/again/) so it would be hard to guess. Then place .htaccess on the directory so you have to physically login to view the file. And add a file password (pass=unadd7364589 for example) and md5() it inside of the file and store the correct passwords md5() value. You could do more for security too.
Reply With Quote
  #8  
Old 08-03-2007, 06:03 AM
reteep reteep is offline
 
Join Date: Mar 2004
Location: Germany
Posts: 164
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks for the hints guys!

In fact I don't think anyone would ever guess the location while directory listing is disabled. But that password/md5 method sounds like a comfortable security measure.

Thanks for all the input!
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:45 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03818 seconds
  • Memory Usage 2,225KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete