Restrict Non Vb pages

[cbr929rrerion]

ok.. This sounds simple but this is what I need.

I have non VB pages, they are html pages not php and I want the VB system to only let registered members, mods and admin to view the pages, is there a script I can add to it to do that, if so what is the exact script or code, if I can copy it and paste it that would be awesome.

Thanks..

Rick

[peterska2]

The eaiset way would be to make then into php pages and add a usergroup check into the php before outputting the html.

[cbr929rrerion]

well its a photo slide show program that creates the pages and thumbs and etc, so I really cant do that.. it has to restrict html pages..

[peterska2]

The permissions check will only work if the page is php.

You can change the page to a php page then after the required code paste your entire html page then just close of the php after that.

[Billspaintball]

See my sigs for a couple of hacks that allow usergroup based access.
However, as peterska2 has said it will have to be a php page.

[maximux1]

I feel bad about reposting this code, as it is not mine and I dont know who to credit. I've done a search of the forums but im not coming up with an answer. I'll post the code below for copy/paste and continue to look for the author to proper credit.

Again, this is NOT my work.

PHP Code:


// To secure a page put this in your php file (and have authvb.php in the same directory)
// require('./authvb.php');


// Variables to edit

$checkservername = "localhost";                 // hostname or ip of server
$dbcheckusername = "dbusername";                      // user name
$dbcheckpassword = "dbpasword";                   // user password
$dbcheckbase     = "vBDatabase";                     // name of database
$realm = "Private - no unauthorized access";                // Name of secured area / file
$auth = false;                                  // Assume user is not authenticated 



// Check for username and password values and set up MySql connection

if (isset( $_SERVER['PHP_AUTH_USER'] ) && isset($_SERVER['PHP_AUTH_PW'])) { 
    mysql_connect( $checkservername, $dbcheckusername, $dbcheckpassword ) 
        or die ( 'Unable to connect to server.' ); 
    mysql_select_db( $dbcheckbase ) 
        or die ( 'Unable to select database.' ); 


// Password check - get passowrd and salt from db for username specified

$query = "SELECT salt, password, userid FROM user WHERE username='$_SERVER[PHP_AUTH_USER]'"; 
$result = mysql_query($query) or die("The information you entered does not match our records."); $row=mysql_fetch_array($result); 
$dbpassword = $row['password']; 
$salt = $row['salt'];
$userid = $row['userid'];
$username = $_SERVER[PHP_AUTH_USER];

// Is the password the same
if ($dbpassword == md5(md5($_SERVER['PHP_AUTH_PW']). $salt)) { 

// Check whether user belongs to certain usergroup 5 for supermoderators 6 for admins


// change the usergroupid's to the numbers of the usergroups you want to allow access to the page.

$sql = "SELECT * FROM user WHERE username = '$_SERVER[PHP_AUTH_USER]' AND (usergroupid = '6' or usergroupid = '5' or usergroupid = '
53' or usergroupid = '49') "; $result = mysql_query( $sql ) or die ( 'Unable to execute query.' ); $num = mysql_numrows( $result ); 
if ( $num != 0 ) { $auth = true;     }  

} else { 
//Optional place for stuff about wrong password

 }

}

//If no authoristaion
if ( ! $auth ) { 
    header( "WWW-Authenticate: Basic realm=\"$realm\"" ); 
    header( "HTTP/1.0 401 Unauthorized" ); 
    echo 'Authorization Required! Credentials have been logged!'; 
    exit; 
} 


Hope this helps some.

Max

Thanks and Greets to RAFE for this piece of code

O.T. https://vborg.vbsupport.ru/showthrea...ghlight=authvb