Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > General > Member Archives
Details »»

Version: , by Lionel Lionel is offline
Developer Last Online: Nov 2023 Show Printable Version Email this Page

Version: Unknown Rating:
Released: 01-09-2002 Last Update: Never Installs: 0
 
No support by the author.

I added some third party software and it is sharing the vb user database info. I placed a link in the usercp that allows member to access his own photo album. Unfortunately that link presents you with a login form again and I'd like to make it a direct access. Since it is the same username and password, is there a way to parse it to the login form? I know that I could make use of hidden fields to simulate the login like:
<form method=post action="../othersoftware/login.php">
<input type="hidden" name="uidform" value="?">
<input type="hidden" name="password" value="?">
<input type="submit" name="submit" value="My Albums">
</form>

How can I create a template to do so?

Thank you.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 01-09-2002, 08:20 AM
Admin's Avatar
Admin Admin is offline
Coder
 
Join Date: Oct 2023
Location: Server
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

For userid you can use $bbuserinfo[userid], for username $bbuserinfo[username], and for password $bbuserinfo[password].
Remember that the password will be in its 32-char hashed form (MD5()ed), so you'll need to make your script work with it.
Reply With Quote
  #3  
Old 01-09-2002, 08:28 AM
Lionel Lionel is offline
 
Join Date: Dec 2001
Location: Delray Beach, Florida
Posts: 3,277
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Actually I just found that too. I get the username and the MD5 password which is what the other script uses, but it is not being recognized. I think other script reads from letters than compares it with the string.

Exactly what I thought. I just tried in Dreamweaver by manually placing the password. I got in from desktop no problem.

So how do I parse the password in plain english?
Reply With Quote
  #4  
Old 01-09-2002, 08:44 AM
Admin's Avatar
Admin Admin is offline
Coder
 
Join Date: Oct 2023
Location: Server
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You can't decode the password.
You need to adjust the other script to compare the passwords as they are, i.e not MD5ing it then comparing it with the value in the database.
Unless you use a different table and the passwords there are not encoded. In that case you will need to MD5 the value in the database when comparing:
Code:
SELECT [...] FROM tableName WHERE username=$username and MD5(password)=$password;
Reply With Quote
  #5  
Old 01-09-2002, 08:54 AM
Lionel Lionel is offline
 
Join Date: Dec 2001
Location: Delray Beach, Florida
Posts: 3,277
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

here is how the other script does its routine after you put that password in plain English:

connectDB();
$uid = $uidform;
$result = queryDB( "SELECT uid, password, admin FROM $userinfo WHERE uid='$uidform' && status = '1'" );
$nr = mysql_num_rows( $result );

if ($nr > 0)
{
$row = mysql_fetch_array($result);
if ($uid == $row["uid"] and ( (md5($password) == $row["password"]) ) )
{
if($sysstatus == "1" || $row[admin] == "1")
{
Header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
Header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
Header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
Header ("Pragma: no-cache");

if($ref == "1" && $myref && !eregi("login.php", $myref))
$redurl = $myref;
else
$redurl = "$mainurl/user/index.php";
Reply With Quote
  #6  
Old 01-09-2002, 09:14 AM
Admin's Avatar
Admin Admin is offline
Coder
 
Join Date: Oct 2023
Location: Server
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is what you need to change:
Code:
if ($uid == $row["uid"] and ( (md5($password) == $row["password"]) ) )
if this script is only used with that form, you can just change it to this:
Code:
if ($uid == $row["uid"] and ( ($password == $row["password"]) ) )
(taken out the md5() function call)

If it is used in other places, it's a bit more complicated.
Reply With Quote
  #7  
Old 01-09-2002, 09:19 AM
Lionel Lionel is offline
 
Join Date: Dec 2001
Location: Delray Beach, Florida
Posts: 3,277
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I can always remove the other logins and limit access to control panel only.
Reply With Quote
  #8  
Old 01-09-2002, 09:24 AM
Lionel Lionel is offline
 
Join Date: Dec 2001
Location: Delray Beach, Florida
Posts: 3,277
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

that works just fine.
Reply With Quote
  #9  
Old 01-09-2002, 09:36 AM
Lionel Lionel is offline
 
Join Date: Dec 2001
Location: Delray Beach, Florida
Posts: 3,277
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I copied login.php into login1.php and am using the altered one for usercp
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:05 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06061 seconds
  • Memory Usage 2,272KB
  • Queries Executed 24 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (3)bbcode_code
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (9)post_thanks_box
  • (9)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (9)post_thanks_postbit_info
  • (8)postbit
  • (9)postbit_onlinestatus
  • (9)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete