The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Check logged in state in external script
Hello,
I'm trying to hunt down the code required to check for a valid vBulletin login. I've restricted access to my vBulletin site, but in order to protect my files, I've created a script that will feed the files to the users rather than allow them to access the files directly (i.e. pdfs, videos, audio, etc.). I know that once the members get the content they can go around and distribute it as they feel, but I just want to add an extra layer of protection to at least keep non-members from being able to access the files directly. So now that I have the script that feeds the users the files, I want to have that script check that they are a valid vBulletin user. Is there a simple method to do this? The script currently is not tied into vBulletin at all, so I'm wondering what I need to do to verify the user is logged in and is a valid member. I just need pointed in the right direction, because I'm new to vBulletin. Any feedback is greatly appreciated. Thanks, Wil --------------- Added [DATE]1271442679[/DATE] at [TIME]1271442679[/TIME] --------------- I still have to test it more thoroughly, but so far adding this to the top of my script appears to be working... PHP Code:
Wil |
#2
|
|||
|
|||
Depending on where this download link is, you could just wrap your download link in a vb:if conditional to see if the user is registered?
See this link for an explanation on conditionals if your not sure what I'm on about. You basically want to make something that will work like ; if user == registered {show the link HTML} else { redirect to login page HTML }. Depending on what the file is and the nature of your site, unless its a map to lost treasure theres probably not much point wrapping this in too many layers of protection simply because theres always one little b*gger who finds a way around it! Good luck, I hope this helps! |
#3
|
|||
|
|||
Hi NickyDee,
I was actually trying to find something like you mentioned but this is a script completely independent of the vBulletin software itself. I think the vb:if is only for templates within the vBulletin realm correct? Basically what I did was this...created a folder called "file" and placed an index.php page inside that folder. The index file has a readfile function that pulls files from a hidden location and serves them up with the proper headers whenever accessed via the script with the proper parameters. So a file link would look something like... http://www.mysite.com/file/?type=pho...=christmas.jpg The index page will retrieve the proper jpeg and feed it to that link with image/jpeg headers but I wanted it to only do so if the user was logged into vBulletin. By including the global.php file from vB it appears this has given me the functionality I was looking for. It may be overkill for the simple login check I want to do, so I'll have to look into it a bit deeper. I like your idea of just having a simple if/then but I'll need to research vBulletin some more to see what options I have in those regards. I'd like to make it as streamlined as possible so that all the files are "protected" but load quickly. It all goes down the drain as soon as some registered user downloads all the files and goes and posts them on their own server, but at least that user was registered and they aren't emailing people a link to free content that we're serving up. Having the file open to the public at... http://www.mysite.com/file/photo/family/christmas.jpg ...would kinda defeat the purpose of making them register and whatnot, so that's why I'm trying to do this. At least they have to register to use my link or get the file from someone else. Wil |
#4
|
|||
|
|||
Hey Wil,
Yeah your right in saying that you won't be able to access vB conditionals outside of a vB page. You could strap this image director into a vB page to access those conditionals but if you managed to get it working just by requiring ./global.php then thats probably a lot easier! I can't think off the top of my head why its working but - if it works and you aren't getting database errors then whos complaining! good work, its not often that solutions turn out to be so simple - on a side note, it might pay to check this in a couple of browsers with different cookie settings to make sure it consistently works. |
#5
|
|||
|
|||
Yeah, you're right...it's only working when I have logged in directly through the files login request. When the file is embedded in a page, it does not recognize the current sessions login. I'll have to see what else I can do.
Wil |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|