Security token with external search field.

[JonZ]

Quote:

Originally Posted by Voltar

You can have access to a users' security token outside of standard forum pages if you include global.php.

PHP Code:

require_once('./global.php');
print($vbulletin->userinfo['securitytoken']); 


Would print out the hash. To use it in a search box, you would need to create a new hidden field in your form

PHP Code:

<input type="hidden" name="securitytoken" value="<?php echo($vbulletin->userinfo['securitytoken']); ?>" />

Oh thanks man, it working! I hit my head on a wall for days on this problem.

[TJ3]

Having the same problem here!

Where does this code go?

require_once('./global.php');
print($vbulletin->userinfo['securitytoken']);

[Dismounted]

This thread only applies if you are creating your own files - are you doing this?

[TJ3]

Problem has been solved, thanks for checking in.

This was for a search box outside of the existing ones, so it needed to generate the token.

[theybannedme]

Quote:

Originally Posted by TJ3

Problem has been solved, thanks for checking in.

This was for a search box outside of the existing ones, so it needed to generate the token.

Would you mind explaining how you did it step by step? Thanks much.

[Dismounted]

Including global.php will generate a token automatically, otherwise, you can generate one yourself.

[theybannedme]

Thanks for the quick response. I'm trying to do this on a wordpress page. On the appropriate php file for the template sidebar of WP I put this code:

Code:

<?php $vwd = '/home/domains/theybannedme.com/www_root/forums';
if ($vwd)
{
    chdir($vwd);
}

require_once ('/home/domains/theybannedme.com/www_root/forums/global.php'); 
print($vbulletin->userinfo['securitytoken']); ?>


<div class="sidebar-item">
<form action="http://www.theybannedme.com/forums/memberlist.php?do=search" method="post" name="search">
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />
<input type="hidden" name="do" value="process" />
<input type="hidden" name="showposts" value="0" />
<input type="hidden" name="quicksearch" value="1" />
<input type="text" name="query" size="20" value="Search" onfocus="this.value=''" />&nbsp;
<input type="submit" value="Go" name="gobutton">
</form>
</div>

It gives me the search bar but when I try to search, I get the vbulletin error telling me invalid security token (before it said token was "missing" but after tweaking it says "invalid" so I think I'm close). Did I put it in the right place? Is my code messed up? Thank you again.

[Dismounted]

$bbuserinfo can only be used inside vBulletin templates.

Code:

<input type="hidden" name="securitytoken" value="<?php echo $vbulletin->userinfo['securitytoken']; ?>" />

[theybannedme]

Using this:

Code:

<?php $vwd = '/home/domains/theybannedme.com/www_root/forums';
if ($vwd)
{
    chdir($vwd);
}

require_once ('/home/domains/theybannedme.com/www_root/forums/global.php'); 
print($vbulletin->userinfo['securitytoken']); ?>


<form action="http://www.theybannedme.com/forums/memberlist.php?do=search" method="post" name="search">
<input type="hidden" name="securitytoken" value="<?php echo $vbulletin->userinfo['securitytoken']; ?>" />
<input type="hidden" name="do" value="process" />
<input type="hidden" name="showposts" value="0" />
<input type="hidden" name="quicksearch" value="1" />
<input type="text" name="query" size="20" value="Search" onfocus="this.value=''" />&nbsp;
<input type="submit" value="Go" name="gobutton">
</form>

Now I get this.

Quote:

Your submission could not be processed because a security token was missing.

If this occurred unexpectedly, please inform the administrator and describe the action you performed before you received this error.

Thank you for your help.

[Dismounted]

View the source of the page - is there a token there?