[vB 3.0.3] A secure .htaccess form login using vB database

[JohnBee]

I have scanned the forums in search of something but to no avail.
I have found many similar hacks but none that seem to provide a
fully functional approach.

I am looking for a hack or addon that would allow the following.

1) .htaccess form login on a site entrance not generating plain text form data
2) .hataccess security for dirs/ file whatever
3) vBB database l/p authentication

There are java scripts to accomplish form logins with .htaccess
security now that don't pass the form data in your browser
cookies or address bar requiring https or ssl to get rid of.

there is plenty of .htaccess scripts also

What I cannot find is a working .htaccess -> vbulletin user
database script for vbulletin 3.0.3, if I had that perhaps
I could put something together.

Otherwise time is against me, is there anyone up to the task?
I am willing to pay for a job well done.

Your help is appreciated

Sincerely, John B

[Hialls]

Hmm would this require access by membergroupid's?
I think i have a script i used for an old site somewhere at work, if you still are in need i can check when im at work tommorow and email it you.

[JohnBee]

At this time my own requirements do not call for group access
but simply allow or deny access based on membership confirmation.

The problem I am getting is that using an .htaccess approach
the popup login is still very much there on the advent of incorrect
information submital the .htaccess popup will show its ugly head
hense ruining the clean form login approach I was looking for.

Another issue is that user login and password data depending on
the version of windows and SP you are using may appear in plain
text as well as passed down from the form to the authentication
via plain text, unless SSL / https is used.

There is always a PHP based approach, but it would seem that
PHP alone cannot effectively secure dirs and data as would .htaccess.

There is one program that claims to do this though called "NeedLock"
I have emailed the company with questions regarding my application
to see if it could provide what im looking for.

Perhaps there would be a way to intergrate NeedLock with vBB 3
and we would have a happy couple with a nice clean form login
page instead of that plain htaccess popup.

Unless someone here knows code to PHP a security script that can
protect DIRS and CONTENT and not just individual files

[djohn]

i have one of these scripts for vb 2.*, and would really like to see one made for vb3. here's a vb2 version in case anyone wants to have a look at it.

[JohnBee]

Thank you djohn.

I apreciate your help, although your hack might have some valuable bits
to get what I'm looking for done I'm not sure it will be enough to accomplish
this.

[JohnBee]

This is a hack of obvious need "see site search: htaccess"
But every thread ends the same...

Why has this hack not been accomplished and posted is beyond me.
many large sites have sensitive content that would be kept within
there membership sections.

Intergrating the vBB membership database with other areas of the same
site only makes sense. Since there is no competent PHP code to protect
site areas, files etc. .htaccess is left as the obvious choice to get the
job done.

Could someone please create "a working" .htaccess hack that uses
vBB database L/P's to authenticate user access for vB 3.0.3?