Password protect non vb pages (e.g. for admin pages)

This is not really a hack just a handy piece of code. You can use this to password protect individual pages. The username and passwords are taken from the vBulletin database.

Currently this is set to allow only usergroupsid 5 and 6 (admin and super moderators) through [example use as admin area protection]. This could be changed though to allow anyone through if registered, or for specific usergroups etc.

The code is in authvb.php
An example is give in authtest.php

Hope this is of use to some people. If there's some interest I'll tidy it up a bit.

[Oldfart]

Ok I am trying this hack on my site but I seem to be getting a Sql error. The password logon comes up on the screen but when you hit the ok button after putting your logins in I get this Sql error message.

Warning: mysql_connect(): Unknown MySQL Server Host 'u' (1) in /home/xxxxxx/public_html/vwar/includes/classes/class_db.php on line 95

-> Database Error: Link-ID == false, connect failed
-> MySQL Error:
-> MySQL Error Number: 0
-> Date: 25.05.2004 @ 20:56
-> Script: /vwar/war.php
-> Referer:

Any help would be appreciated.

Are we supposed to run any Sql querries installing this?

if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {
mysql_connect( $checkservername, $dbcheckusername, $dbcheckpassword )
or die ( 'Unable to connect to server.' );
mysql_select_db( $dbcheckbase )
or die ( 'Unable to select database.' );

[maximux1]

Quote:

Originally Posted by Oldfart

Ok I am trying this hack on my site but I seem to be getting a Sql error. The password logon comes up on the screen but when you hit the ok button after putting your logins in I get this Sql error message.

Warning: mysql_connect(): Unknown MySQL Server Host 'u' (1) in /home/xxxxxx/public_html/vwar/includes/classes/class_db.php on line 95

-> Database Error: Link-ID == false, connect failed
-> MySQL Error:
-> MySQL Error Number: 0
-> Date: 25.05.2004 @ 20:56
-> Script: /vwar/war.php
-> Referer:

Any help would be appreciated.

Are we supposed to run any Sql querries installing this? It looks like you have the server set to "u" when more likely you want to set it to localhost.

if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {
mysql_connect( $checkservername, $dbcheckusername, $dbcheckpassword )
or die ( 'Unable to connect to server.' );
mysql_select_db( $dbcheckbase )
or die ( 'Unable to select database.' );

Whats the hostname of your mySQL server? Looks like it is currently set to "u" when you more likely want this to be "localhost".

[Oldfart]

My db is set to "localhost"

I have no idea why this happens. I must be doing something wrong.

I put my db settings in the authvb.php and put the require('./authvb.php');
in the page I want to secure but whenever I try and access that page I keep getting the same MySql error.

[Oldfart]

anyone have any ideas... I would like to get this to work on my site. ANy help would be appreciated.

[Rafe]

Quote:

Originally Posted by evilTone

Code:

// Check whether user belongs to certain usergroup 5 for supermoderators 6 for admins

$sql = "SELECT * FROM user WHERE username = '$PHP_AUTH_USER' AND (usergroupid = '6' or usergroupid = '5') "; $result = mysql_query( $sql ) or die ( 'Unable to execute query.' ); $num = mysql_numrows( $result ); if ( $num != 0 ) { $auth = true;     }

anyone have a way to make this check for secondary groups like
(membergroupids = '5' or membergroupids ='16')

the above seems to work ONLY if the user is in 5 or 16 as their only secondary group, ie, if users secondary groups are = 5,11,13 then it fails

I'll look into this for the next version (sorry a bit busy right now), but I haven't forgotten this.

[TheRayden]

Installed it, but I can't even access the page I protected. I've set to it allow 2 usergroups to enter, admins being one of them.

When i try to access the page, I get the username/password popup, but it doesn't reconise me.

[ogetbilo]

what advantage does this hack have over an .htaccess password?

[xeonkiller711]

Make sure on the authtest.php you change the authvb3 to authvb.php just in case you guys didnt change that. Thats the only thing I saw wrong with the hack Thanks for the hack!

[misterfade]

I can't believe how easy this hack looks! I just installed it and it looks fantastic. I did add a few extra usergroups (for my purposes), so it would be like this:

Code:

usergroupid = '2' or usergroupid = '5' or usergroupid = '6' or usergroupid = '7'

Just in case anyone wanted to know how to add extra usergroups.

*clicks install

[Code Monkey]

If you have a newer version of PHP which disables global var tracking (a good thing) then replace $PHP_AUTH_USER with $_SERVER['PHP_AUTH_USER'] and $PHP_AUTH_PW with $_SERVER['PHP_AUTH_PW'] and you should be good to go.