The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
HTTP Basic Authentication against vB-Accounts Details »»
|
|||||||||||||||||||||||||||
|
HTTP Basic Authentication against vB-Accounts
Developer Last Online: Jan 2023 
Seeing all those "user integration" requests over and over again I made a small "hack" (not really as no tables, templates or files are modified
 ) that might be useful if you want to give access to non-forum content based on forum accounts:HTTP Basic Authentication against vB user table ------------------------------------------------ This "hack" allows you to use HTTP Basic authentication (password protected directories) based upon vB accounts. Update Version 0.2 ------------------ I've added a configuration option to the .htaccess so you can specify which usergroup (only one for the moment) you want to grant access. If you don't need this feature just leave the line commented out. Requirements ------------ - vBulletin 3 (at least the user table) - Apache/mod_perl compiled with support for PerlAuthenHandler - Basic Authentication feature enabled to be used in .htaccess Installation ------------ 1) Edit vBAuth.pm, fill in the configuration settings (database, etc.) 2) Put vBAuth.pm in your Perl Apache-Moduls directoy 3) (Optional) Edit .htaccess to meet your requirements 4) Put .htaccess in the directory you want to protect Show Your Support
|
|||||||||||||||||||||||||||
About Developer
Visit Web Site
Is in Beta Stage | Comments |
|
#32
11-23-2004, 03:47 AM
|
||||
|
||||
Quote:
|
|
#33
11-29-2004, 03:19 AM
|
|||
|
|||
|
I really need help ASAP. I uploaded this to my server and when I go to my site, I got the following error:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html> <head> <style> a:link {font:8pt/11pt verdana; color:red} a:visited {font:8pt/11pt verdana; color:#4e4e4e} </style> <meta HTTP-EQUIV="Content-Type" Content="text-html; charset=Windows-1252"> <title>HTTP 500 Internal server error</title> </head> <script> function Related(){ userURL=document.location.href; //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. BeginURL=userURL.indexOf("#",1) + 1; CurrentURL=userURL.substring(BeginURL,DocURL.lengt h); //Build the query RelatedServiceURL="http://related.msn.com/related.asp?url="; //Perform simple check for Intranet URLs //this is where the http or https will be, as found by searching for :// but skip res: protocolIndex=userURL.indexOf("://",4); serverIndex=userURL.indexOf("/",protocolIndex + 3); urlresult=userURL.substring(0,serverIndex); if (protocolIndex - BeginURL > 7) urlresult="" //Check if Intranet URL - then open search bar if (urlresult.indexOf(".",0) < 1) userURL="Intranet URL"; finalURL = RelatedServiceURL + encodeURIComponent(userURL); window.open(finalURL, "_search"); } function Homepage(){ // in real bits, urls get returned to our script like this: // res://shdocvw.dll/http_404.htm#http://www.DocURL.com/bar.htm //For testing use DocURL = "res://shdocvw.dll/http_404.htm#https://www.microsoft.com/bar.htm" DocURL=document.location.href; //this is where the http or https will be, as found by searching for :// but skipping the res:// protocolIndex=DocURL.indexOf("://",4); //this finds the ending slash for the domain server serverIndex=DocURL.indexOf("/",protocolIndex + 3); //for the href, we need a valid URL to the domain. We search for the # symbol to find the begining //of the true URL, and add 1 to skip it - this is the BeginURL value. We use serverIndex as the end marker. //urlresult=DocURL.substring(protocolIndex - 4,serverIndex); BeginURL=DocURL.indexOf("#",1) + 1; urlresult=DocURL.substring(BeginURL,serverIndex); //for display, we need to skip after http://, and go to the next slash displayresult=DocURL.substring(protocolIndex + 3 ,serverIndex); // Security precaution: must filter out "urlResult" and "displayresult" forbiddenChars = new RegExp("[<>\'\"]", "g"); // Global search/replace urlresult = urlresult.replace(forbiddenChars, ""); displayresult = displayresult.replace(forbiddenChars, ""); document.write('<A target=_top HREF="' + urlresult + '">' + displayresult + "</a>"); } function doSearch() { saOC.NavigateToDefaultSearch(); } function initPage() { document.body.insertAdjacentHTML("afterBegin","<ob ject id=saOC CLASSID='clsid:B45FF030-4447-11D2-85DE-00C04FA35C89' HEIGHT=0 width=0></object>"); } </script> <body bgcolor="white" onload="initPage()"> <table width="400" cellpadding="3" cellspacing="5"> <tr> <td id="tableProps" valign="top" align="left"><img id="pagerrorImg" SRC="pagerror.gif" width="25" height="33"></td> <td id="tableProps2" align="left" valign="middle" width="360"><h1 id="errortype" style="COLOR: black; FONT: 13pt/15pt verdana"><span id="errorText">The page cannot be displayed</span></h1> </td> </tr> <tr> <td id="tablePropsWidth" width="400" colspan="2"><font style="COLOR: black; FONT: 8pt/11pt verdana">There is a problem with the page you are trying to reach and it cannot be displayed.</font></td> </tr> <tr> <td id="tablePropsWidth" width="400" colspan="2"><font id="LID1" style="COLOR: black; FONT: 8pt/11pt verdana"><hr color="#C0C0C0" noshade> <p id="LID2">Please try the following:</p><ul> <li id="instructionsText1">Open the <script> Homepage();</script> home page, and then look for links to the information you want. </li> <li id="instructionsText2">Click the <a xhref="javascript:location.reload()" target="_self"> <img border=0 src="refresh.gif" width="13" height="16" alt="refresh.gif (82 bytes)" align="middle"></a> <a xhref="javascript:location.reload()" target="_self">Refresh</a> button, or try again later.<br> </li> <li ID="instructionsText3">Click <a href="javascript:doSearch()"><img border=0 src="search.gif" width="16" height="16" alt="search.gif (114 bytes)" align="center"> Search</a> to look for information on the Internet. </li> <li id="instructionsText4">You can also see <a onclick="Related();event.returnValue=false" href="">a list of related sites.</a> </ul> </p> <p><br> </p> <h2 id="ietext" style="font:8pt/11pt verdana; color:black">HTTP 500 - Internal server error <br> Internet Explorer </h2> </font></td> </tr> </table> </body> </html> I tried editting the .PM file, but that doesn't work. If anyone can help me, please let me know ASAP.
|
|
#34
01-24-2005, 12:28 AM
|
||||
|
||||
|
Quote:
But unfortunately, using digest authentication is not an option, because then we will get md5('Username:Real:Password'). But in the user table there is only md5(md5'Password') . $salt). Quote:
The only way to do so would be to keep files out ot document root and use a script to read them. What I am currently thinking of is a new Apache authentication module which checks the sessionhash (or bbuserid bbpassword) cookies, and if the are not valid redirects to login.php.
|
|
#35
01-26-2005, 10:38 AM
|
|||
|
|||
|
Quote:
 assword) ? If you had a link somewhere so that users can request access to secure areas and you asked them to put in their username and password into a form then used the MD5 javascript from vb3 to send: username MD5(password) //for checking its the same as their forum password and is the same user... MD5(Username:realm assword)
|
|
#36
05-24-2005, 04:24 AM
|
|||
|
|||
|
any update on this? I don't have root access, and I'm looking for a way to protect directory full of non-html/php files, and make it accessible only to certain usergroups... damn, how hard can that be?
|
|
#37
03-29-2007, 02:24 PM
|
|||
|
|||
|
Im bumping this thread because I am in need of this hack.
Is there any chance to release it for vbulletin 3.6 ? Thanks in advance.
|
|
#38
04-13-2007, 07:39 AM
|
|||
|
|||
|
Quote:
|
 |
«
Previous Thread
|
Next Thread
»
|
|
All times are GMT. The time now is 03:50 PM.