global.php

[Wizardjv]

Ok so I wrote a private script I only want certain usergroups to see. But the problem im having is when I use the global.php to set the permision like:

HTML Code:

<?php

require('./global.php');   ?>

<? 
if (!is_member_of($vbulletin->userinfo, 13))
{
    print_no_permission();
}  
?>

It breaks my php script because of the certain variables set in the global php

Is there any other way I could restrict access by certain usergroups without the global.php. Or maybe someone could tell me exactly what part of the global php is the part that sets the permissions like that. And I could just create a new file to tie the permissions into.

Any help would be greatly appreciated.

[Dismounted]

I would rather change my own script to suit global.php than change global.php to suit my script.

[odonel]

another idea is to copy global.php to global2.php, edit global2.php and require global2.php

[Wizardjv]

Well I found this code by ModShack:

Code:

// To secure a page put this in your php file (and have authvb.php in the same directory)
// require('./authvb.php');


// Variables to edit

$checkservername = "localhost";                 // hostname or ip of server
$dbcheckusername = "dbusername";                      // user name
$dbcheckpassword = "dbpasword";                   // user password
$dbcheckbase     = "vBDatabase";                     // name of database
$realm = "Private - no unauthorized access";                // Name of secured area / file
$auth = false;                                  // Assume user is not authenticated 



// Check for username and password values and set up MySql connection

if (isset( $_SERVER['PHP_AUTH_USER'] ) && isset($_SERVER['PHP_AUTH_PW'])) { 
    mysql_connect( $checkservername, $dbcheckusername, $dbcheckpassword ) 
        or die ( 'Unable to connect to server.' ); 
    mysql_select_db( $dbcheckbase ) 
        or die ( 'Unable to select database.' ); 


// Password check - get passowrd and salt from db for username specified

$query = "SELECT salt, password, userid FROM user WHERE username='$_SERVER[PHP_AUTH_USER]'"; 
$result = mysql_query($query) or die("The information you entered does not match our records."); $row=mysql_fetch_array($result); 
$dbpassword = $row['password']; 
$salt = $row['salt'];
$userid = $row['userid'];
$username = $_SERVER[PHP_AUTH_USER];

// Is the password the same
if ($dbpassword == md5(md5($_SERVER['PHP_AUTH_PW']). $salt)) { 

// Check whether user belongs to certain usergroup 5 for supermoderators 6 for admins


// change the usergroupid's to the numbers of the usergroups you want to allow access to the page.

$sql = "SELECT * FROM user WHERE username = '$_SERVER[PHP_AUTH_USER]' AND (usergroupid = '6' or usergroupid = '5' or usergroupid = '
53' or usergroupid = '49') "; $result = mysql_query( $sql ) or die ( 'Unable to execute query.' ); $num = mysql_numrows( $result ); 
if ( $num != 0 ) { $auth = true;     }  

} else { 
//Optional place for stuff about wrong password

 }

}

//If no authoristaion
if ( ! $auth ) { 
    header( "WWW-Authenticate: Basic realm=\"$realm\"" ); 
    header( "HTTP/1.0 401 Unauthorized" ); 
    echo 'Authorization Required! Credentials have been logged!'; 
    exit; 
}

Which works fine though now I would like to log who logs into that page like: the username and ip addy used.

Does anyone know how I could do this?