Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 Programming Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 11-30-2008, 02:48 AM
LanciaStratos's Avatar
LanciaStratos LanciaStratos is offline
 
Join Date: Oct 2001
Location: somewhere you're not
Posts: 221
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default I just set a new cookie... is this OK?

I just created this quick one-line plugin to store a user's group ID in a cookie, using the global_setup_complete hook. It works just like I wanted. Is there any inherent security risk in doing this, or any other issue I may have overlooked?

PHP Code:
vbsetcookie('usergroupid'$vbulletin->userinfo['usergroupid']); 
A quick reply is all I'm looking for. If it looks good to you, no need to elaborate.
Reply With Quote
  #2  
Old 11-30-2008, 03:01 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Why do you need to do that?
Reply With Quote
  #3  
Old 11-30-2008, 03:11 AM
LanciaStratos's Avatar
LanciaStratos LanciaStratos is offline
 
Join Date: Oct 2001
Location: somewhere you're not
Posts: 221
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I wanted an easy way to check the usergroupid of my visitors outside of forum pages, without bothering to include global.php and the overhead that incurs. I use the usergroupid to determine whether or not I need to display ads around my site.
Reply With Quote
  #4  
Old 11-30-2008, 03:39 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Anyone can change that cookie and "fool" your system.
Reply With Quote
  #5  
Old 11-30-2008, 04:01 AM
LanciaStratos's Avatar
LanciaStratos LanciaStratos is offline
 
Join Date: Oct 2001
Location: somewhere you're not
Posts: 221
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

True, of course, but I'm going to bet that the number of users who figure that out will be too small to have any type of impact on ad impressions. Also, I'm still using vB's template conditionals in the forums, so the technique won't work there (of course, won't visiting vB pages also reset the cookie?). This is primarily designed to hide ads on my WordPress installation, which contains pages and posts that can get hit hard with traffic. If I can save a trip to my vB DB on all those page loads (most of which will come from unregistered, new visitors), it has to be a good thing.
Reply With Quote
  #6  
Old 11-30-2008, 04:27 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If you are only using it for displaying ads - it will be OK. Last thing, make sure you clear the cookie when logging out.
Reply With Quote
  #7  
Old 11-30-2008, 04:41 AM
LanciaStratos's Avatar
LanciaStratos LanciaStratos is offline
 
Join Date: Oct 2001
Location: somewhere you're not
Posts: 221
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great point, I hadn't considered clearing the cookie! Would logout_process be the best hook to use for that?
Reply With Quote
  #8  
Old 11-30-2008, 10:11 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by LanciaStratos View Post
Would logout_process be the best hook to use for that?
Yes
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 09:57 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03724 seconds
  • Memory Usage 2,223KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_php
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete