Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 2.x > vBulletin 2.x Full Releases
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Add security to non VB pages and block user groups Details »»
Add security to non VB pages and block user groups
Version: 1.00, by mt_100 mt_100 is offline
Developer Last Online: Aug 2003 Show Printable Version Email this Page

Version: 2.2.x Rating:
Released: 08-01-2002 Last Update: Never Installs: 22
 
No support by the author.

OK, my first "hack"!

I created this because I want to have security and logins for my sites non VB pages but don't want two logins, one for the site and one for the forums.

There are other hacks that do the same thing, but this one is different.

1. It creates a PHP session, which means when the user closes the browser they will have to login to the site again later. It doesn't access the VBulletin cookie at all.

2. The user is prompted to login on any page you include this on, once logged in they are taken to that page minus the security.

3. No modification to the VBulletin code.

4. Uses the VBulletin user table so any information in there can be used, like welcoming them on all pages with their login name or telling the user who they are loggin in as.

5. You can block poeple based on their VBulletin user group! That way only certain user groups can see the rest of your site.

6. RUNS ON WINDOWS 2000 AND IIS!!!!!!

Let me know how you like it!

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 08-02-2002, 06:18 PM
thirdwatch430 thirdwatch430 is offline
 
Join Date: Jan 2002
Posts: 8
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I haven't installed it yet but I am looking to, thanks!
Reply With Quote
  #3  
Old 08-02-2002, 06:18 PM
Velocd's Avatar
Velocd Velocd is offline
 
Join Date: Mar 2002
Location: CA University
Posts: 1,696
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Screenshots, demo's, anything to show us why this hack is different than so many of the other security hacks?

:banana:
Reply With Quote
  #4  
Old 08-02-2002, 06:33 PM
Tungsten's Avatar
Tungsten Tungsten is offline
 
Join Date: Jan 2002
Location: Nashville, TN
Posts: 100
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by Velocd
Screenshots, demo's, anything to show us why this hack is different than so many of the other security hacks?
Not to seem antagonistic here, but why should the burden of proof fall squarely on the shoulders of MT_100 ? I see this sort of post here all the time -- someone makes a hack and releases it and invariably someone else comes along and "challenges the legitimacy" of that hack.

Variety is the spice of life. Maybe MT_100's code is just cleaner than the rest ... maybe his/hers is the one that works best with Microsoft web servers ... maybe it was created without harming any laboratory animals. Who knows!
Reply With Quote
  #5  
Old 08-02-2002, 06:36 PM
Chris M's Avatar
Chris M Chris M is offline
 
Join Date: Dec 2001
Location: Northampton, England
Posts: 6,186
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Nice

Satan
Reply With Quote
  #6  
Old 08-02-2002, 06:38 PM
mt_100 mt_100 is offline
 
Join Date: Mar 2002
Posts: 29
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I doubt it is cleaner, I'm certainly not a pro, but it works.

I saw a great hack for Apache on Unix/Linux with .htaccess that did the same thing and loved it, use it on one of my servers.

I just wanted one that would work the same on IIS, so I made it and wanted to share it.

I did forget that you need to put a file called connect.php in the same folder with membercheck.php with your server connection varioables in it, or hardcode them into membercheck.php.

Later folks, enjoy.
Reply With Quote
  #7  
Old 08-02-2002, 06:46 PM
Tungsten's Avatar
Tungsten Tungsten is offline
 
Join Date: Jan 2002
Location: Nashville, TN
Posts: 100
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by mt_100
I doubt it is cleaner, I'm certainly not a pro, but it works.

I just wanted one that would work the same on IIS, so I made it and wanted to share it.
Thanks for releasing it. As an IIS person myself, I can assure you that it will come in handy for several of us in the VBulletin community.

The thing that irks me is how some people essentially spit in the face of generosity by expecting a coder to justify the worthiness of his contribution. People are here sharing their code, tricks and tips -- for free. Why look a gift horse in the mouth?
Reply With Quote
  #8  
Old 08-02-2002, 08:40 PM
assassingod's Avatar
assassingod assassingod is offline
 
Join Date: Jul 2002
Posts: 3,337
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks
Reply With Quote
  #9  
Old 08-03-2002, 04:59 AM
Velocd's Avatar
Velocd Velocd is offline
 
Join Date: Mar 2002
Location: CA University
Posts: 1,696
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Sorry for the comment earlier, until I actually looked at the code I didn't realize it was so simple enough it didn't need screenshots. I have a dull imagination when it comes to hacks that I'm usually not sure what they do before I install, so I tend to need some visuals.
Reply With Quote
  #10  
Old 08-08-2002, 01:21 PM
mt_100 mt_100 is offline
 
Join Date: Mar 2002
Posts: 29
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well, to install it.

1. Create a file called connect.php and define the connection variables. Here is an example:

PHP Code:
<? 
// Variables that are used are the following
// $DB_SERVER : Name of MySql server by default "localhost"
// $DB_USER   : User name taht is used to connect to MySql
// $DB_PASS   : User password for MySQL conenction
// $DB_NAME   : Name of database to use

$DBSERVER = "yourserver here";
$DBUSER = "DB User Name Here";
$DBPASS = "DB Password Here"; 

?>
2. Put the membercheck.php file in the folder with connect.php

3. Put an include for membercheck.php at the top of each page you want to secure.

4. Done!
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:45 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.11507 seconds
  • Memory Usage 2,298KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_php
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete