Previous Thread
Next Thread
Print Thread
Rate Thread
#156041 01/13/2003 3:40 PM
Joined: Nov 2001
Posts: 745
Admin Emeritus
Admin Emeritus
Offline
Joined: Nov 2001
Posts: 745
I know this question has came up a few times frequently, and I'm sharing some of my work that I have done with this.

This was originally posted by Paulus Magnus ( here , and I have ported this to work with 6.4.0 (including the md5 hashing of the cookie password)

You will need to do the following to get it to work with your site:

- Update common.php with the correct paths and email address
- Lines 79 and 85 in login.php is where you set your cookie number

This code doesn't have to be executed in this format (can be called such as index.php?act=login).

How I implemented this was by breaking the code into pieces, and calling certain pieces when necessary, by checking my query string for certain values.

I do have the running live on my site. I utilize the UBB's logoff and registration routines rather than recreating those with PHP.

Clicky Here for the files!

Have fun cool

Sponsored Links
#156042 01/13/2003 5:06 PM
Joined: Oct 2000
Posts: 2,667
Veteran
Veteran
Offline
Joined: Oct 2000
Posts: 2,667
nice work smile

thanks


Do you believe in love at first sight,
or should I walk by again?
#156043 01/13/2003 5:18 PM
Joined: Nov 2001
Posts: 1,080
Member
Member
Offline
Joined: Nov 2001
Posts: 1,080
I didn't think it was possible until Sub Zero posted his reply in an earlier thread I made regarding PHP logins intergrated with UBB. Very informative with the scripts and link provided. I'll post here on my progress.

#156044 03/13/2003 7:59 PM
Joined: Nov 2001
Posts: 745
Admin Emeritus
Admin Emeritus
Offline
Joined: Nov 2001
Posts: 745
Here's the 6.5 Verions

Download

P.S. Don't forget to update the domain in cookie sets smile

#156045 03/13/2003 10:40 PM
Joined: Jun 2001
Posts: 2,849
Spotlight Winner
Spotlight Winner
Offline
Joined: Jun 2001
Posts: 2,849
The Site You Requested Was Not Found
If You Feel You Reached This In Error, Please Contact Us In Our Forums,
In the UBB Support Section.  
 
                                            Thank You,        
                                                        TheGeeksInc.com Administration

Sponsored Links
#156046 03/13/2003 11:51 PM
Joined: Nov 2001
Posts: 1,080
Member
Member
Offline
Joined: Nov 2001
Posts: 1,080
Hey Sub...I'll send you an e-mail soon. smile

#156047 03/14/2003 12:38 AM
Joined: Nov 2001
Posts: 745
Admin Emeritus
Admin Emeritus
Offline
Joined: Nov 2001
Posts: 745
I'm sorry about that. I goofed on the link. I was on the FTP so much I forgot how to spell. The link is valid now smile

#156048 03/25/2003 9:07 AM
Joined: Apr 2001
Posts: 237
Member
Member
Offline
Joined: Apr 2001
Posts: 237
Hey guys, nice work. Has anyone had luck modding this to read and test against UBB cookies?

I've got that *almost* done, but the PHP md5() function doesn't act the same as the Perl md5_hex() function (that UBB uses). Since it returns a different result, the check fails!

Anyone have an idea how to do md5_hex in PHP? If so, I can post a version that will read and use UBB cookies if present, if not prompt the user to log in...

Thanks

#156049 03/25/2003 11:25 AM
Joined: Nov 2001
Posts: 745
Admin Emeritus
Admin Emeritus
Offline
Joined: Nov 2001
Posts: 745
I have this working live on my site. I haven't had any problems with the login routine using the md5() on my cookies. My users haven't reported any problems with the code as of yet. The md5 *Should* produce the same output as md5_hex. Both should output a 32 character hex string

All you need to do to check for the cookie is isset($ubber########.####)

md5_hex http://www.cpan.org/modules/by-module/Digest/Digest-Perl-MD5-1.1.readme
md5 http://www.php.net/manual/en/function.md5.php

#156050 03/25/2003 11:52 AM
Joined: Apr 2001
Posts: 237
Member
Member
Offline
Joined: Apr 2001
Posts: 237
Yessir, you're right. My mistake was not trim()ing the password read from the UBB member file. It all matches up now, thanks!

Sponsored Links
#156051 04/14/2003 4:05 PM
Joined: Apr 2001
Posts: 237
Member
Member
Offline
Joined: Apr 2001
Posts: 237
Quick update... Here's a version of the script that's cleaned up a bit, and will check to see if the user's logged in via a cookie. If so, they'll get "Welcome [Username]" otherwise they'll get a login screen.

http://cdnarmy.ca/deleteme/phplogin.txt

It's meant to be included as part of a larger page (I.E. in a content island), rather than be a page all on it's own.

#156052 04/14/2003 11:31 PM
Joined: Mar 2000
Posts: 21,079
Likes: 3
I type Like navaho
I type Like navaho
Joined: Mar 2000
Posts: 21,079
Likes: 3
thanks Mike laugh


- Allen wavey
- What Drives You?
#156053 04/15/2003 11:44 AM
Joined: Nov 2001
Posts: 745
Admin Emeritus
Admin Emeritus
Offline
Joined: Nov 2001
Posts: 745
I chose to stick with Paulus' original method with the included file because I use the commmon.php elsewhere wink

#156054 05/12/2003 7:14 PM
Joined: Apr 2001
Posts: 237
Member
Member
Offline
Joined: Apr 2001
Posts: 237
Makes sense. I'm slowly "portalizing" my site, so I may end up there...

For now, I've made the PHP return you back to the referring page, which works much better for included content...

#156055 05/25/2003 12:16 PM
Joined: Sep 2001
Posts: 93
Member
Member
Offline
Joined: Sep 2001
Posts: 93
hmm i am bit confused in this, for me it isnt working, ver. 1 cand find any login information and ver.2 does nothing just takes me to the mainpage with any login confused

.http://www.greek-forum.de/login.php
.http://www.greek-forum.de/login2.php

any help !? :rolleyes:

#156056 05/27/2003 9:34 AM
Joined: Nov 2001
Posts: 745
Admin Emeritus
Admin Emeritus
Offline
Joined: Nov 2001
Posts: 745
You need to use the version in the first post, since you are running UBB.classic 6.4.0.1

If you use any of the others, you will not be logged in because the cookie format has changed. Don't forget to make the noted changed, and update the cookie domains smile

#156057 05/29/2003 11:21 PM
Joined: Nov 2001
Posts: 745
Admin Emeritus
Admin Emeritus
Offline
Joined: Nov 2001
Posts: 745
Bug found:

Change:
Code
[/code]to
[code]
I'll update the zips tomorrow with the fix.

#156058 07/10/2003 5:35 AM
Joined: May 2003
Posts: 40
jlm Offline
Member
Member
Offline
Joined: May 2003
Posts: 40
well obviously my server or something is setup wrong frown

Warning: open_basedir restriction in effect. File is in wrong directory in /usr/local/psa/home/vhosts/httpdocs/login.php on line 35

Warning: file("/usr/local/psa/home/vhosts/cgi-bin/Members/memberslist.cgi") - Operation not permitted in /usr/local/psa/home/vhosts/httpdocs/login.php on line 35

Warning: fopen("/usr/local/psa/home/vhosts/httpdocs//access_log.txt", "a") - Permission denied in /usr/local/psa/home/vhosts/httpdocs/login.php on line 7

Warning: Cannot add header information - headers already sent by (output started at /usr/local/psa/home/vhosts/httpdocs/login.php:35) in /usr/local/psa/home/vhosts/httpdocs/login.php on line 21

Warning: Cannot add header information - headers already sent by (output started at /usr/local/psa/home/vhosts/httpdocs/login.php:35) in /usr/local/psa/home/vhosts/httpdocs/login.php on line 21

Warning: Cannot add header information - headers already sent by (output started at /usr/local/psa/home/vhosts/httpdocs/login.php:35) in /usr/local/psa/home/vhosts/httpdocs/login.php on line 21

Warning: fopen("/usr/local/psa/home/vhosts/httpdocs//access_log.txt", "a") - Permission denied in /usr/local/psa/home/vhosts/httpdocs/login.php on line 7

#156059 07/10/2003 5:30 PM
Joined: Nov 2001
Posts: 745
Admin Emeritus
Admin Emeritus
Offline
Joined: Nov 2001
Posts: 745
I had to move my members directory inside my noncgi directory due to open_basedir restrictions and my accelerator barfing. It looks like your UBB is unable to read your members directory due to the open_basedir restrictions by your host.

#156060 07/11/2003 7:33 AM
Joined: May 2003
Posts: 40
jlm Offline
Member
Member
Offline
Joined: May 2003
Posts: 40
Thanks Sub Zero, Now I'm wondering how much of a security flaw would this be?


Link Copied to Clipboard
Donate Today!
Donate via PayPal

Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.

Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.
Recommended Hosts
We have personally worked with and recommend the following Web Hosts:
Stable Host
bluehost
InterServer
Visit us on Facebook
Member Spotlight
isaac
isaac
California
Posts: 1,157
Joined: July 2001
Forum Statistics
Forums63
Topics37,573
Posts293,925
Members13,849
Most Online5,166
Sep 15th, 2019
Today's Statistics
Currently Online
Topics Created
Posts Made
Users Online
Birthdays
Top Posters
AllenAyres 21,079
JoshPet 10,369
LK 7,394
Lord Dexter 6,708
Gizmo 5,833
Greg Hard 4,625
Top Posters(30 Days)
Top Likes Received
isaac 82
Gizmo 20
Brett 7
WebGuy 2
Top Likes Received (30 Days)
None yet
The UBB.Developers Network (UBB.Dev/Threads.Dev) is ©2000-2024 VNC Web Services

 
Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20221218)