UBB.Developers Forums UBB.threads 7 Development How Do I? select group authentication in generic script

Ok, this should be very simple.. I just don't quite have the php knowledge (or time to try to figure it out) to finish the task.

Anyway.. I have an external script that I only want a particular group or groups to access. So really, all I have to add to this script is this authenticate logic to test whether or not they should have access to the page.

So, I know this is needed:



So... with that, what would come next? I basically just need it to check to see if they are in group X. If they are... run/display the script as intended.

If they are not in group X, then they are re-directed to another page, or a simple message is displaying telling them why they can't access it.

It is probably just a simple query to U_Group or whatever, and then an if statement to check... but, it would take me 3 weeks to figure it out

So any help would be great

What you have to start is Good.

Change the last line to this:



Untested.... but hope that helps.

Thanks josh.. that is even more simple than I had immagined. I didn't know the authenticate() function would work just by sticking the U_Groups in there

I'll give it a gow in the morning, my brain is fried tonight.

Yeah, the authenticate function queries a bunch of stuff from the Users table automatically, but then you can add extra fields in there. It's really quite handy.

If you were doing alot of Group checking all over your site - you could find the function in ubbt.inc.php and add the U_Groups to the end of the database query in there. Then $user['U_Groups'] would work everywhere without having to add it to authenticate on every page.

Glad I could help you - you've been quite helpful to me lately. That tip on installing the GD library was a timesaver.

Well, you guys know PHP, I know little server tricks. Its good I can help out at least somehow

My problem is, I completely understand programming logic, as I used to program in PASCAL and C/C++ many years ago... but, I just can't remember all of the syntax and odd little things to make it work So I typically know how to go about completing a task, It just takes forever to impliment because I have to look up every command or query

Hey Josh, that almost worked perfectly

It half works... When I add this code, if you are not logged in, or in the wrong group, you are correctly displayed with the not authorized message. Sweet I know

But when an authorized user does try to access the page, either a bunch of jumbled characters display on a white screen, or the browser prompts you to download a file.. which is just more jumbled text.

So, somehow this code isn't working friendly with the existing script. I tried changing positions of the threads authenticate code, and if you put it below one of the initial commands of the existing script.. the threads stuff doesn't even go into effect, yet produces no errors. So, it has to be at the very top to work.

Anyway, I'm just wondering if there has to be another greater if statement that encloses all of the threads code? Or there has to be some way to isolate it a bit.

I was also thinking, maybe put the threads script in a completely seperate file.. then call the file at the top of the existing script returning a do or don't proceed value?

I dunno which would work best for something like this

That's odd - is Zlib compression on in this other script? Sometimes you get junk if 2 programs are trying to compress the same thing twice.

if you want to make the threads stuff a separate file - the one they visit first - and leave your exisiting script untouched - you could try this:



Then it'll stop them if they aren't allowed - or redirect them to the real page if they are allowed.

Of course - if the other page is unprotected. Someone could directly access it via URL.

I'll give it a try. And as far as I can tell, all of the scripts are not encoded by zend or ioncube or anything, which is why I found that odd.