[PHP] Problemes de cookies avec Forum phpbb 1.4.4 !!!!!!

Problemes de cookies avec Forum phpbb 1.4.4 !!!!!! [PHP] - Programmation

Marsh Posté le 10-11-2001 à 14:33:39    

SOURCES
 

Citation :

This hack requires no DB modification, only a few changes to login.php  logout.php and index.php
 
One note though the PW is not encrypted when it is sent to the cookie, so if you are parinoid about security on your board you may not wish to use this hack.
 
 
 
##############################login.php###########
##################################################
###
<?php
 
/*************************************************
**************************
                          login.php3  -  description
                             -------------------
    begin                : Wed June 19 2000
    copyright            : (C) 2001 The phpBB Group
    email                : support@phpbb.com
 
    $Id: login.php3,v 1.17 2001/04/24 18:01:46 bartvb Exp $
 
 **************************************************
*************************/
 
/*************************************************
**************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/
 
/**
 * login.php3 - Nathan Codding
 * - Used for logging in a user and setting up a session.
 */
include('extention.inc';);
include('functions.'.$phpEx);
include('config.'.$phpEx);
require('auth.'.$phpEx);
$pagetitle = "Login";
$pagetype = "other";
 
/* Note: page_header.php3 is included later on, because this page needs to be able to send a cookie. */
//Start Perma Login Hack
if("$msgLogin[user]" == "" ){
   //Do Nothing
    }
 else{
  $user = "$msgLogin[user]";
  $passwd = "$msgLogin[passwd]";
 }
//End Perma Login Hack
if ("$passwd" == "" ) { //this line used to be if(!$submit){ it is changed so that if the password variable is not blank it will try to log the user in
        include('page_header.'.$phpEx);
        login_form();
} else { // Something has been submitted
        if ($user == '' || $passwd == '';) {
                error_die("$l_userpass $l_tryagain" );
        }
        if (!check_username($user, $db)) {
                error_die("$l_nouser $l_tryagain" );
        }
        if (!check_user_pw($user, $passwd, $db)) {
                error_die("$l_wrongpass $l_tryagain" );
        }
 
        /* if we get here, user has entered a valid username and password combination. */
 
        $userdata = get_userdata($user, $db);
 
        $sessid = new_session($userdata[user_id], $REMOTE_ADDR, $sesscookietime, $db);
 
        set_session_cookie($sessid, $sesscookietime, $sesscookiename, $cookiepath, $cookiedomain, $cookiesecure);
 
        // Push back to the main index page, no need to tell the user they
        // are logged in, they can figure that out on the index page.
        if (defined('USE_IIS_LOGIN_HACK';) && USE_IIS_LOGIN_HACK)
        {
                echo "<META HTTP-EQUIV=\"refresh\" content=\"1;URL=$url_phpbb\">";
        }
        else
        {
//Start Perma Login Hack
            if("$HTTP_COOKIE_VARS[$cookiename]" >= "1" ){
                setcookie("msgLogin[user]", "$user", time()+3600 * 24 * 365);
                setcookie("msgLogin[passwd]", "$passwd", time()+3600 * 24 * 365);
                }
//End Perma Login Hack
            header("Location: $url_phpbb/index.$phpEx" );
        }
 
}
 
 
require('page_tail.'.$phpEx);
?>
#############################################################
##################################################
####################
 
 
#############################################logou
t.php#############################################
###############################
<?php
/*************************************************
**************************
                          logout.php3  -  description
                             -------------------
    begin                : Wed June 19 2000
    copyright            : (C) 2001 The phpBB Group
    email                : support@phpbb.com
 
    $Id: logout.php3,v 1.9 2001/03/28 08:02:20 thefinn Exp $
 
 **************************************************
*************************/
 
/*************************************************
**************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/
 
/**
 * logout.php3 - Nathan Codding
 * - Used for logging out a user and deleting a session.
 */
include('extention.inc';);
include('functions.'.$phpEx);
include('config.'.$phpEx);
require('auth.'.$phpEx);
$pagetitle = $l_logout;
$pagetype = "logout";
 
/* Note: page_header.php3 is included later on, because this page needs to be able to send a cookie. */
 
if ($user_logged_in) {
        end_user_session($userdata[user_id], $db);
}
//Start Perma Login Hack
        if("$msgLogin[user]" != "" ){
   //This will unset the cookies, if the user logsout
                        setcookie("msgLogin[user]" );
                        setcookie("msgLogin[passwd]" );
                        }
//End Perma Login Hack
 header("Location: $url_phpbb/index.$phpEx" );
require('page_tail.'.$phpEx);
?>
##############################################################################
##################################################
#######
 
 
##################################################
####index.php#####################################
###################################
<?php
/*************************************************
**************************
                          index.php3  -  description
                             -------------------
    begin                : Sat June 17 2000
    copyright            : (C) 2001 The phpBB Group
    email                : support@phpbb.com
 
    $Id: index.php3,v 1.41 2001/04/14 19:40:22 thefinn Exp $
 
 **************************************************
*************************/
 
/*************************************************
**************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 **************************************************
*************************/
include('extention.inc';);
include('functions.'.$phpEx);
include('config.'.$phpEx);
require("auth.$phpEx" );
 
//Perma Login hack Start
if($user_logged_in)
  { //This skips the whole thing if the user is already loged in otherwise it would loop itself forever
   //Do Nothing
  }
    else{
if("$msgLogin[user]" == "" ) { //If the user is not loged in this will force a login, all hidden to the user
   //Do Nothing
    }
   else{
header("Location: login.php3" );
   }
 }
//End Perma Login Hack
$pagetitle = "$l_indextitle";
$pagetype = "index";
include('page_header.'.$phpEx);
$sql = "SELECT c.* FROM catagories c, forums f
         WHERE f.cat_id=c.cat_id
         GROUP BY c.cat_id, c.cat_title, c.cat_order
         ORDER BY c.cat_order";
if(!$result = mysql_query($sql, $db))
        error_die("Unable to get categories from database<br>$sql" );
$total_categories = mysql_num_rows($result);
 
?>
 
###########################Note that is not the full index.php just the top part####################################


 
Apres les modif et sauvegarde sous PHP et modif de l'index.php avec le fichier loging.php3 en loging.php quand je lance le forum : PAGE BLANCHE et rien
 
Extrait config
 

Citation :

/* -- Cookie settings (lastvisit, userid) -- */
// Most likely you can leave this be, however if you have problems
// logging into the forum set this to your domain name, without
// the http://
// For example, if your forum is at http://www.mysite.com/phpBB then
// set this value to
// $cookiedomain = "www.mysite.com";
$cookiedomain = "";
// It should be safe to leave this alone as well. But if you do change it
// make sure you don't set it to a variable already in use such as 'forum'.
$cookiename = "phpBB";
// It should be safe to leave these alone as well.
$cookiepath = $url_phpbb;
$cookiesecure = false;
 
/* -- Cookie settings (sessions) -- */
// This is the cookie name for the sessions cookie, you shouldn't have to change it
$sesscookiename = "phpBBsession";
// This is the number of seconds that a session lasts for, 3600 == 1 hour.
// The session will exprire if the user dosan't view a page on the forum within
// this amount of time.
$sesscookietime = 50000;
 
/**
 * This setting is only for people running Microsoft IIS.
 * If you're running IIS and your users cannot login using
 * the "login" link on the main page, but they CAN login
 * through other pages like preferences, then you should
 * change this setting to 1. Otherwise, leave at set
 * to 0, because this is an ugly hack around some IIS junk.
 */
// Change to "define('USE_IIS_LOGIN_HACK', 1);" if you need to.
define('USE_IIS_LOGIN_HACK', 1);


 
MERCI
 
ps : Pour infos, le café : 2 sucres !!!

Reply

Marsh Posté le 10-11-2001 à 14:33:39   

Reply

Marsh Posté le 11-11-2001 à 00:17:25    

8 heures sans reponses  :eek2:

Reply

Marsh Posté le 11-11-2001 à 00:55:44    

correction, dix heures.
 
tu as un problème, il y a une petite ligne de français qui tente de l'expliquer et une tartine de code.
 
tu ne voudrais pas ramener ça à des proportions plus humaines ?

Reply

Marsh Posté le 11-11-2001 à 02:47:30    

Bientôt 12 heures sans une idée
 
Commence à faire long : je me refais du café  
 
[#0000f0]QUI EN VEUT[#000ef0]

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed