WEB looking for help - login page using php, Dreamweaver

Discussion in 'OT Technology' started by bigeyedphish, Dec 24, 2007.

  1. bigeyedphish

    bigeyedphish New Member

    Joined:
    Jan 15, 2007
    Messages:
    15
    Likes Received:
    0
    Hey, I've run into a dead end here and was hoping you guys may be able to help me figure out the problem.

    I recently installed a phpBB3 forum, and I'm looking to have the login page of my website match Username and Password from the database that the forum created/uses.

    the site is vtphitau.com

    In dreamweaver, there is a bunch of code at the top of the page
    Code:
    <?php require_once('Connections/connBrotherLogin.php'); ?>
    <?php
    if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
    {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
    
      $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
    
      switch ($theType) {
        case "text":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;    
        case "long":
        case "int":
          $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
    etc...

    I uploaded that page, but then when I go to vtphitau.com and view the page source code, none of that code shows up. Is this the problem?

    I appreciate any suggestions or ideas you guys can send my way!
     
  2. LOLZILLA

    LOLZILLA New Member

    Joined:
    Jul 11, 2004
    Messages:
    97,923
    Likes Received:
    0
    Maybe you're not really overriding the page on your server?
     
  3. Zac

    Zac New Member

    Joined:
    Nov 24, 2006
    Messages:
    151
    Likes Received:
    0
    Maybe I don't understand what you're asking but of course that code isn't going to show up when you view the source of the page. The PHP code gets compiled when you load the page and it's job is to output as HTML.
     
  4. bigeyedphish

    bigeyedphish New Member

    Joined:
    Jan 15, 2007
    Messages:
    15
    Likes Received:
    0
    Ok, that would make perfect sense.

    I may create another DB and see if I have better success rather than trying to use the same DB the forum uses - plus, the forum encrypts the password, I don't know if this would have any affect.
     
  5. Zac

    Zac New Member

    Joined:
    Nov 24, 2006
    Messages:
    151
    Likes Received:
    0
  6. 95vr4

    95vr4 OT Supporter

    Joined:
    Oct 6, 2004
    Messages:
    2,513
    Likes Received:
    0
    Location:
    Weddington, NC
    First of all, that's server side code and shouldn't show up client side, in fact if it does get to the client side (like u forgot the first <?) it's a HUGE security hole.

    Secondly, that code you posted looks like it's just a generic database query include file. connBrotherLogin.php might be the file you need to look at

    Thirdly, my sub's about to run out. I might just do it for you if my sub gets renewed :hsd:.
     
  7. 95vr4

    95vr4 OT Supporter

    Joined:
    Oct 6, 2004
    Messages:
    2,513
    Likes Received:
    0
    Location:
    Weddington, NC
    hah, looked at your site, I just got done helping one of my friends build a site for his fraternity pi kappa phi @ (uncc)

    so in hopes of scoring some good karma I was gonna get u started so maybe someone who know's what they're talkin about will answer my mail server thread :x:. But after looking at it, it's actually even more complicated than I thought, even for someone that knows php pretty well. Phpbb...edit. actually this is the most complicated damn login system I've ever seen :ugh:. It looks like it's setting a cookie with a random string as your "id", then inserts that id into the database after authenticating your username and password. Then every time a page loads it takes that "id" cookie first and queries the database to see if you're still logged in. Looks like it actually stores the session info in the db forever, but just changes the session_logged_in field from 1 to 0. (don't know why the fuck they can't just set a session variable and be done with it?)

    most of this happens on includes/login.php

    starting around lines 45 (in version 2.0 at least)

    Honestly if you don't know php you'll never figure this login system out, took me almost 30 min to get it somewhat figured out. So my sub offer still stands :). If u wanna take a shot at it yourself, hope this helps.
     
  8. Zac

    Zac New Member

    Joined:
    Nov 24, 2006
    Messages:
    151
    Likes Received:
    0
    fail and aids :rofl:

    Since he's making it seem harder than it is I decided to Google some more for you (really don't feel like installing the damn thing in a test enviroment)

    http://www.tdcreative.net/forum/viewtopic.php?f=15&t=59#p318
    ^ This is the basic stuff to make your page integrate with PHPBB3's user database/system.

    If you want to restrict it to logged in people then add in the code from the link below (section 3.4.10. Log In) in the "user logged out" block.

    http://www.phpbb.com/mods/documentation/phpbb-documentation/basic_api/index.php

    (Notice the tip that says leaving the $redirect var to a blank string will make it redirect to the current page.)

    I found that API page last, but it prolly contains all of the info you need. I just didn't read through it and skipped directly to the login section since that's what you needed. There's also info in there on how to grab data on the logged in user/etc.

    Good luck.
     
  9. 95vr4

    95vr4 OT Supporter

    Joined:
    Oct 6, 2004
    Messages:
    2,513
    Likes Received:
    0
    Location:
    Weddington, NC
    lol...yea that's the first thing I did too and thought it'd be pretty easy. You can't really say it's a piece of cake when you didn't even look at the login script. Lol...all of that code u linked to is just a block of code copied and pasted straight from the login script which for the second time, start at line 45 :rolleyes:! And if you had read my post or looked at the script for 2 secs you would have seen that you can't just post a form to the login page.

    I spent like 15 min figuring it out. I'm not trying to discourage him from trying, but I mean in his OP he's asking why he can't see his php code on the client side when he clicks view source. You honestly think that's gonna be an easy little mod for him?
    (^^not trying to be a dick OP, trust me I had the exact same questions and probably even some worse ones 4 years ago the first time I started playing with asp).

    Oh and I don't feel bad one bit asking him for a sub for that, especially since he has 7 posts and no sub himself. It's not going into my pocket, going straight into supporting the forums.

    So fail you and aids and :rofl: and :squint:
     
    Last edited: Dec 25, 2007
  10. Zac

    Zac New Member

    Joined:
    Nov 24, 2006
    Messages:
    151
    Likes Received:
    0
    well yeah, don't post to the login.php page - just use the login_box function that I linked in the second link.

    (You made me install phpbb3 :p)

    The code that you quoted (it came from the first link in my previous post) works perfectly. as well as my suggestion to use the login_box function.

    here it is noobed down a little bit. just place the thing at the top of any page that you want to be viewable only by phpbb users that are logged in.

    Code:
    <?php
    /* Code to require users to be logged in via PHPBB3 before being able to view the page.
       Include this box of code at the absolute top of the pages you want to use it on.
       Place your regular HTML after the ?> */
    
    
    // phpBB inclusion protection
    define('IN_PHPBB', true);
    
    // Point to where phpBB3 is installed relative to this page
    $phpbb_root_path = './phpbb3/';		//VERIFY THIS IS RIGHT
    $phpEx = substr(strrchr(__FILE__, '.'), 1);
    include($phpbb_root_path . 'common.' . $phpEx);
    
    // Start session management
    $user->session_begin();
    $auth->acl($user->data);
    
    if ($user->data['user_id'] == ANONYMOUS)
    {
       //The user isn't logged in, we want him to be before he can view this page.
       login_box('', 'This page is for members only!');
    }
    ?>
    
    <html>
    <head><title>blah</title></head>
    <body><h1>w00</h1><p>Worked...</p></body>
    </html>
    
     
  11. 95vr4

    95vr4 OT Supporter

    Joined:
    Oct 6, 2004
    Messages:
    2,513
    Likes Received:
    0
    Location:
    Weddington, NC
    Ok 3.0 is completely different than 2.0, I thought they'd be similarsince I installed it like 6 months ago. Can't believe dreamhosts "one click installs" installs such ancient software.

    Looks like they made some major improvements using the "modules" like that. Seems like most of the newer php apps are being written like that, makes the apps a lot more scalable too.

    Anyways, I have no doubt me or you could get it done. I wouldn't mind helping him, but u know good and well he's not learning php on an app like this and we'd have to write every last line of code for him, which he could certainly buy a sub for.

    Oh and speaking of fail and aids, I tell you what's fail and aids is that people like you and the op use this forum for free bc people like me and most others that post here got off our jew coins and have been pitching in the past 3 or 4 years :o. I sure you know how much a fourm this size costs to keep running, and fazle's not making a profit he's losing money. That's why people get pissy when noobs don't want to buy avs.
     
  12. bigeyedphish

    bigeyedphish New Member

    Joined:
    Jan 15, 2007
    Messages:
    15
    Likes Received:
    0
    Thanks for the responses...
    I ended up just making a new table, and having the login for the website separate from the forum login. It's working fine right now.

    I now realize that was a dumb question, but I'm just now starting to learn php, and hey - you gotta start somewhere.

    Right now I think I can handle what needs to be done with the website - the fraternity wants it, so I volunteered to do it as a learning experience.

    Thanks for the help again, even though I don't have a sub. I get on and browse every now and then...I'm sure I'll end up buying one sooner or later, I know sites like this aren't cheap to run
     
  13. 95vr4

    95vr4 OT Supporter

    Joined:
    Oct 6, 2004
    Messages:
    2,513
    Likes Received:
    0
    Location:
    Weddington, NC
    Glad you got it working. Wasn't trying to be an ass, just got pissy last night when Zac called me fail and aids :mamoru:. Lmk if you need any help with it, mojo3120 (at) gmail.com (sub just ended so no pm's right now)
     

Share This Page