[RC][phpBB 2.0.15]htaccess better than relog in ACP

A place for MOD Authors to post and receive feedback on MODs still in development. No MODs within this forum should be used within a live environment! No new topics are allowed in this forum.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: MOD Development Forum rules

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Post Reply
User avatar
Ptirhiik
Registered User
Posts: 7411
Joined: Mon Jan 06, 2003 10:36 pm
Contact:

[RC][phpBB 2.0.15]htaccess better than relog in ACP

Post by Ptirhiik »

For those (like me) who don't feel the phpBB 2.0.15/3.0.0 reloging to access the ACP when a .htaccess/.htpasswd does already the job better and in a more reliable way, you can try this :

Code: Select all

#
#-----[ OPEN ]------------------------------------------------
#
admin/pagestart.php
#
#-----[ FIND ]------------------------------------------------
#
if (!$userdata['session_admin'])
#
#-----[ BEFORE, ADD ]-----------------------------------------
#
//-- mod : htaccess better than relog in ACP -----------------------------------
//-- add
// check if .htaccess is available
if ( ($userdata['session_admin'] == true) || @file_exists('./.htaccess') )
{
	$userdata['session_admin'] = true;
}
//-- fin mod : htaccess better than relog in ACP -------------------------------
#
#-----[ SAVE/CLOSE ALL FILES ]--------------------------------
#
# EoM
Paul
Infrastructure Team Leader
Infrastructure Team Leader
Posts: 28619
Joined: Sat Dec 04, 2004 3:44 pm
Location: The netherlands.
Name: Paul Sohier
Contact:

Post by Paul »

must you not check also for a htpaswd file? Now check it for a htaccess, but if there one is, but with nog auth system, you don't have to relogin :)
User avatar
Ptirhiik
Registered User
Posts: 7411
Joined: Mon Jan 06, 2003 10:36 pm
Contact:

Post by Ptirhiik »

The .htpasswd file can stand anywhere, that's why it is not checked. Under sub-directories, the main use of an .htaccess is to protect the directory. If you are in a different case (really I can't figure which one for a script second level sub-directory), just don't install this : this one is for people using .htaccess/.htpasswd authentification : if the .htaccess is not used in this purpose, you are not in this case.
Swizec
Former Team Member
Posts: 1701
Joined: Mon Mar 10, 2003 9:42 pm
Location: Slovenia
Contact:

Post by Swizec »

oh so thats why I am suddenly having to relog,w as wondering

quite irritating I might add


this seems like a good idea, I'll probably be using it
»»EDDY««
Registered User
Posts: 220
Joined: Mon Jun 02, 2003 10:14 am
Location: Poland/Slupsk
Contact:

Post by »»EDDY«« »

I use this for long time:

/admin/.htaccess

Code: Select all

AuthType Basic
AuthUserFile /path/.htpasswd
AuthName "Autoryzacja"
require valid-user

<Limit GET POST> 
Order deny,allow 
Deny from all 
Allow from 127.0.0.1 - your ip
</Limit> 
<Files "*.php"> 
Allow from 127.0.0.1 - your ip
Deny from all 
</Files>
/path/.htpasswd

Code: Select all

login:password
http://www.webmaster-toolkit.com/htacce ... ator.shtml
Make a Tiny URL in excellent domain heh.pl


cooling system & water cooling
sbourdon
Registered User
Posts: 174
Joined: Sat Nov 13, 2004 6:29 pm

Post by sbourdon »

Could I simply use this:
<limit GET POST PUT>
satisfy any
order deny,allow
deny from all
allow from localhost
</limit>



Thank you for your cooperation, since I'm new to this... :wink:
User avatar
onigumo
Registered User
Posts: 1755
Joined: Fri Oct 31, 2003 2:32 am
Contact:

Re: [RC][phpBB 2.0.15]htaccess better than relog in ACP

Post by onigumo »

Ptirhiik - RPGnet-fr wrote: For those (like me) who don't feel the phpBB 2.0.15/3.0.0 reloging to access the ACP when a .htaccess/.htpasswd does already the job better and in a more reliable way, you can try this :

Code: Select all

#
#-----[ OPEN ]------------------------------------------------
#
admin/pagestart.php
#
#-----[ FIND ]------------------------------------------------
#
if (!$userdata['session_admin'])
#
#-----[ BEFORE, ADD ]-----------------------------------------
#
//-- mod : htaccess better than relog in ACP -----------------------------------
//-- add
// check if .htaccess is available
if ( ($userdata['session_admin'] == true) || @file_exists('./.htaccess') )
{
	$userdata['session_admin'] = true;
}
//-- fin mod : htaccess better than relog in ACP -------------------------------
#
#-----[ SAVE/CLOSE ALL FILES ]--------------------------------
#
# EoM


What else do I have to do besides applying that code? And do I have to replace anything within that code?
I write articles on community building
@ The Infinity Program.
User avatar
Ptirhiik
Registered User
Posts: 7411
Joined: Mon Jan 06, 2003 10:36 pm
Contact:

Post by Ptirhiik »

- If you have an .htaccess/.htpasswd authentification way to access the ACP, nothing more to do that what's in the first post of this topic,

- replace ? Do you see any "#---[ REPLACE WITH ]---" in these lines ? :)
Lee Deeming
Registered User
Posts: 143
Joined: Sat Jan 29, 2005 12:55 am

Re: [RC][phpBB 2.0.15]htaccess better than relog in ACP

Post by Lee Deeming »

onigumo wrote: What else do I have to do besides applying that code?

You need to make sure you have .htaccess/.htpasswd files in place. More about this can be found on this topic, as well as Google. ;)
onigumo wrote: And do I have to replace anything within that code?

No.
danb00
Registered User
Posts: 1025
Joined: Sun Dec 15, 2002 9:41 pm
Location: Inside Mod:Extreme PHPBB
Contact:

Post by danb00 »

all we need now is an addon that will auto kill admin session after x mins or x hours, as thats what vb does :) in vb you can set it to kill your admin session after some time and it will JUST ONLY kill your admin session
phpBBModded.com - Modding phpBB
Post Reply

Return to “[2.0.x] MODs in Development”