Security wth New Pages

This is an archive of the phpBB 2.0.x support forum. Support for phpBB2 has now ended.
Forum rules
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
Locked
KBryant888
Registered User
Posts: 90
Joined: Tue Apr 27, 2004 8:00 pm

Security wth New Pages

Post by KBryant888 »

Hi all, I like to add new html/php pages in my forum.

ex: www.mysite.com = my forum

well I like to add song lists and stuff like that to:
ex: www.mysite.com/songs.html or php

Is there anyway to make it so that the only time someone can access that songs.html or php file is when they are logged into my forum?

Thanks so much.

User avatar
AdamR
Former Team Member
Posts: 9731
Joined: Tue Mar 02, 2004 5:40 pm
Location: Tampa, Florida
Name: Adam Reyher
Contact:

Post by AdamR »

This article in the KB should help you:
http://www.phpbb.com/kb/article.php?article_id=143

- Adam
phpBB Support: Welcome | Userguide | Knowledge Base | Search
Honored supporter of the phpBB Group!
"If I have seen a little further it is by standing on the shoulders of Giants." - Isaac Newton

KBryant888
Registered User
Posts: 90
Joined: Tue Apr 27, 2004 8:00 pm

Post by KBryant888 »

Thanks... Im having a little trouble with it. Here is my error and code:

Fatal error: Call to undefined function: session_pagestart() Line 10

Code: Select all

<?PHP
define('IN_PHPBB', true); 
$phpbb_root_path = '../'; 
include($phpbb_root_path . 'extension.inc'); 
include($phpbb_root_path . 'common.'.$phpEx); 

// 
// Start session management 
// 
$userdata = session_pagestart($user_ip, PAGE_INDEX); 
init_userprefs($userdata); 
// 
// End session management 
//

if( $userdata['session_logged_in'] ) 
{ 
?>
<HTML>
<HEAD>
<meta http-equiv=Content-Type content="text/html;  charset=ISO-8859-1">
<TITLE>BananAlbum</TITLE>

<script language="JavaScript" type="text/javascript" src="res/scripts.js">
</script>
<SCRIPT LANGUAGE="JavaScript">
var respath="res";
</script>

</HEAD>
<BODY alink="#FFFFFF" vlink="#FFFFFF" link="#FFFFFF" bgcolor="#000000" scroll=no marginheight="0" marginwidth="0" topmargin="0" leftmargin="0">

<!-- thegreatesthits.net -->
<!-- 2004 -->
<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
 codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0"
 WIDTH="100%" HEIGHT="95%" id="album" ALIGN="">
 <PARAM NAME=movie VALUE="res/album.swf?browser=1&jalbum=true">
 <PARAM NAME=loop VALUE=false>
 <PARAM NAME=menu VALUE=false>
 <PARAM NAME=quality VALUE=high>
 <PARAM NAME=bgcolor VALUE=#000000>
 <EMBED src="res/album.swf?browser=1&jalbum=true" loop=false menu=false quality=high bgcolor=#000000 
  WIDTH="100%" HEIGHT="100%" NAME="album" ALIGN=""
 TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer">
 </EMBED>
</OBJECT>
<font size="-1" face="Courier New, Courier, mono" color="#FFFFFF">&nbsp;&nbsp;&nbsp;&nbsp;<---<a href="http://forums.thekelce.com/">Back to Forums</a></font>
</BODY>
</HTML>
<?
} 
else 
{ 
header("Location: http://www.thekelce.com?error=1/"); 
}

?>

KBryant888
Registered User
Posts: 90
Joined: Tue Apr 27, 2004 8:00 pm

Post by KBryant888 »

My directory for my website is:

Root:
Site/
Forums/ <--- index for forum is located here

But I have my website set to when you go to www.mysite.com it goes to that index file

KBryant888
Registered User
Posts: 90
Joined: Tue Apr 27, 2004 8:00 pm

Post by KBryant888 »

bump... anybody?

User avatar
Lumpy Burgertushie
Registered User
Posts: 67375
Joined: Mon May 02, 2005 3:11 am
Contact:

Post by Lumpy Burgertushie »

dont' know what is wrong with that page.

here is the standard phpbb extra page. using it , you can specify that someone must be a member and be logged in , to see it.

the code for that is marked in red.
<?php
define('IN_PHPBB', true);

$phpbb_root_path = './'; // <-- this must be the correct path to phpbb
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);

$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
if ($userdata['user_id'] == ANONYMOUS)
{
redirect(append_sid('login.'.$phpEx));
}

include($phpbb_root_path . 'includes/page_header.'.$phpEx);
?>

put all of your html code here


<?
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?>
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.

Premium phpBB 3.3 Styles by PlanetStyles.net

If nobody is in the forest, does a tree really fall?

geocator
Registered User
Posts: 16242
Joined: Fri Jan 09, 2004 11:56 pm
Location: On dry land
Contact:

Post by geocator »

You need to set the phpbb_root_path correctly.

For the directory structure you listed above it would be ./Forums/

KBryant888
Registered User
Posts: 90
Joined: Tue Apr 27, 2004 8:00 pm

Post by KBryant888 »

Okay I figured part of it out...

My structure is like this:

Site/Forums/Countdown/index.php

my forum index is located in the forums directory.

It works fine if I put the index.php in the forums folder, but it doesnt work if I put it in the countdown folder. Do I need to change some code or chmod? any ideas?

Taipo
Registered User
Posts: 174
Joined: Fri Jan 07, 2005 9:25 pm
Contact:

Post by Taipo »

Also wouldn't it be better to include the html code in an included page?

Code: Select all

   if($userdata['session_logged_in']) {
   include('webpage.html');
        } else {
       header("Location: http://www.someotherwebpage.com");
    }

KBryant888
Registered User
Posts: 90
Joined: Tue Apr 27, 2004 8:00 pm

Post by KBryant888 »

what do you mean?

geocator
Registered User
Posts: 16242
Joined: Fri Jan 09, 2004 11:56 pm
Location: On dry land
Contact:

Post by geocator »

Taipo wrote: Also wouldn't it be better to include the html code in an included page?

Code: Select all

   if($userdata['session_logged_in']) {
   include('webpage.html');
        } else {
       header("Location: http://www.someotherwebpage.com");
    }


Not really it defeats the purpose of wraping it in a security wrapper.

As to the path for what you said, it would be ../ I believe.

Locked

Return to “2.0.x Support Forum”