Page 2 of 6

Posted: Sun Oct 30, 2005 12:23 pm
by Merlin Sythove
eman wrote: i banned a friend, and he got this error

phpBB : Critical Error

Could not obtain ban information

DEBUG MODE

SQL Error : 1054 Unknown column '53a82431' in 'where clause'

SELECT * FROM phpbb_banlist WHERE ban_ip = 53a82431

Line : 166
File : sessions.php


OK, thanks for testing, yes I made a mistake not realising the ban_ip is in fact a text variable. Change this line
$sql .= ($banned_ip) ? ' ban_ip = ' . $banned_ip : '';

to this
$sql .= ($banned_ip) ? " ban_ip = '" . $banned_ip . "'" : '';

and let me know if that solved it!

Posted: Sun Oct 30, 2005 12:41 pm
by Budman01
Cool idea! :)

It should at least make it a bit more difficult for these annoying people...

But what I would like to have, is the possibility to give this cookie an extra name or much better another domain... Will something like this be possible?
What I mean is this:
Cookie domain for "normal" board cookie: www.mydomain.com
For the mod cookie: www.nonowedontwantyou.com

This way it would be much more difficult for the user to select this out from his other existing cookies... ;)

But I really have no knowledge about cookies, so maybe this is nothing possible.

Nevertheless, nice one, I'll try to install it. ;)

Posted: Sun Oct 30, 2005 12:47 pm
by eman
ok he gets this error again

phpBB : Critical Error

Could not obtain ban information

DEBUG MODE

SQL Error : 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''53a82431"' at line 3

SELECT * FROM phpbb_banlist WHERE ban_ip = '53a82431"

Line : 166
File : sessions.php


ill tell you what im doing, to give you more of an idea of what's going on. I ip banned him while he was in, he got banned, no probelem. I lifted the ban, and he got that error. When he cleared the cookie, he was back in.

edited - Hang on a minute, im going to do more testing, it might have been my fault, dont edit the code, or get frustrated yet

Posted: Sun Oct 30, 2005 1:07 pm
by eman
ok, that was my fault

the new version, with that updated line from two posts above this one, looks good. (i got an error on one board, but i think that was because of it conflicting with another mod)

the two others i tested it on were fine (both ver 2.0.17)

the problem is that i can not test this myself (and the guy i was having help me test it out had to go)

anyway, it bans ok, but in order to log into the admin panel to unban, i have to clear the cookie, which defeats the purpose of seeing if the code will clear the cookie....

so if someone else wants to test it....please do, and ill try to test it with a friend by noon today :)

Posted: Sun Oct 30, 2005 2:17 pm
by Merlin Sythove
Just to be clear, the new line is a mix of single and double quotes like this:

$sql .= ($banned_ip) ? " ban_ip = ' " . $banned_ip . " ' " : ' ';

Just don't use the extra spaces that I just put in for clarity.

Hmmm, yep, my bad - I'll correct it above too... :D

Posted: Mon Oct 31, 2005 6:46 am
by eman
also, a quick note

this is compatable with version 2.0.18 :D

Posted: Mon Oct 31, 2005 6:55 am
by Merlin Sythove
Phew - thanks! I had a look at 2.0.18 yesterday and was wondering how many mods would need changing. Glad to hear this is NOT one of them!

Posted: Mon Oct 31, 2005 7:09 am
by markus_petrux
Hello,

Could you please edit your topic title with a prefix as outlined in MOD Development forum rules section 3.a. This will allow people to see the development status of your MOD at a glance.

Thank you,
The phpBB MOD Team

Posted: Wed Nov 09, 2005 5:46 am
by jvini
Not sure why, but after installing, every page became blank. Had to replace with a vanilla sessions.php to get back to normal, and now some people are having the problem with getting the banned message (until they clear their cookies).

This is in phpBB 2.0.18. Really interested in this mod if it can work though.

Posted: Wed Nov 09, 2005 7:27 am
by Merlin Sythove
jvini wrote: Not sure why, but after installing, every page became blank. Had to replace with a vanilla sessions.php to get back to normal, and now some people are having the problem with getting the banned message (until they clear their cookies).


Sorry, if you put a vanilla sessions.php in, then the ban cookie that might exist is never retrieved, so your people cannot get ban messages. They / you are probably working with an old (cached?) file if they still get banned messages.

If people have problems with ban cookies from THIS mod, then all you need to do is make sure that user_ID, and/or that user IP, is not in your list of banned data. The next time the user visits, the cookie will be cleared (from that computer). You do NOT need to instruct your users that they have cookies, nor how to remove them, all you need to do is update your ban lists and politely ask the user to please visit again, the problem should be solved.

Posted: Fri Nov 11, 2005 5:54 am
by jvini
Merlin Sythove wrote:
jvini wrote:Not sure why, but after installing, every page became blank. Had to replace with a vanilla sessions.php to get back to normal, and now some people are having the problem with getting the banned message (until they clear their cookies).


Sorry, if you put a vanilla sessions.php in, then the ban cookie that might exist is never retrieved, so your people cannot get ban messages. They / you are probably working with an old (cached?) file if they still get banned messages.

If people have problems with ban cookies from THIS mod, then all you need to do is make sure that user_ID, and/or that user IP, is not in your list of banned data. The next time the user visits, the cookie will be cleared (from that computer). You do NOT need to instruct your users that they have cookies, nor how to remove them, all you need to do is update your ban lists and politely ask the user to please visit again, the problem should be solved.

Ok. That makes sense.

However, whats the deal with the blank pages? I edited sessions.php fine, I checked it a number of times, but just continued to get blank pages. Any ideas?

I'm very interested in this mod, so I'd love to get it up and working properly. Let me know, thanks.

Posted: Fri Nov 11, 2005 7:01 am
by Merlin Sythove
My guess with a blank page is that you are missing a brace somewhere resulting in no more code being executed on that page, i.e. a blank page.

Posted: Tue Nov 15, 2005 10:35 am
by alycad
Well done!! Ill try it ;)

Posted: Mon Nov 28, 2005 9:25 am
by jvini
Merlin Sythove wrote: My guess with a blank page is that you are missing a brace somewhere resulting in no more code being executed on that page, i.e. a blank page.

Still having problems....I tried it on a testvanilla phpBB 2.0.18, still not working. The board is here.. Some kind of parse error at the start of the mod. Here's sessions.php. Any ideas?

Thanks.

Code: Select all

<?php
/***************************************************************************
 *                                sessions.php
 *                            -------------------
 *   begin                : Saturday, Feb 13, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : support@phpbb.com
 *
 *   $Id: sessions.php,v 1.58.2.14 2005/05/06 20:50:11 acydburn Exp $
 *
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

//
// Adds/updates a new session to the database for the given userid.
// Returns the new session ID on success.
//
function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0, $admin = 0)
{
	global $db, $board_config;
	global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;

	$cookiename = $board_config['cookie_name'];
	$cookiepath = $board_config['cookie_path'];
	$cookiedomain = $board_config['cookie_domain'];
	$cookiesecure = $board_config['cookie_secure'];

	if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
	{
		$session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
		$sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
		$sessionmethod = SESSION_METHOD_COOKIE;
	}
	else
	{
		$sessiondata = array();
		$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
		$sessionmethod = SESSION_METHOD_GET;
	}

	//
	if (!preg_match('/^[A-Za-z0-9]*$/', $session_id)) 
	{
		$session_id = '';
	}

	$page_id = (int) $page_id;

	$last_visit = 0;
	$current_time = time();
	$expiry_time = $current_time - $board_config['session_length'];

	//
	// Try and pull the last time stored in a cookie, if it exists
	//
	$sql = "SELECT * 
		FROM " . USERS_TABLE . " 
		WHERE user_id = $user_id";
	if ( !($result = $db->sql_query($sql)) )
	{
		message_die(CRITICAL_ERROR, 'Could not obtain lastvisit data from user table', '', __LINE__, __FILE__, $sql);
	}

	$userdata = $db->sql_fetchrow($result);

	if ( $user_id != ANONYMOUS )
	{
		$auto_login_key = $userdata['user_password'];

		if ( $auto_create )
		{
			if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
			{
				// We have to login automagically
				if( $sessiondata['autologinid'] === $auto_login_key )
				{
					// autologinid matches password
					$login = 1;
					$enable_autologin = 1;
				}
				else
				{
					// No match; don't login, set as anonymous user
					$login = 0; 
					$enable_autologin = 0; 
					$user_id = $userdata['user_id'] = ANONYMOUS;
				
					$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
					$result = $db->sql_query($sql);
					$userdata = $db->sql_fetchrow($result);
					$db->sql_freeresult($result);
				}
			}
			else
			{
				// Autologin is not set. Don't login, set as anonymous user
				$login = 0;
				$enable_autologin = 0;
				$user_id = $userdata['user_id'] = ANONYMOUS;

				$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
				$result = $db->sql_query($sql);
				$userdata = $db->sql_fetchrow($result);
				$db->sql_freeresult($result);
			}
		}
		else
		{
			$login = 1;
		}
	}
	else
	{
		$login = 0;
		$enable_autologin = 0;
	}

	//
	// Initial ban check against user id, IP and email address
	//
	preg_match('/(..)(..)(..)(..)/', $user_ip, $user_ip_parts);

  //START MOD Ban_cookie 
  //Give banned users a cookie and check that too, in addition to the existing checks. 
  //Once the cookie is in place: if it matches the database, the user is banned, 
  //even if the user gets another IP or is not logged in so the user ID is unknown. 

  //Get cookie ban settings. 
  $ban_cookie = ''; 
  $banned_id = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_id']) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_id'] : ''; 
  $banned_ip = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_ip']) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_ip'] : ''; 
  
  //Yes, cookie ban settings were there. See if they match the database. 
  //If not, delete cookie. 
  if ($banned_ip || $banned_id) 
  { 
    $sql = "SELECT * 
       FROM " . BANLIST_TABLE . " 
        WHERE "; 
      $sql .= ($banned_ip) ? " ban_ip = '" . $banned_ip . "'" : ''; 
      $sql .= ($banned_id) ? ($banned_ip ? ' OR ' : '') . ' ban_userid = ' . $banned_id : ''; 
     if ( !($result = $db->sql_query($sql)) ) 
     { 
        message_die(CRITICAL_ERROR, 'Could not obtain ban information', '', __LINE__, __FILE__, $sql); 
     } 
     if ( $ban_info = $db->sql_fetchrow($result) )     
    { 
      $ban_cookie =  ( $ban_info['ban_ip'] || $ban_info['ban_userid']); 
     } 
    //There was a cookie but no match in the database, so the ban is lifted: 
    //delete the cookie by setting the expiry time 1 hour ago    
    if (! $ban_cookie) 
    { 
      if ($banned_ip) setcookie($board_config['cookie_name'].'_banned_ip',$banned_ip, time()-3600); 
      if ($banned_id) setcookie($board_config['cookie_name'].'_banned_id',$banned_id, time()-3600); 
     } 
  }    
  //Have $ban_cookie, if not empty, the user is banned via a cookie. 
  //If empty, then there was no cookie, or there was no LONGER a database match so the cookie was deleted 

  //Check if there is database ban info - this is roughly the original ban code 
  $ban_database = ''; 
   $sql = "SELECT * 
      FROM " . BANLIST_TABLE . " 
      WHERE ban_ip IN ('" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . $user_ip_parts[4] . "', '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . "ff', '" . $user_ip_parts[1] . $user_ip_parts[2] . "ffff', '" . $user_ip_parts[1] . "ffffff') 
         OR ban_userid = $user_id"; 
   if ( $user_id != ANONYMOUS ) 
   { 
      $sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $userdata['user_email']) . "' 
         OR ban_email LIKE '" . substr(str_replace("\'", "''", $userdata['user_email']), strpos(str_replace("\'", "''", $userdata['user_email']), "@")) . "'"; 
   } 
   if ( !($result = $db->sql_query($sql)) ) 
   { 
      message_die(CRITICAL_ERROR, 'Could not obtain ban information', '', __LINE__, __FILE__, $sql); 
   } 
   if ( $ban_info = $db->sql_fetchrow($result) )     
  { 
    $ban_database = ( $ban_info['ban_ip'] || $ban_info['ban_userid'] || $ban_info['ban_email'] ); 
    //Fill these variables from database if not filled from cookie yet 
    if (! $banned_ip) $banned_ip = $ban_info['ban_ip']; 
    if (! $banned_id) $banned_id = $ban_info['ban_userid'];     
  } 
  
  //User is banned in some way? 
  if ($ban_cookie || $ban_database) 
  { 
    //Set the ban_cookie, time it for 1 year. The time restarts every time the user comes here 
    if ($banned_ip) setcookie($board_config['cookie_name'].'_banned_ip',$banned_ip, time()+365*24*3600); 
    if ($banned_id) setcookie($board_config['cookie_name'].'_banned_id',$banned_id, time()+365*24*3600); 
     //Close the forum to this person 
    message_die(CRITICAL_MESSAGE, 'You_been_banned'); 
  } 
  //END MOD Ban_cookie

	//
	// Create or update the session
	//
	$sql = "UPDATE " . SESSIONS_TABLE . "
		SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
		WHERE session_id = '" . $session_id . "' 
			AND session_ip = '$user_ip'";
	if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
	{
		list($sec, $usec) = explode(' ', microtime());
		mt_srand((float) $sec + ((float) $usec * 100000));
		$session_id = md5(uniqid(mt_rand(), true));

		$sql = "INSERT INTO " . SESSIONS_TABLE . "
			(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
			VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)";
		if ( !$db->sql_query($sql) )
		{
			message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
		}
	}

	if ( $user_id != ANONYMOUS )
	{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : ( 
		$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time; 

		if (!$admin)
		{
			$sql = "UPDATE " . USERS_TABLE . " 
				SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
				WHERE user_id = $user_id";
			if ( !$db->sql_query($sql) )
			{
				message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
			}
		}

		$userdata['user_lastvisit'] = $last_visit;

		$sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
		$sessiondata['userid'] = $user_id;
	}

	$userdata['session_id'] = $session_id;
	$userdata['session_ip'] = $user_ip;
	$userdata['session_user_id'] = $user_id;
	$userdata['session_logged_in'] = $login;
	$userdata['session_page'] = $page_id;
	$userdata['session_start'] = $current_time;
	$userdata['session_time'] = $current_time;
	$userdata['session_admin'] = $admin;

	setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
	setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);

	$SID = 'sid=' . $session_id;

	return $userdata;
}

//
// Checks for a given user session, tidies session table and updates user
// sessions at each page refresh
//
function session_pagestart($user_ip, $thispage_id)
{
	global $db, $lang, $board_config;
	global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;

	$cookiename = $board_config['cookie_name'];
	$cookiepath = $board_config['cookie_path'];
	$cookiedomain = $board_config['cookie_domain'];
	$cookiesecure = $board_config['cookie_secure'];

	$current_time = time();
	unset($userdata);

	if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
	{
		$sessiondata = isset( $HTTP_COOKIE_VARS[$cookiename . '_data'] ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
		$session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
		$sessionmethod = SESSION_METHOD_COOKIE;
	}
	else
	{
		$sessiondata = array();
		$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
		$sessionmethod = SESSION_METHOD_GET;
	}

	// 
	if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
	{
		$session_id = '';
	}

	$thispage_id = (int) $thispage_id;

	//
	// Does a session exist?
	//
	if ( !empty($session_id) )
	{
		//
		// session_id exists so go ahead and attempt to grab all
		// data in preparation
		//
		$sql = "SELECT u.*, s.*
			FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u
			WHERE s.session_id = '$session_id'
				AND u.user_id = s.session_user_id";
		if ( !($result = $db->sql_query($sql)) )
		{
			message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
		}

		$userdata = $db->sql_fetchrow($result);

		//
		// Did the session exist in the DB?
		//
		if ( isset($userdata['user_id']) )
		{
			//
			// Do not check IP assuming equivalence, if IPv4 we'll check only first 24
			// bits ... I've been told (by vHiker) this should alleviate problems with 
			// load balanced et al proxies while retaining some reliance on IP security.
			//
			$ip_check_s = substr($userdata['session_ip'], 0, 6);
			$ip_check_u = substr($user_ip, 0, 6);

			if ($ip_check_s == $ip_check_u)
			{
				$SID = ($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '';

				//
				// Only update session DB a minute or so after last update
				//
				if ( $current_time - $userdata['session_time'] > 60 )
				{
					// A little trick to reset session_admin on session re-usage
					$update_admin = (!defined('IN_ADMIN') && $current_time - $userdata['session_time'] > ($board_config['session_length']+60)) ? ', session_admin = 0' : '';

					$sql = "UPDATE " . SESSIONS_TABLE . " 
						SET session_time = $current_time, session_page = $thispage_id$update_admin
						WHERE session_id = '" . $userdata['session_id'] . "'";
					if ( !$db->sql_query($sql) )
					{
						message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
					}

					if ( $userdata['user_id'] != ANONYMOUS )
					{
						$sql = "UPDATE " . USERS_TABLE . " 
							SET user_session_time = $current_time, user_session_page = $thispage_id
							WHERE user_id = " . $userdata['user_id'];
						if ( !$db->sql_query($sql) )
						{
							message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
						}
					}

					//
					// Delete expired sessions
					//
					$expiry_time = $current_time - $board_config['session_length'];

					$sql = "DELETE FROM " . SESSIONS_TABLE . " 
						WHERE session_time < $expiry_time 
							AND session_id <> '$session_id'";
					if ( !$db->sql_query($sql) )
					{
						message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
					}

					setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
					setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
				}

				return $userdata;
			}
		}
	}

	//
	// If we reach here then no (valid) session exists. So we'll create a new one,
	// using the cookie user_id if available to pull basic user prefs.
	//
	$user_id = ( isset($sessiondata['userid']) ) ? intval($sessiondata['userid']) : ANONYMOUS;

	if ( !($userdata = session_begin($user_id, $user_ip, $thispage_id, TRUE)) )
	{
		message_die(CRITICAL_ERROR, 'Error creating user session', '', __LINE__, __FILE__, $sql);
	}

	return $userdata;

}

//
// session_end closes out a session
// deleting the corresponding entry
// in the sessions table
//
function session_end($session_id, $user_id)
{
	global $db, $lang, $board_config;
	global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;

	$cookiename = $board_config['cookie_name'];
	$cookiepath = $board_config['cookie_path'];
	$cookiedomain = $board_config['cookie_domain'];
	$cookiesecure = $board_config['cookie_secure'];

	$current_time = time();

	//
	// Pull cookiedata or grab the URI propagated sid
	//
	if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) )
	{
		$session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
		$sessionmethod = SESSION_METHOD_COOKIE;
	}
	else
	{
		$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
		$sessionmethod = SESSION_METHOD_GET;
	}

	if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
	{
		return;
	}
	
	//
	// Delete existing session
	//
	$sql = "DELETE FROM " . SESSIONS_TABLE . " 
		WHERE session_id = '$session_id' 
			AND session_user_id = $user_id";
	if ( !$db->sql_query($sql) )
	{
		message_die(CRITICAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
	}

	setcookie($cookiename . '_data', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);
	setcookie($cookiename . '_sid', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);

	return true;
}

//
// Append $SID to a url. Borrowed from phplib and modified. This is an
// extra routine utilised by the session code above and acts as a wrapper
// around every single URL and form action. If you replace the session
// code you must include this routine, even if it's empty.
//
function append_sid($url, $non_html_amp = false)
{
	global $SID;

	if ( !empty($SID) && !preg_match('#sid=#', $url) )
	{
		$url .= ( ( strpos($url, '?') != false ) ?  ( ( $non_html_amp ) ? '&' : '&' ) : '?' ) . $SID;
	}

	return $url;
}

?>

Posted: Mon Nov 28, 2005 2:00 pm
by Merlin Sythove
jvini wrote:
Merlin Sythove wrote:My guess with a blank page is that you are missing a brace somewhere resulting in no more code being executed on that page, i.e. a blank page.

Still having problems....I tried it on a testvanilla phpBB 2.0.18, still not working. The board is here.. Some kind of parse error at the start of the mod. Here's sessions.php. Any ideas?


Give me the exact error message, that is more helpful.