[BETA] External Group[s] Authenication

A place for MOD Authors to post and receive feedback on MODs still in development. No MODs within this forum should be used within a live environment! No new topics are allowed in this forum.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: MOD Development Forum rules

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Sir AL
Registered User
Posts: 195
Joined: Sat Mar 15, 2003 3:35 am

Post by Sir AL »

It might be that you are requesting this script more then once. This script can only be requested once in each page.
TVK_Pitfall
Registered User
Posts: 6
Joined: Wed Jul 02, 2003 7:39 pm

Post by TVK_Pitfall »

Hi al,

i used require_once, this should make sure that the scipt isn´t called more then one time. (isn´t it ?)

Code: Select all

require_once("$DOCUMENT_ROOT/include/content/scripts/auth_group.php");
error can be viewed here:
http://www.tvk.teamkillz.de/index.php?c ... members_sm

greetings pit
Sir AL
Registered User
Posts: 195
Joined: Sat Mar 15, 2003 3:35 am

Post by Sir AL »

I'm not very familiar with class files but to me it seems eather you already included the PhpBB class files or there is some other class file that is included. Again I'm not sure how class files work so I can't tell you what it is for sure but this is what I think it is.
TVK_Pitfall
Registered User
Posts: 6
Joined: Wed Jul 02, 2003 7:39 pm

Post by TVK_Pitfall »

damn ^^ i´m stupid, you have been right, i´ve included it somewhere else, to have these functions on any page available ... and forgot about it... it works now ^^

thank u very much

greetings pit
hartlijn
Registered User
Posts: 36
Joined: Sat Oct 20, 2001 11:32 pm

Post by hartlijn »

Hi Sir All,

I tried your code but keep getting this error:
Error: Could not query group rights information
SQL: SELECT * FROM phpbb_user_group WHERE group_id IN 2 AND user_id='-1' LIMIT 1

What I did: I made a testme.php with this in it:

Code: Select all

<?
require ('access.php');

// Put this after the include/require to check if logged in. 
if ($logincheck == 1) 
{ 
// Yes 
} 
else 
{ 
// No 
} 

// Put this after the include/require to check if in group. 
if ($accesscheck == 1) 
{ 
// Yes 
} 
else 
{ 
// No 
} 
?>
access.php was in the same dir (all in phpbb2-dir) and after editting this was in it:

Code: Select all

<?php 
/*############################################################### 
## Mod Title: phpBB2 External Group Auth 
## Mod Version: 2.1.0 
## Author: Lars Beijar < [email protected] > Edited By: Sir AL < [email protected] > 
## Description: Authenticate from other .php files against your phpBB2 userdatabase! 
##              Allowing only members of the group[s] you specify. 
## 
## Installation Level: EASY 
## Installation Time: 5 Minute 
## Files To Edit: 1 (this file) 
## Included Files: (n/a) 
############################################################## 
## For Security Purposes, Please Check: http://www.phpbb.com/mods/downloads/ for the 
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code 
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered 
## in our MOD-Database, located at: http://www.phpbb.com/mods/downloads/ 
############################################################## 
## 
## Author Note: 
## Put this file somewhere, name it to whatever you wish, and 
## edit it, then use it as an include file in your scripts. 
## 
## Just add one line at the top of your .php files 
## include('/the/path/to/this/file/andthefilename.php'); 
## or more secure with:  
## require('/the/path/to/this/file/andthefilename.php'); 
##  
## 
## The Following Variables in the script below need to be edited. 
## 
###   $phpbb_root_path='/usr/local/apache/phpBB2/'; 
###   $phpbb_web_path='/phpBB2/'; 
###   $secure_against_group_name = ('Administrators','Members'); 
### OR 
### $secure_against_group_name = ('11','22'); 
### $name_or_id = "1"; 
### $table_prefix = "phpbb_"; 
### $notamemberofgroup = " 
### <p align='center'> 
### You are not a Member of this group.<br> 
### To request Membership to a Group <a href='". $phpbb_web_path . "groupcp.php'><b>Click Here</b></a>.</p> 
### "; 
## 
## 
## (the phpBB Group Reserves The Right To Remove/Edit Author Notes, Should It Be Warranted) 
## 
################################################################# 
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD 
###############################################################*/ 

// Change this to the full path to your phpBB2 forum 
$phpbb_root_path='c://phpdev//www//phpbb2/'; 

// Change this to the relative path to your phpBB2 forum 
// You can have this in here or delete it from here and have it before the insert script 
// This is not the path from this page, it is the path from the page incuding this one 
// $phpbb_web_path="/buildforum/"; 


// Change this to the group name or Group ID 
// Depending on which one you pick change the $name_or_id Variable to the proper Value. 

// $secure_against_group_name = ('Administrators','Members'); 

// Or 
$secure_against_group_name = 2; 


// Group Name, Make 1 
// Group ID, Make 0 
$name_or_id = "0"; 

// Only change this if you have changed the default 
// Prefix in your phpBB2 installation 
$table_prefix = "phpbb_ptc_"; 


/*########################################## 
##                 STOP                    # 
## DO NOT MODIFY ANYTHING BELOW THIS LINE  # 
##########################################*/ 

define('IN_PHPBB', true); 
include($phpbb_root_path.'extension.inc'); 
include($phpbb_root_path.'common.'.$phpEx); 

// 
// Start session management 
// 
$userdata = session_pagestart($user_ip, PAGE_INDEX); 
init_userprefs($userdata); 
// 
// End session management 
// 

// If user is not logged in - redirect to the login page with this scriptname as a redirect to... 
if( !$userdata['session_logged_in'] ) 
{ 
$logincheck = 0; 
} 
else 
{ 
$logincheck = 1; 
} 
// Start to get group_id 
if ($name_or_id == "1") 
{ 
$sql="SELECT group_id FROM " . $table_prefix . "groups WHERE group_name IN " . $secure_against_group_name . " "; 
if ( !($result = $db->sql_query($sql)) ) 
{ 
   die("<B>Error:</B> Could not query group name information<BR>SQL: $sql"); 
} 

if ($db->sql_numrows($result) == 0) 
{ 
        die("<B>Error:</B> The group <b>$secure_against_group_name</b> does not exist."); 
} 
$jj = "0"; 
// Puts Ids Togeather 
while ($row = mysql_fetch_array($result)) 
{ 

if ($jj == "0") 
{ 
// First ID 
$alltheids = " '$row[group_id]' "; 
$jj++; 
} 
else 
{ 
// Adding the rest of the IDs 
$alltheids = "$alltheids, '$row[group_id]' "; 
} 

} 

// Add Brackets 
$idsandstuff = "( $alltheids )"; 
} 
// If Group ID and not Name 
if($name_or_id == "0") 
{ 
$secure_against_group_no = $secure_against_group_name; 
} 
else 
{ 
// Move to different Variable 
$secure_against_group_no = $idsandstuff; 
} 
// Check if user is member of the proper group.. 
$sql="SELECT * FROM " . $table_prefix . "user_group WHERE group_id IN " . $secure_against_group_no . " AND user_id=

'" . $userdata[user_id] . "' LIMIT 1"; 

if ( !($result = $db->sql_query($sql)) ) 
{ 
        die("<B>Error:</B> Could not query group rights information<BR>SQL: $sql"); 
} 

if ($db->sql_numrows($result) == 0) 
{ 
$accesscheck = 0; 
} 
else 
{ 
$accesscheck = 1; 
} 
?>
Group 2 is group Admin. You also mentioned that i had to shout if I wanted to call other groups in the same page.
Well: shout :)

Thanks for the first reply and thanks in advance for the next (I hope) reply.
Sir AL
Registered User
Posts: 195
Joined: Sat Mar 15, 2003 3:35 am

Post by Sir AL »

I figured out the problem. You had the group ID as "2" it needs to be "('2')".
Just change line 67 from this:
$secure_against_group_name = 2;
to this:
$secure_against_group_name = "('2')";

About that code I'll work on getting it for you tomarrow I'm a little late for something now.
Sir AL
Registered User
Posts: 195
Joined: Sat Mar 15, 2003 3:35 am

Post by Sir AL »

I think I put to geather something that might outdate all my autherisation scripts at once. It should beable to do it all mulitple group checks, giving a variable the answer to the group status, and login on and off button. To do this I had to divise a new paturn for the script. The paturn is that the different groups are seperated by comma(no spaces or single quotes), the quries are seperated by colons(:), and if you want the results not to kill and then put the outcome in a variable put the variable name(No "$") and then a Greater then sign (>) at the start of the qurie.
Example:
$secure_against_group_name = "11,22:mb>22";
What this script will do is first check if the user is in eather group 11 or 22 and kill the script if they aren't in one. Then it will check if they are in group 22 and then set the variable $mb to 0 or 1 depending on what the outcome is.

Code: Select all

Outdated code removed
I just threw in the text for the discription of the new system so ifyou have a better way to explain it please tell me.
Last edited by Sir AL on Wed Jan 07, 2004 11:47 pm, edited 7 times in total.
hartlijn
Registered User
Posts: 36
Joined: Sat Oct 20, 2001 11:32 pm

Post by hartlijn »

very nice!
I have to try it in more detail but it looks awesome at first sight.
Sir AL
Registered User
Posts: 195
Joined: Sat Mar 15, 2003 3:35 am

Post by Sir AL »

I think I fixed the login redirect thing in the code above. Please tell me if it works or not.
hartlijn
Registered User
Posts: 36
Joined: Sat Oct 20, 2001 11:32 pm

Post by hartlijn »

Sir Al
I have to report some errors.

with $accesslogin = "1";

Code: Select all

Warning: REG_BADRPT:repetition-operator operand invalid in c:\phpdev\www\phpbb2\secure.php on line 112

Warning: Cannot add header information - headers already sent by (output started at c:\phpdev\www\phpbb2\secure.php:112) in c:\phpdev\www\phpbb2\secure.php on line 113
after setting this to 0 the error is gone.
another error when i have $name_or_id = "1";
and $secure_against_group_name = "Admin:mb>Admin";

Code: Select all

Error: Could not query group rights information
SQL: SELECT * FROM phpbb_user_group WHERE group_id IN () AND user_id='-1' LIMIT 1
error does not occur when using ID's..

so basically it works with IDs and without loginscreen.

In my opinion it would be better to just remove the option to use ID's and fix the Name thing. Who would like to use ID's if they can use names?
Or is it for those who are planning to change groupnames (in that case using id is better)?

security issue: if someone is not allowed because he is not in the group, he can request group access and becomes 'pending'. But he can pass the security.
Sir AL
Registered User
Posts: 195
Joined: Sat Mar 15, 2003 3:35 am

Post by Sir AL »

I think I fixed the security issues and the login page I don't see any problem with that yet except that you might not have a group called "Admin". I also upgraded the redirect script again and I think it will work with 2.0.4 now. You also brought up a very good point, is having it work with names really the way to go? It lacks the perminance that the IDs do and it doesn't seem to work. lol

Thanks for all the help hartlijin, I really appreciate it.
hartlijn
Registered User
Posts: 36
Joined: Sat Oct 20, 2001 11:32 pm

Post by hartlijn »

Hey no need to thank me, I only mention my problems. You are the one doin all the work.

The problem with the name is not that big, I can use IDs (tho the names are existing, at least in Manage Groups in the Adminpanel). Couldn't it be problem with quotes, since in the error query there is an empty spot between the brackets:
Error: Could not query group rights information
SQL: SELECT * FROM phpbb_user_group WHERE group_id IN () AND user_id='-1' LIMIT 1.
BTW I did a check if it could be the names I used, so I changed them in a fake name. Then the error changes in Error: The group 'secure2' does not exist. So I guess that eliminates that option.

The redirecting..Maybe there is something I am doin wrong here, because I get this error:
(http://localhost/phpbb2/login.php?redir ... 7f7d04339e) for does not exist.
I changed the headerline to:
header("Location: " . append_sid($phpbb_web_path . "login." . $phpEx . "?redirect=..". $phpselftemp));
I guess this only works if the files are one level higher than phpbb2-dir.

my secure.php and test.php (including the secure.php) are both in http://localhost/test/ and phpbb is in http://localhost/phpbb2/

i set the params as follows:
$phpbb_root_path='c://phpdev//www//phpbb2/';
$phpbb_web_path="../phpbb2/";
Sir AL
Registered User
Posts: 195
Joined: Sat Mar 15, 2003 3:35 am

Post by Sir AL »

Cross your fingers, I think I finally got the redirect to work properly and hopefully it can take variables in the string with it too. And I also worked on the group name thing. I changed it in the code above It should work now, or will it. :?:
hartlijn
Registered User
Posts: 36
Joined: Sat Oct 20, 2001 11:32 pm

Post by hartlijn »

wwweeeeeewwwwww :p

working like a charm.

Now, I think I will try to create a dedicated login box I can show on the page itself, instead of working with the phpbb2/login.php and the redirect.
THink I saw some mods for that as well.

Sir AL; thnks.
AbelaJohnB
Former Team Member
Posts: 5674
Joined: Fri Jul 06, 2001 11:56 pm

Post by AbelaJohnB »

Sir AL,

Have you recieved authorization from Lars Beijar to re-release this MOD?

Please let me know via PM.

Thank You.
Post Reply

Return to “[2.0.x] MODs in Development”