Jump to content
xisto Community
Sign in to follow this  
savge17

Login Script For Vbulletin.

Recommended Posts

For some reason when I try to logon from the main page it doesnt work, it just brings me to the forums unlogged. Anyone here have any ideas whats wrong with my coding?

Heres the webpage:
http://forums.xisto.com/no_longer_exists/

Heres the coding im Using:

<form action="http://forums.xisto.com/no_longer_exists/; method="get" id="login" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
<div class="sidecontent">
<br /><img src="images/username.jpg" alt=""/>
<input type="text" class="form" value="User Name" name="vb_login_username" accesskey="u" onfocus="if (this.value == 'User Name') this.value = '';" />
<br /><img src="images/password.jpg" alt=""/>
<input type="password" class="form" value="" name="vb_login_password" tabindex="102" />
<a href="http://forums.xisto.com/no_longer_exists/login.php?do=lostpw password?</a> <br />
<a href="http://forums.xisto.com/no_longer_exists/register.php for free!</a>
<input name="Submit" type="submit" class="submit" value="" />
</div>

</form>


Share this post


Link to post
Share on other sites

Just asking:Is the web page named index.html? and the Forum named index.php in the same directory? Might be some confusion about that. (having two index files in the directory)It would be typical to have the Forum set-up in its own 'folder' so there is a seperation.Also, most Forums use a very specific Login process, so the code for the login needs to be reviewed to assist you further. Any chance you can post the receiving page contents? It would be a php page.

Share this post


Link to post
Share on other sites

Just asking:
Is the web page named index.html? and the Forum named index.php in the same directory?


Yea they are in the same directory, I kinda messed up on setting it up that way. Anyways im going to move everyhting to the forums folder and see if it fixes it.

Share this post


Link to post
Share on other sites

I just switched everything to the forums directory and it still doesnt work. I get the folowing error.

Not FoundThe requested URL /form action= was not found on this server.Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Hmmm well as for the receiving page contents you do mean login.php right? Because of:
<form action="http://ageofilluminati.com/login.php?do=login"

Here is login.php:
<?php/*======================================================================*\|| #################################################################### |||| # vBulletin 3.6.8|| # ---------------------------------------------------------------- # |||| # Copyright Š2000-2007 Jelsoft Enterprises Ltd. All Rights Reserved. |||| # This file may not be redistributed in whole or significant part. # |||| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # |||| # http://http://www.vbulletin.com/ | http://http://www.vbulletin.com/en/license-agreement/ # |||| #################################################################### ||\*======================================================================*/// ####################### SET PHP ENVIRONMENT ###########################error_reporting(E_ALL & ~E_NOTICE);// #################### DEFINE IMPORTANT CONSTANTS #######################define('THIS_SCRIPT', 'login');// ################### PRE-CACHE TEMPLATES AND DATA ######################// get special phrase groups$phrasegroups = array();// get special data templates from the datastore$specialtemplates = array();// pre-cache templates used by all actions$globaltemplates = array();// pre-cache templates used by specific actions$actiontemplates = array(	'lostpw' => array(		'lostpw'	));// ######################### REQUIRE BACK-END ############################require_once('./global.php');require_once(DIR . '/includes/functions_login.php');// #######################################################################// ######################## START MAIN SCRIPT ############################// #######################################################################$vbulletin->input->clean_gpc('r', 'a', TYPE_STR);if (empty($_REQUEST['do']) AND empty($vbulletin->GPC['a'])){	exec_header_redirect($vbulletin->options['forumhome'] . '.php');}// ############################### start logout ###############################if ($_REQUEST['do'] == 'logout'){	$vbulletin->input->clean_gpc('r', 'logouthash', TYPE_STR);	if ($vbulletin->userinfo['userid'] != 0 AND $vbulletin->GPC['logouthash'] != $vbulletin->userinfo['logouthash'])	{		eval(standard_error(fetch_error('logout_error', $vbulletin->session->vars['sessionurl'], $vbulletin->userinfo['logouthash'])));	}	process_logout();	$vbulletin->url = fetch_replaced_session_url($vbulletin->url);	if (strpos($vbulletin->url, 'do=logout') !== false)	{		$vbulletin->url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'];	}	$show['member'] = false;	eval(standard_error(fetch_error('cookieclear', create_full_url($vbulletin->url), $vbulletin->options['forumhome'], $vbulletin->session->vars['sessionurl_q']), '', false));}// ############################### start do login ###############################// this was a _REQUEST action but where do we all login via request?if ($_POST['do'] == 'login'){	$vbulletin->input->clean_array_gpc('p', array(		'vb_login_username'		=> TYPE_STR,		'vb_login_password'		=> TYPE_STR,		'vb_login_md5password'	 => TYPE_STR,		'vb_login_md5password_utf' => TYPE_STR,		'postvars'				 => TYPE_STR,		'cookieuser'			   => TYPE_BOOL,		'logintype'				=> TYPE_STR,		'cssprefs'				 => TYPE_STR,	));	// can the user login?	$strikes = verify_strike_status($vbulletin->GPC['vb_login_username']);	if ($vbulletin->GPC['vb_login_username'] == '')	{		eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes)));	}	// make sure our user info stays as whoever we were (for example, we might be logged in via cookies already)	$original_userinfo = $vbulletin->userinfo;	if (!verify_authentication($vbulletin->GPC['vb_login_username'], $vbulletin->GPC['vb_login_password'], $vbulletin->GPC['vb_login_md5password'], $vbulletin->GPC['vb_login_md5password_utf'], $vbulletin->GPC['cookieuser'], true))	{		($hook = vBulletinHook::fetch_hook('login_failure')) ? eval($hook) : false;		// check password		exec_strike_user($vbulletin->userinfo['username']);		if ($vbulletin->GPC['logintype'] === 'cplogin' OR $vbulletin->GPC['logintype'] === 'modcplogin')		{			// log this error if attempting to access the control panel			require_once(DIR . '/includes/functions_log_error.php');			log_vbulletin_error($vbulletin->GPC['vb_login_username'], 'security');		}		$vbulletin->userinfo = $original_userinfo;		if ($vbulletin->options['usestrikesystem'])		{			eval(standard_error(fetch_error('badlogin_strikes', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes)));		}		else		{			eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'])));		}	}	exec_unstrike_user($vbulletin->GPC['vb_login_username']);	// create new session	process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']);	// do redirect	do_login_redirect();}else if ($_GET['do'] == 'login'){	// add consistency with previous behavior	exec_header_redirect($vbulletin->options['forumhome'] . '.php');}// ############################### start lost password ###############################if ($_REQUEST['do'] == 'lostpw'){	$vbulletin->input->clean_gpc('r', 'email', TYPE_NOHTML);	$email = $vbulletin->GPC['email'];	if ($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview'])	{		$navbits = construct_navbits(array('' => $vbphrase['lost_password_recovery_form']));		eval('$navbar = "' . fetch_template('navbar') . '";');	}	else	{		$navbar = '';	}	$url =& $vbulletin->url;	eval('print_output("' . fetch_template('lostpw') . '");');}// ############################### start email password ###############################if ($_POST['do'] == 'emailpassword'){	$vbulletin->input->clean_gpc('p', 'email', TYPE_STR);	if ($vbulletin->GPC['email'] == '')	{		eval(standard_error(fetch_error('invalidemail', $vbulletin->options['contactuslink'])));	}	require_once(DIR . '/includes/functions_user.php');	$users = $db->query_read_slave("		SELECT userid, username, email, languageid		FROM " . TABLE_PREFIX . "user		WHERE email = '" . $db->escape_string($vbulletin->GPC['email']) . "'	");	if ($db->num_rows($users))	{		while ($user = $db->fetch_array($users))		{			$user['username'] = unhtmlspecialchars($user['username']);			$user['activationid'] = build_user_activation_id($user['userid'], 2, 1);			eval(fetch_email_phrases('lostpw', $user['languageid']));			vbmail($user['email'], $subject, $message, true);		}		$vbulletin->url = str_replace('"', '', $vbulletin->url);		eval(print_standard_redirect('redirect_lostpw', true, true));	}	else	{		eval(standard_error(fetch_error('invalidemail', $vbulletin->options['contactuslink'])));	}}// ############################### start reset password ###############################if ($vbulletin->GPC['a'] == 'pwd' OR $_REQUEST['do'] == 'resetpassword'){	$vbulletin->input->clean_array_gpc('r', array(		'userid'	   => TYPE_UINT,		'u'			=> TYPE_UINT,		'activationid' => TYPE_UINT,		'i'			=> TYPE_UINT	));	if (!$vbulletin->GPC['userid'])	{		$vbulletin->GPC['userid'] = $vbulletin->GPC['u'];	}	if (!$vbulletin->GPC['activationid'])	{		$vbulletin->GPC['activationid'] = $vbulletin->GPC['i'];	}	$userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1);	$user = $db->query_first("		SELECT activationid, dateline		FROM " . TABLE_PREFIX . "useractivation		WHERE type = 1			AND userid = $userinfo[userid]	");	if (!$user)	{		// no activation record, probably got back here after a successful request, back to home		exec_header_redirect($vbulletin->options['forumhome'] . '.php');	}	if ($user['dateline'] < (TIMENOW - 24 * 60 * 60))	{  // is it older than 24 hours?		eval(standard_error(fetch_error('resetexpired', $vbulletin->session->vars['sessionurl'])));	}	if ($user['activationid'] != $vbulletin->GPC['activationid'])	{ //wrong act id		eval(standard_error(fetch_error('resetbadid', $vbulletin->session->vars['sessionurl'])));	}	// delete old activation id	$db->query_write("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = $userinfo[userid] AND type = 1");	// make random number	$newpassword = vbrand(0, 100000000);	// init user data manager	$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD);	$userdata->set_existing($userinfo);	$userdata->set('password', $newpassword);	$userdata->save();	($hook = vBulletinHook::fetch_hook('reset_password')) ? eval($hook) : false;	eval(fetch_email_phrases('resetpw', $userinfo['languageid']));	vbmail($userinfo['email'], $subject, $message, true);	eval(standard_error(fetch_error('resetpw', $vbulletin->session->vars['sessionurl'])));}/*======================================================================*\|| ####################################################################|| #|| # CVS: $RCSfile$ - $Revision: 16422 $|| ####################################################################\*======================================================================*/?>

Share this post


Link to post
Share on other sites

Ummm... I don't know about vbulletin specifically, but most Forum Softwares won't let you simply 'move' the files without changing some of the configuration settings, etc, so the software knows where to find everything and all the referencing for files and stuff gets out of whack if you just copy/move files.You might need to re-install into the Forum Folder instead. That would be my guess.

Share this post


Link to post
Share on other sites

Ah well you're probably right about that. I dont know everything seems to be working though in the forums...are you saying in order for the login script on my homepage to work I should re-install the forums?

I just edited my forums and re-installed it and the script still doesnt work. Again im using:

form action="http://ageofilluminati.com/login.php?do=login.php" method="get" id="login" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)"><div class="sidecontent"><br /><img src="images/username.jpg" alt=""/><input type="text" class="form" value="User Name" name="vb_login_username" accesskey="u" onfocus="if (this.value == 'User Name') this.value = '';" /><br /><img src="images/password.jpg" alt=""/><input type="password" class="form" value="" name="vb_login_password" tabindex="102" /><a href="http://forums.xisto.com/no_longer_exists/ password?</a> <br /><a href="http://forums.xisto.com/no_longer_exists/ for free!</a><input name="Submit" type="submit" class="submit" value="" /></div></form>

Edited by savge17 (see edit history)

Share this post


Link to post
Share on other sites

If the forum is in its own folder, below the account {root}, and this code is being run in the account root, then the form *might* need to point to the subfolder in the action = .

 

form action="http://forums.xisto.com/no_longer_exists/*add folder here*/login.php?do=login.php" method="get" id="login" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">

Share this post


Link to post
Share on other sites

How its done

Login Script For Vbulletin.

 

Basicly VBB Uses a Double MD5 Has to complete the operation for a login, When a user signups to the forums The forums automatically Generate a 3 or 4 Random digit Code called 'Salt'

 

VBB Uses this within the password, to verify its the user and to prevent hacking,

 

 

You need to do a MySQL Query to get the user from the Username,

Select the SALT Field to get that value,

 

Then MD5 the Password the user enters + the salt from the Database, this will then be the correct value of the 'password' field if the password is correct, if not then the user wont be able to login sucsessfully, I have actually Coded my site so the members area of the main website, is the login details used for the user to access the forums,

 

-reply by Chris Rogers

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.