HOME       >>       Programming

Login Script For Vbulletin.


savge17

For some reason when I try to logon from the main page it doesnt work, it just brings me to the forums unlogged. Anyone here have any ideas whats wrong with my coding?

Heres the webpage:
http://forums.xisto.com/no_longer_exists/

Heres the coding im Using:

<form action="http://forums.xisto.com/no_longer_exists/; method="get" id="login" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
<div >
<br /><img src="images/username.jpg" alt=""/>
<input type="text" value="User Name" name="vb_login_username" accesskey="u" onfocus="if (this.value == 'User Name') this.value = '';" />
<br /><img src="images/password.jpg" alt=""/>
<input type="password" value="" name="vb_login_password" tabindex="102" />
<a href="http://forums.xisto.com/no_longer_exists/login.php?do=lostpw password?</a> <br />
<a href="http://forums.xisto.com/no_longer_exists/register.php for free!</a>
<input name="Submit" type="submit" value="" />
</div>

</form>



sonesay

I just looked at your forum and when you submit a login from there it gets sent to http://forums.xisto.com/no_longer_exists/
I'm guessing you need to have the variable 'do' set to 'login' so it will try and process the login.

<form action="http://ageofilluminati.com/login.php?do=login"


jlhaslip

Just asking:Is the web page named index.html? and the Forum named index.php in the same directory? Might be some confusion about that. (having two index files in the directory)It would be typical to have the Forum set-up in its own 'folder' so there is a seperation.Also, most Forums use a very specific Login process, so the code for the login needs to be reviewed to assist you further. Any chance you can post the receiving page contents? It would be a php page.


savge17

Just asking:
Is the web page named index.html? and the Forum named index.php in the same directory?


Yea they are in the same directory, I kinda messed up on setting it up that way. Anyways im going to move everyhting to the forums folder and see if it fixes it.

savge17

I just switched everything to the forums directory and it still doesnt work. I get the folowing error.

Not FoundThe requested URL /form action= was not found on this server.Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Hmmm well as for the receiving page contents you do mean login.php right? Because of:
<form action="http://ageofilluminati.com/login.php?do=login"

Here is login.php:
<?php/*======================================================================*\|| #################################################################### |||| # vBulletin 3.6.8|| # ---------------------------------------------------------------- # |||| # Copyright Š2000-2007 Jelsoft Enterprises Ltd. All Rights Reserved. |||| # This file may not be redistributed in whole or significant part. # |||| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # |||| # http://http://www.vbulletin.com/ | http://http://www.vbulletin.com/en/license-agreement/ # |||| #################################################################### ||\*======================================================================*/// ####################### SET PHP ENVIRONMENT ###########################error_reporting(E_ALL & ~E_NOTICE);// #################### DEFINE IMPORTANT CONSTANTS #######################define('THIS_SCRIPT', 'login');// ################### PRE-CACHE TEMPLATES AND DATA ######################// get special phrase groups$phrasegroups = array();// get special data templates from the datastore$specialtemplates = array();// pre-cache templates used by all actions$globaltemplates = array();// pre-cache templates used by specific actions$actiontemplates = array( 'lostpw' => array( 'lostpw' ));// ######################### REQUIRE BACK-END ############################require_once('./global.php');require_once(DIR . '/includes/functions_login.php');// #######################################################################// ######################## START MAIN SCRIPT ############################// #######################################################################$vbulletin->input->clean_gpc('r', 'a', TYPE_STR);if (empty($_REQUEST['do']) AND empty($vbulletin->GPC['a'])){ exec_header_redirect($vbulletin->options['forumhome'] . '.php');}// ############################### start logout ###############################if ($_REQUEST['do'] == 'logout'){ $vbulletin->input->clean_gpc('r', 'logouthash', TYPE_STR); if ($vbulletin->userinfo['userid'] != 0 AND $vbulletin->GPC['logouthash'] != $vbulletin->userinfo['logouthash']) { eval(standard_error(fetch_error('logout_error', $vbulletin->session->vars['sessionurl'], $vbulletin->userinfo['logouthash']))); } process_logout(); $vbulletin->url = fetch_replaced_session_url($vbulletin->url); if (strpos($vbulletin->url, 'do=logout') !== false) { $vbulletin->url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']; } $show['member'] = false; eval(standard_error(fetch_error('cookieclear', create_full_url($vbulletin->url), $vbulletin->options['forumhome'], $vbulletin->session->vars['sessionurl_q']), '', false));}// ############################### start do login ###############################// this was a _REQUEST action but where do we all login via request?if ($_POST['do'] == 'login'){ $vbulletin->input->clean_array_gpc('p', array( 'vb_login_username' => TYPE_STR, 'vb_login_password' => TYPE_STR, 'vb_login_md5password' => TYPE_STR, 'vb_login_md5password_utf' => TYPE_STR, 'postvars' => TYPE_STR, 'cookieuser' => TYPE_BOOL, 'logintype' => TYPE_STR, 'cssprefs' => TYPE_STR, )); // can the user login? $strikes = verify_strike_status($vbulletin->GPC['vb_login_username']); if ($vbulletin->GPC['vb_login_username'] == '') { eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes))); } // make sure our user info stays as whoever we were (for example, we might be logged in via cookies already) $original_userinfo = $vbulletin->userinfo; if (!verify_authentication($vbulletin->GPC['vb_login_username'], $vbulletin->GPC['vb_login_password'], $vbulletin->GPC['vb_login_md5password'], $vbulletin->GPC['vb_login_md5password_utf'], $vbulletin->GPC['cookieuser'], true)) { ($hook = vBulletinHook::fetch_hook('login_failure')) ? eval($hook) : false; // check password exec_strike_user($vbulletin->userinfo['username']); if ($vbulletin->GPC['logintype'] === 'cplogin' OR $vbulletin->GPC['logintype'] === 'modcplogin') { // log this error if attempting to access the control panel require_once(DIR . '/includes/functions_log_error.php'); log_vbulletin_error($vbulletin->GPC['vb_login_username'], 'security'); } $vbulletin->userinfo = $original_userinfo; if ($vbulletin->options['usestrikesystem']) { eval(standard_error(fetch_error('badlogin_strikes', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes))); } else { eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl']))); } } exec_unstrike_user($vbulletin->GPC['vb_login_username']); // create new session process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']); // do redirect do_login_redirect();}else if ($_GET['do'] == 'login'){ // add consistency with previous behavior exec_header_redirect($vbulletin->options['forumhome'] . '.php');}// ############################### start lost password ###############################if ($_REQUEST['do'] == 'lostpw'){ $vbulletin->input->clean_gpc('r', 'email', TYPE_NOHTML); $email = $vbulletin->GPC['email']; if ($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) { $navbits = construct_navbits(array('' => $vbphrase['lost_password_recovery_form'])); eval('$navbar = "' . fetch_template('navbar') . '";'); } else { $navbar = ''; } $url =& $vbulletin->url; eval('print_output("' . fetch_template('lostpw') . '");');}// ############################### start email password ###############################if ($_POST['do'] == 'emailpassword'){ $vbulletin->input->clean_gpc('p', 'email', TYPE_STR); if ($vbulletin->GPC['email'] == '') { eval(standard_error(fetch_error('invalidemail', $vbulletin->options['contactuslink']))); } require_once(DIR . '/includes/functions_user.php'); $users = $db->query_read_slave(" SELECT userid, username, email, languageid FROM " . TABLE_PREFIX . "user WHERE email = '" . $db->escape_string($vbulletin->GPC['email']) . "' "); if ($db->num_rows($users)) { while ($user = $db->fetch_array($users)) { $user['username'] = unhtmlspecialchars($user['username']); $user['activationid'] = build_user_activation_id($user['userid'], 2, 1); eval(fetch_email_phrases('lostpw', $user['languageid'])); vbmail($user['email'], $subject, $message, true); } $vbulletin->url = str_replace('"', '', $vbulletin->url); eval(print_standard_redirect('redirect_lostpw', true, true)); } else { eval(standard_error(fetch_error('invalidemail', $vbulletin->options['contactuslink']))); }}// ############################### start reset password ###############################if ($vbulletin->GPC['a'] == 'pwd' OR $_REQUEST['do'] == 'resetpassword'){ $vbulletin->input->clean_array_gpc('r', array( 'userid' => TYPE_UINT, 'u' => TYPE_UINT, 'activationid' => TYPE_UINT, 'i' => TYPE_UINT )); if (!$vbulletin->GPC['userid']) { $vbulletin->GPC['userid'] = $vbulletin->GPC['u']; } if (!$vbulletin->GPC['activationid']) { $vbulletin->GPC['activationid'] = $vbulletin->GPC['i']; } $userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1); $user = $db->query_first(" SELECT activationid, dateline FROM " . TABLE_PREFIX . "useractivation WHERE type = 1 AND userid = $userinfo[userid] "); if (!$user) { // no activation record, probably got back here after a successful request, back to home exec_header_redirect($vbulletin->options['forumhome'] . '.php'); } if ($user['dateline'] < (TIMENOW - 24 * 60 * 60)) { // is it older than 24 hours? eval(standard_error(fetch_error('resetexpired', $vbulletin->session->vars['sessionurl']))); } if ($user['activationid'] != $vbulletin->GPC['activationid']) { //wrong act id eval(standard_error(fetch_error('resetbadid', $vbulletin->session->vars['sessionurl']))); } // delete old activation id $db->query_write("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = $userinfo[userid] AND type = 1"); // make random number $newpassword = vbrand(0, 100000000); // init user data manager $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD); $userdata->set_existing($userinfo); $userdata->set('password', $newpassword); $userdata->save(); ($hook = vBulletinHook::fetch_hook('reset_password')) ? eval($hook) : false; eval(fetch_email_phrases('resetpw', $userinfo['languageid'])); vbmail($userinfo['email'], $subject, $message, true); eval(standard_error(fetch_error('resetpw', $vbulletin->session->vars['sessionurl'])));}/*======================================================================*\|| ####################################################################|| #|| # CVS: $RCSfile$ - $Revision: 16422 $|| ####################################################################\*======================================================================*/?>


jlhaslip

Ummm... I don't know about vbulletin specifically, but most Forum Softwares won't let you simply 'move' the files without changing some of the configuration settings, etc, so the software knows where to find everything and all the referencing for files and stuff gets out of whack if you just copy/move files.You might need to re-install into the Forum Folder instead. That would be my guess.


savge17

Ah well you're probably right about that. I dont know everything seems to be working though in the forums...are you saying in order for the login script on my homepage to work I should re-install the forums?

I just edited my forums and re-installed it and the script still doesnt work. Again im using:

form action="http://ageofilluminati.com/login.php?do=login.php" method="get" id="login" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)"><div ><br /><img src="images/username.jpg" alt=""/><input type="text" value="User Name" name="vb_login_username" accesskey="u" onfocus="if (this.value == 'User Name') this.value = '';" /><br /><img src="images/password.jpg" alt=""/><input type="password" value="" name="vb_login_password" tabindex="102" /><a href="http://forums.xisto.com/no_longer_exists/ password?</a> <br /><a href="http://forums.xisto.com/no_longer_exists/ for free!</a><input name="Submit" type="submit" value="" /></div></form>


savge17

Bump. Does anyone have any ideas whats up with my login script? Thx.


jlhaslip

If the forum is in its own folder, below the account {root}, and this code is being run in the account root, then the form *might* need to point to the subfolder in the action = .

 

form action="http://forums.xisto.com/no_longer_exists/*add folder here*/login.php?do=login.php" method="get" id="login" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">


iGuest

How its done

Login Script For Vbulletin.

 

Basicly VBB Uses a Double MD5 Has to complete the operation for a login, When a user signups to the forums The forums automatically Generate a 3 or 4 Random digit Code called 'Salt'

 

VBB Uses this within the password, to verify its the user and to prevent hacking,

 

 

You need to do a MySQL Query to get the user from the Username,

Select the SALT Field to get that value,

 

Then MD5 the Password the user enters + the salt from the Database, this will then be the correct value of the 'password' field if the password is correct, if not then the user wont be able to login sucsessfully, I have actually Coded my site so the members area of the main website, is the login details used for the user to access the forums,

 

-reply by Chris Rogers


iGuest

Dude just remove your sitte name from action of login form.

-reply by Mohit


VIEW DESKTOP VERSION REGISTERGET FREE HOSTING

Xisto.com offers Free Web Hosting to its Members for their participation in this Community. We moderate all content posted here but we cannot warrant full correctness of all content. While using this site, you agree to have read and accepted our terms of use, cookie and privacy policy. Copyright 2001-2019 by Xisto Corporation. All Rights Reserved.