Probleme mit Login Script / IPboard 3.x

Hallo, ich hoffe jemand kann mir helfen.

ich habe gleich 2 Probleme.

Hoffe jemand kennt IPboard 2.3 bzw 3.x

Ich habe versucht ein Login zu erstellen jedoch bekomme ich mit Livehttpheaders nur :

rememberMe=1&ips_username=USER&ips_password=PASSWO RT&auth_key=880ea6a14ea49e853634fbdc5015a024&submi t=Sign+In: undefined

Code:

 Dim User = TextBox1.Text, Pwd = TextBox2.Text
        Dim Request As HttpWebRequest = CType(WebRequest.Create("http://www.forumlink.de/forum/index.php"), HttpWebRequest)
        Request.Method = "POST"
        Request.ContentType = "application/x-www-form-urlencoded"
        Dim Post As String = "ips_username=" & User & "&ips_password=" & Pwd
        Dim byteArray() As Byte = Encoding.UTF8.GetBytes(Post)
        Request.ContentLength = byteArray.Length
        Dim DataStream As Stream = Request.GetRequestStream()
        DataStream.Write(byteArray, 0, byteArray.Length)
        DataStream.Close()
        Dim Response As HttpWebResponse = Request.GetResponse()
        DataStream = Response.GetResponseStream()
        Dim reader As New StreamReader(DataStream)
        Dim ServerResponse As String = reader.ReadToEnd()
        reader.Close()
        DataStream.Close()
        Response.Close()
        If InStr(ServerResponse, "You are now signed in") Then
Form2.show()
        Else
            MessageBox.Show("Password false!")
        End If

Damals ging es einfach bei 2.x

___________________________________________

Zum Problem 2.

Ipboard 3.x l�uft auch in der Mysql ganz anders es hat kein seperaten Login namen nur noch den Display (usernamen) zum Einloggen.

Nun habe ich ein Script :

PHP Code:


			
 <?PHP

require("connect.php");

//Get username information

$username=$_POST['username'];

$password=$_POST['password'];

$username=mysql_real_escape_string($username);

$password=mysql_real_escape_string($password);



//check that user is not banned

$banned=mysql_query("SELECT * FROM GUIDTech WHERE user='" .$username. "'");

while($rows=mysql_fetch_array($banned)){

    $banned1=$rows['BANNED'];

}



//Get id from username for retrieval of the password hash and salt

$result=mysql_query("SELECT * FROM ".$pf."members WHERE name='" . $username. "'")or die('fout'. mysql_error());

while($rows=mysql_fetch_array($result)){

    $id=$rows['id'];

    //We need this information to make sure the user is allowed to access this system

    $group=$rows['mgroup'];

    $user2 = $rows['name'];

    }



//*********************************************************************

//Modify this table to use your usergroup names

$allowedgroups = array (

"Root Admin",

"Global Moderator",

"Administrators",

"Coder",

"Super ViP Member",

"GFX Designer",

"VIP-Member",

"Head Moderator",

"Special Member",

"Local Moderator",

"Support",



);

//**********************************************************************

//Get password hash and salt using email

$nick=mysql_query("SELECT * FROM ".$pf."members WHERE name='".$username."'");

while($rows=mysql_fetch_array($nick)){

    $nickname=$rows['members_display_name'];

    $m_login_key = $rows['member_login_key'];

    }



//Get use the group ID to get the group title text

$verify=mysql_query("SELECT * FROM ".$pf."groups");

while($rows=mysql_fetch_array($verify)){

    $result=mysql_query("SELECT * FROM ".$pf."groups WHERE g_id='".$group."'");

    while($rows2=mysql_fetch_array($result)){

        $group=$rows2['g_title'];

        }

    }



$usergroup = false;

if(in_array($group, $allowedgroups)) {

    $usergroup = true;

    }



//Get password hash and salt using email

$result=mysql_query("SELECT * FROM ".$pf."members_converge WHERE converge_id='" . $id . "'");

while($rows=mysql_fetch_array($result)){

    $checkpass=$rows['converge_pass_hash'];

    $salt=$rows['converge_pass_salt'];

    }

//echo $checkpass . "<br />" . md5($_POST['pass']);    

//$ip = explode('.', $_SERVER['REMOTE_ADDR']);

//$salt2 = md5($DBpassword .  $DBusername);

//$pass2 = md5( md5( $id . "-" . $ip[0] . '-' . $ip[1] . '-' . $m_login_key) . $salt2);

$password = md5( md5( $salt ) . md5( $password ) );



if($password != $checkpass/*$_COOKIE['ipb_stronghold']*/){

    echo '<meta http-equiv="refresh" content="0;url=wrong.php">' ; //Error





    exit;

    }



if(!$usergroup){

    echo '<meta http-equiv="refresh" content="0;url=group.php">' ; //Error

    exit;

}



session_start();

$_SESSION['code'] = md5(rand(1,1000));

$_SESSION['user'] = $user2;

$_SESSION['nickname'] = $nickname;

$res = mysql_query("SELECT * FROM GUIDTech WHERE user='". $_SESSION['user'] ."'")or die(mysql_error());

//$data = mysql_fetch_assoc($res);

if(mysql_num_rows($res) >= 1) {

    mysql_query("UPDATE GUIDTech SET code='" . $_SESSION['code'] ."', user='". $_SESSION['user'] . "', nickname='". $_SESSION['nickname']."' WHERE user='" . $_SESSION['user'] ."'")or die(mysql_error());

    }

else {

    mysql_query("INSERT INTO GUIDTech (user, nickname, code) VALUES ('". $_SESSION['user'] ."', '". $_SESSION['nickname']."', '" .$_SESSION['code'] ."')")or die(mysql_error());

    }

header("Location: thanks.php");

ob_end_flush();

?>

Und :

PHP Code:


			
 <?php

session_start();

ob_start();



// Edit this section with your database details  



$host="localhost"; // Host name

$DBusername="Forum"; // Mysql user

$DBpassword="****"; // Mysql password

$db_name="forum"; // Database name

$pf="ibf_"; // Database Prefix if you have one        







//Do Not touch below this line



###################################################################





// Connect to server and select databse.

mysql_connect($host, $DBusername, $DBpassword)or die("cannot connect");

mysql_select_db($db_name)or die("cannot select DB");



function NotLoggedIn() {

    echo "You are not logged in<br /><a href="index.php">Go back</a>";

    exit();

    }



function Check_Login() {

    if(isset($_SESSION['user'])) {

        $res = mysql_query("SELECT * FROM GUIDTech WHERE user='". $_SESSION['user'] ."'")or die(mysql_error());

        if(mysql_num_rows($res) == 1) {

            $data = mysql_fetch_assoc($res);

            if(!$data['code'] == $_SESSION['code']) {

                return false;

                }

            else {

                return true;

                $_SESSION['user'] = $data['user'];

                $_SESSION['code'] = $data['code'];

                $_SESSION['nickname'] = $data['nickname'];

                $username = $_SESSION['user'];

                $nickname = $_SESSION['nickname'];

                }

            }

        else {

            return false;

            }

        }

    else {

        return false;

        }

    }

?>

Muss ich da nur nickname entfernen?

Vieleicht kann wer Helfen das w�re echt nett.