ich habe gleich 2 Probleme.
Hoffe jemand kennt IPboard 2.3 bzw 3.x
Ich habe versucht ein Login zu erstellen jedoch bekomme ich mit Livehttpheaders nur :
rememberMe=1&ips_username=USER&ips_password=PASSWO RT&auth_key=880ea6a14ea49e853634fbdc5015a024&submi t=Sign+In: undefined
Code:
Dim User = TextBox1.Text, Pwd = TextBox2.Text
Dim Request As HttpWebRequest = CType(WebRequest.Create("http://www.forumlink.de/forum/index.php"), HttpWebRequest)
Request.Method = "POST"
Request.ContentType = "application/x-www-form-urlencoded"
Dim Post As String = "ips_username=" & User & "&ips_password=" & Pwd
Dim byteArray() As Byte = Encoding.UTF8.GetBytes(Post)
Request.ContentLength = byteArray.Length
Dim DataStream As Stream = Request.GetRequestStream()
DataStream.Write(byteArray, 0, byteArray.Length)
DataStream.Close()
Dim Response As HttpWebResponse = Request.GetResponse()
DataStream = Response.GetResponseStream()
Dim reader As New StreamReader(DataStream)
Dim ServerResponse As String = reader.ReadToEnd()
reader.Close()
DataStream.Close()
Response.Close()
If InStr(ServerResponse, "You are now signed in") Then
Form2.show()
Else
MessageBox.Show("Password false!")
End If
___________________________________________
Zum Problem 2.
Ipboard 3.x läuft auch in der Mysql ganz anders es hat kein seperaten Login namen nur noch den Display (usernamen) zum Einloggen.
Nun habe ich ein Script :
PHP Code:
<?PHP
require("connect.php");
//Get username information
$username=$_POST['username'];
$password=$_POST['password'];
$username=mysql_real_escape_string($username);
$password=mysql_real_escape_string($password);
//check that user is not banned
$banned=mysql_query("SELECT * FROM GUIDTech WHERE user='" .$username. "'");
while($rows=mysql_fetch_array($banned)){
$banned1=$rows['BANNED'];
}
//Get id from username for retrieval of the password hash and salt
$result=mysql_query("SELECT * FROM ".$pf."members WHERE name='" . $username. "'")or die('fout'. mysql_error());
while($rows=mysql_fetch_array($result)){
$id=$rows['id'];
//We need this information to make sure the user is allowed to access this system
$group=$rows['mgroup'];
$user2 = $rows['name'];
}
//*********************************************************************
//Modify this table to use your usergroup names
$allowedgroups = array (
"Root Admin",
"Global Moderator",
"Administrators",
"Coder",
"Super ViP Member",
"GFX Designer",
"VIP-Member",
"Head Moderator",
"Special Member",
"Local Moderator",
"Support",
);
//**********************************************************************
//Get password hash and salt using email
$nick=mysql_query("SELECT * FROM ".$pf."members WHERE name='".$username."'");
while($rows=mysql_fetch_array($nick)){
$nickname=$rows['members_display_name'];
$m_login_key = $rows['member_login_key'];
}
//Get use the group ID to get the group title text
$verify=mysql_query("SELECT * FROM ".$pf."groups");
while($rows=mysql_fetch_array($verify)){
$result=mysql_query("SELECT * FROM ".$pf."groups WHERE g_id='".$group."'");
while($rows2=mysql_fetch_array($result)){
$group=$rows2['g_title'];
}
}
$usergroup = false;
if(in_array($group, $allowedgroups)) {
$usergroup = true;
}
//Get password hash and salt using email
$result=mysql_query("SELECT * FROM ".$pf."members_converge WHERE converge_id='" . $id . "'");
while($rows=mysql_fetch_array($result)){
$checkpass=$rows['converge_pass_hash'];
$salt=$rows['converge_pass_salt'];
}
//echo $checkpass . "<br />" . md5($_POST['pass']);
//$ip = explode('.', $_SERVER['REMOTE_ADDR']);
//$salt2 = md5($DBpassword . $DBusername);
//$pass2 = md5( md5( $id . "-" . $ip[0] . '-' . $ip[1] . '-' . $m_login_key) . $salt2);
$password = md5( md5( $salt ) . md5( $password ) );
if($password != $checkpass/*$_COOKIE['ipb_stronghold']*/){
echo '<meta http-equiv="refresh" content="0;url=wrong.php">' ; //Error
exit;
}
if(!$usergroup){
echo '<meta http-equiv="refresh" content="0;url=group.php">' ; //Error
exit;
}
session_start();
$_SESSION['code'] = md5(rand(1,1000));
$_SESSION['user'] = $user2;
$_SESSION['nickname'] = $nickname;
$res = mysql_query("SELECT * FROM GUIDTech WHERE user='". $_SESSION['user'] ."'")or die(mysql_error());
//$data = mysql_fetch_assoc($res);
if(mysql_num_rows($res) >= 1) {
mysql_query("UPDATE GUIDTech SET code='" . $_SESSION['code'] ."', user='". $_SESSION['user'] . "', nickname='". $_SESSION['nickname']."' WHERE user='" . $_SESSION['user'] ."'")or die(mysql_error());
}
else {
mysql_query("INSERT INTO GUIDTech (user, nickname, code) VALUES ('". $_SESSION['user'] ."', '". $_SESSION['nickname']."', '" .$_SESSION['code'] ."')")or die(mysql_error());
}
header("Location: thanks.php");
ob_end_flush();
?>
PHP Code:
<?php
session_start();
ob_start();
// Edit this section with your database details
$host="localhost"; // Host name
$DBusername="Forum"; // Mysql user
$DBpassword="****"; // Mysql password
$db_name="forum"; // Database name
$pf="ibf_"; // Database Prefix if you have one
//Do Not touch below this line
###################################################################
// Connect to server and select databse.
mysql_connect($host, $DBusername, $DBpassword)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
function NotLoggedIn() {
echo "You are not logged in<br /><a href="index.php">Go back</a>";
exit();
}
function Check_Login() {
if(isset($_SESSION['user'])) {
$res = mysql_query("SELECT * FROM GUIDTech WHERE user='". $_SESSION['user'] ."'")or die(mysql_error());
if(mysql_num_rows($res) == 1) {
$data = mysql_fetch_assoc($res);
if(!$data['code'] == $_SESSION['code']) {
return false;
}
else {
return true;
$_SESSION['user'] = $data['user'];
$_SESSION['code'] = $data['code'];
$_SESSION['nickname'] = $data['nickname'];
$username = $_SESSION['user'];
$nickname = $_SESSION['nickname'];
}
}
else {
return false;
}
}
else {
return false;
}
}
?>
Vieleicht kann wer Helfen das wäre echt nett.
