Remember Forever.... Remember Forever....
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Remember Forever....

Started by zoomingrocket, November 22, 2004, 05:17:19 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

zoomingrocket

I am using CPG 1.3.2 integrated with VB 3.0.1...

Yesterday, i noticied a strange problem... if i logon to the board without checking whether to stay permanently logged on, then the whenever i go to the album, i am redirected back to the page i requested from!

And if, i select the checkbox to stay forever logged in, then it allows me to see the album easily!
Can anyone tell me wats the problem?

Note, i have added those few lines from FAQ which prevent unregistered users from seeing the CPG!

Site: http://www.indianguitartabs.com
CPG: http://www.indianguitartabs.com/igtalbum/
user: testcpg
pass: testcpg

Please check out and let me know the solution!
Also, can anyone help me with the HOTlinking thread of mine? I have posted my .htaccess file, which if uploaded, blocks out all the images from the front page!

REgards,
Zooom...!!

zoomingrocket

I have edited the displayimage.php and index.php and search.php and thumbnails.php files....
and added following code below   require('include/init.inc.php');   :


if (USER_ID){

} else {
{
   $redirect = $redirect . "login.php";
   header("Location: $redirect");

   exit();
        }
}


Is this wats causing the redirection back to index page whenever i dont logon using remember me function in VB 3.0.1??

Please Help...

Regards,
Zooom...!!

Mastacheata

I think your problem is that the board doesn't save cookies without using remember function and so if you leave the board your session ends and you're not logged in anymore, or at least cpg can't read your cookies because they're not up2date.
The only way around this is to either do an own bridge for vb3 whithout cookies and with the session system of vb or you'll have to activate the cookie by setting remember me to checked.

zoomingrocket

Well i dont think so....
I logged off from the board.... cleared all my cookies and temp files and then relogged in without remember me function!

It created the following cookie file:

bblastvisit
1101253401
www.indianguitartabs.com/
1536
2948821632
29749383
1202370432
29675958
*
bblastactivity
1101253401
www.indianguitartabs.com/
1536
3178821632
29749383
1433150432
29675958
*


After which i opened some other site, without logging off from the board... and checked my temp files, the cookie was still there persisted!
But the album could not read it!
Until, i click logoff from the board, the cookie file isnt destroyed!
So i think there is some problem in reading the file by CPG or the compulsion of only registered members viewing the CPG causing the problem...

Anyways, i dont know much in to this, so any help is much appreciated!
Any inputs required would be made available as soon as possible!

REgards,
Zooom...!!

zoomingrocket

And this is the cookie file, which is created when i login with 'Remember Me' function...


bblastvisit
1101253983
www.indianguitartabs.com/
1536
178887040
29749385
2766773136
29675959
*
bblastactivity
1101253983
www.indianguitartabs.com/
1536
368887040
29749385
2919273136
29675959
*
bbuserid
1543
www.indianguitartabs.com/
1536
368887040
29749385
2919273136
29675959
*
bbpassword
4bcab340e2c273271b8c3071b4b64949
www.indianguitartabs.com/
1536
368887040
29749385
2919273136
29675959
*


Hope this helps...

REgards,
Zooom...!!

zoomingrocket

Well after studying both the cookie files,
Its clear that when i login without remember me, there is no bbuserid and bbpassword written in the file!
And hence, the CPG cannot login cos, it authenticates reading those two things from the Cookie file!

But then, how does VB authenticates? Cant we implement the same procedure, so than CPG too reads that Cookie file?

Because, it sounds too unjustified that i have to ask our board members to use 'Remember Me' function for accessing the album, as many surf via Public Terminals....
Help me...

REgards,
Zooom...!!

Nibbler

Quote from: zoomingrocket on November 24, 2004, 01:18:18 AM
But then, how does VB authenticates?

Good question.
If VB was open source I could tell you, but since it is not there is nothing I can do.

zoomingrocket

I am licensed user of VB 3.0.1...

Can i give you some part of its code from the file which does the authentication... for checking what is the problem?

There must be some way out...


REgards,
Zooom...!!

Joachim Müller

Quote from: zoomingrocket on November 24, 2004, 05:49:27 PM
Can i give you some part of its code from the file which does the authentication... for checking what is the problem?
I don't think you're allowed to do so. Just giving the code wouldn't help, Nibbler probably would have to do a test install (which would require him to have a password / valid license number) to check further, which would definitely break the license.
The vb people have not been very helpfull in the past - I have asked them to grant me a free developer license to do a test install on a non-public server just for development purposes - I told them I was project manager here at coppermine, that I wouldn't be using the vb install as a publicly available forum and that added compatibility between coppermine and vb would increase vb's popularity, but they declined. On the one hand I can understand that there probably are many wannabe-developers who ask for free licences, so they have a company policy not give give away free development licenses at all; on the other hand they won't add to their reputation with this behaviour. Bottom line is: if someone asks me what bbs app to use, I'd never ever recommend vb, as there are great open source alternatives (like smf - the software we're using here which is just fantastic btw.) available for free, which can be easier supported and integrated with coppermine.

Joachim