phpBB.de

phpBB.de - Die deutsche phpBB-Community
https://www.phpbb.de/community/

[Problem] mit Password-protected forums 0.5.1

https://www.phpbb.de/community/viewtopic.php?t=51507

Seite 1 von 1

[Problem] mit Password-protected forums 0.5.1

Verfasst: 04.04.2004 18:16
von Masacrime
Moin.
Und zwar mache ich alles, was in der Anleitung steht.
Habe mindestens 4 mal alle Dateien durchgeschaut und trotzdem kein Fehler gefunden.

Wenn ich den Topic it einem Passwort versehen will kommt folgende Meldung:

Couldn't insert row in forums table

DEBUG MODE

SQL Error : 1064 You have an error in your SQL syntax near '0, 0, 0, 0, 0, 1, 1, 3, 3, 1, 1)' at line 2

INSERT INTO phpbb_forums (forum_id, forum_name, cat_id, forum_desc, forum_order, forum_status, forum_password, prune_enable, auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_sticky, auth_announce, auth_vote, auth_pollcreate) VALUES ('14', 'Test', 2, '', 120, 0, 'hoherat' 0, 0, 0, 0, 0, 1, 1, 3, 3, 1, 1)

Line : 408
File : c:\apache\htdocs\phpbb\admin\admin_forums.php

Wo liegt da denn der Fehler?

Gruß,
Masacrime

Verfasst: 04.04.2004 19:05
von Schumi
Poste mal deine admin_forums.php (KB:datei), bzw den Query "INSERT INTO..." bei Zeile 408.

Verfasst: 06.04.2004 12:50
von Masacrime
So. Danke. Das hat sich erledigt.
Jetzt habe ich einen Provider. Der Hack sollte jetzt eigentlich Funktionieren. Tut er aber nicht. Wenn ich alles so mache wie es in der Beschreibung steht kommt folgender Fehler.

Code: Alles auswählen

Template->loadfile(): File /kunden/69304_22587/webseiten/community/templates/subSilver/password_body.tpl for handle body is empty
Leute was ist denn da los. Ich sehe in der Beschreibung auch nicht, dass ich dort etwas reinschreiben soll.
Hier mal die Anleitung:
###############################################
## Hack Title: Password-protected forums
## Hack Version: 0.5.1
## Author: Freakin' Booty ;-P
## Description: Protect a forum from being viewed without a password. A password will have to be entered
## if one wants to enter the forum.
## Compatibility: 2.0.4 - 2.0.6
##
## Installation Level: Easy
## Installation Time: 20 - 25 minutes
## Files To Edit: 9
## posting.php
## search.php
## viewtopic.php
## viewforum.php
## admin/admin_forums.php
## includes/functions.php
## includes/sessions.php
## language/lang_english/lang_main.php
## templates/subSilver/admin/forum_edit_body.tpl
##
## Included Files: 2
## db_update.php
## templates/subSilver/password_body.tpl
##
## History:
## 0.5.1: Added the right password template file to the package.
## 0.5: Added extra security, flushing all passwords when the user logs in / logs out.
## Fixed a major bug, where users can read topics using the search function.
## 0.4: Restructured the code so it is compatible with Password-protected Topics.
## 0.3: Moved the password check until AFTER the auth check. This way, if a user is not auth-ed to view
## a forum, he will not know the forum exists.
## Admins and moderators now see the forum without a password.
## 0.2: Passwords are now stored in md5-format in the cookie.
## 0.1: Initial release
##
## Author Notes:
## - If you have Password-protected Topics already installed, some code will already be present. Be sure
## to use the install file "upgrade from Password-protected Topics x.x".
## Doing the upgrade will also make sure you get the latest version of Password-protected Topics.
## - The cookie for each forum expires after each session. This means users have to supply the password
## every time they visit the board. A session expires when you log in, log out, quit your browser or
## leave the website.
##
## Support: http://www.phpbbhacks.com/forums
## Copyright: ©2003 Password-protected forums 0.5.1 - Freakin' Booty ;-P
##
###############################################
## You downloaded this hack from phpBBHacks.com, the #1 source for phpBB related downloads.
## Please visit http://www.phpbbhacks.com/forums for support.
###############################################
##
###############################################
## This hack is released under the GPL License.
## This hack can be freely used, but not distributed, without permission.
## Intellectual Property is retained by the hack author(s) listed above.
###############################################

#
#-----[ COPY ]--------------------------------------------
#
# Run this file once as administrator and then delete it
#
db_update.php => db_update.php

#
#-----[ COPY ]--------------------------------------------
#
# Make sure to create a similar file for every template installed
#
templates/subSilver/password_body.tpl => templates/subSilver/password_body.tpl

#
#-----[ OPEN ]--------------------------------------------
#
posting.php

#
#-----[ FIND ]--------------------------------------------
#
//
// Set toggles for various options
//

#
#-----[ BEFORE, ADD ]-------------------------------------
#
//
// Password check
//
if( !$is_auth['auth_mod'] && $userdata['user_level'] != ADMIN )
{
$redirect = str_replace("&", "&", preg_replace('#.*?([a-z]+?\.' . $phpEx . '.*?)$#i', '\1', htmlspecialchars($HTTP_SERVER_VARS['REQUEST_URI'])));
if( $HTTP_POST_VARS['cancel'] )
{
redirect(append_sid("index.$phpEx"));
}
else if( $HTTP_POST_VARS['pass_login'] )
{
if( $post_info['topic_password'] != '' )
{
password_check('topic', $topic_id, $HTTP_POST_VARS['password'], $redirect);
}
else if( $post_info['forum_password'] != '' )
{
password_check('forum', $forum_id, $HTTP_POST_VARS['password'], $redirect);
}
}

if( $post_info['topic_password'] != '' && $mode != 'newtopic' )
{
$passdata = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_tpass']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_tpass'])) : '';
if( $passdata[$topic_id] != md5($post_info['topic_password']) )
{
password_box('topic', $redirect);
}
}
else if( $post_info['forum_password'] != '' )
{
$passdata = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_fpass']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_fpass'])) : '';
if( $passdata[$forum_id] != md5($post_info['forum_password']) )
{
password_box('forum', $redirect);
}
}
}
//
// END: Password check
//

#
#-----[ OPEN ]--------------------------------------------
#
search.php

#
#-----[ FIND ]--------------------------------------------
#
$auth_sql = '';
if ( $search_forum != -1 )
{
$is_auth = auth(AUTH_READ, $search_forum, $userdata);

if ( !$is_auth['auth_read'] )

#
#-----[ REPLACE WITH ]------------------------------------
#
$passdata = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_fpass']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_fpass'])) : '';

$auth_sql = '';
if ( $search_forum != -1 )
{
$is_auth = auth(AUTH_ALL, $search_forum, $userdata);

$has_access = true;
if( !$is_auth['auth_mod'] && $userdata['user_level'] != ADMIN )
{
$sql = "SELECT forum_password FROM " . FORUMS_TABLE . " WHERE forum_id = " . $search_forum;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not retrieve forum password information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);

if( $row['forum_password'] != '' && $passdata[$key] != md5($row['forum_password']) )
{
$has_access = false;
}
}

if ( !$is_auth['auth_read'] || !$has_access )

#
#-----[ FIND ]--------------------------------------------
#
$is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $userdata);

if ( $search_cat != -1 )
{

#
#-----[ REPLACE WITH ]------------------------------------
#
$is_auth_ary = auth(AUTH_ALL, AUTH_LIST_ALL, $userdata);

if ( $search_cat != -1 )
{

#
#-----[ FIND ]--------------------------------------------
#
$ignore_forum_sql = '';
while( list($key, $value) = each($is_auth_ary) )
{
if ( !$value['auth_read'] )

#
#-----[ REPLACE WITH ]------------------------------------
#
$ignore_forum_sql = '';
while( list($key, $value) = each($is_auth_ary) )
{
$has_access = true;
if( !$is_auth['auth_mod'] && $userdata['user_level'] != ADMIN )
{
$sql = "SELECT forum_password FROM " . FORUMS_TABLE . " WHERE forum_id = " . $key;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not retrieve forum password information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);

if( $row['forum_password'] != '' && $passdata[$key] != md5($row['forum_password']) )
{
$has_access = false;
}
}

if ( !$value['auth_read'] || !$has_access )

#
#-----[ OPEN ]--------------------------------------------
#
viewforum.php

#
#-----[ FIND ]--------------------------------------------
#
//
// End of auth check
//

#
#-----[ AFTER, ADD ]--------------------------------------
#
//
// Password check
//
if( !$is_auth['auth_mod'] && $userdata['user_level'] != ADMIN )
{
$redirect = str_replace("&", "&", preg_replace('#.*?([a-z]+?\.' . $phpEx . '.*?)$#i', '\1', htmlspecialchars($HTTP_SERVER_VARS['REQUEST_URI'])));

if( $HTTP_POST_VARS['cancel'] )
{
redirect(append_sid("index.$phpEx"));
}
else if( $HTTP_POST_VARS['pass_login'] )
{
if( $forum_row['forum_password'] != '' )
{
password_check('forum', $forum_id, $HTTP_POST_VARS['password'], $redirect);
}
}

$passdata = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_fpass']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_fpass'])) : '';
if( $forum_row['forum_password'] != '' && ($passdata[$forum_id] != md5($forum_row['forum_password'])) )
{
password_box('forum', $redirect);
}
}
//
// END: Password check
//

#
#-----[ OPEN ]--------------------------------------------
#
viewtopic.php

#
#-----[ FIND ]--------------------------------------------
#
$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments" . $count_sql . "

#
#-----[ INLINE, FIND ]------------------------------------
#
, f.forum_status

#
#-----[ AFTER, ADD ]--------------------------------------
#
, f.forum_password

#
#-----[ FIND ]--------------------------------------------
#
$topic_time = $forum_topic_data['topic_time'];

#
#-----[ AFTER, ADD ]--------------------------------------
#
//
// Password check
//
if( !$is_auth['auth_mod'] && $userdata['user_level'] != ADMIN )
{
$redirect = str_replace("&", "&", preg_replace('#.*?([a-z]+?\.' . $phpEx . '.*?)$#i', '\1', htmlspecialchars($HTTP_SERVER_VARS['REQUEST_URI'])));

if( $HTTP_POST_VARS['cancel'] )
{
redirect(append_sid("index.$phpEx"));
}
else if( $HTTP_POST_VARS['pass_login'] )
{
if( $forum_topic_data['topic_password'] != '' )
{
password_check('topic', $topic_id, $HTTP_POST_VARS['password'], $redirect);
}
else if( $forum_topic_data['forum_password'] != '' )
{
password_check('forum', $forum_id, $HTTP_POST_VARS['password'], $redirect);
}
}

if( $forum_topic_data['topic_password'] != '' )
{
$passdata = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_tpass']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_tpass'])) : '';
if( $passdata[$topic_id] != md5($forum_topic_data['topic_password']) )
{
password_box('topic', $redirect);
}
}
else if( $forum_topic_data['forum_password'] != '' )
{
$passdata = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_fpass']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_fpass'])) : '';
if( $passdata[$forum_id] != md5($forum_topic_data['forum_password']) )
{
password_box('forum', $redirect);
}
}
}
//
// END: Password check
//

#
#-----[ OPEN ]--------------------------------------------
#
admin/admin_forums.php

#
#-----[ FIND ]--------------------------------------------
#
if( !empty($mode) )
{
switch($mode)
{

#
#-----[ BEFORE, ADD ]-------------------------------------
#
if( !empty($HTTP_POST_VARS['password']) )
{
if( !preg_match("#^[A-Za-z0-9]{3,20}$#si", $HTTP_POST_VARS['password']) )
{
message_die(GENERAL_MESSAGE, $lang['Only_alpha_num_chars']);
}
}

#
#-----[ FIND ]--------------------------------------------
#
$forumstatus = $row['forum_status'];

#
#-----[ AFTER, ADD ]--------------------------------------
#
$forum_password = $row['forum_password'];

#
#-----[ FIND ]--------------------------------------------
#
$forumstatus = FORUM_UNLOCKED;

#
#-----[ AFTER, ADD ]--------------------------------------
#
$forum_password = '';

#
#-----[ FIND ]--------------------------------------------
#
'L_FORUM_STATUS' => $lang['Forum_status'],

#
#-----[ AFTER, ADD ]--------------------------------------
#
'L_PASSWORD' => $lang['Forum_password'],

#
#-----[ FIND ]--------------------------------------------
#
'FORUM_NAME' => $forumname,

#
#-----[ AFTER, ADD ]--------------------------------------
#
'FORUM_PASSWORD' => $forum_password,

#
#-----[ FIND ]--------------------------------------------
#
$sql = "INSERT INTO " . FORUMS_TABLE . " (forum_id, forum_name, cat_id, forum_desc, forum_order, forum_status, prune_enable" . $field_sql . ")
VALUES ('" . $next_id . "', '" . str_replace("\'", "''", $HTTP_POST_VARS['forumname']) . "', " . intval($HTTP_POST_VARS[POST_CAT_URL]) . ", '" . str_replace("\'", "''", $HTTP_POST_VARS['forumdesc']) . "', $next_order, " . intval($HTTP_POST_VARS['forumstatus']) . ", " . intval($HTTP_POST_VARS['prune_enable']) . $value_sql . ")";

#
#-----[ INLINE, FIND ]------------------------------------
#
, forum_status

#
#-----[ AFTER, ADD ]--------------------------------------
#
, forum_password

#
#-----[ INLINE, FIND ]------------------------------------
#
, " . intval($HTTP_POST_VARS['forumstatus']) . "

#
#-----[ AFTER, ADD ]--------------------------------------
#
, '" . str_replace("\'", "''", $HTTP_POST_VARS['password']) . "'

#
#-----[ FIND ]--------------------------------------------
#
$sql = "UPDATE " . FORUMS_TABLE . "
SET forum_name = '" . str_replace("\'", "''", $HTTP_POST_VARS['forumname']) . "', cat_id = " . intval($HTTP_POST_VARS[POST_CAT_URL]) . ", forum_desc = '" . str_replace("\'", "''", $HTTP_POST_VARS['forumdesc']) . "', forum_status = " . intval($HTTP_POST_VARS['forumstatus']) . ", prune_enable = " . intval($HTTP_POST_VARS['prune_enable']) . "

#
#-----[ INLINE, FIND ]------------------------------------
#
, forum_status = " . intval($HTTP_POST_VARS['forumstatus']) . "

#
#-----[ AFTER, ADD ]--------------------------------------
#
, forum_password = '" . str_replace("\'", "''", $HTTP_POST_VARS['password']) . "'

#
#-----[ OPEN ]--------------------------------------------
#
includes/functions.php

#
#-----[ FIND ]--------------------------------------------
#
?>

#
#-----[ BEFORE, ADD ]-------------------------------------
#
//
// Password-protected topics/forums
//
function password_check ($mode, $id, $password, $redirect)
{
global $db, $template, $theme, $board_config, $lang, $phpEx, $phpbb_root_path, $gen_simple_header;
global $userdata;
global $HTTP_COOKIE_VARS;

$cookie_name = $board_config['cookie_name'];
$cookie_path = $board_config['cookie_path'];
$cookie_domain = $board_config['cookie_domain'];
$cookie_secure = $board_config['cookie_secure'];

switch($mode)
{
case 'topic':
$sql = "SELECT topic_password AS password FROM " . TOPICS_TABLE . " WHERE topic_id = $id";
$passdata = ( isset($HTTP_COOKIE_VARS[$cookie_name . '_tpass']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookie_name . '_tpass'])) : '';
$savename = $cookie_name . '_tpass';
break;
case 'forum':
$sql = "SELECT forum_password AS password FROM " . FORUMS_TABLE . " WHERE forum_id = $id";
$passdata = ( isset($HTTP_COOKIE_VARS[$cookie_name . '_fpass']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookie_name . '_fpass'])) : '';
$savename = $cookie_name . '_fpass';
break;
default:
$sql = '';
$passdata = '';
}

if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not retrieve password', '', __LINE__, __FILE__, $sql);
}

$row = $db->sql_fetchrow($result);
if( $password != $row['password'] )
{
$message = ( $mode == 'topic' ) ? $lang['Incorrect_topic_password'] : $lang['Incorrect_forum_password'];
message_die(GENERAL_MESSAGE, $message);
}

$passdata[$id] = md5($password);
setcookie($savename, serialize($passdata), 0, $cookie_path, $cookie_domain, $cookie_secure);

$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3; url="' . $redirect . '" />'
)
);

$message = $lang['Password_login_success'] . '<br /><br />' . sprintf($lang['Click_return_page'], '<a href="' . $redirect . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}

function password_box ($mode, $s_form_action)
{
global $db, $template, $theme, $board_config, $lang, $phpEx, $phpbb_root_path, $gen_simple_header;
global $userdata;

$l_enter_password = ( $mode == 'topic' ) ? $lang['Enter_topic_password'] : $lang['Enter_forum_password'];

$page_title = $l_enter_password;
include($phpbb_root_path . 'includes/page_header.'.$phpEx);

$template->set_filenames(array(
'body' => 'password_body.tpl'
)
);

$template->assign_vars(array(
'L_ENTER_PASSWORD' => $l_enter_password,
'L_SUBMIT' => $lang['Submit'],
'L_CANCEL' => $lang['Cancel'],

'S_FORM_ACTION' => $s_form_action
)
);

$template->pparse('body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}

#
#-----[ OPEN ]--------------------------------------------
#
includes/sessions.php

#
#-----[ FIND ]--------------------------------------------
#
setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);

#
#-----[ AFTER, ADD ]--------------------------------------
#
setcookie($cookiename . '_fpass', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);

#
#-----[ FIND ]--------------------------------------------
#
setcookie($cookiename . '_data', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);

#
#-----[ AFTER, ADD ]--------------------------------------
#
setcookie($cookiename . '_fpass', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);

#
#-----[ OPEN ]--------------------------------------------
#
# Make sure to edit this file for every language installed
#
language/lang_english/lang_main.php

#
#-----[ FIND ]--------------------------------------------
#
//
// That's all, Folks!
// -------------------------------------------------

#
#-----[ BEFORE, ADD ]-------------------------------------
#
//
// Password-protected forums
//
$lang['Forum_password'] = 'Forum password';
$lang['Enter_forum_password'] = 'Enter forum password';
$lang['Incorrect_forum_password'] = 'Incorrect forum password';
$lang['Password_login_success'] = 'Password login was successfull';
$lang['Click_return_page'] = 'Click %sHere%s to return to the page';
$lang['Only_alpha_num_chars'] = 'The password must be between 3-20 characters and can only contain alphanumeric characters (A-Z, a-z, 0-9).';

#
#-----[ OPEN ]--------------------------------------------
#
# Make sure to edit this file for every template installed
#
templates/subSilver/admin/forum_edit_body.tpl

#
#-----[ FIND ]--------------------------------------------
#
<tr>
<td class="row1">{L_FORUM_STATUS}</td>
<td class="row2"><select name="forumstatus">{S_STATUS_LIST}</select></td>
</tr>

#
#-----[ AFTER, ADD ]--------------------------------------
#
<tr>
<td class="row1">{L_PASSWORD}</td>
<td class="row2"><input type="text" name="password" value="{FORUM_PASSWORD}" size="30" maxlength="20" /></td>
</tr>

#
#-----[ SAVE & CLOSE ALL FILES ]--------------------------
#
Ich weiss es echt nicht. Dabei waren Hack immer so einfach zu machen.
Kann mir da jemand helfen, oder Tipps geben?

Gruß,
Masacrime

Verfasst: 07.04.2004 08:16
von Masacrime
Wer lesen kann ist klar im Vorteil.
Natürlich funktioniert das jetzt. Ich depp ich.
Sorry nochmal.
Also ich bib fertig damit. Kann also geschlossen werden oder was auch immer.

Danke,
Masacrime
Alle Zeiten sind UTC+02:00
Seite 1 von 1

Powered by phpBB® Forum Software © phpBB Limited

Deutsche Übersetzung durch phpBB.de