You are not logged in. Please login or register.
PunBB Forums → Programming → Cookie values
Am I correct in the assumption that when logged in, the cookie stores the uid and password, but when browsing as guest it just stores the uid of guest, or am I way off the mark again? 
I'm now getting onto the point of the actual question. Is there any way to store the group_id in the cookie and keep it intact whether the user is browsing as guest or logged in?
Cheers,
Matt
Think I may have figured this one. 
Just wanting to check on a couple of points, however. Firstly, will calling this each time from header.php lead to performance/load problems at all? Is there a better way to do it? The cookie settings don't appear to be available from within header.php by default, or have I missed something?
if ($pun_user['is_guest'] && isset($_COOKIE[$cookie_name]))
{
list(, , $header['group_id']) = @unserialize($_COOKIE[$cookie_name]);
}Also could I just check that I haven't cocked anything up with these changes. These are all the instances I've changed with regards to the cookie settings:
include/functions.php: $cookie = array('user_id' => 1, 'password_hash' => 'Guest', 'group_id' => '3');
include/functions.php: list($cookie['user_id'], $cookie['password_hash'], $cookie['group_id']) = @unserialize($_COOKIE[$cookie_name]);
include/functions.php: pun_setcookie(0, random_pass(8), 3, $expire);
include/functions.php:function pun_setcookie($user_id, $password_hash, $group_id, $expire)
include/functions.php: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash), $group_id)), $expire, $cookie_path, $cookie_domain, $cookie_secure, true);
include/functions.php: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash), $group_id)), $expire, $cookie_path.'; HttpOnly', $cookie_domain, $cookie_secure);
login.php: pun_setcookie($user_id, $form_password_hash, $group_id, $expire);
login.php: pun_setcookie(1, random_pass(8), $pun_user['g_id'], time() + 31536000);
profile.php: pun_setcookie($pun_user['id'], $new_password_hash, $pun_user['g_id'], $expire);
profile.php: pun_setcookie($id, $db->result($result), $pun_user['g_id'], ($form['save_pass'] == '1') ? time() + 31536000 : 0);
register.php: pun_setcookie($new_uid, $password_hash, $initial_group_id, ($save_pass != '0') ? $now + 31536000 : 0);Btw, just on a slight sidetrack, is there any reason other than a propogated mis-spell that $initial_group_id is actually set as $intial_group_id, originally?
Thanks again,
Matt
Why not just use $pun_user['g_id']?
No, it's always available.
But is not the group_id that of the guest group, (3), once they log out? I initially tried it using $pun_user['g_id'] and once logged out, they never triggered the scripts gid check.
No, it's always available.
You had me worried there for awhile. I thought I'd overlooked something blindingly obvious, (again), and done all that alteration for nowt.
Had a look at my first post and realised it was a tad scant on description. The reason for this is so that I can track the users actual group rather than just pulling the guest gid if they're not logged in, so that a script can do it's work regardless of their online status. Double checked the pun_user gid just to be certain. Is the cookie, therefore, the best way to achieve that end? It seems to be working fine on test, but obviously, if there's a better method I've overlooked. Btw, none of those cookie alterations will have a detrimental effect on anything will they, if that is the only method?
Thanks once again.
Matt
I'm confused, if someone logs out how can you track them? The cookie is set back to the guest cookie.
And why would you want to? Since anyone could put any ID there and you would have no way to authenticate it, what would you use it for?
I'm confused, if someone logs out how can you track them? The cookie is set back to the guest cookie.
And why would you want to? Since anyone could put any ID there and you would have no way to authenticate it, what would you use it for?
It's not for tracking per se, more for annoying. I've altered the set_cookie function to add the users group when the cookie is created, as in that modified code I posted above. It's to work in conjunction with a script which literally screws up their forum browsing, (for wont of a better description), in a random'ish fashion. Which is why I wanted the consistency whether they are logged in or not. I would prefer for the penny not to drop, if possible.
And why, might you ask? It's an alternative to outright banning. It's intended to keep their account active so they can still log in and do everything else, but to just annoy the hell out of them through induced time lags, redirections, blank pages and error pages. It's for those special cases where the user would merely create another account if they were banned, so rather than doing a daily/weekly/fortnightly banning session on them when they see fit to have another trolling session, it's to try and deter them from coming online by more subtle means. Sad, I know, but what can I say?
Annoy the hell out of unwanted visitors? I like it
Oh, like the Miserable Users mod?
http://www.vbulletin.org/forum/showthread.php?t=121886
Good idea 
Glad to see I'm not the only one with a warped sense of humour.
It was that miserable users mod for VB which set me off on the idea.
Here's the code, (kept as basic as humanly possible), for it.
The first file, include/annoy_arrays.php
<?php
// Get a random number to decide what we are going to do
$randnum = rand(1, 30);
// Get delay time for page loads/redirects
$delay = rand(1, 30);
// Redirect to another page/site settings
$rdirtrue = array(8, 13, 15);
$rdirnum = rand(1, 3);
$rdir_array = array();
$rdir_array[1] = 'help.php';
$rdir_array[2] = 'index.php';
$rdir_array[3] = 'forums.php';
// Error settings
$errortrue = array(1, 6, 23);
// Blank page settings
$blanktrue = array(2, 11, 19, 26);
// Generic load delay setting
$delaytrue = array(9, 16, 27);
?>The second file, annoy.php
<?php
define('PUN_ROOT', './');
include PUN_ROOT.'include/annoy_arrays.php';
if (in_array($randnum, $rdirtrue))
{
sleep($delay);
header("Location: $rdir_array[$rdirnum]");
}
else if (in_array($randnum, $errortrue))
{
sleep($delay);
?>
<style type="text/css">
.middle {
text-align: center;
}
</style>
</head>
<body>
<div class="block">
<h2><span>Error</span></h2>
<div class="box">
<div class="inbox">
<p class="middle"><b>Page not found</b></p>
</div>
</div>
</div>
</body>
</html>
<?php
exit;
}
else if (in_array($randnum, $blanktrue))
{
?>
</head>
<body>
<div class="clearer"></div>
</body>
</html>
<?php
exit;
}
else if (in_array($randnum, $delaytrue))
{
sleep($delay);
}
?>The code to be inserted in header.php if the cookie alterations above are used:
// Which group id's will have the annoy script called
$annoy_array = array(6);
if ($pun_user['is_guest'] && isset($_COOKIE[$cookie_name]))
{
list(, , $header['group_id']) = @unserialize($_COOKIE[$cookie_name]);
}
if (isset($annoy_array) && (in_array($pun_user['g_id'], $annoy_array) || in_array(intval($header['group_id']), $annoy_array)))
{
require_once PUN_ROOT.'annoy.php';
}The code to be inserted in header.php without the cookie alterations above:
// Which group id's will have the annoy script called
$annoy_array = array(6);
if (isset($annoy_array) && in_array($pun_user['g_id'], $annoy_array))
{
require_once PUN_ROOT.'annoy.php';
}PunBB Forums → Programming → Cookie values
Powered by PunBB, supported by Informer Technologies, Inc.