1 (edited by Limerick 2005-01-23 21:26)

Topic: Coding .htaccess

Hello all,

I've a website (made with DAlbum) : www.mywebsite.com

From this website, I've a forum (made with PunBB) which URL is www.mywebsite.com/forum/index.php

As many forums, there's a refresh page after posting or logging... etc .This redirection or Refresh page contains this code which I name "Meta Refresh" (to be more simple).

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="refresh" content="5;URL=http://www.mywebsite.com/forum/index.php" />

But, I want that only people invited to the website (which has a logging page) can access to the forum.

So I use the following .htaccess :

SetEnvIfNoCase Referer "^http://www.mywebsite.com/" local_ref=1
Order deny,allow
deny from all
allow from env=local_ref

This works fine, but the "Meta Refresh" code seems to be not accepted by the .htaccess, and so, when appears a redirecting page, I get an Error 403.

But if I click on the proposed link because I don't want to wait for the automatic redirection, I have no problem.

This is why I suppose the problem comes from the "Meta Refresh" which seems to be not recognized by the .htaccess.

So my question is : how can I write the .htaccess in order to allow the "Meta Refresh" to be recognized as coming from mywebsite.com ?

Maybe something looking like :

SetEnvIfNoCase Referer "^http://www.mywebsite.com/" local_ref=1
SetEnvIfNoCase Referer "Meta Refresh" local_ref=1
Order deny,allow
deny from all
allow from env=local_ref

Of course, this is not the answer, but it's just to show what I'm looking for...

I don't know anything about coding in general, and about .htaccess in particular, so if someone could help me, it would be very kind.

Thank you very much,

Lim

PS : as you can guess, english is not my mother language, so sorry if I'm not very clear...  yikes

Re: Coding .htaccess

sorry i don't know the answer but... why have you just started a new topic the same as http://punbb.org/forums/viewtopic.php?id=5940 ?

Re: Coding .htaccess

I honestly have no idea, but I just wanted to tell you that relying on HTTP_REFERER is a bad idea. A lot of people use proxies, firewalls and "Internet security programs" that strip out or replace HTTP_REFERER. For example, anyone using Norton Internet Security (and that's quite a few people) will be unable to enter your forums.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Coding .htaccess

a different way to do it could be - on your homepage you could set a session then in common.php of the forum check for the session and if its not there display whatever you want

Re: Coding .htaccess

Yes Connorhd, I started a new topic because I discovered where the problem was coming from (the "Meta Refresh"), and as I thought my question was not so simple to understand, I rather start a new topic.
Sorry, if I did something bad.

Thank you Rickard for your answer.
What I use to like in the .htaccess was that it a simple file to modify (not so easy obviously...) to reach my goal.

So, is there such an easy way (one file on server) to allow access to PunBB forum only for people previously invited to my website ?

Re: Coding .htaccess

what is the URL of the meta refresh page?

Re: Coding .htaccess

Connorhd wrote:

what is the URL of the meta refresh page?

If I well understand your question, this is the one below (after logging, but after posting it will be different...)

<meta http-equiv="refresh" content="5;URL=http://www.mywebsite.com/forum/index.php" />

Re: Coding .htaccess

no what is the URL of the page that has that in its source

9 (edited by Limerick 2005-01-23 22:09)

Re: Coding .htaccess

Oh ok, sorry.

This is for this page : www.mywebsite.com/forum/login.php?action=in

(It's why I thouht in the other topic that the problem was coming from .php?)

But the URL will be different after posting, sending e-mail, logout or whatever needing a refresh, no ?

Re: Coding .htaccess

try

try SetEnvIfNoCase Referer "^http://.*mywebsite.com.*$" local_ref=1

Re: Coding .htaccess

No it doesn't work... sad
I still have an Error 403 page as redirected.

But this that kind of thing I'm looking for.

Re: Coding .htaccess

can i have a link to your site so i can see it?

Re: Coding .htaccess

In fact, the matter is not with the site, but with the redirecting page of PunBB forum.

On the site, there's just a "normal" link to the forum : www.mywebsite.com/forum/index.php

14

Re: Coding .htaccess

It's incredible the lot of people who don't want to show their stuff on the web but ask very annoying questions ...

To help YOU, WE HAVE TO see your work ... unless you have something to hide ?

Re: Coding .htaccess

Rod wrote:

It's incredible the lot of people who don't want to show their stuff on the web but ask very annoying questions ...

To help YOU, WE HAVE TO see your work ... unless you have something to hide ?

Hello Rod,

Thanks for your support.
I've nothing to hide, of course, unless my private life and the one of my relatives.

I think, for sure, that after sharing a beer with you and talking about many things important to you and me, I would be very pleased to let you come in my personnal life.

But, unfortunatly, this is not possible for the moment and I hope this will be enough to give you an idea of the problem :

This is the index.php page of the site.

<?php
/*
    This file is a part of DAlbum.  Copyright (c) 2003 Alexei Shamov, DeltaX Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/


    if (!defined("DALBUM_ROOT"))
        define("DALBUM_ROOT",".");
    if (!defined("DALBUM_BROWSERROOT"))
        define("DALBUM_BROWSERROOT","");

    define("DALBUM_INDEX_PAGE","1");

    require_once(DALBUM_ROOT . "/include/md5crypt.php");
    require_once(DALBUM_ROOT . "/include/functions.php");
    require_once(file_exists(DALBUM_ROOT."/config/config.php")?DALBUM_ROOT."/config/config.php":DALBUM_ROOT."/include/config.php");
    require_once(DALBUM_ROOT."/include/conffix.php");
    require_once(DALBUM_ROOT."/include/createhta.php");
    require_once(DALBUM_ROOT."/include/createini.php");
    require_once(DALBUM_ROOT."/include/album.php");
    require_once(DALBUM_ROOT."/include/timer.php");

    // Include custom functions
    if (file_exists(DALBUM_ROOT . "/config/custom.php"))
        include_once(DALBUM_ROOT . "/config/custom.php");
    elseif (file_exists(DALBUM_ROOT . "/include/custom.php"))
        include_once(DALBUM_ROOT . "/include/custom.php");

    if ($g_bGZip)
        ob_start("ob_gzhandler");

    // Start timer
    $timer=new CTimer();
    $timer->start();

    remove_bloody_magic_quotes();

    // Start session and get current user name
    $sUserName=StartSessionAndGetUserName('private; must-revalidate');

    if (function_exists('everypageCallback'))
        everypageCallback($sUserName);

    // Load tree from archive
    $albRoot=&CAlbum::CreateFromArchive();
    if (empty($albRoot))
    {
        $albRoot=createAlbum();
        $albRoot->m_sFolder='/';
        $albRoot->m_sTitle='Empty';
        $albRoot->m_bPrivate=false;
    }
    $albRoot->SetAccess($sUserName);

    global $g_sCharset;

    // Check if we are in administration mode
    $bAdminMode=isAdminMode($sUserName);

    // Count images and albums available to the logged-on user
    $nTotalAlbums=0;
    $nTotalImages=0;
    {
        $queue=array();
        $queue[]=&$albRoot;
        $queueptr=0;

        while ($queueptr<count($queue))
        {
            $a=&$queue[$queueptr++];
            if (empty($a) || $a->m_bPrivate)
                continue;

            $nTotalImages+=$a->m_nImages;
            if ($a->m_nImages)
                $nTotalAlbums++;

            for ($i=0;$i<count($a->m_arrContents);++$i)
                if (!$a->m_arrContents[$i]->IsImage())
                    $queue[]=&$a->m_arrContents[$i];
        }
        unset($queue);
        unset($queueptr);
    }

    // Determine which album to show
    $sAlbFolder="";
    if (isset($_GET['folder']))
        $sAlbFolder=$_GET['folder'];

    unset($album);
    if (!empty($sAlbFolder))
        $album=&$albRoot->FindAlbum($sAlbFolder);
    if (empty($album))
        $album=&$albRoot->FindDefaultAlbum($sUserName);

    if (empty($album))
    {
        if (empty($albRoot))
            $albRoot=createAlbum();

        $album=&$albRoot;
    }

    // If the album we are looking for is disabled, go to logon page
    if ($album->m_bPrivate)
    {
        dalbum_relocate(translateRef("login.php?url=" . encodeCurrentLocation()));
        return;
    }

    // Load album images and comments
    $album->LoadImages();
    $album->LoadDetails();
    $album->BeforeDisplay();

    // Top navigation bar
    $navBar=dalbumBeginToolbar("index");

        // Display logon button or user name
    if (empty($sUserName))
        {
        if ($g_bShowLoginButton)
            $navBar.= getButton('login',translateRef("login.php?url=" . encodeCurrentLocation()),$lang['loginBtn'],$lang['loginBtnTitle'],0);
    }
    else
    {
        $navBar.= "<span class=\"username\">{$lang['indexUsername']} $sUserName  </span>";

        if ($g_bShowLoginButton && !$g_bHTTPAuth)
            $navBar.= getButton('logout',translateRef("logout.php"),$lang['logoutBtn'],$lang['logoutBtnTitle'],0);
    }
    

    // If we have admin rights - show Reindex button
    if ($bAdminMode)
    {
        $navBar.= getButton('reindex',translateRef('reindex.php'),$lang['reindexBtn'],$lang['reindexBtnTitle'],2);
    }

    // If we are root admin - show password management
    if ($bAdminMode==2)
    {
        if ($g_bShowUserManagerButton)
            $navBar.= getButton('usrmgr',translateRef('pass.php'),$lang['usrmgrBtn'],$lang['usrmgrBtnTitle'],2);
    }

    $btn1=js_escape(getButton('fullscreen','javascript:dalbum_fullScreen();',$lang['fullScreenBtn'], $lang['fullScreenBtnTitle'], 2));
    $btn2=js_escape(getButton('closewindow','javascript:window.close();',$lang['closeWindowBtn'], $lang['closeWindowBtnTitle'], 2));

    if ($g_bShowFullScreenButton)
    {
        $navBar.= <<<END
<script type="text/javascript">
//<!--
    dalbum_writeFullScreen('$btn1','$btn2');
//-->
</script>
END;

/*-------------------------------------------------------------------------------------
Just below, the link to the forum ;)
---------------------------------------------------------------------------------------*/


$nSpacer=2;
    }
    
    {
            $navBar.= getButton("Forum","http://www.mywebsite.com/forum/index.php","Forum","Access to the Forum",$nSpacer,"_blank",false);
            $nSpacer=2;
    }
    
    
    
    $navBar.=dalbumEndToolbar("index");

    // Generate tree javascript code
    $sTreeJS ="d=new dTree('d');\n";
    $sTreeJS.="d.config.useCookies=false;";
    $sTreeJS.="d.config.useLines=" . ($g_bShowTreeLines?'true':'false') . ";\n";
    $sTreeJS.="d.config.closeSameLevel=true;\n";
    $sTreeJS.="d.config.inOrder=true;";
    $sTreeJS.="d.icondir='" . DALBUM_BROWSERROOT . "images/';";

    $jumpTo= translateRef('index.php?folder=' . quoteurl($album->m_sFolder));
    $n=$albRoot->CreateTreeElemCode($sTreeJS,'index.php',-1,$jumpTo,0);

    if ($albRoot->m_bPrivate)
    {
        $sTreeJS.="d.add(0,-1,'" . $lang['noPublicImages'] . "\',\'" . translateRef('login.php') . "\',\'\',\'\',\'\');\n";
        $sTreeJS.="d.icon.root=\'info.gif\';\n";
    }
    $sTreeJS.="d.selectedNode=$n;\n";

    //$sTreeJS.="var a=d.toString(); a=a.replace(/</gi,'<');a=a.replace(/>/gi,'>');document.write(a);";
    $sTreeJS.="document.write(d);";
    if ($n!=-1)
        $sTreeJS.="d.openTo($n,true);";

    // Generate page footer
    $sFooter='<div style="float:left;">';
    $sFooter.=strtr($lang['statusLeft'],
                 array( '#TotalImages#' => $nTotalImages,
                        '#TotalAlbums#' => $nTotalAlbums) );
    $sFooter.='</div><div style="float:right;" >';
    $sFooter.=strtr( $lang['statusRight'],
                    array('#elapsed#' => round($timer->gettime(),3)));
    $sFooter.='</div>';

    // Prepare template arguments
    $_template=array();
    $_template['Title']=$albRoot->GetTitle();
    $_template['RootAlbumTitle']=$albRoot->GetTitle();
    $_template['NavigationBar']=$navBar;

    if (function_exists("customIndexPageHeader"))
    {
        $_template['CustomHeader']="";
        ob_start("CustomHeaderCallback");
        customIndexPageHeader($albRoot->GetTitle(), $navBar, $albRoot);
        ob_end_flush();
    }

    $_template['TreeJavascriptCode']=$sTreeJS;

    // Create album header and views
    GenerateAlbumHeaderAndThumbView($album,$bAdminMode,
                                    $_template['AlbumHeader'],
                                    $_template['ThumbView']);

    // minimum width of ThumbView
    $_template['ThumbViewWidth']=$g_nMinThumbViewWidth;

    $_template['PageFooter']=$sFooter;
    $_template['HeadJavascript']='function dalbum_onload() { dalbum_loadFailedImages(); }';
    $_template['EndPageJavascript']='dalbum_setHideFocus();';
    $_template['Head']="<META name=\"GENERATOR\" content=\"DAlbum $g_sVersion (c) 2003 DeltaX Inc. (www.delx.ca/dalbum)\">\n";


    // Include template
    if (file_exists(DALBUM_ROOT."/config/t_index.php"))
        require(DALBUM_ROOT."/config/t_index.php");
    else
        require(DALBUM_ROOT."/include/t_index.php");

    if ($g_bGZip)
        ob_end_flush();
    return;


function GenerateAlbumHeaderAndThumbView(&$a, $bAdminMode, &$sAlbHeader, &$sThumbView)
{
    global $lang;
    global $g_nPicturesPerPage,$g_nColumnsPerPage,$g_sThumbnailXSize;

    $im=array();

    for ($i=0;$i<count($a->m_arrContents);++$i)
        if ($a->m_arrContents[$i]->IsImage() || !$a->m_arrContents[$i]->m_bPrivate)
            $im[]=$a->m_arrContents[$i];
    $count=count($im);

    // Print album header
    $title=$a->GetTitle();
    if (empty($title))
        $title=" ";

    $sAlbHeader="";
    $sAlbHeader.="<span class=\"title\">$title</span>";

    if (!empty($a->m_sDate))
        $sAlbHeader.="<span class=\"date\">  (" . quotehtml($a->m_sDate) . ")</span>";

    if ($bAdminMode && !empty($a->m_sFolder))
    {
        $sAlbHeader.="   ";
        $filename=quoteurl($a->m_sFolder);
        $sAlbHeader.="<span class=\"navigationBar\" id=\"albCommands\">";
        $sAlbHeader.=dalbumBeginToolbar("albCommands");
        $sAlbHeader.=getButton('editdef',translateRef("editini.php?album=$filename&url=".encodeCurrentLocation()),$lang['editDefBtn'],$lang['editDefBtnTitle'],0);
        $sAlbHeader.=dalbumEndToolbar("albCommands");
        $sAlbHeader.="</span>";
    }

    // Print album comment
    $cmt=$a->GetHTMLComment();
    if (!empty($cmt))
    {
        $sAlbHeader.= "<table width=\"99%\" border=0 cellspacing=0 cellpadding=0><tr><td style=\"width:100%;\"><div class=\"comnt\">$cmt</div></td></tr></table>";
    }

    // Which page to display
    $nPage=0;
    if (isset($_GET['page']))
        $nPage=@$_GET['page'];

    // Display pages and current page
    $href=translateRef("index.php?folder=".quoteurl($a->m_sFolder));
    $nPages=(int)(($count+$g_nPicturesPerPage-1)/$g_nPicturesPerPage);
    if ($nPage>=$nPages)
        $nPage=max(0,$nPages-1);

    $begin=$nPage*$g_nPicturesPerPage;
    if ($begin>=$count)
        $begin=$count-1;
    $end=$nPage*$g_nPicturesPerPage+$g_nPicturesPerPage;
    if ($end>$count)
        $end=$count;
    $begin++;

    if ($count>0)
    {
        $sAlbHeader.= "<div class='navigationBar' id='pages'>";

        $sAlbHeader.= "<span id='displayedinfo'>" . strtr($lang["page"],array("#begin#"=>$begin,"#end#"=>$end,"#count#"=>$count)) . "</span>";

        $sAlbHeader.=dalbumBeginToolbar("pages");

        if ($nPage>0)
        {
            $title=strtr($lang["prevPageBtnTitle"],array("#page#"=>$nPage));
            $sAlbHeader.= getButton('pageprev',"$href&page=" . ($nPage-1),$lang["prevPageBtn"],$title,0);
        }

        for ($i=0;$i<$nPages;++$i)
        {
            // We display 1 ... 14 15 16 17 18 ... 29 when there are too many pages
            if ($nPages>10)
            {
                $mn=$nPage-4;
                $mx=$nPage+4;
                if ($i<=$mn)
                {
                    if ($i==1)
                        $sAlbHeader.="<span class='pagedots'> … </span>";
                    if ($i!=0)
                        continue;
                }
                if ($i>=$mx)
                {
                    if ($i==$nPages-2)
                        $sAlbHeader.="<span class='pagedots'> … </span>";
                    if ($i!=$nPages-1)
                        continue;
                }
            }
            $id="page$i";
            if ($i==$nPage)
                $id="curpage";

            $pagenum="&page=$i";
            if ($i==0)
                $pagenum="";

            $sAlbHeader.= getButton($id,"$href" . $pagenum,$i+1,"",($i?0:1));
        }
        if ($nPage<$nPages-1)
        {
            $title=strtr($lang["nextPageBtnTitle"],array("#page#"=>$nPage+2));
            $sAlbHeader.= getButton('pagenext',"$href&page=" . ($nPage+1),$lang["nextPageBtn"],$title,1);
        }

        $sAlbHeader.=dalbumEndToolbar("pages");
        $sAlbHeader.="</div>";
    }

    $sThumbView="";
    $nImages=0;
    for ($i=0;$i<$g_nPicturesPerPage;$i+=$g_nColumnsPerPage)
    {
        $real=$nPage*$g_nPicturesPerPage+$i;
        if ($real<0 || $real>=$count)
            break;

        $sThumbView.="<tr>\n";

        // print table row
        for ($j=0;$j<$g_nColumnsPerPage;++$j)
        {
            $real=$nPage*$g_nPicturesPerPage+$i+$j;

            $perc=(int)99/$g_nColumnsPerPage;
            $sThumbView.="<td align=\"center\" width=\"$perc%\">\n";

            if ($real>=0 &&  $real<$count)
            {
                $sThumbView.=$im[$real]->CreateThumbnailHTML();
                $nImages++;
            }
            else
            {
                $sThumbView.=" ";
            }
            $sThumbView.="</td>\n";
        }
        $sThumbView.="</tr>";
    }
    if ($nImages==0)
        $sThumbView.='<tr><td style="text-align:center;width:100%;" class="note"><BR>' . $lang['noimages'] . '<BR></td><tr>';
}

function CustomHeaderCallback($buffer)
{
    global $_template;
    $_template['CustomHeader'].=$buffer;

}

?>

This is the index.page of the forum :

<?php
/***********************************************************************

  Copyright (C) 2002-2005  Rickard Andersson (rickard@punbb.org)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/

define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';


if ($pun_user['g_read_board'] == '0')
    message($lang_common['No view']);


// Load the index.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/index.php';

$page_title = pun_htmlspecialchars($pun_config['o_board_title']);
define('PUN_ALLOW_INDEX', 1);
require PUN_ROOT.'header.php';

// Print the categories and forums
$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.forum_desc, f.redirect_url, f.moderators, f.num_topics, f.num_posts, f.last_post, f.last_post_id, f.last_poster FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE fp.read_forum IS NULL OR fp.read_forum=1 ORDER BY c.disp_position, c.id, f.disp_position', true) or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());

$cur_category = 0;
$cat_count = 0;
while ($cur_forum = $db->fetch_assoc($result))
{
    $moderators = '';

    if ($cur_forum['cid'] != $cur_category)    // A new category since last iteration?
    {
        if ($cur_category != 0)
            echo "\t\t\t".'</tbody>'."\n\t\t\t".'</table>'."\n\t\t".'</div>'."\n\t".'</div>'."\n".'</div>'."\n\n";

        ++$cat_count;

?>
<div id="idx<?php echo $cat_count ?>" class="blocktable">
    <h2><span><?php echo pun_htmlspecialchars($cur_forum['cat_name']) ?></span></h2>
    <div class="box">
        <div class="inbox">
            <table cellspacing="0">
            <colgroup>
                <col class="tcl" />
                <col class="tc2" />
                <col class="tc3" />
                <col class="tcr" />
            </colgroup>
            <thead>
                <tr>
                    <th class="tcl" scope="col"><?php echo $lang_common['Forum'] ?></th>
                    <th class="tc2" scope="col"><?php echo $lang_index['Topics'] ?></th>
                    <th class="tc3" scope="col"><?php echo $lang_common['Posts'] ?></th>
                    <th class="tcr" scope="col"><?php echo $lang_common['Last post'] ?></th>
                </tr>
            </thead>
            <tbody>
<?php

        $cur_category = $cur_forum['cid'];
    }

    $icon = '<div class="inormal"><div class="nosize">'.$lang_common['Normal icon'].'</div></div>'."\n";

    // Are there new posts?
    if (!$pun_user['is_guest'] && $cur_forum['last_post'] > $pun_user['last_visit'])
        $icon = '<div class="inew"><div class="nosize">'.$lang_common['New icon'].'</div></div>'."\n";

    // Is this a redirect forum?
    if ($cur_forum['redirect_url'] != '')
    {
        $forum_field = '<h3><a href="'.pun_htmlspecialchars($cur_forum['redirect_url']).'" title="'.$lang_index['Link to'].' '.pun_htmlspecialchars($cur_forum['redirect_url']).'">'.pun_htmlspecialchars($cur_forum['forum_name']).'</a></h3>';
        $num_topics = $num_posts = ' ';
        $icon = '<div class="iredirect"><div class="nosize">'.$lang_common['Redirect icon'].'</div></div>'."\n";
    }
    else
    {
        $forum_field = '<h3><a href="viewforum.php?id='.$cur_forum['fid'].'">'.pun_htmlspecialchars($cur_forum['forum_name']).'</a></h3>';
        $num_topics = $cur_forum['num_topics'];
        $num_posts = $cur_forum['num_posts'];
    }

    if ($cur_forum['forum_desc'] != '')
        $forum_field .= "\n\t\t\t\t\t\t\t".$cur_forum['forum_desc'];


    // If there is a last_post/last_poster.
    if ($cur_forum['last_post'] != '')
        $last_post = '<a href="viewtopic.php?pid='.$cur_forum['last_post_id'].'#p'.$cur_forum['last_post_id'].'">'.format_time($cur_forum['last_post']).'</a><br />'.$lang_common['by'].' '.pun_htmlspecialchars($cur_forum['last_poster']);
    else
        $last_post = ' ';

    if ($cur_forum['moderators'] != '')
    {
        $mods_array = unserialize($cur_forum['moderators']);
        $moderators = array();

        while (list($mod_username, $mod_id) = @each($mods_array))
            $moderators[] = '<a href="profile.php?id='.$mod_id.'">'.pun_htmlspecialchars($mod_username).'</a>';

        $moderators = "\t\t\t\t\t\t\t".'<p><em>('.$lang_common['Moderated by'].'</em> '.implode(', ', $moderators).')</p>'."\n";
    }

?>
                <tr<?php if ($cur_forum['redirect_url'] != '') echo ' class="redirectrow"'; ?>>
                    <td class="tcl">
                        <div class="intd">
                            <?php echo $icon ?>
                            <div class="tclcon">
                                <?php echo $forum_field."\n".$moderators ?>
                            </div>
                        </div>
                    </td>
                    <td class="tc2"><?php echo $num_topics ?></td>
                    <td class="tc3"><?php echo $num_posts ?></td>
                    <td class="tcr"><?php echo $last_post ?></td>
                </tr>
<?php

}

// Did we output any categories and forums?
if ($cur_category > 0)
    echo "\t\t\t".'</tbody>'."\n\t\t\t".'</table>'."\n\t\t".'</div>'."\n\t".'</div>'."\n".'</div>'."\n\n";
else
    echo '<div id="idx0" class="block"><div class="box"><div class="inbox"><p>'.$lang_index['Empty board'].'</p></div></div></div>';


// Collect some statistics from the database
$result = $db->query('SELECT COUNT(id)-1 FROM '.$db->prefix.'users') or error('Unable to fetch total user count', __FILE__, __LINE__, $db->error());
$stats['total_users'] = $db->result($result);

$result = $db->query('SELECT id, username FROM '.$db->prefix.'users ORDER BY registered DESC LIMIT 1') or error('Unable to fetch newest registered user', __FILE__, __LINE__, $db->error());
$stats['last_user'] = $db->fetch_assoc($result);

$result = $db->query('SELECT SUM(num_topics), SUM(num_posts) FROM '.$db->prefix.'forums') or error('Unable to fetch topic/post count', __FILE__, __LINE__, $db->error());
list($stats['total_topics'], $stats['total_posts']) = $db->fetch_row($result);

?>
<div id="brdstats" class="block">
    <h2><span><?php echo $lang_index['Board info'] ?></span></h2>
    <div class="box">
        <div class="inbox">
            <dl class="conr">
                <dt><strong><?php echo $lang_index['Board stats'] ?></strong></dt>
                <dd><?php echo $lang_index['No of users'].': <strong>'. $stats['total_users'] ?></strong></dd>
                <dd><?php echo $lang_index['No of topics'].': <strong>'.$stats['total_topics'] ?></strong></dd>
                <dd><?php echo $lang_index['No of posts'].': <strong>'.$stats['total_posts'] ?></strong></dd>
            </dl>
            <dl class="conl">
                <dt><strong><?php echo $lang_index['User info'] ?></strong></dt>
                <dd><?php echo $lang_index['Newest user'] ?>: <a href="profile.php?id=<?php echo $stats['last_user']['id'] ?>"><?php echo pun_htmlspecialchars($stats['last_user']['username']) ?></a></dd>
<?php

if ($pun_config['o_users_online'] == '1')
{
    // Fetch users online info and generate strings for output
    $num_guests = 0;
    $users = array();
    $result = $db->query('SELECT user_id, ident FROM '.$db->prefix.'online WHERE idle=0 ORDER BY ident', true) or error('Unable to fetch online list', __FILE__, __LINE__, $db->error());

    while ($pun_user_online = $db->fetch_assoc($result))
    {
        if ($pun_user_online['user_id'] > 1)
            $users[] = "\n\t\t\t\t".'<dd><a href="profile.php?id='.$pun_user_online['user_id'].'">'.pun_htmlspecialchars($pun_user_online['ident']).'</a>';
        else
            ++$num_guests;
    }

    $num_users = count($users);
    echo "\t\t\t\t".'<dd>'. $lang_index['Users online'].': <strong>'.$num_users.'</strong></dd>'."\n\t\t\t\t".'<dd>'.$lang_index['Guests online'].': <strong>'.$num_guests.'</strong></dd>'."\n\t\t\t".'</dl>'."\n";
    echo "\t\t\t".'<div class="clearer"></div>'."\n";


    if ($num_users > 0)
        echo "\t\t\t".'<dl id="onlinelist">'."\n\t\t\t\t".'<dt><strong>'.$lang_index['Online'].': </strong></dt>'."\t\t\t\t".implode(',</dd> ', $users).'</dd>'."\n\t\t\t".'</dl>'."\n";
}
else
    echo "\t\t".'</dl>'."\n\t\t\t".'<div class="clearer"></div>'."\n";


?>
        </div>
    </div>
</div>
<?php

$footer_style = 'index';
require PUN_ROOT.'footer.php';

And Finally, this is the one of the redirecting page causing the Error 403 :

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="refresh" content="1;URL=http://www.mywebsite.com/forum/index.php" />
<title>Forum of mywebsite.com / Redirection</title>
<link rel="stylesheet" type="text/css" href="style/Oxygen.css" />
</head>
<body>

<div id="punwrap">
<div id="punredirect" class="pun">

<div class="block">
    <h2>Redirection</h2>
    <div class="box">
        <div class="inbox">
            <p>Logged in successfully. Redirecting …<br /><br /><a href="http://www.mywebsite.com/forum/index.php">Click here if you do not want to wait any longer (or if your browser does not automatically forward you).</a></p>
        </div>
    </div>
</div>



</div>
</div>

</body>
</html>

This page could be the one after posting a message instead of being the one after login, because as I previously said, this problem seems to belong to the "Meta Refresh" wich exists on each redirecting page.

I confirm that if I click on the link to avoid waiting, everything runs well.

I hope this helps.

Regards,

Lim.

Re: Coding .htaccess

the problem is probably not with the meta tags since they are run clientside, i think its probably something to do with the url of the redirect however i don't know how i can help without looking, another option would be for you to check the referrer in common.php since php is much easier to mess with than .htacess

Re: Coding .htaccess

Connorhd wrote:

the problem is probably not with the meta tags since they are run clientside, i think its probably something to do with the url of the redirect however i don't know how i can help without looking, another option would be for you to check the referrer in common.php since php is much easier to mess with than .htacess

Hello Connorhd,

Ok for the clienside of the Meta Tags, but I confirm what I was saying above :

I confirm that if I click on the link to avoid waiting, everything runs well.

Maybe I make a mistake, but as the URL is exactly the same, it should mean that the problem does not come from th URL, does it ?

I'm trying to work with .htaccess because I could (maybe big_smile), reach my goal with only one file to change...

Re: Coding .htaccess

i know why, when it does a meta redirect i bet the browser doesn't send a referrer

Re: Coding .htaccess

Ok, that's certainly the reason.

Is there a way to turn around this point on the server itself ?

Re: Coding .htaccess

its up to the client to set to refereer so no, but you can try setting the redirect time to "0"

Re: Coding .htaccess

Time = 0 does not work. I already tried ==> the Error 403 appears in... 0 second LOL

Is it impossible to write an instruction in the Meta Tag in order to insert the referer ?

Re: Coding .htaccess

why do you want to do this anyway?

Re: Coding .htaccess

Only because, it there's a chance to succeed, I've exactly what I want with only one little file to create : .htaccess

And if it's not possible, I'll try something else, but it will certainly need to rewrite many files
And I don't know how to code sad

Re: Coding .htaccess

no i mean why do you want to let people only access your forum through the main site?

Re: Coding .htaccess

Because, it's private and only people invited to the website (we give them login and password) are supposed to register to the forum (if they want to).

If the forum stays like it's now, anybody can come and register, and then go to forum.
Or if I have to acknoledge the register action (there might be this option on PunBB), I must recognize the Pseudo/e-mail or, worst, ask back : who are you ?

If I change the .htaccess, no more problem, even if they register 2 months later with any pseudo or e-mail.

See what I mean ? smile