Hi,

I have been playing around some system and tried to integrate punbb user authentication to the current php authentication of the other system.

Since punbb authentication is based on cookies, I tried to come up with the best solution for my session based authentication and here is what I came up with:

Note:
main site is on www.domain.com and punbb is on www.domain.com/forum

//for punbb login and function access
define('PUN_ROOT', './forum/');
require PUN_ROOT.'include/common.php';

//punbb authentication variables to match my root variables
$groupid = $pun_user['g_id'];
$username = $pun_user['username'];
$useremail = $pun_user['email'];
$userid = $pun_user['id'];

//if you will want to use the current cookie info and set your session
$_SESSION[uid]=$userid;
$_SESSION[uname]=$username;

Include these codes into your common called files like config.php or header.php or common.php or whatever file that is universally used or included by all of your external/public files.

Now, if you wish to protect a section or the entire page, you can call the punbb function into your php page:

if($pun_user['is_guest']==1) {
//redirect or do whatever you want for guests only
}else{
//member section content
}

or if you wish to block access to entire page, just call it like:

if($pun_user['is_guest']==1) {
//put your message to guests here or include header or footer or ask them to login
exit();
}

As you can see on the above setup, I have my main site on the root and punbb on forum/ but I wanted to use the punbb authentication on the root.

I simply matched my site variables to that of punbb cookie variables to authenticate properly.  This method will allow you to call most or all of functions of punbb right on your root site, however, you may need to play around with it a little bit more.

As for the Session based variables, it functions normally for me because once the cookie is logged off, of course, it will set a new session, so my session is simply taking a ride on whatever is set on the cookie, this is just a workaround for me due to the nature of what I am currently working at and may not apply to you, so just play around with it.

I am not sure if someone already posted these information but I just wanted to share.

Paul

We recently transferred a copy of the forum to another server and in a directory

sample

from:

*www.origwebsite.com/

to:

*www.anotherwebsite.com/forumhere/

and we started getting these errors:

Bad request. The link you followed is incorrect or outdated.

At first we didnt know till a friend (Alvin) checked on the database.  When we migrated the database, the auto_increment values disappeared, so we just put back those auto_increment values for forum and categories and it fixed the problem...

Hope this helps.
Paul

Hi,

I actually tried this approach (and it worked for me) and the way I think (at least in my own opinion) is to flag the first post with a switch, add a column in your table say first_post INT 1 and default 0,

then on your post.php, create something like below (notice the $first variable)

                // Create the post ("topic post")
                $first = '1';
                $db->query('INSERT INTO '.$db->prefix.'posts (poster, poster_id, poster_ip, message, hide_smilies, posted, topic_id, first_post) VALUES(\''.$db->escape($username).'\', '.$pun_user['id'].', \''.get_remote_address().'\', \''.$db->escape($message).'\', \''.$hide_smilies.'\', '.$now.', '.$new_tid.', '.$first.')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
            }

when the first post is created, it is automatically flagged 1, then you can call it with a seperate WHERE first_post=1 in your viewtopic.php file, echo the results in a different div tag on top of the loop that produces all post..., to remove the first post on the rest pof the post, issue a WHERE first_post=0 to fetch all other remaining posts...

The other way of doing this is to select distinct your post table WHERE topic_id = (youridhere) then get the oldest post by limit 1 in "posted" field... this will likely get the oldest post which is actually the first posted message...

echo your results on top of the loop that produces the threads...

I hope it helps.... (and hope it does makes sense hehehe)

gezz wrote:

Connorhd: Is it possible to add the "There are new messages" the main page of my site? Similar to this? I've tried doing it myself using:

    require(PUN_ROOT.'include/pms/header_new_messages.php');

You did this in header.php so I assumed it would work, and well, I assumed wrong.

Thanks in advance for the help.

Hi,

Try this approach, paste this on top of your php file where you want the message to appear, this is my complete header for my .php because I wanted to show even the postings, board stats, my images on the gallery and create a login on my homepage... (you can strip down other portions of this and experiment)

<? 
define('PUN_ROOT', './');
@include PUN_ROOT.'config.php';


//for login issues
$punbb_path = $_SERVER['SCRIPT_FILENAME'];
$punbb_split = explode('/',$punbb_path);
$punbb_page = end($punbb_split);
$punbb_count = substr_count($punbb_path,'/')-2;
$punbb_path = str_repeat('../',$punbb_count).'./';

require PUN_ROOT.'include/common.php';

define('PUN_TURN_OFF_MAINT', 1); // if forums go down the site will not
define('PUN_QUIET_VISIT', 0); // update last visit when outside of the forums

// If PUN isn't defined, config.php is missing or corrupt
if (!defined('PUN'))
    exit('The file \'config.php\' doesn\'t exist or is corrupt. Please run install.php to install PunBB first.');


// Disable error reporting for uninitialized variables
error_reporting(E_ALL);

// Turn off magic_quotes_runtime
set_magic_quotes_runtime(0);


// Get the forum config
$result = $db->query('SELECT * FROM '.$db->prefix.'config') or error('Unable to fetch forum config', __FILE__, __LINE__, $db->error());
while ($cur_config_item = $db->fetch_row($result))
    $pun_config[$cur_config_item[0]] = $cur_config_item[1];

// Make sure we (guests) have permission to read the forums
$result = $db->query('SELECT g_read_board FROM '.$db->prefix.'groups WHERE g_id=3') or error('Unable to fetch group info', __FILE__, __LINE__, $db->error());
if ($db->result($result) == '0')
    exit('No permission');


// Attempt to load the common language file
@include PUN_ROOT.'lang/'.$pun_config['o_default_lang'].'/common.php';
if (!isset($lang_common))
    exit('There is no valid language pack \''.$pun_config['o_default_lang'].'\' installed. Please reinstall a language of that name.');

//
// Converts the CDATA end sequence ]]> into ]]>
//
function escape_cdata($str)
{
    return str_replace(']]>', ']]>', $str);
}
    // Load the index.php language file
    require PUN_ROOT.'lang/'.$pun_config['o_default_lang'].'/index.php';
?>

Then to show the count for your messages and some links, paste the code below:

<?
        $result_messages = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'messages WHERE showed=0 AND owner='.$pun_user['id']) or error('Unable to check for new messages', __FILE__, __LINE__, $db->error());
        if ($db->result($result_messages, 0)){
$notify = "<font color=red>You Have <b>".$db->result($result_messages, 0)."</b> New Message(s)</font>";
        }else{
$notify = "(You Have No New Message)";
}
if($pun_user['id'] > 1)
{
  echo "Welcome back <b>".$pun_user['username']."!</b>  ".$notify."<br>";
  echo "<a href=profile.php?id=".$pun_user['id'].">Edit Profile</a> - <a href=search.php?action=show_user&user_id=".$pun_user['id'].">View Your Posts</a> - <a href=message_list.php>Go To Inbox</a> - <a href=login.php?action=out&id=".$pun_user['id'].">Logout</a><br>Last Visit: ".format_time($pun_user['last_visit'])."<br>";
}
else
{
?>
<form id="login" method="post" action="/login.php?action=in" onsubmit="return process_form(this)">
<a href="login.php?action=forget"><b>Forgotten Password</b></a><br>
<input type="hidden" name="form_sent" value="1" />
<input type="hidden" name="redirect_url" value="<?php echo $_SERVER['SCRIPT_NAME'] ?>" />
<input type="text" name="req_username" size="10" maxlength="25" class="login" />
<input type="password" name="req_password" size="10" maxlength="16" class="login" />
<input type="submit" name="login" value="Login" />
</form>
<?
}
?>

That should do the trick...

Note:
This was taken off my board that includes a login box in place of the message box when not logged in as I have coded it so you may need to edit it accordingly to fit in your board...

If you use the complete code, you can also echo some of the portions of the board in your frontpage or any other page, using the header code above, you can try adding a quickjump on your other .php file then

EX. for quickjump drop down

<?
    // Display the "Jump to" drop list
    if ($pun_config['o_quickjump'] == '1')
    {
        // Load cached quickjump
        @include PUN_ROOT.'cache/cache_quickjump_'.$pun_user['g_id'].'.php';
        if (!defined('PUN_QJ_LOADED'))
        {
            require_once PUN_ROOT.'include/cache.php';
            generate_quickjump_cache($pun_user['g_id']);
            require PUN_ROOT.'cache/cache_quickjump_'.$pun_user['g_id'].'.php';
        }
    }
?>

Showing off your gallery randomly on your other .php file

<?php
$result = $db->query('SELECT id, poster, poster_id, message, posted FROM '.$db->prefix.'gallery_img ORDER BY RAND() LIMIT 4') or error('Unable to fetch user data', __FILE__, __LINE__, $db->error());
while ($data = $db->fetch_assoc($result))
{
echo "".'<a href=img/gallery/'.$data['poster_id'].'_'.$data['posted'].'.jpg target=_blank><img src="img/gallery/'.$data['poster_id'].'_thumbs_'.$data['posted'].'.jpg" alt="'.$data['poster'].'  -  '.$data['message'].'" border="0">'."</a> ";
}

?>

and so on and so forth... customizing punbb is endless, it only ends when you are burnt... lol

5

(4 replies, posted in PunBB 1.2 bug reports)

My website just got hit by this exploit yesterday and got more than 16,000 fake users

Username Nevethir1004
E-mail 1004_rickard@punbb.org
IP *removed*

take note of the username and the email, autogenerated and it cycled from 001 up to 16000+

I just had to delete it from mysql with a "WHERE Nevethi%" clause then exported my list then emptied the table then put back in my original users. Took me about an hour of work... waste of time...


*removed*


I applied the image verification plugin hoping to fix my problem, the one that was released on punres.org still works fine with 1.2.10...

I hope people will check their installations and apply securities on their systems so stupid people from that IP address don't exploit your system... I guess it was bad posting this exploit and match it with the Show Off forum, Exploit Tool + Show Off Forum = Disgruntled Admin (count me in)

I hope this gets fixed with any option, I am also looking for possible solutions to this...
Paul

6

(3 replies, posted in PunBB 1.2 show off)

***site removed, needs to be redone****

Hi hcgtv,

That was a big relief, you just dont know what you made me feel today... i was just getting kinda worried until you gave that link, I guess I can sleep tight now, lol... just great, thanks to you and all I can say, punbb is far more the best forum there is... been in web development business and this is just what I wanted for a long long time...

again, thanks...
Paul

Hi guys,

Just a question because I am kinda getting worried about the stability of my PunBB forum, my current site stats are as of February 20 is as follows:

Total number of registered users: 10706
Total number of topics: 7617
Total number of posts: 75302
Daily visits: 1030 Average
Monthly visits: 28,000 average
Average Daily Signups: 100

check my hits at this link http://extremetracking.com/open;sum?login=kalibog

and my forum is getting larger and larger everyday... you can check it at my site below:

http://www.kalibog.com/index.php

My question is:

1. Is PunBB capable of handling higher traffic like twice or three times my current stats?
2. Is it stable enough to take about or more than 100,000 members?
3. Is there any other PunBB users/forums having large traffic that I can look at?


I am currently using 1.2.7 and is hesitant to upgrade to 1.2.10 because of the modifications I have done, plus I hand-coded most of the updates that are in 1.2.10 into my forum so it is kinda the same...

My question may sound silly but I just need to assure my users (and myself) that the site wont just crash down anytime.

Just a worried person,
Paul

Another version of this Mod is the "ImageShack Uploader Toggle Mode"

This version show/hide the upload box when link is clicked, default is hidden... pretty cool...

First step is Backup! Backup! Backup!!!

1. open viewtopic.php locate the following

<?php

// Display quick post if enabled
if ($quickpost)
{

?>

Add after:

<script language="javascript"> 
<!-- 
var state = 'none'; 

function showhide(layer_ref) { 

if (state == 'block') { 
state = 'none'; 
} 
else { 
state = 'block'; 
} 
if (document.all) { //IS IE 4 or 5 (or 6 beta) 
eval( "document.all." + layer_ref + ".style.display = state"); 
} 
if (document.layers) { //IS NETSCAPE 4 or below 
document.layers[layer_ref].display = state; 
} 
if (document.getElementById &&!document.all) { 
hza = document.getElementById(layer_ref); 
hza.style.display = state; 
} 
} 
//--> 
</script>

2. locate

                            <li><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a>: <?php echo ($pun_config['o_smilies'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>

add after

                            <li><a href="javascript:void(0)" onclick="showhide('div1');">Toggle ImageShack(tm) Upload</a></li>

3. locate

<p><input type="submit" name="submit" tabindex="2" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /></p>

before add

        <div id="div1" style="display: none;">
            <div class="inform">
                <fieldset>
                    <legend>Upload Images using ImageShack(tm)</legend>
                    <div class="infldset">
                        <div class="rbox">
                        <iframe src="http://imageshack.us/iframe.php?txtcolor=111111&type=blank&size=30" scrolling="no" allowtransparency="true" frameborder="0" width="280" height="80">Update your browser for ImageShack.us!</iframe><br /><br />
                        Note: To include image on post, use the form above and after it is uploaded, choose option "<b>Hotlink for forums (1)</b>, copy and paste inside message box.
                        </div>
                    </div>
                </fieldset>
            </div>
        </div>

save and upload...

////////////////////////////////////////

1. open post.php and locate

<div class="blockform">
    <h2><span><?php echo $action ?></span></h2>

before add

<script language="javascript"> 
<!-- 
var state = 'none'; 

function showhide(layer_ref) { 

if (state == 'block') { 
state = 'none'; 
} 
else { 
state = 'block'; 
} 
if (document.all) { //IS IE 4 or 5 (or 6 beta) 
eval( "document.all." + layer_ref + ".style.display = state"); 
} 
if (document.layers) { //IS NETSCAPE 4 or below 
document.layers[layer_ref].display = state; 
} 
if (document.getElementById &&!document.all) { 
hza = document.getElementById(layer_ref); 
hza.style.display = state; 
} 
} 
//--> 
</script>

2. locate

                            <li><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a>: <?php echo ($pun_config['o_smilies'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>

add after

                            <li><a href="javascript:void(0)" onclick="showhide('div1');">Toggle ImageShack(tm) Upload</a></li>

3. locate

if (!empty($checkboxes))
{

?>
            </div>

add after

        <div id="div1" style="display: none;">
            <div class="inform">
                <fieldset>
                    <legend>Upload Images using ImageShack(tm)</legend>
                    <div class="infldset">
                        <div class="rbox">
                        <iframe src="http://imageshack.us/iframe.php?txtcolor=111111&type=blank&size=30" scrolling="no" allowtransparency="true" frameborder="0" width="280" height="80">Update your browser for ImageShack.us!</iframe><br /><br />
                        Note: To include image on post, use the form above and after it is uploaded, choose option "<b>Hotlink for forums (1)</b>, copy and paste inside message box.
                        </div>
                    </div>
                </fieldset>
            </div>
        </div>

This option allows you to toggle the ImageShack uploader, by default, it is hidden so it preserves the original look and will only appear/disappear when clicked....

I hope this one helps...

Paul

Hi,

I was looking for a way to minimize my server load but again offer an easy way for people to upload and post image(s).  I was looking over some options and I came up with this.  I hope it you will like it guys.

First step, BACK UP! BACK UP! BACK UP!!! (hehe)

1. open post.php and locate (approx line 516)

if (!empty($checkboxes))
{

?>
            </div>

Add after....

            <div class="inform">
                <fieldset>
                    <legend>Upload Images using ImageShack(tm)</legend>
                    <div class="infldset">
                        <div class="rbox">
                        <iframe src="http://imageshack.us/iframe.php?txtcolor=111111&type=blank&size=30" scrolling="no" allowtransparency="true" frameborder="0" width="280" height="80">Update your browser for ImageShack.us!</iframe><br /><br />
                        Note: To include image on post, use the form above and after it is uploaded, choose option "<b>Hotlink for forums (1)</b>, copy and paste inside message box.
                        </div>
                    </div>
                </fieldset>
            </div>

Save file.

2. open viewtopic.php and locate (approx line 382)

<p><input type="submit" name="submit" tabindex="2" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /></p>

Add before...

            <div class="inform">
                <fieldset>
                    <legend>Upload Images using ImageShack(tm)</legend>
                    <div class="infldset">
                        <div class="rbox">
                        <iframe src="http://imageshack.us/iframe.php?txtcolor=111111&type=blank&size=30" scrolling="no" allowtransparency="true" frameborder="0" width="280" height="80">Update your browser for ImageShack.us!</iframe><br /><br />
                        Note: To include image on post, use the form above and after it is uploaded, choose option "<b>Hotlink for forums (1)</b>, copy and paste inside message box.
                        </div>
                    </div>
                </fieldset>
            </div>

Save and upload both files.

This will include a small box that allows users to upload images through ImageShack(tm) through your website.

I find this cool since it allows people to post images and likewise saving you lots of bandwidth because of images being hosted on another server.

I hope it helps.

you will be able to find samples from my PunBB project

Post a Reply
http://img70.imageshack.us/img70/4157/post3fq.th.jpg

Quick Post
http://img70.imageshack.us/img70/8245/quickpost2ol.th.jpg


I hope it helps.

Paul

minis wrote:

is it possible to make to show number of new messages near text "you have new messages". exmple "you have new messages (3)"

yup, look at my posting here

http://www.punres.org/viewtopic.php?pid=4734#p4734

Hi,

This is a great tool and I use it a lot, so here is my small contribution... I hope you like it.

I find it nice to show the login box instead of the usual  "You are not logged in." message, so here is what I have done below.

First step, backup! backup! backup!

1. Open header.php and locate (approx line 153)

// START SUBST - <pun_status>
if ($pun_user['is_guest'])
    $tpl_temp = '<div id="brdwelcome" class="inbox">'."\n\t\t\t".'<p>'.$lang_common['Not logged in'].'</p>'."\n\t\t".'</div>';

and replace with

// START SUBST - <pun_status>
// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to index.php after login)
$redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php';
if ($pun_user['is_guest'])
    $tpl_temp = '<div id="brdwelcome" class="inbox" align="right">'."\n\t\t\t".'<p><input type="hidden" name="form_sent" value="1" /><input type="hidden" name="redirect_url" value="'.$redirect_url.'" />Username: <input type="text" name="req_username" size="16" maxlength="25" tabindex="1" /> Password:<input type="password" name="req_password" size="16" maxlength="16" tabindex="2" /> <input type="submit" name="login" value="login" tabindex="3" /></p>'."\n\t\t".'</div>';

note: I have aligned my boxes on the right portion due to preferences only, you can align them on left by changing the value on <div id="brdwelcome" class="inbox" align="right"> to "left"

save the file

2. open main.tpl inside include\template and locate the <pun_status> approx line 20 and do the following

<form id="login" method="post" action="login.php?action=in" onsubmit="return process_form(this)">
        <pun_status>
</form>

save and upload

That's it... I tried this on most versions and it seems to work fine...

I hope it helps.

Paul

Hi,

I saw a post here and made some modifications on it,

http://punbb.org/forums/viewtopic.php?id=8628

I also wanted the same option you wanted so I tweaked this a little, do the index.php portion, but instead of the viewforum.php, try this code below on the viewtopic.php

first step is backup, backup, and backup.


About line 42 of index.php, replace the following codes

$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.forum_desc, f.redirect_url, f.moderators, f.num_topics, f.num_posts, f.last_post, f.last_post_id, f.last_poster FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE fp.read_forum IS NULL OR fp.read_forum=1 ORDER BY c.disp_position, c.id, f.disp_position', true) or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());

into

$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.forum_desc, f.redirect_url, f.moderators, f.num_topics, f.num_posts, f.last_post, f.last_post_id, f.last_poster FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') ORDER BY c.disp_position, c.id, f.disp_position', true) or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());

That is it for the index.php, now to the viewtopic.php

About line 48 of viewtopic.php, replace the following codes

    if (!$db->num_rows($result))
        message($lang_common['Bad request']);

into

if (!$db->num_rows($result))
{
    $result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$pid);
    if (!$db->num_rows($result))
        message($lang_common['Bad request']);
    else
        message($lang_common['No view']);        
}

Set all of your posts to members only view inside admin and then the change the language content accordingly..., I have tried this on version 1.2.7 and I do not know about it being applicable to newer versions, I havent checked.

I hope this one helps

Paul