You are not logged in. Please login or register.
PunBB Forums → PunBB 1.2 discussion → Coding .htaccess
people won't be able to access the forum at all without the cookie
Ok, fine. Thank you Connorhd.
I know, Google is my friend, but do you know a place where I could see (learn) what kind of file (or code part inside a file) I must take over and how to insert inside common.php, the easyest way ?
This punBB post on user registration lists a few tutorials on php sessions. When in doubt, it's always a good idea to check out the php.net manual.
Ok, thanks D9r. I'll see it 
Hey guys !
Can you have a look at this (at the bottom).
Do you think it would be possible to slightly change this code to reach the goal I'm looking to ?
It may be possible to force to come on the site before going to the forum, as it seems to be possible to do so for hotlink, isn't it ?
that could be easily adapted
that could be easily adapted
... hum ... easily ? 
DisableDirectLinking();
function DisableDirectLinking()
{
$ip=$_SERVER['REMOTE_ADDR'];
if (@$_SERVER["HTTP_X_FORWARDED_FOR"])
$ip=$_SERVER["HTTP_X_FORWARDED_FOR"];
$sCookieValue=md5($_SERVER['HTTP_HOST'].$ip);
if (stristr($_SERVER['PHP_SELF'],"photo.php"))
{
if (!isset($_COOKIE['DAlbum_Connection']) ||
$_COOKIE['DAlbum_Connection']!=$sCookieValue)
{
// Check referrer. If referrer is our domain -
// allow access even if cookie is not set
if (isset($_SERVER['HTTP_REFERER']))
{
$ref=parse_url($_SERVER['HTTP_REFERER']);
$sHost=basename($ref['host'] );
if (isset($_SERVER['HTTP_HOST']) &&
strcasecmp($_SERVER['HTTP_HOST'],$sHost)==0)
return;
}
hdr("404 Not found");
exit();
}
}
else
{
// Set cookie for one hour.
setcookie("DAlbum_Connection",$sCookieValue,time()+3600);
}
}Is there a place where I should change to the URL of the Forum, or is more difficult than that ?
I think the part that should be changed is the following
$ip=$_SERVER['REMOTE_ADDR'];
if (@$_SERVER["HTTP_X_FORWARDED_FOR"])
$ip=$_SERVER["HTTP_X_FORWARDED_FOR"];
$sCookieValue=md5($_SERVER['HTTP_HOST'].$ip);
if (stristr($_SERVER['PHP_SELF'],"photo.php"))Isn't it ?
Would you mind helping me... a little bit ?
AAAARRRRGGGHHHH !!!!!!!!
The code I've quoted above seems to do exactly what I want, without changing anything !!!!
I've been looking after this for days and days, and it was just in front of my face (or quite in front).
So, excuse me, I've to go : I'm just going to hang myself...
Thanks to all,
Lim
Edit : NO, sorry, I've made a mistake, it does not work as I want. Something must be changed to this code, but what, and how ???
that could be easily adapted
Hello Connorhd,
Can't you help me a little ? 
try putting this at the top of common.php
$ip=$_SERVER['REMOTE_ADDR'];
if (@$_SERVER["HTTP_X_FORWARDED_FOR"])
$ip=$_SERVER["HTTP_X_FORWARDED_FOR"];
$sCookieValue=md5($_SERVER['HTTP_HOST'].$ip);
if (!isset($_COOKIE['DAlbum_Connection']) ||
$_COOKIE['DAlbum_Connection']!=$sCookieValue)
{
// Check referrer. If referrer is our domain -
// allow access even if cookie is not set
if (isset($_SERVER['HTTP_REFERER']))
{
$ref=parse_url($_SERVER['HTTP_REFERER']);
$sHost=basename($ref['host'] );
if (isset($_SERVER['HTTP_HOST']) &&
strcasecmp($_SERVER['HTTP_HOST'],$sHost)==0)
return;
}
hdr("404 Not found");
exit();
}Thanks Connorhd
If I put this code at the top (real top) of common.php, the code is displayed as is on the page...
If I put this code after <?php, I've a fatal error : "Call to undefined function: hdr() in /home/... etc.. on line 50
Line 50 : hdr("404 Not found");
I've certainly make a mistake 
$ip=$_SERVER['REMOTE_ADDR'];
if (@$_SERVER["HTTP_X_FORWARDED_FOR"])
$ip=$_SERVER["HTTP_X_FORWARDED_FOR"];
$sCookieValue=md5($_SERVER['HTTP_HOST'].$ip);
if (!isset($_COOKIE['DAlbum_Connection']) ||
$_COOKIE['DAlbum_Connection']!=$sCookieValue)
{
// Check referrer. If referrer is our domain -
// allow access even if cookie is not set
if (isset($_SERVER['HTTP_REFERER']))
{
$ref=parse_url($_SERVER['HTTP_REFERER']);
$sHost=basename($ref['host'] );
if (isset($_SERVER['HTTP_HOST']) &&
strcasecmp($_SERVER['HTTP_HOST'],$sHost)==0)
return;
}
exit("404 Not found");
}As far as I can see, it seems to work quite well
I'm currently performing some tests to see if it's like I wish.
Thank you so far
Ok let's say what happens.
If I've never been on any page of my website, it works : I can't see any page of the forum, only a little text saying "404 Not found". (Maybe I could change this to sent people to the login page of the website. I'll see it later).
But, if people has only been on the login page of the website (even if they didn't logged in, only displayed the page), they can go on the register page of the forum.
And more over, even if I reboot the computer, user can still acces the register or login page of the forum.
Cookie is not destroyed.
I don't know exactly what's happened with the cookie, but as I reduced it's time to live to 10mn, it seems to work even if I don't reboot or close the browser.
Do you thing it would be possible to exclude the login page of the website from the authorized referer ? (Don't know if it's the best way to explain what I'm thinking of... ?)
Edit : I deleted the cookie so I recover the "404 not found" text, but now I've error on line 51 which is the last "}" of your code.
However we are getting closer to the goal
this is going to be as much as i do i don't know anything about DAlbum so i can't really help you further with login and stuff.
Ok, understood Connorhd. This is kind from you for your previous help.
Maybe just a last easy point (for you), which does not specially belongs to DAlbum.
Do you know how to exclude just one page from the domain referer accepted by the implemented code in common.php : the login page of my website which URL is www.mywebsite.com/login.php ?
Thanks,
Lim.
Hello, it's me again...
I managed to do what I wanted but I still have a very little problem.
Connorhd proposed to put that code
$ip=$_SERVER['REMOTE_ADDR'];
if (@$_SERVER["HTTP_X_FORWARDED_FOR"])
$ip=$_SERVER["HTTP_X_FORWARDED_FOR"];
$sCookieValue=md5($_SERVER['HTTP_HOST'].$ip);
if (!isset($_COOKIE['DAlbum_Connection']) ||
$_COOKIE['DAlbum_Connection']!=$sCookieValue)
{
// Check referrer. If referrer is our domain -
// allow access even if cookie is not set
if (isset($_SERVER['HTTP_REFERER']))
{
$ref=parse_url($_SERVER['HTTP_REFERER']);
$sHost=basename($ref['host'] );
if (isset($_SERVER['HTTP_HOST']) &&
strcasecmp($_SERVER['HTTP_HOST'],$sHost)==0)
return;
}
exit("404 Not found");
}So people arrive on a page where is written "404 Not found"
I can change this to set a redirect link to my website with this
exit('<a href="http://www.mywebsite.com/index.php" target="_blank">mywebsite.com</a>') ;But I don't know how to write a little sentence just before the link.
I'm able to put the link or to write a sentence, but not both together.
So can someone help me to change the "exit code" in order to have something like :
"You should go to my www.mywebsite.com prior to access to this page"
Thanks to all.
Ok I succeed.
Thanks
PunBB Forums → PunBB 1.2 discussion → Coding .htaccess
Powered by PunBB, supported by Informer Technologies, Inc.