2012-09-16, 04:39 PM
Sorry if this is the wrong section for this.
I have written a functional PHP code which would send a mail if the IP has not been confirmed in the database or if the IP does not exist yet. ( have not checked it for sql injections and cant test the mail part out since i wrote it on xampp (no mail server :< )) But now i was wondering if somebody could help me make it work for the current 1.6 version.
How it should work is:
Go to your adminCP > You Login > Then the IP check follows > And if that is succesful it will Show the AdminCP
The code below is non MyBB related (and a really easy first look at it), and since plugins wont work for that part of the admin/index.php. I was wondering how would i merge this more or less with the admin/index.php
Things it needs to do are:
-Get the email address from the admin account that just logged in.
-Check if the IP adress this person is on is already confirmed/in the database yes/no.
-If not send mail with confirmation code etc. etc.
read for more information the suggestion for 2.0 thread:
http://community.mybb.com/thread-126209-...13114.html
So is it possible to do something like shown above in the admin/index.php ?
And if so what improvements does it need/how would you need to implement it.
I have written a functional PHP code which would send a mail if the IP has not been confirmed in the database or if the IP does not exist yet. ( have not checked it for sql injections and cant test the mail part out since i wrote it on xampp (no mail server :< )) But now i was wondering if somebody could help me make it work for the current 1.6 version.
How it should work is:
Go to your adminCP > You Login > Then the IP check follows > And if that is succesful it will Show the AdminCP
The code below is non MyBB related (and a really easy first look at it), and since plugins wont work for that part of the admin/index.php. I was wondering how would i merge this more or less with the admin/index.php
Things it needs to do are:
-Get the email address from the admin account that just logged in.
-Check if the IP adress this person is on is already confirmed/in the database yes/no.
-If not send mail with confirmation code etc. etc.
read for more information the suggestion for 2.0 thread:
http://community.mybb.com/thread-126209-...13114.html
<?php
include("config.php");
$ip = $_SERVER['REMOTE_ADDR'];
$email = "...";
$headers = 'From: ...' . "\r\n" .
'Reply-To: ...' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
$cTable = "CREATE TABLE IF NOT EXISTS `adminIP` (
`id` int(11) unsigned NOT NULL auto_increment,
`ip` varchar(255) NOT NULL default '',
`eip` varchar(255) NOT NULL default '',
`conf` tinyint(1) NOT NULL default '0',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8";
//Insert Table into database.
$cQuery = mysql_query($cTable);
if(!$cQuery){
die ("Tabel creation unsuccesful". mysql_error());
}
//Make sure IP adress is not empty.
if($ip != ''){
//Check if IP adress is already in the table.
$IPcheck = mysql_query("SELECT * FROM adminIP WHERE ip='".$ip."'");
$IProws = mysql_num_rows($IPcheck);
$IProw = mysql_fetch_array($IPcheck);
if ((isset($IProws)) && ($IProws == 0))
{
//Ip adress does not exist (what to do code below)
$eip = sha1($ip);
$message = "
Hello it has come to our attention that you are trying to confirm your IP adress
Do so by copying the code below:
code = $eip";
mysql_query("INSERT INTO adminIP (ip, eip, conf)
VALUES ('".$ip."', '".$eip."',0)");
@mail($email, 'Test IP sender', $message, $headers);
@$code = $_POST["code"];
//check if form is submitted.
if (!isset($_POST['submit'])) {
?>
<form method="post" action="<?php echo htmlentities($_SERVER['PHP_SELF']);?>">
<strong>Code:</strong><input type="text" size="20" maxlength="100" name="code">:<br />
<input type="submit" value="submit" name="submit">
</form>
<?php
} else {
//check if code is correct
if($code == $eip){
echo "The IP adress has been confirmed. <br /> Welcome!";
$sql = "UPDATE adminIP SET conf=1 WHERE eip='".$eip."'";
$update = mysql_query($sql);
} else {
echo "This code is incorrect please try again by reloading the page,
or wait 10 seconds to let this happen automatically.";
$page = $_SERVER['PHP_SELF'];
$time = "10";
header("Refresh: $time; url=$page");
}
}
} else {
//Ip adress does exist (what to do code below)
//Check if IP adress has been confirmed.
$eip = $IProw['eip'];
if($IProw['conf'] == 1){
echo "Welcome, good to see you back";
} else {
echo "You have not yet confirmed your IP address
confirme it now by copying the code into the textbox below.";
$message = "
Hello it has come to our attention that you are trying to confirm your IP adress
Do so by copying the code below:
code = $eip";
@mail($email, 'Test IP sender', $message, $headers);
@$code = $_POST["code"];
//check if the form is submitted.
if (!isset($_POST['submit'])) {
?>
<form method="post" action="<?php echo htmlentities($_SERVER['PHP_SELF']);?>">
<strong>Code:</strong><input type="text" size="20" maxlength="100" name="code">:<br />
<input type="submit" value="submit" name="submit">
</form>
<?php
} else {
echo "<br />code =".$code."<br />";
echo "ecode =".$eip."<br />";
//Check if the code is correct
if($code == $eip){
echo "The IP adress has been confirmed. <br /> Welcome!";
$sql = "UPDATE adminIP SET conf=1 WHERE eip='".$eip."'";
$update = mysql_query($sql);
} else {
echo "This code is incorrect please try again by reloading the page,
or wait 10 seconds to let this happen automatically.";
$page = $_SERVER['PHP_SELF'];
$time = "10";
header("Refresh: $time; url=$page");
}
}
}
}
} else {
echo "You dont appear to have a valid IP adress.";
}
?>
So is it possible to do something like shown above in the admin/index.php ?
And if so what improvements does it need/how would you need to implement it.