Hi,
I am using a external page with MyBBoard.
There is also a custom admincp for the frontend.
To get into that users should login, however what query is needed to check if the user has valid username/password and group
You should see this topic -
http://community.mybboard.net/thread-6190.html
It demonstrates basic user authorisation. You can use the following to determine groups:
if($mybb->usergroup['cancp'])
{
// This user is an admin
}
elseif($mybb->usergroup['issupermod'])
{
// This user is a supermoderator
}
elseif($mybb->usergroup['canmodcp'])
{
// This user is a moderator
}
elseif($mybb->usergroup['gid'] == 8)
{
// This user is in group 8
}
If you have any problems coding with MyBB, you should check the
Plugins & Code > Discussion & Support section...
(2009-03-10, 11:01 AM)Tomm M Wrote: [ -> ]You should see this topic - http://community.mybboard.net/thread-6190.html
It demonstrates basic user authorisation. You can use the following to determine groups:
if($mybb->usergroup['cancp'])
{
// This user is an admin
}
elseif($mybb->usergroup['issupermod'])
{
// This user is a supermoderator
}
elseif($mybb->usergroup['canmodcp'])
{
// This user is a moderator
}
elseif($mybb->usergroup['gid'] == 8)
{
// This user is in group 8
}
If you have any problems coding with MyBB, you should check the Plugins & Code > Discussion & Support section...
Thanks for your reply
Yeah I already noticed and used that thread (have the intergration for the frontpanel).
However I now want to have a custom admincp for the frontend. The users who can access have to login with their forum account.
Now I know the query for Vbulletin, but like to know the query for MyBB
I'm quite sure the code in that thread and this thread is all you'd need... just check if the user is an admin after they submit the details.
(2009-03-10, 11:25 AM)MattRogowski Wrote: [ -> ]I'm quite sure the code in that thread and this thread is all you'd need... just check if the user is an admin after they submit the details.
Yeah that's also the meaning.
However when I use the login box from that thread, they will stay logged in because of cookies instead of sessions (I want to use sessions for a custom admincp).
I searched that thread for the query, however could not find it.
MyBB uses the _adminsessions table in the database, much like the sessions table for users, in the AdminCP. It too is controlled by cookies, and not sessions, so I'm not too sure what query it is you're looking for...
You should take a look at ./admin/index.php, and see how MyBB utilises the adminsessions table to verify users.
(2009-03-10, 12:15 PM)Tomm M Wrote: [ -> ]MyBB uses the _adminsessions table in the database, much like the sessions table for users, in the AdminCP. It too is controlled by cookies, and not sessions, so I'm not too sure what query it is you're looking for...
You should take a look at ./admin/index.php, and see how MyBB utilises the adminsessions table to verify users.
oke will have a look into that.
As example I can give you the query Vbulletin uses
SELECT userid, username, salt, password, usergroupid FROM user WHERE username='" . $_POST['fld_username'] . "' AND password=md5(concat(md5('" . $_POST['fld_password'] . "'),'" . $salt . "'))
If correct filled in, this gives me the userid, username, salt, password and usergroupid.
However I can imaging that myBB has a same sort looking query
And where the most important is the encryption of the password
is it
md5(md5($salt).$password);?