phpBB et URL Rewriting : article de synthèse

le Ven Avr 23, 2004 8:01

allez voir http://forums.phpbb-fr.com/viewtopic_39629.html en attendant que je fasse en accord avec son auteur un article qui résume tout ça

le Ven Avr 23, 2004 15:25

merci WRI juste un tite question pourquoi rien ne marche dans admin?

le Ven Avr 23, 2004 17:38

solodown a écrit:merci WRI juste un tite question pourquoi rien ne marche dans admin?

j'ai pas compris de quoi tu parles ?

le Ven Avr 23, 2004 23:03

j'ai modifer sessions.php pour supprimé les SID

les SID ce supprime

mais tous les fonctions de admin(ajout de forum,email de masse etc...) ne marche pas pourquoi ??

le Sam Avr 24, 2004 0:10

bah j'ai fait comme dit dans le manuel sur phpbb et nada , çà marche pas

le Sam Avr 24, 2004 11:33

Si tu lis le post tu verras que le forum nécessite l'utilisation des sid , il ne faut pas les supprimer pour tous , seulement pour les visiteurs ( et seulement dans les URL ) .

le Lun Avr 26, 2004 9:10

Merci bcp pour le lien. Tout fonctionne nickel chez moi. J'ai juste enlevé la ligne :

Code: Tout sélectionner: RewriteRule ^forum([0-9]*).* viewforum.php?f=$1&mark=topics

Parce qu'elle rentre en conflit avec :

Code: Tout sélectionner: RewriteRule ^forum([0-9]*).* viewforum.php?f=$1

Et du coup, quand on va sur un forum, ca marque tous les messages comme lus

Pour le reste, impec' !

le Lun Avr 26, 2004 14:28

Il n'y a pas de conflit tant que tu ne changes pas l'ordre des lignes dans .htaccess ou includes/page_header.php :wink:

Arf ... Peut être en fait : il faut remplacer RewriteRule ^forum([0-9]*).* viewforum.php?f=$1&mark=topics par RewriteRule ^mforum([0-9]*).* viewforum.php?f=$1&mark=topics dans le .htaccess .

le Lun Avr 26, 2004 14:42

De toutes facons, m'en tape que GG voit cette page ! Donc c'est pour ca que je l'ai viré du htaccess....

le Mer Avr 28, 2004 10:53

bon j'ai deja fait les modif de mon sessions.php j'éspère ne pas avoir fait d'érreur :wink:

Code: Tout sélectionner: <?php /*************************************************************************** * sessions.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : support@phpbb.com * * $Id: sessions.php,v 1.58.2.10 2003/04/05 12:04:33 acydburn Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/ // // Adds/updates a new session to the database for the given userid. // Returns the new session ID on success. // function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0) { global $db, $board_config; global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID; $cookiename = $board_config['cookie_name']; $cookiepath = $board_config['cookie_path']; $cookiedomain = $board_config['cookie_domain']; $cookiesecure = $board_config['cookie_secure']; if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ) { $session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : ''; $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array(); $sessionmethod = SESSION_METHOD_COOKIE; } else { $sessiondata = array(); $session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : ''; $sessionmethod = SESSION_METHOD_GET; } $last_visit = 0; $current_time = time(); $expiry_time = $current_time - $board_config['session_length']; // // Try and pull the last time stored in a cookie, if it exists // $sql = "SELECT * FROM " . USERS_TABLE . " WHERE user_id = $user_id"; if ( !($result = $db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Could not obtain lastvisit data from user table', '', __LINE__, __FILE__, $sql); } $userdata = $db->sql_fetchrow($result); if ( $user_id != ANONYMOUS ) { $auto_login_key = $userdata['user_password']; if ( $auto_create ) { if ( isset($sessiondata['autologinid']) && $userdata['user_active'] ) { // We have to login automagically if( $sessiondata['autologinid'] == $auto_login_key ) { // autologinid matches password $login = 1; $enable_autologin = 1; } else { // No match; don't login, set as anonymous user $login = 0; $enable_autologin = 0; $user_id = $userdata['user_id'] = ANONYMOUS; } } else { // Autologin is not set. Don't login, set as anonymous user $login = 0; $enable_autologin = 0; $user_id = $userdata['user_id'] = ANONYMOUS; } } else { $login = 1; } } else { $login = 0; $enable_autologin = 0; } // // CC IP-mod ($user_ip is created in common.php) // global $phpEx, $phpbb_root_path; include($phpbb_root_path . 'includes/cc_mod.'.$phpEx); // // Initial ban check against user id, IP and email address // preg_match('/(..)(..)(..)(..)/', $user_ip, $user_ip_parts); $sql = "SELECT ban_ip, ban_userid, ban_email FROM " . BANLIST_TABLE . " WHERE ban_ip IN ('" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . $user_ip_parts[4] . "', '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . "ff', '" . $user_ip_parts[1] . $user_ip_parts[2] . "ffff', '" . $user_ip_parts[1] . "ffffff') OR ban_userid = $user_id"; if ( $user_id != ANONYMOUS ) { $sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $userdata['user_email']) . "' OR ban_email LIKE '" . substr(str_replace("\'", "''", $userdata['user_email']), strpos(str_replace("\'", "''", $userdata['user_email']), "@")) . "'"; } if ( !($result = $db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Could not obtain ban information', '', __LINE__, __FILE__, $sql); } if ( $ban_info = $db->sql_fetchrow($result) ) { if ( $ban_info['ban_ip'] || $ban_info['ban_userid'] || $ban_info['ban_email'] ) { message_die(CRITICAL_MESSAGE, 'You_been_banned'); } } // // Create or update the session // $sql_ip = $user_id == ANONYMOUS ? " AND session_ip = '$user_ip'" : ''; $sql = "UPDATE " . SESSIONS_TABLE . " SET session_ip = '$user_ip', session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login WHERE session_id = '" . $session_id . "' $sql_ip AND session_user_id = '$user_id'"; if ( !$db->sql_query($sql) || !$db->sql_affectedrows() ) { $session_id = md5(uniqid($user_ip)); $sql = "INSERT INTO " . SESSIONS_TABLE . " (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in) VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login)"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql); } } //if ( $user_id != ANONYMOUS ) //{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : ( $last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time; $sql = "UPDATE " . USERS_TABLE . " SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit, user_lastlogon = " . time() . ", user_totallogon=user_totallogon+1 WHERE user_id = $user_id"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql); } $userdata['user_lastvisit'] = $last_visit; $sessiondata['autologinid'] = ( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : ''; $sessiondata['userid'] = $user_id; //} $userdata['session_id'] = $session_id; $userdata['session_ip'] = $user_ip; $userdata['session_user_id'] = $user_id; $userdata['session_logged_in'] = $login; $userdata['session_page'] = $page_id; $userdata['session_start'] = $current_time; $userdata['session_time'] = $current_time; setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure); $SID = $user_id > 0 ? 'sid=' . $session_id : ''; return $userdata; } // // Checks for a given user session, tidies session table and updates user // sessions at each page refresh // function session_pagestart($user_ip, $thispage_id) { global $db, $lang, $board_config; global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID; $cookiename = $board_config['cookie_name']; $cookiepath = $board_config['cookie_path']; $cookiedomain = $board_config['cookie_domain']; $cookiesecure = $board_config['cookie_secure']; $current_time = time(); unset($userdata); if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ) { $sessiondata = isset( $HTTP_COOKIE_VARS[$cookiename . '_data'] ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array(); $session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : ''; $sessionmethod = SESSION_METHOD_COOKIE; } else { $sessiondata = array(); $session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : ''; $sessionmethod = SESSION_METHOD_GET; } // // Does a session exist? // if ( !empty($session_id) ) { // Start add - Last visit MOD $expiry_time = $current_time - $board_config['session_length'] ; // End add - Last visit MOD // // session_id exists so go ahead and attempt to grab all // data in preparation // $sql = "SELECT u.*, s.* FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u WHERE s.session_id = '$session_id' AND u.user_id = s.session_user_id AND session_time > $expiry_time"; if ( !($result = $db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql); } $userdata = $db->sql_fetchrow($result); // // Did the session exist in the DB? // if ( isset($userdata['user_id']) ) { // // Do not check IP assuming equivalence, if IPv4 we'll check only first 24 // bits ... I've been told (by vHiker) this should alleviate problems with // load balanced et al proxies while retaining some reliance on IP security. // $ip_check_s = substr($userdata['session_ip'], 0, 6); $ip_check_u = substr($user_ip, 0, 6); if ($ip_check_s == $ip_check_u) { $SID = $userdata['user_id'] > 0 ? (($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '') : ''; // // Only update session DB a minute or so after last update // if ( $current_time - $userdata['session_time'] > 60 ) { $sql = "UPDATE " . SESSIONS_TABLE . " SET session_time = $current_time, session_page = $thispage_id WHERE session_id = '" . $userdata['session_id'] . "'"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql); } //if ( $userdata['user_id'] != ANONYMOUS ) //{ $sql = "UPDATE " . USERS_TABLE . " SET user_session_time = $current_time, user_session_page = $thispage_id, user_totalpages = user_totalpages+1, user_totaltime = user_totaltime+($current_time-".$userdata['session_time'].") WHERE user_id = " . $userdata['user_id']; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql); } //} // // Delete expired sessions // $expiry_time = $current_time - $board_config['session_length']; $sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE UNIX_TIMESTAMP() - session_time >=172800 AND session_id <> '$session_id'"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql); } setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure); } return $userdata; } } } else { // try to login guest $sql = "SELECT u.*, s.* FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u WHERE s.session_ip = '$user_ip' AND s.session_user_id = " . ANONYMOUS . " AND u.user_id = s.session_user_id LIMIT 0, 1"; if ( !($result = $db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql); } $userdata = $db->sql_fetchrow($result); if ( isset($userdata['user_id']) ) { if ( $current_time - $userdata['session_time'] > 60 ) { $sql = "UPDATE " . SESSIONS_TABLE . " SET session_time = $current_time, session_start = $current_time, session_page = 0 WHERE session_id = '" . $userdata['session_id'] . "'"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql); } } return $userdata; } } // // If we reach here then no (valid) session exists. So we'll create a new one, // using the cookie user_id if available to pull basic user prefs. // $user_id = ( isset($sessiondata['userid']) ) ? intval($sessiondata['userid']) : ANONYMOUS; if ( !($userdata = session_begin($user_id, $user_ip, $thispage_id, TRUE)) ) { message_die(CRITICAL_ERROR, 'Error creating user session', '', __LINE__, __FILE__, $sql); } return $userdata; } // // session_end closes out a session // deleting the corresponding entry // in the sessions table // function session_end($session_id, $user_id) { global $db, $lang, $board_config; global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID; $cookiename = $board_config['cookie_name']; $cookiepath = $board_config['cookie_path']; $cookiedomain = $board_config['cookie_domain']; $cookiesecure = $board_config['cookie_secure']; $current_time = time(); // // Pull cookiedata or grab the URI propagated sid // if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ) { $session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : ''; $sessionmethod = SESSION_METHOD_COOKIE; } else { $session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : ''; $sessionmethod = SESSION_METHOD_GET; } // // Delete existing session // $sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_id = '$session_id' AND session_user_id = $user_id"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql); } setcookie($cookiename . '_data', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename . '_sid', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure); return true; } // // Append $SID to a url. Borrowed from phplib and modified. This is an // extra routine utilised by the session code above and acts as a wrapper // around every single URL and form action. If you replace the session // code you must include this routine, even if it's empty. // function append_sid($url, $non_html_amp = false) { global $SID; if ( !empty($SID) && !preg_match('#sid=#', $url) ) { $url .= ( ( strpos($url, '?') != false ) ? ( ( $non_html_amp ) ? '&' : '&' ) : '?' ) . $SID; } return $url; } ?>

mais j'ai remaqué meme si je coche connexion auto bah quand je revien sur mon site bah faut que je me reconnect :cry:

puis mon .htaccess j'ai sa

Code: Tout sélectionner: DirectoryIndex portal.php index.php index.htm index.html

je suis chez OVH

le Mer Avr 28, 2004 22:20

Fix pour l'autologin non fonctionnel :

TROUVER
Code: Tout sélectionner
else { // try to login guest

REMPLACER PAR
Code: Tout sélectionner
else if(empty($sessiondata)) { // try to login guest

le Jeu Avr 29, 2004 15:36

puis mon .htaccess j'ai déja sa

Code: Tout sélectionner: DirectoryIndex portal.php index.php index.htm index.html

et pour info je suis chez OVH

le Jeu Avr 29, 2004 16:22

[Double post , désolé , erreur lors de l'envoi]

le Jeu Avr 29, 2004 16:22

le Jeu Avr 29, 2004 19:24

je fait comment j'écrit le code 1ligne ou 2 en dessous?

phpBB et URL Rewriting : article de synthèse

phpBB et URL Rewriting : article de synthèse

Formation recommandée sur ce thème :

Lectures recommandées sur ce thème :

Qui est en ligne