Check phpbb3 session
- Danny1337
- Student
- Joined: May 14, 2006
- Posts: 70
- Loc: Norway
- Status: Offline
July 29th, 2010, 2:50 am
Hey. I need a way to check if an user is online, on an external page WITHOUT adding the phpbb session to the page. I'm adding this on a Wordpress page, and the phpbb session causes conflicts with wordpress, since they have functions with the exact same name.. (like make_clickable)
So i kindof.. need to manually check if an user is online or not.
I made this code below, and it works. However, I have no idea if it has any flaws, or if it's safe
What do you think?
thanks
So i kindof.. need to manually check if an user is online or not.
I made this code below, and it works. However, I have no idea if it has any flaws, or if it's safe
PHP Code: [ Select ]
$cookie_id = $_COOKIE['phpbb3_token_sid'];
$cookie_user = $_COOKIE['phpbb3_token_u'];
if($cookie_user!=1) {
$query = mysql_query("SELECT * FROM phpbb3_sessions WHERE session_id LIKE '".mysql_real_escape_string($cookie_id)."'");
if(mysql_num_rows($query)==1) {
$find_name = mysql_query("SELECT * FROM phpbb3_users WHERE user_id LIKE '".mysql_real_escape_string($cookie_user)."'");
if(mysql_num_rows($find_name)==1) {
while($row=mysql_fetch_array($find_name)) {
echo "Welcome, " . $row['username'] . "!";
}
}
}
} else {
echo "Not logged in";
}
$cookie_user = $_COOKIE['phpbb3_token_u'];
if($cookie_user!=1) {
$query = mysql_query("SELECT * FROM phpbb3_sessions WHERE session_id LIKE '".mysql_real_escape_string($cookie_id)."'");
if(mysql_num_rows($query)==1) {
$find_name = mysql_query("SELECT * FROM phpbb3_users WHERE user_id LIKE '".mysql_real_escape_string($cookie_user)."'");
if(mysql_num_rows($find_name)==1) {
while($row=mysql_fetch_array($find_name)) {
echo "Welcome, " . $row['username'] . "!";
}
}
}
} else {
echo "Not logged in";
}
- $cookie_id = $_COOKIE['phpbb3_token_sid'];
- $cookie_user = $_COOKIE['phpbb3_token_u'];
- if($cookie_user!=1) {
- $query = mysql_query("SELECT * FROM phpbb3_sessions WHERE session_id LIKE '".mysql_real_escape_string($cookie_id)."'");
- if(mysql_num_rows($query)==1) {
- $find_name = mysql_query("SELECT * FROM phpbb3_users WHERE user_id LIKE '".mysql_real_escape_string($cookie_user)."'");
- if(mysql_num_rows($find_name)==1) {
- while($row=mysql_fetch_array($find_name)) {
- echo "Welcome, " . $row['username'] . "!";
- }
- }
- }
- } else {
- echo "Not logged in";
- }
What do you think?
thanks
- Anonymous
- Bot
- Joined: 25 Feb 2008
- Posts: ?
- Loc: Ozzuland
- Status: Online
July 29th, 2010, 2:50 am
- joebert
- Sledgehammer
- Joined: Feb 10, 2004
- Posts: 13455
- Loc: Florida
- Status: Offline
July 29th, 2010, 5:27 am
Strong with this one, the sudo is.
- Danny1337
- Student
- Joined: May 14, 2006
- Posts: 70
- Loc: Norway
- Status: Offline
July 29th, 2010, 6:02 pm
Page 1 of 1
To Reply to this topic you need to LOGIN or REGISTER. It is free.
Post Information
- Total Posts in this topic: 3 posts
- Users browsing this forum: No registered users and 215 guests
- You cannot post new topics in this forum
- You cannot reply to topics in this forum
- You cannot edit your posts in this forum
- You cannot delete your posts in this forum
- You cannot post attachments in this forum
