[PHP] vBulletin Authorization

Discussion in 'Code Snippets and Tutorials' started by Josh21227, Jun 16, 2010.

  1. Josh21227

    Josh21227 Level I

    Joined:
    May 23, 2009
    Messages:
    57
    Likes Received:
    10
    Made for another site, which closed.

    Code (Text):
    1. <?php
    2.  
    3.     mysql_connect("SERVER", "USERNAME", "PASSWORD");
    4.     mysql_select_db("DATABASE");
    5.     $username =mysql_real_escape_string( $_REQUEST['u']);
    6.     $password = $_REQUEST['p'];
    7.     $level = $_REQUEST['lv'];
    8.     $repreq = "0";
    9.     $repreq = $_REQUEST['rep'];
    10.     $postreq = "0";
    11.     $postreq = $_REQUEST['posts'];
    12.  
    13. $result = mysql_query( "SELECT `salt` FROM `user` WHERE `username` = '{$username}'") OR die(mysql_error());
    14. $row = mysql_fetch_array($result);
    15. $getsalt = $row['salt'];
    16.  
    17.  
    18.     if($getsalt == ""){
    19.         $errcode = "1";
    20.         $error = "Invalid username";
    21.     }
    22.     else{
    23.  
    24.         $mkpass = md5(md5($password) . $getsalt);
    25. $result = mysql_query( "SELECT `password` FROM `user` WHERE `username` = '{$username}'") OR die(mysql_error());
    26. $row = mysql_fetch_array($result);
    27. $chkpass = $row['password'];
    28.  
    29. if($mkpass != $chkpass){
    30.             $errcode = "2";
    31.             $error = "Invalid password";
    32.         }
    33.         else{
    34.  
    35.  
    36.             $sideranks = mysql_fetch_assoc(mysql_query("SELECT membergroupids FROM user WHERE username = '$username'"));
    37.             $sideranks = $sideranks['membergroupids'];
    38.  
    39.                 $userid = mysql_query("SELECT userid FROM user WHERE username = '$username'");
    40.                 $mainrank = mysql_fetch_assoc(mysql_query("SELECT usergroupid FROM user WHERE username = '$username'"));
    41.                 $mainrank = $mainrank['usergroupid'];
    42.                
    43.                 $result = mysql_query( "SELECT `posts` FROM `user` WHERE `username` = '{$username}'") OR die(mysql_error());
    44.                 $row = mysql_fetch_array($result);
    45.                 $posts = $row['posts'];
    46.  
    47.                 $result = mysql_query( "SELECT `reputation` FROM `user` WHERE `username` = '{$username}'") OR die(mysql_error());
    48.                 $row = mysql_fetch_array($result);
    49.                 $rep = $row['reputation'];
    50.  
    51.  
    52. /* 12 = Moderators and Platinum
    53. 11 = Twilight and programmer
    54. 10 = level 10
    55. 9 = level 9
    56. 8 = level 8
    57. 7 = level 7
    58. 6 = level 6
    59. 5 = level 5
    60. 4 = level 4
    61. 3 = level 3
    62. 2 = level 2
    63. 1 = level 1*/
    64.  
    65.  
    66.     if (stristr($sideranks, "6,") OR stristr($sideranks, ",6") OR $sideranks == "6" OR $mainrank == "6") {
    67.     $userlevel = 12;
    68.  
    69.     } elseif (stristr($sideranks, "7,") OR stristr($sideranks, ",7") OR $sideranks == "7" OR $mainrank == "7") {
    70.         $userlevel = "12";
    71.  
    72.     } elseif (stristr($sideranks, "5,") OR stristr($sideranks, ",5") OR $sideranks == "5" OR $mainrank == "5") {
    73.         $userlevel = "12";
    74.  
    75.     } elseif (stristr($sideranks, "20,") OR stristr($sideranks, ",20") OR $sideranks == "20" OR $mainrank == "20") {
    76.         $userlevel = "12";
    77.  
    78.     } elseif (stristr($sideranks, "16,") AND $level = "p" OR stristr($sideranks, ",16") AND $level = "p" OR $sideranks == "16"  AND $level = "p" OR $mainrank == "16" AND $level = "p") {
    79.         $userlevel = "p";
    80.  
    81.     } elseif (stristr($sideranks, "19,") OR stristr($sideranks, ",19") OR $sideranks == "19" OR $mainrank == "19") {
    82.         $userlevel = "12";
    83.  
    84.     } elseif (stristr($sideranks, "14,") OR stristr($sideranks, ",14") OR $sideranks == "14" OR $mainrank == "14") {
    85.         $userlevel = "11";
    86.  
    87.     } elseif (stristr($sideranks, "29,") OR stristr($sideranks, ",29") OR $sideranks == "29" OR $mainrank == "29") {
    88.         $userlevel = "11";
    89.  
    90.     } elseif (stristr($sideranks, "34,") OR stristr($sideranks, ",34") OR $sideranks == "34" OR $mainrank == "34") {
    91.         $userlevel = "11";
    92.  
    93.     } elseif (stristr($sideranks, "28,") OR stristr($sideranks, ",28") OR $sideranks == "28" OR $mainrank == "28") {
    94.         $userlevel = "10";
    95.  
    96.     } elseif (stristr($sideranks, "27,") OR stristr($sideranks, ",27") OR $sideranks == "27" OR $mainrank == "27") {
    97.         $userlevel = "9";
    98.  
    99.     } elseif (stristr($sideranks, "26,") OR stristr($sideranks, ",26") OR $sideranks == "26" OR $mainrank == "26") {
    100.         $userlevel = "8";
    101.  
    102.     } elseif (stristr($sideranks, "25,") OR stristr($sideranks, ",25") OR $sideranks == "25" OR $mainrank == "25") {
    103.         $userlevel = "7";
    104.  
    105.     } elseif (stristr($sideranks, "24,") OR stristr($sideranks, ",24") OR $sideranks == "24" OR $mainrank == "24") {
    106.         $userlevel = "6";
    107. ;
    108.     } elseif (stristr($sideranks, "23,") OR stristr($sideranks, ",23") OR $sideranks == "23" OR $mainrank == "23") {
    109.         $userlevel = "5";
    110.  
    111.     } elseif (stristr($sideranks, "22,") OR stristr($sideranks, ",22") OR $sideranks == "22" OR $mainrank == "22") {
    112.         $userlevel = "4";
    113.  
    114.     } elseif (stristr($sideranks, "21,") OR stristr($sideranks, ",21") OR $sideranks == "21" OR $mainrank == "21") {
    115.         $userlevel = "3";
    116.  
    117.     } elseif (stristr($sideranks, "12,") OR stristr($sideranks, ",12") OR $sideranks == "12" OR $mainrank == "12") {
    118.         $userlevel = "2";
    119.  
    120.     } elseif (stristr($sideranks, "11,") OR stristr($sideranks, ",11") OR $sideranks == "11" OR $mainrank == "11") {
    121.         $userlevel = "1";
    122.  
    123.  
    124.     } else {
    125.         $userlevel = "0";
    126.  
    127.     }
    128.  
    129.                     if($userlevel == "p"){
    130.                                         $errcode = "0";
    131.                                         $error = "Authorized";
    132.  
    133.                     }
    134.                     else{
    135.                        
    136.                             if($level == "p"){
    137.  
    138.                                         $errcode = "6";
    139.                                         $error = "Not Platinum member";
    140.                             }
    141.                                 else{
    142.                                     if($userlevel >= $level){
    143.  
    144.                                         if($posts >= $postreq){
    145.                                    
    146.                                             if($rep >= $repreq){
    147.                                                 $errcode = "0";
    148.                                                 $error = "Authorized";
    149.  
    150.                                             }
    151.                                             else{
    152.                                                 $errcode = "5";
    153.                                                 $error = "Not Enough Rep";
    154.  
    155.                                             }
    156.                                
    157.                                         }
    158.                                         else{
    159.                                             $errcode = "4";
    160.                                             $error = "Not Enough Posts";
    161.  
    162.                                         }
    163.  
    164.                                     }
    165.                                     else{
    166.                                         $errcode = "3";
    167.                                         $error = "Level not high enough";
    168.  
    169.                                     }
    170. }
    171.  
    172.                     }
    173.  
    174.                 }
    175.             }
    176.  
    177.  
    178.     echo('<errcode>' . $errcode . '</errcode>;<error>' . $error . '</error>');
    179. ?>
     
    #1 Josh21227, Jun 16, 2010