How does this redirection work?

scavok

I'm trying to edit the phpbb source to make it so only people I give "permission" to see a page, can see the page. How I'm trying to do this is using the code that they're using to check to see if the user is authorized to view certain forums.

There is a forum, who permits the same people who can view the pages I'm trying to permit, to view it. This forum's id in the database is "3"

For this example, I'm trying to make it so search.php is only viewable to people who are authorized to view forum 3. If they're not authorized, it will say so, just like if they're not authorized to view a forum they try to access.

Here is the authorizing code before I edited it

$is_auth = array(); 
$is_auth = auth(AUTH_ALL, $forum_id, $userdata, $forum_row); 

if ( !$is_auth['auth_read'] || !$is_auth['auth_view'] ) 
{ 
   if ( !$userdata['session_logged_in'] ) 
   { 
      $redirect = POST_FORUM_URL . "=$forum_id" . ( ( isset($start) ) ? "&start=$start" : '' ); 
      redirect(append_sid("login.$phpEx?redirect=viewforum.$phpEx&$redirect", true)); 
   } 
   // 
   // The user is not authed to read this forum ... 
   // 
   $message = ( !$is_auth['auth_view'] ) ? $lang['Forum_not_exist'] : sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type']); 

   message_die(GENERAL_MESSAGE, $message); 
}

Here it is after I edited it

<?php 
define('IN_PHPBB', true); 
$phpbb_root_path = './'; 
include($phpbb_root_path . 'extension.inc'); 
include($phpbb_root_path . 'common.'.$phpEx); 

$is_auth = array(); 
$is_auth = auth(AUTH_ALL, 3, $userdata, $forum_row); 

if ( !$is_auth['auth_read'] || !$is_auth['auth_view'] ) 
{ 
   if ( !$userdata['session_logged_in'] ) 
   { 
      redirect(append_sid("search.php", true)); 
   } 
   // 
   // The user is not authed to read this forum ... 
   // 
   $message = ( !$is_auth['auth_view'] ) ? $lang['Forum_not_exist'] : sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type']); 

   message_die(GENERAL_MESSAGE, $message); 
} 

$template->pparse('body'); 

include($phpbb_root_path . 'includes/page_tail.'.$phpEx); 

?>

I'm pretty sure I did nothing right. What this does is just constantly redirect the user back to search.php where it executes the redirection code again non-stop. Like a never ending loop.

I don't understand how their redirection code works. How is it redirecting the user to another page without having to authorize the user again?

I'm pretty clueless as to how to get this working. Anything helps. I'm getting desperate.

dalecosp

I've looked a little at phpBB code; enough to know that my mind isn't twisted enough to do it that way 😃

You'll need to look through the source code and find their function entitled, appropriately enough 😉, redirect().

As for the question "how is it...without authorizing the user again" ... phpBB's session work is all done in the db. The authorization is built into the site in such a manner that unauthed clients never get anywhere ... that's really a simplified explanation, but you and I can both tell that this wasn't written in some beginning PHP book 😉

In the upper example, they are redirected to "login.php" with a variable set that tells "login.php" to send them on their merry way...in yours, there's no variable, AFAICT.

Hopefully someone smart will come along soon 🙂

scavok

Here's the redirect function code

function redirect($url)
{
	global $db, $board_config;

if (!empty($db))
{
	$db->sql_close();
}

$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
$server_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name']));
$server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : '';
$script_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path']));
$script_name = ($script_name == '') ? $script_name : '/' . $script_name;
$url = preg_replace('#^\/?(.*?)\/?$#', '/\1', trim($url));

// Redirect via an HTML form for PITA webservers
if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')))
{
	header('Refresh: 0; URL=' . $server_protocol . $server_name . $server_port . $script_name . $url);
	echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $server_protocol . $server_name . $server_port . $script_name . $url . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $server_protocol . $server_name . $server_port . $script_name . $url . '">HERE</a> to be redirected</div></body></html>';
	exit;
}

// Behave as per HTTP/1.1 spec for others
header('Location: ' . $server_protocol . $server_name . $server_port . $script_name . $url);
exit;
}

😕

I went back and tried this:

if ( !$is_auth['auth_read'] || !$is_auth['auth_view'] )
{
	if ( !$userdata['session_logged_in'] )
	{
		$redirect = POST_SEARCH_URL . "=1" . ( ( isset($start) ) ? "&start=$start" : '' );
		redirect(append_sid("login.$phpEx?redirect=search.$phpEx&$redirect", true));
	}
	//
	// The user is not authed to read this forum ...
	//
	$message = ( !$is_auth['auth_view'] ) ? $lang['Forum_not_exist'] : sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type']);

message_die(GENERAL_MESSAGE, $message);
}

It doesn't put it in an endless loop anymore, but it just sends it back to the forum index. :\