Forum Moderators: rogerd
I have a PHP page on my site that I would like to be private. I want to make it so that in order to access this php page you have to be logged into phpBB and belong to a certain usergroup, and if not you get an access denied.
So basically, it would have to read the phpbb session/cookie, and get the usergroup from the user.
If anyone has any ideas on how to do this, it would be much appreciated :)
- Matt
[php]<?php
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_PROFILE);
init_userprefs($userdata);
//
// End session management
//
if (!$userdata['session_logged_in'] )
{
die("You're not logged into AntiSpyware Net Forums.");
}
/*
USERNAME = $userdata[username]
USER ID = $userdata[user_id]
*/
mysql_connect($dbhost, $dbuser, $dbpasswd);
mysql_select_db($dbname);
$thetable = $table_prefix . "user_group"; //the table where people's usergroups are stored
$thegroupid = 30; //The id of the usergroup... change this number to match whatever the id of the usergroup is
$result = mysql_query("SELECT COUNT(*) as modornot FROM $thetable WHERE group_id='$thegroupid' AND user_id='$userdata[user_id]' AND user_pending='0'") or die(mysql_error() . $thetable);
$result = mysql_fetch_object($result);
if ($result->modornot < 1)
{
die("You are not part of the usergroup.");
}
?>[/php]
When you include "common.php", you automatically get access to the phpbb Database Abstraction Layer, basically a php class that lets you interact with the database.
Check out /db/mysql4.php in your phpbb installation and have a look at the functions provided by the class.
Jason
