Delayed Email Verification Hack (DEV)
Mod Version: 1.00, by CharlesHe
This modification is in the archives.
| vB Version: 3.0.8 | Rating:  (1 vote - 5.00 average) |
Installs: 1 |
| Released: 25 Aug 2005 | Last Update: Never | Downloads: 0 |
 Not Supported
|
||
This hack allows newly registered users awaiting email activation to use the forums, but then restricts them from logging in after a certain period of time and informing them that the time limit has passed.
My forum is designed for a close community of students, but I still want email verification to prevent abuse. But my forum isn't established yet, and I don't want to scare people off by forcing them to check their email. I would like them to check out the forums and get used to them for a while before forcing them to do more work. So I've made this hack that should allow for a delay in email verification of one day.
Two files need to be modified and an extra phrase must be added.
There are some flaws: In theory because this only restricts login, someone could stay logged on past the grace period, but a higher degree of rigour restricting this exploit would not be appropriate for a delayed email verification anyways.
I've been programming for approximate 1 day. If anyone can teach me how to write admincp functions that allow some customization over the grace periods, or teach me how write a program to install this hack that would be great.
Replace this code in /login.php
With
In includes/functions_login.php...
Insert before
(approximate line 147)
With this this code :
Finally you need to do an SQL to add this new error phrase:
UPDATE `phrase` SET `text` = 'You may not login to the forums over one day after registering without activating your account. <br><br>
Activation should be easy. Please check your email to find the instructions to activate your account.
<br><br>
If you''re still having problems, please contact the administrator of the board at $vboptions[webmasteremail].' WHERE `phraseid` = '12302' LIMIT 1;
My forum is designed for a close community of students, but I still want email verification to prevent abuse. But my forum isn't established yet, and I don't want to scare people off by forcing them to check their email. I would like them to check out the forums and get used to them for a while before forcing them to do more work. So I've made this hack that should allow for a delay in email verification of one day.
Two files need to be modified and an extra phrase must be added.
There are some flaws: In theory because this only restricts login, someone could stay logged on past the grace period, but a higher degree of rigour restricting this exploit would not be appropriate for a delayed email verification anyways.
I've been programming for approximate 1 day. If anyone can teach me how to write admincp functions that allow some customization over the grace periods, or teach me how write a program to install this hack that would be great.
Replace this code in /login.php
Code:
if (!verify_authentication($username, $password, $md5password, $md5password_utf, true))
{
// check password
exec_strike_user($bbuserinfo['username']);
if ($logintype === 'cplogin' OR $logintype === 'modcplogin')
{
// log this error if attempting to access the control panel
require_once('./includes/functions_log_error.php');
log_vbulletin_error($username, 'security');
}
$bbuserinfo = array(
'userid' => 0,
'usergroupid' => 1
);
eval(print_standard_error('error_badlogin'));
}
Code:
if (!verify_authentication($username, $password, $md5password, $md5password_utf, true))
{
// check password
exec_strike_user($bbuserinfo['username']);
if ($logintype === 'cplogin' OR $logintype === 'modcplogin')
{
// log this error if attempting to access the control panel
require_once('./includes/functions_log_error.php');
log_vbulletin_error($username, 'security');
}
//normally only failed password, now there is the possibility of expired grace period
//new error given if variables used in grace period checking are active
if($bbuserinfo['joindate'] == 1984)
{
$bbuserinfo = array(
'userid' => 0,
'usergroupid' => 1
);
eval(print_standard_error('error_expired_grace_verification'));
}
else
{
$bbuserinfo = array(
'userid' => 0,
'usergroupid' => 1
);
eval(print_standard_error('error_badlogin'));
}
}
Insert before
Code:
if ($send_cookies)
With this this code :
Code:
//check to see if user need verification
elseif($bbuserinfo['usergroupid'] == 3)
{
// Calculate days since joining
$bbuserinfo = $DB_site->query_first("SELECT joindate FROM " . TABLE_PREFIX . "user WHERE username = '" . $bbuserinfo['username'] . "'");
$currentday = time();
$dayspassed = ($currentday - $bbuserinfo[joindate])/(60*60*24);
//this is where grace period is controlled enter a number in days after the >=
if($dayspassed >= 1)
{
$bbuserinfo['joindate'] = 1984; //used for verifying type of error
return false;
}
}
UPDATE `phrase` SET `text` = 'You may not login to the forums over one day after registering without activating your account. <br><br>
Activation should be easy. Please check your email to find the instructions to activate your account.
<br><br>
If you''re still having problems, please contact the administrator of the board at $vboptions[webmasteremail].' WHERE `phraseid` = '12302' LIMIT 1;
Download
No files for download.