Hi!
I tested today this mod with 4images 1.7.10 and VB 4.1.7
I have issue regarding redirecting loop after login.
When I log in on 4images I see screeen from vb and when I return to gallery FF return error (too many redirection)
I try clean cookis but without results.
do you have any idea?For v 1.7.10 modification of session.php is slightly different:
skip step with replacement of:
$user_password = md5($user_password);look at oryginal code - this statement is not present
:
$user_id = (isset($row[$user_table_fields['user_id']])) ? $row[$user_table_fields['user_id']] : GUEST;
if ($user_id != GUEST) {
if (compare_passwords($user_password, $row[$user_table_fields['user_password']])) {
$sql = "UPDATE ".SESSIONS_TABLE."
SET session_user_id = $user_id
WHERE session_id = '".addslashes($this->session_id)."'";
$site_db->query($sql);
if ($set_auto_login) {
$this->set_cookie_data("userpass", ($auto_login) ? md5($row[$user_table_fields['user_password']]) : "");
}
$this->start_session($user_id, 1);
return true;
}
}
replace with:
if ($user_id != GUEST) {
if (compare_passwords($user_password, $row[$user_table_fields['user_password']], $do_md5)) {
$sql = "UPDATE ".SESSIONS_TABLE."
SET session_user_id = $user_id
WHERE session_id = '".addslashes($this->session_id)."'";
$site_db->query($sql);
if ($set_auto_login) {
if ($do_md5){
$this->set_cookie_data("userpass", ($auto_login) ? md5($row[$user_table_fields['user_password']]) : "");
} else {
$this->set_cookie_data("userpass", ($auto_login) ? $row[$user_table_fields['user_password']] : "");
}
}
$this->start_session($user_id, 1);
return true;
}
} (im not sure with lines about set_cookie_data - please verify)
in file includes/security_utils.php replace function compare_passwords:
function compare_passwords($plain, $hashed) {
// Backwards compatibility
if (strpos($hashed, ':') === false) {
return secure_compare(md5($plain), $hashed);
}
return secure_compare(salted_hash($plain, $hashed), $hashed);
}with
function compare_passwords($plain, $hashed , $do_md5 = true) {
// Backwards compatibility
if ($do_md5) {
if (strpos($hashed, ':') === false) {
return secure_compare(md5($plain), $hashed);
}
} else
{
if ($plain == $hashed) return true;
else return false;
}
return secure_compare(salted_hash($plain, $hashed), $hashed);
}so, mod works with 4images 4.7.10 and vBulletin 4.1.7