Compdigitec Labs

« | Home | »

phpBB force login hack

By admin | December 16, 2008

To set up a private forum in phpBB, you could simply make all the forums “No Access” to guests and bots. But if they can still view your member list and profiles, that is a security leak. Here is a patch to remedy that by forcing the guest or bot to login before they can see the forum:

  1. Open up index.php from your phpBB installation.
  2. After line 25 (“$auth->acl($user->data);“), add the following code:
    // Hack to disable anonymous viewing
    if ($user->data['user_id'] == ANONYMOUS || $user->data['is_bot'])
    {
    login_box();
    } else {
  3. After the line “page_header($user->lang['INDEX']);“, add the following code:
    // end hack to disable anonymous viewing
    };
  4. Re-upload index.php to your web server. Don’t forget to clear your cache and log out to see the effect.

If you found this article helpful or interesting, please help Compdigitec spread the word. Don’t forget to subscribe to Compdigitec Labs for more useful and interesting articles!

Topics: PHP | 3 Comments »

3 Responses to “phpBB force login hack”

  1. Adam Parkzer Says:
    December 13th, 2009 at 2:55 pm

    This actually works! I just wasted about 15 minutes searching around for a modification that would do the job for me, when all I needed to do was manually add a few lines of code. Thanks for the useful post.

  2. iracruz Says:
    October 30th, 2010 at 10:30 am

    Hack again?!

  3. Pedro Henrique Says:
    February 11th, 2013 at 11:22 am

    Great! It really works!

Comments