« How to fix GCC 4.3’s removal of old headers | Home | Disable the jump box of the FAQ in phpBB 3 »
phpBB force login hack
By admin | December 16, 2008
To set up a private forum in phpBB, you could simply make all the forums “No Access” to guests and bots. But if they can still view your member list and profiles, that is a security leak. Here is a patch to remedy that by forcing the guest or bot to login before they can see the forum:
- Open up index.php from your phpBB installation.
- After line 25 (“$auth->acl($user->data);“), add the following code:
// Hack to disable anonymous viewing
if ($user->data[‘user_id’] == ANONYMOUS || $user->data[‘is_bot’])
{
login_box();
} else { - After the line “page_header($user->lang[‘INDEX’]);“, add the following code:
// end hack to disable anonymous viewing
}; - Re-upload index.php to your web server. Don’t forget to clear your cache and log out to see the effect.
If you found this article helpful or interesting, please help Compdigitec spread the word. Don’t forget to subscribe to Compdigitec Labs for more useful and interesting articles!
Topics: PHP | 7 Comments »
December 13th, 2009 at 14:55
This actually works! I just wasted about 15 minutes searching around for a modification that would do the job for me, when all I needed to do was manually add a few lines of code. Thanks for the useful post.
October 30th, 2010 at 10:30
Hack again?!
February 11th, 2013 at 11:22
Great! It really works!
November 5th, 2024 at 06:28
… [Trackback]
[…] Info on that Topic: compdigitec.com/labs/2008/12/16/phpbb-force-login-hack/ […]
November 6th, 2024 at 04:46
… [Trackback]
[…] Read More here: compdigitec.com/labs/2008/12/16/phpbb-force-login-hack/trackback/ […]
November 23rd, 2024 at 07:25
… [Trackback]
[…] Find More on to that Topic: compdigitec.com/labs/2008/12/16/phpbb-force-login-hack/ […]
November 24th, 2024 at 19:38
… [Trackback]
[…] Read More to that Topic: compdigitec.com/labs/2008/12/16/phpbb-force-login-hack/ […]