| |
|
| :: |
| Author |
Message |
arkantos
Joined: 13 Feb 2007
Posts: 26
Location: Dark Side of Tha World
|
 Posted: Tue Feb 13, 2007 3:52 am Post subject: Deactivate for session in users? |
|
|
How do i deactivate the SEO for registered-session in users?
Must be a faster way than putting the if - else in every file.
This because all sessions are lost when members signed up, the same with this board when it had enabled the SEO.
Also i have the viewtopic.php hack, i would like to know if mod_rewrite with your Advanced SEO mod is possible for viewtopic.php and how to do it.
Greets. |
|
|
| Back to top |
|
 |
|
|
dcz
Administrateur - Site Admin
Joined: 28 Apr 2006
Posts: 14814
|
| Posted: Tue Feb 13, 2007 10:08 am Post subject: Re: Deactivate for session in users? |
|
|
And welcome 
| arkantos wrote: |
This because all sessions are lost when members signed up, the same with this board when it had enabled the SEO.
|
??
Are you loosing any sessions here ? on phpBB SEO ?
Anyway, to limit rewriting to guest, which I do not really advise to do juste because members will be posting unrewritten links, you can open :
| Code: | | includes/sessions.php |
Find :
Replace with :
| Code: | // www.phpBB-SEO.com SEO TOOLKIT BEGIN
global $phpbb_seo, $userdata;
if ( $userdata['session_logged_in']) {
$url = $phpbb_seo->url_rewrite($url, $non_html_amp);
}
// www.phpBB-SEO.com SEO TOOLKIT END |
|
_________________
Useful links :
SEO Forum || SEO Directory || SEO phpBB || SEO phpBB3 || Search
____________________
Liens Utiles :
Forum référencement || Annuaire référencement || Référencement phpBB || Référencement phpBB3 || Recherche |
|
| Back to top |
|
|
arkantos
Joined: 13 Feb 2007
Posts: 26
Location: Dark Side of Tha World
|
| Posted: Tue Feb 13, 2007 9:32 pm Post subject: Re: Deactivate for session in users? |
|
|
| dcz wrote: |
??
Are you loosing any sessions here ? on phpBB SEO ?
Anyway, to limit rewriting to guest, which I do not really advise to do juste because members will be posting unrewritten links, |
yep im losing sessiones, try to loging without the autologin option, youll see what i mean.
Oh, i do not understand this, unwritten links?. i know this mod rewrites the viewtopic and whatever into the topic_title_thing.html but if someone does not post with SEO enabled what will happen?
Aslo im refering to the postxxx.html and memberxxx.html things, i want to be enabled just for guests and not for members. |
|
|
| Back to top |
|
|
dcz
Administrateur - Site Admin
Joined: 28 Apr 2006
Posts: 14814
|
|
| Back to top |
|
|
arkantos
Joined: 13 Feb 2007
Posts: 26
Location: Dark Side of Tha World
|
| Posted: Tue Feb 13, 2007 9:45 pm Post subject: Re: Deactivate for session in users? |
|
|
| dcz wrote: | | arkantos wrote: |
This because all sessions are lost when members signed up, the same with this board when it had enabled the SEO.
|
I still do not get this.
About the links posted unrewritten, the zero duplicate will do the job 
++ |
Same that happened to me:
+Erase cookies
+Log in without the aotologin field option
+Go to downloads or explore the index, portal and some pages like search.
Your session is lost at this moment, at least with my Firefox explorer. Youll need to sign in again. This happes with almost every mor_rewrite thing, sessiones are not preserverd somehow.
And the duplicate, mm i mean i want to disable the memberxxx.html and postxxx.html rewrite for members, to be profile.php?=xxxu and viewtopic.php?=xxx-p for my signed in members
if ( !$userdata['session_logged_in']) {
do the rewrite
}
something like that.
Oh, i do not understand this, unwritten links?. i know this mod rewrites the viewtopic and whatever into the topic_title_thing.html but if someone does not post with SEO enabled in that moment what will happen? will rewrite will not be aplied to topic or vat?
Greets. |
|
|
| Back to top |
|
|
dcz
Administrateur - Site Admin
Joined: 28 Apr 2006
Posts: 14814
|
| Posted: Tue Feb 13, 2007 10:02 pm Post subject: Re: Deactivate for session in users? |
|
|
| arkantos wrote: |
Same that happened to me:
+Erase cookies
+Log in without the aotologin field option
+Go to downloads or explore the index, portal and some pages like search.
|
Same thing with vanilla phpBB, if you delete cookies and follow a links without SIDs, you'll loos your session.
When you get rid of SID, user must accept cookie to be logged in.
Then, I barley never us the auto log-in here, and I never have any type of sessions problem. I get logged in and it works, one session per user for all sub domains and domains here.
In all case, mod rewrite, at least the ones installed and released here do not cause sessions trouble, the cyber aliens guest sessions will, as here on this site get rid of SIDs for guests, user will have to accept cookie to get logged in.
To disable the profiles url rewriting for logged user, just open :
| Code: |
phpbb_seo/phpbb_seo_class.php |
Find :
| Code: | | if ( !empty($this->get_vars[POST_USERS_URL]) && $this->get_vars['mode'] === 'viewprofile') { |
Replace with :
| Code: | global $userdata;
if ( !$userdata['session_logged_in'] && !empty($this->get_vars[POST_USERS_URL]) && $this->get_vars['mode'] === 'viewprofile') { |
And the duplicate, mm i mean i want to disable the memberxxx.html and postxxx.html rewrite for members, to be profile.php?=xxxu and viewtopic.php?=xxx-p for my signed in members
Then, about the zero duplicate HTTP 301 redirection, example seems better than long speech :
http://www.phpbb-seo.com/boards/viewtopic.php?p=6578
Work for topic, forum, posts, categories ... and checks spelling too :
http://www.phpbb-seo.com/boards/this-is-a-very-big-dupe/in-deed-vt828.html
|
_________________
Useful links :
SEO Forum || SEO Directory || SEO phpBB || SEO phpBB3 || Search
____________________
Liens Utiles :
Forum référencement || Annuaire référencement || Référencement phpBB || Référencement phpBB3 || Recherche |
|
| Back to top |
|
|
arkantos
Joined: 13 Feb 2007
Posts: 26
Location: Dark Side of Tha World
|
| Posted: Tue Feb 13, 2007 10:40 pm Post subject: Re: Deactivate for session in users? |
|
|
ok, very gratefull, now i can disable seo without doing the else if for every file.
But i wonder if to include the global $userdata; in phpbb_seo.php could be dangerous in anyway? like XSS in the URL or something? |
|
|
| Back to top |
|
|
dcz
Administrateur - Site Admin
Joined: 28 Apr 2006
Posts: 14814
|
| Posted: Wed Feb 14, 2007 11:33 am Post subject: Re: Deactivate for session in users? |
|
|
No risks at all
Here, we do all the job through the phpbb_seo class, which is already preventing us from weird globalization.
Then, we only globalise $userdata in the profile() method, and then, the var used is supposed to be Boolean, so the worst that could happen would be if someone would make it to inject something else than 0 or 1 in $userdata['session_logged_in'].
Basically, if $userdata['session_logged_in'] is not 0, it will be true, so the greater risk you're taking here is to see an url rewritten for a guest who would have injected something in $userdata['session_logged_in'].
All this being said, it's quite hard to inject code in the $userdata array, at least without register global on and with an up to date phpBB install.
I'm just telling that even in this case, the phpbb_seo class would be secure
And if injecting data in the $userdata array is hard (really I mean), injecting datas into the phpbb_seo class is even closer to impossible. No one can ever talk about 100% in such matters, but, the class is well initialised and fully separated from the other vars in phpBB (no global trick is possible).
++ |
_________________
Useful links :
SEO Forum || SEO Directory || SEO phpBB || SEO phpBB3 || Search
____________________
Liens Utiles :
Forum référencement || Annuaire référencement || Référencement phpBB || Référencement phpBB3 || Recherche |
|
| Back to top |
|
|
arkantos
Joined: 13 Feb 2007
Posts: 26
Location: Dark Side of Tha World
|
| Posted: Mon Feb 26, 2007 7:00 pm Post subject: Re: Deactivate for session in users? |
|
|
Hiya, i need some help again.
Ive noticed sessions still lost for loged in users, in the part of the "viewtopic?=P" its the post , ive tried to find a way to disable it but i messed code hehehe and it had a failure. Fortunately i had backup for this.
Users lose sessions when they edit/delete/move/quote a post and i saw its because it redirects to the REWRITED URL like eg. post-4343-4343.html
So i want to disable the rewrite for the POST sessions specified as
# POST
RewriteRule ^post([0-9]+)\.html$ /viewtopic.php?p=$1 [QSA,L]
I want to disable that for logged in users but to be available to guests and bots.
Greets |
|
|
| Back to top |
|
|
dcz
Administrateur - Site Admin
Joined: 28 Apr 2006
Posts: 14814
|
| Posted: Tue Feb 27, 2007 1:07 pm Post subject: Re: Deactivate for session in users? |
|
|
Well, you can totally get rid of the rewriting for post links if you prefer, these are redirected no matter what with the zero dupe, so we can fully deactivate this part of the rewriting to all users.
To fully deactivate post url rewriting, just delete this part in phpbb_seo_class.php :
| Code: |
} elseif ( !empty($this->get_vars[POST_POST_URL]) ) {
$this->url = $this->seo_static['post'] . $this->get_vars[POST_POST_URL] . $this->seo_ext['topic'];
unset($this->get_vars[POST_POST_URL]); |
To still rewrite these for guest you can replace it with :
| Code: | } elseif ( !empty($this->get_vars[POST_POST_URL]) && !$userdata['session_logged_in'] ) {
$this->url = $this->seo_static['post'] . $this->get_vars[POST_POST_URL] . $this->seo_ext['topic'];
unset($this->get_vars[POST_POST_URL]); |
instead, and again, globalise $userdata in this function, by adding :
after :
| Code: | | function viewtopic() { |
I'm still doubting about the url rewriting to be related with any sessions loss, but, if this helps.
++ |
_________________
Useful links :
SEO Forum || SEO Directory || SEO phpBB || SEO phpBB3 || Search
____________________
Liens Utiles :
Forum référencement || Annuaire référencement || Référencement phpBB || Référencement phpBB3 || Recherche |
|
| Back to top |
|
|
arkantos
Joined: 13 Feb 2007
Posts: 26
Location: Dark Side of Tha World
|
| Posted: Wed Feb 28, 2007 12:12 am Post subject: Re: Deactivate for session in users? |
|
|
Yes its because in early versions of PHPBB i had so many SEO improvements like the first able2know, the austin dinamyc, some code of mine.
And time passed with new phpbb updates, and i forgot which code ive modified so there is code from me in sessions.php and whatever that cuts all SID in rewrite and for guests but i do not remember where did i put that.
Could be in sessions.php or common or page_header.
Anyway im convinced this will do the thing
EDIT:
Hehehe this works very good, now sessions are there, just in some forums the PAGINATION still shows the rewrite but this is strange it only does for some forums, but anyway i do not have problems with that i think.
Greets and thanks for the help. |
|
|
| Back to top |
|
|
dcz
Administrateur - Site Admin
Joined: 28 Apr 2006
Posts: 14814
|
|
| Back to top |
|
|
|
|
| Navigation |
Similar Topics |
|
|
|
|
|
|
|
