Jump to content

Site Search

SkyRanger

By SkyRanger
in PHP Coding Help

 Share

Recommended Posts

SkyRanger Advanced Member

SkyRanger

Posted
Posted

I tried posting this in the third party section, but it is not very active.  Here is my problem:

 

I am trying to find a site search script that will bypass the login session.  I have tried a few third party scripts like isearch, sphider and a few others, I have also tried a couple of different cgi site search scripts also.  When I try to get it to spider the members section it keeps redirecting back to the log in page and won't spider anything.  Does anybody have any ideas of a search script that will be able to bypass this or a way to get around this?

Link to comment
Share on other sites
SkyRanger Advanced Member

SkyRanger

Posted
  • Author
Posted

Thanks MadTechie.  I didn't want to double post but I noticed that the third part section doesn't get very much traffic, and I have been beating my head off the keyboard trying to find a way around this problem.  I use a PHP/MySQL login script, thanks for the input.

Link to comment
Share on other sites
SkyRanger Advanced Member

SkyRanger

Posted
  • Author
Posted

Ok, not sure how to get around this.  When I spider my site it keeps getting pushed to the login page.  I script I am using is isearch (Yeah I know this should be in third party scripts...sorry).  Not sure how I can get around this.

 

When the spider starts it hits this :

 


if($session->logged_in){
   $loggedin = $session->username;


codehere

} else {

header("Location: login.php");

} 

and another page is:

include "../include/session.php";

if ($_SESSION['logged_in'] == '')
$loggedin = $_SESSION['username'];

   if($session-> userlevel >= 4 && $session-> userlevel <= 9) {

codehere

} else {

header("Location: login.php");

}

Link to comment
Share on other sites
BlueSkyIS Newbie

BlueSkyIS

Posted
Posted

the way i managed to have an automated spider run through password-protected pages was to add a value to the end of each URL spidered. For instance, if the next secure page is userpage.php, i would add a piece on to the URL that tells userpage.php to NOT authenticate the user, ala

 

"userpage.php?spidersearch=".date();

 

then i added code to the site authentication that says "don't require login if $_GET['spidersearch'] = today". the security issue is obvious, but good luck on someone figuring out that 1. they need to add to the URL to bypass login and 2. WHAT they need to add to the URL to bypass login.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.