Seems to have helped quite a bit on my site! Thumbs up guys! Kudos!
bmahaffey Nuke Soldier
Joined: Feb 23, 2004
Posts: 12
Posted:
Sat Jun 12, 2004 11:35 pm
WHOA! from 3.5 to 0.8 Nice, Very Nice.
bmahaffey Nuke Soldier
Joined: Feb 23, 2004
Posts: 12
Posted:
Sat Jun 12, 2004 11:36 pm
bmahaffey wrote:
WHOA! from 3.5 to 0.8 Nice, Very Nice.
should make this a download in the downloads section.
stag Private
Joined: Feb 16, 2004
Posts: 39
Posted:
Sun Jul 04, 2004 3:04 pm
diabluntd wrote:
ever since i did this i've had a "phantom user" in my user info block and site messenger block. Basically it's just a blank slot...
1. usera
2. userb
3.
4. userc
5. userd
i replaced my original mainfile.php back and after a few minutes the phantom user dissapeared. anyone?
well i replicated the same error. any one?
Caedus Sergeant
Joined: Dec 22, 2003
Posts: 92
Location: The Netherlands
Posted:
Tue Jul 06, 2004 5:11 am
It seems that this thing causes some trouble for me, in combination with Sentinel from ravenphpscripts.com
I can't login properly anymore with these fixes.
_________________ Caedus
nobleclem Lieutenant
Joined: May 27, 2003
Posts: 167
Location: Southfield, MI
Posted:
Mon Jul 19, 2004 4:58 pm
I have found a major error in the is_user() speed hack function:
Origional Code:
Code:
function is_user($user) {
global $db, $user_prefix;
static $userSave;
if (isset($userSave)) return ($userSave);
if (!is_array($user)) {
$user = base64_decode($user);
$user = explode(":", $user);
}
$uid = $user[0];
$pwd = $user[2];
$uid = intval($uid);
if ($uid != "" AND $pwd != "") {
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE user_id='$uid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$pass = $row['user_password'];
if ($pass == $pwd && $pass != "") {
return $userSave = 1;
}
}
return $userSave = 0;
}
New Code:
Code:
function is_user($user) {
global $db, $user_prefix;
if (isset($userSave)){ return $userSave;}
if (!is_array($user)) {
$user = base64_decode($user);
$user = explode(":", $user);
}
$uid = $user[0];
$pwd = $user[2];
$uid = intval($uid);
if ($uid != "" AND $pwd != "") {
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE user_id='$uid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$pass = $row['user_password'];
if ($pass == $pwd && $pass != "") {
static $userSave;
return $userSave = 1;
}
}
static $userSave;
return $userSave = 0;
}
A problem with logging in is only apparent on some server configurations.
This fix was found with the help of HackerAssasins.com (nobleclem) and Mike from mikeandmartin.com
The problem results in a invaild result from the is_user() function which results in an undefined function nav() on like 224 in modules/Your_Account/index.php
_________________ ....Check Out These Great Sites....
http://Vaelio.com < -- > The Future of CMS Technology and Design Today -- coming soon
Last edited by nobleclem on Tue Jul 20, 2004 9:20 pm; edited 2 times in total
lmathews Nuke Cadet
Joined: Jul 01, 2004
Posts: 9
Posted:
Tue Jul 20, 2004 9:38 am
Holy crap. I dunno if my server was lagged before, but my creation time went from 2.357 to 0.329. Nice tweak, and thanks!
nobleclem Lieutenant
Joined: May 27, 2003
Posts: 167
Location: Southfield, MI
Posted:
Wed Jul 21, 2004 5:24 pm
Ok, After looking at the rest of the speed hacks from the origional post of the thread here are my changes.
Code:
function is_user($user) {
global $db, $user_prefix;
if (isset($userSave)){ return $userSave;}
if (!is_array($user)) {
$user = base64_decode($user);
$user = explode(":", $user);
}
$uid = $user[0];
$pwd = $user[2];
$uid = intval($uid);
if ($uid != "" AND $pwd != "") {
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE user_id='$uid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$pass = $row['user_password'];
if ($pass == $pwd && $pass != "") {
static $userSave;
return $userSave = 1;
}
}
static $userSave;
return $userSave = 0;
}
Code:
function is_active($module) {
global $prefix, $db;
if (is_array($save)) {
if (isset($save[$module])) return ($save[$module]);
return 0;
}
$sql = "SELECT title FROM ".$prefix."_modules WHERE active=1";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
static $save;
$save[$row[0]] = 1;
}
if (isset($save[$module])) return ($save[$module]);
return 0;
}
Code:
function cookiedecode($user) {
global $cookie, $db, $user_prefix;
if(!is_array($user)) {
$user = base64_decode($user);
$cookie = explode(":", $user);
} else {
$cookie = $user;
}
if (!isset($pass)) {
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE username='$cookie[1]'";
$result = $db->sql_query($sql);
static $pass;
list($pass) = $db->sql_fetchrow($result);
}
if ($cookie[2] == $pass && $pass != "") { return $cookie; }
unset($user);
unset($cookie);
}
Code:
function getusrinfo($user) {
global $user_prefix, $db, $userinfo;
if (!$user || $user == '') { return NULL; }
if(!is_array($user)) {
$user = base64_decode($user);
$user = explode(":", $user);
}
if (is_array($userrow)) {
if ($userrow['username'] == $user[1] && $userrow['user_password'] == $user[2]) {
return $userrow;
}
}
$sql = "SELECT * FROM ".$user_prefix."_users WHERE username='$user[1]' AND user_password='$user[2]'";
$result = $db->sql_query($sql);
if ($db->sql_numrows($result) == 1) {
static $userrow;
$userrow = $db->sql_fetchrow($result);
return $userinfo = $userrow;
}
unset($userinfo);
}
These fixes are to fix the static declaration of the save variables and problems with the function not working as intended with some server configurations.
_________________ ....Check Out These Great Sites....
if its the latest post that I have made then I would use it as I have had several people report errors to me with the code in the frist post of this thread.
_________________ ....Check Out These Great Sites....
http://Vaelio.com < -- > The Future of CMS Technology and Design Today -- coming soon
VinDSL Site Admin
Joined: Jul 08, 2003
Posts: 1193
Location: Arizona (USA) Site Admin: Lenon.com Admin: Disipal Designs
Posted:
Sun Jul 25, 2004 7:27 pm
luchtzak wrote:
Now I am getting confused, which speed-trick should I use, the first one or the newest one?
Bart, please excuse me for saying this, but I think I understand the source of your confusion...
The whole idea of this thread was to show the 'promise' of CPG-Nuke. As far as I know, a snippet (or two) of code was revealed, and ppl tried it, and it worked. However, CPG-Nuke is now a mature product. Yet, this 'snippet' has taken on a life of its' own.
djmaze wrote:
...making the code easier and faster is the CPG-Nuke team thingy... When CPG-Nuke is released you will notice a lot of changes... The big list will be released at the same time as CPG-Nuke, but I couldn't resist to post a few things in these forums to get the attention of all of you...
In other words, the whole idea of this thread was to show 'proof of concept'. It was never intended to be an end onto itself!
Initialy it was started for CPG-Nuke yes.
Steven added a bit more in by using "static" and a third cleaned the code a bit.
All was done on a PHP-Nuke 6.5 mainfile.php and since steven and others participated in the concept we posted it here to prove a page can be a lot faster by thinking with a team instead of just 1 person who thinks he can manage a big project.
We never said it would work in all PHP-Nuke versions and it was only tested in CPG-Nuke. Others tried and succeeded or failed using it.
It's good people pick it up and work on it, but will it ever be implemented as default in PHP-Nuke ? I don't know it's up to you guys and the poll says enough
_________________ Famous people never give their signature http://www.cpgnuke.com <- back online thanks to dedicatednow.com
Don't ask me to be admin on your site please
snmpwalk Nuke Cadet
Joined: Jul 31, 2004
Posts: 4
Posted:
Fri Jul 30, 2004 10:58 pm
I am desperately attempting to get this mod working. I am running Nuke 7.3, and have tried SEVERAL times unsuccessfully.... I really need this hack, my site is terribly slow and we are losing members. Can anyone tell me what I am doing wrong, or if this even works with 7.3? Maybe post a modded mainfile.php? Thanks in advance. (Its 3AM, I've been trying too get it working since 11:30PM)
nobleclem Lieutenant
Joined: May 27, 2003
Posts: 167
Location: Southfield, MI
Posted:
Sat Jul 31, 2004 8:06 am
I have applied these hacks with the 7.x versions of nuke just fine. I posted some cleanedup code because I found on some server configurations the static variable was defined too soon and when isset was called it called it as true all the time. There for I change the static variables to be defined just before the variable is actually set.
I have a complete package available with these hacks and more for download. http://hackerassassins.com It also has several other security features. Check out the site for more information.
As far as the hacks not working what errors are you getting? Or are you just not seeing a change in speed? Your server just could be slow. Upgrade, change hosts, reduce overhead. Got a link?
_________________ ....Check Out These Great Sites....
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Caedus
