Welcome to Geeklog, Anonymous Thursday, December 26 2024 @ 09:47 am EST
Geeklog Forums
Limiting who can post stories
Page navigation
MikeD
Or is it only an "all or nothing" case where if you're registered you can post, and anonymous can't?
Thanks.
1000ideen
Most other systems have to lock down these features for guests as they can`t handle spam posts or comments propperly. GL doesn`t have many problems with that.
MikeD
I'm not referring to guest users, but users who have registered and have logins. Is it possible to further break down the signed up member users into a group who can submit items and a group who can't?
1000ideen
Or is it only an "all or nothing" case where if you're registered you can post, and anonymous can't?
In the last line you DID refer to guests!
Anyway, yes you can take away the right so submit stories and have a group of "editors" and a group of "members". Or you could have them all submit stories but moderate those of the non editors.
MikeD
At the risk of showing my ignorance, how does one remove the right to submit an item from a registered user?
Dirk
At the risk of showing my ignorance, how does one remove the right to submit an item from a registered user?
I'd be interested in that answer, too, since I don't think it's possible :wink: Otherwise, we wouldn't need this feature request.
When a user can see a topic, they can submit a story for that topic. You can hide the "Contribute" link to make it less obvious, but they will still be able to do it.
bye, Dirk
jmucchiello
insert into gl_features (ft_name, ft_descr, ft_gl_core) values ('story.contrib','Allowed to contribute stories',0)
In submit.php:
$contrib_required = SEC_featureExists($type.'.contrib');
// search for the next line and then add the line above and the extra if statements below
if (($mode == $LANG12[8]) && !empty ($LANG12[8])) { // submit
if (empty ($_USER['username']) &&
(($_CONF['loginrequired'] == 1) || ($_CONF['submitloginrequired'] == 1))) {
$display = COM_refresh ($_CONF['site_url'] . '/index.php');
} else if ($contrib_required && !SEC_hasRights($type.'.contrib')) {
$display = COM_refresh ($_CONF['site_url'] . '/index.php');
<snip>
} else {
if ($contrib_required && !SEC_hasRights($type.'.contrib')) {
echo COM_refresh ($_CONF['site_url'] . '/index.php'); // this should probably return a message telling the user he needs permission to contribute stories
exit;
} else if ((strlen ($type) > 0) && ($type <> 'story')) {
And you need to add the function I created. It should go into lib-security.php but if you are doing this as a patch, just add it to submit.php
function SEC_featureExists($feature)
{
global $_TABLES;
return DB_count($_TABLES['features'], 'ft_name',$feature) > 0;
}
I didn't test it but this should also work with other contributable items. If you add a calendar.contrib (or is it event.contrib) feature to the database, event submission would be disabled for anyone without the feature.
My geeklog hacking may be rusty. Did I forget anything?
rob28
To create a group that cannot post stories go to Groups > New > Then make sure they do not have story.submit ticked, assign any other permission you wish and save.
Then assign the group to the users you wish. Then make another group, give them story.submit permission and assign to who you wish.
Dirk
To create a group that cannot post stories go to Groups > New > Then make sure they do not have story.submit ticked
Did you try that? story.submit is the right to skip the story submission queue. Users without that right can still submit stories - they'll only end up in the submission queue.
bye, Dirk
winnerdk
I looked for an option in the configuration menu to only allow registered users with a password to be allowed to submit stories. I'm assuming it's there and that I just can't find it, so can someone please point the way? Also, I had some issues with these menus after the upgrade, so maybe they are still screwed up and not showing all of the options?
In any event, where (should) this option be appearing?
Thanks...
Don
www.panama-guide.com
Dirk
I looked for an option in the configuration menu to only allow registered users with a password to be allowed to submit stories
Configuration > Geeklog > Users and Submissions > Login Settings > Submit Login Required?
bye, Dirk
winnerdk
For some reason, anonymous (meaning, not registered and not logged in) are still able to submit stories.
Are stories and articles handled by plugins? I don't think so, right?
So maybe therefore random anonymous users are still allowed to spam my website, even though this is currently set to "true?"
It's either that, or something's broke.
Try it - visit the website, don't log in, and try to submit something... The system allows it to happen, and the spam ends up in my submission queue. I mean, I just go in there and delete about 20 per day, but it's a pain in the butt.
Don
www.panama-guide.com
Dirk
Try it - visit the website, don't log in, and try to submit something... The system allows it to happen
Indeed. The interesting thing, however, is that it offers me a "Log Out" option - as anonymous user.
My guess is that the anonymous user account - for some reason - is also in the group "Logged-In Users".
Can you do SQL requests, e.g. in phpMyAdmin? Try something like this (this is from the command line):
+----------------+--------+-----------+
| ug_main_grp_id | ug_uid | ug_grp_id |
+----------------+--------+-----------+
| 2 | 1 | NULL |
+----------------+--------+-----------+
1 row in set (0.00 sec)
This is how it should be - the anonymous user account (uid 1) is only in group #2 (All Users).
If it also lists 13 (Logged-In Users), then that's your problem. In that case, try:
bye, Dirk
winnerdk
I also ran:
Now what... I don't know if that fixed the problem.
Don
www.panama-guide.com
winnerdk
Problem still there.
Don
www.panama-guide.com
Dirk
Or maybe you have a user with uid 0 - could you check that?
bye, Dirk
Laugh
I did check, and actually the first user ID listed is 2.
There is no 0 or 1.
Don
www.panama-guide.com
You should have a user with the Id of 1 called Anonymous.
One of the Geeklog Core Developers.
winnerdk
Don
www.panama-guide.com
Page navigation
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content